package org.apache.hadoop.hdfs.server.namenode;

import java.io.File;
import java.io.FileWriter;
import java.util.Arrays;
import java.util.Collection;
import java.util.UUID;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.crypto.key.kms.server.KMSACLs;
import org.apache.hadoop.crypto.key.kms.server.KMSWebApp;
import org.apache.hadoop.crypto.key.kms.server.MiniKMS;
import org.apache.hadoop.fs.Path;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;

@RunWith(Parameterized.class)
/* loaded from: input_file:org/apache/hadoop/hdfs/server/namenode/TestReencryptionWithKMS.class */
public class TestReencryptionWithKMS extends TestReencryption {
    private MiniKMS miniKMS;
    private String kmsDir;
    private final boolean enableFGL;

    public TestReencryptionWithKMS(boolean z) {
        this.enableFGL = z;
    }

    @Parameterized.Parameters(name = "fgl: {0}")
    public static Collection<Object[]> data() {
        return Arrays.asList(new Object[]{false}, new Object[]{true});
    }

    @Override // org.apache.hadoop.hdfs.server.namenode.TestReencryption
    protected String getKeyProviderURI() {
        return "kms://" + this.miniKMS.getKMSUrl().toExternalForm().replace("://", "@");
    }

    @Override // org.apache.hadoop.hdfs.server.namenode.TestReencryption
    @Before
    public void setup() throws Exception {
        this.kmsDir = "target/test-classes/" + UUID.randomUUID().toString();
        File file = new File(this.kmsDir);
        Assert.assertTrue(file.mkdirs());
        this.miniKMS = new MiniKMS.Builder().setKmsConfDir(file).build();
        this.miniKMS.start();
        super.setup();
    }

    @Override // org.apache.hadoop.hdfs.server.namenode.TestReencryption
    @After
    public void teardown() {
        super.teardown();
        if (this.miniKMS != null) {
            this.miniKMS.stop();
        }
    }

    @Override // org.apache.hadoop.hdfs.server.namenode.TestReencryption
    protected void setProvider() {
    }

    @Test
    public void testReencryptionKMSACLs() throws Exception {
        Path path = new Path(this.kmsDir, "kms-acls.xml");
        Configuration configuration = new Configuration(false);
        configuration.setBoolean("dfs.namenode.fgl.enable", this.enableFGL);
        configuration.addResource(path);
        configuration.set(KMSACLs.Type.GET.getBlacklistConfigKey(), "*");
        configuration.set(KMSACLs.Type.GET_KEYS.getBlacklistConfigKey(), "*");
        File file = new File(path.toString());
        Assert.assertTrue(file.exists());
        FileWriter fileWriter = new FileWriter(file);
        Throwable th = null;
        try {
            try {
                configuration.writeXml(fileWriter);
                if (fileWriter != null) {
                    if (0 != 0) {
                        try {
                            fileWriter.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        fileWriter.close();
                    }
                }
                KMSWebApp.getACLs().run();
                testReencryptionBasic();
            } finally {
            }
        } catch (Throwable th3) {
            if (fileWriter != null) {
                if (th != null) {
                    try {
                        fileWriter.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    fileWriter.close();
                }
            }
            throw th3;
        }
    }

    @Override // org.apache.hadoop.hdfs.server.namenode.TestReencryption
    protected void rollKey(String str) throws Exception {
        this.dfsAdmin.getKeyProvider().rollNewVersion(str);
    }
}
