package io.privacyresearch.equation.proxy;

import java.io.IOException;
import java.math.BigInteger;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.util.Base64;
import java.util.Date;
import java.util.logging.Logger;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: input_file:io/privacyresearch/equation/proxy/CertificateUtils.class */
public class CertificateUtils {
    private static final Logger LOG = Logger.getLogger(CertificateUtils.class.getName());

    public static void generateCertificate(Path path, Path path2) throws Exception {
        LOG.info("Need to generate a certificate and store it at " + String.valueOf(path) + " and store a key at " + String.valueOf(path2));
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        path.getParent().toFile().mkdirs();
        writePrivateKey(generateKeyPair.getPrivate(), path2);
        X500Name x500Name = new X500Name("CN=WaveProxy Certificate");
        writeCertificate(new JcaX509CertificateConverter().getCertificate(new JcaX509v3CertificateBuilder(x500Name, BigInteger.valueOf(System.currentTimeMillis()), new Date(), new Date(System.currentTimeMillis() + 31536000000L), x500Name, generateKeyPair.getPublic()).build(new JcaContentSignerBuilder("SHA256withRSA").build(generateKeyPair.getPrivate()))), path);
    }

    public static void writePrivateKey(PrivateKey privateKey, Path path) throws IOException {
        Files.writeString(path, "-----BEGIN PRIVATE KEY-----\n" + Base64.getMimeEncoder(64, new byte[]{10}).encodeToString(privateKey.getEncoded()) + "\n-----END PRIVATE KEY-----", new OpenOption[0]);
    }

    public static void writeCertificate(Certificate certificate, Path path) throws IOException, CertificateEncodingException {
        Files.writeString(path, "-----BEGIN CERTIFICATE-----\n" + Base64.getMimeEncoder(64, new byte[]{10}).encodeToString(certificate.getEncoded()) + "\n-----END CERTIFICATE-----", new OpenOption[0]);
    }
}
