package com.atlassian.aws.ec2.caches;

import com.amazonaws.services.ec2.AmazonEC2Client;
import com.amazonaws.services.ec2.model.GetPasswordDataRequest;
import com.atlassian.aws.utils.CryptoUtils;
import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.collect.ComputationException;
import java.security.Security;
import java.util.concurrent.ExecutionException;
import javax.crypto.Cipher;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.StringUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:com/atlassian/aws/ec2/caches/InstancePasswordCache.class */
public class InstancePasswordCache {
    public static final String CIPHER_SPEC = "RSA/ECB/PKCS1Padding";
    private final Cache<KeyInstanceIdHolder, String> instanceId2password;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/atlassian/aws/ec2/caches/InstancePasswordCache$KeyInstanceIdHolder.class */
    public static class KeyInstanceIdHolder {
        private final String keyName;
        private final String instanceId;

        public KeyInstanceIdHolder(String str, String str2) {
            this.keyName = str;
            this.instanceId = str2;
        }

        public String getInstanceId() {
            return this.instanceId;
        }

        public String getKeyName() {
            return this.keyName;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            KeyInstanceIdHolder keyInstanceIdHolder = (KeyInstanceIdHolder) obj;
            return this.instanceId.equals(keyInstanceIdHolder.instanceId) && this.keyName.equals(keyInstanceIdHolder.keyName);
        }

        public int hashCode() {
            return (31 * this.keyName.hashCode()) + this.instanceId.hashCode();
        }
    }

    public InstancePasswordCache(@NotNull AmazonEC2Client amazonEC2Client) {
        Security.addProvider(new BouncyCastleProvider());
        this.instanceId2password = makePasswordComputingMap(amazonEC2Client, makeCipherMap());
    }

    private Cache<String, Cipher> makeCipherMap() {
        return CacheBuilder.newBuilder().build(new CacheLoader<String, Cipher>() { // from class: com.atlassian.aws.ec2.caches.InstancePasswordCache.1
            public Cipher load(String str) throws Exception {
                return CryptoUtils.getCipherForKey(str, InstancePasswordCache.CIPHER_SPEC);
            }
        });
    }

    private Cache<KeyInstanceIdHolder, String> makePasswordComputingMap(final AmazonEC2Client amazonEC2Client, final Cache<String, Cipher> cache) {
        return CacheBuilder.newBuilder().build(new CacheLoader<KeyInstanceIdHolder, String>() { // from class: com.atlassian.aws.ec2.caches.InstancePasswordCache.2
            public String load(KeyInstanceIdHolder keyInstanceIdHolder) {
                String passwordData = amazonEC2Client.getPasswordData(new GetPasswordDataRequest(keyInstanceIdHolder.getInstanceId())).getPasswordData();
                if (StringUtils.isEmpty(passwordData)) {
                    throw new ComputationException(new PasswordNotAvailableException("Password is not (yet) available. If password generation was enabled for this image, note that generation and encryption takes a few moments. Please wait up to 15 minutes after launching an instance before trying to retrieve the generated password."));
                }
                try {
                    return new String(((Cipher) cache.get(keyInstanceIdHolder.getKeyName())).doFinal(Base64.decodeBase64(passwordData)));
                } catch (Exception e) {
                    throw new ComputationException(e);
                }
            }
        });
    }

    @Nullable
    public String getPassword(String str, String str2) throws PasswordNotAvailableException {
        try {
            return (String) this.instanceId2password.get(new KeyInstanceIdHolder(str, str2));
        } catch (ExecutionException e) {
            if (e.getCause() instanceof PasswordNotAvailableException) {
                return null;
            }
            throw new IllegalArgumentException(e);
        }
    }
}
