package de.cuioss.test.mockwebserver.ssl;

import de.cuioss.tools.logging.CuiLogger;
import de.cuioss.tools.net.ssl.KeyAlgorithm;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import lombok.Generated;
import okhttp3.tls.HandshakeCertificates;
import okhttp3.tls.HeldCertificate;

/* loaded from: input_file:de/cuioss/test/mockwebserver/ssl/KeyMaterialUtil.class */
public final class KeyMaterialUtil {
    private static final CuiLogger LOGGER = new CuiLogger(KeyMaterialUtil.class);
    private static final String UNABLE_TO_CREATE_SSL_CONTEXT = "Unable to create SSLContext";

    public static HandshakeCertificates createSelfSignedHandshakeCertificates(int i, KeyAlgorithm keyAlgorithm) {
        LOGGER.debug("Creating self-signed HandshakeCertificates with duration %s days and algorithm %s", new Object[]{Integer.valueOf(i), keyAlgorithm});
        try {
            Instant now = Instant.now();
            HeldCertificate build = new HeldCertificate.Builder().commonName("MockWebServer").addSubjectAlternativeName("localhost").validityInterval(now.toEpochMilli(), now.plus(i, (TemporalUnit) ChronoUnit.DAYS).toEpochMilli()).rsa2048().build();
            return new HandshakeCertificates.Builder().heldCertificate(build, new X509Certificate[0]).addTrustedCertificate(build.certificate()).build();
        } catch (Exception e) {
            throw new IllegalStateException("Failed to create self-signed HandshakeCertificates", e);
        }
    }

    public static HandshakeCertificates convertToHandshakeCertificates(SSLContext sSLContext) {
        LOGGER.debug("Converting SSLContext to HandshakeCertificates");
        if (sSLContext == null) {
            throw new IllegalArgumentException("SSLContext must not be null");
        }
        try {
            Instant now = Instant.now();
            HeldCertificate build = new HeldCertificate.Builder().commonName("localhost").validityInterval(now.toEpochMilli(), now.plus(1L, (TemporalUnit) ChronoUnit.DAYS).toEpochMilli()).build();
            HandshakeCertificates.Builder addTrustedCertificate = new HandshakeCertificates.Builder().heldCertificate(build, new X509Certificate[0]).addTrustedCertificate(build.certificate());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            int length = trustManagers.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                TrustManager trustManager = trustManagers[i];
                if (trustManager instanceof X509TrustManager) {
                    for (X509Certificate x509Certificate : ((X509TrustManager) trustManager).getAcceptedIssuers()) {
                        addTrustedCertificate.addTrustedCertificate(x509Certificate);
                    }
                } else {
                    i++;
                }
            }
            return addTrustedCertificate.build();
        } catch (Exception e) {
            throw new IllegalStateException("Failed to convert SSLContext to HandshakeCertificates", e);
        }
    }

    public static SSLContext createSslContext(HandshakeCertificates handshakeCertificates) {
        LOGGER.debug("Creating SSLContext from HandshakeCertificates");
        if (handshakeCertificates == null) {
            throw new IllegalArgumentException("HandshakeCertificates must not be null");
        }
        try {
            X509TrustManager trustManager = handshakeCertificates.trustManager();
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
            secureRandom.setSeed(System.currentTimeMillis());
            sSLContext.init(null, new TrustManager[]{trustManager}, secureRandom);
            return sSLContext;
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            throw new IllegalStateException(UNABLE_TO_CREATE_SSL_CONTEXT, e);
        }
    }

    @Generated
    private KeyMaterialUtil() {
        throw new UnsupportedOperationException("This is a utility class and cannot be instantiated");
    }
}
