package org.apache.hadoop.net.hopssslchecks;

import io.hops.security.CertificateLocalization;
import io.hops.security.HopsUtil;
import java.io.File;
import java.io.IOException;
import java.nio.file.Paths;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.net.HopsSSLSocketFactory;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.ssl.X509SecurityMaterial;

/* loaded from: input_file:WEB-INF/lib/hadoop-client-api-3.2.0.11-EE-RC0.jar:org/apache/hadoop/net/hopssslchecks/NormalUserMaterilizeDirSSLCheck.class */
public class NormalUserMaterilizeDirSSLCheck extends AbstractHopsSSLCheck {
    private static final Log LOG = LogFactory.getLog(NormalUserMaterilizeDirSSLCheck.class);

    public NormalUserMaterilizeDirSSLCheck() {
        super(95);
    }

    @Override // org.apache.hadoop.net.hopssslchecks.AbstractHopsSSLCheck, org.apache.hadoop.net.hopssslchecks.HopsSSLCheck
    public HopsSSLCryptoMaterial check(UserGroupInformation userGroupInformation, Set<String> set, Configuration configuration, CertificateLocalization certificateLocalization) throws IOException {
        String keyStorePass;
        String path;
        String userName = userGroupInformation.getUserName();
        if (!userName.matches(HopsSSLSocketFactory.USERNAME_PATTERN) && set.contains(userName)) {
            return null;
        }
        String str = configuration.get(HopsSSLSocketFactory.CryptoKeys.CLIENT_MATERIALIZE_DIR.getValue(), HopsSSLSocketFactory.CryptoKeys.CLIENT_MATERIALIZE_DIR.getDefaultValue());
        if (!Paths.get(str, userName + HopsSSLSocketFactory.KEYSTORE_SUFFIX).toFile().exists()) {
            return null;
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("Crypto material found in " + str);
        }
        if (certificateLocalization != null) {
            try {
                X509SecurityMaterial x509MaterialLocation = certificateLocalization.getX509MaterialLocation(userName);
                keyStorePass = x509MaterialLocation.getKeyStorePass();
                path = x509MaterialLocation.getPasswdLocation().toString();
            } catch (InterruptedException e) {
                throw new IOException(e);
            }
        } else {
            File file = Paths.get(str, userName + HopsSSLSocketFactory.PASSWD_FILE_SUFFIX).toFile();
            keyStorePass = HopsUtil.readCryptoMaterialPassword(file);
            path = file.toString();
        }
        return new HopsSSLCryptoMaterial(Paths.get(str, userName + HopsSSLSocketFactory.KEYSTORE_SUFFIX).toString(), keyStorePass, keyStorePass, Paths.get(str, userName + HopsSSLSocketFactory.TRUSTSTORE_SUFFIX).toString(), keyStorePass, path, true);
    }
}
