package org.apache.hadoop.crypto.key;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import org.apache.hadoop.conf.Configuration;
import org.apache.ranger.entity.XXRangerKeyStore;
import org.apache.ranger.kms.dao.DaoManager;

/* loaded from: input_file:org/apache/hadoop/crypto/key/MigrateDBMKeyToGCP.class */
public class MigrateDBMKeyToGCP {
    private static final String ENCRYPTION_KEY = "ranger.db.encrypt.key.password";
    private static RangerGoogleCloudHSMProvider rangerGcpProvider;
    private RangerKeyStore dbStore;

    public static void main(String[] strArr) throws Exception {
        if (strArr == null || strArr.length != 5) {
            System.err.println("Invalid number of parameters found.");
            showUsage();
            System.exit(1);
            return;
        }
        Configuration dBKSConf = RangerKeyStoreProvider.getDBKSConf();
        String str = strArr[0];
        String str2 = strArr[1];
        String str3 = strArr[2];
        String str4 = strArr[3];
        String str5 = strArr[4];
        if (dBKSConf == null) {
            System.out.println("Migration of Master Key from Ranger KMS DB to GCP failed, Error - Configuration is null.");
            System.exit(1);
            return;
        }
        dBKSConf.set("ranger.kms.gcp.masterkey.name", str);
        dBKSConf.set("ranger.kms.gcp.project.id", str2);
        dBKSConf.set("ranger.kms.gcp.keyring.id", str3);
        dBKSConf.set("ranger.kms.gcp.location.id", str4);
        dBKSConf.set("ranger.kms.gcp.cred.file", str5);
        rangerGcpProvider = new RangerGoogleCloudHSMProvider(dBKSConf);
        rangerGcpProvider.onInitialization();
        if (new MigrateDBMKeyToGCP().doExportMKToGcp(dBKSConf, str)) {
            System.out.println("Master Key from Ranger KMS DB has been successfully migrated to GCP.");
            System.exit(0);
        } else {
            System.out.println("Migration of Master Key from Ranger KMS DB to GCP has been unsuccessful.");
            System.exit(1);
        }
    }

    private boolean doExportMKToGcp(Configuration configuration, String str) {
        try {
            String str2 = configuration.get("ranger.db.encrypt.key.password");
            if (str2 == null || str2.trim().equals("") || str2.trim().equals("_") || str2.trim().equals("crypted")) {
                throw new IOException("Master Key Jceks does not exists");
            }
            DaoManager daoManager = new RangerKMSDB(configuration).getDaoManager();
            System.out.println("Creating masterkey with the name - " + str);
            if (!rangerGcpProvider.generateMasterKey(null)) {
                return false;
            }
            System.out.println("Masterkey with the name '" + str + "' created successfully on Google Cloud KMS.");
            this.dbStore = new RangerKeyStore(daoManager, false, (RangerKMSMKI) rangerGcpProvider);
            char[] charArray = new RangerMasterKey(daoManager).getMasterKey(str2).toCharArray();
            ArrayList arrayList = new ArrayList();
            this.dbStore.engineLoad(null, charArray);
            Enumeration<String> engineAliases = this.dbStore.engineAliases();
            while (engineAliases.hasMoreElements()) {
                String nextElement = engineAliases.nextElement();
                arrayList.add(this.dbStore.convertKeysBetweenRangerKMSAndGCP(nextElement, this.dbStore.engineGetKey(nextElement, charArray), rangerGcpProvider));
            }
            if (arrayList == null || arrayList.isEmpty()) {
                return true;
            }
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                this.dbStore.dbOperationStore((XXRangerKeyStore) it.next());
            }
            return true;
        } catch (Throwable th) {
            throw new RuntimeException("Unable to migrate Master key from Ranger KMS DB to GCP ", th);
        }
    }

    private static void showUsage() {
        System.err.println("USAGE: java " + MigrateDBMKeyToGCP.class.getName() + " <gcpMasterKeyName> <gcpProjectName> <gcpKeyRingName> <gcpKeyRingLocationName> <pathOfJsonCredFile> ");
    }
}
