package org.apache.hadoop.hbase.util;

import java.security.Key;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.crypto.spec.SecretKeySpec;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.hbase.HBaseClassTestRule;
import org.apache.hadoop.hbase.HBaseTestingUtil;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.client.ColumnFamilyDescriptorBuilder;
import org.apache.hadoop.hbase.client.Put;
import org.apache.hadoop.hbase.client.Table;
import org.apache.hadoop.hbase.client.TableDescriptor;
import org.apache.hadoop.hbase.client.TableDescriptorBuilder;
import org.apache.hadoop.hbase.io.crypto.Encryption;
import org.apache.hadoop.hbase.io.crypto.KeyProviderForTesting;
import org.apache.hadoop.hbase.io.hfile.CacheConfig;
import org.apache.hadoop.hbase.io.hfile.HFile;
import org.apache.hadoop.hbase.master.assignment.MockMasterServices;
import org.apache.hadoop.hbase.regionserver.HStore;
import org.apache.hadoop.hbase.regionserver.HStoreFile;
import org.apache.hadoop.hbase.regionserver.Region;
import org.apache.hadoop.hbase.security.EncryptionUtil;
import org.apache.hadoop.hbase.security.User;
import org.apache.hadoop.hbase.testclassification.MediumTests;
import org.apache.hadoop.hbase.testclassification.MiscTests;
import org.apache.hadoop.hbase.util.hbck.HFileCorruptionChecker;
import org.apache.hadoop.hbase.util.hbck.HbckTestingUtil;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.ClassRule;
import org.junit.Test;
import org.junit.experimental.categories.Category;

@Category({MiscTests.class, MediumTests.class})
/* loaded from: input_file:org/apache/hadoop/hbase/util/TestHBaseFsckEncryption.class */
public class TestHBaseFsckEncryption {

    @ClassRule
    public static final HBaseClassTestRule CLASS_RULE = HBaseClassTestRule.forClass(TestHBaseFsckEncryption.class);
    private static final HBaseTestingUtil TEST_UTIL = new HBaseTestingUtil();
    private Configuration conf;
    private TableDescriptor tableDescriptor;
    private Key cfKey;

    @Before
    public void setUp() throws Exception {
        this.conf = TEST_UTIL.getConfiguration();
        this.conf.setInt("hfile.format.version", 3);
        this.conf.set("hbase.crypto.keyprovider", KeyProviderForTesting.class.getName());
        this.conf.set("hbase.crypto.master.key.name", "hbase");
        byte[] bArr = new byte[16];
        Bytes.secureRandom(bArr);
        String str = this.conf.get("hbase.crypto.key.algorithm", "AES");
        this.cfKey = new SecretKeySpec(bArr, str);
        TEST_UTIL.startMiniCluster(3);
        TableDescriptorBuilder newBuilder = TableDescriptorBuilder.newBuilder(TableName.valueOf("default", "TestHBaseFsckEncryption"));
        newBuilder.setColumnFamily(ColumnFamilyDescriptorBuilder.newBuilder(Bytes.toBytes(MockMasterServices.DEFAULT_COLUMN_FAMILY_NAME)).setEncryptionType(str).setEncryptionKey(EncryptionUtil.wrapKey(this.conf, this.conf.get("hbase.crypto.master.key.name", User.getCurrent().getShortName()), this.cfKey)).build());
        this.tableDescriptor = newBuilder.build();
        TEST_UTIL.getAdmin().createTable(this.tableDescriptor);
        TEST_UTIL.waitTableAvailable(this.tableDescriptor.getTableName(), 5000L);
    }

    @After
    public void tearDown() throws Exception {
        TEST_UTIL.shutdownMiniCluster();
    }

    @Test
    public void testFsckWithEncryption() throws Exception {
        Table table = TEST_UTIL.getConnection().getTable(this.tableDescriptor.getTableName());
        try {
            byte[] bArr = {65, 66, 67, 68};
            for (int i = 0; i < bArr.length; i++) {
                for (int i2 = 0; i2 < bArr.length; i2++) {
                    Put put = new Put(new byte[]{bArr[i], bArr[i2]});
                    put.addColumn(Bytes.toBytes(MockMasterServices.DEFAULT_COLUMN_FAMILY_NAME), new byte[0], new byte[]{bArr[i], bArr[i2]});
                    table.put(put);
                }
            }
            TEST_UTIL.getAdmin().flush(this.tableDescriptor.getTableName());
            List<Path> findStorefilePaths = findStorefilePaths(this.tableDescriptor.getTableName());
            Assert.assertTrue(findStorefilePaths.size() > 0);
            for (Path path : findStorefilePaths) {
                Assert.assertTrue("Store file " + path + " has incorrect key", Bytes.equals(this.cfKey.getEncoded(), extractHFileKey(path)));
            }
            HBaseFsck doHFileQuarantine = HbckTestingUtil.doHFileQuarantine(this.conf, this.tableDescriptor.getTableName());
            Assert.assertEquals(0L, doHFileQuarantine.getRetCode());
            HFileCorruptionChecker hFilecorruptionChecker = doHFileQuarantine.getHFilecorruptionChecker();
            Assert.assertEquals(0L, hFilecorruptionChecker.getCorrupted().size());
            Assert.assertEquals(0L, hFilecorruptionChecker.getFailures().size());
            Assert.assertEquals(0L, hFilecorruptionChecker.getQuarantined().size());
            Assert.assertEquals(0L, hFilecorruptionChecker.getMissing().size());
        } finally {
            table.close();
        }
    }

    private List<Path> findStorefilePaths(TableName tableName) throws Exception {
        ArrayList arrayList = new ArrayList();
        Iterator it = TEST_UTIL.getRSForFirstRegionInTable(tableName).getRegions(this.tableDescriptor.getTableName()).iterator();
        while (it.hasNext()) {
            Iterator it2 = ((Region) it.next()).getStores().iterator();
            while (it2.hasNext()) {
                Iterator it3 = ((HStore) it2.next()).getStorefiles().iterator();
                while (it3.hasNext()) {
                    arrayList.add(((HStoreFile) it3.next()).getPath());
                }
            }
        }
        return arrayList;
    }

    private byte[] extractHFileKey(Path path) throws Exception {
        HFile.Reader createReader = HFile.createReader(TEST_UTIL.getTestFileSystem(), path, new CacheConfig(this.conf), true, this.conf);
        try {
            Encryption.Context encryptionContext = createReader.getFileContext().getEncryptionContext();
            Assert.assertNotNull("Reader has a null crypto context", encryptionContext);
            Key key = encryptionContext.getKey();
            Assert.assertNotNull("Crypto context has no key", key);
            byte[] encoded = key.getEncoded();
            createReader.close();
            return encoded;
        } catch (Throwable th) {
            createReader.close();
            throw th;
        }
    }
}
