package be.atbash.ee.security.octopus.nimbus.jose.crypto.factories;

import be.atbash.ee.security.octopus.nimbus.jose.JOSEException;
import be.atbash.ee.security.octopus.nimbus.jose.KeyLengthException;
import be.atbash.ee.security.octopus.nimbus.jose.KeyTypeException;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.AESDecrypter;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.DirectDecrypter;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.ECDHDecrypter;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.PasswordBasedDecrypter;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.RSADecrypter;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.impl.AESCryptoProvider;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.impl.DirectCryptoProvider;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.impl.ECDHCryptoProvider;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.impl.RSACryptoProvider;
import be.atbash.ee.security.octopus.nimbus.jose.proc.JWEDecrypterFactory;
import be.atbash.ee.security.octopus.nimbus.jwk.Curve;
import be.atbash.ee.security.octopus.nimbus.jwt.jwe.EncryptionMethod;
import be.atbash.ee.security.octopus.nimbus.jwt.jwe.JWEAlgorithm;
import be.atbash.ee.security.octopus.nimbus.jwt.jwe.JWEDecrypter;
import be.atbash.ee.security.octopus.nimbus.jwt.jwe.JWEHeader;
import java.security.Key;
import java.security.PrivateKey;
import java.security.interfaces.ECKey;
import java.security.interfaces.RSAKey;
import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.Set;
import javax.crypto.SecretKey;

/* loaded from: input_file:be/atbash/ee/security/octopus/nimbus/jose/crypto/factories/DefaultJWEDecrypterFactory.class */
public class DefaultJWEDecrypterFactory implements JWEDecrypterFactory {
    private static final Set<JWEAlgorithm> SUPPORTED_ALGORITHMS;
    private static final Set<EncryptionMethod> SUPPORTED_ENCRYPTION_METHODS;

    @Override // be.atbash.ee.security.octopus.nimbus.jwt.jwe.JWEProvider
    public Set<JWEAlgorithm> supportedJWEAlgorithms() {
        return SUPPORTED_ALGORITHMS;
    }

    @Override // be.atbash.ee.security.octopus.nimbus.jwt.jwe.JWEProvider
    public Set<EncryptionMethod> supportedEncryptionMethods() {
        return SUPPORTED_ENCRYPTION_METHODS;
    }

    @Override // be.atbash.ee.security.octopus.nimbus.jose.proc.JWEDecrypterFactory
    public JWEDecrypter createJWEDecrypter(JWEHeader jWEHeader, Key key) {
        JWEDecrypter passwordBasedDecrypter;
        if (RSADecrypter.SUPPORTED_ALGORITHMS.contains(jWEHeader.getAlgorithm()) && RSADecrypter.SUPPORTED_ENCRYPTION_METHODS.contains(jWEHeader.getEncryptionMethod())) {
            if (!(key instanceof PrivateKey) || !(key instanceof RSAKey)) {
                throw new KeyTypeException((Class<? extends Key>) PrivateKey.class, (Class<?>[]) new Class[]{RSAKey.class});
            }
            passwordBasedDecrypter = new RSADecrypter((PrivateKey) key);
        } else if (ECDHDecrypter.SUPPORTED_ALGORITHMS.contains(jWEHeader.getAlgorithm()) && ECDHDecrypter.SUPPORTED_ENCRYPTION_METHODS.contains(jWEHeader.getEncryptionMethod())) {
            if (!(key instanceof PrivateKey) || !(key instanceof ECKey)) {
                throw new KeyTypeException((Class<? extends Key>) PrivateKey.class, (Class<?>[]) new Class[]{ECKey.class});
            }
            passwordBasedDecrypter = new ECDHDecrypter((PrivateKey) key, null, Curve.forECParameterSpec(((ECKey) key).getParams()));
        } else if (DirectDecrypter.SUPPORTED_ALGORITHMS.contains(jWEHeader.getAlgorithm()) && DirectDecrypter.SUPPORTED_ENCRYPTION_METHODS.contains(jWEHeader.getEncryptionMethod())) {
            if (!(key instanceof SecretKey)) {
                throw new KeyTypeException(SecretKey.class);
            }
            JWEDecrypter directDecrypter = new DirectDecrypter((SecretKey) key);
            if (!directDecrypter.supportedEncryptionMethods().contains(jWEHeader.getEncryptionMethod())) {
                throw new KeyLengthException(jWEHeader.getEncryptionMethod().cekBitLength(), jWEHeader.getEncryptionMethod());
            }
            passwordBasedDecrypter = directDecrypter;
        } else if (AESDecrypter.SUPPORTED_ALGORITHMS.contains(jWEHeader.getAlgorithm()) && AESDecrypter.SUPPORTED_ENCRYPTION_METHODS.contains(jWEHeader.getEncryptionMethod())) {
            if (!(key instanceof SecretKey)) {
                throw new KeyTypeException(SecretKey.class);
            }
            JWEDecrypter aESDecrypter = new AESDecrypter((SecretKey) key);
            if (!aESDecrypter.supportedJWEAlgorithms().contains(jWEHeader.getAlgorithm())) {
                throw new KeyLengthException(jWEHeader.getAlgorithm());
            }
            passwordBasedDecrypter = aESDecrypter;
        } else {
            if (!PasswordBasedDecrypter.SUPPORTED_ALGORITHMS.contains(jWEHeader.getAlgorithm()) || !PasswordBasedDecrypter.SUPPORTED_ENCRYPTION_METHODS.contains(jWEHeader.getEncryptionMethod())) {
                throw new JOSEException("Unsupported JWE algorithm or encryption method");
            }
            if (!(key instanceof SecretKey)) {
                throw new KeyTypeException(SecretKey.class);
            }
            passwordBasedDecrypter = new PasswordBasedDecrypter((SecretKey) key);
        }
        return passwordBasedDecrypter;
    }

    static {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        linkedHashSet.addAll(RSACryptoProvider.SUPPORTED_ALGORITHMS);
        linkedHashSet.addAll(ECDHCryptoProvider.SUPPORTED_ALGORITHMS);
        linkedHashSet.addAll(DirectCryptoProvider.SUPPORTED_ALGORITHMS);
        linkedHashSet.addAll(AESCryptoProvider.SUPPORTED_ALGORITHMS);
        SUPPORTED_ALGORITHMS = Collections.unmodifiableSet(linkedHashSet);
        LinkedHashSet linkedHashSet2 = new LinkedHashSet();
        linkedHashSet2.addAll(RSACryptoProvider.SUPPORTED_ENCRYPTION_METHODS);
        linkedHashSet2.addAll(ECDHCryptoProvider.SUPPORTED_ENCRYPTION_METHODS);
        linkedHashSet2.addAll(DirectCryptoProvider.SUPPORTED_ENCRYPTION_METHODS);
        linkedHashSet2.addAll(AESCryptoProvider.SUPPORTED_ENCRYPTION_METHODS);
        SUPPORTED_ENCRYPTION_METHODS = Collections.unmodifiableSet(linkedHashSet2);
    }
}
