package org.apache.qpid.test.utils.tls;

import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.FileSystems;
import java.nio.file.FileVisitOption;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.attribute.FileAttribute;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CRLException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.time.Instant;
import java.util.Comparator;
import java.util.stream.Stream;
import org.junit.jupiter.api.extension.AfterEachCallback;
import org.junit.jupiter.api.extension.BeforeAllCallback;
import org.junit.jupiter.api.extension.BeforeEachCallback;
import org.junit.jupiter.api.extension.Extension;
import org.junit.jupiter.api.extension.ExtensionContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/qpid/test/utils/tls/TlsResource.class */
public class TlsResource implements Extension, AfterEachCallback, BeforeEachCallback, BeforeAllCallback, ExtensionContext.Store.CloseableResource {
    private static final String PRIVATE_KEY_ALIAS = "private-key-alias";
    private static final String CERTIFICATE_ALIAS = "certificate-alias";
    private static final String SECRET = "secret";
    private static final Logger LOGGER = LoggerFactory.getLogger(TlsResource.class);
    private Path _keystoreDirectory;
    private final String _privateKeyAlias;
    private final String _certificateAlias;
    private final String _secret;
    private final String _keyStoreType;

    public TlsResource() {
        this(PRIVATE_KEY_ALIAS, CERTIFICATE_ALIAS, SECRET, KeyStore.getDefaultType());
    }

    public TlsResource(String str, String str2, String str3, String str4) {
        this._privateKeyAlias = str;
        this._certificateAlias = str2;
        this._secret = str3;
        this._keyStoreType = str4;
    }

    public void beforeAll(ExtensionContext extensionContext) throws IOException {
        if (this._keystoreDirectory != null) {
            return;
        }
        this._keystoreDirectory = Files.createTempDirectory(FileSystems.getDefault().getPath("target", new String[0]), "test-tls-resources-", new FileAttribute[0]);
        LOGGER.debug("Test keystore directory is created : '{}'", this._keystoreDirectory);
    }

    public void close() {
        deleteFiles();
    }

    public void beforeEach(ExtensionContext extensionContext) throws IOException {
        this._keystoreDirectory = Files.createTempDirectory(FileSystems.getDefault().getPath("target", new String[0]), "test-tls-resources-", new FileAttribute[0]);
        LOGGER.debug("Test keystore directory is created : '{}'", this._keystoreDirectory);
    }

    public void afterEach(ExtensionContext extensionContext) {
        deleteFiles();
    }

    public String getSecret() {
        return this._secret;
    }

    public char[] getSecretAsCharacters() {
        return this._secret == null ? new char[0] : this._secret.toCharArray();
    }

    public String getPrivateKeyAlias() {
        return this._privateKeyAlias;
    }

    public String getCertificateAlias() {
        return this._certificateAlias;
    }

    public String getKeyStoreType() {
        return this._keyStoreType;
    }

    public Path createKeyStore(KeyStoreEntry... keyStoreEntryArr) throws Exception {
        return createKeyStore(getKeyStoreType(), keyStoreEntryArr);
    }

    public Path createKeyStore(String str, KeyStoreEntry... keyStoreEntryArr) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        return saveKeyStore(str, TlsResourceHelper.createKeyStore(str, getSecretAsCharacters(), keyStoreEntryArr));
    }

    public String createKeyStoreAsDataUrl(KeyStoreEntry... keyStoreEntryArr) throws Exception {
        return TlsResourceHelper.createKeyStoreAsDataUrl(getKeyStoreType(), getSecretAsCharacters(), keyStoreEntryArr);
    }

    public Path createSelfSignedKeyStore(String str) throws Exception {
        KeyCertificatePair createSelfSigned = TlsResourceBuilder.createSelfSigned(str, new AlternativeName[0]);
        return createKeyStore(new PrivateKeyEntry(this._privateKeyAlias, createSelfSigned.getPrivateKey(), createSelfSigned.getCertificate()));
    }

    public String createSelfSignedKeyStoreAsDataUrl(String str) throws Exception {
        KeyCertificatePair createSelfSigned = TlsResourceBuilder.createSelfSigned(str, new AlternativeName[0]);
        return createKeyStoreAsDataUrl(new PrivateKeyEntry(this._privateKeyAlias, createSelfSigned.getPrivateKey(), createSelfSigned.getCertificate()));
    }

    public Path createSelfSignedTrustStore(String str) throws Exception {
        return createKeyStore(new CertificateEntry(this._certificateAlias, TlsResourceBuilder.createSelfSigned(str, new AlternativeName[0]).getCertificate()));
    }

    public Path createSelfSignedTrustStore(String str, Instant instant, Instant instant2) throws Exception {
        return createKeyStore(new CertificateEntry(this._certificateAlias, TlsResourceBuilder.createSelfSigned(str, instant, instant2, new AlternativeName[0]).getCertificate()));
    }

    public String createSelfSignedTrustStoreAsDataUrl(String str) throws Exception {
        return createKeyStoreAsDataUrl(new CertificateEntry(this._certificateAlias, TlsResourceBuilder.createSelfSigned(str, new AlternativeName[0]).getCertificate()));
    }

    public Path createTrustStore(String str, KeyCertificatePair keyCertificatePair) throws Exception {
        return createKeyStore(getKeyStoreType(), new CertificateEntry(this._certificateAlias, TlsResourceBuilder.createKeyPairAndCertificate(str, keyCertificatePair, new AlternativeName[0]).getCertificate()));
    }

    public Path createSelfSignedKeyStoreWithCertificate(String str) throws Exception {
        KeyCertificatePair createSelfSigned = TlsResourceBuilder.createSelfSigned(str, new AlternativeName[0]);
        return createKeyStore(new PrivateKeyEntry(this._privateKeyAlias, createSelfSigned.getPrivateKey(), createSelfSigned.getCertificate()), new CertificateEntry(this._certificateAlias, createSelfSigned.getCertificate()));
    }

    public Path createCrl(KeyCertificatePair keyCertificatePair, X509Certificate... x509CertificateArr) throws CRLException {
        X509CRL createCertificateRevocationList = TlsResourceBuilder.createCertificateRevocationList(keyCertificatePair, x509CertificateArr);
        try {
            Path createFile = createFile(".crl");
            FileOutputStream fileOutputStream = new FileOutputStream(createFile.toFile());
            try {
                TlsResourceHelper.saveCrlAsPem(fileOutputStream, createCertificateRevocationList);
                fileOutputStream.close();
                return createFile;
            } finally {
            }
        } catch (IOException e) {
            throw new CRLException(e);
        }
    }

    public Path createCrlAsDer(KeyCertificatePair keyCertificatePair, X509Certificate... x509CertificateArr) throws CRLException, IOException {
        return saveBytes(TlsResourceBuilder.createCertificateRevocationList(keyCertificatePair, x509CertificateArr).getEncoded(), ".crl");
    }

    public String createCrlAsDataUrl(KeyCertificatePair keyCertificatePair, X509Certificate... x509CertificateArr) throws CRLException {
        return TlsResourceHelper.getDataUrlForBytes(TlsResourceBuilder.createCertificateRevocationList(keyCertificatePair, x509CertificateArr).getEncoded());
    }

    public Path savePrivateKeyAsPem(PrivateKey privateKey) throws IOException {
        Path createFile = createFile(".pk.pem");
        FileOutputStream fileOutputStream = new FileOutputStream(createFile.toFile());
        try {
            TlsResourceHelper.savePrivateKeyAsPem(fileOutputStream, privateKey);
            fileOutputStream.close();
            return createFile;
        } catch (Throwable th) {
            try {
                fileOutputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public Path saveCertificateAsPem(X509Certificate... x509CertificateArr) throws IOException, CertificateEncodingException {
        Path createFile = createFile(".cer.pem");
        FileOutputStream fileOutputStream = new FileOutputStream(createFile.toFile());
        try {
            TlsResourceHelper.saveCertificateAsPem(fileOutputStream, x509CertificateArr);
            fileOutputStream.close();
            return createFile;
        } catch (Throwable th) {
            try {
                fileOutputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public Path savePrivateKeyAsDer(PrivateKey privateKey) throws IOException {
        return saveBytes(privateKey.getEncoded(), ".pk.der");
    }

    public Path saveCertificateAsDer(X509Certificate x509Certificate) throws CertificateEncodingException, IOException {
        return saveBytes(x509Certificate.getEncoded(), ".cer.der");
    }

    public Path createFile(String str) throws IOException {
        return Files.createTempFile(this._keystoreDirectory, "tls", str, new FileAttribute[0]);
    }

    private Path saveBytes(byte[] bArr, String str) throws IOException {
        Path createFile = createFile(str);
        FileOutputStream fileOutputStream = new FileOutputStream(createFile.toFile());
        try {
            fileOutputStream.write(bArr);
            fileOutputStream.close();
            return createFile;
        } catch (Throwable th) {
            try {
                fileOutputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private Path saveKeyStore(String str, KeyStore keyStore) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        Path createFile = createFile("." + str);
        TlsResourceHelper.saveKeyStoreIntoFile(keyStore, getSecretAsCharacters(), createFile.toFile());
        return createFile;
    }

    private void deleteFiles() {
        try {
            Stream<Path> walk = Files.walk(this._keystoreDirectory, new FileVisitOption[0]);
            try {
                walk.sorted(Comparator.reverseOrder()).map((v0) -> {
                    return v0.toFile();
                }).forEach(file -> {
                    if (file.delete()) {
                        return;
                    }
                    LOGGER.warn("Could not delete file at {}", file.getAbsolutePath());
                });
                if (walk != null) {
                    walk.close();
                }
            } finally {
            }
        } catch (Exception e) {
            LOGGER.warn("Failure to clean up test resources", e);
        }
    }
}
