package io.vertx.tests.redis.containers;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import java.util.Base64;
import java.util.Date;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.x509.X509V3CertificateGenerator;

/* loaded from: input_file:io/vertx/tests/redis/containers/KeyPairAndCertificate.class */
public final class KeyPairAndCertificate {
    private final PrivateKey privateKey;
    private final PublicKey publicKey;
    private final X509Certificate certificate;

    private KeyPairAndCertificate(PrivateKey privateKey, PublicKey publicKey, X509Certificate x509Certificate) {
        this.privateKey = privateKey;
        this.publicKey = publicKey;
        this.certificate = x509Certificate;
    }

    public static KeyPairAndCertificate generateSelfSigned(String str) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            Date from = Date.from(Instant.now().minus(2L, (TemporalUnit) ChronoUnit.DAYS));
            Date from2 = Date.from(Instant.now().plus(365L, (TemporalUnit) ChronoUnit.DAYS));
            BigInteger bigInteger = new BigInteger(64, new SecureRandom());
            X500Principal x500Principal = new X500Principal("CN=" + str);
            X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
            x509V3CertificateGenerator.setIssuerDN(x500Principal);
            x509V3CertificateGenerator.setSubjectDN(x500Principal);
            x509V3CertificateGenerator.setNotBefore(from);
            x509V3CertificateGenerator.setNotAfter(from2);
            x509V3CertificateGenerator.setSerialNumber(bigInteger);
            x509V3CertificateGenerator.setPublicKey(generateKeyPair.getPublic());
            x509V3CertificateGenerator.setSignatureAlgorithm("SHA256withRSA");
            return new KeyPairAndCertificate(generateKeyPair.getPrivate(), generateKeyPair.getPublic(), x509V3CertificateGenerator.generate(generateKeyPair.getPrivate()));
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    public byte[] privateKeyAsJKS() {
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(null, null);
            keyStore.setKeyEntry("key", this.privateKey, "".toCharArray(), new Certificate[]{this.certificate});
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            keyStore.store(byteArrayOutputStream, "".toCharArray());
            return byteArrayOutputStream.toByteArray();
        } catch (IOException | GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    public String privateKeyAsPEM() {
        return "-----BEGIN PRIVATE KEY-----\n" + Base64.getMimeEncoder(64, new byte[]{10}).encodeToString(this.privateKey.getEncoded()) + "\n-----END PRIVATE KEY-----\n\n";
    }

    public byte[] certificateAsJKS() {
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(null, null);
            keyStore.setCertificateEntry("cert", this.certificate);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            keyStore.store(byteArrayOutputStream, "".toCharArray());
            return byteArrayOutputStream.toByteArray();
        } catch (IOException | GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    public String certificateAsPEM() {
        try {
            return "-----BEGIN CERTIFICATE-----\n" + Base64.getMimeEncoder(64, new byte[]{10}).encodeToString(this.certificate.getEncoded()) + "\n-----END CERTIFICATE-----\n\n";
        } catch (CertificateEncodingException e) {
            throw new RuntimeException(e);
        }
    }
}
