package org.apache.abdera.security.util.servlet;

import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.abdera.security.Encryption;
import org.apache.abdera.security.EncryptionOptions;
import org.apache.abdera.security.util.KeyHelper;

/* loaded from: input_file:org/apache/abdera/security/util/servlet/AESEncryptedResponseFilter.class */
public class AESEncryptedResponseFilter extends AbstractEncryptedResponseFilter {
    public static final String PUBLICKEY = "X-PublicKey";

    protected X509Certificate[] getCerts(ServletRequest servletRequest) {
        return (X509Certificate[]) servletRequest.getAttribute("javax.servlet.request.X509Certificate");
    }

    protected PublicKey getPublicKey(ServletRequest servletRequest) {
        PublicKey generatePublicKey = KeyHelper.generatePublicKey(((HttpServletRequest) servletRequest).getHeader(PUBLICKEY));
        if (generatePublicKey == null) {
            generatePublicKey = retrievePublicKey(servletRequest);
        }
        return generatePublicKey;
    }

    @Override // org.apache.abdera.security.util.servlet.AbstractEncryptedResponseFilter
    protected boolean doEncryption(ServletRequest servletRequest, Object obj) {
        return obj != null && (obj instanceof RSAPublicKey);
    }

    @Override // org.apache.abdera.security.util.servlet.AbstractEncryptedResponseFilter
    protected Object initArg(ServletRequest servletRequest) {
        return getPublicKey(servletRequest);
    }

    protected PublicKey retrievePublicKey(ServletRequest servletRequest) {
        X509Certificate[] certs = getCerts(servletRequest);
        if (certs != null) {
            return certs[0].getPublicKey();
        }
        return null;
    }

    @Override // org.apache.abdera.security.util.servlet.AbstractEncryptedResponseFilter
    protected EncryptionOptions initEncryptionOptions(ServletRequest servletRequest, ServletResponse servletResponse, Encryption encryption, Object obj) {
        try {
            EncryptionOptions defaultEncryptionOptions = encryption.getDefaultEncryptionOptions();
            defaultEncryptionOptions.setDataEncryptionKey(KeyHelper.generateKey("AES"));
            defaultEncryptionOptions.setKeyEncryptionKey((PublicKey) obj);
            defaultEncryptionOptions.setKeyCipherAlgorithm("http://www.w3.org/2001/04/xmlenc#rsa-1_5");
            defaultEncryptionOptions.setIncludeKeyInfo(true);
            return defaultEncryptionOptions;
        } catch (Exception e) {
            return null;
        }
    }
}
