package com.dsingley.testpki;

import java.io.File;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.Collections;
import java.util.concurrent.atomic.AtomicReference;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509TrustManager;
import lombok.Generated;
import okhttp3.tls.HeldCertificate;

/* loaded from: input_file:com/dsingley/testpki/TestPKICertificate.class */
public class TestPKICertificate {
    private final TestPKI testPKI;
    private final String commonName;
    private final HeldCertificate certificate;
    private File keystoreFile;
    private File certPemFile;
    private File keyPemFile;

    @Generated
    private final Object $lock = new Object[0];
    private final AtomicReference<Object> certificateFingerprintSHA256 = new AtomicReference<>();
    private final AtomicReference<Object> publicKeyFingerprintSHA256 = new AtomicReference<>();
    private final AtomicReference<Object> keystorePassword = new AtomicReference<>();

    /* JADX INFO: Access modifiers changed from: private */
    @FunctionalInterface
    /* loaded from: input_file:com/dsingley/testpki/TestPKICertificate$ThrowingSupplier.class */
    public interface ThrowingSupplier<T> {
        T get() throws Exception;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public TestPKICertificate(TestPKI testPKI, String str, HeldCertificate heldCertificate) {
        this.testPKI = testPKI;
        this.commonName = str;
        this.certificate = heldCertificate;
    }

    public String getIssuerDN() {
        return this.certificate.certificate().getIssuerX500Principal().getName();
    }

    public String getSubjectDN() {
        return this.certificate.certificate().getSubjectX500Principal().getName();
    }

    public long getSerialNumber() {
        return this.certificate.certificate().getSerialNumber().longValueExact();
    }

    public KeyPair getKeyPair() {
        return this.certificate.keyPair();
    }

    public File getOrCreateKeystoreFile() {
        synchronized (this.$lock) {
            if (this.keystoreFile != null) {
                return this.keystoreFile;
            }
            this.keystoreFile = this.testPKI.createKeystoreFile(this.commonName, getKeystorePassword(), this.certificate);
            return this.keystoreFile;
        }
    }

    public File getOrCreateCertPemFile() {
        synchronized (this.$lock) {
            if (this.certPemFile != null) {
                return this.certPemFile;
            }
            this.certPemFile = this.testPKI.createPemFile(this.commonName, ".cert", Collections.singleton(this.certificate), heldCertificate -> {
                return heldCertificate.certificatePem().getBytes();
            });
            return this.certPemFile;
        }
    }

    public String getCertPem() {
        return this.certificate.certificatePem();
    }

    public File getOrCreateKeyPemFile() {
        synchronized (this.$lock) {
            if (this.keyPemFile != null) {
                return this.keyPemFile;
            }
            this.keyPemFile = this.testPKI.createPemFile(this.commonName, ".key", Collections.singleton(this.certificate), heldCertificate -> {
                return heldCertificate.privateKeyPkcs8Pem().getBytes();
            });
            return this.keyPemFile;
        }
    }

    public String getKeyPem() {
        return this.certificate.privateKeyPkcs8Pem();
    }

    public SSLSocketFactory getSSLSocketFactory() {
        return this.testPKI.getSSLSocketFactory(this.certificate);
    }

    public X509TrustManager getTrustManager() {
        return this.testPKI.getTrustManager(this.certificate);
    }

    private static String computeFingerprint(ThrowingSupplier<byte[]> throwingSupplier, String str) {
        byte[] digest = MessageDigest.getInstance(str).digest(throwingSupplier.get());
        StringBuilder sb = new StringBuilder();
        for (byte b : digest) {
            sb.append(String.format("%02X", Byte.valueOf(b)));
        }
        return sb.toString().toLowerCase();
    }

    private static String randomPassword() {
        byte[] bArr = new byte[20];
        new SecureRandom().nextBytes(bArr);
        return Base64.getEncoder().encodeToString(bArr);
    }

    @Generated
    public String getCertificateFingerprintSHA256() {
        Object obj = this.certificateFingerprintSHA256.get();
        if (obj == null) {
            synchronized (this.certificateFingerprintSHA256) {
                obj = this.certificateFingerprintSHA256.get();
                if (obj == null) {
                    String computeFingerprint = computeFingerprint(() -> {
                        return this.certificate.certificate().getEncoded();
                    }, "SHA-256");
                    obj = computeFingerprint == null ? this.certificateFingerprintSHA256 : computeFingerprint;
                    this.certificateFingerprintSHA256.set(obj);
                }
            }
        }
        return (String) (obj == this.certificateFingerprintSHA256 ? null : obj);
    }

    @Generated
    public String getPublicKeyFingerprintSHA256() {
        Object obj = this.publicKeyFingerprintSHA256.get();
        if (obj == null) {
            synchronized (this.publicKeyFingerprintSHA256) {
                obj = this.publicKeyFingerprintSHA256.get();
                if (obj == null) {
                    String computeFingerprint = computeFingerprint(() -> {
                        return this.certificate.keyPair().getPublic().getEncoded();
                    }, "SHA-256");
                    obj = computeFingerprint == null ? this.publicKeyFingerprintSHA256 : computeFingerprint;
                    this.publicKeyFingerprintSHA256.set(obj);
                }
            }
        }
        return (String) (obj == this.publicKeyFingerprintSHA256 ? null : obj);
    }

    @Generated
    public String getKeystorePassword() {
        Object obj = this.keystorePassword.get();
        if (obj == null) {
            synchronized (this.keystorePassword) {
                obj = this.keystorePassword.get();
                if (obj == null) {
                    String randomPassword = randomPassword();
                    obj = randomPassword == null ? this.keystorePassword : randomPassword;
                    this.keystorePassword.set(obj);
                }
            }
        }
        return (String) (obj == this.keystorePassword ? null : obj);
    }
}
