package org.apache.james.utils;

import jakarta.inject.Inject;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import java.util.Date;
import org.apache.james.filesystem.api.FileSystem;
import org.bouncycastle.asn1.cmp.PKIFailureInfo;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/james/utils/KeystoreCreator.class */
public class KeystoreCreator {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) KeystoreCreator.class);
    private final FileSystem fileSystem;

    @Inject
    public KeystoreCreator(FileSystem fileSystem) {
        this.fileSystem = fileSystem;
    }

    public void generateKeystore(String str, String str2, String str3) throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(PKIFailureInfo.certConfirmed);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        X500Name x500Name = new X500Name("CN=james");
        X509Certificate certificate = new JcaX509CertificateConverter().getCertificate(new JcaX509v3CertificateBuilder(x500Name, new BigInteger(64, new SecureRandom()), Date.from(Instant.now()), Date.from(Instant.now().plus(365L, (TemporalUnit) ChronoUnit.DAYS)), x500Name, generateKeyPair.getPublic()).build(new JcaContentSignerBuilder("SHA256WITHRSA").build(generateKeyPair.getPrivate())));
        char[] charArray = str2.toCharArray();
        KeyStore keyStore = KeyStore.getInstance(str3);
        keyStore.load(null, charArray);
        keyStore.setEntry("james", new KeyStore.PrivateKeyEntry(generateKeyPair.getPrivate(), new Certificate[]{certificate}), new KeyStore.PasswordProtection(charArray));
        storeFile(str, charArray, keyStore);
    }

    private void storeFile(String str, char[] cArr, KeyStore keyStore) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException {
        File file = this.fileSystem.getFile(str);
        if (file.exists()) {
            return;
        }
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            try {
                keyStore.store(fileOutputStream, cArr);
                LOGGER.info("Generated keystore file: {}", file.getPath());
                fileOutputStream.close();
            } finally {
            }
        } catch (IOException e) {
            throw new RuntimeException("Error when creating Keystore file: " + file.getPath(), e);
        }
    }
}
