package com.inet.webserver;

import com.inet.annotations.InternalApi;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.Date;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;

@InternalApi
/* loaded from: input_file:com/inet/webserver/SSLSelfSignedCertificateGenerator.class */
public class SSLSelfSignedCertificateGenerator {
    public void createCertificateAndPrivateKey(OutputStream outputStream, OutputStream outputStream2, String str, String str2, String str3, String str4) throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        StringBuilder sb = new StringBuilder("CN=");
        if (str == null || str.length() == 0) {
            throw new IllegalArgumentException("The hostname must be set.");
        }
        sb.append(str);
        if (str2 != null && str2.length() > 0) {
            sb.append(", O=").append(str2);
        }
        if (str3 != null && str3.length() > 0) {
            sb.append(", L=").append(str3);
        }
        if (str4 != null && str4.length() > 0) {
            sb.append(", C=").append(str4.toUpperCase());
        }
        try {
            X509Certificate generateCertificate = generateCertificate(sb.toString(), str, generateKeyPair, 3650, "SHA256WithRSA");
            outputStream.write(generateKeyPair.getPrivate().getEncoded());
            outputStream.flush();
            outputStream2.write(generateCertificate.getEncoded());
            outputStream2.flush();
            outputStream.close();
            outputStream2.close();
        } catch (Throwable th) {
            outputStream.close();
            outputStream2.close();
            throw th;
        }
    }

    public static X509Certificate generateCertificate(String str, String str2, KeyPair keyPair, int i, String str3) throws Exception {
        PrivateKey privateKey = keyPair.getPrivate();
        Date date = new Date();
        Date date2 = new Date(date.getTime() + (i * 86400000));
        X500Name x500Name = new X500Name(str);
        JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(x500Name, new BigInteger(64, new SecureRandom()), date, date2, x500Name, keyPair.getPublic());
        jcaX509v3CertificateBuilder.addExtension(Extension.subjectAlternativeName, false, new GeneralNames(new GeneralName(2, str2)));
        return new JcaX509CertificateConverter().getCertificate(jcaX509v3CertificateBuilder.build(new JcaContentSignerBuilder(str3).build(privateKey)));
    }
}
