package org.apache.hadoop.util;

import java.io.IOException;
import java.net.URI;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.crypto.key.KeyProvider;
import org.apache.hadoop.crypto.key.KeyProviderCryptoExtension;
import org.apache.hadoop.crypto.key.KeyProviderFactory;
import org.apache.hadoop.crypto.key.kms.KMSClientProvider;
import org.apache.hadoop.crypto.key.kms.KMSRESTConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@InterfaceAudience.Private
/* loaded from: input_file:WEB-INF/lib/hadoop-common-3.3.4.202-eep-911.jar:org/apache/hadoop/util/KMSUtil.class */
public final class KMSUtil {
    public static final Logger LOG = LoggerFactory.getLogger((Class<?>) KMSUtil.class);

    private KMSUtil() {
    }

    public static KeyProvider createKeyProvider(Configuration configuration, String str) throws IOException {
        LOG.debug("Creating key provider with config key {}", str);
        URI keyProviderUri = getKeyProviderUri(configuration, str);
        if (keyProviderUri != null) {
            return createKeyProviderFromUri(configuration, keyProviderUri);
        }
        return null;
    }

    public static URI getKeyProviderUri(Configuration configuration) {
        return getKeyProviderUri(configuration, "hadoop.security.key.provider.path");
    }

    public static URI getKeyProviderUri(Configuration configuration, String str) {
        String trimmed = configuration.getTrimmed(str);
        if (trimmed == null || trimmed.isEmpty()) {
            return null;
        }
        return URI.create(trimmed);
    }

    public static KeyProvider createKeyProviderFromUri(Configuration configuration, URI uri) throws IOException {
        KeyProvider keyProvider = KeyProviderFactory.get(uri, configuration);
        if (keyProvider == null) {
            throw new IOException("Could not instantiate KeyProvider for uri: " + uri);
        }
        if (keyProvider.isTransient()) {
            throw new IOException("KeyProvider " + keyProvider.toString() + " was found but it is a transient provider.");
        }
        return keyProvider;
    }

    public static Map toJSON(KeyProvider.KeyVersion keyVersion) {
        HashMap hashMap = new HashMap();
        if (keyVersion != null) {
            hashMap.put("name", keyVersion.getName());
            hashMap.put(KMSRESTConstants.VERSION_NAME_FIELD, keyVersion.getVersionName());
            hashMap.put(KMSRESTConstants.MATERIAL_FIELD, Base64.encodeBase64URLSafeString(keyVersion.getMaterial()));
        }
        return hashMap;
    }

    public static Map toJSON(KeyProviderCryptoExtension.EncryptedKeyVersion encryptedKeyVersion) {
        HashMap hashMap = new HashMap();
        if (encryptedKeyVersion != null) {
            hashMap.put(KMSRESTConstants.VERSION_NAME_FIELD, encryptedKeyVersion.getEncryptionKeyVersionName());
            hashMap.put(KMSRESTConstants.IV_FIELD, Base64.encodeBase64URLSafeString(encryptedKeyVersion.getEncryptedKeyIv()));
            hashMap.put(KMSRESTConstants.ENCRYPTED_KEY_VERSION_FIELD, toJSON(encryptedKeyVersion.getEncryptedKeyVersion()));
        }
        return hashMap;
    }

    public static <T> T checkNotNull(T t, String str) throws IllegalArgumentException {
        if (t == null) {
            throw new IllegalArgumentException("Parameter '" + str + "' cannot be null");
        }
        return t;
    }

    public static String checkNotEmpty(String str, String str2) throws IllegalArgumentException {
        checkNotNull(str, str2);
        if (str.isEmpty()) {
            throw new IllegalArgumentException("Parameter '" + str2 + "' cannot be empty");
        }
        return str;
    }

    public static List<KeyProviderCryptoExtension.EncryptedKeyVersion> parseJSONEncKeyVersions(String str, List list) {
        checkNotNull(list, "valueList");
        ArrayList arrayList = new ArrayList(list.size());
        if (!list.isEmpty()) {
            Iterator it = list.iterator();
            while (it.hasNext()) {
                arrayList.add(parseJSONEncKeyVersion(str, (Map) it.next()));
            }
        }
        return arrayList;
    }

    public static KeyProviderCryptoExtension.EncryptedKeyVersion parseJSONEncKeyVersion(String str, Map map) {
        checkNotNull(map, "valueMap");
        String str2 = (String) checkNotNull((String) map.get(KMSRESTConstants.VERSION_NAME_FIELD), KMSRESTConstants.VERSION_NAME_FIELD);
        byte[] decodeBase64 = Base64.decodeBase64((String) checkNotNull((String) map.get(KMSRESTConstants.IV_FIELD), KMSRESTConstants.IV_FIELD));
        Map map2 = (Map) checkNotNull((Map) map.get(KMSRESTConstants.ENCRYPTED_KEY_VERSION_FIELD), KMSRESTConstants.ENCRYPTED_KEY_VERSION_FIELD);
        return new KMSClientProvider.KMSEncryptedKeyVersion(str, str2, decodeBase64, (String) checkNotNull((String) map2.get(KMSRESTConstants.VERSION_NAME_FIELD), KMSRESTConstants.VERSION_NAME_FIELD), Base64.decodeBase64((String) checkNotNull((String) map2.get(KMSRESTConstants.MATERIAL_FIELD), KMSRESTConstants.MATERIAL_FIELD)));
    }

    public static KeyProvider.KeyVersion parseJSONKeyVersion(Map map) {
        checkNotNull(map, "valueMap");
        KMSClientProvider.KMSKeyVersion kMSKeyVersion = null;
        if (!map.isEmpty()) {
            kMSKeyVersion = new KMSClientProvider.KMSKeyVersion((String) map.get("name"), (String) map.get(KMSRESTConstants.VERSION_NAME_FIELD), map.containsKey(KMSRESTConstants.MATERIAL_FIELD) ? Base64.decodeBase64((String) map.get(KMSRESTConstants.MATERIAL_FIELD)) : null);
        }
        return kMSKeyVersion;
    }

    public static KeyProvider.Metadata parseJSONMetadata(Map map) {
        checkNotNull(map, "valueMap");
        KMSClientProvider.KMSMetadata kMSMetadata = null;
        if (!map.isEmpty()) {
            kMSMetadata = new KMSClientProvider.KMSMetadata((String) map.get(KMSRESTConstants.CIPHER_FIELD), ((Integer) map.get("length")).intValue(), (String) map.get(KMSRESTConstants.DESCRIPTION_FIELD), (Map) map.get(KMSRESTConstants.ATTRIBUTES_FIELD), new Date(((Long) map.get("created")).longValue()), ((Integer) map.get("versions")).intValue());
        }
        return kMSMetadata;
    }
}
