package io.skodjob.testframe.security;

import io.skodjob.testframe.TestFrameConstants;
import io.skodjob.testframe.wait.Wait;
import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.attribute.FileAttribute;
import java.time.LocalDateTime;
import java.time.ZoneId;
import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/skodjob/testframe/security/OpenSsl.class */
public class OpenSsl {
    private static final Logger LOGGER = LoggerFactory.getLogger(OpenSsl.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/skodjob/testframe/security/OpenSsl$OpenSslCommand.class */
    public static class OpenSslCommand {
        ProcessBuilder pb;

        OpenSslCommand(String str) {
            this("openssl", str);
        }

        OpenSslCommand(String str, String str2) {
            this.pb = new ProcessBuilder(new String[0]);
            this.pb.command().add(str);
            this.pb.command().add(str2);
        }

        public OpenSslCommand withOption(String str) {
            this.pb.command().add(str);
            return this;
        }

        public OpenSslCommand withOptionAndArgument(String str, File file) {
            this.pb.command().add(str);
            this.pb.command().add(file.getAbsolutePath());
            return this;
        }

        public OpenSslCommand withOptionAndArgument(String str, String str2) {
            this.pb.command().add(str);
            this.pb.command().add(str2);
            return this;
        }

        public void execute() {
            executeAndReturnOnSuccess(true);
        }

        public String executeAndReturn() {
            return executeAndReturnOnSuccess(true);
        }

        public String executeAndReturnOnSuccess(boolean z) {
            Path path = null;
            try {
                try {
                    path = Files.createTempFile("openssl-command-output-", ".txt", new FileAttribute[0]);
                    this.pb.redirectErrorStream(true).redirectOutput(path.toFile());
                    OpenSsl.LOGGER.debug("Running command: {}", this.pb.command());
                    Process start = this.pb.start();
                    start.getOutputStream().close();
                    int waitFor = start.waitFor();
                    String readString = Files.readString(path, StandardCharsets.UTF_8);
                    if (waitFor != 0 && z) {
                        throw new RuntimeException("Openssl command failed. " + readString);
                    }
                    removeFile(path);
                    return readString;
                } catch (IOException | InterruptedException e) {
                    throw new RuntimeException(e);
                }
            } catch (Throwable th) {
                removeFile(path);
                throw th;
            }
        }

        static void removeFile(Path path) {
            if (path == null || !Files.exists(path, new LinkOption[0])) {
                return;
            }
            try {
                Files.delete(path);
            } catch (IOException e) {
                OpenSsl.LOGGER.debug("File could not be removed: {}", path);
            }
        }
    }

    private OpenSsl() {
    }

    public static File generatePrivateKey() {
        return generatePrivateKey(CertAndKeyBuilder.KEY_SIZE);
    }

    public static File generatePrivateKey(int i) {
        try {
            LOGGER.info("Creating client RSA private key with size of {} bits", Integer.valueOf(i));
            File file = Files.createTempFile("private-key-", ".pem", new FileAttribute[0]).toFile();
            new OpenSslCommand("genpkey").withOptionAndArgument("-algorithm", CertAndKeyBuilder.KEY_PAIR_ALGORITHM).withOptionAndArgument("-pkeyopt", "rsa_keygen_bits:" + i).withOptionAndArgument("-out", file).execute();
            return file;
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public static File generateCertSigningRequest(File file, String str) {
        try {
            LOGGER.info("Creating Certificate Signing Request file");
            File file2 = Files.createTempFile("csr-", ".pem", new FileAttribute[0]).toFile();
            new OpenSslCommand("req").withOption("-new").withOptionAndArgument("-key", file).withOptionAndArgument("-out", file2).withOptionAndArgument("-subj", str).execute();
            return file2;
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public static File generateSignedCert(File file, File file2, File file3) {
        try {
            LOGGER.info("Creating signed certificate file");
            File file4 = Files.createTempFile("signed-cert-", ".pem", new FileAttribute[0]).toFile();
            new OpenSslCommand("x509").withOption("-req").withOptionAndArgument("-in", file).withOptionAndArgument("-CA", file2).withOptionAndArgument("-CAkey", file3).withOptionAndArgument("-out", file4).withOption("-CAcreateserial").execute();
            waitForCertIsInValidDateRange(file4);
            return file4;
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public static void waitForCertIsInValidDateRange(File file) {
        String replace = new OpenSslCommand("x509").withOption("-noout").withOption("-dates").withOptionAndArgument("-in", file).executeAndReturn().trim().replace("  ", " ");
        String replace2 = replace.split("\n")[0].replace("notBefore=", "");
        String replace3 = replace.split("\n")[1].replace("notAfter=", "");
        ZoneId of = ZoneId.of("GMT");
        DateTimeFormatter ofPattern = DateTimeFormatter.ofPattern("MMM d[d] HH:mm:ss yyyy z");
        ZonedDateTime of2 = ZonedDateTime.of(LocalDateTime.parse(replace2, ofPattern), of);
        ZonedDateTime of3 = ZonedDateTime.of(LocalDateTime.parse(replace3, ofPattern), of);
        Wait.until("certificate to be in valid date range", TestFrameConstants.POLL_INTERVAL_FOR_RESOURCE_READINESS, TestFrameConstants.GLOBAL_POLL_INTERVAL_LONG, () -> {
            ZonedDateTime now = ZonedDateTime.now(of);
            return now.isAfter(of2.plusSeconds(10L)) && now.isBefore(of3.minusSeconds(10L));
        });
    }
}
