package io.netty.handler.ssl.util;

import gg.essential.lib.caffeine.cache.LocalCacheFactory;
import io.netty.util.internal.PlatformDependent;
import io.netty.util.internal.SuppressJava6Requirement;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.math.BigInteger;
import java.security.AccessController;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PrivilegedAction;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.util.Date;
import sun.security.x509.AlgorithmId;
import sun.security.x509.CertificateAlgorithmId;
import sun.security.x509.CertificateSerialNumber;
import sun.security.x509.CertificateSubjectName;
import sun.security.x509.CertificateValidity;
import sun.security.x509.CertificateVersion;
import sun.security.x509.CertificateX509Key;
import sun.security.x509.X500Name;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;

/* loaded from: input_file:essential-26c7dba49d1f887275157309077ae24e.jar:gg/essential/sps/quic/jvm/netty.jar:io/netty/handler/ssl/util/OpenJdkSelfSignedCertGenerator.class */
final class OpenJdkSelfSignedCertGenerator {
    private static final InternalLogger logger = InternalLoggerFactory.getInstance((Class<?>) OpenJdkSelfSignedCertGenerator.class);
    private static final Method CERT_INFO_SET_METHOD;
    private static final Constructor<?> ISSUER_NAME_CONSTRUCTOR;
    private static final Constructor<X509CertImpl> CERT_IMPL_CONSTRUCTOR;
    private static final Method CERT_IMPL_GET_METHOD;
    private static final Method CERT_IMPL_SIGN_METHOD;

    /* JADX INFO: Access modifiers changed from: package-private */
    @SuppressJava6Requirement(reason = "Usage guarded by dependency check")
    public static String[] generate(String str, KeyPair keyPair, SecureRandom secureRandom, Date date, Date date2, String str2) throws Exception {
        if (CERT_INFO_SET_METHOD == null || ISSUER_NAME_CONSTRUCTOR == null || CERT_IMPL_CONSTRUCTOR == null || CERT_IMPL_GET_METHOD == null || CERT_IMPL_SIGN_METHOD == null) {
            throw new UnsupportedOperationException(OpenJdkSelfSignedCertGenerator.class.getSimpleName() + " not supported on the used JDK version");
        }
        PrivateKey privateKey = keyPair.getPrivate();
        X509CertInfo x509CertInfo = new X509CertInfo();
        X500Name x500Name = new X500Name("CN=" + str);
        CERT_INFO_SET_METHOD.invoke(x509CertInfo, "version", new CertificateVersion(2));
        CERT_INFO_SET_METHOD.invoke(x509CertInfo, "serialNumber", new CertificateSerialNumber(new BigInteger(64, secureRandom)));
        try {
            CERT_INFO_SET_METHOD.invoke(x509CertInfo, "subject", new CertificateSubjectName(x500Name));
        } catch (InvocationTargetException e) {
            if (!(e.getCause() instanceof CertificateException)) {
                throw e;
            }
            CERT_INFO_SET_METHOD.invoke(x509CertInfo, "subject", x500Name);
        }
        try {
            CERT_INFO_SET_METHOD.invoke(x509CertInfo, "issuer", ISSUER_NAME_CONSTRUCTOR.newInstance(x500Name));
        } catch (InvocationTargetException e2) {
            if (!(e2.getCause() instanceof CertificateException)) {
                throw e2;
            }
            CERT_INFO_SET_METHOD.invoke(x509CertInfo, "issuer", x500Name);
        }
        CERT_INFO_SET_METHOD.invoke(x509CertInfo, "validity", new CertificateValidity(date, date2));
        CERT_INFO_SET_METHOD.invoke(x509CertInfo, LocalCacheFactory.KEY, new CertificateX509Key(keyPair.getPublic()));
        CERT_INFO_SET_METHOD.invoke(x509CertInfo, "algorithmID", new CertificateAlgorithmId(AlgorithmId.get("1.2.840.113549.1.1.11")));
        X509CertImpl newInstance = CERT_IMPL_CONSTRUCTOR.newInstance(x509CertInfo);
        Method method = CERT_IMPL_SIGN_METHOD;
        Object[] objArr = new Object[2];
        objArr[0] = privateKey;
        objArr[1] = str2.equalsIgnoreCase("EC") ? "SHA256withECDSA" : "SHA256withRSA";
        method.invoke(newInstance, objArr);
        CERT_INFO_SET_METHOD.invoke(x509CertInfo, "algorithmID.algorithm", CERT_IMPL_GET_METHOD.invoke(newInstance, "x509.algorithm"));
        X509CertImpl newInstance2 = CERT_IMPL_CONSTRUCTOR.newInstance(x509CertInfo);
        Method method2 = CERT_IMPL_SIGN_METHOD;
        Object[] objArr2 = new Object[2];
        objArr2[0] = privateKey;
        objArr2[1] = str2.equalsIgnoreCase("EC") ? "SHA256withECDSA" : "SHA256withRSA";
        method2.invoke(newInstance2, objArr2);
        newInstance2.verify(keyPair.getPublic());
        return SelfSignedCertificate.newSelfSignedCertificate(str, privateKey, newInstance2);
    }

    private OpenJdkSelfSignedCertGenerator() {
    }

    static {
        Object doPrivileged;
        Method method = null;
        Constructor<?> constructor = null;
        Constructor<X509CertImpl> constructor2 = null;
        Method method2 = null;
        Method method3 = null;
        try {
            doPrivileged = AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: io.netty.handler.ssl.util.OpenJdkSelfSignedCertGenerator.1
                @Override // java.security.PrivilegedAction
                public Object run() {
                    try {
                        return X509CertInfo.class.getMethod("set", String.class, Object.class);
                    } catch (Throwable th) {
                        return th;
                    }
                }
            });
        } catch (Throwable th) {
            logger.debug(OpenJdkSelfSignedCertGenerator.class.getSimpleName() + " not supported", th);
        }
        if (!(doPrivileged instanceof Method)) {
            throw ((Throwable) doPrivileged);
        }
        method = (Method) doPrivileged;
        Object doPrivileged2 = AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: io.netty.handler.ssl.util.OpenJdkSelfSignedCertGenerator.2
            @Override // java.security.PrivilegedAction
            public Object run() {
                try {
                    return Class.forName("sun.security.x509.CertificateIssuerName", false, PlatformDependent.getClassLoader(OpenJdkSelfSignedCertGenerator.class)).getConstructor(X500Name.class);
                } catch (Throwable th2) {
                    return th2;
                }
            }
        });
        if (!(doPrivileged2 instanceof Constructor)) {
            throw ((Throwable) doPrivileged2);
        }
        constructor = (Constructor) doPrivileged2;
        Object doPrivileged3 = AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: io.netty.handler.ssl.util.OpenJdkSelfSignedCertGenerator.3
            @Override // java.security.PrivilegedAction
            public Object run() {
                try {
                    return X509CertImpl.class.getConstructor(X509CertInfo.class);
                } catch (Throwable th2) {
                    return th2;
                }
            }
        });
        if (!(doPrivileged3 instanceof Constructor)) {
            throw ((Throwable) doPrivileged3);
        }
        constructor2 = (Constructor) doPrivileged3;
        Object doPrivileged4 = AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: io.netty.handler.ssl.util.OpenJdkSelfSignedCertGenerator.4
            @Override // java.security.PrivilegedAction
            public Object run() {
                try {
                    return X509CertImpl.class.getMethod("get", String.class);
                } catch (Throwable th2) {
                    return th2;
                }
            }
        });
        if (!(doPrivileged4 instanceof Method)) {
            throw ((Throwable) doPrivileged4);
        }
        method2 = (Method) doPrivileged4;
        Object doPrivileged5 = AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: io.netty.handler.ssl.util.OpenJdkSelfSignedCertGenerator.5
            @Override // java.security.PrivilegedAction
            public Object run() {
                try {
                    return X509CertImpl.class.getMethod("sign", PrivateKey.class, String.class);
                } catch (Throwable th2) {
                    return th2;
                }
            }
        });
        if (!(doPrivileged5 instanceof Method)) {
            throw ((Throwable) doPrivileged5);
        }
        method3 = (Method) doPrivileged5;
        CERT_INFO_SET_METHOD = method;
        ISSUER_NAME_CONSTRUCTOR = constructor;
        CERT_IMPL_CONSTRUCTOR = constructor2;
        CERT_IMPL_GET_METHOD = method2;
        CERT_IMPL_SIGN_METHOD = method3;
    }
}
