package defpackage;

import constant.RestResult;
import java.io.IOException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.util.Base64;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.digest.Crypt;
import org.json.JSONException;
import org.json.JSONObject;
import utils.HttpResponse;
import utils.LogUtil;
import utils.RestClient;

/* loaded from: input_file:ResetPwdFlow.class */
public class ResetPwdFlow {
    private static Logger logger = LogUtil.getLogger();
    private static final String RESET_PWD_FLAG_URL = "http://169.254.169.254/openstack/latest/resetpwd_flag";
    private static final String RESET_PASSWORD_URL = "http://169.254.169.254/openstack/latest/reset_password";
    private static final String META_DATA_URL = "http://169.254.169.254/openstack/latest/meta_data.json";
    private static final String UUID = "uuid";
    private static final String RESET_PASSWORD = "reset_password";
    private static final String RESET_PWD_FLAG = "resetpwd_flag";
    public static final String KEY_ALGORITHM = "AES";
    public static final String CIPHER_ALGORITHM = "AES/CBC/PKCS5Padding";
    private static final int SALT_BYTE = 8;
    private static final String SHA512_PREFIX = "$6$";
    private static final String BASE_64_TABLE = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";

    public void run() {
        String uuid;
        byte[] aesKey;
        String flag = getFlag();
        if (flag == null) {
            return;
        }
        if (!RestResult.TRUE.equals(flag)) {
            if (!setFlag()) {
                return;
            } else {
                logger.info("set flag successful.");
            }
        }
        String password = getPassword();
        if (password == null || RestResult.NONE.equals(password) || password.length() == 0 || (uuid = getUuid()) == null || (aesKey = getAesKey(uuid, password)) == null) {
            return;
        }
        resetVMPwd(encryptPassword(aesCbcDecrypt(password.substring(12, password.length()), aesKey, aesKey)));
        deleteResetPwd();
    }

    public String getFlag() {
        HttpResponse sendRequest = RestClient.sendRequest(RESET_PWD_FLAG_URL, RestClient.HttpMethod.GET, "");
        if (null == sendRequest) {
            return null;
        }
        try {
            String string = new JSONObject(sendRequest.getResult()).getString(RESET_PWD_FLAG);
            if (string == null) {
                return null;
            }
            logger.info("get flag successful.");
            return string;
        } catch (JSONException e) {
            logger.severe("getFlagAlone error: " + e.getMessage());
            return null;
        }
    }

    public boolean setFlag() {
        HttpResponse sendRequest = RestClient.sendRequest(RESET_PWD_FLAG_URL, RestClient.HttpMethod.POST, RestResult.TRUE);
        return null != sendRequest && 200 == sendRequest.getCode();
    }

    public String getPassword() {
        HttpResponse sendRequest = RestClient.sendRequest(RESET_PASSWORD_URL, RestClient.HttpMethod.GET, "");
        if (null == sendRequest) {
            return null;
        }
        try {
            String string = new JSONObject(sendRequest.getResult()).getString(RESET_PASSWORD);
            if (null == string) {
                return null;
            }
            return string;
        } catch (JSONException e) {
            logger.severe("getResetPwdAlone error," + e.getMessage());
            return null;
        }
    }

    public String getUuid() {
        HttpResponse sendRequest = RestClient.sendRequest(META_DATA_URL, RestClient.HttpMethod.GET, "");
        if (null == sendRequest) {
            return null;
        }
        String str = null;
        try {
            str = new JSONObject(sendRequest.getResult()).getString(UUID);
            logger.info("get metadata successful.");
        } catch (JSONException e) {
            logger.severe("get uuid from metadata error: " + e.getMessage());
        }
        return str;
    }

    private void resetVMPwd(String str) {
        Process process = null;
        try {
            try {
                try {
                    process = Runtime.getRuntime().exec(new String[]{"/bin/sh", "-c", "echo 'root:" + str + "' | chpasswd -e"});
                    if (null != process) {
                        process.waitFor();
                    }
                    if (null != process) {
                        process.destroy();
                    }
                } catch (InterruptedException e) {
                    logger.severe(e.getMessage());
                    if (null != process) {
                        process.destroy();
                    }
                }
            } catch (IOException e2) {
                logger.severe(e2.getMessage());
                if (null != process) {
                    process.destroy();
                }
            }
        } catch (Throwable th) {
            if (null != process) {
                process.destroy();
            }
            throw th;
        }
    }

    private String encryptPassword(String str) {
        SecureRandom secureRandom = new SecureRandom();
        StringBuilder sb = new StringBuilder(SHA512_PREFIX);
        for (int i = 1; i <= SALT_BYTE; i++) {
            sb.append(BASE_64_TABLE.charAt(secureRandom.nextInt(BASE_64_TABLE.length())));
        }
        return Crypt.crypt(str, sb.toString());
    }

    public byte[] getAesKey(String str, String str2) {
        try {
            return SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(str.toCharArray(), Base64.getDecoder().decode(getSalt(str2)), 5000, 128)).getEncoded();
        } catch (NoSuchAlgorithmException e) {
            logger.severe(e.getMessage());
            return null;
        } catch (InvalidKeySpecException e2) {
            logger.severe(e2.getMessage());
            return null;
        }
    }

    private String getSalt(String str) {
        if (str == null || str.length() < 12) {
            return null;
        }
        return str.substring(0, 12);
    }

    public String aesCbcDecrypt(String str, byte[] bArr, byte[] bArr2) {
        try {
            byte[] decode = Base64.getDecoder().decode(str);
            Key convertToKey = convertToKey(bArr);
            Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
            cipher.init(2, convertToKey, new IvParameterSpec(bArr2));
            return new String(cipher.doFinal(decode));
        } catch (IOException e) {
            logger.severe(e.getMessage());
            return null;
        } catch (Exception e2) {
            logger.severe(e2.getMessage());
            return null;
        }
    }

    public static Key convertToKey(byte[] bArr) throws Exception {
        return new SecretKeySpec(bArr, KEY_ALGORITHM);
    }

    private void deleteResetPwd() {
        RestClient.sendRequest(RESET_PASSWORD_URL, RestClient.HttpMethod.DELETE, "");
        logger.info("delete info end.");
    }
}
