package org.opendaylight.netconf.transport.ssh;

import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.util.concurrent.ListenableFuture;
import io.netty.bootstrap.Bootstrap;
import io.netty.bootstrap.ServerBootstrap;
import io.netty.channel.group.DefaultChannelGroup;
import io.netty.util.concurrent.GlobalEventExecutor;
import java.security.KeyPair;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import org.opendaylight.netconf.shaded.sshd.common.io.IoHandler;
import org.opendaylight.netconf.shaded.sshd.common.keyprovider.KeyPairProvider;
import org.opendaylight.netconf.shaded.sshd.common.util.threads.ThreadUtils;
import org.opendaylight.netconf.shaded.sshd.server.ServerFactoryManager;
import org.opendaylight.netconf.shaded.sshd.server.SshServer;
import org.opendaylight.netconf.shaded.sshd.server.auth.hostbased.UserAuthHostBasedFactory;
import org.opendaylight.netconf.shaded.sshd.server.auth.password.UserAuthPasswordFactory;
import org.opendaylight.netconf.shaded.sshd.server.auth.pubkey.UserAuthPublicKeyFactory;
import org.opendaylight.netconf.shaded.sshd.server.session.SessionFactory;
import org.opendaylight.netconf.transport.api.TransportChannelListener;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
import org.opendaylight.netconf.transport.tcp.TCPClient;
import org.opendaylight.netconf.transport.tcp.TCPServer;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.crypt.hash.rev140806.CryptHash;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev230417.SshServerGrouping;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev230417.ssh.server.grouping.ClientAuthentication;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev230417.ssh.server.grouping.ServerIdentity;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev230417.ssh.server.grouping.client.authentication.Users;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev230417.ssh.server.grouping.client.authentication.users.User;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev230417.ssh.server.grouping.client.authentication.users.UserKey;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev230417.ssh.server.grouping.client.authentication.users.user.Hostbased;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev230417.ssh.server.grouping.client.authentication.users.user.PublicKeys;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev230417.ssh.server.grouping.server.identity.HostKey;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.client.rev230417.TcpClientGrouping;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.tcp.server.rev230417.TcpServerGrouping;

/* loaded from: input_file:org/opendaylight/netconf/transport/ssh/SSHServer.class */
public final class SSHServer extends SSHTransportStack {
    private final ServerFactoryManager serverFactoryManager;
    private final SessionFactory serverSessionFactory;

    private SSHServer(TransportChannelListener transportChannelListener, ServerFactoryManager serverFactoryManager) {
        super(transportChannelListener);
        this.serverFactoryManager = (ServerFactoryManager) Objects.requireNonNull(serverFactoryManager);
        this.serverFactoryManager.addSessionListener(new UserAuthSessionListener(this.sessionAuthHandlers, this.sessions));
        this.serverSessionFactory = new SessionFactory(serverFactoryManager);
        this.ioService = new SshIoService(this.serverFactoryManager, new DefaultChannelGroup("sshd-server-channels", GlobalEventExecutor.INSTANCE), this.serverSessionFactory);
    }

    @Override // org.opendaylight.netconf.transport.ssh.SSHTransportStack
    protected IoHandler getSessionFactory() {
        return this.serverSessionFactory;
    }

    public static ListenableFuture<SSHServer> connect(TransportChannelListener transportChannelListener, Bootstrap bootstrap, TcpClientGrouping tcpClientGrouping, SshServerGrouping sshServerGrouping) throws UnsupportedConfigurationException {
        SSHServer sSHServer = new SSHServer(transportChannelListener, newFactoryManager(sshServerGrouping));
        return transformUnderlay(sSHServer, TCPClient.connect(sSHServer.asListener(), bootstrap, tcpClientGrouping));
    }

    public static ListenableFuture<SSHServer> listen(TransportChannelListener transportChannelListener, ServerBootstrap serverBootstrap, TcpServerGrouping tcpServerGrouping, SshServerGrouping sshServerGrouping) throws UnsupportedConfigurationException {
        SSHServer sSHServer = new SSHServer(transportChannelListener, newFactoryManager(sshServerGrouping));
        return transformUnderlay(sSHServer, TCPServer.listen(sSHServer.asListener(), serverBootstrap, tcpServerGrouping));
    }

    private static ServerFactoryManager newFactoryManager(SshServerGrouping sshServerGrouping) throws UnsupportedConfigurationException {
        SshServer upDefaultServer = SshServer.setUpDefaultServer();
        ConfigUtils.setTransportParams(upDefaultServer, sshServerGrouping.getTransportParams());
        ConfigUtils.setKeepAlives(upDefaultServer, sshServerGrouping.getKeepalives());
        setServerIdentity(upDefaultServer, sshServerGrouping.getServerIdentity());
        setClientAuthentication(upDefaultServer, sshServerGrouping.getClientAuthentication());
        upDefaultServer.setServiceFactories(SshServer.DEFAULT_SERVICE_FACTORIES);
        upDefaultServer.setScheduledExecutorService(ThreadUtils.newSingleThreadScheduledExecutor(""));
        return upDefaultServer;
    }

    private static void setServerIdentity(ServerFactoryManager serverFactoryManager, ServerIdentity serverIdentity) throws UnsupportedConfigurationException {
        if (serverIdentity == null) {
            throw new UnsupportedConfigurationException("Server identity configuration is required");
        }
        List<HostKey> hostKey = serverIdentity.getHostKey();
        if (hostKey == null || hostKey.isEmpty()) {
            throw new UnsupportedConfigurationException("Host keys is missing in server identity configuration");
        }
        List<KeyPair> extractServerHostKeys = ConfigUtils.extractServerHostKeys(hostKey);
        if (extractServerHostKeys.isEmpty()) {
            return;
        }
        serverFactoryManager.setKeyPairProvider(KeyPairProvider.wrap(extractServerHostKeys));
    }

    private static void setClientAuthentication(ServerFactoryManager serverFactoryManager, ClientAuthentication clientAuthentication) throws UnsupportedConfigurationException {
        Users users;
        Map<UserKey, User> user;
        if (clientAuthentication == null || (users = clientAuthentication.getUsers()) == null || (user = users.getUser()) == null) {
            return;
        }
        ImmutableMap.Builder builder = ImmutableMap.builder();
        ImmutableMap.Builder builder2 = ImmutableMap.builder();
        ImmutableMap.Builder builder3 = ImmutableMap.builder();
        for (Map.Entry<UserKey, User> entry : user.entrySet()) {
            String name = entry.getKey().getName();
            User value = entry.getValue();
            CryptHash password = value.getPassword();
            if (password != null) {
                builder.put(name, password.getValue());
            }
            Hostbased hostbased = value.getHostbased();
            if (hostbased != null) {
                builder2.put(name, ConfigUtils.extractPublicKeys(hostbased.getInlineOrTruststore()));
            }
            PublicKeys publicKeys = value.getPublicKeys();
            if (publicKeys != null) {
                builder3.put(name, ConfigUtils.extractPublicKeys(publicKeys.getInlineOrTruststore()));
            }
        }
        ImmutableList.Builder builder4 = ImmutableList.builder();
        ImmutableMap build = builder.build();
        if (!build.isEmpty()) {
            builder4.add((ImmutableList.Builder) new UserAuthPasswordFactory());
            serverFactoryManager.setPasswordAuthenticator(new CryptHashPasswordAuthenticator(build));
        }
        ImmutableMap build2 = builder2.build();
        if (!build2.isEmpty()) {
            UserAuthHostBasedFactory userAuthHostBasedFactory = new UserAuthHostBasedFactory();
            userAuthHostBasedFactory.setSignatureFactories(serverFactoryManager.getSignatureFactories());
            builder4.add((ImmutableList.Builder) userAuthHostBasedFactory);
            serverFactoryManager.setHostBasedAuthenticator(new UserPublicKeyAuthenticator(build2));
        }
        ImmutableMap build3 = builder3.build();
        if (!build3.isEmpty()) {
            UserAuthPublicKeyFactory userAuthPublicKeyFactory = new UserAuthPublicKeyFactory();
            userAuthPublicKeyFactory.setSignatureFactories(serverFactoryManager.getSignatureFactories());
            builder4.add((ImmutableList.Builder) userAuthPublicKeyFactory);
            serverFactoryManager.setPublickeyAuthenticator(new UserPublicKeyAuthenticator(build3));
        }
        serverFactoryManager.setUserAuthFactories(builder4.build());
    }
}
