package eu.contrail.security;

import com.mysql.jdbc.MysqlErrorNumbers;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.OperatorCreationException;

/* loaded from: input_file:WEB-INF/lib/security-commons-1.0-SNAPSHOT.jar:eu/contrail/security/RootCertGen.class */
public class RootCertGen {
    private static X509Certificate createCACertificate(KeyPair keyPair, String str, int i, int i2, String str2) throws IllegalArgumentException, CertificateException, InvalidKeyException, OperatorCreationException, SignatureException, NoSuchAlgorithmException, NoSuchProviderException {
        if (keyPair == null) {
            System.err.println("CA KeyPair is NULL");
        } else if (keyPair.getPublic() == null) {
            System.err.println("CA PubKey is NULL");
        }
        X509Certificate createCertificate = SecurityUtils.createCertificate(keyPair.getPublic(), str, i2, str, keyPair, str2, true, i, 0, 0);
        createCertificate.verify(keyPair.getPublic());
        return createCertificate;
    }

    public static void main(String[] strArr) {
        Properties properties = new Properties();
        try {
            properties.load(new FileInputStream("/etc/contrail/ca/ca.properties"));
        } catch (FileNotFoundException e) {
            System.err.println(e.getLocalizedMessage());
            System.exit(-1);
        } catch (IOException e2) {
            System.err.println(e2.getLocalizedMessage());
            System.exit(-1);
        }
        Security.addProvider(new BouncyCastleProvider());
        String property = properties.getProperty("rootcaKeyPath", "rootca.key");
        String property2 = properties.getProperty("rootcaKeyAlgorithm", "RSA");
        KeyPair keyPair = null;
        try {
            keyPair = SecurityUtils.generateKeyPair(property2, Integer.valueOf(properties.getProperty("rootcaKeyLength", "2048")).intValue());
        } catch (NoSuchAlgorithmException e3) {
            System.err.println(String.format("Can't find algorithm %s - try setting %s=RSA", property2, "rootcaKeyAlgorithm"));
            System.exit(-1);
        }
        try {
            SecurityUtils.writeKeyPair(property, keyPair, SecurityUtils.getPassphrase(System.console(), Integer.valueOf(properties.getProperty("passphraseLength", String.format("%s", 8))).intValue()), properties.getProperty("rootcaKeyEncAlg", "DESEDE"));
        } catch (FileNotFoundException e4) {
            Logger.getLogger(RootCertGen.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e4);
        } catch (IOException e5) {
            Logger.getLogger(RootCertGen.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e5);
        } catch (IllegalArgumentException e6) {
            Logger.getLogger(RootCertGen.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e6);
        }
        String property3 = properties.getProperty("rootcaCertSubjectDN");
        if (property3 == null) {
            System.err.println("Must specify a value for rootcaCertSubjectDN");
            System.exit(-1);
        }
        try {
            new X500Principal(property3);
        } catch (IllegalArgumentException e7) {
            System.err.println(String.format("Error - cannot parse SubjectDN %s", property3));
            System.exit(-1);
        }
        X509Certificate x509Certificate = null;
        try {
            x509Certificate = createCACertificate(keyPair, property3, Integer.valueOf(properties.getProperty("rootcaCertLlifetime", String.format("%s", Integer.valueOf(MysqlErrorNumbers.ER_FK_INCORRECT_OPTION)))).intValue(), Integer.valueOf(properties.getProperty("rootcaCertSerial", String.format("%s", 1))).intValue(), properties.getProperty("rootcaCertSigAlgorithm", "SHA256withRSA"));
        } catch (IllegalArgumentException e8) {
            System.err.println(e8);
            System.exit(-1);
        } catch (InvalidKeyException e9) {
            System.err.println(e9);
            System.exit(-1);
        } catch (NoSuchAlgorithmException e10) {
            System.err.println(e10);
            System.exit(-1);
        } catch (NoSuchProviderException e11) {
            System.err.println(e11);
            System.exit(-1);
        } catch (SignatureException e12) {
            System.err.println(e12);
            System.exit(-1);
        } catch (CertificateException e13) {
            System.err.println(e13);
            System.exit(-1);
        } catch (OperatorCreationException e14) {
            System.err.println(e14);
            System.exit(-1);
        }
        try {
            SecurityUtils.writeCertificate(new FileOutputStream(properties.getProperty("cacertPath", "rootca.crt")), x509Certificate);
        } catch (IOException e15) {
            Logger.getLogger(RootCertGen.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e15);
        }
    }
}
