package org.apereo.cas.util.cipher;

import java.io.Serializable;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.jose4j.jwe.KeyManagementAlgorithmIdentifiers;

/* loaded from: input_file:WEB-INF/lib/cas-server-core-util-api-6.6.9.jar:org/apereo/cas/util/cipher/RsaKeyPairCipherExecutor.class */
public class RsaKeyPairCipherExecutor extends BaseStringCipherExecutor {
    private final PrivateKey privateKeySigning;
    private final PublicKey publicKeySigning;
    private final PrivateKey privateKeyEncryption;
    private final PublicKey publicKeyEncryption;

    public RsaKeyPairCipherExecutor(KeyPair keyPair, KeyPair keyPair2) {
        this(keyPair.getPrivate(), keyPair.getPublic(), keyPair2.getPrivate(), keyPair2.getPublic());
    }

    public RsaKeyPairCipherExecutor(KeyPair keyPair) {
        this(keyPair.getPrivate(), keyPair.getPublic(), (PrivateKey) null, (PublicKey) null);
    }

    public RsaKeyPairCipherExecutor(String str, String str2, String str3, String str4) {
        this.privateKeySigning = extractPrivateKeyFromResource(str);
        this.publicKeySigning = extractPublicKeyFromResource(str2);
        this.privateKeyEncryption = StringUtils.isNotBlank(str3) ? extractPrivateKeyFromResource(str3) : null;
        this.publicKeyEncryption = StringUtils.isNotBlank(str4) ? extractPublicKeyFromResource(str4) : null;
    }

    public RsaKeyPairCipherExecutor(String str, String str2) {
        this(str, str2, (String) null, (String) null);
    }

    @Override // org.apereo.cas.util.cipher.BaseStringCipherExecutor, org.apereo.cas.util.crypto.EncodableCipher
    public String encode(Serializable serializable, Object[] objArr) {
        configureSigningParametersForEncoding();
        configureEncryptionParametersForEncoding();
        return super.encode(serializable, objArr);
    }

    @Override // org.apereo.cas.util.cipher.BaseStringCipherExecutor, org.apereo.cas.util.crypto.DecodableCipher
    public String decode(Serializable serializable, Object[] objArr) {
        configureSigningParametersForDecoding();
        configureEncryptionParametersForDecoding();
        return super.decode(serializable, objArr);
    }

    private void configureSigningParametersForDecoding() {
        setSigningKey(this.publicKeySigning);
    }

    private void configureEncryptionParametersForDecoding() {
        setEncryptionKey(this.privateKeyEncryption);
        setContentEncryptionAlgorithmIdentifier("A128CBC-HS256");
        setEncryptionAlgorithm(KeyManagementAlgorithmIdentifiers.RSA_OAEP_256);
    }

    private void configureEncryptionParametersForEncoding() {
        setEncryptionKey(this.publicKeyEncryption);
        setContentEncryptionAlgorithmIdentifier("A128CBC-HS256");
        setEncryptionAlgorithm(KeyManagementAlgorithmIdentifiers.RSA_OAEP_256);
    }

    private void configureSigningParametersForEncoding() {
        setSigningKey(this.privateKeySigning);
    }

    @Generated
    public PrivateKey getPrivateKeySigning() {
        return this.privateKeySigning;
    }

    @Generated
    public PublicKey getPublicKeySigning() {
        return this.publicKeySigning;
    }

    @Generated
    public PrivateKey getPrivateKeyEncryption() {
        return this.privateKeyEncryption;
    }

    @Generated
    public PublicKey getPublicKeyEncryption() {
        return this.publicKeyEncryption;
    }

    @Generated
    public RsaKeyPairCipherExecutor(PrivateKey privateKey, PublicKey publicKey, PrivateKey privateKey2, PublicKey publicKey2) {
        this.privateKeySigning = privateKey;
        this.publicKeySigning = publicKey;
        this.privateKeyEncryption = privateKey2;
        this.publicKeyEncryption = publicKey2;
    }

    @Generated
    public RsaKeyPairCipherExecutor() {
        this.privateKeySigning = null;
        this.publicKeySigning = null;
        this.privateKeyEncryption = null;
        this.publicKeyEncryption = null;
    }
}
