package org.apache.hadoop.crypto.key;

import com.google.gson.stream.JsonReader;
import com.google.gson.stream.JsonWriter;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.security.NoSuchAlgorithmException;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.crypto.KeyGenerator;
import org.apache.commons.io.Charsets;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.metrics2.sink.ganglia.AbstractGangliaSink;
import org.apache.solr.util.SystemIdResolver;
import org.springframework.beans.PropertyAccessor;

@InterfaceAudience.Public
@InterfaceStability.Unstable
/* loaded from: input_file:WEB-INF/lib/hadoop-common-2.7.4.jar:org/apache/hadoop/crypto/key/KeyProvider.class */
public abstract class KeyProvider {
    public static final String DEFAULT_CIPHER_NAME = "hadoop.security.key.default.cipher";
    public static final String DEFAULT_CIPHER = "AES/CTR/NoPadding";
    public static final String DEFAULT_BITLENGTH_NAME = "hadoop.security.key.default.bitlength";
    public static final int DEFAULT_BITLENGTH = 128;
    private final Configuration conf;

    /* loaded from: input_file:WEB-INF/lib/hadoop-common-2.7.4.jar:org/apache/hadoop/crypto/key/KeyProvider$KeyVersion.class */
    public static class KeyVersion {
        private final String name;
        private final String versionName;
        private final byte[] material;

        /* JADX INFO: Access modifiers changed from: protected */
        public KeyVersion(String str, String str2, byte[] bArr) {
            this.name = str;
            this.versionName = str2;
            this.material = bArr;
        }

        public String getName() {
            return this.name;
        }

        public String getVersionName() {
            return this.versionName;
        }

        public byte[] getMaterial() {
            return this.material;
        }

        public String toString() {
            StringBuilder sb = new StringBuilder();
            sb.append("key(");
            sb.append(this.versionName);
            sb.append(")=");
            if (this.material == null) {
                sb.append("null");
            } else {
                for (byte b : this.material) {
                    sb.append(' ');
                    int i = b & 255;
                    if (i < 16) {
                        sb.append('0');
                    }
                    sb.append(Integer.toHexString(i));
                }
            }
            return sb.toString();
        }
    }

    /* loaded from: input_file:WEB-INF/lib/hadoop-common-2.7.4.jar:org/apache/hadoop/crypto/key/KeyProvider$Metadata.class */
    public static class Metadata {
        private static final String CIPHER_FIELD = "cipher";
        private static final String BIT_LENGTH_FIELD = "bitLength";
        private static final String CREATED_FIELD = "created";
        private static final String DESCRIPTION_FIELD = "description";
        private static final String VERSIONS_FIELD = "versions";
        private static final String ATTRIBUTES_FIELD = "attributes";
        private final String cipher;
        private final int bitLength;
        private final String description;
        private final Date created;
        private int versions;
        private Map<String, String> attributes;

        /* JADX INFO: Access modifiers changed from: protected */
        public Metadata(String str, int i, String str2, Map<String, String> map, Date date, int i2) {
            this.cipher = str;
            this.bitLength = i;
            this.description = str2;
            this.attributes = (map == null || map.isEmpty()) ? null : map;
            this.created = date;
            this.versions = i2;
        }

        public String toString() {
            StringBuilder sb = new StringBuilder();
            sb.append("cipher: ").append(this.cipher).append(", ");
            sb.append("length: ").append(this.bitLength).append(", ");
            sb.append("description: ").append(this.description).append(", ");
            sb.append("created: ").append(this.created).append(", ");
            sb.append("version: ").append(this.versions).append(", ");
            sb.append("attributes: ");
            if (this.attributes == null || this.attributes.isEmpty()) {
                sb.append("null");
            } else {
                for (Map.Entry<String, String> entry : this.attributes.entrySet()) {
                    sb.append(PropertyAccessor.PROPERTY_KEY_PREFIX);
                    sb.append(entry.getKey());
                    sb.append(AbstractGangliaSink.EQUAL);
                    sb.append(entry.getValue());
                    sb.append("], ");
                }
                sb.deleteCharAt(sb.length() - 2);
            }
            return sb.toString();
        }

        public String getDescription() {
            return this.description;
        }

        public Date getCreated() {
            return this.created;
        }

        public String getCipher() {
            return this.cipher;
        }

        public Map<String, String> getAttributes() {
            return this.attributes == null ? Collections.EMPTY_MAP : this.attributes;
        }

        public String getAlgorithm() {
            int indexOf = this.cipher.indexOf(47);
            return indexOf == -1 ? this.cipher : this.cipher.substring(0, indexOf);
        }

        public int getBitLength() {
            return this.bitLength;
        }

        public int getVersions() {
            return this.versions;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        public int addVersion() {
            int i = this.versions;
            this.versions = i + 1;
            return i;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        public byte[] serialize() throws IOException {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            JsonWriter jsonWriter = new JsonWriter(new OutputStreamWriter(byteArrayOutputStream, Charsets.UTF_8));
            try {
                jsonWriter.beginObject();
                if (this.cipher != null) {
                    jsonWriter.name("cipher").value(this.cipher);
                }
                if (this.bitLength != 0) {
                    jsonWriter.name(BIT_LENGTH_FIELD).value(this.bitLength);
                }
                if (this.created != null) {
                    jsonWriter.name("created").value(this.created.getTime());
                }
                if (this.description != null) {
                    jsonWriter.name("description").value(this.description);
                }
                if (this.attributes != null && this.attributes.size() > 0) {
                    jsonWriter.name("attributes").beginObject();
                    for (Map.Entry<String, String> entry : this.attributes.entrySet()) {
                        jsonWriter.name(entry.getKey()).value(entry.getValue());
                    }
                    jsonWriter.endObject();
                }
                jsonWriter.name("versions").value(this.versions);
                jsonWriter.endObject();
                jsonWriter.flush();
                jsonWriter.close();
                return byteArrayOutputStream.toByteArray();
            } catch (Throwable th) {
                jsonWriter.close();
                throw th;
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        public Metadata(byte[] bArr) throws IOException {
            String str = null;
            int i = 0;
            Date date = null;
            int i2 = 0;
            String str2 = null;
            HashMap hashMap = null;
            JsonReader jsonReader = new JsonReader(new InputStreamReader(new ByteArrayInputStream(bArr), Charsets.UTF_8));
            try {
                jsonReader.beginObject();
                while (jsonReader.hasNext()) {
                    String nextName = jsonReader.nextName();
                    if ("cipher".equals(nextName)) {
                        str = jsonReader.nextString();
                    } else if (BIT_LENGTH_FIELD.equals(nextName)) {
                        i = jsonReader.nextInt();
                    } else if ("created".equals(nextName)) {
                        date = new Date(jsonReader.nextLong());
                    } else if ("versions".equals(nextName)) {
                        i2 = jsonReader.nextInt();
                    } else if ("description".equals(nextName)) {
                        str2 = jsonReader.nextString();
                    } else if ("attributes".equalsIgnoreCase(nextName)) {
                        jsonReader.beginObject();
                        hashMap = new HashMap();
                        while (jsonReader.hasNext()) {
                            hashMap.put(jsonReader.nextName(), jsonReader.nextString());
                        }
                        jsonReader.endObject();
                    }
                }
                jsonReader.endObject();
                jsonReader.close();
                this.cipher = str;
                this.bitLength = i;
                this.created = date;
                this.description = str2;
                this.attributes = hashMap;
                this.versions = i2;
            } catch (Throwable th) {
                jsonReader.close();
                throw th;
            }
        }
    }

    /* loaded from: input_file:WEB-INF/lib/hadoop-common-2.7.4.jar:org/apache/hadoop/crypto/key/KeyProvider$Options.class */
    public static class Options {
        private String cipher;
        private int bitLength;
        private String description;
        private Map<String, String> attributes;

        public Options(Configuration configuration) {
            this.cipher = configuration.get(KeyProvider.DEFAULT_CIPHER_NAME, "AES/CTR/NoPadding");
            this.bitLength = configuration.getInt(KeyProvider.DEFAULT_BITLENGTH_NAME, 128);
        }

        public Options setCipher(String str) {
            this.cipher = str;
            return this;
        }

        public Options setBitLength(int i) {
            this.bitLength = i;
            return this;
        }

        public Options setDescription(String str) {
            this.description = str;
            return this;
        }

        public Options setAttributes(Map<String, String> map) {
            if (map != null) {
                if (map.containsKey(null)) {
                    throw new IllegalArgumentException("attributes cannot have a NULL key");
                }
                this.attributes = new HashMap(map);
            }
            return this;
        }

        public String getCipher() {
            return this.cipher;
        }

        public int getBitLength() {
            return this.bitLength;
        }

        public String getDescription() {
            return this.description;
        }

        public Map<String, String> getAttributes() {
            return this.attributes == null ? Collections.EMPTY_MAP : this.attributes;
        }

        public String toString() {
            return "Options{cipher='" + this.cipher + "', bitLength=" + this.bitLength + ", description='" + this.description + "', attributes=" + this.attributes + '}';
        }
    }

    public KeyProvider(Configuration configuration) {
        this.conf = new Configuration(configuration);
    }

    public Configuration getConf() {
        return this.conf;
    }

    public static Options options(Configuration configuration) {
        return new Options(configuration);
    }

    public boolean isTransient() {
        return false;
    }

    public abstract KeyVersion getKeyVersion(String str) throws IOException;

    public abstract List<String> getKeys() throws IOException;

    public Metadata[] getKeysMetadata(String... strArr) throws IOException {
        Metadata[] metadataArr = new Metadata[strArr.length];
        for (int i = 0; i < strArr.length; i++) {
            metadataArr[i] = getMetadata(strArr[i]);
        }
        return metadataArr;
    }

    public abstract List<KeyVersion> getKeyVersions(String str) throws IOException;

    public KeyVersion getCurrentKey(String str) throws IOException {
        Metadata metadata = getMetadata(str);
        if (metadata == null) {
            return null;
        }
        return getKeyVersion(buildVersionName(str, metadata.getVersions() - 1));
    }

    public abstract Metadata getMetadata(String str) throws IOException;

    public abstract KeyVersion createKey(String str, byte[] bArr, Options options) throws IOException;

    private String getAlgorithm(String str) {
        int indexOf = str.indexOf(47);
        return indexOf == -1 ? str : str.substring(0, indexOf);
    }

    protected byte[] generateKey(int i, String str) throws NoSuchAlgorithmException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(getAlgorithm(str));
        keyGenerator.init(i);
        return keyGenerator.generateKey().getEncoded();
    }

    public KeyVersion createKey(String str, Options options) throws NoSuchAlgorithmException, IOException {
        return createKey(str, generateKey(options.getBitLength(), options.getCipher()), options);
    }

    public abstract void deleteKey(String str) throws IOException;

    public abstract KeyVersion rollNewVersion(String str, byte[] bArr) throws IOException;

    public void close() throws IOException {
    }

    public KeyVersion rollNewVersion(String str) throws NoSuchAlgorithmException, IOException {
        Metadata metadata = getMetadata(str);
        return rollNewVersion(str, generateKey(metadata.getBitLength(), metadata.getCipher()));
    }

    public abstract void flush() throws IOException;

    public static String getBaseName(String str) throws IOException {
        int lastIndexOf = str.lastIndexOf(64);
        if (lastIndexOf == -1) {
            throw new IOException("No version in key path " + str);
        }
        return str.substring(0, lastIndexOf);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String buildVersionName(String str, int i) {
        return str + SystemIdResolver.RESOURCE_LOADER_AUTHORITY_ABSOLUTE + i;
    }

    public static KeyProvider findProvider(List<KeyProvider> list, String str) throws IOException {
        for (KeyProvider keyProvider : list) {
            if (keyProvider.getMetadata(str) != null) {
                return keyProvider;
            }
        }
        throw new IOException("Can't find KeyProvider for key " + str);
    }
}
