package io.netty.handler.ssl.util;

import io.netty.buffer.ByteBuf;
import io.netty.buffer.Unpooled;
import io.netty.handler.ssl.util.SelfSignedCertificate;
import io.netty.util.internal.PlatformDependent;
import java.io.IOException;
import java.io.InputStream;
import java.io.InterruptedIOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.attribute.FileAttribute;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.time.ZoneId;
import java.time.format.DateTimeFormatter;
import java.time.temporal.ChronoUnit;
import java.util.Locale;
import java.util.concurrent.TimeUnit;
import org.apache.log4j.component.helpers.Constants;

/* loaded from: input_file:WEB-INF/lib/netty-handler-4.2.0.Final.jar:io/netty/handler/ssl/util/KeytoolSelfSignedCertGenerator.class */
final class KeytoolSelfSignedCertGenerator {
    private static final DateTimeFormatter DATE_FORMAT = DateTimeFormatter.ofPattern(Constants.TIMESTAMP_RULE_FORMAT, Locale.ROOT);
    private static final String ALIAS = "alias";
    private static final String PASSWORD = "insecurepassword";
    private static final Path KEYTOOL;
    private static final String KEY_STORE_TYPE;

    private KeytoolSelfSignedCertGenerator() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isAvailable() {
        return KEYTOOL != null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void generate(SelfSignedCertificate.Builder builder) throws IOException, GeneralSecurityException {
        Path createTempDirectory = Files.createTempDirectory("keytool_" + builder.fqdn.replaceAll("[^\\w.-]", "x"), new FileAttribute[0]);
        Path resolve = createTempDirectory.resolve("keystore.jks");
        try {
            Process start = new ProcessBuilder(new String[0]).command("keytool", "-genkeypair", "-keyalg", builder.algorithm, "-keysize", String.valueOf(builder.bits), "-startdate", DATE_FORMAT.format(builder.notBefore.toInstant().atZone(ZoneId.systemDefault())), "-validity", String.valueOf(builder.notBefore.toInstant().until(builder.notAfter.toInstant(), ChronoUnit.DAYS)), "-keystore", resolve.toString(), "-alias", "alias", "-keypass", PASSWORD, "-storepass", PASSWORD, "-dname", "CN=" + builder.fqdn, "-storetype", KEY_STORE_TYPE).redirectErrorStream(true).start();
            try {
                if (!start.waitFor(60L, TimeUnit.SECONDS)) {
                    start.destroyForcibly();
                    throw new IOException("keytool timeout");
                }
                if (start.exitValue() == 0) {
                    KeyStore keyStore = KeyStore.getInstance(KEY_STORE_TYPE);
                    InputStream newInputStream = Files.newInputStream(resolve, new OpenOption[0]);
                    try {
                        keyStore.load(newInputStream, PASSWORD.toCharArray());
                        if (newInputStream != null) {
                            newInputStream.close();
                        }
                        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("alias", new KeyStore.PasswordProtection(PASSWORD.toCharArray()));
                        builder.paths = SelfSignedCertificate.newSelfSignedCertificate(builder.fqdn, privateKeyEntry.getPrivateKey(), (X509Certificate) privateKeyEntry.getCertificate());
                        builder.privateKey = privateKeyEntry.getPrivateKey();
                        Files.deleteIfExists(resolve);
                        Files.delete(createTempDirectory);
                        return;
                    } finally {
                    }
                }
                ByteBuf buffer = Unpooled.buffer();
                try {
                    InputStream inputStream = start.getInputStream();
                    do {
                        try {
                        } catch (Throwable th) {
                            if (inputStream != null) {
                                try {
                                    inputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    } while (buffer.writeBytes(inputStream, 4096) != -1);
                    if (inputStream != null) {
                        inputStream.close();
                    }
                    throw new IOException("Keytool exited with status " + start.exitValue() + ": " + buffer.toString(StandardCharsets.UTF_8));
                } catch (Throwable th3) {
                    buffer.release();
                    throw th3;
                }
            } catch (InterruptedException e) {
                start.destroyForcibly();
                Thread.currentThread().interrupt();
                throw new InterruptedIOException();
            }
        } catch (Throwable th4) {
            Files.deleteIfExists(resolve);
            Files.delete(createTempDirectory);
            throw th4;
        }
        Files.deleteIfExists(resolve);
        Files.delete(createTempDirectory);
        throw th4;
    }

    static {
        String property = System.getProperty("java.home");
        if (property == null) {
            KEYTOOL = null;
        } else {
            Path resolve = Paths.get(property, new String[0]).resolve("bin").resolve("keytool");
            if (Files.exists(resolve, new LinkOption[0])) {
                KEYTOOL = resolve;
            } else {
                KEYTOOL = null;
            }
        }
        KEY_STORE_TYPE = PlatformDependent.javaVersion() >= 11 ? "PKCS12" : "JKS";
    }
}
