package org.apache.directory.server.core.security;

import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.net.InetAddress;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import javax.security.auth.x500.X500Principal;
import org.apache.directory.api.ldap.model.constants.SchemaConstants;
import org.apache.directory.api.ldap.model.entry.Attribute;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.server.i18n.I18n;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.x509.X509V1CertificateGenerator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:res/50f185db-c4c1-4a7a-89a5-807a036ed20a.jar:BOOT-INF/lib/apacheds-all-2.0.0-M24.jar:org/apache/directory/server/core/security/TlsKeyGenerator.class */
public final class TlsKeyGenerator {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) TlsKeyGenerator.class);
    public static final String TLS_KEY_INFO_OC = "tlsKeyInfo";
    public static final String PRIVATE_KEY_AT = "privateKey";
    public static final String PUBLIC_KEY_AT = "publicKey";
    public static final String KEY_ALGORITHM_AT = "keyAlgorithm";
    public static final String PRIVATE_KEY_FORMAT_AT = "privateKeyFormat";
    public static final String PUBLIC_KEY_FORMAT_AT = "publicKeyFormat";
    public static final String USER_CERTIFICATE_AT = "userCertificate";
    private static final String BASE_DN = "OU=Directory, O=ASF, C=US";
    public static final String CERTIFICATE_PRINCIPAL_DN = "CN=ApacheDS,OU=Directory, O=ASF, C=US";
    private static final String ALGORITHM = "RSA";
    private static final int KEY_SIZE = 512;
    private static final long YEAR_MILLIS = 31536000000L;

    private TlsKeyGenerator() {
    }

    public static X509Certificate getCertificate(Entry entry) throws LdapException {
        try {
            try {
                return (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(entry.get("userCertificate").getBytes()));
            } catch (CertificateException e) {
                LdapException ldapException = new LdapException(I18n.err(I18n.ERR_287, new Object[0]));
                ldapException.initCause(e);
                throw ldapException;
            }
        } catch (Exception e2) {
            LdapException ldapException2 = new LdapException(I18n.err(I18n.ERR_286, new Object[0]));
            ldapException2.initCause(e2);
            throw ldapException2;
        }
    }

    public static KeyPair getKeyPair(Entry entry) throws LdapException {
        try {
            KeyFactory keyFactory = KeyFactory.getInstance(ALGORITHM);
            try {
                try {
                    return new KeyPair(keyFactory.generatePublic(new X509EncodedKeySpec(entry.get("publicKey").getBytes())), keyFactory.generatePrivate(new PKCS8EncodedKeySpec(entry.get("privateKey").getBytes())));
                } catch (InvalidKeySpecException e) {
                    LdapException ldapException = new LdapException(I18n.err(I18n.ERR_290, new Object[0]));
                    ldapException.initCause(e);
                    throw ldapException;
                }
            } catch (Exception e2) {
                LdapException ldapException2 = new LdapException(I18n.err(I18n.ERR_289, new Object[0]));
                ldapException2.initCause(e2);
                throw ldapException2;
            }
        } catch (Exception e3) {
            LdapException ldapException3 = new LdapException(I18n.err(I18n.ERR_288, ALGORITHM));
            ldapException3.initCause(e3);
            throw ldapException3;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v14, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r2v26, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r2v9, types: [byte[], byte[][]] */
    public static void addKeyPair(Entry entry) throws LdapException {
        X500Principal x500Principal;
        Attribute attribute = entry.get(SchemaConstants.OBJECT_CLASS_AT);
        if (attribute == null) {
            entry.put(SchemaConstants.OBJECT_CLASS_AT, TLS_KEY_INFO_OC, SchemaConstants.INET_ORG_PERSON_OC);
        } else if (!attribute.contains(SchemaConstants.INET_ORG_PERSON_OC)) {
            attribute.add(SchemaConstants.INET_ORG_PERSON_OC);
        } else if (!attribute.contains(TLS_KEY_INFO_OC)) {
            attribute.add(TLS_KEY_INFO_OC);
        }
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALGORITHM);
            keyPairGenerator.initialize(512);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            entry.put("keyAlgorithm", ALGORITHM);
            PrivateKey privateKey = genKeyPair.getPrivate();
            entry.put("privateKey", (byte[][]) new byte[]{privateKey.getEncoded()});
            entry.put("privateKeyFormat", privateKey.getFormat());
            LOG.debug("PrivateKey: {}", privateKey);
            PublicKey publicKey = genKeyPair.getPublic();
            entry.put("publicKey", (byte[][]) new byte[]{publicKey.getEncoded()});
            entry.put("publicKeyFormat", publicKey.getFormat());
            LOG.debug("PublicKey: {}", publicKey);
            Date date = new Date();
            Date date2 = new Date(System.currentTimeMillis() + YEAR_MILLIS);
            BigInteger valueOf = BigInteger.valueOf(System.currentTimeMillis());
            X509V1CertificateGenerator x509V1CertificateGenerator = new X509V1CertificateGenerator();
            X500Principal x500Principal2 = new X500Principal(CERTIFICATE_PRINCIPAL_DN);
            try {
                x500Principal = new X500Principal("CN=" + InetAddress.getLocalHost().getHostName() + "," + BASE_DN);
            } catch (Exception e) {
                LOG.warn("failed to create certificate subject name from host name", (Throwable) e);
                x500Principal = x500Principal2;
            }
            x509V1CertificateGenerator.setSerialNumber(valueOf);
            x509V1CertificateGenerator.setIssuerDN(x500Principal2);
            x509V1CertificateGenerator.setNotBefore(date);
            x509V1CertificateGenerator.setNotAfter(date2);
            x509V1CertificateGenerator.setSubjectDN(x500Principal);
            x509V1CertificateGenerator.setPublicKey(publicKey);
            x509V1CertificateGenerator.setSignatureAlgorithm("SHA1WithRSA");
            try {
                X509Certificate generate = x509V1CertificateGenerator.generate(privateKey, "BC");
                entry.put("userCertificate", (byte[][]) new byte[]{generate.getEncoded()});
                LOG.debug("X509 Certificate: {}", generate);
                LOG.info("Keys and self signed certificate successfully generated.");
            } catch (Exception e2) {
                LdapException ldapException = new LdapException(I18n.err(I18n.ERR_292, new Object[0]));
                ldapException.initCause(e2);
                throw ldapException;
            }
        } catch (NoSuchAlgorithmException e3) {
            LdapException ldapException2 = new LdapException(I18n.err(I18n.ERR_291, new Object[0]));
            ldapException2.initCause(e3);
            throw ldapException2;
        }
    }

    public static void addKeyPair(Entry entry, String str, String str2, String str3) throws LdapException {
        addKeyPair(entry, str, str2, str3, 512);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v12, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r2v27, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r2v7, types: [byte[], byte[][]] */
    public static void addKeyPair(Entry entry, String str, String str2, String str3, int i) throws LdapException {
        Attribute attribute = entry.get(SchemaConstants.OBJECT_CLASS_AT);
        if (attribute == null) {
            entry.put(SchemaConstants.OBJECT_CLASS_AT, TLS_KEY_INFO_OC, SchemaConstants.INET_ORG_PERSON_OC);
        } else {
            attribute.add(TLS_KEY_INFO_OC, SchemaConstants.INET_ORG_PERSON_OC);
        }
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str3);
            keyPairGenerator.initialize(i);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            entry.put("keyAlgorithm", str3);
            PrivateKey privateKey = genKeyPair.getPrivate();
            entry.put("privateKey", (byte[][]) new byte[]{privateKey.getEncoded()});
            entry.put("privateKeyFormat", privateKey.getFormat());
            LOG.debug("PrivateKey: {}", privateKey);
            PublicKey publicKey = genKeyPair.getPublic();
            entry.put("publicKey", (byte[][]) new byte[]{publicKey.getEncoded()});
            entry.put("publicKeyFormat", publicKey.getFormat());
            LOG.debug("PublicKey: {}", publicKey);
            Date date = new Date();
            Date date2 = new Date(System.currentTimeMillis() + YEAR_MILLIS);
            BigInteger valueOf = BigInteger.valueOf(System.currentTimeMillis());
            X509V1CertificateGenerator x509V1CertificateGenerator = new X509V1CertificateGenerator();
            X500Principal x500Principal = new X500Principal(str);
            X500Principal x500Principal2 = new X500Principal(str2);
            x509V1CertificateGenerator.setSerialNumber(valueOf);
            x509V1CertificateGenerator.setIssuerDN(x500Principal);
            x509V1CertificateGenerator.setNotBefore(date);
            x509V1CertificateGenerator.setNotAfter(date2);
            x509V1CertificateGenerator.setSubjectDN(x500Principal2);
            x509V1CertificateGenerator.setPublicKey(publicKey);
            x509V1CertificateGenerator.setSignatureAlgorithm("SHA1With" + str3);
            try {
                X509Certificate generate = x509V1CertificateGenerator.generate(privateKey, "BC");
                entry.put("userCertificate", (byte[][]) new byte[]{generate.getEncoded()});
                LOG.debug("X509 Certificate: {}", generate);
                LOG.info("Keys and self signed certificate successfully generated.");
            } catch (Exception e) {
                LdapException ldapException = new LdapException(I18n.err(I18n.ERR_292, new Object[0]));
                ldapException.initCause(e);
                throw ldapException;
            }
        } catch (NoSuchAlgorithmException e2) {
            LdapException ldapException2 = new LdapException(I18n.err(I18n.ERR_291, new Object[0]));
            ldapException2.initCause(e2);
            throw ldapException2;
        }
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
