package org.apache.sshd.common.auth;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.PublicKey;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicInteger;
import org.apache.sshd.client.SshClient;
import org.apache.sshd.client.future.AuthFuture;
import org.apache.sshd.client.future.ConnectFuture;
import org.apache.sshd.client.session.ClientSession;
import org.apache.sshd.common.config.keys.KeyUtils;
import org.apache.sshd.common.session.Session;
import org.apache.sshd.common.session.SessionContext;
import org.apache.sshd.common.util.security.SecurityUtils;
import org.apache.sshd.core.CoreModuleProperties;
import org.apache.sshd.server.SshServer;
import org.apache.sshd.server.auth.pubkey.CachingPublicKeyAuthenticator;
import org.apache.sshd.server.auth.pubkey.PublickeyAuthenticator;
import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
import org.apache.sshd.server.session.ServerSession;
import org.apache.sshd.util.test.BaseTestSupport;
import org.apache.sshd.util.test.CommonTestSupportUtils;
import org.junit.After;
import org.junit.Assume;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.FixMethodOrder;
import org.junit.Test;
import org.junit.runners.MethodSorters;

@FixMethodOrder(MethodSorters.NAME_ASCENDING)
/* loaded from: input_file:org/apache/sshd/common/auth/SinglePublicKeyAuthTest.class */
public class SinglePublicKeyAuthTest extends BaseTestSupport {
    private SshServer sshd;
    private int port;
    private final KeyPair kpGood;
    private final KeyPair kpBad;
    private PublickeyAuthenticator delegate;

    /* loaded from: input_file:org/apache/sshd/common/auth/SinglePublicKeyAuthTest$TestCachingPublicKeyAuthenticator.class */
    public static class TestCachingPublicKeyAuthenticator extends CachingPublicKeyAuthenticator {
        private final Map<Session, Map<PublicKey, Boolean>> cache;

        public TestCachingPublicKeyAuthenticator(PublickeyAuthenticator publickeyAuthenticator) {
            super(publickeyAuthenticator);
            this.cache = new ConcurrentHashMap();
        }

        public Map<Session, Map<PublicKey, Boolean>> getCache() {
            return this.cache;
        }

        protected Map<PublicKey, Boolean> resolveCachedResults(String str, PublicKey publicKey, ServerSession serverSession) {
            Map<PublicKey, Boolean> computeIfAbsent = this.cache.computeIfAbsent(serverSession, session -> {
                return new ConcurrentHashMap();
            });
            return (Map) serverSession.computeAttributeIfAbsent(CACHE_ATTRIBUTE, attributeKey -> {
                return computeIfAbsent;
            });
        }
    }

    public SinglePublicKeyAuthTest() throws IOException, GeneralSecurityException {
        SimpleGeneratorHostKeyProvider simpleGeneratorHostKeyProvider = new SimpleGeneratorHostKeyProvider();
        simpleGeneratorHostKeyProvider.setAlgorithm("EC");
        simpleGeneratorHostKeyProvider.setKeySize(256);
        simpleGeneratorHostKeyProvider.setPath(detectTargetFolder().resolve(getClass().getSimpleName() + "-key"));
        this.kpBad = simpleGeneratorHostKeyProvider.loadKey((SessionContext) null, CommonTestSupportUtils.DEFAULT_TEST_HOST_KEY_TYPE);
        this.kpGood = createTestHostKeyProvider().loadKey((SessionContext) null, CommonTestSupportUtils.DEFAULT_TEST_HOST_KEY_TYPE);
    }

    @BeforeClass
    public static void ensureBouncycastleRegistered() {
        Assume.assumeTrue("Requires BC security provider", SecurityUtils.isBouncyCastleRegistered());
    }

    @Before
    public void setUp() throws Exception {
        this.sshd = setupTestFullSupportServer();
        CoreModuleProperties.AUTH_METHODS.set(this.sshd, "publickey");
        this.sshd.setPublickeyAuthenticator((str, publicKey, serverSession) -> {
            return this.delegate.authenticate(str, publicKey, serverSession);
        });
        this.sshd.start();
        this.port = this.sshd.getPort();
    }

    @After
    public void tearDown() throws Exception {
        if (this.sshd != null) {
            this.sshd.stop(true);
        }
    }

    /* JADX WARN: Finally extract failed */
    @Test
    public void testPublicKeyAuthWithCache() throws Exception {
        ConcurrentHashMap concurrentHashMap = new ConcurrentHashMap();
        this.delegate = new TestCachingPublicKeyAuthenticator((str, publicKey, serverSession) -> {
            ((AtomicInteger) concurrentHashMap.computeIfAbsent(KeyUtils.getFingerPrint(publicKey), str -> {
                return new AtomicInteger();
            })).incrementAndGet();
            return publicKey.equals(this.kpGood.getPublic());
        });
        SshClient sshClient = setupTestClient();
        Throwable th = null;
        try {
            sshClient.start();
            try {
                ClientSession session = ((ConnectFuture) sshClient.connect(getCurrentTestName(), TEST_LOCALHOST, this.port).verify(CONNECT_TIMEOUT)).getSession();
                Throwable th2 = null;
                try {
                    try {
                        session.addPublicKeyIdentity(this.kpBad);
                        session.addPublicKeyIdentity(this.kpGood);
                        session.auth().verify(AUTH_TIMEOUT);
                        assertEquals("Mismatched authentication invocations count", 2L, concurrentHashMap.size());
                        assertEquals("Mismatched cache size", 1L, r0.getCache().size());
                        assertNotNull("Missing bad public key", (AtomicInteger) concurrentHashMap.get(KeyUtils.getFingerPrint(this.kpBad.getPublic())));
                        assertEquals("Mismatched bad key authentication attempts", 1L, r0.get());
                        assertNotNull("Missing good public key", (AtomicInteger) concurrentHashMap.get(KeyUtils.getFingerPrint(this.kpGood.getPublic())));
                        assertEquals("Mismatched good key authentication attempts", 1L, r0.get());
                        if (session != null) {
                            if (0 != 0) {
                                try {
                                    session.close();
                                } catch (Throwable th3) {
                                    th2.addSuppressed(th3);
                                }
                            } else {
                                session.close();
                            }
                        }
                        sshClient.stop();
                        if (sshClient != null) {
                            if (0 == 0) {
                                sshClient.close();
                                return;
                            }
                            try {
                                sshClient.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        }
                    } catch (Throwable th5) {
                        th2 = th5;
                        throw th5;
                    }
                } catch (Throwable th6) {
                    if (session != null) {
                        if (th2 != null) {
                            try {
                                session.close();
                            } catch (Throwable th7) {
                                th2.addSuppressed(th7);
                            }
                        } else {
                            session.close();
                        }
                    }
                    throw th6;
                }
            } catch (Throwable th8) {
                sshClient.stop();
                throw th8;
            }
        } catch (Throwable th9) {
            if (sshClient != null) {
                if (0 != 0) {
                    try {
                        sshClient.close();
                    } catch (Throwable th10) {
                        th.addSuppressed(th10);
                    }
                } else {
                    sshClient.close();
                }
            }
            throw th9;
        }
    }

    /* JADX WARN: Finally extract failed */
    @Test
    public void testPublicKeyAuthWithoutCache() throws Exception {
        ConcurrentHashMap concurrentHashMap = new ConcurrentHashMap();
        this.delegate = (str, publicKey, serverSession) -> {
            ((AtomicInteger) concurrentHashMap.computeIfAbsent(KeyUtils.getFingerPrint(publicKey), str -> {
                return new AtomicInteger();
            })).incrementAndGet();
            return publicKey.equals(this.kpGood.getPublic());
        };
        SshClient sshClient = setupTestClient();
        Throwable th = null;
        try {
            sshClient.start();
            try {
                ClientSession session = ((ConnectFuture) sshClient.connect(getCurrentTestName(), TEST_LOCALHOST, this.port).verify(CONNECT_TIMEOUT)).getSession();
                Throwable th2 = null;
                try {
                    session.addPublicKeyIdentity(this.kpBad);
                    session.addPublicKeyIdentity(this.kpGood);
                    AuthFuture auth = session.auth();
                    assertTrue("Failed to authenticate on time", auth.await(AUTH_TIMEOUT));
                    assertTrue("Authentication failed", auth.isSuccess());
                    if (session != null) {
                        if (0 != 0) {
                            try {
                                session.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            session.close();
                        }
                    }
                    sshClient.stop();
                    assertEquals("Mismatched attempted keys count", 2L, concurrentHashMap.size());
                    assertNotNull("Missing bad key", (Number) concurrentHashMap.get(KeyUtils.getFingerPrint(this.kpBad.getPublic())));
                    assertEquals("Mismatched attempt index for bad key", 1L, r0.intValue());
                    assertNotNull("Missing good key", (Number) concurrentHashMap.get(KeyUtils.getFingerPrint(this.kpGood.getPublic())));
                    assertEquals("Mismatched attempt index for good key", 2L, r0.intValue());
                } catch (Throwable th4) {
                    if (session != null) {
                        if (0 != 0) {
                            try {
                                session.close();
                            } catch (Throwable th5) {
                                th2.addSuppressed(th5);
                            }
                        } else {
                            session.close();
                        }
                    }
                    throw th4;
                }
            } catch (Throwable th6) {
                sshClient.stop();
                throw th6;
            }
        } finally {
            if (sshClient != null) {
                if (0 != 0) {
                    try {
                        sshClient.close();
                    } catch (Throwable th7) {
                        th.addSuppressed(th7);
                    }
                } else {
                    sshClient.close();
                }
            }
        }
    }
}
