package org.apache.ignite.internal.encryption;

import java.io.File;
import java.io.FileOutputStream;
import java.nio.ByteBuffer;
import java.nio.channels.FileChannel;
import java.nio.file.StandardOpenOption;
import java.security.KeyStore;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.IntStream;
import javax.crypto.KeyGenerator;
import org.apache.ignite.Ignite;
import org.apache.ignite.IgniteCache;
import org.apache.ignite.IgniteCheckedException;
import org.apache.ignite.IgniteDataStreamer;
import org.apache.ignite.cache.CachePeekMode;
import org.apache.ignite.cache.CacheWriteSynchronizationMode;
import org.apache.ignite.configuration.CacheConfiguration;
import org.apache.ignite.configuration.DataRegionConfiguration;
import org.apache.ignite.configuration.DataStorageConfiguration;
import org.apache.ignite.configuration.IgniteConfiguration;
import org.apache.ignite.configuration.WALMode;
import org.apache.ignite.internal.IgniteEx;
import org.apache.ignite.internal.IgniteInternalFuture;
import org.apache.ignite.internal.IgniteInterruptedCheckedException;
import org.apache.ignite.internal.managers.encryption.GridEncryptionManager;
import org.apache.ignite.internal.managers.encryption.GroupKey;
import org.apache.ignite.internal.managers.encryption.ReencryptStateUtils;
import org.apache.ignite.internal.pagemem.PageIdUtils;
import org.apache.ignite.internal.processors.cache.CacheGroupContext;
import org.apache.ignite.internal.processors.cache.ClientFastReplyCoordinatorFailureTest;
import org.apache.ignite.internal.processors.cache.IgniteClientAffinityAssignmentSelfTest;
import org.apache.ignite.internal.processors.cache.IgniteInternalCache;
import org.apache.ignite.internal.processors.cache.persistence.file.FilePageStore;
import org.apache.ignite.internal.processors.cache.persistence.tree.io.TrackingPageIOTest;
import org.apache.ignite.internal.util.IgniteUtils;
import org.apache.ignite.internal.util.future.GridCompoundFuture;
import org.apache.ignite.internal.util.typedef.G;
import org.apache.ignite.internal.util.typedef.T2;
import org.apache.ignite.internal.util.typedef.internal.CU;
import org.apache.ignite.spi.encryption.keystore.KeystoreEncryptionKey;
import org.apache.ignite.spi.encryption.keystore.KeystoreEncryptionSpi;
import org.apache.ignite.testframework.GridTestUtils;
import org.apache.ignite.testframework.junits.common.GridCommonAbstractTest;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:org/apache/ignite/internal/encryption/AbstractEncryptionTest.class */
public abstract class AbstractEncryptionTest extends GridCommonAbstractTest {
    static final String ENCRYPTED_CACHE = "encrypted";
    public static final String KEYSTORE_PATH = IgniteUtils.resolveIgnitePath("modules/core/src/test/resources/tde.jks").getAbsolutePath();
    static final String GRID_0 = "grid-0";
    static final String GRID_1 = "grid-1";
    public static final String KEYSTORE_PASSWORD = "love_sex_god";
    public static final String MASTER_KEY_NAME_2 = "ignite.master.key2";
    public static final String MASTER_KEY_NAME_3 = "ignite.master.key3";
    public static final String MASTER_KEY_NAME_MULTIBYTE_ENCODED = "мастер.ключ.1";

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.testframework.junits.GridAbstractTest
    public IgniteConfiguration getConfiguration(String str) throws Exception {
        IgniteConfiguration configuration = super.getConfiguration(str);
        configuration.setConsistentId(str);
        KeystoreEncryptionSpi keystoreEncryptionSpi = new KeystoreEncryptionSpi();
        keystoreEncryptionSpi.setKeyStorePath(keystorePath());
        keystoreEncryptionSpi.setKeyStorePassword(keystorePassword());
        configuration.setEncryptionSpi(keystoreEncryptionSpi);
        configuration.setDataStorageConfiguration(new DataStorageConfiguration().setDefaultDataRegionConfiguration(new DataRegionConfiguration().setMaxSize(10485760L).setPersistenceEnabled(true)).setPageSize(TrackingPageIOTest.PAGE_SIZE).setWalMode(WALMode.FSYNC));
        return configuration;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public char[] keystorePassword() {
        return KEYSTORE_PASSWORD.toCharArray();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String keystorePath() {
        return KEYSTORE_PATH;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public <K, V> CacheConfiguration<K, V> cacheConfiguration(String str, String str2) {
        return new CacheConfiguration(str).setWriteSynchronizationMode(CacheWriteSynchronizationMode.FULL_SYNC).setGroupName(str2).setEncryptionEnabled(true);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void checkEncryptedCaches(IgniteEx igniteEx, IgniteEx igniteEx2) {
        HashSet<String> hashSet = new HashSet(igniteEx.cacheNames());
        hashSet.addAll(igniteEx2.cacheNames());
        for (String str : hashSet) {
            CacheConfiguration configuration = igniteEx2.cache(str).getConfiguration(CacheConfiguration.class);
            if (configuration.isEncryptionEnabled()) {
                IgniteInternalCache cachex = igniteEx.cachex(str);
                int cacheGroupId = CU.cacheGroupId(configuration);
                assertNotNull(cachex);
                IgniteInternalCache cachex2 = igniteEx2.cachex(str);
                assertNotNull(cachex2);
                assertTrue(cachex2.configuration().isEncryptionEnabled());
                GroupKey activeKey = igniteEx.context().encryption().getActiveKey(cacheGroupId);
                assertNotNull(activeKey);
                KeystoreEncryptionKey key = activeKey.key();
                assertNotNull(key);
                assertNotNull(key.key());
                if (igniteEx2.configuration().isClientMode().booleanValue()) {
                    assertNull(igniteEx2.context().encryption().getActiveKey(cacheGroupId));
                } else {
                    GroupKey activeKey2 = igniteEx2.context().encryption().getActiveKey(cacheGroupId);
                    assertNotNull(activeKey2);
                    KeystoreEncryptionKey key2 = activeKey2.key();
                    assertNotNull(key2);
                    assertNotNull(key2.key());
                    assertEquals(key.key(), key2.key());
                }
            }
        }
        checkData(igniteEx);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void checkData(IgniteEx igniteEx) {
        IgniteCache cache = igniteEx.cache(cacheName());
        assertNotNull(cache);
        int size = cache.size(new CachePeekMode[0]);
        assertTrue("Cache cannot be empty", size > 0);
        long j = 0;
        while (true) {
            long j2 = j;
            if (j2 >= size) {
                return;
            }
            assertEquals(generateValue(j2), cache.get(Long.valueOf(j2)));
            j = j2 + 1;
        }
    }

    protected Object generateValue(long j) {
        return String.valueOf(j);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void createEncryptedCache(IgniteEx igniteEx, @Nullable IgniteEx igniteEx2, String str, String str2) throws IgniteInterruptedCheckedException {
        createEncryptedCache(igniteEx, igniteEx2, str, str2, true);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void createEncryptedCache(IgniteEx igniteEx, @Nullable IgniteEx igniteEx2, String str, String str2, boolean z) throws IgniteInterruptedCheckedException {
        IgniteCache createCache = igniteEx.createCache(cacheConfiguration(str, str2));
        if (igniteEx2 != null) {
            GridTestUtils.waitForCondition(() -> {
                return igniteEx2.cachex(cacheName()) != null;
            }, 2000L);
        }
        if (!z) {
            return;
        }
        long j = 0;
        while (true) {
            long j2 = j;
            if (j2 >= 100) {
                break;
            }
            createCache.put(Long.valueOf(j2), generateValue(j2));
            j = j2 + 1;
        }
        long j3 = 0;
        while (true) {
            long j4 = j3;
            if (j4 >= 100) {
                return;
            }
            assertEquals(generateValue(j4), createCache.get(Long.valueOf(j4)));
            j3 = j4 + 1;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public T2<IgniteEx, IgniteEx> startTestGrids(boolean z) throws Exception {
        if (z) {
            cleanPersistenceDir();
        }
        IgniteEx startGrid = startGrid(GRID_0);
        IgniteEx startGrid2 = startGrid(GRID_1);
        startGrid.cluster().active(true);
        awaitPartitionMapExchange();
        return new T2<>(startGrid, startGrid2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @NotNull
    public String cacheName() {
        return ENCRYPTED_CACHE;
    }

    protected File createKeyStore(String str) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(null, null);
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(IgniteClientAffinityAssignmentSelfTest.PARTS);
        for (String str2 : new String[]{"ignite.master.key", MASTER_KEY_NAME_2, MASTER_KEY_NAME_3, MASTER_KEY_NAME_MULTIBYTE_ENCODED}) {
            keyStore.setEntry(str2, new KeyStore.SecretKeyEntry(keyGenerator.generateKey()), new KeyStore.PasswordProtection(KEYSTORE_PASSWORD.toCharArray()));
        }
        File file = new File(str);
        file.createNewFile();
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        Throwable th = null;
        try {
            try {
                keyStore.store(fileOutputStream, KEYSTORE_PASSWORD.toCharArray());
                if (fileOutputStream != null) {
                    if (0 != 0) {
                        try {
                            fileOutputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        fileOutputStream.close();
                    }
                }
                return file;
            } finally {
            }
        } catch (Throwable th3) {
            if (fileOutputStream != null) {
                if (th != null) {
                    try {
                        fileOutputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    fileOutputStream.close();
                }
            }
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean checkMasterKeyName(String str) {
        for (IgniteEx igniteEx : G.allGrids()) {
            if (!igniteEx.context().clientNode() && !str.equals(igniteEx.encryption().getMasterKeyName())) {
                return false;
            }
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void loadData(int i) {
        loadData(cacheName(), i);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void loadData(String str, int i) {
        info("Loading " + i + " entries into " + str);
        int size = grid(GRID_0).cache(str).size(new CachePeekMode[0]);
        IgniteDataStreamer dataStreamer = grid(GRID_0).dataStreamer(str);
        Throwable th = null;
        try {
            try {
                for (long j = size; j < i + size; j++) {
                    dataStreamer.addData(Long.valueOf(j), generateValue(j));
                }
                if (dataStreamer != null) {
                    if (0 != 0) {
                        try {
                            dataStreamer.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        dataStreamer.close();
                    }
                }
                info("Load data finished");
            } finally {
            }
        } catch (Throwable th3) {
            if (dataStreamer != null) {
                if (th != null) {
                    try {
                        dataStreamer.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    dataStreamer.close();
                }
            }
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void checkKeysCount(IgniteEx igniteEx, int i, int i2, long j) throws IgniteInterruptedCheckedException {
        GridEncryptionManager encryption = igniteEx.context().encryption();
        GridTestUtils.waitForCondition(() -> {
            return encryption.groupKeyIds(i).size() == i2;
        }, j);
        assertEquals(i2, encryption.groupKeyIds(i).size());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void checkGroupKey(int i, int i2, long j) throws Exception {
        int i3;
        awaitEncryption(G.allGrids(), i, j);
        for (IgniteEx igniteEx : G.allGrids()) {
            IgniteEx igniteEx2 = igniteEx;
            if (!igniteEx2.context().clientNode()) {
                info("Validating encryption key [node=" + igniteEx.cluster().localNode().id() + ", grp=" + i + "]");
                CacheGroupContext cacheGroup = igniteEx2.context().cache().cacheGroup(i);
                if (cacheGroup == null || !cacheGroup.affinityNode()) {
                    info("Context doesn't exits on " + igniteEx2.localNode().id());
                } else {
                    GridEncryptionManager encryption = igniteEx2.context().encryption();
                    assertEquals(igniteEx2.localNode().id().toString(), (byte) i2, encryption.getActiveKey(i).id());
                    IgniteInternalFuture reencryptionFuture = encryption.reencryptionFuture(i);
                    GridTestUtils.waitForCondition(() -> {
                        if (reencryptionFuture.isDone()) {
                            return true;
                        }
                        try {
                            forceCheckpoint(igniteEx);
                            return reencryptionFuture.isDone();
                        } catch (IgniteCheckedException e) {
                            throw new RuntimeException((Throwable) e);
                        }
                    }, j);
                    assertTrue(reencryptionFuture.isDone());
                    assertEquals(0L, encryption.getBytesLeftForReencryption(i));
                    List list = (List) IntStream.range(0, cacheGroup.shared().affinity().affinity(Integer.valueOf(i)).partitions()).boxed().collect(Collectors.toList());
                    list.add(Integer.valueOf(ClientFastReplyCoordinatorFailureTest.OLD_CRD_BITS));
                    int realPageSize = cacheGroup.dataRegion().pageMemory().realPageSize(i);
                    int blockSize = cacheGroup.shared().kernalContext().config().getEncryptionSpi().blockSize();
                    Iterator it = list.iterator();
                    while (it.hasNext()) {
                        int intValue = ((Integer) it.next()).intValue();
                        FilePageStore store = cacheGroup.shared().pageStore().getStore(i, intValue);
                        if (store.exists()) {
                            long encryptionState = igniteEx2.context().encryption().getEncryptionState(i, intValue);
                            String format = String.format("p=%d, off=%d, total=%d", Integer.valueOf(intValue), Integer.valueOf(ReencryptStateUtils.pageIndex(encryptionState)), Integer.valueOf(ReencryptStateUtils.pageCount(encryptionState)));
                            assertEquals(format, 0, ReencryptStateUtils.pageCount(encryptionState));
                            assertEquals(format, 0, ReencryptStateUtils.pageIndex(encryptionState));
                            long pageId = PageIdUtils.pageId(intValue, (byte) 1, 0);
                            int pages = store.pages();
                            ByteBuffer allocate = ByteBuffer.allocate(store.getPageSize());
                            FileChannel open = FileChannel.open(new File(store.getFileAbsolutePath()).toPath(), StandardOpenOption.READ);
                            Throwable th = null;
                            for (0; i3 < pages; i3 + 1) {
                                try {
                                    try {
                                        long pageOffset = store.pageOffset(pageId + i3);
                                        allocate.position(0);
                                        open.position(pageOffset);
                                        open.read(allocate);
                                        allocate.position(realPageSize + blockSize);
                                        int i4 = allocate.getInt();
                                        int i5 = allocate.get() & 255;
                                        if (i4 == 0 && i5 == 0) {
                                            allocate.position(0);
                                            boolean z = false;
                                            while (allocate.hasRemaining() && !z) {
                                                z = allocate.getLong() == 0;
                                            }
                                            i3 = z ? i3 + 1 : 0;
                                        }
                                        assertEquals(String.format("File=%s, page=%d", store.getFileAbsolutePath(), Integer.valueOf(i3)), i2, i5);
                                    } finally {
                                    }
                                } catch (Throwable th2) {
                                    if (open != null) {
                                        if (th != null) {
                                            try {
                                                open.close();
                                            } catch (Throwable th3) {
                                                th.addSuppressed(th3);
                                            }
                                        } else {
                                            open.close();
                                        }
                                    }
                                    throw th2;
                                }
                            }
                            if (open != null) {
                                if (0 != 0) {
                                    try {
                                        open.close();
                                    } catch (Throwable th4) {
                                        th.addSuppressed(th4);
                                    }
                                } else {
                                    open.close();
                                }
                            }
                        }
                    }
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void awaitEncryption(List<Ignite> list, int i, long j) throws IgniteCheckedException {
        GridCompoundFuture gridCompoundFuture = new GridCompoundFuture();
        Iterator<Ignite> it = list.iterator();
        while (it.hasNext()) {
            IgniteEx igniteEx = (Ignite) it.next();
            if (!igniteEx.context().clientNode()) {
                gridCompoundFuture.add(GridTestUtils.runAsync(() -> {
                    assertTrue(GridTestUtils.waitForCondition(() -> {
                        return !isReencryptionInProgress(igniteEx, i);
                    }, j));
                    return null;
                }));
            }
        }
        gridCompoundFuture.markInitialized();
        gridCompoundFuture.get(j);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isReencryptionInProgress(IgniteEx igniteEx, int i) {
        CacheGroupContext cacheGroup = igniteEx.context().cache().cacheGroup(i);
        if (cacheGroup == null || !cacheGroup.affinityNode()) {
            return false;
        }
        for (int i2 = 0; i2 < cacheGroup.affinity().partitions(); i2++) {
            long encryptionState = igniteEx.context().encryption().getEncryptionState(i, i2);
            if (ReencryptStateUtils.pageIndex(encryptionState) != ReencryptStateUtils.pageCount(encryptionState)) {
                return true;
            }
        }
        long encryptionState2 = igniteEx.context().encryption().getEncryptionState(i, ClientFastReplyCoordinatorFailureTest.OLD_CRD_BITS);
        return ReencryptStateUtils.pageIndex(encryptionState2) != ReencryptStateUtils.pageCount(encryptionState2);
    }
}
