package io.lighty.modules.southbound.netconf.impl.util;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.lighty.aaa.encrypt.service.impl.AAAEncryptionServiceImpl;
import io.lighty.core.controller.api.LightyServices;
import io.lighty.core.controller.impl.config.ConfigurationException;
import io.lighty.modules.southbound.netconf.impl.config.NetconfConfiguration;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.util.Base64;
import java.util.Set;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.opendaylight.aaa.encrypt.AAAEncryptionService;
import org.opendaylight.netconf.client.NetconfClientDispatcherImpl;
import org.opendaylight.yang.gen.v1.config.aaa.authn.encrypt.service.config.rev160915.AaaEncryptServiceConfig;
import org.opendaylight.yang.gen.v1.config.aaa.authn.encrypt.service.config.rev160915.AaaEncryptServiceConfigBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev171017.$YangModuleInfoImpl;
import org.opendaylight.yangtools.yang.binding.YangModuleInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/lighty/modules/southbound/netconf/impl/util/NetconfConfigUtils.class */
public final class NetconfConfigUtils {
    public static final String NETCONF_CONFIG_ROOT_ELEMENT_NAME = "netconf";
    public static final Set<YangModuleInfo> NETCONF_TOPOLOGY_MODELS = Set.of($YangModuleInfoImpl.getInstance(), org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev221225.$YangModuleInfoImpl.getInstance(), org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.optional.rev221225.$YangModuleInfoImpl.getInstance(), org.opendaylight.yang.gen.v1.urn.opendaylight.yang.extension.yang.ext.rev130709.$YangModuleInfoImpl.getInstance(), org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.netconf.base._1._0.rev110601.$YangModuleInfoImpl.getInstance(), org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.netconf.monitoring.rev101004.$YangModuleInfoImpl.getInstance(), org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.library.rev190104.$YangModuleInfoImpl.getInstance());
    public static final Set<YangModuleInfo> NETCONF_CALLHOME_MODELS = Set.of(org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.netconf.callhome.server.rev230428.$YangModuleInfoImpl.getInstance());
    private static final Logger LOG = LoggerFactory.getLogger(NetconfConfigUtils.class);
    private static final SecureRandom RANDOM = new SecureRandom();

    private NetconfConfigUtils() {
    }

    public static NetconfConfiguration createNetconfConfiguration(InputStream inputStream) throws ConfigurationException {
        ObjectMapper objectMapper = new ObjectMapper();
        try {
            JsonNode readTree = objectMapper.readTree(inputStream);
            if (!readTree.has(NETCONF_CONFIG_ROOT_ELEMENT_NAME)) {
                LOG.warn("Json config does not contain {} element. Using defaults.", NETCONF_CONFIG_ROOT_ELEMENT_NAME);
                return createDefaultNetconfConfiguration();
            }
            try {
                return (NetconfConfiguration) objectMapper.treeToValue(readTree.path(NETCONF_CONFIG_ROOT_ELEMENT_NAME), NetconfConfiguration.class);
            } catch (JsonProcessingException e) {
                throw new ConfigurationException(String.format("Cannot bind Json tree to type: %s", NetconfConfiguration.class), e);
            }
        } catch (IOException e2) {
            throw new ConfigurationException("Cannot deserialize Json content to Json tree nodes", e2);
        }
    }

    public static NetconfConfiguration createDefaultNetconfConfiguration() {
        return new NetconfConfiguration();
    }

    public static NetconfConfiguration injectServicesToConfig(NetconfConfiguration netconfConfiguration) throws ConfigurationException {
        netconfConfiguration.setAaaService(createAAAEncryptionService(getDefaultAaaEncryptServiceConfig()));
        return netconfConfiguration;
    }

    public static NetconfConfiguration injectServicesToTopologyConfig(NetconfConfiguration netconfConfiguration, LightyServices lightyServices) throws ConfigurationException {
        injectServicesToConfig(netconfConfiguration);
        injectClient(lightyServices, netconfConfiguration);
        return netconfConfiguration;
    }

    public static AaaEncryptServiceConfig getDefaultAaaEncryptServiceConfig() {
        byte[] bArr = new byte[16];
        RANDOM.nextBytes(bArr);
        return new AaaEncryptServiceConfigBuilder().setEncryptKey("V1S1ED4OMeEh").setPasswordLength(12).setEncryptSalt(new String(Base64.getEncoder().encode(bArr), StandardCharsets.UTF_8)).setEncryptMethod("PBKDF2WithHmacSHA1").setEncryptType("AES").setEncryptIterationCount(32768).setEncryptKeyLength(128).setCipherTransforms("AES/CBC/PKCS5Padding").build();
    }

    public static AAAEncryptionService createAAAEncryptionService(AaaEncryptServiceConfig aaaEncryptServiceConfig) throws ConfigurationException {
        byte[] decode = Base64.getDecoder().decode(aaaEncryptServiceConfig.getEncryptSalt());
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(SecretKeyFactory.getInstance(aaaEncryptServiceConfig.getEncryptMethod()).generateSecret(new PBEKeySpec(aaaEncryptServiceConfig.getEncryptKey().toCharArray(), decode, aaaEncryptServiceConfig.getEncryptIterationCount().intValue(), aaaEncryptServiceConfig.getEncryptKeyLength().intValue())).getEncoded(), aaaEncryptServiceConfig.getEncryptType());
            IvParameterSpec ivParameterSpec = new IvParameterSpec(decode);
            Cipher cipher = Cipher.getInstance(aaaEncryptServiceConfig.getCipherTransforms());
            cipher.init(1, secretKeySpec, ivParameterSpec);
            Cipher cipher2 = Cipher.getInstance(aaaEncryptServiceConfig.getCipherTransforms());
            cipher2.init(2, secretKeySpec, ivParameterSpec);
            return new AAAEncryptionServiceImpl(cipher, cipher2);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | InvalidKeySpecException | NoSuchPaddingException e) {
            throw new ConfigurationException(e);
        }
    }

    private static NetconfConfiguration injectClient(LightyServices lightyServices, NetconfConfiguration netconfConfiguration) {
        netconfConfiguration.setClientDispatcher(new NetconfClientDispatcherImpl(lightyServices.getBossGroup(), lightyServices.getWorkerGroup(), lightyServices.getTimer()));
        return netconfConfiguration;
    }
}
