package org.neo4j.server.security;

import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Date;
import javax.crypto.NoSuchPaddingException;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.x509.X509V3CertificateGenerator;

/* loaded from: input_file:org/neo4j/server/security/SslCertificateFactory.class */
public class SslCertificateFactory {
    private static final String CERTIFICATE_TYPE = "X.509";
    private static final String KEY_ENCRYPTION = "RSA";

    public SslCertificateFactory() {
        Security.addProvider(new BouncyCastleProvider());
    }

    public void createSelfSignedCertificate(File file, File file2, String str) {
        FileOutputStream fileOutputStream = null;
        try {
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ENCRYPTION);
                keyPairGenerator.initialize(1024);
                KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
                x509V3CertificateGenerator.setSerialNumber(BigInteger.valueOf(new SecureRandom().nextInt()).abs());
                x509V3CertificateGenerator.setIssuerDN(new X509Principal("CN=" + str + ", OU=None, O=None L=None, C=None"));
                x509V3CertificateGenerator.setNotBefore(new Date(System.currentTimeMillis() - 2592000000L));
                x509V3CertificateGenerator.setNotAfter(new Date(System.currentTimeMillis() + 315360000000L));
                x509V3CertificateGenerator.setSubjectDN(new X509Principal("CN=" + str + ", OU=None, O=None L=None, C=None"));
                x509V3CertificateGenerator.setPublicKey(generateKeyPair.getPublic());
                x509V3CertificateGenerator.setSignatureAlgorithm("MD5WithRSAEncryption");
                X509Certificate generate = x509V3CertificateGenerator.generate(generateKeyPair.getPrivate(), "BC");
                ensureFolderExists(file.getParentFile());
                ensureFolderExists(file2.getParentFile());
                FileOutputStream fileOutputStream2 = new FileOutputStream(file);
                fileOutputStream2.write(generate.getEncoded());
                fileOutputStream2.close();
                fileOutputStream = new FileOutputStream(file2);
                fileOutputStream.write(generateKeyPair.getPrivate().getEncoded());
                fileOutputStream.close();
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (IOException e) {
                        throw new RuntimeException(e);
                    }
                }
            } catch (Throwable th) {
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (IOException e2) {
                        throw new RuntimeException(e2);
                    }
                }
                throw th;
            }
        } catch (Exception e3) {
            throw new RuntimeException("Unable to create self signed SSL certificate, please see nested exception.", e3);
        }
    }

    public Certificate loadCertificate(File file) throws CertificateException, FileNotFoundException {
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(file);
            Certificate generateCertificate = CertificateFactory.getInstance(CERTIFICATE_TYPE).generateCertificate(fileInputStream);
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e) {
                    throw new RuntimeException(e);
                }
            }
            return generateCertificate;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e2) {
                    throw new RuntimeException(e2);
                }
            }
            throw th;
        }
    }

    public PrivateKey loadPrivateKey(File file) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException {
        DataInputStream dataInputStream = null;
        try {
            try {
                dataInputStream = new DataInputStream(new FileInputStream(file));
                byte[] bArr = new byte[(int) file.length()];
                dataInputStream.readFully(bArr);
                PrivateKey generatePrivate = KeyFactory.getInstance(KEY_ENCRYPTION).generatePrivate(new PKCS8EncodedKeySpec(bArr));
                if (dataInputStream != null) {
                    try {
                        dataInputStream.close();
                    } catch (IOException e) {
                        throw new RuntimeException(e);
                    }
                }
                return generatePrivate;
            } catch (Throwable th) {
                if (dataInputStream != null) {
                    try {
                        dataInputStream.close();
                    } catch (IOException e2) {
                        throw new RuntimeException(e2);
                    }
                }
                throw th;
            }
        } catch (FileNotFoundException e3) {
            throw new IOException("Could not find private key file to use for SSL support, see nested exception.", e3);
        }
    }

    private void ensureFolderExists(File file) {
        if (file.exists()) {
            return;
        }
        file.mkdirs();
    }
}
