package org.apache.hadoop.hdds.security.x509.certificate.client;

import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.attribute.FileAttribute;
import java.security.KeyPair;
import java.security.cert.X509Certificate;
import java.util.UUID;
import java.util.function.Consumer;
import java.util.stream.Stream;
import org.apache.commons.io.FileUtils;
import org.apache.hadoop.hdds.conf.OzoneConfiguration;
import org.apache.hadoop.hdds.protocol.MockDatanodeDetails;
import org.apache.hadoop.hdds.protocolPB.SCMSecurityProtocolClientSideTranslatorPB;
import org.apache.hadoop.hdds.security.SecurityConfig;
import org.apache.hadoop.hdds.security.x509.certificate.client.CertificateClient;
import org.apache.hadoop.hdds.security.x509.certificate.utils.CertificateCodec;
import org.apache.hadoop.hdds.security.x509.keys.HDDSKeyGenerator;
import org.apache.hadoop.hdds.security.x509.keys.KeyCodec;
import org.apache.hadoop.ozone.OzoneSecurityUtil;
import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
import org.apache.ozone.test.GenericTestUtils;
import org.bouncycastle.cert.X509CertificateHolder;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;

/* loaded from: input_file:org/apache/hadoop/hdds/security/x509/certificate/client/TestDnCertificateClientInit.class */
public class TestDnCertificateClientInit {
    private KeyPair keyPair;
    private String certSerialId = "3284792342234";
    private DNCertificateClient dnCertificateClient;
    private HDDSKeyGenerator keyGenerator;
    private Path metaDirPath;
    private SecurityConfig securityConfig;
    private KeyCodec dnKeyCodec;
    private X509Certificate x509Certificate;
    private static final String DN_COMPONENT = "dn";

    private static Stream<Arguments> parameters() {
        return Stream.of((Object[]) new Arguments[]{Arguments.arguments(new Object[]{false, false, false, CertificateClient.InitResponse.GETCERT}), Arguments.arguments(new Object[]{false, false, true, CertificateClient.InitResponse.FAILURE}), Arguments.arguments(new Object[]{false, true, false, CertificateClient.InitResponse.FAILURE}), Arguments.arguments(new Object[]{true, false, false, CertificateClient.InitResponse.GETCERT}), Arguments.arguments(new Object[]{false, true, true, CertificateClient.InitResponse.FAILURE}), Arguments.arguments(new Object[]{true, true, false, CertificateClient.InitResponse.GETCERT}), Arguments.arguments(new Object[]{true, false, true, CertificateClient.InitResponse.SUCCESS}), Arguments.arguments(new Object[]{true, true, true, CertificateClient.InitResponse.SUCCESS})});
    }

    @BeforeEach
    public void setUp() throws Exception {
        OzoneConfiguration ozoneConfiguration = new OzoneConfiguration();
        this.metaDirPath = Paths.get(GenericTestUtils.getTempPath(UUID.randomUUID().toString()), "test");
        ozoneConfiguration.set("hdds.metadata.dir", this.metaDirPath.toString());
        this.securityConfig = new SecurityConfig(ozoneConfiguration);
        this.keyGenerator = new HDDSKeyGenerator(this.securityConfig);
        this.keyPair = this.keyGenerator.generateKey();
        this.x509Certificate = getX509Certificate();
        this.certSerialId = this.x509Certificate.getSerialNumber().toString();
        this.dnCertificateClient = new DNCertificateClient(this.securityConfig, (SCMSecurityProtocolClientSideTranslatorPB) null, MockDatanodeDetails.randomDatanodeDetails(), this.certSerialId, (Consumer) null, (Runnable) null);
        this.dnKeyCodec = new KeyCodec(this.securityConfig, DN_COMPONENT);
        Files.createDirectories(this.securityConfig.getKeyLocation(DN_COMPONENT), new FileAttribute[0]);
    }

    @AfterEach
    public void tearDown() throws IOException {
        this.dnCertificateClient.close();
        this.dnCertificateClient = null;
        FileUtils.deleteQuietly(this.metaDirPath.toFile());
    }

    @MethodSource({"parameters"})
    @ParameterizedTest
    public void testInitDatanode(boolean z, boolean z2, boolean z3, CertificateClient.InitResponse initResponse) throws Exception {
        if (z) {
            this.dnKeyCodec.writePrivateKey(this.keyPair.getPrivate());
        } else {
            FileUtils.deleteQuietly(Paths.get(this.securityConfig.getKeyLocation(DN_COMPONENT).toString(), this.securityConfig.getPrivateKeyFileName()).toFile());
        }
        if (!z2) {
            FileUtils.deleteQuietly(Paths.get(this.securityConfig.getKeyLocation(DN_COMPONENT).toString(), this.securityConfig.getPublicKeyFileName()).toFile());
        } else if (this.dnCertificateClient.getPublicKey() == null) {
            this.dnKeyCodec.writePublicKey(this.keyPair.getPublic());
        }
        if (z3) {
            new CertificateCodec(this.securityConfig, DN_COMPONENT).writeCertificate(new X509CertificateHolder(this.x509Certificate.getEncoded()));
        } else {
            FileUtils.deleteQuietly(Paths.get(this.securityConfig.getKeyLocation(DN_COMPONENT).toString(), this.securityConfig.getCertificateFileName()).toFile());
        }
        CertificateClient.InitResponse init = this.dnCertificateClient.init();
        Assertions.assertEquals(initResponse, init);
        if (init.equals(CertificateClient.InitResponse.FAILURE)) {
            return;
        }
        Assertions.assertTrue(OzoneSecurityUtil.checkIfFileExist(this.securityConfig.getKeyLocation(DN_COMPONENT), this.securityConfig.getPrivateKeyFileName()));
        Assertions.assertTrue(OzoneSecurityUtil.checkIfFileExist(this.securityConfig.getKeyLocation(DN_COMPONENT), this.securityConfig.getPublicKeyFileName()));
    }

    private X509Certificate getX509Certificate() throws Exception {
        return KeyStoreTestUtil.generateCertificate("CN=Test", this.keyPair, 365, this.securityConfig.getSignatureAlgo());
    }
}
