package com.couchbase.client.encryption.internal;

import com.couchbase.client.encryption.Decrypter;
import com.couchbase.client.encryption.EncryptionResult;
import com.couchbase.client.encryption.Keyring;
import com.couchbase.client.encryption.errors.CryptoKeyNotFoundException;
import java.security.KeyFactory;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Function;
import javax.crypto.Cipher;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;

/* loaded from: input_file:com/couchbase/client/encryption/internal/LegacyRsaDecrypter.class */
public class LegacyRsaDecrypter implements Decrypter {
    private final Function<String, String> publicKeyNameToPrivateKeyName;
    private final Keyring keyring;

    public LegacyRsaDecrypter(Keyring keyring, Function<String, String> function) {
        this.keyring = (Keyring) Objects.requireNonNull(keyring);
        this.publicKeyNameToPrivateKeyName = (Function) Objects.requireNonNull(function);
    }

    @Override // com.couchbase.client.encryption.Decrypter
    public String algorithm() {
        return "RSA-2048-OAEP-SHA1";
    }

    @Override // com.couchbase.client.encryption.Decrypter
    public byte[] decrypt(EncryptionResult encryptionResult) throws Exception {
        String string = encryptionResult.getString("kid");
        byte[] bytes = encryptionResult.getBytes("ciphertext");
        OAEPParameterSpec oAEPParameterSpec = new OAEPParameterSpec("SHA-1", "MGF1", new MGF1ParameterSpec("SHA-1"), PSource.PSpecified.DEFAULT);
        Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-1AndMGF1Padding");
        cipher.init(2, getPrivateKey(string), oAEPParameterSpec);
        return cipher.doFinal(bytes);
    }

    private String getPrivateKeyName(String str) {
        return (String) Optional.of(this.publicKeyNameToPrivateKeyName.apply(str)).orElseThrow(() -> {
            return new CryptoKeyNotFoundException("No mapping to private key name found for public key '" + str + "'");
        });
    }

    private RSAPrivateKey getPrivateKey(String str) throws Exception {
        Zeroizer zeroizer = new Zeroizer();
        Throwable th = null;
        try {
            try {
                RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(zeroizer.add(this.keyring.getOrThrow(getPrivateKeyName(str)).bytes())));
                if (zeroizer != null) {
                    if (0 != 0) {
                        try {
                            zeroizer.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        zeroizer.close();
                    }
                }
                return rSAPrivateKey;
            } finally {
            }
        } catch (Throwable th3) {
            if (zeroizer != null) {
                if (th != null) {
                    try {
                        zeroizer.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    zeroizer.close();
                }
            }
            throw th3;
        }
    }
}
