package com.floragunn.searchguard.test.helper.certificate.utils;

import java.io.File;
import java.io.FileWriter;
import java.io.StringWriter;
import java.security.PrivateKey;
import java.security.SecureRandom;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.openssl.PKCS8Generator;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.OutputEncryptor;
import org.bouncycastle.util.io.pem.PemGenerationException;
import org.bouncycastle.util.io.pem.PemObject;

/* loaded from: input_file:com/floragunn/searchguard/test/helper/certificate/utils/CertificateAndPrivateKeyWriter.class */
public class CertificateAndPrivateKeyWriter {
    private static final Logger log = LogManager.getLogger(CertificateAndPrivateKeyWriter.class);
    private static final SecureRandom secureRandom = new SecureRandom();

    public static String writeCertificate(X509CertificateHolder x509CertificateHolder) {
        StringWriter stringWriter = new StringWriter();
        try {
            JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
            try {
                jcaPEMWriter.writeObject(x509CertificateHolder);
                jcaPEMWriter.close();
                return stringWriter.toString();
            } finally {
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static void saveCertificate(File file, X509CertificateHolder x509CertificateHolder) {
        try {
            JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(new FileWriter(file));
            try {
                jcaPEMWriter.writeObject(x509CertificateHolder);
                jcaPEMWriter.close();
            } finally {
            }
        } catch (Exception e) {
            log.error("Error while writing certificate to file: {}", file.getAbsolutePath(), e);
            throw new RuntimeException(String.format("Error while writing to file: %s", file.getAbsolutePath()), e);
        }
    }

    public static void savePrivateKey(File file, PrivateKey privateKey, String str) {
        try {
            JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(new FileWriter(file));
            try {
                jcaPEMWriter.writeObject(createPkcs8PrivateKeyPem(privateKey, str));
                jcaPEMWriter.close();
            } finally {
            }
        } catch (Exception e) {
            log.error("Error while writing private key to file: {}", file.getAbsolutePath(), e);
            throw new RuntimeException(String.format("Error while writing private key to file: %s", file.getAbsolutePath()), e);
        }
    }

    private static PemObject createPkcs8PrivateKeyPem(PrivateKey privateKey, String str) {
        try {
            return new PKCS8Generator(PrivateKeyInfo.getInstance(privateKey.getEncoded()), getPasswordEncryptor(str)).generate();
        } catch (PemGenerationException | OperatorCreationException e) {
            log.error("Creating PKCS8 private key failed", e);
            throw new RuntimeException("Creating PKCS8 private key failed", e);
        }
    }

    private static OutputEncryptor getPasswordEncryptor(String str) throws OperatorCreationException {
        if (str == null) {
            return null;
        }
        JceOpenSSLPKCS8EncryptorBuilder jceOpenSSLPKCS8EncryptorBuilder = new JceOpenSSLPKCS8EncryptorBuilder(PKCS8Generator.PBE_SHA1_3DES);
        jceOpenSSLPKCS8EncryptorBuilder.setRandom(secureRandom);
        jceOpenSSLPKCS8EncryptorBuilder.setPassword(str.toCharArray());
        return jceOpenSSLPKCS8EncryptorBuilder.build();
    }
}
