package org.apache.hadoop.hdds.security.symmetric;

import com.google.common.collect.ImmutableList;
import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;
import java.nio.file.attribute.FileAttribute;
import java.nio.file.attribute.PosixFilePermission;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collections;
import java.util.List;
import java.util.UUID;
import java.util.stream.Stream;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.MethodSource;

/* loaded from: input_file:org/apache/hadoop/hdds/security/symmetric/TestLocalKeyStore.class */
public class TestLocalKeyStore {
    private SecretKeyStore secretKeyStore;
    private Path testSecretFile;

    @BeforeEach
    private void setup() throws Exception {
        this.testSecretFile = Files.createTempFile("key-strore-test", ".json", new FileAttribute[0]);
        this.secretKeyStore = new LocalSecretKeyStore(this.testSecretFile);
    }

    public static Stream<Arguments> saveAndLoadTestCases() throws Exception {
        return Stream.of((Object[]) new Arguments[]{Arguments.of(new Object[]{ImmutableList.of()}), Arguments.of(new Object[]{Lists.newArrayList(new ManagedSecretKey[]{generateKey("HmacSHA256")})}), Arguments.of(new Object[]{Lists.newArrayList(new ManagedSecretKey[]{generateKey("HmacSHA1"), generateKey("HmacSHA256")})})});
    }

    @MethodSource({"saveAndLoadTestCases"})
    @ParameterizedTest
    public void testSaveAndLoad(List<ManagedSecretKey> list) throws IOException {
        this.secretKeyStore.save(list);
        File file = this.testSecretFile.toFile();
        Assertions.assertTrue(file.exists());
        Assertions.assertEquals(Sets.newHashSet(new PosixFilePermission[]{PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE}), Files.getPosixFilePermissions(file.toPath(), new LinkOption[0]));
        assertEqualKeys(list, this.secretKeyStore.load());
    }

    @Test
    public void testOverwrite() throws Exception {
        this.secretKeyStore.save(Lists.newArrayList(new ManagedSecretKey[]{generateKey("HmacSHA256")}));
        ArrayList newArrayList = Lists.newArrayList(new ManagedSecretKey[]{generateKey("HmacSHA1"), generateKey("HmacSHA256")});
        this.secretKeyStore.save(newArrayList);
        assertEqualKeys(newArrayList, this.secretKeyStore.load());
    }

    @Test
    public void testLoadExistingFile() throws Exception {
        Files.write(this.testSecretFile, Collections.singletonList("[\n  {\n    \"id\":\"78864cfb-793b-4157-8ad6-714c9f950a16\",\n    \"creationTime\":\"2007-12-03T10:15:30Z\",\n    \"expiryTime\":\"2007-12-03T11:15:30Z\",\n    \"algorithm\":\"HmacSHA256\",\n    \"encoded\":\"YSeCdJRB4RclxoeE69ENmTe2Cv8ybyKhHP3mq4M1r8o=\"\n  }\n]"), StandardOpenOption.WRITE);
        Instant parse = Instant.parse("2007-12-03T10:15:30.00Z");
        assertEqualKeys(Lists.newArrayList(new ManagedSecretKey[]{new ManagedSecretKey(UUID.fromString("78864cfb-793b-4157-8ad6-714c9f950a16"), parse, parse.plus((TemporalAmount) Duration.ofHours(1L)), new SecretKeySpec(Base64.getDecoder().decode("YSeCdJRB4RclxoeE69ENmTe2Cv8ybyKhHP3mq4M1r8o="), "HmacSHA256"))}), this.secretKeyStore.load());
    }

    private void assertEqualKeys(List<ManagedSecretKey> list, List<ManagedSecretKey> list2) {
        Assertions.assertEquals(list.size(), list2.size());
        for (int i = 0; i < list.size(); i++) {
            ManagedSecretKey managedSecretKey = list.get(i);
            ManagedSecretKey managedSecretKey2 = list2.get(i);
            Assertions.assertEquals(managedSecretKey.getId(), managedSecretKey2.getId());
            Assertions.assertEquals(managedSecretKey.getCreationTime().toEpochMilli(), managedSecretKey2.getCreationTime().toEpochMilli());
            Assertions.assertEquals(managedSecretKey.getExpiryTime(), managedSecretKey2.getExpiryTime());
            Assertions.assertEquals(managedSecretKey.getSecretKey(), managedSecretKey2.getSecretKey());
        }
    }

    private static ManagedSecretKey generateKey(String str) throws Exception {
        return generateKey(str, Instant.now());
    }

    private static ManagedSecretKey generateKey(String str, Instant instant) throws Exception {
        return new ManagedSecretKey(UUID.randomUUID(), instant, instant.plus((TemporalAmount) Duration.ofHours(1L)), KeyGenerator.getInstance(str).generateKey());
    }
}
