package org.apache.sshd.client.opensshcerts;

import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Map;
import org.apache.sshd.client.SshClient;
import org.apache.sshd.client.future.ConnectFuture;
import org.apache.sshd.client.session.ClientSession;
import org.apache.sshd.common.config.keys.PublicKeyEntry;
import org.apache.sshd.common.config.keys.PublicKeyEntryResolver;
import org.apache.sshd.common.keyprovider.KeyIdentityProvider;
import org.apache.sshd.common.session.SessionContext;
import org.apache.sshd.common.util.GenericUtils;
import org.apache.sshd.common.util.io.IoUtils;
import org.apache.sshd.util.test.BaseTestSupport;
import org.apache.sshd.util.test.CommonTestSupportUtils;
import org.apache.sshd.util.test.ContainerTestCase;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
import org.testcontainers.containers.GenericContainer;
import org.testcontainers.images.builder.ImageFromDockerfile;
import org.testcontainers.utility.MountableFile;

@RunWith(Parameterized.class)
@Category({ContainerTestCase.class})
/* loaded from: input_file:org/apache/sshd/client/opensshcerts/ClientOpenSSHCertificatesTest.class */
public class ClientOpenSSHCertificatesTest extends BaseTestSupport {

    @ClassRule
    public static GenericContainer<?> sshdContainer = new GenericContainer(new ImageFromDockerfile().withDockerfileFromBuilder(dockerfileBuilder -> {
        dockerfileBuilder.from("alpine:3.13").run("apk --update add supervisor openssh openssh-server bash").run("rm -rf /var/cache/apk/*").run("mkdir /var/run/sshd").run("addgroup customusers").run("adduser -D user01 -G customusers").run("adduser -D user02 -G customusers").run("passwd -u user01").run("passwd -u user02").run("mkdir -p /keys/user/user01").run("mkdir -p /keys/user/user02").run("echo 'user01:password01' | chpasswd").run("echo 'user02:password02' | chpasswd").entryPoint("/entrypoint.sh").build();
    })).withCopyFileToContainer(MountableFile.forClasspathResource("org/apache/sshd/client/opensshcerts/docker/sshd_config"), "/etc/ssh/sshd_config").withCopyFileToContainer(MountableFile.forClasspathResource("org/apache/sshd/client/opensshcerts/docker/supervisord.conf"), "/etc/supervisor/supervisord.conf").withCopyFileToContainer(MountableFile.forClasspathResource("org/apache/sshd/client/opensshcerts/user/user01_authorized_keys"), "/keys/user/user01/authorized_keys").withCopyFileToContainer(MountableFile.forClasspathResource("org/apache/sshd/client/opensshcerts/user/user02_authorized_keys"), "/keys/user/user02/authorized_keys").withCopyFileToContainer(MountableFile.forClasspathResource("org/apache/sshd/client/opensshcerts/host/host01"), "/keys/host/host01").withCopyFileToContainer(MountableFile.forClasspathResource("org/apache/sshd/client/opensshcerts/host/host01.pub"), "/keys/host/host01.pub").withCopyFileToContainer(MountableFile.forClasspathResource("org/apache/sshd/client/opensshcerts/host/host02"), "/keys/host/host02").withCopyFileToContainer(MountableFile.forClasspathResource("org/apache/sshd/client/opensshcerts/host/host02.pub"), "/keys/host/host02.pub").withCopyFileToContainer(MountableFile.forClasspathResource("org/apache/sshd/client/opensshcerts/ca/ca.pub"), "/ca.pub").withCopyFileToContainer(MountableFile.forClasspathResource("org/apache/sshd/client/opensshcerts/docker/entrypoint.sh", 511), "/entrypoint.sh").withEnv("SSH_HOST_KEY", "/keys/host/host01").withExposedPorts(new Integer[]{22});
    private static final String USER_KEY_PATH = "org/apache/sshd/client/opensshcerts/user/";
    private String privateKeyName;

    public ClientOpenSSHCertificatesTest(String str) {
        this.privateKeyName = str;
    }

    @BeforeClass
    public static void ensureBC() {
        Security.removeProvider("BC");
        Security.addProvider(new BouncyCastleProvider());
    }

    @Parameterized.Parameters(name = "key: {0}, cert: {0}-cert.pub")
    public static Iterable<? extends String> privateKeyParams() {
        return Arrays.asList("user01_rsa_sha2_256_2048", "user01_rsa_sha2_512_2048", "user01_rsa_sha2_256_4096", "user01_rsa_sha2_512_4096", "user01_ed25519", "user01_ecdsa_256", "user01_ecdsa_384", "user01_ecdsa_521");
    }

    private String getPrivateKeyResource() {
        return USER_KEY_PATH + this.privateKeyName;
    }

    private String getCertificateResource() {
        return getPrivateKeyResource() + "-cert.pub";
    }

    /* JADX WARN: Failed to calculate best type for var: r16v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r16v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.applyWithWiderIgnSame(TypeUpdate.java:70)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.applyResolvedVars(TypeSearch.java:100)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:76)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 16, insn: 0x0107: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r16 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:43:0x0107 */
    @Test
    public void clientCertAuth() throws Exception {
        SshClient sshClient;
        InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(getCertificateResource());
        try {
            try {
                final PublicKey resolvePublicKey = PublicKeyEntry.parsePublicKeyEntry(GenericUtils.replaceWhitespaceAndTrim(new String(IoUtils.toByteArray(resourceAsStream), StandardCharsets.UTF_8))).resolvePublicKey((SessionContext) null, (Map) null, (PublicKeyEntryResolver) null);
                final PrivateKey privateKey = ((KeyPair) CommonTestSupportUtils.createTestKeyPairProvider(getPrivateKeyResource()).loadKeys((SessionContext) null).iterator().next()).getPrivate();
                SshClient sshClient2 = setupTestClient();
                sshClient2.setKeyIdentityProvider(new KeyIdentityProvider() { // from class: org.apache.sshd.client.opensshcerts.ClientOpenSSHCertificatesTest.1
                    public Iterable<KeyPair> loadKeys(SessionContext sessionContext) throws IOException, GeneralSecurityException {
                        KeyPair keyPair = new KeyPair(resolvePublicKey, privateKey);
                        ArrayList arrayList = new ArrayList();
                        arrayList.add(keyPair);
                        return arrayList;
                    }
                });
                sshClient2.start();
                Integer mappedPort = sshdContainer.getMappedPort(22);
                try {
                    ClientSession session = ((ConnectFuture) sshClient2.connect("user01", sshdContainer.getHost(), mappedPort.intValue()).verify(CONNECT_TIMEOUT)).getSession();
                    try {
                        session.auth().verify(AUTH_TIMEOUT);
                        if (session != null) {
                            session.close();
                        }
                        sshClient2.stop();
                        if (resourceAsStream != null) {
                            resourceAsStream.close();
                        }
                    } catch (Throwable th) {
                        if (session != null) {
                            try {
                                session.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } catch (Exception e) {
                    System.err.println("Container logs:");
                    System.err.print(sshdContainer.getLogs());
                    throw e;
                }
            } catch (Throwable th3) {
                if (resourceAsStream != null) {
                    try {
                        resourceAsStream.close();
                    } catch (Throwable th4) {
                        th3.addSuppressed(th4);
                    }
                }
                throw th3;
            }
        } catch (Throwable th5) {
            sshClient.stop();
            throw th5;
        }
    }
}
