package com.spotify.crtauth.agentsigner;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Objects;
import com.google.common.base.Strings;
import com.google.common.base.Throwables;
import com.spotify.crtauth.Fingerprint;
import com.spotify.crtauth.exceptions.CrtAuthException;
import com.spotify.crtauth.exceptions.KeyNotFoundException;
import com.spotify.crtauth.signer.Signer;
import java.io.File;
import java.io.IOException;
import java.nio.channels.Channels;
import java.nio.channels.ReadableByteChannel;
import java.nio.channels.WritableByteChannel;
import java.security.PublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Iterator;
import jnr.unixsocket.UnixSocketAddress;
import jnr.unixsocket.UnixSocketChannel;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/spotify/crtauth/agentsigner/AgentSigner.class */
public class AgentSigner implements Signer, AutoCloseable {
    private static final Logger log = LoggerFactory.getLogger(AgentSigner.class);
    private final AgentOutputStream out;
    private final AgentInputStream in;

    public AgentSigner() throws CrtAuthException {
        try {
            String str = System.getenv("SSH_AUTH_SOCK");
            if (Strings.isNullOrEmpty(str)) {
                throw new CrtAuthException("The environment variable SSH_AUTH_SOCK is not set. Please configure your ssh-agent.");
            }
            UnixSocketChannel open = UnixSocketChannel.open(new UnixSocketAddress(new File(str)));
            log.debug("connected to " + open.getRemoteSocketAddress());
            this.out = new AgentOutputStream(Channels.newOutputStream((WritableByteChannel) open));
            this.in = new AgentInputStream(Channels.newInputStream((ReadableByteChannel) open));
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    @VisibleForTesting
    AgentSigner(AgentOutputStream agentOutputStream, AgentInputStream agentInputStream) {
        this.out = agentOutputStream;
        this.in = agentInputStream;
    }

    public byte[] sign(byte[] bArr, Fingerprint fingerprint) throws IllegalArgumentException, KeyNotFoundException {
        try {
            PublicKey findKey = findKey(fingerprint);
            if (findKey == null) {
                throw new KeyNotFoundException("Your ssh-agent does not have the required key added. This usually indicates that ssh-add has not been run.");
            }
            String str = "ssh-" + findKey.getAlgorithm().toLowerCase();
            if (!str.equals("ssh-rsa")) {
                throw Throwables.propagate(new CrtAuthException(String.format("Unknown key type %s. This code currently only supports %s.", str, "ssh-rsa")));
            }
            try {
                this.out.signRequest((RSAPublicKey) findKey, bArr);
                Iterator<byte[]> readSignResponseData = this.in.readSignResponseData(this.in.readSignResponse());
                if (new String(readSignResponseData.next()).equals("ssh-rsa")) {
                    return readSignResponseData.next();
                }
                throw new RuntimeException("I unexpectedly got a non-RSA signature format ID in the SSH2_AGENT_SIGN_RESPONSE's signature blob.");
            } catch (IOException e) {
                throw Throwables.propagate(e);
            }
        } catch (IOException e2) {
            throw Throwables.propagate(e2);
        }
    }

    private PublicKey findKey(Fingerprint fingerprint) throws IOException {
        this.out.requestIdentities();
        Iterator<RSAPublicKey> readIdentitiesAnswerData = this.in.readIdentitiesAnswerData(this.in.readIdentitiesAnswer());
        while (readIdentitiesAnswerData.hasNext()) {
            RSAPublicKey next = readIdentitiesAnswerData.next();
            if (fingerprint.matches(next)) {
                return next;
            }
        }
        return null;
    }

    @Override // java.lang.AutoCloseable
    public void close() throws Exception {
        this.out.close();
        this.in.close();
    }

    public String toString() {
        return Objects.toStringHelper(this).toString();
    }
}
