package com.inet.webserver.acme;

import com.inet.persistence.Persistence;
import com.inet.persistence.PersistenceEntry;
import com.inet.webserver.c;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.net.URI;
import java.net.URL;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.util.Arrays;
import java.util.Iterator;
import javax.annotation.Nonnull;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.ExtensionsGenerator;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;
import org.shredzone.acme4j.Account;
import org.shredzone.acme4j.AccountBuilder;
import org.shredzone.acme4j.Authorization;
import org.shredzone.acme4j.Certificate;
import org.shredzone.acme4j.Order;
import org.shredzone.acme4j.Session;
import org.shredzone.acme4j.Status;
import org.shredzone.acme4j.challenge.Http01Challenge;
import org.shredzone.acme4j.exception.AcmeException;

/* loaded from: input_file:com/inet/webserver/acme/b.class */
public class b {
    private static boolean L;
    private static URI M;
    private final String N;

    public b() {
        this("acme://letsencrypt.org");
    }

    public b(String str) {
        this.N = str;
    }

    public boolean isAvailable() {
        if (!L) {
            s();
        }
        return !L;
    }

    public String s() {
        if (L) {
            return "";
        }
        if (M == null) {
            try {
                M = g(this.N).getMetadata().getTermsOfService();
            } catch (Exception e) {
                c.n.debug(e);
                L = true;
                return "";
            }
        }
        return M.toString();
    }

    private Session g(String str) {
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        try {
            Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
            Session session = new Session(str);
            Thread.currentThread().setContextClassLoader(contextClassLoader);
            return session;
        } catch (Throwable th) {
            Thread.currentThread().setContextClassLoader(contextClassLoader);
            throw th;
        }
    }

    public void a(String[] strArr, boolean z) throws Exception {
        Account a = a(a("user.key", z));
        KeyPair a2 = a("domain.key", z);
        Order create = a.newOrder().domains(strArr).create();
        Iterator it = create.getAuthorizations().iterator();
        while (it.hasNext()) {
            a((Authorization) it.next());
        }
        create.execute(a(strArr, a2));
        int i = 10;
        while (create.getStatus() != Status.VALID) {
            try {
                int i2 = i;
                i--;
                if (i2 <= 0) {
                    break;
                }
                if (create.getStatus() == Status.INVALID) {
                    throw new AcmeException("Order failed... Giving up.");
                }
                Thread.sleep(3000L);
                create.update();
            } catch (InterruptedException e) {
                c.n.error("interrupted");
                throw e;
            }
        }
        Certificate certificate = create.getCertificate();
        c.n.info("Success! The certificate for domains " + Arrays.toString(strArr) + " has been generated! Certificate URI: " + certificate.getLocation());
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter(t().resolve("domain.crt").getOutputStream());
        try {
            certificate.writeCertificate(outputStreamWriter);
            outputStreamWriter.close();
        } catch (Throwable th) {
            try {
                outputStreamWriter.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Nonnull
    private KeyPair a(PersistenceEntry persistenceEntry) throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(4096);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(new OutputStreamWriter(persistenceEntry.getOutputStream()));
        try {
            jcaPEMWriter.writeObject(generateKeyPair);
            jcaPEMWriter.close();
            return generateKeyPair;
        } catch (Throwable th) {
            try {
                jcaPEMWriter.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private KeyPair b(PersistenceEntry persistenceEntry) throws Exception {
        PEMParser pEMParser = new PEMParser(new InputStreamReader(persistenceEntry.getInputStream()));
        try {
            KeyPair keyPair = new JcaPEMKeyConverter().getKeyPair((PEMKeyPair) pEMParser.readObject());
            pEMParser.close();
            return keyPair;
        } catch (Throwable th) {
            try {
                pEMParser.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private byte[] a(String[] strArr, KeyPair keyPair) throws IOException {
        try {
            X500NameBuilder x500NameBuilder = new X500NameBuilder(X500Name.getDefaultStyle());
            GeneralName[] generalNameArr = new GeneralName[strArr.length];
            for (int i = 0; i < strArr.length; i++) {
                generalNameArr[i] = new GeneralName(2, strArr[i]);
            }
            GeneralNames generalNames = new GeneralNames(generalNameArr);
            JcaPKCS10CertificationRequestBuilder jcaPKCS10CertificationRequestBuilder = new JcaPKCS10CertificationRequestBuilder(x500NameBuilder.build(), keyPair.getPublic());
            ExtensionsGenerator extensionsGenerator = new ExtensionsGenerator();
            extensionsGenerator.addExtension(Extension.subjectAlternativeName, false, generalNames);
            jcaPKCS10CertificationRequestBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extensionsGenerator.generate());
            return jcaPKCS10CertificationRequestBuilder.build(new JcaContentSignerBuilder("SHA256withRSA").build(keyPair.getPrivate())).getEncoded();
        } catch (OperatorCreationException e) {
            throw new IOException("Could not generate CSR", e);
        }
    }

    private static PersistenceEntry t() {
        return Persistence.getInstance().resolve("acme_certificates");
    }

    public static URL u() {
        PersistenceEntry resolve = t().resolve("domain.crt");
        if (resolve.exists()) {
            return resolve.toURL();
        }
        return null;
    }

    public static URL v() {
        PersistenceEntry resolve = t().resolve("domain.key");
        if (resolve.exists()) {
            return resolve.toURL();
        }
        return null;
    }

    private Account a(KeyPair keyPair) throws AcmeException {
        return new AccountBuilder().agreeToTermsOfService().useKeyPair(keyPair).create(g(this.N));
    }

    private KeyPair a(String str, boolean z) throws Exception {
        PersistenceEntry resolve = t().resolve(str);
        return z ? a(resolve) : b(resolve);
    }

    private void a(Authorization authorization) throws AcmeException {
        Http01Challenge b;
        c.n.info("Authorization for domain " + authorization.getIdentifier().getDomain());
        if (authorization.getStatus() == Status.VALID || (b = b(authorization)) == null) {
            return;
        }
        try {
            if (b.getStatus() == Status.VALID) {
                return;
            }
            b.trigger();
            int i = 10;
            while (b.getStatus() != Status.VALID) {
                try {
                    int i2 = i;
                    i--;
                    if (i2 <= 0) {
                        break;
                    }
                    if (b.getStatus() == Status.INVALID) {
                        throw new AcmeException("Challenge failed.");
                    }
                    Thread.sleep(3000L);
                    b.update();
                } catch (InterruptedException e) {
                    c.n.error("Interrupted.");
                    c.n.error(e);
                    Thread.currentThread().interrupt();
                }
            }
            if (b.getStatus() != Status.VALID) {
                throw new AcmeException("Failed to pass the challenge for domain " + authorization.getIdentifier().getDomain() + ", ... Giving up.");
            }
            a(b);
        } finally {
            a(b);
        }
    }

    public Http01Challenge b(Authorization authorization) {
        Http01Challenge findChallenge = authorization.findChallenge("http-01");
        if (findChallenge == null) {
            return null;
        }
        a.a(findChallenge.getToken(), findChallenge.getAuthorization().getBytes());
        return findChallenge;
    }

    public void a(Http01Challenge http01Challenge) {
        a.e(http01Challenge.getToken());
    }
}
