package de.bos_bremen.gov.autent.common;

import de.bos_bremen.gov.autent.common.XMLSignatureHandler;
import java.security.KeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import org.opensaml.core.config.ConfigurationService;
import org.opensaml.saml.saml2.encryption.Encrypter;
import org.opensaml.security.credential.Credential;
import org.opensaml.security.credential.CredentialSupport;
import org.opensaml.security.x509.BasicX509Credential;
import org.opensaml.xmlsec.EncryptionConfiguration;
import org.opensaml.xmlsec.EncryptionParameters;
import org.opensaml.xmlsec.algorithm.AlgorithmSupport;
import org.opensaml.xmlsec.encryption.support.DataEncryptionParameters;
import org.opensaml.xmlsec.encryption.support.KeyEncryptionParameters;

/* loaded from: input_file:de/bos_bremen/gov/autent/common/AbstractMessageGenerator.class */
public class AbstractMessageGenerator {
    protected PrivateKey sigKey;
    protected X509Certificate sigCert;
    protected String sigDigestAlg;
    protected XMLSignatureHandler.SigEntryType sigType = XMLSignatureHandler.SigEntryType.NONE;
    protected Encrypter encrypter;
    protected EncryptionParameters encParams;
    protected KeyEncryptionParameters kek;

    public void setEncrypter(boolean z, X509Certificate x509Certificate) throws NoSuchAlgorithmException, KeyException {
        BasicX509Credential simpleCredential = CredentialSupport.getSimpleCredential(x509Certificate, (PrivateKey) null);
        Credential generateSymmetricKeyAndCredential = AlgorithmSupport.generateSymmetricKeyAndCredential("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        this.encParams = new EncryptionParameters();
        this.encParams.setDataEncryptionAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        this.encParams.setDataEncryptionCredential(generateSymmetricKeyAndCredential);
        this.kek = new KeyEncryptionParameters();
        this.kek.setAlgorithm("http://www.w3.org/2001/04/xmlenc#rsa-1_5");
        this.kek.setEncryptionCredential(simpleCredential);
        if (z) {
            this.kek.setKeyInfoGenerator(((EncryptionConfiguration) ConfigurationService.get(EncryptionConfiguration.class)).getKeyTransportKeyInfoGeneratorManager().getDefaultManager().getFactory(simpleCredential).newInstance());
        }
        this.encrypter = new Encrypter(new DataEncryptionParameters(this.encParams), this.kek);
        this.encrypter.setKeyPlacement(Encrypter.KeyPlacement.INLINE);
    }

    public void setEncrypter(X509Certificate x509Certificate) throws NoSuchAlgorithmException, KeyException {
        setEncrypter(false, x509Certificate);
    }

    public void setSigner(boolean z, PrivateKey privateKey, X509Certificate x509Certificate, String str) {
        if (privateKey == null || x509Certificate == null || str == null) {
            throw new NullPointerException("must specify all arguments when setting a signer");
        }
        this.sigType = z ? XMLSignatureHandler.SigEntryType.CERTIFICATE : XMLSignatureHandler.SigEntryType.ISSUERSERIAL;
        this.sigKey = privateKey;
        this.sigCert = x509Certificate;
        this.sigDigestAlg = str;
    }
}
