package org.apache.hadoop.crypto.key;

import com.sun.org.apache.xml.internal.security.utils.Base64;
import java.io.IOException;
import org.apache.hadoop.conf.Configuration;

/* loaded from: input_file:org/apache/hadoop/crypto/key/DBToKeySecure.class */
public class DBToKeySecure {
    private static final String ENCRYPTION_KEY = "ranger.db.encrypt.key.password";
    private static final String KEYSECURE_MASTERKEY_NAME = "ranger.kms.keysecure.masterkey.name";
    private static final String KEYSECURE_LOGIN = "ranger.kms.keysecure.login";
    private static final String CFGFILEPATH = "ranger.kms.keysecure.sunpkcs11.cfg.filepath";

    public static void showUsage() {
        System.err.println("USAGE: java " + DBToKeySecure.class.getName() + " <keySecureMasterKeyName> <keySecureUsername> <keySecurePassword> <sunpkcs11CfgFilePath>");
    }

    public static void main(String[] strArr) {
        if (strArr.length < 4) {
            System.err.println("Invalid number of parameters found.");
            showUsage();
            System.exit(1);
            return;
        }
        Configuration dBKSConf = RangerKeyStoreProvider.getDBKSConf();
        String str = strArr[0];
        if (str == null || str.trim().isEmpty()) {
            System.err.println("Key Secure master key name not provided.");
            showUsage();
            System.exit(1);
        }
        String str2 = strArr[1];
        if (str2 == null || str2.trim().isEmpty()) {
            System.err.println("Key Secure username not provided.");
            showUsage();
            System.exit(1);
        }
        String str3 = strArr[2];
        if (str3 == null || str3.trim().isEmpty()) {
            System.err.println("Key Secure password not provided.");
            showUsage();
            System.exit(1);
        }
        String str4 = strArr[3];
        if (str4 == null || str4.trim().isEmpty()) {
            System.err.println("sunpkcs11 Configuration File Path not provided");
            showUsage();
            System.exit(1);
        }
        if (new DBToKeySecure().doExportMKToKeySecure(str, str2, str3, str4, dBKSConf)) {
            System.out.println("Master Key from Ranger KMS DB has been successfully imported into Key Secure.");
        } else {
            System.out.println("Import of Master Key from DB has been unsuccessful.");
            System.exit(1);
        }
        System.exit(0);
    }

    private boolean doExportMKToKeySecure(String str, String str2, String str3, String str4, Configuration configuration) {
        try {
            String str5 = configuration.get("ranger.db.encrypt.key.password");
            if (str5 == null || str5.trim().equals("") || str5.trim().equals("_") || str5.trim().equals("crypted")) {
                throw new IOException("Master Key Jceks does not exists");
            }
            configuration.set(CFGFILEPATH, str4);
            configuration.set(KEYSECURE_MASTERKEY_NAME, str);
            configuration.set(KEYSECURE_LOGIN, str2 + ":" + str3);
            byte[] decode = Base64.decode(new RangerMasterKey(new RangerKMSDB(configuration).getDaoManager()).getMasterKey(configuration.get("ranger.db.encrypt.key.password")));
            if (configuration != null) {
                return new RangerSafenetKeySecure(configuration).setMasterKey(str3, decode, configuration);
            }
            return false;
        } catch (Throwable th) {
            throw new RuntimeException("Unable to import Master key from Ranger DB to KeySecure ", th);
        }
    }
}
