package org.picketlink.json.jose;

import java.lang.reflect.Constructor;
import javax.json.JsonObject;
import org.picketlink.json.JsonConstants;
import org.picketlink.json.JsonMessages;
import org.picketlink.json.jose.AbstractJWSBuilder;
import org.picketlink.json.jose.JWS;
import org.picketlink.json.jose.crypto.Algorithm;
import org.picketlink.json.jwt.JWTBuilder;
import org.picketlink.json.util.JsonUtil;

/* loaded from: input_file:WEB-INF/lib/picketlink-json-2.6.0.CR2.jar:org/picketlink/json/jose/AbstractJWSBuilder.class */
public abstract class AbstractJWSBuilder<T extends JWS, B extends AbstractJWSBuilder<T, B>> extends JWTBuilder<T, B> {
    private byte[] key;

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractJWSBuilder(Class<T> cls) {
        super(cls);
        header(JsonConstants.COMMON.ALG, Algorithm.NONE.getAlgorithm());
    }

    public B hmac256(byte[] bArr) {
        header(JsonConstants.COMMON.ALG, Algorithm.HS256.name());
        this.key = bArr;
        return this;
    }

    public B hmac384(byte[] bArr) {
        header(JsonConstants.COMMON.ALG, Algorithm.HS384.name());
        this.key = bArr;
        return this;
    }

    public B hmac512(byte[] bArr) {
        header(JsonConstants.COMMON.ALG, Algorithm.HS512.name());
        this.key = bArr;
        return this;
    }

    public B rsa256(byte[] bArr) {
        header(JsonConstants.COMMON.ALG, Algorithm.RS256.name());
        this.key = bArr;
        return this;
    }

    public B rsa384(byte[] bArr) {
        header(JsonConstants.COMMON.ALG, Algorithm.RS384.name());
        this.key = bArr;
        return this;
    }

    public B rsa512(byte[] bArr) {
        header(JsonConstants.COMMON.ALG, Algorithm.RS512.name());
        this.key = bArr;
        return this;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.picketlink.json.jwt.JWTBuilder
    public T build(JsonObject jsonObject, JsonObject jsonObject2) {
        try {
            Constructor declaredConstructor = getTokenType().getDeclaredConstructor(JsonObject.class, JsonObject.class, byte[].class);
            declaredConstructor.setAccessible(true);
            return (T) declaredConstructor.newInstance(jsonObject, jsonObject2, this.key);
        } catch (Exception e) {
            throw JsonMessages.MESSAGES.couldNotCreateToken(getTokenType(), e);
        }
    }

    @Override // org.picketlink.json.jwt.JWTBuilder
    public T build(String str) {
        return build(str, this.key);
    }

    public T build(String str, byte[] bArr) {
        T t = (T) super.build(str);
        Algorithm resolve = Algorithm.resolve(t.getAlgorithm().toUpperCase());
        if (!resolve.isNone()) {
            if (bArr == null) {
                throw JsonMessages.MESSAGES.invalidNullArgument("Signature Key");
            }
            String[] split = str.split("\\.");
            if (split.length < 2) {
                throw JsonMessages.MESSAGES.cryptoSignatureNotPresent(str);
            }
            if (!resolve.getSignatureProvider().verify(str.substring(0, str.lastIndexOf(JsonConstants.COMMON.PERIOD)).getBytes(), resolve, JsonUtil.b64Decode(split[2]), bArr)) {
                throw JsonMessages.MESSAGES.cryptoInvalidSignature(str);
            }
        }
        return t;
    }
}
