package org.dasein.security.joyent;

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.TimeZone;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.apache.http.HttpRequest;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMReader;
import org.bouncycastle.openssl.PasswordFinder;
import org.bouncycastle.util.encoders.Base64;
import org.dasein.cloud.CloudException;
import org.dasein.cloud.ContextRequirements;
import org.dasein.cloud.InternalException;
import org.dasein.cloud.joyent.SmartDataCenter;

/* loaded from: input_file:org/dasein/security/joyent/SignatureHttpAuth.class */
public class SignatureHttpAuth implements JoyentHttpAuth {
    private static final DateFormat RFC1123_DATE_FORMAT = new SimpleDateFormat("EEE, d MMM yyyy HH:mm:ss z");
    private static final String AUTH_HEADER = "Signature keyId=\"/%s/keys/%s\",algorithm=\"rsa-sha256\",signature=\"%s\"";
    private static final String AUTH_SIGN = "date: %s";
    private static final String SIGN_ALGORITHM = "SHA256WithRSAEncryption";
    private SmartDataCenter provider;

    public SignatureHttpAuth(SmartDataCenter smartDataCenter) {
        this.provider = smartDataCenter;
    }

    @Override // org.dasein.security.joyent.JoyentHttpAuth
    public void addPreemptiveAuth(@Nonnull HttpRequest httpRequest) throws CloudException, InternalException {
        byte[] bArr;
        if (this.provider.getContext() == null) {
            throw new CloudException("No context was defined for this request");
        }
        String format = RFC1123_DATE_FORMAT.format(Calendar.getInstance(TimeZone.getTimeZone("UTC")).getTime());
        httpRequest.setHeader("Date", format);
        try {
            Security.addProvider(new BouncyCastleProvider());
            Signature signature = Signature.getInstance(SIGN_ALGORITHM);
            String str = "";
            String str2 = "";
            char[] cArr = null;
            for (ContextRequirements.Field field : this.provider.getContextRequirements().getConfigurableValues()) {
                if (field.type.equals(ContextRequirements.FieldType.KEYPAIR)) {
                    byte[][] bArr2 = (byte[][]) this.provider.getContext().getConfigurationValue(field);
                    str = new String(bArr2[0], "utf-8");
                    str2 = new String(bArr2[1], "utf-8");
                } else if (field.type.equals(ContextRequirements.FieldType.PASSWORD) && (bArr = (byte[]) this.provider.getContext().getConfigurationValue(field)) != null) {
                    cArr = new String(bArr, "utf-8").toCharArray();
                }
            }
            signature.initSign(getKeyPair(str2, cArr).getPrivate());
            signature.update(String.format(AUTH_SIGN, format).getBytes("UTF-8"));
            httpRequest.addHeader("Authorization", String.format(AUTH_HEADER, this.provider.getContext().getAccountNumber(), str, new String(Base64.encode(signature.sign()))));
        } catch (UnsupportedEncodingException e) {
            throw new InternalException(e);
        } catch (IOException e2) {
            throw new InternalException(e2);
        } catch (InvalidKeyException e3) {
            throw new InternalException(e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new InternalException(e4);
        } catch (SignatureException e5) {
            throw new InternalException(e5);
        }
    }

    private KeyPair getKeyPair(String str, @Nullable final char[] cArr) throws IOException {
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(new ByteArrayInputStream(str.getBytes())));
        PEMReader pEMReader = cArr != null ? new PEMReader(bufferedReader, new PasswordFinder() { // from class: org.dasein.security.joyent.SignatureHttpAuth.1
            public char[] getPassword() {
                return cArr;
            }
        }) : new PEMReader(bufferedReader);
        try {
            KeyPair keyPair = (KeyPair) pEMReader.readObject();
            bufferedReader.close();
            pEMReader.close();
            return keyPair;
        } catch (Throwable th) {
            bufferedReader.close();
            pEMReader.close();
            throw th;
        }
    }
}
