package org.jboss.intersmash.util.tls;

import cz.xtf.core.config.OpenShiftConfig;
import cz.xtf.core.openshift.OpenShifts;
import io.fabric8.kubernetes.api.model.Secret;
import io.fabric8.kubernetes.api.model.SecretBuilder;
import io.fabric8.kubernetes.client.dsl.NonNamespaceOperation;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.attribute.FileAttribute;
import java.text.MessageFormat;
import java.util.Base64;
import java.util.HashMap;
import java.util.Objects;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jboss/intersmash/util/tls/CertificatesUtils.class */
public class CertificatesUtils {
    private static final Logger log = LoggerFactory.getLogger(CertificatesUtils.class);
    private static Path caDir;

    /* loaded from: input_file:org/jboss/intersmash/util/tls/CertificatesUtils$CertificateAndKey.class */
    public static class CertificateAndKey {
        public Path certificate;
        public Path key;
        public Path truststore;
        public String truststorePassword;
        public String truststoreAlias;
        public boolean existing = false;
        public Secret tlsSecret;
    }

    public static CertificateAndKey generateSelfSignedCertificateAndKey(String str, String str2) {
        CertificateAndKey certificateAndKey = new CertificateAndKey();
        String str3 = str + "-certificate.pem";
        String str4 = str + "-key.pem";
        String str5 = str + "-truststore." + "jks";
        certificateAndKey.key = Paths.get(caDir.toFile().getAbsolutePath(), str4);
        certificateAndKey.certificate = Paths.get(caDir.toFile().getAbsolutePath(), str3);
        certificateAndKey.truststore = Paths.get(caDir.toFile().getAbsolutePath(), str5);
        certificateAndKey.truststoreAlias = str;
        certificateAndKey.truststorePassword = "1234PIPPOBAUDO";
        if (caDir.resolve(str3).toFile().exists() && caDir.resolve(str4).toFile().exists() && caDir.resolve(str5).toFile().exists()) {
            certificateAndKey.existing = true;
            Secret secret = OpenShifts.master().getSecret(str2);
            if (Objects.isNull(secret)) {
                throw new RuntimeException(MessageFormat.format("Secret {} doesn't exist!", str2));
            }
            certificateAndKey.tlsSecret = secret;
            return certificateAndKey;
        }
        processCall(caDir, "openssl", "req", "-subj", "/CN=" + str + "/OU=TF/O=XTF/L=Milan/C=IT", "-newkey", "rsa:2048", "-nodes", "-keyout", str4, "-x509", "-days", "365", "-out", str3);
        processCall(caDir, "keytool", "-import", "-noprompt", "-alias", str, "-keystore", str5, "-file", str3, "-storetype", "JKS", "-storepass", "1234PIPPOBAUDO");
        try {
            Secret createTlsSecret = createTlsSecret(str2, certificateAndKey.key, certificateAndKey.certificate);
            if (Objects.isNull(createTlsSecret)) {
                throw new RuntimeException(MessageFormat.format("Secret {} doesn't exist!", str2));
            }
            certificateAndKey.tlsSecret = createTlsSecret;
            return certificateAndKey;
        } catch (IOException e) {
            throw new RuntimeException("Failed to create secret " + str2, e);
        }
    }

    private static void processCall(Path path, String... strArr) {
        ProcessBuilder processBuilder = new ProcessBuilder(strArr);
        processBuilder.directory(path.toFile());
        processBuilder.redirectErrorStream(true);
        try {
            Process start = processBuilder.start();
            int waitFor = start.waitFor();
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(start.getInputStream()));
            while (bufferedReader.ready()) {
                try {
                    if (waitFor == 0) {
                        log.debug(bufferedReader.readLine());
                    } else {
                        log.error(bufferedReader.readLine());
                    }
                } finally {
                }
            }
            bufferedReader.close();
            if (waitFor != 0) {
                throw new RuntimeException("Failed executing " + String.join(" ", strArr));
            }
        } catch (IOException | InterruptedException e) {
            throw new RuntimeException("Failed executing " + String.join(" ", strArr));
        }
    }

    public static Secret createTlsSecret(String str, Path path, Path path2) throws IOException {
        HashMap hashMap = new HashMap();
        String readString = Files.readString(path);
        String readString2 = Files.readString(path2);
        hashMap.put("tls.key", Base64.getEncoder().encodeToString(readString.getBytes()));
        hashMap.put("tls.crt", Base64.getEncoder().encodeToString(readString2.getBytes()));
        return (Secret) ((NonNamespaceOperation) OpenShifts.master().secrets().inNamespace(OpenShiftConfig.namespace())).createOrReplace(((SecretBuilder) new SecretBuilder().withNewMetadata().withName(str).endMetadata()).withType("kubernetes.io/tls").withImmutable(false).addToData(hashMap).build());
    }

    public static Path getCaDir() {
        return caDir;
    }

    static {
        try {
            caDir = Files.createTempDirectory(CertificatesUtils.class.getSimpleName().toLowerCase(), new FileAttribute[0]);
        } catch (IOException e) {
            throw new RuntimeException("Failed to create temp directory!");
        }
    }
}
