package com.mapr.security;

import com.google.protobuf.ByteString;
import com.google.protobuf.InvalidProtocolBufferException;
import com.mapr.baseutils.audit.AuditConstants;
import com.mapr.baseutils.cldbutils.CLDBRpcCommonUtils;
import com.mapr.fs.ShimLoader;
import com.mapr.fs.proto.Security;
import com.mapr.login.common.TicketOptionalParams;
import com.mapr.security.JNISecurity;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;

/* loaded from: input_file:com/mapr/security/Security.class */
public class Security {
    private static int KeySizeInBytes;
    public static long MAX_EXPIRY_TIME;

    private Security() {
    }

    public static Security.Key GenerateRandomKey() {
        Security.Key.Builder newBuilder = Security.Key.newBuilder();
        byte[] bArr = new byte[KeySizeInBytes];
        JNISecurity.GenerateRandomBlock(bArr);
        newBuilder.setKey(ByteString.copyFrom(bArr));
        return newBuilder.build();
    }

    public static byte[] Encrypt(Security.Key key, byte[] bArr, MutableInt mutableInt) {
        JNISecurity.MutableErr mutableErr = new JNISecurity.MutableErr();
        byte[] Encrypt = JNISecurity.Encrypt(key.getKey().toByteArray(), bArr, mutableErr);
        if (mutableErr.GetValue() != 0) {
            mutableInt.SetValue(mutableErr.GetValue());
        }
        return Encrypt;
    }

    public static byte[] Decrypt(Security.Key key, byte[] bArr, MutableInt mutableInt) {
        JNISecurity.MutableErr mutableErr = new JNISecurity.MutableErr();
        byte[] Decrypt = JNISecurity.Decrypt(key.getKey().toByteArray(), bArr, mutableErr);
        if (mutableErr.GetValue() != 0) {
            mutableInt.SetValue(mutableErr.GetValue());
        }
        return Decrypt;
    }

    public static byte[] EncodeDataForWritingToKeyFile(byte[] bArr, MutableInt mutableInt) {
        JNISecurity.MutableErr mutableErr = new JNISecurity.MutableErr();
        byte[] EncodeDataForWritingToKeyFile = JNISecurity.EncodeDataForWritingToKeyFile(bArr, mutableErr);
        if (mutableErr.GetValue() != 0) {
            mutableInt.SetValue(mutableErr.GetValue());
        }
        return EncodeDataForWritingToKeyFile;
    }

    public static byte[] DecodeDataFromKeyFile(byte[] bArr, MutableInt mutableInt) {
        JNISecurity.MutableErr mutableErr = new JNISecurity.MutableErr();
        byte[] DecodeDataFromKeyFile = JNISecurity.DecodeDataFromKeyFile(bArr, mutableErr);
        if (mutableErr.GetValue() != 0) {
            mutableInt.SetValue(mutableErr.GetValue());
        }
        return DecodeDataFromKeyFile;
    }

    public static boolean isHSMFeatureEnabled() {
        return JNISecurity.IsHSMFeatureEnabled();
    }

    public static boolean doesDareKeyExist() {
        return JNISecurity.DoesDareKeyExist();
    }

    public static Security.Key getCLDBKeyFromHSM(MutableInt mutableInt) {
        JNISecurity.MutableErr mutableErr = new JNISecurity.MutableErr();
        byte[] GetKeyFromHSMInternal = JNISecurity.GetKeyFromHSMInternal(false, mutableErr);
        if (GetKeyFromHSMInternal != null) {
            Security.Key.Builder newBuilder = Security.Key.newBuilder();
            newBuilder.setKey(ByteString.copyFrom(GetKeyFromHSMInternal));
            return newBuilder.build();
        }
        if (mutableErr.GetValue() == 0) {
            return null;
        }
        mutableInt.SetValue(mutableErr.GetValue());
        return null;
    }

    public static int SetKeyFile(Security.ServerKeyType serverKeyType, String str) {
        return JNISecurity.SetKeyFileInternal(serverKeyType.getNumber(), str);
    }

    public static int SetKey(Security.ServerKeyType serverKeyType, Security.Key key) {
        return JNISecurity.SetKeyInternal(serverKeyType.getNumber(), key.getKey().toByteArray());
    }

    public static Security.Key GetKey(Security.ServerKeyType serverKeyType, MutableInt mutableInt) {
        JNISecurity.MutableErr mutableErr = new JNISecurity.MutableErr();
        if (serverKeyType == Security.ServerKeyType.CldbKey && isHSMFeatureEnabled()) {
            return getCLDBKeyFromHSM(mutableInt);
        }
        byte[] GetKeyInternal = JNISecurity.GetKeyInternal(serverKeyType.getNumber(), mutableErr);
        if (GetKeyInternal != null) {
            Security.Key.Builder newBuilder = Security.Key.newBuilder();
            newBuilder.setKey(ByteString.copyFrom(GetKeyInternal));
            return newBuilder.build();
        }
        if (mutableErr.GetValue() == 0) {
            return null;
        }
        mutableInt.SetValue(mutableErr.GetValue());
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v81, types: [byte[]] */
    public static Security.TicketAndKey GenerateTicketAndKey(Security.ServerKeyType serverKeyType, String str, int i, int[] iArr, long j, long j2, TicketOptionalParams ticketOptionalParams, MutableInt mutableInt) {
        JNISecurity.MutableErr mutableErr = new JNISecurity.MutableErr();
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = false;
        byte[][] bArr = null;
        int[] iArr2 = null;
        int[] iArr3 = null;
        int[] iArr4 = null;
        long j3 = 0;
        boolean z5 = false;
        if (ticketOptionalParams != null) {
            z = ticketOptionalParams.getIsExternal();
            z2 = ticketOptionalParams.getCanUserImpersonate();
            z3 = ticketOptionalParams.getCanUserGenerateTicket();
            z4 = ticketOptionalParams.getIsTenant();
            z5 = ticketOptionalParams.getIsTempTicket();
            j3 = ticketOptionalParams.getClusterOpsMask();
            if (ticketOptionalParams.getIps() != null && ticketOptionalParams.getIps().size() > 0) {
                bArr = new byte[ticketOptionalParams.getIps().size()];
                for (int i2 = 0; i2 < ticketOptionalParams.getIps().size(); i2++) {
                    bArr[i2] = ticketOptionalParams.getIps().get(i2).toByteArray();
                }
            }
            if (ticketOptionalParams.getImpUids() != null && ticketOptionalParams.getImpUids().size() > 0) {
                iArr2 = new int[ticketOptionalParams.getImpUids().size()];
                for (int i3 = 0; i3 < ticketOptionalParams.getImpUids().size(); i3++) {
                    iArr2[i3] = ticketOptionalParams.getImpUids().get(i3).intValue();
                }
            }
            if (ticketOptionalParams.getImpGids() != null && ticketOptionalParams.getImpGids().size() > 0) {
                iArr3 = new int[ticketOptionalParams.getImpGids().size()];
                for (int i4 = 0; i4 < ticketOptionalParams.getImpGids().size(); i4++) {
                    iArr3[i4] = ticketOptionalParams.getImpGids().get(i4).intValue();
                }
            }
            if (ticketOptionalParams.getRids() != null && ticketOptionalParams.getRids().size() > 0) {
                iArr4 = new int[ticketOptionalParams.getRids().size()];
                for (int i5 = 0; i5 < ticketOptionalParams.getRids().size(); i5++) {
                    iArr4[i5] = ticketOptionalParams.getRids().get(i5).intValue();
                }
            }
        }
        byte[] GenerateTicketAndKeyInternal = JNISecurity.GenerateTicketAndKeyInternal(serverKeyType.getNumber(), str, i, iArr, iArr4, j, j2, z, z2, z3, z4, bArr, iArr2, iArr3, z5, j3, mutableErr);
        if (GenerateTicketAndKeyInternal != null) {
            try {
                return Security.TicketAndKey.parseFrom(GenerateTicketAndKeyInternal);
            } catch (InvalidProtocolBufferException e) {
                e.printStackTrace();
                return null;
            }
        }
        if (mutableErr.GetValue() == 0) {
            return null;
        }
        mutableInt.SetValue(mutableErr.GetValue());
        return null;
    }

    public static void GenerateAndWriteTicketAndKey(String str, long j, DataOutputStream dataOutputStream) throws IOException {
        UnixUserGroupHelper unixUserGroupHelper = new UnixUserGroupHelper();
        int userId = unixUserGroupHelper.getUserId(str);
        int[] groups = unixUserGroupHelper.getGroups(str);
        MutableInt mutableInt = new MutableInt();
        TicketOptionalParams ticketOptionalParams = new TicketOptionalParams();
        ticketOptionalParams.setIsExternal(true);
        Security.TicketAndKey GenerateTicketAndKey = GenerateTicketAndKey(Security.ServerKeyType.ServerKey, str, userId, groups, j / 1000, 0L, ticketOptionalParams, mutableInt);
        if (GenerateTicketAndKey == null || mutableInt.GetValue() != 0) {
            throw new IOException("Security Ticket for user: " + str + " can not be generated with error: " + mutableInt.GetValue());
        }
        byte[] EncodeDataForWritingToKeyFile = EncodeDataForWritingToKeyFile(GenerateTicketAndKey.toByteArray(), mutableInt);
        if (mutableInt.GetValue() != 0 || EncodeDataForWritingToKeyFile == null) {
            throw new IOException("Security Ticket for user: " + str + " can not be encoded with error: " + mutableInt.GetValue());
        }
        try {
            dataOutputStream.write(CLDBRpcCommonUtils.getInstance().getCurrentClusterName().getBytes("UTF-8"));
            dataOutputStream.write(new String(AuditConstants.SPACE).getBytes("UTF-8"));
            dataOutputStream.write(EncodeDataForWritingToKeyFile);
            dataOutputStream.write(new String(AuditConstants.NEWLINE).getBytes("UTF-8"));
            dataOutputStream.close();
        } catch (Throwable th) {
            dataOutputStream.close();
            throw th;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:40:0x00eb, code lost:
    
        throw new java.io.IOException("Security Ticket can not be generated with error: " + r0.GetValue());
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void CloneAndGenerateTicketFile(java.io.DataInputStream r9, long r10, java.io.DataOutputStream r12) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 348
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.mapr.security.Security.CloneAndGenerateTicketFile(java.io.DataInputStream, long, java.io.DataOutputStream):void");
    }

    public static void MergeAndGenerateTicketFile(DataInputStream dataInputStream, String str, long j, DataOutputStream dataOutputStream) throws IOException {
        if (dataInputStream == null) {
            GenerateAndWriteTicketAndKey(str, j, dataOutputStream);
        } else {
            MergeAndGenerateTicketFile(dataInputStream, str, j, dataOutputStream, false);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:44:0x01a9, code lost:
    
        throw new java.io.IOException("Security Ticket for user: " + r12 + " can not be encoded with error: " + r0.GetValue());
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static void MergeAndGenerateTicketFile(java.io.DataInputStream r11, java.lang.String r12, long r13, java.io.DataOutputStream r15, boolean r16) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 587
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.mapr.security.Security.MergeAndGenerateTicketFile(java.io.DataInputStream, java.lang.String, long, java.io.DataOutputStream, boolean):void");
    }

    public static Security.TicketAndKey GenerateTicketAndKeyUsingServerKey(Security.ServerKeyType serverKeyType, Security.Key key, String str, int i, int[] iArr, long j, long j2, boolean z, long j3, MutableInt mutableInt) {
        JNISecurity.MutableErr mutableErr = new JNISecurity.MutableErr();
        byte[] GenerateTicketAndKeyUsingServerKeyInternal = JNISecurity.GenerateTicketAndKeyUsingServerKeyInternal(serverKeyType.getNumber(), key.getKey().toByteArray(), str, i, iArr, j, j2, z, j3, mutableErr);
        if (GenerateTicketAndKeyUsingServerKeyInternal != null) {
            try {
                return Security.TicketAndKey.parseFrom(GenerateTicketAndKeyUsingServerKeyInternal);
            } catch (InvalidProtocolBufferException e) {
                e.printStackTrace();
                return null;
            }
        }
        if (mutableErr.GetValue() == 0) {
            return null;
        }
        mutableInt.SetValue(mutableErr.GetValue());
        return null;
    }

    public static Security.TicketAndKey RenewTicketAndKey(Security.ServerKeyType serverKeyType, Security.TicketAndKey ticketAndKey, long j, MutableInt mutableInt) {
        int[] iArr = new int[0];
        if (ticketAndKey.hasUserCreds() && ticketAndKey.getUserCreds().hasUserName()) {
            iArr = new UnixUserGroupHelper().getGroups(ticketAndKey.getUserCreds().getUserName());
        }
        JNISecurity.MutableErr mutableErr = new JNISecurity.MutableErr();
        byte[] RenewTicketAndKeyInternal = JNISecurity.RenewTicketAndKeyInternal(serverKeyType.getNumber(), ticketAndKey.toByteArray(), iArr, j, mutableErr);
        if (RenewTicketAndKeyInternal != null) {
            try {
                return Security.TicketAndKey.parseFrom(RenewTicketAndKeyInternal);
            } catch (InvalidProtocolBufferException e) {
                e.printStackTrace();
                return null;
            }
        }
        if (mutableErr.GetValue() == 0) {
            return null;
        }
        mutableInt.SetValue(mutableErr.GetValue());
        return null;
    }

    public static Security.Ticket DecryptTicket(byte[] bArr, MutableInt mutableInt) {
        JNISecurity.MutableErr mutableErr = new JNISecurity.MutableErr();
        byte[] DecryptTicketInternal2 = JNISecurity.DecryptTicketInternal2(bArr, mutableErr, 0);
        if (DecryptTicketInternal2 != null) {
            try {
                return Security.Ticket.parseFrom(DecryptTicketInternal2);
            } catch (InvalidProtocolBufferException e) {
                e.printStackTrace();
                return null;
            }
        }
        if (mutableErr.GetValue() == 0) {
            return null;
        }
        mutableInt.SetValue(mutableErr.GetValue());
        return null;
    }

    public static int SetTicketAndKeyFile(String str) {
        return JNISecurity.SetTicketAndKeyFileInternal(str);
    }

    public static int SetTicketAndKey(Security.ServerKeyType serverKeyType, String str, Security.TicketAndKey ticketAndKey) {
        return JNISecurity.SetTicketAndKeyInternal(serverKeyType.getNumber(), str, ticketAndKey.toByteArray());
    }

    public static void UseClusterTicketAsServerTicket() {
        JNISecurity.UseClusterTicketAsServerTicketInternal();
    }

    public static Security.TicketAndKey GetTicketAndKeyForCluster(Security.ServerKeyType serverKeyType, String str, MutableInt mutableInt) {
        JNISecurity.MutableErr mutableErr = new JNISecurity.MutableErr();
        byte[] GetTicketAndKeyForClusterInternal = JNISecurity.GetTicketAndKeyForClusterInternal(serverKeyType.getNumber(), str, mutableErr);
        if (GetTicketAndKeyForClusterInternal == null) {
            if (mutableErr.GetValue() == 0) {
                return null;
            }
            mutableInt.SetValue(mutableErr.GetValue());
            return null;
        }
        try {
            return Security.TicketAndKey.parseFrom(GetTicketAndKeyForClusterInternal);
        } catch (InvalidProtocolBufferException e) {
            e.printStackTrace();
            return null;
        } catch (Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public static Security.Key GetServerKey(Security.Key key, long j) {
        ByteBuffer allocate = ByteBuffer.allocate(KeySizeInBytes + 8);
        allocate.putLong(0L);
        allocate.put(key.getKey().toByteArray());
        byte[] GetHash = JNISecurity.GetHash(0, allocate.array());
        Security.Key.Builder newBuilder = Security.Key.newBuilder();
        newBuilder.setKey(ByteString.copyFrom(GetHash));
        return newBuilder.build();
    }

    public static Security.Key GetClusterKey(Security.Key key, long j) {
        ByteBuffer allocate = ByteBuffer.allocate(KeySizeInBytes + 8);
        allocate.putLong(97L);
        allocate.put(key.getKey().toByteArray());
        byte[] GetHash = JNISecurity.GetHash(0, allocate.array());
        Security.Key.Builder newBuilder = Security.Key.newBuilder();
        newBuilder.setKey(ByteString.copyFrom(GetHash));
        return newBuilder.build();
    }

    public static String ByteArrayToString(String str, byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(str + "\n");
        for (byte b : bArr) {
            stringBuffer.append(String.format("%02X", Byte.valueOf(b)));
        }
        return stringBuffer.toString();
    }

    public static String UserCredsToString(String str, Security.CredentialsMsg credentialsMsg) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(str + "\n");
        stringBuffer.append("UserName " + credentialsMsg.getUserName() + "\n");
        stringBuffer.append("UID " + credentialsMsg.getUid() + "\n");
        stringBuffer.append("GIDS " + credentialsMsg.getGids(0) + "\n");
        return stringBuffer.toString();
    }

    public static String TicketAndKeyToString(String str, Security.TicketAndKey ticketAndKey) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(str + "\n");
        stringBuffer.append(ByteArrayToString("EncryptedTicket", ticketAndKey.getEncryptedTicket().toByteArray()) + "\n");
        stringBuffer.append(UserCredsToString("UserCreds ", ticketAndKey.getUserCreds()) + "\n");
        stringBuffer.append(ByteArrayToString("UserKey ", ticketAndKey.getUserKey().getKey().toByteArray()) + "\n");
        return stringBuffer.toString();
    }

    public static String TicketToString(String str, Security.Ticket ticket) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(str + "\n");
        stringBuffer.append(UserCredsToString("UserCreds ", ticket.getUserCreds()) + "\n");
        stringBuffer.append(ByteArrayToString("UserKey ", ticket.getUserKey().getKey().toByteArray()) + "\n");
        return stringBuffer.toString();
    }

    public static Security.Ticket ValidateTicketAndKey(Security.TicketAndKey ticketAndKey, MutableInt mutableInt) {
        Security.Ticket DecryptTicket = DecryptTicket(ticketAndKey.getEncryptedTicket().toByteArray(), mutableInt);
        if (DecryptTicket == null) {
            mutableInt.SetValue(22);
            return null;
        }
        byte[] byteArray = ticketAndKey.getUserKey().getKey().toByteArray();
        byte[] byteArray2 = DecryptTicket.getUserKey().getKey().toByteArray();
        if (byteArray.length != byteArray2.length) {
            mutableInt.SetValue(22);
            return null;
        }
        for (int i = 0; i < byteArray.length; i++) {
            if (byteArray[i] != byteArray2[i]) {
                mutableInt.SetValue(22);
                return null;
            }
        }
        return DecryptTicket;
    }

    public static boolean IsTicketAndKeyUsable(Security.TicketAndKey ticketAndKey) {
        return ticketAndKey != null && System.currentTimeMillis() / 1000 < ticketAndKey.getExpiryTime();
    }

    public static void BlacklistAndCloseConnections(int[] iArr, long[] jArr, boolean z) {
        if (iArr == null || iArr.length == 0) {
            System.out.println("Incorrect uids specified for blacklisting");
            return;
        }
        if (jArr == null || jArr.length == 0) {
            System.out.println("Incorrect uids specified for blacklisting");
        } else if (iArr.length != jArr.length) {
            System.out.println("Number of uids passed does not match number of blacklist times passed");
        } else {
            JNISecurity.BlacklistAndCloseConnections(iArr, jArr, z);
        }
    }

    public static void RemoveFromBlacklist(int[] iArr) {
        if (iArr == null || iArr.length == 0) {
            System.out.println("No uids to be cleaned up from blacklist");
        } else {
            JNISecurity.RemoveFromBlacklist(iArr);
        }
    }

    public static void TestSecurity() {
        try {
            MutableInt mutableInt = new MutableInt();
            Security.Key GenerateRandomKey = GenerateRandomKey();
            byte[] EncodeDataForWritingToKeyFile = EncodeDataForWritingToKeyFile(GenerateRandomKey.toByteArray(), mutableInt);
            FileOutputStream fileOutputStream = new FileOutputStream("/tmp/key-file");
            fileOutputStream.write(EncodeDataForWritingToKeyFile);
            fileOutputStream.write(new String(AuditConstants.NEWLINE).getBytes("UTF-8"));
            fileOutputStream.close();
            System.out.println(ByteArrayToString("Key", GenerateRandomKey.getKey().toByteArray()));
            SetKeyFile(Security.ServerKeyType.CldbKey, "/tmp/key-file");
            TicketOptionalParams ticketOptionalParams = new TicketOptionalParams();
            ticketOptionalParams.setIsExternal(true);
            Security.TicketAndKey GenerateTicketAndKey = GenerateTicketAndKey(Security.ServerKeyType.CldbKey, "root", 0, new int[]{0}, MAX_EXPIRY_TIME, 0L, ticketOptionalParams, mutableInt);
            byte[] EncodeDataForWritingToKeyFile2 = EncodeDataForWritingToKeyFile(GenerateTicketAndKey.toByteArray(), mutableInt);
            FileOutputStream fileOutputStream2 = new FileOutputStream("/tmp/ticket-file");
            fileOutputStream2.write("default ".getBytes("UTF-8"));
            fileOutputStream2.write(EncodeDataForWritingToKeyFile2);
            fileOutputStream2.write(new String(AuditConstants.NEWLINE).getBytes("UTF-8"));
            fileOutputStream2.close();
            SetTicketAndKeyFile("/tmp/ticket-file");
            System.out.println("Calling GetTicketAndKeyForCluster");
            Security.Key GetKey = GetKey(Security.ServerKeyType.CldbKey, mutableInt);
            Security.Key GetServerKey = GetServerKey(GetKey, System.currentTimeMillis());
            System.out.println(ByteArrayToString("CLDB Key", GetKey.getKey().toByteArray()));
            System.out.println(ByteArrayToString("Server Key", GetServerKey.getKey().toByteArray()));
            System.out.println(TicketToString(" Anurag - Validated Ticket ", ValidateTicketAndKey(GenerateTicketAndKey, mutableInt)));
            Security.TicketAndKey GetTicketAndKeyForCluster = GetTicketAndKeyForCluster(Security.ServerKeyType.CldbKey, "default", mutableInt);
            System.out.println(TicketAndKeyToString("default", GetTicketAndKeyForCluster));
            System.out.println(AuditConstants.NEWLINE);
            System.out.println(TicketToString("Ticket ", DecryptTicket(GetTicketAndKeyForCluster.getEncryptedTicket().toByteArray(), mutableInt)));
            System.out.println(AuditConstants.NEWLINE);
        } catch (Exception e) {
            System.out.println("Exception " + e);
        }
    }

    public static void main(String[] strArr) {
        System.out.println("Hello, World");
        TestSecurity();
    }

    static {
        ShimLoader.load();
        KeySizeInBytes = 32;
        MAX_EXPIRY_TIME = 922337203685477L;
    }
}
