package org.apache.abdera.security.util.filters;

import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import org.apache.abdera.protocol.server.RequestContext;
import org.apache.abdera.protocol.server.ResponseContext;
import org.apache.abdera.security.Encryption;
import org.apache.abdera.security.EncryptionOptions;
import org.apache.abdera.security.util.KeyHelper;

/* loaded from: input_file:org/apache/abdera/security/util/filters/AESEncryptedResponseFilter.class */
public class AESEncryptedResponseFilter extends AbstractEncryptedResponseFilter {
    public static final String PUBLICKEY = "X-PublicKey";

    protected X509Certificate[] getCerts(RequestContext requestContext) {
        return (X509Certificate[]) requestContext.getAttribute(RequestContext.Scope.REQUEST, "javax.servlet.request.X509Certificate");
    }

    protected PublicKey getPublicKey(RequestContext requestContext) {
        PublicKey generatePublicKey = KeyHelper.generatePublicKey(requestContext.getHeader(PUBLICKEY));
        if (generatePublicKey == null) {
            generatePublicKey = retrievePublicKey(requestContext);
        }
        return generatePublicKey;
    }

    @Override // org.apache.abdera.security.util.filters.AbstractEncryptedResponseFilter
    protected boolean doEncryption(RequestContext requestContext, Object obj) {
        return obj != null && (obj instanceof RSAPublicKey);
    }

    @Override // org.apache.abdera.security.util.filters.AbstractEncryptedResponseFilter
    protected Object initArg(RequestContext requestContext) {
        return getPublicKey(requestContext);
    }

    protected PublicKey retrievePublicKey(RequestContext requestContext) {
        X509Certificate[] certs = getCerts(requestContext);
        if (certs != null) {
            return certs[0].getPublicKey();
        }
        return null;
    }

    @Override // org.apache.abdera.security.util.filters.AbstractEncryptedResponseFilter
    protected EncryptionOptions initEncryptionOptions(RequestContext requestContext, ResponseContext responseContext, Encryption encryption, Object obj) {
        try {
            EncryptionOptions defaultEncryptionOptions = encryption.getDefaultEncryptionOptions();
            defaultEncryptionOptions.setDataEncryptionKey(KeyHelper.generateKey("AES"));
            defaultEncryptionOptions.setKeyEncryptionKey((PublicKey) obj);
            defaultEncryptionOptions.setKeyCipherAlgorithm("http://www.w3.org/2001/04/xmlenc#rsa-1_5");
            defaultEncryptionOptions.setIncludeKeyInfo(true);
            return defaultEncryptionOptions;
        } catch (Exception e) {
            return null;
        }
    }
}
