package be.atbash.ee.security.octopus.nimbus.jose.crypto.factories;

import be.atbash.ee.security.octopus.jwt.JWTValidationConstant;
import be.atbash.ee.security.octopus.nimbus.jose.JOSEException;
import be.atbash.ee.security.octopus.nimbus.jose.KeyTypeException;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.ECDSAVerifier;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.Ed25519Verifier;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.MACVerifier;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.RSASSAVerifier;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.impl.ECDSAProvider;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.impl.MACProvider;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.impl.RSASSAProvider;
import be.atbash.ee.security.octopus.nimbus.jose.proc.JWSVerifierFactory;
import be.atbash.ee.security.octopus.nimbus.jwt.jws.JWSAlgorithm;
import be.atbash.ee.security.octopus.nimbus.jwt.jws.JWSHeader;
import be.atbash.ee.security.octopus.nimbus.jwt.jws.JWSVerifier;
import java.security.Key;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.Set;
import javax.crypto.SecretKey;
import org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey;
import org.slf4j.MDC;

/* loaded from: input_file:be/atbash/ee/security/octopus/nimbus/jose/crypto/factories/DefaultJWSVerifierFactory.class */
public class DefaultJWSVerifierFactory implements JWSVerifierFactory {
    private static final Set<JWSAlgorithm> SUPPORTED_ALGORITHMS;
    public static final String HEADER_KEY_DO_NOT_MATCH = "The header algorithm '%s' and the Key type '%s' do no match";

    @Override // be.atbash.ee.security.octopus.nimbus.jwt.jws.JWSProvider
    public Set<JWSAlgorithm> supportedJWSAlgorithms() {
        return SUPPORTED_ALGORITHMS;
    }

    @Override // be.atbash.ee.security.octopus.nimbus.jose.proc.JWSVerifierFactory
    public JWSVerifier createJWSVerifier(JWSHeader jWSHeader, Key key, Set<String> set) {
        JWSVerifier ed25519Verifier;
        if (MACVerifier.SUPPORTED_ALGORITHMS.contains(jWSHeader.getAlgorithm())) {
            if (!(key instanceof SecretKey)) {
                MDC.put(JWTValidationConstant.JWT_VERIFICATION_FAIL_REASON, String.format(HEADER_KEY_DO_NOT_MATCH, jWSHeader.getAlgorithm(), key.getClass().getName()));
                throw new KeyTypeException(SecretKey.class);
            }
            ed25519Verifier = new MACVerifier((SecretKey) key, set);
        } else if (RSASSAVerifier.SUPPORTED_ALGORITHMS.contains(jWSHeader.getAlgorithm())) {
            if (!(key instanceof RSAPublicKey)) {
                MDC.put(JWTValidationConstant.JWT_VERIFICATION_FAIL_REASON, String.format(HEADER_KEY_DO_NOT_MATCH, jWSHeader.getAlgorithm(), key.getClass().getName()));
                throw new KeyTypeException(RSAPublicKey.class);
            }
            ed25519Verifier = new RSASSAVerifier((RSAPublicKey) key, set);
        } else if (ECDSAVerifier.SUPPORTED_ALGORITHMS.contains(jWSHeader.getAlgorithm())) {
            if (!(key instanceof ECPublicKey)) {
                MDC.put(JWTValidationConstant.JWT_VERIFICATION_FAIL_REASON, String.format(HEADER_KEY_DO_NOT_MATCH, jWSHeader.getAlgorithm(), key.getClass().getName()));
                throw new KeyTypeException(ECPublicKey.class);
            }
            ed25519Verifier = new ECDSAVerifier((ECPublicKey) key, set);
        } else {
            if (!Ed25519Verifier.SUPPORTED_ALGORITHMS.contains(jWSHeader.getAlgorithm())) {
                MDC.put(JWTValidationConstant.JWT_VERIFICATION_FAIL_REASON, String.format("No Signature verifier found for the algorithm specified in Header %s.", jWSHeader.getAlgorithm().getName()));
                throw new JOSEException("Unsupported JWS algorithm: " + jWSHeader.getAlgorithm());
            }
            if (!(key instanceof BCEdDSAPublicKey)) {
                MDC.put(JWTValidationConstant.JWT_VERIFICATION_FAIL_REASON, String.format(HEADER_KEY_DO_NOT_MATCH, jWSHeader.getAlgorithm(), key.getClass().getName()));
                throw new KeyTypeException(BCEdDSAPublicKey.class);
            }
            ed25519Verifier = new Ed25519Verifier((BCEdDSAPublicKey) key, set);
        }
        return ed25519Verifier;
    }

    static {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        linkedHashSet.addAll(MACProvider.SUPPORTED_ALGORITHMS);
        linkedHashSet.addAll(RSASSAProvider.SUPPORTED_ALGORITHMS);
        linkedHashSet.addAll(ECDSAProvider.SUPPORTED_ALGORITHMS);
        SUPPORTED_ALGORITHMS = Collections.unmodifiableSet(linkedHashSet);
    }
}
