package net.ripe.rpki.commons.crypto.util;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import javax.security.auth.x500.X500Principal;
import net.ripe.ipresource.IpResourceSet;
import net.ripe.rpki.commons.crypto.ValidityPeriod;
import net.ripe.rpki.commons.crypto.x509cert.X509ResourceCertificate;
import net.ripe.rpki.commons.crypto.x509cert.X509ResourceCertificateBuilder;
import net.ripe.rpki.commons.util.UTC;
import org.joda.time.DateTime;

/* loaded from: input_file:net/ripe/rpki/commons/crypto/util/PregeneratedKeyPairFactory.class */
public final class PregeneratedKeyPairFactory extends KeyPairFactory {
    private static final PregeneratedKeyPairFactory INSTANCE = new PregeneratedKeyPairFactory("SunRsaSign");
    private static final char[] PASSPHRASE = "passphrase".toCharArray();
    private File keyStoreFile;
    private KeyStore pregeneratedKeys;
    private int count;

    private PregeneratedKeyPairFactory(String str) {
        super(str);
        this.keyStoreFile = new File(".pregenerated-test-key-pairs.keystore");
        this.count = 0;
        initKeyStore();
    }

    private void initKeyStore() {
        FileInputStream fileInputStream;
        Throwable th;
        try {
            this.pregeneratedKeys = KeyStore.getInstance(KeyStoreUtilTest.DEFAULT_KEYSTORE_TYPE, KeyStoreUtilTest.DEFAULT_KEYSTORE_PROVIDER);
            try {
                fileInputStream = new FileInputStream(this.keyStoreFile);
                th = null;
            } catch (FileNotFoundException e) {
                this.pregeneratedKeys.load(null, PASSPHRASE);
            }
            try {
                this.pregeneratedKeys.load(fileInputStream, PASSPHRASE);
                if (fileInputStream != null) {
                    if (0 != 0) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
            } catch (Throwable th3) {
                if (fileInputStream != null) {
                    if (0 != 0) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
                throw th3;
            }
        } catch (IOException | GeneralSecurityException e2) {
            throw new RuntimeException(e2);
        }
    }

    public static PregeneratedKeyPairFactory getInstance() {
        return INSTANCE;
    }

    public KeyPairFactory withProvider(String str) {
        return this;
    }

    public synchronized KeyPair generate() {
        KeyPair keyPair;
        try {
            String str = "key_" + this.count;
            this.count++;
            PrivateKey privateKey = (PrivateKey) this.pregeneratedKeys.getKey(str, PASSPHRASE);
            if (privateKey == null) {
                keyPair = super.generate();
                this.pregeneratedKeys.setKeyEntry(str, keyPair.getPrivate(), PASSPHRASE, new Certificate[]{createCertificate(keyPair).getCertificate()});
                FileOutputStream fileOutputStream = new FileOutputStream(this.keyStoreFile);
                Throwable th = null;
                try {
                    this.pregeneratedKeys.store(fileOutputStream, PASSPHRASE);
                    if (fileOutputStream != null) {
                        if (0 != 0) {
                            try {
                                fileOutputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileOutputStream.close();
                        }
                    }
                } finally {
                }
            } else {
                keyPair = new KeyPair(this.pregeneratedKeys.getCertificateChain(str)[0].getPublicKey(), privateKey);
            }
            return keyPair;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private static X509ResourceCertificate createCertificate(KeyPair keyPair) {
        X509ResourceCertificateBuilder x509ResourceCertificateBuilder = new X509ResourceCertificateBuilder();
        x509ResourceCertificateBuilder.withSignatureProvider("SunRsaSign");
        x509ResourceCertificateBuilder.withSerial(BigInteger.ONE);
        DateTime dateTime = UTC.dateTime();
        x509ResourceCertificateBuilder.withValidityPeriod(new ValidityPeriod(dateTime.minusYears(2), dateTime.minusYears(1)));
        x509ResourceCertificateBuilder.withCa(false);
        x509ResourceCertificateBuilder.withIssuerDN(new X500Principal("CN=issuer"));
        x509ResourceCertificateBuilder.withSubjectDN(new X500Principal("CN=subject"));
        x509ResourceCertificateBuilder.withResources(IpResourceSet.parse("AS1-AS10,10/8,ffc0::/16"));
        x509ResourceCertificateBuilder.withSigningKeyPair(keyPair);
        x509ResourceCertificateBuilder.withPublicKey(keyPair.getPublic());
        return x509ResourceCertificateBuilder.build();
    }
}
