package test.de.iip_ecosphere.platform.connectors.opcuav1;

import com.google.common.collect.Sets;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Objects;
import java.util.UUID;
import java.util.concurrent.ExecutionException;
import java.util.regex.Pattern;
import java.util.stream.Stream;
import org.eclipse.milo.opcua.sdk.server.util.HostnameUtil;
import org.eclipse.milo.opcua.stack.core.util.SelfSignedCertificateBuilder;
import org.eclipse.milo.opcua.stack.core.util.SelfSignedCertificateGenerator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:test/de/iip_ecosphere/platform/connectors/opcuav1/ServerKeystoreLoader.class */
public class ServerKeystoreLoader {
    private static final String SERVER_ALIAS = "server-ai";
    private final Logger logger = LoggerFactory.getLogger(getClass());
    private X509Certificate[] serverCertificateChain;
    private X509Certificate serverCertificate;
    private KeyPair serverKeyPair;
    private static final Pattern IP_ADDR_PATTERN = Pattern.compile("^(([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.){3}([01]?\\d\\d?|2[0-4]\\d|25[0-5])$");
    private static final char[] PASSWORD = "password".toCharArray();

    /* JADX INFO: Access modifiers changed from: package-private */
    public ServerKeystoreLoader load(File file) throws ExecutionException {
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            File file2 = file.toPath().resolve("example-server.pfx").toFile();
            this.logger.info("Creating RSA 2048 KeyStore at {}", file2);
            if (file2.exists()) {
                keyStore.load(new FileInputStream(file2), PASSWORD);
            } else {
                keyStore.load(null, PASSWORD);
                KeyPair generateRsaKeyPair = SelfSignedCertificateGenerator.generateRsaKeyPair(2048);
                SelfSignedCertificateBuilder applicationUri = new SelfSignedCertificateBuilder(generateRsaKeyPair).setCommonName("Eclipse Milo Example Server").setOrganization("digitalpetri").setOrganizationalUnit("dev").setLocalityName("Folsom").setStateName("CA").setCountryCode("US").setApplicationUri("urn:eclipse:milo:examples:server:" + UUID.randomUUID());
                for (String str : Sets.union(Sets.newHashSet(new String[]{HostnameUtil.getHostname()}), HostnameUtil.getHostnames("0.0.0.0", false))) {
                    if (IP_ADDR_PATTERN.matcher(str).matches()) {
                        applicationUri.addIpAddress(str);
                    } else {
                        applicationUri.addDnsName(str);
                    }
                }
                keyStore.setKeyEntry(SERVER_ALIAS, generateRsaKeyPair.getPrivate(), PASSWORD, new X509Certificate[]{applicationUri.build()});
                keyStore.store(new FileOutputStream(file2), PASSWORD);
            }
            Key key = keyStore.getKey(SERVER_ALIAS, PASSWORD);
            if (key instanceof PrivateKey) {
                this.serverCertificate = (X509Certificate) keyStore.getCertificate(SERVER_ALIAS);
                Stream stream = Arrays.stream(keyStore.getCertificateChain(SERVER_ALIAS));
                Class<X509Certificate> cls = X509Certificate.class;
                Objects.requireNonNull(X509Certificate.class);
                this.serverCertificateChain = (X509Certificate[]) stream.map((v1) -> {
                    return r2.cast(v1);
                }).toArray(i -> {
                    return new X509Certificate[i];
                });
                this.serverKeyPair = new KeyPair(this.serverCertificate.getPublicKey(), (PrivateKey) key);
            }
            return this;
        } catch (Exception e) {
            throw new ExecutionException(e);
        }
    }

    X509Certificate getServerCertificate() {
        return this.serverCertificate;
    }

    public X509Certificate[] getServerCertificateChain() {
        return this.serverCertificateChain;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeyPair getServerKeyPair() {
        return this.serverKeyPair;
    }
}
