package com.creactiviti.spring.boot.starter.acme;

import java.io.File;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.StringWriter;
import java.net.URI;
import java.security.KeyPair;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import org.apache.commons.io.IOUtils;
import org.shredzone.acme4j.Authorization;
import org.shredzone.acme4j.Certificate;
import org.shredzone.acme4j.Registration;
import org.shredzone.acme4j.RegistrationBuilder;
import org.shredzone.acme4j.Session;
import org.shredzone.acme4j.Status;
import org.shredzone.acme4j.challenge.Challenge;
import org.shredzone.acme4j.challenge.Http01Challenge;
import org.shredzone.acme4j.exception.AcmeConflictException;
import org.shredzone.acme4j.exception.AcmeException;
import org.shredzone.acme4j.util.CSRBuilder;
import org.shredzone.acme4j.util.CertificateUtils;
import org.shredzone.acme4j.util.KeyPairUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.util.Assert;

@Component
/* loaded from: input_file:com/creactiviti/spring/boot/starter/acme/CertGenerator.class */
public class CertGenerator {
    private final ChallengeStore challengeStore;
    private final AcmeConfigProperties config;
    private static final int KEY_SIZE = 2048;
    private static final Logger logger = LoggerFactory.getLogger(ChallengeController.class);

    public CertGenerator(ChallengeStore challengeStore, AcmeConfigProperties acmeConfigProperties) {
        this.challengeStore = challengeStore;
        this.config = acmeConfigProperties;
    }

    public void generate(String str) throws Exception {
        Registration orCreateAccount = getOrCreateAccount(new Session(this.config.getEndpoint(), loadOrCreateKeyPair(new File(this.config.getUserKeyFile()))));
        authorize(orCreateAccount, str);
        KeyPair loadOrCreateKeyPair = loadOrCreateKeyPair(new File(this.config.getDomainKeyFile()));
        CSRBuilder cSRBuilder = new CSRBuilder();
        cSRBuilder.addDomains(Arrays.asList(str));
        cSRBuilder.sign(loadOrCreateKeyPair);
        FileWriter fileWriter = new FileWriter(new File(this.config.getDomainCsrFile()));
        Throwable th = null;
        try {
            try {
                cSRBuilder.write(fileWriter);
                if (fileWriter != null) {
                    if (0 != 0) {
                        try {
                            fileWriter.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        fileWriter.close();
                    }
                }
                Certificate requestCertificate = orCreateAccount.requestCertificate(cSRBuilder.getEncoded());
                logger.info("Success! The certificate for domain {} has been generated!", str);
                logger.info("Certificate URL: {}", requestCertificate.getLocation());
                X509Certificate download = requestCertificate.download();
                X509Certificate[] downloadChain = requestCertificate.downloadChain();
                FileWriter fileWriter2 = new FileWriter(new File(this.config.getDomainChainFile()));
                Throwable th3 = null;
                try {
                    try {
                        CertificateUtils.writeX509CertificateChain(fileWriter2, download, downloadChain);
                        if (fileWriter2 != null) {
                            if (0 != 0) {
                                try {
                                    fileWriter2.close();
                                } catch (Throwable th4) {
                                    th3.addSuppressed(th4);
                                }
                            } else {
                                fileWriter2.close();
                            }
                        }
                        ProcessBuilder processBuilder = new ProcessBuilder("openssl", "pkcs12", "-export", "-out", this.config.getKeyStoreFile(), "-inkey", this.config.getDomainKeyFile(), "-in", this.config.getDomainChainFile(), "-password", "pass:" + this.config.getKeyStorePassword());
                        processBuilder.redirectErrorStream(true);
                        Process start = processBuilder.start();
                        int waitFor = start.waitFor();
                        InputStream inputStream = start.getInputStream();
                        Throwable th5 = null;
                        try {
                            StringWriter stringWriter = new StringWriter();
                            Throwable th6 = null;
                            try {
                                try {
                                    IOUtils.copy(inputStream, stringWriter, "ASCII");
                                    logger.debug("openssl finished with exit code {} \n{}", Integer.valueOf(waitFor), stringWriter.toString());
                                    if (stringWriter != null) {
                                        if (0 != 0) {
                                            try {
                                                stringWriter.close();
                                            } catch (Throwable th7) {
                                                th6.addSuppressed(th7);
                                            }
                                        } else {
                                            stringWriter.close();
                                        }
                                    }
                                    if (inputStream != null) {
                                        if (0 == 0) {
                                            inputStream.close();
                                            return;
                                        }
                                        try {
                                            inputStream.close();
                                        } catch (Throwable th8) {
                                            th5.addSuppressed(th8);
                                        }
                                    }
                                } catch (Throwable th9) {
                                    th6 = th9;
                                    throw th9;
                                }
                            } catch (Throwable th10) {
                                if (stringWriter != null) {
                                    if (th6 != null) {
                                        try {
                                            stringWriter.close();
                                        } catch (Throwable th11) {
                                            th6.addSuppressed(th11);
                                        }
                                    } else {
                                        stringWriter.close();
                                    }
                                }
                                throw th10;
                            }
                        } catch (Throwable th12) {
                            if (inputStream != null) {
                                if (0 != 0) {
                                    try {
                                        inputStream.close();
                                    } catch (Throwable th13) {
                                        th5.addSuppressed(th13);
                                    }
                                } else {
                                    inputStream.close();
                                }
                            }
                            throw th12;
                        }
                    } catch (Throwable th14) {
                        th3 = th14;
                        throw th14;
                    }
                } catch (Throwable th15) {
                    if (fileWriter2 != null) {
                        if (th3 != null) {
                            try {
                                fileWriter2.close();
                            } catch (Throwable th16) {
                                th3.addSuppressed(th16);
                            }
                        } else {
                            fileWriter2.close();
                        }
                    }
                    throw th15;
                }
            } catch (Throwable th17) {
                th = th17;
                throw th17;
            }
        } catch (Throwable th18) {
            if (fileWriter != null) {
                if (th != null) {
                    try {
                        fileWriter.close();
                    } catch (Throwable th19) {
                        th.addSuppressed(th19);
                    }
                } else {
                    fileWriter.close();
                }
            }
            throw th18;
        }
    }

    private KeyPair loadOrCreateKeyPair(File file) throws IOException {
        if (file.exists()) {
            FileReader fileReader = new FileReader(file);
            Throwable th = null;
            try {
                KeyPair readKeyPair = KeyPairUtils.readKeyPair(fileReader);
                if (fileReader != null) {
                    if (0 != 0) {
                        try {
                            fileReader.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        fileReader.close();
                    }
                }
                return readKeyPair;
            } catch (Throwable th3) {
                if (fileReader != null) {
                    if (0 != 0) {
                        try {
                            fileReader.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        fileReader.close();
                    }
                }
                throw th3;
            }
        }
        KeyPair createKeyPair = KeyPairUtils.createKeyPair(KEY_SIZE);
        FileWriter fileWriter = new FileWriter(file);
        Throwable th5 = null;
        try {
            try {
                KeyPairUtils.writeKeyPair(createKeyPair, fileWriter);
                if (fileWriter != null) {
                    if (0 != 0) {
                        try {
                            fileWriter.close();
                        } catch (Throwable th6) {
                            th5.addSuppressed(th6);
                        }
                    } else {
                        fileWriter.close();
                    }
                }
                return createKeyPair;
            } finally {
            }
        } catch (Throwable th7) {
            if (fileWriter != null) {
                if (th5 != null) {
                    try {
                        fileWriter.close();
                    } catch (Throwable th8) {
                        th5.addSuppressed(th8);
                    }
                } else {
                    fileWriter.close();
                }
            }
            throw th7;
        }
    }

    private Registration getOrCreateAccount(Session session) throws AcmeException {
        Registration bind;
        try {
            bind = new RegistrationBuilder().create(session);
            logger.info("Registered a new user, URL: " + bind.getLocation());
            URI agreement = bind.getAgreement();
            logger.info("Terms of Service: " + agreement);
            acceptAgreement(bind, agreement);
        } catch (AcmeConflictException e) {
            bind = Registration.bind(session, e.getLocation());
            logger.info("Account does already exist, URL: " + bind.getLocation(), e);
        }
        return bind;
    }

    private void authorize(Registration registration, String str) throws AcmeException {
        Authorization authorizeDomain = registration.authorizeDomain(str);
        logger.info("Authorization for domain " + str);
        Challenge httpChallenge = httpChallenge(authorizeDomain, str);
        if (httpChallenge.getStatus() == Status.VALID) {
            return;
        }
        httpChallenge.trigger();
        int i = 10;
        while (httpChallenge.getStatus() != Status.VALID) {
            try {
                int i2 = i;
                i--;
                if (i2 <= 0) {
                    break;
                }
                if (httpChallenge.getStatus() == Status.INVALID) {
                    throw new AcmeException("Challenge failed... Giving up.");
                }
                Thread.sleep(3000L);
                httpChallenge.update();
            } catch (InterruptedException e) {
                logger.error("interrupted", e);
            }
        }
        if (httpChallenge.getStatus() != Status.VALID) {
            throw new AcmeException("Failed to pass the challenge for domain " + str + ", ... Giving up.");
        }
    }

    private Challenge httpChallenge(Authorization authorization, String str) throws AcmeException {
        Http01Challenge findChallenge = authorization.findChallenge("http-01");
        if (findChallenge == null) {
            throw new AcmeException("Found no http-01 challenge, don't know what to do...");
        }
        this.challengeStore.put(findChallenge.getToken(), findChallenge.getAuthorization());
        return findChallenge;
    }

    private void acceptAgreement(Registration registration, URI uri) throws AcmeException {
        Assert.isTrue(this.config.isAcceptTermsOfService(), "You must accept the TOS: " + uri + " by setting the property acme.accept-terms-of-service to true");
        registration.modify().setAgreement(uri).commit();
        logger.info("Updated user's ToS");
    }
}
