package com.palantir.config.crypto.algorithm.rsa;

import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
import com.palantir.config.crypto.EncryptedValue;
import com.palantir.config.crypto.EncryptedValueVisitor;
import com.palantir.config.crypto.KeyWithType;
import com.palantir.config.crypto.algorithm.Algorithm;
import com.palantir.config.crypto.algorithm.KeyType;
import com.palantir.config.crypto.algorithm.rsa.RsaOaepEncrypter;
import com.palantir.config.crypto.util.Suppliers;
import java.nio.charset.StandardCharsets;
import java.security.PrivateKey;
import java.security.spec.MGF1ParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import org.immutables.value.Value;

@JsonDeserialize(as = ImmutableRsaEncryptedValue.class)
@JsonSerialize(as = RsaEncryptedValue.class)
@Value.Immutable
/* loaded from: input_file:com/palantir/config/crypto/algorithm/rsa/RsaEncryptedValue.class */
public abstract class RsaEncryptedValue extends EncryptedValue {

    /* loaded from: input_file:com/palantir/config/crypto/algorithm/rsa/RsaEncryptedValue$Mode.class */
    public enum Mode {
        OAEP
    }

    public final Algorithm getType() {
        return Algorithm.RSA;
    }

    @Value.Default
    public Mode getMode() {
        return Mode.OAEP;
    }

    public abstract byte[] getCiphertext();

    @JsonProperty("oaep-alg")
    public abstract RsaOaepEncrypter.HashAlgorithm getOaepHashAlg();

    @JsonProperty("mdf1-alg")
    public abstract RsaOaepEncrypter.HashAlgorithm getMdf1HashAlg();

    @Override // com.palantir.config.crypto.EncryptedValue
    public final String decrypt(KeyWithType keyWithType) {
        KeyType.RSA_PRIVATE.checkKeyArgument(keyWithType, RsaPrivateKey.class);
        PrivateKey privateKey = ((RsaPrivateKey) keyWithType.getKey()).getPrivateKey();
        return (String) Suppliers.silently(() -> {
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPPadding");
            cipher.init(2, privateKey, new OAEPParameterSpec(getOaepHashAlg().toString(), "MGF1", new MGF1ParameterSpec(getMdf1HashAlg().toString()), PSource.PSpecified.DEFAULT));
            return new String(cipher.doFinal(getCiphertext()), StandardCharsets.UTF_8);
        });
    }

    @Override // com.palantir.config.crypto.EncryptedValue
    public final <T> T accept(EncryptedValueVisitor<T> encryptedValueVisitor) {
        return encryptedValueVisitor.visit(this);
    }
}
