package me.mrnavastar.protoweaver.loader.netty;

import io.netty.handler.codec.http2.Http2SecurityUtil;
import io.netty.handler.ssl.ApplicationProtocolConfig;
import io.netty.handler.ssl.OpenSsl;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslProvider;
import io.netty.handler.ssl.SupportedCipherSuiteFilter;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Collections;
import java.util.Date;
import lombok.Generated;
import me.mrnavastar.protoweaver.core.util.ProtoLogger;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: input_file:me/mrnavastar/protoweaver/loader/netty/SSLContext.class */
public class SSLContext {
    private static SslContext context;
    private static File privateKey;
    private static File cert;

    public static void initKeystore(String str) {
        Security.addProvider(new BouncyCastleProvider());
        privateKey = new File(str + "/keys/private.pem");
        cert = new File(str + "/keys/cert.pem");
    }

    /* JADX WARN: Finally extract failed */
    public static void genKeys() {
        if (privateKey.exists() && cert.exists()) {
            return;
        }
        ProtoLogger.info("Generating SSL Keys");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        X509Certificate genCert = genCert(generateKeyPair);
        privateKey.getParentFile().mkdirs();
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(new FileWriter(privateKey));
        try {
            jcaPEMWriter.writeObject(generateKeyPair.getPrivate());
            jcaPEMWriter = new JcaPEMWriter(new FileWriter(cert));
            try {
                jcaPEMWriter.writeObject(genCert);
                if (Collections.singletonList(jcaPEMWriter).get(0) != null) {
                    jcaPEMWriter.close();
                }
                if (Collections.singletonList(jcaPEMWriter).get(0) != null) {
                    jcaPEMWriter.close();
                }
            } finally {
                if (Collections.singletonList(jcaPEMWriter).get(0) != null) {
                    jcaPEMWriter.close();
                }
            }
        } catch (Throwable th) {
            throw th;
        }
    }

    public static void initContext() {
        context = SslContextBuilder.forServer(cert, privateKey).sslProvider(OpenSsl.isAvailable() ? SslProvider.OPENSSL : SslProvider.JDK).ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE).applicationProtocolConfig(new ApplicationProtocolConfig(ApplicationProtocolConfig.Protocol.ALPN, ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE, ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT, new String[]{"http/1.1"})).build();
        ProtoLogger.info("Initialized SSL Context");
    }

    private static X509Certificate genCert(KeyPair keyPair) throws OperatorCreationException, CertificateException, IOException {
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        Security.addProvider(bouncyCastleProvider);
        X500Name x500Name = new X500Name("CN=PROTOWEAVER");
        long currentTimeMillis = System.currentTimeMillis();
        Date date = new Date(currentTimeMillis);
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(date);
        calendar.add(1, 999);
        Date time = calendar.getTime();
        ContentSigner build = new JcaContentSignerBuilder("SHA256WithRSA").build(keyPair.getPrivate());
        JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(x500Name, new BigInteger(Long.toString(currentTimeMillis)), date, time, x500Name, keyPair.getPublic());
        jcaX509v3CertificateBuilder.addExtension(new ASN1ObjectIdentifier("2.5.29.19"), true, (ASN1Encodable) new BasicConstraints(true));
        return new JcaX509CertificateConverter().setProvider(bouncyCastleProvider).getCertificate(jcaX509v3CertificateBuilder.build(build));
    }

    @Generated
    public static SslContext getContext() {
        return context;
    }
}
