package org.apache.sshd.client.config.keys;

import java.io.IOException;
import java.nio.file.Path;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.PublicKey;
import java.util.AbstractMap;
import java.util.Objects;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Supplier;
import org.apache.sshd.common.config.keys.FilePasswordProvider;
import org.apache.sshd.common.config.keys.KeyUtils;
import org.apache.sshd.common.util.io.IoUtils;
import org.apache.sshd.common.util.io.ModifiableFileWatcher;

/* loaded from: classes.dex */
public class ClientIdentityFileWatcher extends ModifiableFileWatcher implements ClientIdentityProvider {
    public final AtomicReference<KeyPair> identityHolder;
    public final Supplier<ClientIdentityLoader> loaderHolder;
    public final Supplier<FilePasswordProvider> providerHolder;
    public final boolean strict;

    public ClientIdentityFileWatcher(Path path, Supplier<ClientIdentityLoader> supplier, Supplier<FilePasswordProvider> supplier2, boolean z) {
        super(path);
        this.identityHolder = new AtomicReference<>(null);
        Objects.requireNonNull(supplier, "No client identity loader");
        this.loaderHolder = supplier;
        Objects.requireNonNull(supplier2, "No password provider");
        this.providerHolder = supplier2;
        this.strict = z;
    }

    @Override // org.apache.sshd.client.config.keys.ClientIdentityProvider
    public KeyPair getClientIdentity() throws IOException, GeneralSecurityException {
        if (checkReloadRequired()) {
            KeyPair andSet = this.identityHolder.getAndSet(null);
            Path path = getPath();
            if (exists()) {
                KeyPair reloadClientIdentity = reloadClientIdentity(path);
                if (!KeyUtils.compareKeyPairs(andSet, reloadClientIdentity) && this.log.isDebugEnabled()) {
                    this.log.debug("getClientIdentity({}) identity {}", path, andSet == null ? "loaded" : "re-loaded");
                }
                updateReloadAttributes();
                this.identityHolder.set(reloadClientIdentity);
            }
        }
        return this.identityHolder.get();
    }

    public final ClientIdentityLoader getClientIdentityLoader() {
        return this.loaderHolder.get();
    }

    public final FilePasswordProvider getFilePasswordProvider() {
        return this.providerHolder.get();
    }

    public final boolean isStrict() {
        return this.strict;
    }

    public KeyPair reloadClientIdentity(Path path) throws IOException, GeneralSecurityException {
        AbstractMap.SimpleImmutableEntry<String, Object> validateStrictKeyFilePermissions;
        if (isStrict() && (validateStrictKeyFilePermissions = KeyUtils.validateStrictKeyFilePermissions(path, IoUtils.EMPTY_LINK_OPTIONS)) != null) {
            if (this.log.isDebugEnabled()) {
                this.log.debug("reloadClientIdentity({}) ignore due to {}", path, validateStrictKeyFilePermissions.getKey());
            }
            return null;
        }
        String path2 = path.toString();
        ClientIdentityLoader clientIdentityLoader = getClientIdentityLoader();
        Objects.requireNonNull(clientIdentityLoader, "No client identity loader");
        ClientIdentityLoader clientIdentityLoader2 = clientIdentityLoader;
        if (!clientIdentityLoader2.isValidLocation(path2)) {
            if (this.log.isDebugEnabled()) {
                this.log.debug("reloadClientIdentity({}) invalid location", path2);
            }
            return null;
        }
        FilePasswordProvider filePasswordProvider = getFilePasswordProvider();
        Objects.requireNonNull(filePasswordProvider, "No file password provider");
        KeyPair loadClientIdentity = clientIdentityLoader2.loadClientIdentity(path2, filePasswordProvider);
        if (this.log.isTraceEnabled()) {
            PublicKey publicKey = loadClientIdentity != null ? loadClientIdentity.getPublic() : null;
            if (publicKey != null) {
                this.log.trace("reloadClientIdentity({}) loaded {}-{}", path2, KeyUtils.getKeyType(publicKey), KeyUtils.getFingerPrint(publicKey));
            } else {
                this.log.trace("reloadClientIdentity({}) no key loaded", path2);
            }
        }
        return loadClientIdentity;
    }
}
