package io.hyperfoil.tools.horreum.infra.common;

import java.io.IOException;
import java.io.StringWriter;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.Date;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.CertIOException;
import org.bouncycastle.cert.X509ExtensionUtils;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: input_file:io/hyperfoil/tools/horreum/infra/common/SelfSignedCert.class */
public final class SelfSignedCert {
    private final X509Certificate certificate;
    private final KeyPair keyPair;

    public SelfSignedCert(String str, String str2, String str3, int i) throws OperatorCreationException, CertificateException, CertIOException, NoSuchAlgorithmException {
        this.keyPair = KeyPairGenerator.getInstance(str).generateKeyPair();
        Instant now = Instant.now();
        X500Name x500Name = new X500Name("CN=" + str3);
        this.certificate = new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider()).getCertificate(new JcaX509v3CertificateBuilder(x500Name, BigInteger.valueOf(now.toEpochMilli()), Date.from(now), Date.from(now.plus((TemporalAmount) Duration.ofDays(i))), x500Name, this.keyPair.getPublic()).addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyId(this.keyPair.getPublic())).addExtension(Extension.authorityKeyIdentifier, false, createAuthorityKeyId(this.keyPair.getPublic())).addExtension(Extension.basicConstraints, true, new BasicConstraints(true)).build(new JcaContentSignerBuilder(str2).build(this.keyPair.getPrivate())));
    }

    public String getCertString() throws IOException {
        StringWriter stringWriter = new StringWriter();
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
        try {
            jcaPEMWriter.writeObject(this.certificate);
            jcaPEMWriter.close();
            return stringWriter.toString();
        } catch (Throwable th) {
            try {
                jcaPEMWriter.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public String getKeyString() throws IOException {
        StringWriter stringWriter = new StringWriter();
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
        try {
            jcaPEMWriter.writeObject(this.keyPair.getPrivate());
            jcaPEMWriter.close();
            return stringWriter.toString();
        } catch (Throwable th) {
            try {
                jcaPEMWriter.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private static SubjectKeyIdentifier createSubjectKeyId(PublicKey publicKey) throws OperatorCreationException {
        return new X509ExtensionUtils(new BcDigestCalculatorProvider().get(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1))).createSubjectKeyIdentifier(SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
    }

    private static AuthorityKeyIdentifier createAuthorityKeyId(PublicKey publicKey) throws OperatorCreationException {
        return new X509ExtensionUtils(new BcDigestCalculatorProvider().get(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1))).createAuthorityKeyIdentifier(SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
    }
}
