package org.apache.hadoop.crypto;

import java.io.File;
import java.io.IOException;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.io.FileUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.net.HopsSSLSocketFactory;
import org.apache.hadoop.net.NetUtils;
import org.apache.hadoop.net.SSLCertificateException;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.ssl.CertificateLocalization;
import org.apache.hadoop.security.ssl.HopsSSLTestUtils;
import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
import org.apache.hadoop.util.envVars.EnvironmentVariables;
import org.apache.hadoop.util.envVars.EnvironmentVariablesFactory;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;

/* loaded from: input_file:org/apache/hadoop/crypto/TestHopsSSLConfiguration.class */
public class TestHopsSSLConfiguration extends HopsSSLTestUtils {
    private File baseDirFile;
    private static File classPathDir;
    Configuration conf;
    HopsSSLSocketFactory hopsFactory;
    private final Log LOG = LogFactory.getLog(TestHopsSSLConfiguration.class);
    private final String BASEDIR = System.getProperty("test.build.dir", "target/test-dir") + "/" + TestHopsSSLConfiguration.class.getSimpleName();

    @Rule
    public final ExpectedException rule = ExpectedException.none();
    final List<String> filesToPurge = new ArrayList();

    /* loaded from: input_file:org/apache/hadoop/crypto/TestHopsSSLConfiguration$MockEnvironmentVariablesService.class */
    private class MockEnvironmentVariablesService implements EnvironmentVariables {
        private final Map<String, String> mockEnvVars;

        private MockEnvironmentVariablesService() {
            this.mockEnvVars = new HashMap();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void setEnv(String str, String str2) {
            this.mockEnvVars.put(str, str2);
        }

        public String getEnv(String str) {
            return this.mockEnvVars.get(str);
        }
    }

    @BeforeClass
    public static void beforeClass() throws Exception {
        classPathDir = new File(KeyStoreTestUtil.getClasspathDir(TestHopsSSLConfiguration.class));
    }

    @Before
    public void setUp() {
        this.conf = new Configuration();
        this.hopsFactory = new HopsSSLSocketFactory();
        this.baseDirFile = new File(this.BASEDIR);
        this.baseDirFile.mkdirs();
        this.filesToPurge.clear();
    }

    @After
    public void tearDown() throws IOException {
        if (this.baseDirFile.exists()) {
            FileUtils.deleteQuietly(this.baseDirFile);
        }
        purgeFiles();
        EnvironmentVariablesFactory.setInstance((EnvironmentVariables) null);
    }

    @AfterClass
    public static void afterClass() throws Exception {
        if (classPathDir != null) {
            File file = Paths.get(classPathDir.getAbsolutePath(), TestHopsSSLConfiguration.class.getSimpleName() + ".ssl-server.xml").toFile();
            if (file.exists()) {
                file.delete();
            }
        }
    }

    @Test
    public void testExistingConfIsPreserved() throws Exception {
        String localCanonicalHostname = NetUtils.getLocalCanonicalHostname();
        String str = "someDir/" + localCanonicalHostname + "__kstore.jks";
        String str2 = "someDir/" + localCanonicalHostname + "__tstore.jks";
        this.conf.set(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_FILEPATH_KEY.getValue(), str);
        this.conf.set(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_PASSWORD_KEY.getValue(), "somePassword");
        this.conf.set(HopsSSLSocketFactory.CryptoKeys.KEY_PASSWORD_KEY.getValue(), "anotherPassword");
        this.conf.set(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_FILEPATH_KEY.getValue(), str2);
        this.conf.set(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_PASSWORD_KEY.getValue(), "somePassword");
        UserGroupInformation createRemoteUser = UserGroupInformation.createRemoteUser("superuser");
        final HashSet hashSet = new HashSet(1);
        hashSet.add("superuser");
        createRemoteUser.doAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.crypto.TestHopsSSLConfiguration.1
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws SSLCertificateException {
                TestHopsSSLConfiguration.this.hopsFactory.setConf(TestHopsSSLConfiguration.this.conf);
                TestHopsSSLConfiguration.this.hopsFactory.configureCryptoMaterial((CertificateLocalization) null, hashSet);
                return null;
            }
        });
        Configuration conf = this.hopsFactory.getConf();
        Assert.assertEquals(str, conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("somePassword", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_PASSWORD_KEY.getValue()));
        Assert.assertEquals("anotherPassword", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_PASSWORD_KEY.getValue()));
        Assert.assertEquals(str2, conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("somePassword", conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_PASSWORD_KEY.getValue()));
    }

    @Test
    public void testWithNoConfigInTemp() throws Exception {
        this.conf.set(HopsSSLSocketFactory.CryptoKeys.CLIENT_MATERIALIZE_DIR.getValue(), "/tmp");
        String str = touchFile("/tmp/project__user__kstore.jks");
        String str2 = touchFile("/tmp/project__user__tstore.jks");
        Path path = Paths.get("/tmp", "project__user__cert.key");
        touchFile(path.toString());
        FileUtils.writeStringToFile(path.toFile(), "a_strong_password", false);
        UserGroupInformation createRemoteUser = UserGroupInformation.createRemoteUser("project__user");
        final HashSet hashSet = new HashSet(1);
        hashSet.add("superuser");
        createRemoteUser.doAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.crypto.TestHopsSSLConfiguration.2
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws SSLCertificateException {
                TestHopsSSLConfiguration.this.hopsFactory.setConf(TestHopsSSLConfiguration.this.conf);
                TestHopsSSLConfiguration.this.hopsFactory.configureCryptoMaterial((CertificateLocalization) null, hashSet);
                return null;
            }
        });
        Configuration conf = this.hopsFactory.getConf();
        Assert.assertEquals(str, conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("a_strong_password", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_PASSWORD_KEY.getValue()));
        Assert.assertEquals("a_strong_password", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_PASSWORD_KEY.getValue()));
        Assert.assertEquals(str2, conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("a_strong_password", conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_PASSWORD_KEY.getValue()));
    }

    @Test
    public void testWithNoConfigInClasspath() throws Exception {
        String property = System.getProperty("user.dir");
        touchFile(Paths.get(property, "k_certificate").toString());
        touchFile(Paths.get(property, "t_certificate").toString());
        Path path = Paths.get(property, "material_passwd");
        touchFile(path.toString());
        FileUtils.writeStringToFile(path.toFile(), "a_strong_password", false);
        UserGroupInformation createRemoteUser = UserGroupInformation.createRemoteUser("project__user");
        final HashSet hashSet = new HashSet(1);
        hashSet.add("superuser");
        createRemoteUser.doAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.crypto.TestHopsSSLConfiguration.3
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws SSLCertificateException {
                TestHopsSSLConfiguration.this.hopsFactory.setConf(TestHopsSSLConfiguration.this.conf);
                TestHopsSSLConfiguration.this.hopsFactory.configureCryptoMaterial((CertificateLocalization) null, hashSet);
                return null;
            }
        });
        Configuration conf = this.hopsFactory.getConf();
        Assert.assertEquals("k_certificate", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("a_strong_password", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_PASSWORD_KEY.getValue()));
        Assert.assertEquals("a_strong_password", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_PASSWORD_KEY.getValue()));
        Assert.assertEquals("t_certificate", conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("a_strong_password", conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_PASSWORD_KEY.getValue()));
    }

    @Test
    public void testBothConfigExisting() throws Exception {
        String property = System.getProperty("java.io.tmpdir");
        this.conf.set(HopsSSLSocketFactory.CryptoKeys.CLIENT_MATERIALIZE_DIR.getValue(), "/tmp");
        String path = Paths.get(property, "project__user__kstore.jks").toString();
        String path2 = Paths.get(property, "project__user__tstore.jks").toString();
        Path path3 = Paths.get(property, "project__user__cert.key");
        touchFile(path);
        touchFile(path2);
        touchFile(path3.toString());
        FileUtils.writeStringToFile(path3.toFile(), "a_strong_password", false);
        String localCanonicalHostname = NetUtils.getLocalCanonicalHostname();
        String path4 = Paths.get(property, localCanonicalHostname + "__kstore.jks").toString();
        String path5 = Paths.get(property, localCanonicalHostname + "__tstore.jks").toString();
        touchFile(path4);
        touchFile(path5);
        this.conf.set(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_FILEPATH_KEY.getValue(), "/tmp/" + localCanonicalHostname + "__kstore.jks");
        this.conf.set(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_FILEPATH_KEY.getValue(), "/tmp/" + localCanonicalHostname + "__tstore.jks");
        UserGroupInformation createRemoteUser = UserGroupInformation.createRemoteUser("project__user");
        final HashSet hashSet = new HashSet(1);
        hashSet.add("superuser");
        createRemoteUser.doAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.crypto.TestHopsSSLConfiguration.4
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws SSLCertificateException {
                TestHopsSSLConfiguration.this.hopsFactory.setConf(TestHopsSSLConfiguration.this.conf);
                TestHopsSSLConfiguration.this.hopsFactory.configureCryptoMaterial((CertificateLocalization) null, hashSet);
                return null;
            }
        });
        Configuration conf = this.hopsFactory.getConf();
        Assert.assertEquals(path, conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("a_strong_password", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_PASSWORD_KEY.getValue()));
        Assert.assertEquals("a_strong_password", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_PASSWORD_KEY.getValue()));
        Assert.assertEquals(path2, conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("a_strong_password", conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_PASSWORD_KEY.getValue()));
    }

    @Test
    public void testConfigurationWithMissingCertificatesNormalUser() throws Exception {
        UserGroupInformation createRemoteUser = UserGroupInformation.createRemoteUser("project__user");
        final HashSet hashSet = new HashSet(1);
        hashSet.add("superuser");
        this.rule.expect(SSLCertificateException.class);
        createRemoteUser.doAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.crypto.TestHopsSSLConfiguration.5
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws SSLCertificateException {
                TestHopsSSLConfiguration.this.hopsFactory.setConf(TestHopsSSLConfiguration.this.conf);
                TestHopsSSLConfiguration.this.hopsFactory.configureCryptoMaterial((CertificateLocalization) null, hashSet);
                return null;
            }
        });
    }

    @Test
    public void testConfigurationWithMissingCertificatesSuperUser() throws Exception {
        UserGroupInformation createRemoteUser = UserGroupInformation.createRemoteUser("superuser");
        createServerSSLConfig("/tmp/kstore.jks", "pass", "/tmp/tstore.jks", "pass", this.conf);
        final HashSet hashSet = new HashSet(1);
        hashSet.add("superuser");
        this.rule.expect(SSLCertificateException.class);
        createRemoteUser.doAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.crypto.TestHopsSSLConfiguration.6
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws SSLCertificateException {
                TestHopsSSLConfiguration.this.hopsFactory.setConf(TestHopsSSLConfiguration.this.conf);
                TestHopsSSLConfiguration.this.hopsFactory.configureCryptoMaterial((CertificateLocalization) null, hashSet);
                return null;
            }
        });
    }

    @Test
    public void testConfigurationLocalizedMaterialUserChangedCWD() throws Exception {
        File file = Paths.get(this.BASEDIR, "pwd_dir").toFile();
        if (!file.exists()) {
            file.mkdirs();
        }
        MockEnvironmentVariablesService mockEnvironmentVariablesService = new MockEnvironmentVariablesService();
        mockEnvironmentVariablesService.setEnv("PWD", file.getAbsolutePath());
        EnvironmentVariablesFactory.setInstance(mockEnvironmentVariablesService);
        this.LOG.info("Mocked PWD is : " + EnvironmentVariablesFactory.getInstance().getEnv("PWD"));
        String path = Paths.get(file.getAbsolutePath(), "k_certificate").toString();
        String path2 = Paths.get(file.getAbsolutePath(), "t_certificate").toString();
        String path3 = Paths.get(file.getAbsolutePath(), "material_passwd").toString();
        touchFile(path);
        touchFile(path2);
        touchFile(path3);
        FileUtils.writeStringToFile(new File(path3), "password");
        UserGroupInformation createRemoteUser = UserGroupInformation.createRemoteUser("some_user");
        final HashSet hashSet = new HashSet(1);
        hashSet.add("superuser");
        createRemoteUser.doAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.crypto.TestHopsSSLConfiguration.7
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestHopsSSLConfiguration.this.hopsFactory.setConf(TestHopsSSLConfiguration.this.conf);
                TestHopsSSLConfiguration.this.hopsFactory.configureCryptoMaterial((CertificateLocalization) null, hashSet);
                return null;
            }
        });
        Configuration conf = this.hopsFactory.getConf();
        Assert.assertEquals(path, conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("password", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_PASSWORD_KEY.getValue()));
        Assert.assertEquals("password", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_PASSWORD_KEY.getValue()));
        Assert.assertEquals(path2, conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("password", conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_PASSWORD_KEY.getValue()));
    }

    @Test
    public void testConfigurationWithEnvironmentVariable() throws Exception {
        File file = Paths.get(this.BASEDIR, "crypto_material").toFile();
        if (!file.exists()) {
            file.mkdirs();
        }
        MockEnvironmentVariablesService mockEnvironmentVariablesService = new MockEnvironmentVariablesService();
        mockEnvironmentVariablesService.setEnv("MATERIAL_DIRECTORY", file.getAbsolutePath());
        EnvironmentVariablesFactory.setInstance(mockEnvironmentVariablesService);
        String path = Paths.get(file.getAbsolutePath(), "project__user__kstore.jks").toString();
        String path2 = Paths.get(file.getAbsolutePath(), "project__user__tstore.jks").toString();
        String path3 = Paths.get(file.getAbsolutePath(), "project__user__cert.key").toString();
        touchFile(path);
        touchFile(path2);
        touchFile(path3);
        FileUtils.writeStringToFile(new File(path3), "some_password", false);
        UserGroupInformation createRemoteUser = UserGroupInformation.createRemoteUser("project__user");
        final HashSet hashSet = new HashSet(1);
        hashSet.add("glassfish");
        createRemoteUser.doAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.crypto.TestHopsSSLConfiguration.8
            @Override // java.security.PrivilegedExceptionAction
            /* renamed from: run, reason: merged with bridge method [inline-methods] */
            public Object run2() throws Exception {
                TestHopsSSLConfiguration.this.hopsFactory.setConf(TestHopsSSLConfiguration.this.conf);
                TestHopsSSLConfiguration.this.hopsFactory.configureCryptoMaterial((CertificateLocalization) null, hashSet);
                return null;
            }
        });
        Configuration conf = this.hopsFactory.getConf();
        Assert.assertEquals(path, conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("some_password", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_PASSWORD_KEY.getValue()));
        Assert.assertEquals("some_password", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_PASSWORD_KEY.getValue()));
        Assert.assertEquals(path2, conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("some_password", conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_PASSWORD_KEY.getValue()));
    }

    @Test
    public void testNoConfigHostCertificates() throws Exception {
        String localCanonicalHostname = NetUtils.getLocalCanonicalHostname();
        String str = "/tmp/" + localCanonicalHostname + "__kstore.jks";
        String str2 = "/tmp/" + localCanonicalHostname + "__tstore.jks";
        touchFile(str);
        touchFile(str2);
        createServerSSLConfig(str, "a_strong_password", str2, "a_strong_password", this.conf);
        UserGroupInformation createRemoteUser = UserGroupInformation.createRemoteUser("glassfish");
        final HashSet hashSet = new HashSet(1);
        hashSet.add("glassfish");
        createRemoteUser.doAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.crypto.TestHopsSSLConfiguration.9
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws SSLCertificateException {
                TestHopsSSLConfiguration.this.hopsFactory.setConf(TestHopsSSLConfiguration.this.conf);
                TestHopsSSLConfiguration.this.hopsFactory.configureCryptoMaterial((CertificateLocalization) null, hashSet);
                return null;
            }
        });
        Configuration conf = this.hopsFactory.getConf();
        Assert.assertEquals(str, conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("a_strong_password", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_PASSWORD_KEY.getValue()));
        Assert.assertEquals("a_strong_password", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_PASSWORD_KEY.getValue()));
        Assert.assertEquals(str2, conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("a_strong_password", conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_PASSWORD_KEY.getValue()));
    }

    private void createServerSSLConfig(String str, String str2, String str3, String str4, Configuration configuration) throws IOException {
        KeyStoreTestUtil.saveConfig(Paths.get(classPathDir.getAbsolutePath(), TestHopsSSLConfiguration.class.getSimpleName() + ".ssl-server.xml").toFile(), KeyStoreTestUtil.createServerSSLConfig(str, str2, str2, str3, str4, ""));
        configuration.set("hadoop.ssl.server.conf", TestHopsSSLConfiguration.class.getSimpleName() + ".ssl-server.xml");
    }

    @Test
    public void testHostCertificateWithSuperuser() throws Exception {
        String localCanonicalHostname = NetUtils.getLocalCanonicalHostname();
        String str = "/tmp/" + localCanonicalHostname + "__kstore.jks";
        String str2 = "/tmp/" + localCanonicalHostname + "__tstore.jks";
        this.conf.set(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_FILEPATH_KEY.getValue(), str);
        this.conf.set(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_PASSWORD_KEY.getValue(), "anotherPassphrase");
        this.conf.set(HopsSSLSocketFactory.CryptoKeys.KEY_PASSWORD_KEY.getValue(), "anotherPassphrase");
        this.conf.set(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_FILEPATH_KEY.getValue(), str2);
        this.conf.set(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_PASSWORD_KEY.getValue(), "anotherPassphrase");
        String property = System.getProperty("user.dir");
        touchFile(Paths.get(property, "glassfish__kstore.jks").toString());
        touchFile(Paths.get(property, "glassfish__tstore.jks").toString());
        UserGroupInformation createRemoteUser = UserGroupInformation.createRemoteUser("glassfish");
        final HashSet hashSet = new HashSet(1);
        hashSet.add("glassfish");
        createRemoteUser.doAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.crypto.TestHopsSSLConfiguration.10
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws SSLCertificateException {
                TestHopsSSLConfiguration.this.hopsFactory.setConf(TestHopsSSLConfiguration.this.conf);
                TestHopsSSLConfiguration.this.hopsFactory.configureCryptoMaterial((CertificateLocalization) null, hashSet);
                return null;
            }
        });
        Configuration conf = this.hopsFactory.getConf();
        Assert.assertEquals(str, conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("anotherPassphrase", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_PASSWORD_KEY.getValue()));
        Assert.assertEquals("anotherPassphrase", conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_PASSWORD_KEY.getValue()));
        Assert.assertEquals(str2, conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_FILEPATH_KEY.getValue()));
        Assert.assertEquals("anotherPassphrase", conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_PASSWORD_KEY.getValue()));
    }

    @Test
    public void testConfigurationCloned() throws Exception {
        File file = Paths.get(this.BASEDIR, "pwd_dir").toFile();
        if (!file.exists()) {
            file.mkdirs();
        }
        MockEnvironmentVariablesService mockEnvironmentVariablesService = new MockEnvironmentVariablesService();
        mockEnvironmentVariablesService.setEnv("PWD", file.getAbsolutePath());
        EnvironmentVariablesFactory.setInstance(mockEnvironmentVariablesService);
        this.LOG.info("Mocked PWD is : " + EnvironmentVariablesFactory.getInstance().getEnv("PWD"));
        String path = Paths.get(file.getAbsolutePath(), "k_certificate").toString();
        String path2 = Paths.get(file.getAbsolutePath(), "t_certificate").toString();
        String path3 = Paths.get(file.getAbsolutePath(), "material_passwd").toString();
        touchFile(path);
        touchFile(path2);
        touchFile(path3);
        FileUtils.writeStringToFile(new File(path3), "password");
        UserGroupInformation createRemoteUser = UserGroupInformation.createRemoteUser("some_user");
        final HashSet hashSet = new HashSet(1);
        hashSet.add("superuser");
        createRemoteUser.doAs(new PrivilegedExceptionAction<Object>() { // from class: org.apache.hadoop.crypto.TestHopsSSLConfiguration.11
            @Override // java.security.PrivilegedExceptionAction
            public Object run() throws Exception {
                TestHopsSSLConfiguration.this.hopsFactory.setConf(TestHopsSSLConfiguration.this.conf);
                TestHopsSSLConfiguration.this.hopsFactory.configureCryptoMaterial((CertificateLocalization) null, hashSet);
                return null;
            }
        });
        Assert.assertNull(this.conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_FILEPATH_KEY.getValue()));
        Assert.assertNull(this.conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_STORE_PASSWORD_KEY.getValue()));
        Assert.assertNull(this.conf.get(HopsSSLSocketFactory.CryptoKeys.KEY_PASSWORD_KEY.getValue()));
        Assert.assertNull(this.conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_FILEPATH_KEY.getValue()));
        Assert.assertNull(this.conf.get(HopsSSLSocketFactory.CryptoKeys.TRUST_STORE_PASSWORD_KEY.getValue()));
    }

    private String touchFile(String str) throws IOException {
        File file = new File(str);
        file.createNewFile();
        this.filesToPurge.add(file.getAbsolutePath());
        return str;
    }

    private void purgeFiles() throws IOException {
        Iterator<String> it = this.filesToPurge.iterator();
        while (it.hasNext()) {
            new File(it.next()).delete();
        }
    }
}
