package org.apache.accumulo.server.security;

import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecurityPermission;
import java.util.Iterator;
import java.util.Map;
import org.apache.accumulo.core.Constants;
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
import org.apache.accumulo.core.client.security.tokens.PasswordToken;
import org.apache.accumulo.core.conf.Property;
import org.apache.accumulo.core.security.CredentialHelper;
import org.apache.accumulo.core.security.thrift.TCredentials;
import org.apache.accumulo.server.client.HdfsZooInstance;
import org.apache.accumulo.server.conf.ServerConfiguration;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;

/* loaded from: input_file:org/apache/accumulo/server/security/SecurityConstants.class */
public class SecurityConstants {
    private static SecurityPermission SYSTEM_CREDENTIALS_PERMISSION = new SecurityPermission("systemCredentialsPermission");
    static Logger log = Logger.getLogger(SecurityConstants.class);
    private static final AuthenticationToken SYSTEM_TOKEN = makeSystemPassword();
    public static final String SYSTEM_PRINCIPAL = "!SYSTEM";
    private static final TCredentials systemCredentials = CredentialHelper.createSquelchError(SYSTEM_PRINCIPAL, SYSTEM_TOKEN, HdfsZooInstance.getInstance().getInstanceID());
    public static byte[] confChecksum = null;

    public static AuthenticationToken getSystemToken() {
        return SYSTEM_TOKEN;
    }

    public static TCredentials getSystemCredentials() {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(SYSTEM_CREDENTIALS_PERMISSION);
        }
        return systemCredentials;
    }

    public static String getSystemPrincipal() {
        return SYSTEM_PRINCIPAL;
    }

    private static AuthenticationToken makeSystemPassword() {
        int intValue = Constants.WIRE_VERSION.intValue();
        byte[] bytes = HdfsZooInstance.getInstance().getInstanceID().getBytes(Constants.UTF8);
        try {
            confChecksum = getSystemConfigChecksum();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(12 + bytes.length + confChecksum.length);
            DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
            try {
                dataOutputStream.write(intValue * (-1));
                dataOutputStream.write(bytes.length);
                dataOutputStream.write(bytes);
                dataOutputStream.write(confChecksum.length);
                dataOutputStream.write(confChecksum);
                return new PasswordToken(Base64.encodeBase64(byteArrayOutputStream.toByteArray()));
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException("Failed to compute configuration checksum", e2);
        }
    }

    private static byte[] getSystemConfigChecksum() throws NoSuchAlgorithmException {
        if (confChecksum == null) {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(Constants.WIRE_VERSION.toString().getBytes(Constants.UTF8));
            messageDigest.update(HdfsZooInstance.getInstance().getInstanceID().getBytes(Constants.UTF8));
            Iterator it = ServerConfiguration.getSiteConfiguration().iterator();
            while (it.hasNext()) {
                Map.Entry entry = (Map.Entry) it.next();
                if (((String) entry.getKey()).startsWith(Property.INSTANCE_PREFIX.toString())) {
                    messageDigest.update(((String) entry.getKey()).getBytes(Constants.UTF8));
                    messageDigest.update(((String) entry.getValue()).getBytes(Constants.UTF8));
                }
            }
            confChecksum = messageDigest.digest();
        }
        return confChecksum;
    }
}
