package org.apache.cxf.rs.security.jose.jwe;

import java.security.KeyPair;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm;
import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
import org.apache.cxf.rt.security.crypto.CryptoUtils;
import org.jose4j.jwx.HeaderParameterNames;

/* loaded from: input_file:lib/cxf-shade-8.0.16.jar:org/apache/cxf/rs/security/jose/jwe/EcdhHelper.class */
class EcdhHelper {
    private final ECPublicKey peerPublicKey;
    private final String ecurve;
    private final byte[] apuBytes;
    private final byte[] apvBytes;
    private final String ctAlgo;

    /* JADX INFO: Access modifiers changed from: package-private */
    public EcdhHelper(ECPublicKey eCPublicKey, String str, String str2, String str3, String str4) {
        this.ctAlgo = str4;
        this.peerPublicKey = eCPublicKey;
        this.ecurve = str;
        this.apuBytes = toApuBytes(str2);
        this.apvBytes = toBytes(str3);
    }

    public byte[] getDerivedKey(JweHeaders jweHeaders) {
        KeyPair generateECKeyPair = CryptoUtils.generateECKeyPair(this.ecurve);
        ECPublicKey eCPublicKey = (ECPublicKey) generateECKeyPair.getPublic();
        ECPrivateKey eCPrivateKey = (ECPrivateKey) generateECKeyPair.getPrivate();
        KeyAlgorithm keyEncryptionAlgorithm = jweHeaders.getKeyEncryptionAlgorithm();
        ContentAlgorithm valueOf = ContentAlgorithm.valueOf(this.ctAlgo);
        String jwaName = KeyAlgorithm.isDirect(keyEncryptionAlgorithm) ? valueOf.getJwaName() : keyEncryptionAlgorithm.getJwaName();
        int keySizeBits = KeyAlgorithm.isDirect(keyEncryptionAlgorithm) ? valueOf.getKeySizeBits() : keyEncryptionAlgorithm.getKeySizeBits();
        if (this.apuBytes != null) {
            jweHeaders.setHeader(HeaderParameterNames.AGREEMENT_PARTY_U_INFO, Base64UrlUtility.encode(this.apuBytes));
        }
        if (this.apvBytes != null) {
            jweHeaders.setHeader(HeaderParameterNames.AGREEMENT_PARTY_V_INFO, Base64UrlUtility.encode(this.apvBytes));
        }
        jweHeaders.setJsonWebKey(HeaderParameterNames.EPHEMERAL_PUBLIC_KEY, JwkUtils.fromECPublicKey(eCPublicKey, this.ecurve));
        return JweUtils.getECDHKey(eCPrivateKey, this.peerPublicKey, this.apuBytes, this.apvBytes, jwaName, keySizeBits);
    }

    private byte[] toApuBytes(String str) {
        return str != null ? toBytes(str) : CryptoUtils.generateSecureRandomBytes(64);
    }

    private byte[] toBytes(String str) {
        if (str == null) {
            return null;
        }
        return StringUtils.toBytesUTF8(str);
    }
}
