package se.litsec.swedisheid.opensaml.saml2.signservice;

import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.logic.Constraint;
import org.opensaml.xmlsec.EncryptionConfiguration;
import org.opensaml.xmlsec.encryption.EncryptedData;
import org.opensaml.xmlsec.encryption.support.EncryptionException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import se.litsec.opensaml.utils.ObjectUtils;
import se.litsec.opensaml.xmlsec.SAMLObjectEncrypter;
import se.litsec.swedisheid.opensaml.saml2.signservice.dss.EncryptedMessage;
import se.litsec.swedisheid.opensaml.saml2.signservice.dss.SignMessage;

/* loaded from: input_file:se/litsec/swedisheid/opensaml/saml2/signservice/SignMessageEncrypter.class */
public class SignMessageEncrypter {
    private Logger log = LoggerFactory.getLogger(SignMessageEncrypter.class);
    private final SAMLObjectEncrypter encrypter;

    public SignMessageEncrypter(SAMLObjectEncrypter sAMLObjectEncrypter) throws ComponentInitializationException {
        this.encrypter = (SAMLObjectEncrypter) Constraint.isNotNull(sAMLObjectEncrypter, "encrypter must not be null");
    }

    public void encrypt(SignMessage signMessage, String str) throws EncryptionException {
        encrypt(signMessage, str, null);
    }

    public void encrypt(SignMessage signMessage, String str, EncryptionConfiguration encryptionConfiguration) throws EncryptionException {
        Constraint.isNotNull(signMessage, "signMessage must not be null");
        Constraint.isNotNull(str, "entityID must not be null");
        if (signMessage.getEncryptedMessage() != null) {
            throw new EncryptionException("signMessage is already encrypted");
        }
        if (signMessage.getMessage() == null) {
            throw new EncryptionException("No Message element available in SignMessage");
        }
        if (signMessage.getDisplayEntity() == null) {
            this.log.debug("Updated SignMessage.DisplayEntity with {}", str);
            signMessage.setDisplayEntity(str);
        } else if (!signMessage.getDisplayEntity().equals(str)) {
            throw new EncryptionException(String.format("Assigned DisplayEntity (%s) does not match supplied entityID (%s)", signMessage.getDisplayEntity(), str));
        }
        EncryptedData encrypt = this.encrypter.encrypt(signMessage.getMessage(), new SAMLObjectEncrypter.Peer(str), encryptionConfiguration);
        EncryptedMessage encryptedMessage = (EncryptedMessage) ObjectUtils.createSamlObject(EncryptedMessage.class);
        encryptedMessage.setEncryptedData(encrypt);
        signMessage.setMessage(null);
        signMessage.setEncryptedMessage(encryptedMessage);
    }
}
