package org.opendaylight.netconf.transport.ssh;

import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.errorprone.annotations.DoNotCall;
import java.security.KeyPair;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.ScheduledExecutorService;
import org.opendaylight.netconf.shaded.sshd.common.channel.ChannelFactory;
import org.opendaylight.netconf.shaded.sshd.common.keyprovider.KeyPairProvider;
import org.opendaylight.netconf.shaded.sshd.netty.NettyIoServiceFactoryFactory;
import org.opendaylight.netconf.shaded.sshd.server.ServerBuilder;
import org.opendaylight.netconf.shaded.sshd.server.SshServer;
import org.opendaylight.netconf.shaded.sshd.server.auth.hostbased.UserAuthHostBasedFactory;
import org.opendaylight.netconf.shaded.sshd.server.auth.password.UserAuthPasswordFactory;
import org.opendaylight.netconf.shaded.sshd.server.auth.pubkey.UserAuthPublicKeyFactory;
import org.opendaylight.netconf.shaded.sshd.server.forward.DirectTcpipFactory;
import org.opendaylight.netconf.transport.api.UnsupportedConfigurationException;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.iana.crypt.hash.rev140806.CryptHash;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.SshServerGrouping;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.ClientAuthentication;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.Keepalives;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.ServerIdentity;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.client.authentication.Users;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.client.authentication.users.User;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.client.authentication.users.UserKey;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.client.authentication.users.user.Hostbased;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.client.authentication.users.user.PublicKeys;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.ssh.server.rev240208.ssh.server.grouping.server.identity.HostKey;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/opendaylight/netconf/transport/ssh/TransportSshServer.class */
public final class TransportSshServer extends SshServer {

    /* loaded from: input_file:org/opendaylight/netconf/transport/ssh/TransportSshServer$Builder.class */
    static final class Builder extends ServerBuilder {
        private static final List<ChannelFactory> CHANNEL_FACTORIES = List.of(TransportChannelSessionFactory.INSTANCE, DirectTcpipFactory.INSTANCE);
        private final NettyIoServiceFactoryFactory ioServiceFactory;
        private final ScheduledExecutorService executorService;
        private ServerFactoryManagerConfigurator configurator;
        private ClientAuthentication clientAuthentication;
        private ServerIdentity serverIdentity;
        private Keepalives keepAlives;

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder(NettyIoServiceFactoryFactory nettyIoServiceFactoryFactory, ScheduledExecutorService scheduledExecutorService) {
            this.ioServiceFactory = (NettyIoServiceFactoryFactory) Objects.requireNonNull(nettyIoServiceFactoryFactory);
            this.executorService = (ScheduledExecutorService) Objects.requireNonNull(scheduledExecutorService);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder serverParams(SshServerGrouping sshServerGrouping) throws UnsupportedConfigurationException {
            if (sshServerGrouping != null) {
                ConfigUtils.setTransportParams(this, sshServerGrouping.getTransportParams(), TransportUtils::getServerKexFactories);
                this.keepAlives = sshServerGrouping.getKeepalives();
                this.serverIdentity = sshServerGrouping.getServerIdentity();
                if (this.serverIdentity == null) {
                    throw new UnsupportedConfigurationException("Server identity configuration is required");
                }
                this.clientAuthentication = sshServerGrouping.getClientAuthentication();
            }
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Builder configurator(ServerFactoryManagerConfigurator serverFactoryManagerConfigurator) {
            this.configurator = serverFactoryManagerConfigurator;
            return this;
        }

        @Override // org.opendaylight.netconf.shaded.sshd.common.BaseBuilder, org.opendaylight.netconf.shaded.sshd.common.util.ObjectBuilder
        @Deprecated(forRemoval = true)
        @DoNotCall("Always throws UnsupportedOperationException")
        public TransportSshServer build() {
            throw new UnsupportedOperationException();
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.opendaylight.netconf.shaded.sshd.server.ServerBuilder, org.opendaylight.netconf.shaded.sshd.common.BaseBuilder
        @Deprecated(forRemoval = true)
        @DoNotCall("Always throws UnsupportedOperationException")
        /* renamed from: build, reason: merged with bridge method [inline-methods] */
        public SshServer build2(boolean z) {
            throw new UnsupportedOperationException();
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public TransportSshServer buildChecked() throws UnsupportedConfigurationException {
            TransportSshServer transportSshServer = (TransportSshServer) super.build2(true);
            if (this.keepAlives != null) {
                ConfigUtils.setKeepAlives(transportSshServer, this.keepAlives.getMaxWait(), this.keepAlives.getMaxAttempts());
            } else {
                ConfigUtils.setKeepAlives(transportSshServer, null, null);
            }
            if (this.serverIdentity != null) {
                setServerIdentity(transportSshServer, this.serverIdentity);
            }
            if (this.clientAuthentication != null) {
                setClientAuthentication(transportSshServer, this.clientAuthentication);
            }
            if (this.configurator != null) {
                this.configurator.configureServerFactoryManager(transportSshServer);
            }
            transportSshServer.setIoServiceFactoryFactory(this.ioServiceFactory);
            transportSshServer.setScheduledExecutorService(this.executorService);
            try {
                transportSshServer.checkConfig();
                transportSshServer.setSessionFactory(new TransportServerSessionFactory(transportSshServer));
                return transportSshServer;
            } catch (IllegalArgumentException e) {
                throw new UnsupportedConfigurationException("Inconsistent client configuration", e);
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.opendaylight.netconf.shaded.sshd.server.ServerBuilder, org.opendaylight.netconf.shaded.sshd.common.BaseBuilder
        public ServerBuilder fillWithDefaultValues() {
            if (this.channelFactories == null) {
                this.channelFactories = CHANNEL_FACTORIES;
            }
            if (this.factory == null) {
                this.factory = TransportSshServer::new;
            }
            return super.fillWithDefaultValues();
        }

        private static void setServerIdentity(TransportSshServer transportSshServer, ServerIdentity serverIdentity) throws UnsupportedConfigurationException {
            List<HostKey> hostKey = serverIdentity.getHostKey();
            if (hostKey == null || hostKey.isEmpty()) {
                throw new UnsupportedConfigurationException("Host keys is missing in server identity configuration");
            }
            List<KeyPair> extractServerHostKeys = ConfigUtils.extractServerHostKeys(hostKey);
            if (extractServerHostKeys.isEmpty()) {
                return;
            }
            transportSshServer.setKeyPairProvider(KeyPairProvider.wrap(extractServerHostKeys));
        }

        private static void setClientAuthentication(TransportSshServer transportSshServer, ClientAuthentication clientAuthentication) throws UnsupportedConfigurationException {
            Map<UserKey, User> user;
            Users users = clientAuthentication.getUsers();
            if (users == null || (user = users.getUser()) == null) {
                return;
            }
            ImmutableMap.Builder builder = ImmutableMap.builder();
            ImmutableMap.Builder builder2 = ImmutableMap.builder();
            ImmutableMap.Builder builder3 = ImmutableMap.builder();
            for (Map.Entry<UserKey, User> entry : user.entrySet()) {
                String name = entry.getKey().getName();
                User value = entry.getValue();
                CryptHash hashedPassword = value.nonnullPassword().getHashedPassword();
                if (hashedPassword != null) {
                    builder.put(name, hashedPassword.getValue());
                }
                Hostbased hostbased = value.getHostbased();
                if (hostbased != null) {
                    builder2.put(name, ConfigUtils.extractPublicKeys(hostbased.getInlineOrTruststore()));
                }
                PublicKeys publicKeys = value.getPublicKeys();
                if (publicKeys != null) {
                    builder3.put(name, ConfigUtils.extractPublicKeys(publicKeys.getInlineOrTruststore()));
                }
            }
            ImmutableList.Builder builder4 = ImmutableList.builder();
            ImmutableMap build = builder.build();
            if (!build.isEmpty()) {
                builder4.add((ImmutableList.Builder) new UserAuthPasswordFactory());
                transportSshServer.setPasswordAuthenticator(new CryptHashPasswordAuthenticator(build));
            }
            ImmutableMap build2 = builder2.build();
            if (!build2.isEmpty()) {
                UserAuthHostBasedFactory userAuthHostBasedFactory = new UserAuthHostBasedFactory();
                userAuthHostBasedFactory.setSignatureFactories(transportSshServer.getSignatureFactories());
                builder4.add((ImmutableList.Builder) userAuthHostBasedFactory);
                transportSshServer.setHostBasedAuthenticator(new UserPublicKeyAuthenticator(build2));
            }
            ImmutableMap build3 = builder3.build();
            if (!build3.isEmpty()) {
                UserAuthPublicKeyFactory userAuthPublicKeyFactory = new UserAuthPublicKeyFactory();
                userAuthPublicKeyFactory.setSignatureFactories(transportSshServer.getSignatureFactories());
                builder4.add((ImmutableList.Builder) userAuthPublicKeyFactory);
                transportSshServer.setPublickeyAuthenticator(new UserPublicKeyAuthenticator(build3));
            }
            transportSshServer.setUserAuthFactories(builder4.build());
        }
    }

    private TransportSshServer() {
    }

    @Override // org.opendaylight.netconf.shaded.sshd.server.SshServer
    @Deprecated(forRemoval = true)
    @DoNotCall("Always throws UnsupportedOperationException")
    public void start() {
        throw new UnsupportedOperationException();
    }

    @Override // org.opendaylight.netconf.shaded.sshd.server.SshServer
    @Deprecated(forRemoval = true)
    @DoNotCall("Always throws UnsupportedOperationException")
    public void stop() {
        throw new UnsupportedOperationException();
    }
}
