package play.core.server.ssl;

import java.io.File;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.Date;
import javax.net.ssl.KeyManagerFactory;
import play.api.Logger;
import play.api.Logger$;
import play.api.MarkerContext$;
import play.utils.PlayIO$;
import scala.Option$;
import scala.collection.Iterator;
import scala.collection.JavaConverters$;
import scala.runtime.BoxesRunTime;
import sun.security.util.ObjectIdentifier;
import sun.security.x509.AlgorithmId;
import sun.security.x509.CertificateAlgorithmId;
import sun.security.x509.CertificateSerialNumber;
import sun.security.x509.CertificateValidity;
import sun.security.x509.CertificateVersion;
import sun.security.x509.CertificateX509Key;
import sun.security.x509.X500Name;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;

/* compiled from: FakeKeyStore.scala */
/* loaded from: input_file:play/core/server/ssl/FakeKeyStore$.class */
public final class FakeKeyStore$ {
    public static FakeKeyStore$ MODULE$;
    private final Logger logger;
    private final String GeneratedKeyStore;
    private final String DnName;
    private final ObjectIdentifier SignatureAlgorithmOID;
    private final String SignatureAlgorithmName;

    static {
        new FakeKeyStore$();
    }

    private Logger logger() {
        return this.logger;
    }

    public String GeneratedKeyStore() {
        return this.GeneratedKeyStore;
    }

    public String DnName() {
        return this.DnName;
    }

    public ObjectIdentifier SignatureAlgorithmOID() {
        return this.SignatureAlgorithmOID;
    }

    public String SignatureAlgorithmName() {
        return this.SignatureAlgorithmName;
    }

    public boolean shouldGenerate(File file) {
        if (!file.exists()) {
            return true;
        }
        KeyStore keyStore = KeyStore.getInstance("JKS");
        InputStream newInputStream = Files.newInputStream(file.toPath(), new OpenOption[0]);
        try {
            keyStore.load(newInputStream, "".toCharArray());
            PlayIO$.MODULE$.closeQuietly(newInputStream);
            return ((Iterator) JavaConverters$.MODULE$.enumerationAsScalaIteratorConverter(keyStore.aliases()).asScala()).exists(str -> {
                return BoxesRunTime.boxToBoolean($anonfun$shouldGenerate$1(keyStore, str));
            });
        } catch (Throwable th) {
            PlayIO$.MODULE$.closeQuietly(newInputStream);
            throw th;
        }
    }

    public boolean certificateTooWeak(Certificate certificate) {
        if (((RSAPublicKey) certificate.getPublicKey()).getModulus().bitLength() >= 2048) {
            String sigAlgName = ((X509CertImpl) certificate).getSigAlgName();
            String SignatureAlgorithmName = SignatureAlgorithmName();
            if (sigAlgName != null ? sigAlgName.equals(SignatureAlgorithmName) : SignatureAlgorithmName == null) {
                return false;
            }
        }
        return true;
    }

    public KeyManagerFactory keyManagerFactory(File file) {
        KeyStore keyStore;
        File file2 = new File(file, GeneratedKeyStore());
        if (shouldGenerate(file2)) {
            logger().info(() -> {
                return "Generating HTTPS key pair in " + file2.getAbsolutePath() + " - this may take some time. If nothing happens, try moving the mouse/typing on the keyboard to generate some entropy.";
            }, MarkerContext$.MODULE$.NoMarker());
            KeyStore generateKeyStore = generateKeyStore();
            OutputStream newOutputStream = Files.newOutputStream(file2.toPath(), new OpenOption[0]);
            try {
                generateKeyStore.store(newOutputStream, "".toCharArray());
                PlayIO$.MODULE$.closeQuietly(newOutputStream);
                keyStore = generateKeyStore;
            } catch (Throwable th) {
                PlayIO$.MODULE$.closeQuietly(newOutputStream);
                throw th;
            }
        } else {
            KeyStore keyStore2 = KeyStore.getInstance("JKS");
            InputStream newInputStream = Files.newInputStream(file2.toPath(), new OpenOption[0]);
            try {
                keyStore2.load(newInputStream, "".toCharArray());
                PlayIO$.MODULE$.closeQuietly(newInputStream);
                keyStore = keyStore2;
            } catch (Throwable th2) {
                PlayIO$.MODULE$.closeQuietly(newInputStream);
                throw th2;
            }
        }
        KeyStore keyStore3 = keyStore;
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        keyManagerFactory.init(keyStore3, "".toCharArray());
        return keyManagerFactory;
    }

    public KeyStore generateKeyStore() {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        X509Certificate createSelfSignedCertificate = createSelfSignedCertificate(generateKeyPair);
        keyStore.load(null, "".toCharArray());
        keyStore.setKeyEntry("playgenerated", generateKeyPair.getPrivate(), "".toCharArray(), new Certificate[]{createSelfSignedCertificate});
        keyStore.setCertificateEntry("playgeneratedtrusted", createSelfSignedCertificate);
        return keyStore;
    }

    public X509Certificate createSelfSignedCertificate(KeyPair keyPair) {
        X509CertInfo x509CertInfo = new X509CertInfo();
        x509CertInfo.set("serialNumber", new CertificateSerialNumber(new BigInteger(64, new SecureRandom())));
        x509CertInfo.set("version", new CertificateVersion(2));
        Date date = new Date();
        x509CertInfo.set("validity", new CertificateValidity(date, new Date(date.getTime() + 1576800000000L)));
        X500Name x500Name = new X500Name(DnName());
        x509CertInfo.set("subject", x500Name);
        x509CertInfo.set("issuer", x500Name);
        x509CertInfo.set("key", new CertificateX509Key(keyPair.getPublic()));
        x509CertInfo.set("algorithmID", new CertificateAlgorithmId(new AlgorithmId(SignatureAlgorithmOID())));
        X509CertImpl x509CertImpl = new X509CertImpl(x509CertInfo);
        x509CertImpl.sign(keyPair.getPrivate(), SignatureAlgorithmName());
        x509CertInfo.set("algorithmID.algorithm", (AlgorithmId) x509CertImpl.get("x509.algorithm"));
        X509CertImpl x509CertImpl2 = new X509CertImpl(x509CertInfo);
        x509CertImpl2.sign(keyPair.getPrivate(), SignatureAlgorithmName());
        return x509CertImpl2;
    }

    public static final /* synthetic */ boolean $anonfun$shouldGenerate$2(Certificate certificate) {
        return MODULE$.certificateTooWeak(certificate);
    }

    public static final /* synthetic */ boolean $anonfun$shouldGenerate$1(KeyStore keyStore, String str) {
        return Option$.MODULE$.apply(keyStore.getCertificate(str)).exists(certificate -> {
            return BoxesRunTime.boxToBoolean($anonfun$shouldGenerate$2(certificate));
        });
    }

    private FakeKeyStore$() {
        MODULE$ = this;
        this.logger = Logger$.MODULE$.apply(getClass());
        this.GeneratedKeyStore = "conf/generated.keystore";
        this.DnName = "CN=localhost, OU=Unit Testing, O=Mavericks, L=Moon Base 1, ST=Cyberspace, C=CY";
        this.SignatureAlgorithmOID = AlgorithmId.sha256WithRSAEncryption_oid;
        this.SignatureAlgorithmName = "SHA256withRSA";
    }
}
