package org.jenkinsci.main.modules.instance_identity;

import hudson.FilePath;
import hudson.model.Hudson;
import hudson.model.PageDecorator;
import java.io.File;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.bouncycastle.openssl.PEMReader;
import org.bouncycastle.openssl.PEMWriter;
import org.bouncycastle.openssl.PasswordFinder;

/* loaded from: input_file:org/jenkinsci/main/modules/instance_identity/InstanceIdentity.class */
public class InstanceIdentity {
    private final KeyPair keys;
    private static final Logger LOGGER = Logger.getLogger(InstanceIdentity.class.getName());

    public InstanceIdentity() throws IOException {
        this(new File(Hudson.getInstance().getRootDir(), "identity.key"));
    }

    public InstanceIdentity(File file) throws IOException {
        try {
            if (file.exists()) {
                FileReader fileReader = new FileReader(file);
                try {
                    this.keys = (KeyPair) new PEMReader(fileReader, (PasswordFinder) null, KeyPairGenerator.getInstance("RSA").getProvider().getName()).readObject();
                    fileReader.close();
                } catch (Throwable th) {
                    fileReader.close();
                    throw th;
                }
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048, new SecureRandom());
            this.keys = keyPairGenerator.generateKeyPair();
            PEMWriter pEMWriter = new PEMWriter(new FileWriter(file), "SunJCE");
            try {
                pEMWriter.writeObject(this.keys);
                pEMWriter.close();
                makeReadOnly(file);
            } catch (Throwable th2) {
                pEMWriter.close();
                throw th2;
            }
        } catch (NoSuchAlgorithmException e) {
            throw new AssertionError(e);
        }
    }

    private void makeReadOnly(File file) {
        try {
            new FilePath(file).chmod(384);
        } catch (Throwable th) {
            LOGGER.log(Level.WARNING, "Failed to make read only: " + file, th);
        }
    }

    public RSAPublicKey getPublic() {
        return (RSAPublicKey) this.keys.getPublic();
    }

    public RSAPrivateKey getPrivate() {
        return (RSAPrivateKey) this.keys.getPrivate();
    }

    public static InstanceIdentity get() {
        return ((PageDecoratorImpl) Hudson.getInstance().getExtensionList(PageDecorator.class).get(PageDecoratorImpl.class)).identity;
    }
}
