package com.google.android.apps.cloudconsole.ssh.key;

import android.util.Base64;
import com.google.android.apps.cloudconsole.analytics.AnalyticsService;
import com.google.android.apps.cloudconsole.api.ApiService;
import com.google.android.apps.cloudconsole.common.ContextManager;
import com.google.android.apps.cloudconsole.common.Utils;
import com.google.android.apps.cloudconsole.preferences.PreferencesService;
import com.google.android.apps.cloudconsole.ssh.key.PollingStrategy;
import com.google.api.services.compute.v1.model.Instance;
import com.google.api.services.compute.v1.model.Metadata;
import com.google.api.services.compute.v1.model.Operation;
import com.google.common.base.Ascii;
import com.google.common.base.Joiner;
import com.google.common.base.Preconditions;
import com.google.common.base.Splitter;
import com.google.common.flogger.GoogleLogger;
import com.google.common.util.concurrent.ListeningExecutorService;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.PublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Locale;
import java.util.concurrent.Callable;
import java.util.concurrent.Future;
import org.joda.time.DateTime;
import org.joda.time.Duration;

/* compiled from: PG */
/* loaded from: classes.dex */
public class SshKeyUtil {
    public static final int KEY_LEVEL_ANY = 1;
    public static final int KEY_LEVEL_INSTANCE = 2;
    public static final int KEY_LEVEL_PROJECT = 3;
    private static final int MAX_UNIX_USERNAME_LEN = 32;
    private static final String SSH_RSA_PREFIX = "ssh-rsa";
    AnalyticsService analyticsService;
    private ApiService apiService;
    private ContextManager contextManager;
    ListeningExecutorService executorService;
    private BusyWaitOperationPoller poller;
    PreferencesService preferencesService;
    private static final GoogleLogger logger = GoogleLogger.forInjectedClassName("com/google/android/apps/cloudconsole/ssh/key/SshKeyUtil");
    private static final Duration START_POLL_INTERVAL = Duration.standardSeconds(1);
    private static final Duration MAX_POLL_INTERVAL = Duration.standardMinutes(2);
    private static final Splitter AT_SPLITTER = Splitter.on('@');
    private static final Duration PUBLIC_KEY_EXPIRY = Duration.standardDays(1);
    private static final Joiner ALIAS_JOINER = Joiner.on('|');

    /* compiled from: PG */
    /* loaded from: classes.dex */
    public @interface KeyLevel {
    }

    public SshKeyUtil(ApiService apiService, ContextManager contextManager) {
        this.apiService = apiService;
        this.contextManager = contextManager;
        this.poller = new BusyWaitOperationPoller(apiService);
    }

    private static boolean blocksProjectSshKeys(Metadata metadata) {
        if (metadata == null || metadata.getItems() == null) {
            return false;
        }
        for (Metadata.Items items : metadata.getItems()) {
            if ("block-project-ssh-keys".equals(items.getKey()) && Ascii.equalsIgnoreCase(items.getValue(), "true")) {
                return true;
            }
        }
        return false;
    }

    public static String convertToBase64EncodedString(PublicKey publicKey) {
        if (publicKey instanceof RSAPublicKey) {
            return Base64.encodeToString(encodePublicKey((RSAPublicKey) publicKey), 2);
        }
        throw new InvalidKeyException("Unknown key type");
    }

    public static String convertToOpenSSHFormat(PublicKey publicKey, String str) {
        String generateKeyComment = SshKeyMetadataUpdateUtil.generateKeyComment(str, DateTime.now().plus(PUBLIC_KEY_EXPIRY));
        if (!(publicKey instanceof RSAPublicKey)) {
            throw new InvalidKeyException("Unknown key type");
        }
        String valueOf = String.valueOf("ssh-rsa ");
        String valueOf2 = String.valueOf(convertToBase64EncodedString(publicKey));
        String valueOf3 = String.valueOf(valueOf2.length() != 0 ? valueOf.concat(valueOf2) : new String(valueOf));
        return new StringBuilder(String.valueOf(valueOf3).length() + 1 + String.valueOf(generateKeyComment).length()).append(valueOf3).append(" ").append(generateKeyComment).toString();
    }

    public static KeyPair decodeKeyPair(byte[] bArr, byte[] bArr2) {
        try {
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            return new KeyPair(keyFactory.generatePublic(new X509EncodedKeySpec(bArr)), keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bArr2)));
        } catch (GeneralSecurityException e) {
            throw Utils.throwException(e);
        }
    }

    private static byte[] encodePublicKey(RSAPublicKey rSAPublicKey) {
        byte[] bytes = SSH_RSA_PREFIX.getBytes();
        byte[] byteArray = rSAPublicKey.getPublicExponent().toByteArray();
        byte[] byteArray2 = rSAPublicKey.getModulus().toByteArray();
        ByteBuffer allocate = ByteBuffer.allocate(bytes.length + 8 + byteArray.length + 4 + byteArray2.length);
        allocate.putInt(bytes.length);
        allocate.put(bytes);
        allocate.putInt(byteArray.length);
        allocate.put(byteArray);
        allocate.putInt(byteArray2.length);
        allocate.put(byteArray2);
        return allocate.array();
    }

    static String getDefaultLoginUserFromUserEmail(String str) {
        Preconditions.checkArgument((str == null || str.isEmpty()) ? false : true);
        return sanitizeLoginUsername(AT_SPLITTER.splitToList(str).get(0));
    }

    public static String getInstanceKeyAlias(String str, String str2, String str3) {
        return ALIAS_JOINER.join(str, str2, str3);
    }

    public static String getKeyAlias(String str, String str2, String str3, int i) {
        if (i == 2) {
            return getInstanceKeyAlias(str, str2, str3);
        }
        if (i == 3) {
            return getProjectKeyAlias(str, str2);
        }
        throw new IllegalArgumentException(new StringBuilder(29).append("Invalid key level ").append(i).toString());
    }

    private Metadata getMetadata(int i, String str, String str2, String str3) {
        return i == 2 ? this.apiService.getGceInstance(str, str2, str3, true).getMetadata() : this.apiService.getGceCommonMetadata(str, true);
    }

    public static String getProjectKeyAlias(String str, String str2) {
        return ALIAS_JOINER.join(str, str2, new Object[0]);
    }

    private void pollOperationComplete(Operation operation, String str, String str2) {
        this.poller.poll(operation, str, str2, new PollingStrategy.ExponentialBackoff(START_POLL_INTERVAL.getMillis(), MAX_POLL_INTERVAL.getMillis()));
    }

    static String sanitizeLoginUsername(String str) {
        String replaceAll = str.replaceAll("[^\\w]", "_").toLowerCase(Locale.ENGLISH).replaceAll("^(?![a-z])", "g");
        return replaceAll.substring(0, Math.min(replaceAll.length(), 32));
    }

    public Future<Exception> deletePublicKeyFromGceMetadata(PublicKey publicKey, final int i, final String str, final String str2, final String str3) {
        final String defaultLoginUserForCurrentUser = getDefaultLoginUserForCurrentUser(str);
        final String openSSHKey = getOpenSSHKey(publicKey);
        final Metadata metadata = getMetadata(i, str, str2, str3);
        return this.executorService.submit(new Callable() { // from class: com.google.android.apps.cloudconsole.ssh.key.SshKeyUtil$$ExternalSyntheticLambda0
            @Override // java.util.concurrent.Callable
            public final Object call() {
                return SshKeyUtil.this.lambda$deletePublicKeyFromGceMetadata$0$SshKeyUtil(i, metadata, openSSHKey, defaultLoginUserForCurrentUser, str, str2, str3);
            }
        });
    }

    public void forgetLoginUser(String str) {
        this.preferencesService.removeSshUsername(str);
    }

    public String getDefaultLoginUserForCurrentUser(String str) {
        String sshUsername = this.preferencesService.getSshUsername(str);
        if (sshUsername != null) {
            return sshUsername;
        }
        String accountName = this.contextManager.getAccountName();
        if (accountName == null) {
            return null;
        }
        return getDefaultLoginUserFromUserEmail(accountName);
    }

    public int getKeyLevel(Instance instance) {
        return (blocksProjectSshKeys(instance.getMetadata()) || SshKeyMetadataUpdateUtil.hasSshKeyMetadata(instance.getMetadata())) ? 2 : 3;
    }

    String getOpenSSHKey(PublicKey publicKey) {
        String accountName = this.contextManager.getAccountName();
        if (accountName == null) {
            return null;
        }
        return convertToOpenSSHFormat(publicKey, accountName);
    }

    public /* synthetic */ Exception lambda$deletePublicKeyFromGceMetadata$0$SshKeyUtil(int i, Metadata metadata, String str, String str2, String str3, String str4, String str5) {
        try {
            setMetadata(i, metadata, str, str2, str3, str4, str5, false);
            return null;
        } catch (Exception e) {
            return e;
        }
    }

    Operation setMetadata(int i, Metadata metadata, String str, String str2, String str3, String str4, String str5, boolean z) {
        long currentTimeMillis = System.currentTimeMillis();
        Metadata metadata2 = metadata == null ? new Metadata() : metadata.clone();
        metadata2.setItems(SshKeyMetadataUpdateUtil.modifySshKeyInMetadata(metadata2.getItems(), str2, str, z));
        Operation gceInstanceMetadata = i == 2 ? this.apiService.setGceInstanceMetadata(str3, str4, str5, metadata2) : this.apiService.setGceCommonMetadata(str3, metadata2);
        logger.atFinest().withInjectedLogSite("com/google/android/apps/cloudconsole/ssh/key/SshKeyUtil", "setMetadata", 329, "SshKeyUtil.java").log("Setting metadata status %s", gceInstanceMetadata.getStatus());
        pollOperationComplete(gceInstanceMetadata, str3, str4);
        this.analyticsService.trackTime("ssh", "ssh/event/setMetadataMillis", System.currentTimeMillis() - currentTimeMillis);
        return gceInstanceMetadata;
    }
}
