package uk.gov.ida.saml.security;

import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import org.bouncycastle.util.encoders.Base64;
import org.opensaml.saml.saml2.encryption.Decrypter;
import org.opensaml.security.credential.BasicCredential;
import org.opensaml.xmlsec.encryption.support.EncryptedKeyResolver;
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver;
import org.opensaml.xmlsec.keyinfo.impl.StaticKeyInfoCredentialResolver;

/* loaded from: input_file:uk/gov/ida/saml/security/SecretKeyDecryptorFactory.class */
public class SecretKeyDecryptorFactory {
    private final IdaKeyStoreCredentialRetriever idaKeyStoreCredentialRetriever;

    public SecretKeyDecryptorFactory(IdaKeyStoreCredentialRetriever idaKeyStoreCredentialRetriever) {
        this.idaKeyStoreCredentialRetriever = idaKeyStoreCredentialRetriever;
    }

    public Decrypter createDecrypter(String str) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
        PrivateKey privateKey = this.idaKeyStoreCredentialRetriever.getDecryptingCredentials().get(0).getPrivateKey();
        Cipher cipher = Cipher.getInstance(privateKey.getAlgorithm());
        cipher.init(4, privateKey);
        return new Decrypter(new StaticKeyInfoCredentialResolver(new BasicCredential((SecretKey) cipher.unwrap(Base64.decode(str), cipher.getAlgorithm(), 3))), (KeyInfoCredentialResolver) null, (EncryptedKeyResolver) null);
    }
}
