package org.apache.hadoop.hdds.security.x509.certificate.client;

import java.io.IOException;
import java.net.InetAddress;
import java.security.KeyPair;
import java.util.function.Consumer;
import org.apache.hadoop.hdds.protocol.DatanodeDetails;
import org.apache.hadoop.hdds.protocol.proto.SCMSecurityProtocolProtos;
import org.apache.hadoop.hdds.protocolPB.SCMSecurityProtocolClientSideTranslatorPB;
import org.apache.hadoop.hdds.security.SecurityConfig;
import org.apache.hadoop.hdds.security.x509.certificate.utils.CertificateSignRequest;
import org.apache.hadoop.hdds.security.x509.exception.CertificateException;
import org.apache.hadoop.security.UserGroupInformation;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/hadoop/hdds/security/x509/certificate/client/DNCertificateClient.class */
public class DNCertificateClient extends DefaultCertificateClient {
    private static final Logger LOG = LoggerFactory.getLogger(DNCertificateClient.class);
    public static final String COMPONENT_NAME = "dn";
    private final DatanodeDetails dn;

    public DNCertificateClient(SecurityConfig securityConfig, SCMSecurityProtocolClientSideTranslatorPB sCMSecurityProtocolClientSideTranslatorPB, DatanodeDetails datanodeDetails, String str, Consumer<String> consumer, Runnable runnable) {
        super(securityConfig, sCMSecurityProtocolClientSideTranslatorPB, LOG, str, COMPONENT_NAME, datanodeDetails.threadNamePrefix(), consumer, runnable);
        this.dn = datanodeDetails;
    }

    @Override // org.apache.hadoop.hdds.security.x509.certificate.client.DefaultCertificateClient
    public CertificateSignRequest.Builder getCSRBuilder() throws CertificateException {
        CertificateSignRequest.Builder cSRBuilder = super.getCSRBuilder();
        try {
            String str = UserGroupInformation.getCurrentUser().getShortUserName() + "@" + InetAddress.getLocalHost().getCanonicalHostName();
            cSRBuilder.setCA(false).setKey(new KeyPair(getPublicKey(), getPrivateKey())).setConfiguration(getSecurityConfig()).setSubject(str);
            LOG.info("Created csr for DN-> subject:{}", str);
            return cSRBuilder;
        } catch (Exception e) {
            LOG.error("Failed to get hostname or current user", e);
            throw new CertificateException("Failed to get hostname or current user", e, CertificateException.ErrorCode.CSR_ERROR);
        }
    }

    @Override // org.apache.hadoop.hdds.security.x509.certificate.client.DefaultCertificateClient
    public SCMSecurityProtocolProtos.SCMGetCertResponseProto getCertificateSignResponse(PKCS10CertificationRequest pKCS10CertificationRequest) throws IOException {
        return getScmSecureClient().getDataNodeCertificateChain(this.dn.getProtoBufMessage(), CertificateSignRequest.getEncodedString(pKCS10CertificationRequest));
    }

    @Override // org.apache.hadoop.hdds.security.x509.certificate.client.DefaultCertificateClient
    public Logger getLogger() {
        return LOG;
    }
}
