package io.netty.handler.ssl.util;

import io.netty.util.internal.PlatformDependent;
import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory;
import java.lang.invoke.MethodHandle;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.math.BigInteger;
import java.security.AccessController;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PrivilegedAction;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:io/netty/handler/ssl/util/OpenJdkSelfSignedCertGenerator.class */
public final class OpenJdkSelfSignedCertGenerator {
    private static final InternalLogger logger = InternalLoggerFactory.getInstance((Class<?>) OpenJdkSelfSignedCertGenerator.class);
    private static final MethodHandle CERT_INFO_SET_HANDLE;
    private static final MethodHandle ISSUER_NAME_CONSTRUCTOR;
    private static final MethodHandle CERT_IMPL_CONSTRUCTOR;
    private static final MethodHandle X509_CERT_INFO_CONSTRUCTOR;
    private static final MethodHandle CERTIFICATE_VERSION_CONSTRUCTOR;
    private static final MethodHandle CERTIFICATE_SUBJECT_NAME_CONSTRUCTOR;
    private static final MethodHandle X500_NAME_CONSTRUCTOR;
    private static final MethodHandle CERTIFICATE_SERIAL_NUMBER_CONSTRUCTOR;
    private static final MethodHandle CERTIFICATE_VALIDITY_CONSTRUCTOR;
    private static final MethodHandle CERTIFICATE_X509_KEY_CONSTRUCTOR;
    private static final MethodHandle CERTIFICATE_ALORITHM_ID_CONSTRUCTOR;
    private static final MethodHandle CERT_IMPL_GET_HANDLE;
    private static final MethodHandle CERT_IMPL_SIGN_HANDLE;
    private static final MethodHandle ALGORITHM_ID_GET_HANDLE;
    private static final boolean SUPPORTED;

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String[] generate(String str, KeyPair keyPair, SecureRandom secureRandom, Date date, Date date2, String str2) throws Exception {
        if (!SUPPORTED) {
            throw new UnsupportedOperationException(OpenJdkSelfSignedCertGenerator.class.getSimpleName() + " not supported on the used JDK version");
        }
        try {
            PrivateKey privateKey = keyPair.getPrivate();
            Object invoke = (Object) X509_CERT_INFO_CONSTRUCTOR.invoke();
            Object invoke2 = (Object) X500_NAME_CONSTRUCTOR.invoke("CN=" + str);
            (void) CERT_INFO_SET_HANDLE.invoke(invoke, "version", (Object) CERTIFICATE_VERSION_CONSTRUCTOR.invoke(2));
            (void) CERT_INFO_SET_HANDLE.invoke(invoke, "serialNumber", (Object) CERTIFICATE_SERIAL_NUMBER_CONSTRUCTOR.invoke(new BigInteger(64, secureRandom)));
            try {
                (void) CERT_INFO_SET_HANDLE.invoke(invoke, "subject", (Object) CERTIFICATE_SUBJECT_NAME_CONSTRUCTOR.invoke(invoke2));
            } catch (CertificateException e) {
                (void) CERT_INFO_SET_HANDLE.invoke(invoke, "subject", invoke2);
            }
            try {
                (void) CERT_INFO_SET_HANDLE.invoke(invoke, "issuer", (Object) ISSUER_NAME_CONSTRUCTOR.invoke(invoke2));
            } catch (CertificateException e2) {
                (void) CERT_INFO_SET_HANDLE.invoke(invoke, "issuer", invoke2);
            }
            (void) CERT_INFO_SET_HANDLE.invoke(invoke, "validity", (Object) CERTIFICATE_VALIDITY_CONSTRUCTOR.invoke(date, date2));
            (void) CERT_INFO_SET_HANDLE.invoke(invoke, "key", (Object) CERTIFICATE_X509_KEY_CONSTRUCTOR.invoke(keyPair.getPublic()));
            (void) CERT_INFO_SET_HANDLE.invoke(invoke, "algorithmID", (Object) CERTIFICATE_ALORITHM_ID_CONSTRUCTOR.invoke((Object) ALGORITHM_ID_GET_HANDLE.invoke("1.2.840.113549.1.1.11")));
            Object invoke3 = (Object) CERT_IMPL_CONSTRUCTOR.invoke(invoke);
            (void) CERT_IMPL_SIGN_HANDLE.invoke(invoke3, privateKey, str2.equalsIgnoreCase("EC") ? "SHA256withECDSA" : "SHA256withRSA");
            (void) CERT_INFO_SET_HANDLE.invoke(invoke, "algorithmID.algorithm", (Object) CERT_IMPL_GET_HANDLE.invoke(invoke3, "x509.algorithm"));
            Object invoke4 = (Object) CERT_IMPL_CONSTRUCTOR.invoke(invoke);
            (void) CERT_IMPL_SIGN_HANDLE.invoke(invoke4, privateKey, str2.equalsIgnoreCase("EC") ? "SHA256withECDSA" : "SHA256withRSA");
            X509Certificate x509Certificate = (X509Certificate) invoke4;
            x509Certificate.verify(keyPair.getPublic());
            return SelfSignedCertificate.newSelfSignedCertificate(str, privateKey, x509Certificate);
        } catch (Throwable th) {
            if (th instanceof Exception) {
                throw ((Exception) th);
            }
            if (th instanceof Error) {
                throw ((Error) th);
            }
            throw new IllegalStateException(th);
        }
    }

    private OpenJdkSelfSignedCertGenerator() {
    }

    static {
        boolean z;
        Object doPrivileged;
        final MethodHandles.Lookup lookup = MethodHandles.lookup();
        MethodHandle methodHandle = null;
        MethodHandle methodHandle2 = null;
        MethodHandle methodHandle3 = null;
        MethodHandle methodHandle4 = null;
        MethodHandle methodHandle5 = null;
        MethodHandle methodHandle6 = null;
        MethodHandle methodHandle7 = null;
        MethodHandle methodHandle8 = null;
        MethodHandle methodHandle9 = null;
        MethodHandle methodHandle10 = null;
        MethodHandle methodHandle11 = null;
        MethodHandle methodHandle12 = null;
        MethodHandle methodHandle13 = null;
        MethodHandle methodHandle14 = null;
        try {
            doPrivileged = AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: io.netty.handler.ssl.util.OpenJdkSelfSignedCertGenerator.1
                @Override // java.security.PrivilegedAction
                public Object run() {
                    try {
                        ArrayList arrayList = new ArrayList();
                        arrayList.add(Class.forName("sun.security.x509.X509CertInfo", false, PlatformDependent.getClassLoader(OpenJdkSelfSignedCertGenerator.class)));
                        arrayList.add(Class.forName("sun.security.x509.X500Name", false, PlatformDependent.getClassLoader(OpenJdkSelfSignedCertGenerator.class)));
                        arrayList.add(Class.forName("sun.security.x509.CertificateIssuerName", false, PlatformDependent.getClassLoader(OpenJdkSelfSignedCertGenerator.class)));
                        arrayList.add(Class.forName("sun.security.x509.X509CertImpl", false, PlatformDependent.getClassLoader(OpenJdkSelfSignedCertGenerator.class)));
                        arrayList.add(Class.forName("sun.security.x509.CertificateVersion", false, PlatformDependent.getClassLoader(OpenJdkSelfSignedCertGenerator.class)));
                        arrayList.add(Class.forName("sun.security.x509.CertificateSubjectName", false, PlatformDependent.getClassLoader(OpenJdkSelfSignedCertGenerator.class)));
                        arrayList.add(Class.forName("sun.security.x509.CertificateSerialNumber", false, PlatformDependent.getClassLoader(OpenJdkSelfSignedCertGenerator.class)));
                        arrayList.add(Class.forName("sun.security.x509.CertificateValidity", false, PlatformDependent.getClassLoader(OpenJdkSelfSignedCertGenerator.class)));
                        arrayList.add(Class.forName("sun.security.x509.CertificateX509Key", false, PlatformDependent.getClassLoader(OpenJdkSelfSignedCertGenerator.class)));
                        arrayList.add(Class.forName("sun.security.x509.AlgorithmId", false, PlatformDependent.getClassLoader(OpenJdkSelfSignedCertGenerator.class)));
                        arrayList.add(Class.forName("sun.security.x509.CertificateAlgorithmId", false, PlatformDependent.getClassLoader(OpenJdkSelfSignedCertGenerator.class)));
                        return arrayList;
                    } catch (Throwable th) {
                        return th;
                    }
                }
            });
        } catch (Throwable th) {
            z = false;
            logger.debug(OpenJdkSelfSignedCertGenerator.class.getSimpleName() + " not supported", th);
        }
        if (!(doPrivileged instanceof List)) {
            throw ((Throwable) doPrivileged);
        }
        List list = (List) doPrivileged;
        final Class cls = (Class) list.get(0);
        final Class cls2 = (Class) list.get(1);
        final Class cls3 = (Class) list.get(2);
        final Class cls4 = (Class) list.get(3);
        final Class cls5 = (Class) list.get(4);
        final Class cls6 = (Class) list.get(5);
        final Class cls7 = (Class) list.get(6);
        final Class cls8 = (Class) list.get(7);
        final Class cls9 = (Class) list.get(8);
        final Class cls10 = (Class) list.get(9);
        final Class cls11 = (Class) list.get(10);
        Object doPrivileged2 = AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: io.netty.handler.ssl.util.OpenJdkSelfSignedCertGenerator.2
            @Override // java.security.PrivilegedAction
            public Object run() {
                try {
                    ArrayList arrayList = new ArrayList();
                    arrayList.add(lookup.unreflectConstructor(cls.getConstructor(new Class[0])).asType(MethodType.methodType(cls)));
                    arrayList.add(lookup.unreflectConstructor(cls3.getConstructor(cls2)).asType(MethodType.methodType((Class<?>) cls3, (Class<?>) cls2)));
                    arrayList.add(lookup.unreflectConstructor(cls4.getConstructor(cls)).asType(MethodType.methodType((Class<?>) cls4, (Class<?>) cls)));
                    arrayList.add(lookup.unreflectConstructor(cls2.getConstructor(String.class)).asType(MethodType.methodType((Class<?>) cls2, (Class<?>) String.class)));
                    arrayList.add(lookup.unreflectConstructor(cls5.getConstructor(Integer.TYPE)).asType(MethodType.methodType((Class<?>) cls5, (Class<?>) Integer.TYPE)));
                    arrayList.add(lookup.unreflectConstructor(cls6.getConstructor(cls2)).asType(MethodType.methodType((Class<?>) cls6, (Class<?>) cls2)));
                    arrayList.add(lookup.unreflectConstructor(cls7.getConstructor(BigInteger.class)).asType(MethodType.methodType((Class<?>) cls7, (Class<?>) BigInteger.class)));
                    arrayList.add(lookup.unreflectConstructor(cls8.getConstructor(Date.class, Date.class)).asType(MethodType.methodType(cls8, Date.class, Date.class)));
                    arrayList.add(lookup.unreflectConstructor(cls9.getConstructor(PublicKey.class)).asType(MethodType.methodType((Class<?>) cls9, (Class<?>) PublicKey.class)));
                    arrayList.add(lookup.unreflectConstructor(cls11.getConstructor(cls10)).asType(MethodType.methodType((Class<?>) cls11, (Class<?>) cls10)));
                    return arrayList;
                } catch (Throwable th2) {
                    return th2;
                }
            }
        });
        if (!(doPrivileged2 instanceof List)) {
            throw ((Throwable) doPrivileged2);
        }
        List list2 = (List) doPrivileged2;
        methodHandle2 = (MethodHandle) list2.get(0);
        methodHandle3 = (MethodHandle) list2.get(1);
        methodHandle4 = (MethodHandle) list2.get(2);
        methodHandle5 = (MethodHandle) list2.get(3);
        methodHandle6 = (MethodHandle) list2.get(4);
        methodHandle7 = (MethodHandle) list2.get(5);
        methodHandle8 = (MethodHandle) list2.get(6);
        methodHandle9 = (MethodHandle) list2.get(7);
        methodHandle10 = (MethodHandle) list2.get(8);
        methodHandle11 = (MethodHandle) list2.get(9);
        Object doPrivileged3 = AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: io.netty.handler.ssl.util.OpenJdkSelfSignedCertGenerator.3
            @Override // java.security.PrivilegedAction
            public Object run() {
                try {
                    ArrayList arrayList = new ArrayList();
                    arrayList.add(lookup.findVirtual(cls, "set", MethodType.methodType(Void.TYPE, String.class, Object.class)));
                    arrayList.add(lookup.findVirtual(cls4, "get", MethodType.methodType((Class<?>) Object.class, (Class<?>) String.class)));
                    arrayList.add(lookup.findVirtual(cls4, "sign", MethodType.methodType(Void.TYPE, PrivateKey.class, String.class)));
                    arrayList.add(lookup.findStatic(cls10, "get", MethodType.methodType((Class<?>) cls10, (Class<?>) String.class)));
                    return arrayList;
                } catch (Throwable th2) {
                    return th2;
                }
            }
        });
        if (!(doPrivileged3 instanceof List)) {
            throw ((Throwable) doPrivileged3);
        }
        List list3 = (List) doPrivileged3;
        methodHandle = (MethodHandle) list3.get(0);
        methodHandle12 = (MethodHandle) list3.get(1);
        methodHandle13 = (MethodHandle) list3.get(2);
        methodHandle14 = (MethodHandle) list3.get(3);
        z = true;
        CERT_INFO_SET_HANDLE = methodHandle;
        X509_CERT_INFO_CONSTRUCTOR = methodHandle2;
        ISSUER_NAME_CONSTRUCTOR = methodHandle3;
        CERTIFICATE_VERSION_CONSTRUCTOR = methodHandle6;
        CERTIFICATE_SUBJECT_NAME_CONSTRUCTOR = methodHandle7;
        CERT_IMPL_CONSTRUCTOR = methodHandle4;
        X500_NAME_CONSTRUCTOR = methodHandle5;
        CERTIFICATE_SERIAL_NUMBER_CONSTRUCTOR = methodHandle8;
        CERTIFICATE_VALIDITY_CONSTRUCTOR = methodHandle9;
        CERTIFICATE_X509_KEY_CONSTRUCTOR = methodHandle10;
        CERT_IMPL_GET_HANDLE = methodHandle12;
        CERT_IMPL_SIGN_HANDLE = methodHandle13;
        ALGORITHM_ID_GET_HANDLE = methodHandle14;
        CERTIFICATE_ALORITHM_ID_CONSTRUCTOR = methodHandle11;
        SUPPORTED = z;
    }
}
