package org.apache.hadoop.gateway.services.security.impl;

import java.io.File;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import org.apache.hadoop.gateway.i18n.GatewaySpiMessages;
import org.apache.hadoop.gateway.i18n.messages.MessagesFactory;
import org.apache.hadoop.gateway.services.ServiceLifecycleException;
import org.apache.hadoop.gateway.services.security.KeystoreServiceException;

/* loaded from: input_file:org/apache/hadoop/gateway/services/security/impl/CMFKeystoreService.class */
public class CMFKeystoreService extends BaseKeystoreService {
    private static GatewaySpiMessages LOG = (GatewaySpiMessages) MessagesFactory.get(GatewaySpiMessages.class);
    private static final String TEST_CERT_DN = "CN=hadoop,OU=Test,O=Hadoop,L=Test,ST=Test,C=US";
    private static final String CREDENTIALS_SUFFIX = "-credentials.jceks";
    private String serviceName;

    public CMFKeystoreService(String str, String str2) throws ServiceLifecycleException {
        this.serviceName = null;
        this.serviceName = str2;
        this.keyStoreDir = str + File.separator;
        File file = new File(this.keyStoreDir);
        if (!file.exists() && !file.mkdirs()) {
            throw new ServiceLifecycleException("Cannot create the keystore directory");
        }
    }

    public void createKeystore() throws KeystoreServiceException {
        createKeystore(this.keyStoreDir + this.serviceName + ".jks", "JKS");
    }

    public KeyStore getKeystore() throws KeystoreServiceException {
        return getKeystore(new File(this.keyStoreDir + this.serviceName), "JKS");
    }

    public void addSelfSignedCert(String str, char[] cArr) throws KeystoreServiceException {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(1024);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            X509Certificate generateCertificate = X509CertificateUtil.generateCertificate(TEST_CERT_DN, generateKeyPair, 365, "SHA1withRSA");
            KeyStore keystore = getKeystore();
            if (keystore == null) {
                throw new IOException("Unable to open gateway keystore.");
            }
            keystore.setKeyEntry(str, generateKeyPair.getPrivate(), cArr, new Certificate[]{generateCertificate});
            writeKeystoreToFile(keystore, new File(this.keyStoreDir + this.serviceName));
        } catch (IOException e) {
            LOG.failedToAddSeflSignedCertForGateway(str, e);
        } catch (NoSuchAlgorithmException e2) {
            LOG.failedToAddSeflSignedCertForGateway(str, e2);
        } catch (GeneralSecurityException e3) {
            LOG.failedToAddSeflSignedCertForGateway(str, e3);
        }
    }

    public void createCredentialStore() throws KeystoreServiceException {
        createKeystore(this.keyStoreDir + this.serviceName + CREDENTIALS_SUFFIX, "JCEKS");
    }

    public boolean isCredentialStoreAvailable() throws KeystoreServiceException {
        try {
            return isKeystoreAvailable(new File(this.keyStoreDir + this.serviceName + CREDENTIALS_SUFFIX), "JCEKS");
        } catch (IOException e) {
            throw new KeystoreServiceException(e);
        } catch (KeyStoreException e2) {
            throw new KeystoreServiceException(e2);
        }
    }

    public boolean isKeystoreAvailable() throws KeystoreServiceException {
        try {
            return isKeystoreAvailable(new File(this.keyStoreDir + this.serviceName + ".jks"), "JKS");
        } catch (IOException e) {
            throw new KeystoreServiceException(e);
        } catch (KeyStoreException e2) {
            throw new KeystoreServiceException(e2);
        }
    }

    public Key getKey(String str, char[] cArr) throws KeystoreServiceException {
        Key key = null;
        KeyStore keystore = getKeystore();
        if (keystore != null) {
            try {
                key = keystore.getKey(str, cArr);
            } catch (KeyStoreException e) {
                LOG.failedToGetKey(str, e);
            } catch (NoSuchAlgorithmException e2) {
                LOG.failedToGetKey(str, e2);
            } catch (UnrecoverableKeyException e3) {
                LOG.failedToGetKey(str, e3);
            }
        }
        return key;
    }

    public KeyStore getCredentialStore() throws KeystoreServiceException {
        return getKeystore(new File(this.keyStoreDir + this.serviceName + CREDENTIALS_SUFFIX), "JCEKS");
    }

    public void addCredential(String str, String str2) throws KeystoreServiceException {
        KeyStore credentialStore = getCredentialStore();
        addCredential(str, str2, credentialStore);
        try {
            writeKeystoreToFile(credentialStore, new File(this.keyStoreDir + this.serviceName + CREDENTIALS_SUFFIX));
        } catch (IOException e) {
            LOG.failedToAddCredential(e);
        } catch (KeyStoreException e2) {
            LOG.failedToAddCredential(e2);
        } catch (NoSuchAlgorithmException e3) {
            LOG.failedToAddCredential(e3);
        } catch (CertificateException e4) {
            LOG.failedToAddCredential(e4);
        }
    }

    public char[] getCredential(String str) throws KeystoreServiceException {
        return getCredential(str, null, getCredentialStore());
    }
}
