package de.fraunhofer.iosb.ilt.faaast.service.certificate.util;

import java.security.KeyPair;
import java.security.cert.X509Certificate;
import java.time.LocalDate;
import java.time.Period;
import java.time.ZoneId;
import java.time.temporal.TemporalAmount;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import org.bouncycastle.cert.X509v3CertificateBuilder;

/* loaded from: input_file:de/fraunhofer/iosb/ilt/faaast/service/certificate/util/SelfSignedHttpsCertificateBuilder.class */
public class SelfSignedHttpsCertificateBuilder {
    private static final String SA_SHA256_RSA = "SHA256withRSA";
    private String commonName;
    private final KeyPair keyPair;
    private final HttpsCertificateGenerator generator = new HttpsCertificateGenerator();
    private Period validityPeriod = Period.ofYears(3);
    private List<String> dnsNames = new ArrayList();
    private List<String> ipAddresses = new ArrayList();

    /* loaded from: input_file:de/fraunhofer/iosb/ilt/faaast/service/certificate/util/SelfSignedHttpsCertificateBuilder$HttpsCertificateGenerator.class */
    private static class HttpsCertificateGenerator extends SelfSignedCertificateGenerator {
        private HttpsCertificateGenerator() {
        }

        @Override // de.fraunhofer.iosb.ilt.faaast.service.certificate.util.SelfSignedCertificateGenerator
        protected void addKeyUsage(X509v3CertificateBuilder x509v3CertificateBuilder) {
        }

        @Override // de.fraunhofer.iosb.ilt.faaast.service.certificate.util.SelfSignedCertificateGenerator
        protected void addExtendedKeyUsage(X509v3CertificateBuilder x509v3CertificateBuilder) {
        }
    }

    public SelfSignedHttpsCertificateBuilder(KeyPair keyPair) {
        this.keyPair = keyPair;
    }

    public SelfSignedHttpsCertificateBuilder setValidityPeriod(Period period) {
        this.validityPeriod = period;
        return this;
    }

    public SelfSignedHttpsCertificateBuilder setCommonName(String str) {
        this.commonName = str;
        return this;
    }

    public SelfSignedHttpsCertificateBuilder addDnsName(String str) {
        this.dnsNames.add(str);
        return this;
    }

    public SelfSignedHttpsCertificateBuilder addIpAddress(String str) {
        this.ipAddresses.add(str);
        return this;
    }

    public X509Certificate build() throws Exception {
        LocalDate now = LocalDate.now();
        LocalDate plus = now.plus((TemporalAmount) this.validityPeriod);
        return this.generator.generateSelfSigned(this.keyPair, Date.from(now.atStartOfDay(ZoneId.systemDefault()).toInstant()), Date.from(plus.atStartOfDay(ZoneId.systemDefault()).toInstant()), this.commonName, null, null, null, null, null, null, this.dnsNames, this.ipAddresses, "SHA256withRSA");
    }
}
