package org.apache.hadoop.hbase.io.crypto.aes;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.OutputStream;
import java.security.AccessController;
import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedAction;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.SecureRandomSpi;
import java.security.Security;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.io.IOUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.CommonConfigurationKeysPublic;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.HConstants;
import org.apache.hadoop.hbase.io.crypto.Cipher;
import org.apache.hadoop.hbase.io.crypto.DefaultCipherProvider;
import org.apache.hadoop.hbase.io.crypto.Encryption;
import org.apache.hadoop.hbase.io.crypto.Encryptor;
import org.apache.hadoop.hbase.testclassification.SmallTests;
import org.apache.hadoop.hbase.util.Bytes;
import org.junit.Assert;
import org.junit.Test;
import org.junit.experimental.categories.Category;

@Category({SmallTests.class})
/* loaded from: input_file:org/apache/hadoop/hbase/io/crypto/aes/TestAES.class */
public class TestAES {

    /* loaded from: input_file:org/apache/hadoop/hbase/io/crypto/aes/TestAES$TestProvider.class */
    static class TestProvider extends Provider {
        private static final long serialVersionUID = 1;

        public TestProvider() {
            super("TEST", 1.0d, "Test provider");
            AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: org.apache.hadoop.hbase.io.crypto.aes.TestAES.TestProvider.1
                @Override // java.security.PrivilegedAction
                public Object run() {
                    TestProvider.this.put("SecureRandom.TestRNG", TestAES.class.getName() + "$TestRNG");
                    return null;
                }
            });
        }
    }

    /* loaded from: input_file:org/apache/hadoop/hbase/io/crypto/aes/TestAES$TestRNG.class */
    public static class TestRNG extends SecureRandomSpi {
        private static final long serialVersionUID = 1;
        private SecureRandom rng;

        public TestRNG() {
            try {
                this.rng = SecureRandom.getInstance(CommonConfigurationKeysPublic.HADOOP_SECURITY_JAVA_SECURE_RANDOM_ALGORITHM_DEFAULT);
            } catch (NoSuchAlgorithmException e) {
                Assert.fail("Unable to create SecureRandom instance");
            }
        }

        @Override // java.security.SecureRandomSpi
        protected void engineSetSeed(byte[] bArr) {
            this.rng.setSeed(bArr);
        }

        @Override // java.security.SecureRandomSpi
        protected void engineNextBytes(byte[] bArr) {
            this.rng.nextBytes(bArr);
        }

        @Override // java.security.SecureRandomSpi
        protected byte[] engineGenerateSeed(int i) {
            return this.rng.generateSeed(i);
        }
    }

    @Test
    public void testAESAlgorithm() throws Exception {
        Cipher cipher = Encryption.getCipher(HBaseConfiguration.create(), HConstants.CIPHER_AES);
        Assert.assertEquals(cipher.getKeyLength(), 16L);
        Assert.assertEquals(cipher.getIvLength(), 16L);
        Encryptor encryptor = cipher.getEncryptor();
        encryptor.setKey(new SecretKeySpec(Bytes.fromHex("2b7e151628aed2a6abf7158809cf4f3c"), HConstants.CIPHER_AES));
        encryptor.setIv(Bytes.fromHex("f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff"));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        OutputStream createEncryptionStream = encryptor.createEncryptionStream(byteArrayOutputStream);
        createEncryptionStream.write(Bytes.fromHex("6bc1bee22e409f96e93d7e117393172a"));
        createEncryptionStream.write(Bytes.fromHex("ae2d8a571e03ac9c9eb76fac45af8e51"));
        createEncryptionStream.write(Bytes.fromHex("30c81c46a35ce411e5fbc1191a0a52ef"));
        createEncryptionStream.write(Bytes.fromHex("f69f2445df4f9b17ad2b417be66c3710"));
        createEncryptionStream.close();
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
        byte[] bArr = new byte[16];
        IOUtils.readFully(byteArrayInputStream, bArr);
        Assert.assertTrue("Failed #1", Bytes.equals(bArr, Bytes.fromHex("874d6191b620e3261bef6864990db6ce")));
        IOUtils.readFully(byteArrayInputStream, bArr);
        Assert.assertTrue("Failed #2", Bytes.equals(bArr, Bytes.fromHex("9806f66b7970fdff8617187bb9fffdff")));
        IOUtils.readFully(byteArrayInputStream, bArr);
        Assert.assertTrue("Failed #3", Bytes.equals(bArr, Bytes.fromHex("5ae4df3edbd5d35e5b4f09020db03eab")));
        IOUtils.readFully(byteArrayInputStream, bArr);
        Assert.assertTrue("Failed #4", Bytes.equals(bArr, Bytes.fromHex("1e031dda2fbe03d1792170a0f3009cee")));
    }

    @Test
    public void testAlternateRNG() throws Exception {
        Security.addProvider(new TestProvider());
        Configuration configuration = new Configuration();
        configuration.set(AES.RNG_ALGORITHM_KEY, "TestRNG");
        configuration.set(AES.RNG_PROVIDER_KEY, "TEST");
        DefaultCipherProvider.getInstance().setConf(configuration);
        Assert.assertEquals("AES did not find alternate RNG", new AES(DefaultCipherProvider.getInstance()).getRNG().getAlgorithm(), "TestRNG");
    }
}
