package water.network;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.attribute.FileAttribute;
import java.security.SecureRandom;
import java.util.Properties;

/* loaded from: input_file:water/network/SecurityUtils.class */
public class SecurityUtils {
    private static final String AB = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
    private static SecureRandom RANDOM = new SecureRandom();
    private static final String[] keyToolCandidates = {"sun.security.tools.KeyTool", "sun.security.tools.keytool.Main", "com.ibm.crypto.tools.KeyTool"};

    /* loaded from: input_file:water/network/SecurityUtils$SSLCredentials.class */
    public static class SSLCredentials {
        public StoreCredentials jks;
        public StoreCredentials jts;

        SSLCredentials(StoreCredentials storeCredentials, StoreCredentials storeCredentials2) {
            this.jks = storeCredentials;
            this.jts = storeCredentials2;
        }
    }

    /* loaded from: input_file:water/network/SecurityUtils$StoreCredentials.class */
    public static class StoreCredentials {
        public String name;
        public String path;
        public String pass;

        StoreCredentials(String str, String str2, String str3) {
            this.name = null;
            this.path = null;
            this.pass = null;
            this.name = str;
            this.path = str2;
            this.pass = str3;
        }

        public String getLocation() {
            return (null == this.path || this.path.isEmpty()) ? this.name : this.path + File.separatorChar + this.name;
        }
    }

    private static StoreCredentials generateKeystore(String str, String str2) throws Exception {
        return generateKeystore(str, "h2o-internal.jks", str2);
    }

    private static StoreCredentials generateKeystore(String str) throws Exception {
        return generateKeystore(str, "h2o-internal.jks", "");
    }

    private static StoreCredentials generateKeystore(String str, String str2, String str3) throws Exception {
        String str4 = (null == str3 || str3.isEmpty()) ? str2 : str3 + File.separatorChar + str2;
        if (new File(str4).exists()) {
            throw new IllegalStateException("A file under the location " + str4 + " already exists. Please delete it first.");
        }
        getKeyToolClass().getMethod("main", String[].class).invoke(null, new String[]{"-genkeypair", "-alias", "h2o-internal", "-keyalg", "RSA", "-sigalg", "SHA256withRSA", "-dname", "CN=Java", "-storetype", "JKS", "-keypass", str, "-keystore", str4, "-storepass", str, "-validity", "3650"});
        new File(str4).deleteOnExit();
        return new StoreCredentials(str2, str3, str);
    }

    private static Class<?> getKeyToolClass() {
        for (String str : keyToolCandidates) {
            try {
                return Class.forName(str);
            } catch (Exception e) {
            }
        }
        throw new IllegalStateException("This version of Java is not supported. Please use Oracle/OpenJDK/IBM JDK version 6/7/8 or later");
    }

    public static SSLCredentials generateSSLPair(String str, String str2, String str3) throws Exception {
        StoreCredentials generateKeystore = generateKeystore(str, str2, str3);
        return new SSLCredentials(generateKeystore, generateKeystore);
    }

    public static SSLCredentials generateSSLPair() throws Exception {
        Path createTempDirectory = Files.createTempDirectory("h2o-internal-jks-" + Long.toString(System.nanoTime()), new FileAttribute[0]);
        createTempDirectory.toFile().deleteOnExit();
        StoreCredentials generateKeystore = generateKeystore(passwordGenerator(16), createTempDirectory.toAbsolutePath().toString());
        return new SSLCredentials(generateKeystore, generateKeystore);
    }

    public static String passwordGenerator(int i) {
        StringBuilder sb = new StringBuilder(i);
        for (int i2 = 0; i2 < i; i2++) {
            sb.append(AB.charAt(RANDOM.nextInt(AB.length())));
        }
        return sb.toString();
    }

    public static String generateSSLConfig(SSLCredentials sSLCredentials) throws IOException {
        File createTempFile = File.createTempFile("h2o-internal-" + Long.toString(System.nanoTime()), "-ssl.properties");
        createTempFile.deleteOnExit();
        return generateSSLConfig(sSLCredentials, createTempFile.getAbsolutePath());
    }

    static String generateSSLConfig(SSLCredentials sSLCredentials, String str) throws IOException {
        Properties properties = new Properties();
        properties.put("h2o_ssl_protocol", defaultTLSVersion());
        properties.put("h2o_ssl_jks_internal", sSLCredentials.jks.name);
        properties.put("h2o_ssl_jks_password", sSLCredentials.jks.pass);
        properties.put("h2o_ssl_jts", sSLCredentials.jts.name);
        properties.put("h2o_ssl_jts_password", sSLCredentials.jts.pass);
        FileOutputStream fileOutputStream = new FileOutputStream(str);
        try {
            properties.store(fileOutputStream, "");
            fileOutputStream.close();
            return str;
        } finally {
            try {
                fileOutputStream.close();
            } catch (IOException e) {
            }
        }
    }

    public static String defaultTLSVersion() {
        return System.getProperty("java.version", "NA").startsWith("1.6") ? "TLSv1" : "TLSv1.2";
    }
}
