package otoroshi.ssl;

import java.security.KeyPair;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.concurrent.Executors;
import otoroshi.env.Env;
import otoroshi.security.IdGenerator$;
import otoroshi.ssl.pki.models.GenCertResponse;
import otoroshi.ssl.pki.models.GenCsrQuery;
import otoroshi.ssl.pki.models.GenCsrQuery$;
import otoroshi.ssl.pki.models.GenKeyPairQuery;
import scala.Array$;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Some;
import scala.Tuple2;
import scala.collection.Seq;
import scala.collection.immutable.$colon;
import scala.collection.immutable.Nil$;
import scala.concurrent.Await$;
import scala.concurrent.ExecutionContext;
import scala.concurrent.ExecutionContext$;
import scala.concurrent.ExecutionContextExecutor;
import scala.concurrent.duration.FiniteDuration;
import scala.concurrent.duration.package;
import scala.concurrent.duration.package$;
import scala.util.Either;

/* compiled from: ssl.scala */
/* loaded from: input_file:otoroshi/ssl/FakeKeyStore$.class */
public final class FakeKeyStore$ {
    public static FakeKeyStore$ MODULE$;
    private final char[] EMPTY_PASSWORD;
    private final Base64.Encoder encoder;
    private final ExecutionContextExecutor ec;

    static {
        new FakeKeyStore$();
    }

    private char[] EMPTY_PASSWORD() {
        return this.EMPTY_PASSWORD;
    }

    private Base64.Encoder encoder() {
        return this.encoder;
    }

    private ExecutionContextExecutor ec() {
        return this.ec;
    }

    public KeyStore generateKeyStore(String str, Env env) {
        KeyStore keyStore = KeyStore.getInstance(FakeKeyStore$KeystoreSettings$.MODULE$.KeystoreType());
        Tuple2<X509Certificate, KeyPair> generateX509Certificate = generateX509Certificate(str, env);
        if (generateX509Certificate == null) {
            throw new MatchError(generateX509Certificate);
        }
        Tuple2 tuple2 = new Tuple2((X509Certificate) generateX509Certificate._1(), (KeyPair) generateX509Certificate._2());
        X509Certificate x509Certificate = (X509Certificate) tuple2._1();
        KeyPair keyPair = (KeyPair) tuple2._2();
        keyStore.load(null, EMPTY_PASSWORD());
        keyStore.setKeyEntry(FakeKeyStore$SelfSigned$Alias$.MODULE$.PrivateKeyEntry(), keyPair.getPrivate(), EMPTY_PASSWORD(), new Certificate[]{x509Certificate});
        keyStore.setCertificateEntry(FakeKeyStore$SelfSigned$Alias$.MODULE$.trustedCertEntry(), x509Certificate);
        return keyStore;
    }

    public Tuple2<X509Certificate, KeyPair> generateX509Certificate(String str, Env env) {
        GenCertResponse createSelfSignedCertificate = createSelfSignedCertificate(str, new package.DurationInt(package$.MODULE$.DurationInt(365)).days(), None$.MODULE$, None$.MODULE$, env);
        return new Tuple2<>(createSelfSignedCertificate.cert(), createSelfSignedCertificate.keyPair());
    }

    public Cert generateCert(String str, Env env) {
        Tuple2<X509Certificate, KeyPair> generateX509Certificate = generateX509Certificate(str, env);
        if (generateX509Certificate == null) {
            throw new MatchError(generateX509Certificate);
        }
        Tuple2 tuple2 = new Tuple2((X509Certificate) generateX509Certificate._1(), (KeyPair) generateX509Certificate._2());
        return new Cert(IdGenerator$.MODULE$.token(32), str, new StringBuilder(16).append("Certificate for ").append(str).toString(), SSLImplicits$EnhancedX509Certificate$.MODULE$.asPem$extension(SSLImplicits$.MODULE$.EnhancedX509Certificate((X509Certificate) tuple2._1())), SSLImplicits$EnhancedPrivateKey$.MODULE$.asPem$extension(SSLImplicits$.MODULE$.EnhancedPrivateKey(((KeyPair) tuple2._2()).getPrivate())), None$.MODULE$, str, Cert$.MODULE$.apply$default$8(), Cert$.MODULE$.apply$default$9(), Cert$.MODULE$.apply$default$10(), false, false, false, Cert$.MODULE$.apply$default$14(), false, Cert$.MODULE$.apply$default$16(), Cert$.MODULE$.apply$default$17(), Cert$.MODULE$.apply$default$18(), Cert$.MODULE$.apply$default$19(), Cert$.MODULE$.apply$default$20(), Cert$.MODULE$.apply$default$21(), Cert$.MODULE$.apply$default$22(), Cert$.MODULE$.apply$default$23(), Cert$.MODULE$.apply$default$24());
    }

    public GenCertResponse createSelfSignedCertificate(String str, FiniteDuration finiteDuration, Option<KeyPair> option, Option<Object> option2, Env env) {
        return (GenCertResponse) ((Either) Await$.MODULE$.result(env.pki().genSelfSignedCert(new GenCsrQuery(new $colon.colon(str, Nil$.MODULE$), new GenKeyPairQuery(FakeKeyStore$KeystoreSettings$.MODULE$.KeyPairAlgorithmName(), FakeKeyStore$KeystoreSettings$.MODULE$.KeyPairKeyLength()), Predef$.MODULE$.Map().apply(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("CN"), str)})), GenCsrQuery$.MODULE$.apply$default$4(), GenCsrQuery$.MODULE$.apply$default$5(), GenCsrQuery$.MODULE$.apply$default$6(), GenCsrQuery$.MODULE$.apply$default$7(), finiteDuration, GenCsrQuery$.MODULE$.apply$default$9(), GenCsrQuery$.MODULE$.apply$default$10(), option, option2), (ExecutionContext) ec()), new package.DurationInt(package$.MODULE$.DurationInt(30)).seconds())).right().get();
    }

    public GenCertResponse createClientCertificateFromCA(String str, FiniteDuration finiteDuration, Option<KeyPair> option, Option<Object> option2, X509Certificate x509Certificate, Seq<X509Certificate> seq, KeyPair keyPair, Env env) {
        return (GenCertResponse) ((Either) Await$.MODULE$.result(env.pki().genCert(new GenCsrQuery(Nil$.MODULE$, new GenKeyPairQuery(FakeKeyStore$KeystoreSettings$.MODULE$.KeyPairAlgorithmName(), FakeKeyStore$KeystoreSettings$.MODULE$.KeyPairKeyLength()), GenCsrQuery$.MODULE$.apply$default$3(), new Some(str), true, GenCsrQuery$.MODULE$.apply$default$6(), GenCsrQuery$.MODULE$.apply$default$7(), finiteDuration, GenCsrQuery$.MODULE$.apply$default$9(), GenCsrQuery$.MODULE$.apply$default$10(), option, option2), x509Certificate, seq, keyPair.getPrivate(), (ExecutionContext) ec()), new package.DurationInt(package$.MODULE$.DurationInt(30)).seconds())).right().get();
    }

    public GenCertResponse createSelfSignedClientCertificate(String str, FiniteDuration finiteDuration, Option<KeyPair> option, Option<Object> option2, Env env) {
        return (GenCertResponse) ((Either) Await$.MODULE$.result(env.pki().genSelfSignedCert(new GenCsrQuery(Nil$.MODULE$, new GenKeyPairQuery(FakeKeyStore$KeystoreSettings$.MODULE$.KeyPairAlgorithmName(), FakeKeyStore$KeystoreSettings$.MODULE$.KeyPairKeyLength()), GenCsrQuery$.MODULE$.apply$default$3(), new Some(str), true, GenCsrQuery$.MODULE$.apply$default$6(), GenCsrQuery$.MODULE$.apply$default$7(), finiteDuration, GenCsrQuery$.MODULE$.apply$default$9(), GenCsrQuery$.MODULE$.apply$default$10(), option, option2), (ExecutionContext) ec()), new package.DurationInt(package$.MODULE$.DurationInt(30)).seconds())).right().get();
    }

    public GenCertResponse createCertificateFromCA(String str, FiniteDuration finiteDuration, Option<KeyPair> option, Option<Object> option2, X509Certificate x509Certificate, Seq<X509Certificate> seq, KeyPair keyPair, Env env) {
        return (GenCertResponse) ((Either) Await$.MODULE$.result(env.pki().genCert(new GenCsrQuery(new $colon.colon(str, Nil$.MODULE$), new GenKeyPairQuery(FakeKeyStore$KeystoreSettings$.MODULE$.KeyPairAlgorithmName(), FakeKeyStore$KeystoreSettings$.MODULE$.KeyPairKeyLength()), Predef$.MODULE$.Map().apply(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("CN"), str)})), GenCsrQuery$.MODULE$.apply$default$4(), GenCsrQuery$.MODULE$.apply$default$5(), GenCsrQuery$.MODULE$.apply$default$6(), GenCsrQuery$.MODULE$.apply$default$7(), finiteDuration, GenCsrQuery$.MODULE$.apply$default$9(), GenCsrQuery$.MODULE$.apply$default$10(), option, option2), x509Certificate, seq, keyPair.getPrivate(), (ExecutionContext) ec()), new package.DurationInt(package$.MODULE$.DurationInt(30)).seconds())).right().get();
    }

    public GenCertResponse createSubCa(String str, FiniteDuration finiteDuration, Option<KeyPair> option, Option<Object> option2, X509Certificate x509Certificate, Seq<X509Certificate> seq, KeyPair keyPair, Env env) {
        return (GenCertResponse) ((Either) Await$.MODULE$.result(env.pki().genSubCA(new GenCsrQuery(Nil$.MODULE$, new GenKeyPairQuery(FakeKeyStore$KeystoreSettings$.MODULE$.KeyPairAlgorithmName(), FakeKeyStore$KeystoreSettings$.MODULE$.KeyPairKeyLength()), GenCsrQuery$.MODULE$.apply$default$3(), new Some(str), GenCsrQuery$.MODULE$.apply$default$5(), true, GenCsrQuery$.MODULE$.apply$default$7(), finiteDuration, GenCsrQuery$.MODULE$.apply$default$9(), GenCsrQuery$.MODULE$.apply$default$10(), option, option2), x509Certificate, seq, keyPair.getPrivate(), (ExecutionContext) ec()), new package.DurationInt(package$.MODULE$.DurationInt(30)).seconds())).right().get();
    }

    public GenCertResponse createCA(String str, FiniteDuration finiteDuration, Option<KeyPair> option, Option<Object> option2, Env env) {
        return (GenCertResponse) ((Either) Await$.MODULE$.result(env.pki().genSelfSignedCA(new GenCsrQuery(Nil$.MODULE$, new GenKeyPairQuery(FakeKeyStore$KeystoreSettings$.MODULE$.KeyPairAlgorithmName(), FakeKeyStore$KeystoreSettings$.MODULE$.KeyPairKeyLength()), GenCsrQuery$.MODULE$.apply$default$3(), new Some(str), GenCsrQuery$.MODULE$.apply$default$5(), true, GenCsrQuery$.MODULE$.apply$default$7(), finiteDuration, GenCsrQuery$.MODULE$.apply$default$9(), GenCsrQuery$.MODULE$.apply$default$10(), option, option2), ec()), new package.DurationInt(package$.MODULE$.DurationInt(30)).seconds())).right().get();
    }

    private FakeKeyStore$() {
        MODULE$ = this;
        this.EMPTY_PASSWORD = Array$.MODULE$.emptyCharArray();
        this.encoder = Base64.getEncoder();
        this.ec = ExecutionContext$.MODULE$.fromExecutor(Executors.newFixedThreadPool(4));
    }
}
