package org.forgerock.json.jose.jwe;

import java.security.Key;
import org.forgerock.json.jose.jwe.handlers.encryption.EncryptionHandler;
import org.forgerock.json.jose.jwt.Jwt;
import org.forgerock.json.jose.jwt.JwtClaimsSet;
import org.forgerock.json.jose.jwt.JwtHeader;
import org.forgerock.json.jose.jwt.Payload;
import org.forgerock.json.jose.utils.Utils;
import org.forgerock.util.encode.Base64url;

/* loaded from: input_file:embedded-opendj/opendj.zip:opendj/lib/org.openidentityplatform.commons.json-web-token.jar:org/forgerock/json/jose/jwe/EncryptedJwt.class */
public class EncryptedJwt implements Jwt, Payload {
    private final EncryptionManager encryptionManager;
    private final CompressionManager compressionManager;
    private final JweHeader header;
    private Payload payload;
    private final Key publicKey;
    private final String encodedHeader;
    private final byte[] encryptedContentEncryptionKey;
    private final byte[] initialisationVector;
    private final byte[] ciphertext;
    private final byte[] authenticationTag;

    public EncryptedJwt(JweHeader jweHeader, JwtClaimsSet jwtClaimsSet, Key key) {
        this(jweHeader, (Payload) jwtClaimsSet, key);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public EncryptedJwt(JweHeader jweHeader, Payload payload, Key key) {
        this.encryptionManager = new EncryptionManager();
        this.compressionManager = new CompressionManager();
        this.header = jweHeader;
        this.payload = payload;
        this.publicKey = key;
        this.encodedHeader = null;
        this.encryptedContentEncryptionKey = null;
        this.initialisationVector = null;
        this.ciphertext = null;
        this.authenticationTag = null;
    }

    public EncryptedJwt(JweHeader jweHeader, String str, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) {
        this.encryptionManager = new EncryptionManager();
        this.compressionManager = new CompressionManager();
        this.header = jweHeader;
        this.encodedHeader = str;
        this.encryptedContentEncryptionKey = bArr;
        this.initialisationVector = bArr2;
        this.ciphertext = bArr3;
        this.authenticationTag = bArr4;
        this.publicKey = null;
    }

    @Override // org.forgerock.json.jose.jwt.Jwt
    public JwtHeader getHeader() {
        return this.header;
    }

    @Override // org.forgerock.json.jose.jwt.Jwt
    public JwtClaimsSet getClaimsSet() {
        return (JwtClaimsSet) this.payload;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Payload getPayload() {
        return this.payload;
    }

    @Override // org.forgerock.json.jose.jwt.Jwt, org.forgerock.json.jose.jwt.Payload
    public String build() {
        EncryptionHandler encryptionHandler = this.encryptionManager.getEncryptionHandler(this.header);
        Key contentEncryptionKey = encryptionHandler.getContentEncryptionKey();
        if (contentEncryptionKey == null) {
            contentEncryptionKey = this.publicKey;
        }
        String encode = Base64url.encode(encryptionHandler.generateJWEEncryptedKey(this.publicKey, contentEncryptionKey));
        byte[] generateInitialisationVector = encryptionHandler.generateInitialisationVector();
        String encode2 = Base64url.encode(generateInitialisationVector);
        String base64urlEncode = Utils.base64urlEncode(this.header.build());
        JweEncryption encryptPlaintext = encryptionHandler.encryptPlaintext(contentEncryptionKey, generateInitialisationVector, compressPlaintext(this.header.getCompressionAlgorithm(), this.payload.build().getBytes(Utils.CHARSET)), base64urlEncode.getBytes(Utils.CHARSET));
        return base64urlEncode + "." + encode + "." + encode2 + "." + Base64url.encode(encryptPlaintext.getCiphertext()) + "." + Base64url.encode(encryptPlaintext.getAuthenticationTag());
    }

    private byte[] compressPlaintext(CompressionAlgorithm compressionAlgorithm, byte[] bArr) {
        return this.compressionManager.getCompressionHandler(compressionAlgorithm).compress(bArr);
    }

    public void decrypt(Key key) {
        EncryptionHandler encryptionHandler = this.encryptionManager.getEncryptionHandler(this.header);
        this.payload = decodePayload(new String(decompressPlaintext(this.header.getCompressionAlgorithm(), encryptionHandler.decryptCiphertext(encryptionHandler.decryptContentEncryptionKey(key, this.encryptedContentEncryptionKey), this.initialisationVector, this.ciphertext, this.authenticationTag, this.encodedHeader.getBytes(Utils.CHARSET))), Utils.CHARSET));
    }

    private byte[] decompressPlaintext(CompressionAlgorithm compressionAlgorithm, byte[] bArr) {
        return this.compressionManager.getCompressionHandler(compressionAlgorithm).decompress(bArr);
    }

    Payload decodePayload(String str) {
        return new JwtClaimsSet(Utils.parseJson(str));
    }
}
