package com.microsoft.graph.core.models;

import com.microsoft.graph.core.CoreConstants;
import com.microsoft.kiota.serialization.Parsable;
import com.microsoft.kiota.serialization.ParsableFactory;
import com.microsoft.kiota.serialization.ParseNodeFactoryRegistry;
import jakarta.annotation.Nonnull;
import jakarta.annotation.Nullable;
import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.util.Arrays;
import java.util.Base64;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/microsoft/graph/core/models/DecryptableContent.class */
public interface DecryptableContent {

    @FunctionalInterface
    /* loaded from: input_file:com/microsoft/graph/core/models/DecryptableContent$CertificateKeyProvider.class */
    public interface CertificateKeyProvider {
        @Nonnull
        Key getCertificateKey(@Nullable String str, @Nullable String str2);
    }

    void setData(@Nullable String str);

    @Nullable
    String getData();

    void setDataKey(@Nullable String str);

    @Nullable
    String getDataKey();

    void setDataSignature(@Nullable String str);

    @Nullable
    String getDataSignature();

    void setEncryptionCertificateId(@Nullable String str);

    @Nullable
    String getEncryptionCertificateId();

    void setEncryptionCertificateThumbprint(@Nullable String str);

    @Nullable
    String getEncryptionCertificateThumbprint();

    @Nonnull
    static <T extends Parsable> T decrypt(@Nonnull DecryptableContent decryptableContent, @Nonnull CertificateKeyProvider certificateKeyProvider, @Nonnull ParsableFactory<T> parsableFactory) throws Exception {
        Objects.requireNonNull(certificateKeyProvider);
        return (T) ParseNodeFactoryRegistry.defaultInstance.getParseNode(CoreConstants.MimeTypeNames.APPLICATION_JSON, new ByteArrayInputStream(decryptAsString(decryptableContent, certificateKeyProvider).getBytes(StandardCharsets.UTF_8))).getObjectValue(parsableFactory);
    }

    @Nonnull
    static String decryptAsString(@Nonnull DecryptableContent decryptableContent, @Nonnull CertificateKeyProvider certificateKeyProvider) throws Exception {
        Objects.requireNonNull(decryptableContent);
        Objects.requireNonNull(certificateKeyProvider);
        Key certificateKey = certificateKeyProvider.getCertificateKey(decryptableContent.getEncryptionCertificateId(), decryptableContent.getEncryptionCertificateThumbprint());
        Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWITHSHA1ANDMGF1PADDING");
        cipher.init(2, certificateKey);
        byte[] doFinal = cipher.doFinal(Base64.getDecoder().decode(decryptableContent.getDataKey()));
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(new SecretKeySpec(doFinal, "HmacSHA256"));
        if (Base64.getEncoder().encodeToString(mac.doFinal(Base64.getDecoder().decode(decryptableContent.getData()))).equals(decryptableContent.getDataSignature())) {
            return new String(aesDecrypt(Base64.getDecoder().decode(decryptableContent.getData()), doFinal), StandardCharsets.UTF_8);
        }
        throw new Exception("Signature does not match");
    }

    @Nonnull
    static byte[] aesDecrypt(@Nonnull byte[] bArr, @Nonnull byte[] bArr2) throws Exception {
        Objects.requireNonNull(bArr);
        Objects.requireNonNull(bArr2);
        try {
            IvParameterSpec ivParameterSpec = new IvParameterSpec(Arrays.copyOf(bArr2, 16));
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(2, new SecretKeySpec(bArr2, "AES"), ivParameterSpec);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new RuntimeException("Unexpected error occurred while trying to decrypt the data", e);
        }
    }
}
