package org.opendaylight.netconf.transport.ssh;

import com.google.common.collect.ImmutableList;
import com.google.errorprone.annotations.DoNotCall;
import java.security.KeyPair;
import java.security.PublicKey;
import java.util.List;
import java.util.Objects;
import java.util.concurrent.ScheduledExecutorService;
import org.opendaylight.netconf.shaded.sshd.client.ClientBuilder;
import org.opendaylight.netconf.shaded.sshd.client.SshClient;
import org.opendaylight.netconf.shaded.sshd.client.auth.hostbased.HostKeyIdentityProvider;
import org.opendaylight.netconf.shaded.sshd.client.auth.hostbased.UserAuthHostBasedFactory;
import org.opendaylight.netconf.shaded.sshd.client.auth.password.PasswordIdentityProvider;
import org.opendaylight.netconf.shaded.sshd.client.auth.password.UserAuthPasswordFactory;
import org.opendaylight.netconf.shaded.sshd.client.auth.pubkey.UserAuthPublicKeyFactory;
import org.opendaylight.netconf.shaded.sshd.common.keyprovider.KeyIdentityProvider;
import org.opendaylight.netconf.shaded.sshd.netty.NettyIoServiceFactoryFactory;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.password.grouping.PasswordType;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.crypto.types.rev240208.password.grouping.password.type.CleartextPassword;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ClientIdentity;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.Keepalives;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.ServerAuthentication;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.client.identity.Hostbased;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.client.identity.Password;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.common.rev240208.TransportParamsGrouping;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/opendaylight/netconf/transport/ssh/TransportSshClient.class */
public final class TransportSshClient extends SshClient {

    /* loaded from: input_file:org/opendaylight/netconf/transport/ssh/TransportSshClient$Builder.class */
    static final class Builder extends ClientBuilder {
        private final NettyIoServiceFactoryFactory ioServiceFactory;
        private final ScheduledExecutorService executorService;
        private ClientFactoryManagerConfigurator configurator;
        private Keepalives keepAlives;
        private ClientIdentity clientIdentity;

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder(NettyIoServiceFactoryFactory nettyIoServiceFactoryFactory, ScheduledExecutorService scheduledExecutorService) {
            this.ioServiceFactory = (NettyIoServiceFactoryFactory) Objects.requireNonNull(nettyIoServiceFactoryFactory);
            this.executorService = (ScheduledExecutorService) Objects.requireNonNull(scheduledExecutorService);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder transportParams(TransportParamsGrouping transportParamsGrouping) throws UnsupportedConfigurationException {
            ConfigUtils.setTransportParams(this, transportParamsGrouping, TransportUtils::getClientKexFactories);
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder keepAlives(Keepalives keepalives) {
            this.keepAlives = keepalives;
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder clientIdentity(ClientIdentity clientIdentity) {
            this.clientIdentity = clientIdentity;
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder serverAuthentication(ServerAuthentication serverAuthentication) throws UnsupportedConfigurationException {
            ServerPublicKeyVerifier serverPublicKeyVerifier;
            if (serverAuthentication != null) {
                ImmutableList build = ImmutableList.builder().addAll((Iterable) ConfigUtils.extractCertificates(serverAuthentication.getCaCerts())).addAll((Iterable) ConfigUtils.extractCertificates(serverAuthentication.getEeCerts())).build();
                List<PublicKey> extractPublicKeys = ConfigUtils.extractPublicKeys(serverAuthentication.getSshHostKeys());
                if (build.isEmpty() && extractPublicKeys.isEmpty()) {
                    throw new UnsupportedConfigurationException("Server authentication should contain either ssh-host-keys, or ca-certs, or ee-certs");
                }
                serverPublicKeyVerifier = new ServerPublicKeyVerifier(build, extractPublicKeys);
            } else {
                serverPublicKeyVerifier = null;
            }
            serverKeyVerifier(serverPublicKeyVerifier);
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder configurator(ClientFactoryManagerConfigurator clientFactoryManagerConfigurator) {
            this.configurator = clientFactoryManagerConfigurator;
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public TransportSshClient buildChecked() throws UnsupportedConfigurationException {
            TransportSshClient transportSshClient = (TransportSshClient) super.build2(true);
            if (this.keepAlives != null) {
                ConfigUtils.setKeepAlives(transportSshClient, this.keepAlives.getMaxWait(), this.keepAlives.getMaxAttempts());
            } else {
                ConfigUtils.setKeepAlives(transportSshClient, null, null);
            }
            if (this.clientIdentity == null) {
                throw new UnsupportedConfigurationException("Client parameters are required");
            }
            String username = this.clientIdentity.getUsername();
            if (username == null) {
                throw new UnsupportedConfigurationException("Client parameters are missing username");
            }
            if (this.clientIdentity != null && this.clientIdentity.getNone() == null) {
                setClientIdentity(transportSshClient, this.clientIdentity, this.configurator == null);
            }
            if (this.configurator != null) {
                this.configurator.configureClientFactoryManager(transportSshClient);
            }
            transportSshClient.setIoServiceFactoryFactory(this.ioServiceFactory);
            transportSshClient.setScheduledExecutorService(this.executorService);
            try {
                transportSshClient.checkConfig();
                transportSshClient.setSessionFactory(new TransportClientSessionFactory(transportSshClient, username));
                return transportSshClient;
            } catch (IllegalArgumentException e) {
                throw new UnsupportedConfigurationException("Inconsistent client configuration", e);
            }
        }

        @Override // org.opendaylight.netconf.shaded.sshd.common.BaseBuilder, org.opendaylight.netconf.shaded.sshd.common.util.ObjectBuilder
        @Deprecated(forRemoval = true)
        @DoNotCall("Always throws UnsupportedOperationException")
        public TransportSshClient build() {
            throw new UnsupportedOperationException();
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.opendaylight.netconf.shaded.sshd.client.ClientBuilder, org.opendaylight.netconf.shaded.sshd.common.BaseBuilder
        @Deprecated(forRemoval = true)
        @DoNotCall("Always throws UnsupportedOperationException")
        /* renamed from: build */
        public SshClient build2(boolean z) {
            throw new UnsupportedOperationException();
        }

        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.opendaylight.netconf.shaded.sshd.client.ClientBuilder, org.opendaylight.netconf.shaded.sshd.common.BaseBuilder
        public ClientBuilder fillWithDefaultValues() {
            if (this.factory == null) {
                this.factory = TransportSshClient::new;
            }
            return super.fillWithDefaultValues();
        }

        private static void setClientIdentity(TransportSshClient transportSshClient, ClientIdentity clientIdentity, boolean z) throws UnsupportedConfigurationException {
            ImmutableList.Builder builder = ImmutableList.builder();
            Password password = clientIdentity.getPassword();
            if (password != null) {
                PasswordType passwordType = password.getPasswordType();
                if (passwordType instanceof CleartextPassword) {
                    transportSshClient.setPasswordIdentityProvider(PasswordIdentityProvider.wrapPasswords(((CleartextPassword) passwordType).requireCleartextPassword()));
                    builder.add((ImmutableList.Builder) new UserAuthPasswordFactory());
                }
            }
            Hostbased hostbased = clientIdentity.getHostbased();
            if (hostbased != null) {
                KeyPair extractKeyPair = ConfigUtils.extractKeyPair(hostbased.getInlineOrKeystore());
                UserAuthHostBasedFactory userAuthHostBasedFactory = new UserAuthHostBasedFactory();
                userAuthHostBasedFactory.setClientHostKeys(HostKeyIdentityProvider.wrap(extractKeyPair));
                userAuthHostBasedFactory.setClientUsername(clientIdentity.getUsername());
                userAuthHostBasedFactory.setClientHostname(null);
                userAuthHostBasedFactory.setSignatureFactories(transportSshClient.getSignatureFactories());
                builder.add((ImmutableList.Builder) userAuthHostBasedFactory);
            }
            org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.client.rev240208.ssh.client.grouping.client.identity.PublicKey publicKey = clientIdentity.getPublicKey();
            if (publicKey != null) {
                transportSshClient.setKeyIdentityProvider(KeyIdentityProvider.wrapKeyPairs(ConfigUtils.extractKeyPair(publicKey.getInlineOrKeystore())));
                UserAuthPublicKeyFactory userAuthPublicKeyFactory = new UserAuthPublicKeyFactory();
                userAuthPublicKeyFactory.setSignatureFactories(transportSshClient.getSignatureFactories());
                builder.add((ImmutableList.Builder) userAuthPublicKeyFactory);
            }
            ImmutableList build = builder.build();
            if (!build.isEmpty()) {
                transportSshClient.setUserAuthFactories(build);
            } else if (z) {
                throw new UnsupportedConfigurationException("Client Identity has no authentication mechanism defined");
            }
        }
    }

    private TransportSshClient() {
    }

    @Override // org.opendaylight.netconf.shaded.sshd.client.SshClient
    @Deprecated(forRemoval = true)
    @DoNotCall("Always throws UnsupportedOperationException")
    public void start() {
        throw new UnsupportedOperationException();
    }

    @Override // org.opendaylight.netconf.shaded.sshd.client.SshClient
    @Deprecated(forRemoval = true)
    @DoNotCall("Always throws UnsupportedOperationException")
    public void stop() {
        throw new UnsupportedOperationException();
    }
}
