package org.xdi.oxauth.model.jwe;

import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWEEncrypter;
import com.nimbusds.jose.JWEHeader;
import com.nimbusds.jose.JWEObject;
import com.nimbusds.jose.Payload;
import com.nimbusds.jose.crypto.AESEncrypter;
import com.nimbusds.jose.crypto.RSAEncrypter;
import com.nimbusds.jose.jwk.RSAKey;
import com.nimbusds.jwt.SignedJWT;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.interfaces.RSAPublicKey;
import java.text.ParseException;
import java.util.Arrays;
import org.xdi.oxauth.model.crypto.encryption.BlockEncryptionAlgorithm;
import org.xdi.oxauth.model.crypto.encryption.KeyEncryptionAlgorithm;
import org.xdi.oxauth.model.exception.InvalidJweException;
import org.xdi.oxauth.model.exception.InvalidJwtException;
import org.xdi.oxauth.model.jwt.JwtHeader;
import org.xdi.oxauth.model.jwt.JwtType;
import org.xdi.oxauth.model.util.Base64Util;
import org.xdi.oxauth.model.util.Util;

/* loaded from: input_file:org/xdi/oxauth/model/jwe/JweEncrypterImpl.class */
public class JweEncrypterImpl extends AbstractJweEncrypter {
    private PublicKey publicKey;
    private byte[] sharedSymmetricKey;

    public JweEncrypterImpl(KeyEncryptionAlgorithm keyEncryptionAlgorithm, BlockEncryptionAlgorithm blockEncryptionAlgorithm, byte[] bArr) {
        super(keyEncryptionAlgorithm, blockEncryptionAlgorithm);
        if (bArr != null) {
            this.sharedSymmetricKey = (byte[]) bArr.clone();
        }
    }

    public JweEncrypterImpl(KeyEncryptionAlgorithm keyEncryptionAlgorithm, BlockEncryptionAlgorithm blockEncryptionAlgorithm, PublicKey publicKey) {
        super(keyEncryptionAlgorithm, blockEncryptionAlgorithm);
        this.publicKey = publicKey;
    }

    public JWEEncrypter createJweEncrypter() throws JOSEException, InvalidJweException, NoSuchAlgorithmException {
        KeyEncryptionAlgorithm keyEncryptionAlgorithm = getKeyEncryptionAlgorithm();
        if (keyEncryptionAlgorithm == KeyEncryptionAlgorithm.RSA1_5 || keyEncryptionAlgorithm == KeyEncryptionAlgorithm.RSA_OAEP) {
            return new RSAEncrypter(new RSAKey.Builder((RSAPublicKey) this.publicKey).build());
        }
        if (keyEncryptionAlgorithm != KeyEncryptionAlgorithm.A128KW && keyEncryptionAlgorithm != KeyEncryptionAlgorithm.A256KW) {
            throw new InvalidJweException("The key encryption algorithm is not supported");
        }
        if (this.sharedSymmetricKey == null) {
            throw new InvalidJweException("The shared symmetric key is null");
        }
        int i = 16;
        if (keyEncryptionAlgorithm == KeyEncryptionAlgorithm.A256KW) {
            i = 32;
        }
        if (this.sharedSymmetricKey.length != i) {
            this.sharedSymmetricKey = MessageDigest.getInstance("SHA-256").digest(this.sharedSymmetricKey);
            this.sharedSymmetricKey = Arrays.copyOf(this.sharedSymmetricKey, i);
        }
        return new AESEncrypter(this.sharedSymmetricKey);
    }

    public static Payload createPayload(Jwe jwe) throws ParseException, InvalidJwtException, UnsupportedEncodingException {
        return jwe.getSignedJWTPayload() != null ? new Payload(SignedJWT.parse(jwe.getSignedJWTPayload().toString())) : new Payload(Base64Util.base64urlencode(jwe.getClaims().toJsonString().getBytes(Util.UTF8_STRING_ENCODING)));
    }

    @Override // org.xdi.oxauth.model.jwe.JweEncrypter
    public Jwe encrypt(Jwe jwe) throws InvalidJweException {
        try {
            JWEEncrypter createJweEncrypter = createJweEncrypter();
            if (jwe.getSignedJWTPayload() != null) {
                jwe.getHeader().setContentType(JwtType.JWT);
            }
            JWEObject jWEObject = new JWEObject(JWEHeader.parse(jwe.getHeader().toJsonObject().toString()), createPayload(jwe));
            jWEObject.encrypt(createJweEncrypter);
            String[] split = jWEObject.serialize().split("\\.");
            if (split.length != 5) {
                throw new InvalidJwtException("Invalid JWS format.");
            }
            String str = split[0];
            String str2 = split[1];
            String str3 = split[2];
            String str4 = split[3];
            String str5 = split[4];
            jwe.setEncodedHeader(str);
            jwe.setEncodedEncryptedKey(str2);
            jwe.setEncodedInitializationVector(str3);
            jwe.setEncodedCiphertext(str4);
            jwe.setEncodedIntegrityValue(str5);
            jwe.setHeader(new JwtHeader(str));
            return jwe;
        } catch (Exception e) {
            throw new InvalidJweException(e);
        }
    }
}
