package org.jasig.cas.util;

import java.security.Key;
import java.util.HashMap;
import javax.validation.constraints.NotNull;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.reflect.Factory;
import org.jasig.inspektr.aspect.TraceLogAspect;
import org.jose4j.jwe.JsonWebEncryption;
import org.jose4j.jwk.JsonWebKey;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

@Component("defaultCookieCipherExecutor")
/* loaded from: input_file:org/jasig/cas/util/DefaultCipherExecutor.class */
public final class DefaultCipherExecutor extends AbstractCipherExecutor<String, String> {
    private String contentEncryptionAlgorithmIdentifier;
    private Key secretKeyEncryptionKey;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;

    /* loaded from: input_file:org/jasig/cas/util/DefaultCipherExecutor$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return DefaultCipherExecutor.encode_aroundBody0((DefaultCipherExecutor) objArr2[0], (String) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/jasig/cas/util/DefaultCipherExecutor$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return DefaultCipherExecutor.decode_aroundBody2((DefaultCipherExecutor) objArr2[0], (String) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    @Autowired
    public DefaultCipherExecutor(@Value("${tgc.encryption.key:}") String str, @Value("${tgc.signing.key:}") String str2) {
        this(str, str2, "A128CBC-HS256");
    }

    public DefaultCipherExecutor(String str, String str2, String str3) {
        if (StringUtils.isBlank(str)) {
            this.logger.debug("secretKeyEncryption is not defined");
            return;
        }
        if (StringUtils.isBlank(str2)) {
            this.logger.debug("secretKeySigning is not defined");
            return;
        }
        if (StringUtils.isBlank(str3)) {
            this.logger.debug("contentEncryptionAlgorithmIdentifier is not defined");
            return;
        }
        setSigningKey(str2);
        this.secretKeyEncryptionKey = prepareJsonWebTokenKey(str);
        this.contentEncryptionAlgorithmIdentifier = str3;
        this.logger.debug("Initialized cipher encryption sequence via [{}]", str3);
    }

    public String encode(String str) {
        return (String) TraceLogAspect.aspectOf().traceMethod(new AjcClosure1(new Object[]{this, str, Factory.makeJP(ajc$tjp_0, this, this, str)}).linkClosureAndJoinPoint(69648));
    }

    public String decode(String str) {
        return (String) TraceLogAspect.aspectOf().traceMethod(new AjcClosure3(new Object[]{this, str, Factory.makeJP(ajc$tjp_1, this, this, str)}).linkClosureAndJoinPoint(69648));
    }

    private Key prepareJsonWebTokenKey(String str) {
        try {
            HashMap hashMap = new HashMap(2);
            hashMap.put("kty", "oct");
            hashMap.put("k", str);
            return JsonWebKey.Factory.newJwk(hashMap).getKey();
        } catch (Exception e) {
            throw new IllegalArgumentException(e.getMessage(), e);
        }
    }

    private String encryptValue(@NotNull String str) {
        try {
            JsonWebEncryption jsonWebEncryption = new JsonWebEncryption();
            jsonWebEncryption.setPayload(str);
            jsonWebEncryption.setAlgorithmHeaderValue("dir");
            jsonWebEncryption.setEncryptionMethodHeaderParameter(this.contentEncryptionAlgorithmIdentifier);
            jsonWebEncryption.setKey(this.secretKeyEncryptionKey);
            this.logger.debug("Encrypting via [{}]", this.contentEncryptionAlgorithmIdentifier);
            return jsonWebEncryption.getCompactSerialization();
        } catch (Exception e) {
            throw new RuntimeException("Ensure that you have installed JCE Unlimited Strength Jurisdiction Policy Files. " + e.getMessage(), e);
        }
    }

    private String decryptValue(@NotNull String str) {
        try {
            JsonWebEncryption jsonWebEncryption = new JsonWebEncryption();
            jsonWebEncryption.setKey(this.secretKeyEncryptionKey);
            jsonWebEncryption.setCompactSerialization(str);
            this.logger.debug("Decrypting value...");
            return jsonWebEncryption.getPayload();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    static {
        ajc$preClinit();
    }

    static final String encode_aroundBody0(DefaultCipherExecutor defaultCipherExecutor, String str, JoinPoint joinPoint) {
        return new String(defaultCipherExecutor.sign(defaultCipherExecutor.encryptValue(str.toString()).getBytes()));
    }

    static final String decode_aroundBody2(DefaultCipherExecutor defaultCipherExecutor, String str, JoinPoint joinPoint) {
        byte[] verifySignature = defaultCipherExecutor.verifySignature(str.getBytes());
        if (verifySignature == null || verifySignature.length <= 0) {
            return null;
        }
        return defaultCipherExecutor.decryptValue(new String(verifySignature));
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("DefaultCipherExecutor.java", DefaultCipherExecutor.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "encode", "org.jasig.cas.util.DefaultCipherExecutor", "java.lang.String", "value", "", "java.lang.String"), 85);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "decode", "org.jasig.cas.util.DefaultCipherExecutor", "java.lang.String", "value", "", "java.lang.String"), 92);
    }
}
