package com.atlassian.aws.ec2;

import com.amazonaws.services.ec2.model.Image;
import com.amazonaws.services.ec2.model.IpPermission;
import com.amazonaws.services.ec2.model.SecurityGroup;
import com.amazonaws.util.Base64;
import com.amazonaws.util.EC2MetadataUtils;
import com.atlassian.aws.ec2.awssdk.AwsSupportConstants;
import com.atlassian.aws.ec2.configuration.EC2Image;
import com.atlassian.aws.ec2.configuration.EC2ImageImpl;
import com.atlassian.aws.utils.CompressionUtils;
import com.atlassian.aws.utils.JsonUtils;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.MoreObjects;
import com.google.common.base.Preconditions;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.StringTokenizer;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.openssl.PEMKeyPair;
import org.jetbrains.annotations.Contract;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:com/atlassian/aws/ec2/EC2Utils.class */
public class EC2Utils {
    private static boolean isCompressionEnabled = false;

    private EC2Utils() {
    }

    public static boolean isHostEC2() {
        return EC2MetadataUtils.getInstanceId() != null;
    }

    @NotNull
    public static EC2Instance getLocalEC2Instance() throws IOException {
        return Ec2UtilsThin.getLocalEC2Instance();
    }

    public static <T> T getUserData(Class<T> cls) throws IOException {
        return (T) Ec2UtilsThin.getUserData(cls);
    }

    public static EC2Image getCurrentImage() {
        return new EC2ImageImpl(EC2MetadataUtils.getAmiId());
    }

    @Contract("!null -> !null")
    public static String getUserDataAsString(Object obj) {
        if (obj == null) {
            return null;
        }
        return toUserDataString(obj);
    }

    public static boolean hasIAMRoleAttached() {
        return EC2MetadataUtils.getIAMInstanceProfileInfo() != null;
    }

    private static String toUserDataString(Object obj) {
        byte[] bytes = JsonUtils.toJson(obj).getBytes(StandardCharsets.UTF_8);
        if (!isCompressionEnabled) {
            bytes = CompressionUtils.compress(bytes);
        }
        return Base64.encodeAsString(bytes);
    }

    @Deprecated
    static void enableCompresssion() {
        isCompressionEnabled = true;
    }

    @Deprecated
    public static void disableCompresssion() {
        isCompressionEnabled = false;
    }

    public static boolean isWindows(@NotNull Image image) {
        String platform = image.getPlatform();
        return platform != null && AwsSupportConstants.Platform.fromAwsName(platform).isWindows();
    }

    @NotNull
    public static List<IpPermission> getMatchingIpPermissions(@NotNull SecurityGroup securityGroup, @NotNull Protocol protocol, @Nullable String str, int i) {
        ArrayList arrayList = new ArrayList();
        for (IpPermission ipPermission : securityGroup.getIpPermissions()) {
            if (ipPermission.getIpProtocol().equalsIgnoreCase(protocol.getValue())) {
                boolean z = ((Integer) MoreObjects.firstNonNull(ipPermission.getFromPort(), -1)).intValue() <= i && i <= ((Integer) MoreObjects.firstNonNull(ipPermission.getToPort(), -1)).intValue();
                boolean z2 = str == null || hasIpv4Range(str, ipPermission) || hasIpv6Range(str, ipPermission);
                if (z && z2) {
                    arrayList.add(ipPermission);
                }
            }
        }
        return arrayList;
    }

    private static boolean hasIpv4Range(@Nullable String str, IpPermission ipPermission) {
        return ipPermission.getIpv4Ranges().stream().map((v0) -> {
            return v0.getCidrIp();
        }).anyMatch(str2 -> {
            return str2.equals(str);
        });
    }

    private static boolean hasIpv6Range(@Nullable String str, IpPermission ipPermission) {
        return ipPermission.getIpv6Ranges().stream().map((v0) -> {
            return v0.getCidrIpv6();
        }).anyMatch(str2 -> {
            return str2.equals(str);
        });
    }

    public static String getEbsDeviceName(@NotNull Image image) {
        return isWindows(image) ? "xvdh" : "/dev/sdh";
    }

    public static byte[] parseFingerprint(@NotNull String str) {
        Preconditions.checkArgument(StringUtils.isNotBlank(str));
        StringTokenizer stringTokenizer = new StringTokenizer(str, ":");
        byte[] bArr = new byte[stringTokenizer.countTokens()];
        for (int i = 0; i < bArr.length; i++) {
            bArr[i] = (byte) Integer.parseInt(stringTokenizer.nextToken(), 16);
        }
        return bArr;
    }

    public static boolean isKeyMatching(@NotNull PEMKeyPair pEMKeyPair, byte[] bArr) throws IOException {
        byte[] sha1;
        if (bArr.length == 16) {
            sha1 = DigestUtils.md5(pEMKeyPair.getPublicKeyInfo().getEncoded());
        } else {
            if (bArr.length != 20) {
                throw new IllegalArgumentException("Unknown fingerprint format " + Arrays.toString(bArr));
            }
            sha1 = sha1(pEMKeyPair.getPrivateKeyInfo().getEncoded());
        }
        return Arrays.equals(sha1, bArr);
    }

    @VisibleForTesting
    static byte[] sha1(byte[] bArr) {
        try {
            return MessageDigest.getInstance("SHA-1").digest(bArr);
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException(e);
        }
    }
}
