package org.rossonet.ext.utils;

import java.security.KeyPair;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.time.LocalDate;
import java.time.Period;
import java.time.ZoneId;
import java.time.temporal.TemporalAmount;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import org.rossonet.ext.picocli.CommandLine;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/rossonet/ext/utils/SelfSignedCertificateBuilder.class */
public class SelfSignedCertificateBuilder {
    public static final String SA_SHA1_RSA = "SHA1withRSA";
    public static final String SA_SHA256_RSA = "SHA256withRSA";
    public static final String SA_SHA256_ECDSA = "SHA256withECDSA";
    private Period validityPeriod;
    private String commonName;
    private String organization;
    private String organizationalUnit;
    private String localityName;
    private String stateName;
    private String countryCode;
    private String applicationUri;
    private final List<String> dnsNames;
    private final List<String> ipAddresses;
    private String signatureAlgorithm;
    private final KeyPair keyPair;
    private final SelfSignedCertificateGenerator generator;

    public SelfSignedCertificateBuilder(KeyPair keyPair) {
        this(keyPair, new SelfSignedCertificateGenerator());
    }

    public SelfSignedCertificateBuilder(KeyPair keyPair, SelfSignedCertificateGenerator selfSignedCertificateGenerator) {
        this.validityPeriod = Period.ofYears(3);
        this.commonName = CommandLine.Model.OptionSpec.DEFAULT_FALLBACK_VALUE;
        this.organization = CommandLine.Model.OptionSpec.DEFAULT_FALLBACK_VALUE;
        this.organizationalUnit = CommandLine.Model.OptionSpec.DEFAULT_FALLBACK_VALUE;
        this.localityName = CommandLine.Model.OptionSpec.DEFAULT_FALLBACK_VALUE;
        this.stateName = CommandLine.Model.OptionSpec.DEFAULT_FALLBACK_VALUE;
        this.countryCode = CommandLine.Model.OptionSpec.DEFAULT_FALLBACK_VALUE;
        this.applicationUri = CommandLine.Model.OptionSpec.DEFAULT_FALLBACK_VALUE;
        this.dnsNames = new ArrayList();
        this.ipAddresses = new ArrayList();
        this.signatureAlgorithm = SA_SHA256_RSA;
        this.keyPair = keyPair;
        this.generator = selfSignedCertificateGenerator;
        if (!(keyPair.getPublic() instanceof RSAPublicKey)) {
            if (keyPair.getPublic() instanceof ECPublicKey) {
                this.signatureAlgorithm = SA_SHA256_ECDSA;
            }
        } else {
            this.signatureAlgorithm = SA_SHA256_RSA;
            int bitLength = ((RSAPublicKey) keyPair.getPublic()).getModulus().bitLength();
            if (bitLength <= 1024) {
                LoggerFactory.getLogger(getClass()).warn("Using legacy key size: {}", Integer.valueOf(bitLength));
            }
        }
    }

    public SelfSignedCertificateBuilder addDnsName(String str) {
        this.dnsNames.add(str);
        return this;
    }

    public SelfSignedCertificateBuilder addIpAddress(String str) {
        this.ipAddresses.add(str);
        return this;
    }

    public X509Certificate build() throws Exception {
        LocalDate now = LocalDate.now();
        LocalDate plus = now.plus((TemporalAmount) this.validityPeriod);
        return this.generator.generateSelfSigned(this.keyPair, Date.from(now.atStartOfDay(ZoneId.systemDefault()).toInstant()), Date.from(plus.atStartOfDay(ZoneId.systemDefault()).toInstant()), this.commonName, this.organization, this.organizationalUnit, this.localityName, this.stateName, this.countryCode, this.applicationUri, this.dnsNames, this.ipAddresses, this.signatureAlgorithm);
    }

    public SelfSignedCertificateBuilder setApplicationUri(String str) {
        this.applicationUri = str;
        return this;
    }

    public SelfSignedCertificateBuilder setCommonName(String str) {
        this.commonName = str;
        return this;
    }

    public SelfSignedCertificateBuilder setCountryCode(String str) {
        this.countryCode = str;
        return this;
    }

    public SelfSignedCertificateBuilder setLocalityName(String str) {
        this.localityName = str;
        return this;
    }

    public SelfSignedCertificateBuilder setOrganization(String str) {
        this.organization = str;
        return this;
    }

    public SelfSignedCertificateBuilder setOrganizationalUnit(String str) {
        this.organizationalUnit = str;
        return this;
    }

    public SelfSignedCertificateBuilder setSignatureAlgorithm(String str) {
        this.signatureAlgorithm = str;
        return this;
    }

    public SelfSignedCertificateBuilder setStateName(String str) {
        this.stateName = str;
        return this;
    }

    public SelfSignedCertificateBuilder setValidityPeriod(Period period) {
        this.validityPeriod = period;
        return this;
    }
}
