package org.apache.cxf.rs.security.oauth2.jws;

import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import org.apache.cxf.rs.security.oauth2.jwt.Algorithm;
import org.apache.cxf.rs.security.oauth2.jwt.JwtHeaders;
import org.apache.cxf.rs.security.oauth2.utils.crypto.CryptoUtils;

/* loaded from: input_file:org/apache/cxf/rs/security/oauth2/jws/PrivateKeyJwsSignatureProvider.class */
public class PrivateKeyJwsSignatureProvider extends AbstractJwsSignatureProvider {
    private static final Set<String> SUPPORTED_ALGORITHMS = new HashSet(Arrays.asList(Algorithm.SHA256withRSA.getJwtName(), Algorithm.SHA384withRSA.getJwtName(), Algorithm.SHA512withRSA.getJwtName()));
    private PrivateKey key;
    private SecureRandom random;
    private AlgorithmParameterSpec signatureSpec;

    public PrivateKeyJwsSignatureProvider(PrivateKey privateKey) {
        this(privateKey, null);
    }

    public PrivateKeyJwsSignatureProvider(PrivateKey privateKey, AlgorithmParameterSpec algorithmParameterSpec) {
        this(privateKey, null, algorithmParameterSpec);
    }

    public PrivateKeyJwsSignatureProvider(PrivateKey privateKey, SecureRandom secureRandom, AlgorithmParameterSpec algorithmParameterSpec) {
        super(SUPPORTED_ALGORITHMS);
        this.key = privateKey;
        this.random = secureRandom;
        this.signatureSpec = algorithmParameterSpec;
    }

    @Override // org.apache.cxf.rs.security.oauth2.jws.AbstractJwsSignatureProvider
    protected JwsSignature doCreateJwsSignature(JwtHeaders jwtHeaders) {
        final Signature signature = CryptoUtils.getSignature(this.key, Algorithm.toJavaName(jwtHeaders.getAlgorithm()), this.random, this.signatureSpec);
        return new JwsSignature() { // from class: org.apache.cxf.rs.security.oauth2.jws.PrivateKeyJwsSignatureProvider.1
            @Override // org.apache.cxf.rs.security.oauth2.jws.JwsSignature
            public void update(byte[] bArr, int i, int i2) {
                try {
                    signature.update(bArr, i, i2);
                } catch (SignatureException e) {
                    throw new SecurityException();
                }
            }

            @Override // org.apache.cxf.rs.security.oauth2.jws.JwsSignature
            public byte[] sign() {
                try {
                    return signature.sign();
                } catch (SignatureException e) {
                    throw new SecurityException();
                }
            }
        };
    }
}
