package de.governikus.autent.eudiwallet.keycloak.services;

import de.governikus.autent.eudiwallet.ecdh.KeyService;
import de.governikus.autent.eudiwallet.keycloak.constants.Constants;
import de.governikus.autent.eudiwallet.keycloak.models.CredentialRequest;
import de.governikus.autent.eudiwallet.keycloak.models.CredentialResponseEncryption;
import java.nio.charset.StandardCharsets;
import java.security.PublicKey;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.keycloak.jose.jwe.JWE;
import org.keycloak.jose.jwe.JWEHeader;
import org.keycloak.jose.jwe.JWEKeyStorage;
import org.keycloak.jose.jwk.JWKParser;
import org.keycloak.models.KeycloakSession;

/* loaded from: input_file:de/governikus/autent/eudiwallet/keycloak/services/JweService.class */
public final class JweService {
    public static String encryptPayload(KeycloakSession keycloakSession, String str) {
        CredentialResponseEncryption credentialResponseEncryption = ((CredentialRequest) keycloakSession.getAttribute(Constants.ProtocolAttributes.CREDENTIAL_REQUEST, CredentialRequest.class)).getCredentialResponseEncryption();
        if (credentialResponseEncryption == null || credentialResponseEncryption.getJwk() == null) {
            return str;
        }
        String keyWrapAlgorithm = credentialResponseEncryption.getKeyWrapAlgorithm();
        JWE content = new JWE().header(new JWEHeader(keyWrapAlgorithm, credentialResponseEncryption.getContentEncryptionAlgorithm(), (String) null)).content(str.getBytes(StandardCharsets.UTF_8));
        PublicKey publicKey = JWKParser.create(credentialResponseEncryption.getJwk()).toPublicKey();
        if ("ECDH-ES".equals(keyWrapAlgorithm)) {
            content.getKeyStorage().setEncryptionKey(publicKey);
        } else {
            content.getKeyStorage().setEncryptionKey(publicKey).setCEKKey(KeyService.generateAesKey(getAesKeySize(keyWrapAlgorithm)), JWEKeyStorage.KeyUse.ENCRYPTION);
        }
        return content.encodeJwe();
    }

    private static int getAesKeySize(String str) {
        Matcher matcher = Pattern.compile(".*A(\\d{3})KW.*").matcher(str);
        if (matcher.find()) {
            return Integer.parseInt(matcher.group(1));
        }
        return 256;
    }

    private JweService() {
        throw new UnsupportedOperationException("This is a utility class and cannot be instantiated");
    }
}
