package pro.gravit.launchserver.binary.tasks;

import java.io.IOException;
import java.math.BigInteger;
import java.nio.file.Path;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.time.LocalDate;
import java.time.LocalDateTime;
import java.time.ZoneId;
import java.util.ArrayList;
import java.util.Date;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.KeyPurposeId;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.X509v3CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import pro.gravit.launchserver.LaunchServer;
import pro.gravit.launchserver.helper.SignHelper;

/* loaded from: input_file:pro/gravit/launchserver/binary/tasks/CertificateAutogenTask.class */
public class CertificateAutogenTask implements LauncherBuildTask {
    private final LaunchServer server;
    private final transient Logger logger = LogManager.getLogger();
    public X509Certificate certificate;
    public X509CertificateHolder bcCertificate;
    public CMSSignedDataGenerator signedDataGenerator;

    public CertificateAutogenTask(LaunchServer launchServer) {
        this.server = launchServer;
    }

    @Override // pro.gravit.launchserver.binary.tasks.LauncherBuildTask
    public String getName() {
        return "CertificateAutogen";
    }

    /* JADX WARN: Type inference failed for: r4v2, types: [java.time.ZonedDateTime] */
    /* JADX WARN: Type inference failed for: r5v4, types: [java.time.ZonedDateTime] */
    @Override // pro.gravit.launchserver.binary.tasks.LauncherBuildTask
    public Path process(Path path) throws IOException {
        if (this.signedDataGenerator != null) {
            return path;
        }
        try {
            this.logger.warn("You are using an auto-generated certificate (sign.enabled false). It is not good");
            this.logger.warn("It is highly recommended that you use the correct certificate (sign.enabled true)");
            this.logger.warn("You can use GenerateCertificateModule or your own certificate.");
            X500NameBuilder x500NameBuilder = new X500NameBuilder();
            x500NameBuilder.addRDN(BCStyle.CN, this.server.config.projectName.concat(" Autogenerated"));
            x500NameBuilder.addRDN(BCStyle.O, this.server.config.projectName);
            LocalDateTime atStartOfDay = LocalDate.now().atStartOfDay();
            X509v3CertificateBuilder x509v3CertificateBuilder = new X509v3CertificateBuilder(x500NameBuilder.build(), new BigInteger("0"), Date.from(atStartOfDay.atZone(ZoneId.systemDefault()).toInstant()), Date.from(atStartOfDay.plusDays(3650L).atZone(ZoneId.systemDefault()).toInstant()), new X500Name("CN=ca"), SubjectPublicKeyInfo.getInstance(this.server.keyAgreementManager.ecdsaPublicKey.getEncoded()));
            x509v3CertificateBuilder.addExtension(Extension.extendedKeyUsage, false, new ExtendedKeyUsage(KeyPurposeId.id_kp_codeSigning));
            this.bcCertificate = x509v3CertificateBuilder.build(new JcaContentSignerBuilder("SHA256WITHECDSA").build(this.server.keyAgreementManager.ecdsaPrivateKey));
            this.certificate = new JcaX509CertificateConverter().setProvider("BC").getCertificate(this.bcCertificate);
            ArrayList arrayList = new ArrayList();
            arrayList.add(this.certificate);
            this.signedDataGenerator = SignHelper.createSignedDataGenerator(this.server.keyAgreementManager.ecdsaPrivateKey, this.certificate, arrayList, "SHA256WITHECDSA");
        } catch (OperatorCreationException | CMSException | CertificateException e) {
            this.logger.error("Certificate generate failed", e);
        }
        return path;
    }
}
