package io.jenkins.plugins.huaweicloud;

import com.huaweicloud.sdk.core.exception.SdkException;
import com.huaweicloud.sdk.ecs.v2.EcsClient;
import com.huaweicloud.sdk.ecs.v2.model.NovaKeypair;
import com.huaweicloud.sdk.ecs.v2.model.NovaKeypairDetail;
import com.huaweicloud.sdk.ecs.v2.model.NovaListKeypairsRequest;
import com.huaweicloud.sdk.ecs.v2.model.NovaListKeypairsResult;
import com.huaweicloud.sdk.ecs.v2.model.NovaShowKeypairRequest;
import com.huaweicloud.sdk.ecs.v2.model.NovaSimpleKeypair;
import hudson.util.Secret;
import io.jenkins.plugins.huaweicloud.util.KeyFingerprinter;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.StringReader;
import java.security.KeyPair;
import java.security.UnrecoverableKeyException;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import jenkins.bouncycastle.api.PEMEncodable;
import org.apache.commons.lang.StringUtils;
import org.bouncycastle.crypto.CryptoException;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;

/* loaded from: input_file:io/jenkins/plugins/huaweicloud/ECSPrivateKey.class */
public class ECSPrivateKey {
    private static final Logger LOGGER = Logger.getLogger(ECSPrivateKey.class.getName());
    private final Secret privateKey;
    private final EcsClient client;
    private final String SSHKeyId;

    public ECSPrivateKey(String str, String str2, EcsClient ecsClient) {
        this.privateKey = Secret.fromString(str.trim());
        this.client = ecsClient;
        this.SSHKeyId = str2;
    }

    public String getPrivateKey() {
        return this.privateKey.getPlainText();
    }

    @Restricted({NoExternalUse.class})
    public Secret getPrivateKeySecret() {
        return this.privateKey;
    }

    public String getFingerprint() throws IOException {
        String plainText = this.privateKey.getPlainText();
        if (plainText.isEmpty()) {
            throw new IOException("This private key cannot be empty");
        }
        try {
            return PEMEncodable.decode(plainText).getPrivateKeyFingerprint();
        } catch (UnrecoverableKeyException e) {
            throw new IOException("This private key is password protected, which isn't supported yet");
        }
    }

    public String getPublicFingerprint() throws IOException {
        try {
            KeyPair keyPair = PEMEncodable.decode(this.privateKey.getPlainText()).toKeyPair();
            if (keyPair == null) {
                throw new UnrecoverableKeyException("private key is null");
            }
            return KeyFingerprinter.sha256Fingerprint(keyPair);
        } catch (UnrecoverableKeyException | CryptoException e) {
            throw new IOException("This private key is password protected, which isn't supported yet");
        }
    }

    public boolean isPrivateKey() throws IOException {
        String readLine;
        BufferedReader bufferedReader = new BufferedReader(new StringReader(this.privateKey.getPlainText()));
        do {
            readLine = bufferedReader.readLine();
            if (readLine == null) {
                return false;
            }
        } while (!readLine.equals("-----BEGIN RSA PRIVATE KEY-----"));
        return true;
    }

    public int hashCode() {
        return this.privateKey.hashCode();
    }

    public boolean equals(Object obj) {
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        return this.privateKey.equals(((ECSPrivateKey) obj).privateKey);
    }

    public String toString() {
        return this.privateKey.getPlainText();
    }

    public NovaKeypair find() throws SdkException, IOException {
        String publicFingerprint = getPublicFingerprint();
        NovaKeypair novaKeypair = new NovaKeypair();
        try {
            NovaKeypairDetail keypairDetailById = getKeypairDetailById();
            if (keypairDetailById != null && keypairDetailById.getFingerprint().equalsIgnoreCase(publicFingerprint)) {
                novaKeypair.withFingerprint(keypairDetailById.getFingerprint()).withName(keypairDetailById.getName()).withPrivateKey(getPrivateKey()).withPublicKey(keypairDetailById.getPublicKey()).withUserId(keypairDetailById.getUserId()).withType(keypairDetailById.getType());
                return novaKeypair;
            }
        } catch (SdkException e) {
            LOGGER.log(Level.FINE, "get keypair fail by ssh keypair ID,Will be found by calculating fingerprints");
        }
        Iterator<NovaListKeypairsResult> it = getAllOfKeypairDetail().iterator();
        while (it.hasNext()) {
            NovaSimpleKeypair keypair = it.next().getKeypair();
            if (keypair != null && keypair.getFingerprint().equalsIgnoreCase(publicFingerprint)) {
                novaKeypair.withFingerprint(keypair.getFingerprint()).withName(keypair.getName()).withPrivateKey(getPrivateKey()).withPublicKey(keypair.getPublicKey()).withType(keypair.getType());
                return novaKeypair;
            }
        }
        return null;
    }

    private NovaKeypairDetail getKeypairDetailById() throws SdkException {
        if (StringUtils.isEmpty(this.SSHKeyId)) {
            throw new SdkException("keypair name is empty");
        }
        NovaShowKeypairRequest novaShowKeypairRequest = new NovaShowKeypairRequest();
        novaShowKeypairRequest.withKeypairName(this.SSHKeyId);
        return this.client.novaShowKeypair(novaShowKeypairRequest).getKeypair();
    }

    private List<NovaListKeypairsResult> getAllOfKeypairDetail() throws SdkException {
        return this.client.novaListKeypairs(new NovaListKeypairsRequest()).getKeypairs();
    }
}
