package org.rapidoid.net.tls;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.Date;
import org.rapidoid.RapidoidThing;
import org.rapidoid.u.U;
import sun.security.tools.keytool.CertAndKeyGen;
import sun.security.x509.X500Name;

/* loaded from: input_file:org/rapidoid/net/tls/SelfSignedCertGen.class */
public class SelfSignedCertGen extends RapidoidThing {
    public static void generate(SelfSignedCertInfo selfSignedCertInfo, String str, char[] cArr) throws Exception {
        U.must(U.notEmpty(selfSignedCertInfo.alias()), "The alias must be specified!");
        U.must(selfSignedCertInfo.password() != null, "The password must be specified!");
        CertAndKeyGen certAndKeyGen = new CertAndKeyGen("RSA", "SHA1WithRSA", (String) null);
        certAndKeyGen.generate(selfSignedCertInfo.keysize());
        X509Certificate[] x509CertificateArr = {certAndKeyGen.getSelfCertificate(x500Name(selfSignedCertInfo), new Date(), selfSignedCertInfo.validity() * 24 * 3600)};
        KeyStore keyStore = KeyStore.getInstance("JKS");
        if (new File(str).exists()) {
            keyStore.load(new FileInputStream(str), cArr);
        } else {
            keyStore.load(null, null);
        }
        keyStore.setKeyEntry(selfSignedCertInfo.alias(), certAndKeyGen.getPrivateKey(), selfSignedCertInfo.password(), x509CertificateArr);
        keyStore.store(new FileOutputStream(str), cArr);
    }

    private static X500Name x500Name(SelfSignedCertInfo selfSignedCertInfo) throws IOException {
        return new X500Name(selfSignedCertInfo.name(), selfSignedCertInfo.unit(), selfSignedCertInfo.organization(), selfSignedCertInfo.locality(), selfSignedCertInfo.state(), selfSignedCertInfo.country());
    }
}
