package org.wso2.carbon.identity.sso.saml.builders.encryption;

import org.opensaml.saml2.core.Assertion;
import org.opensaml.saml2.core.EncryptedAssertion;
import org.opensaml.saml2.encryption.Encrypter;
import org.opensaml.xml.encryption.EncryptionParameters;
import org.opensaml.xml.encryption.KeyEncryptionParameters;
import org.opensaml.xml.security.SecurityHelper;
import org.opensaml.xml.security.credential.BasicCredential;
import org.opensaml.xml.security.x509.X509Credential;
import org.wso2.carbon.identity.base.IdentityException;

/* loaded from: input_file:org/wso2/carbon/identity/sso/saml/builders/encryption/DefaultSSOEncrypter.class */
public class DefaultSSOEncrypter implements SSOEncrypter {
    @Override // org.wso2.carbon.identity.sso.saml.builders.encryption.SSOEncrypter
    public void init() throws IdentityException {
    }

    @Override // org.wso2.carbon.identity.sso.saml.builders.encryption.SSOEncrypter
    public EncryptedAssertion doEncryptedAssertion(Assertion assertion, X509Credential x509Credential, String str, String str2) throws IdentityException {
        try {
            BasicCredential simpleCredential = SecurityHelper.getSimpleCredential(SecurityHelper.generateSymmetricKey("http://www.w3.org/2001/04/xmlenc#aes256-cbc"));
            EncryptionParameters encryptionParameters = new EncryptionParameters();
            encryptionParameters.setAlgorithm("http://www.w3.org/2001/04/xmlenc#aes256-cbc");
            encryptionParameters.setEncryptionCredential(simpleCredential);
            KeyEncryptionParameters keyEncryptionParameters = new KeyEncryptionParameters();
            keyEncryptionParameters.setAlgorithm("http://www.w3.org/2001/04/xmlenc#rsa-1_5");
            keyEncryptionParameters.setEncryptionCredential(x509Credential);
            Encrypter encrypter = new Encrypter(encryptionParameters, keyEncryptionParameters);
            encrypter.setKeyPlacement(Encrypter.KeyPlacement.INLINE);
            return encrypter.encrypt(assertion);
        } catch (Exception e) {
            throw IdentityException.error("Error while Encrypting Assertion", e);
        }
    }
}
