// 
// Decompiled by Procyon v0.6.0
// 

package com.nimbusds.jose.crypto.impl;

import java.util.Collection;
import java.util.HashSet;
import java.util.Arrays;
import com.nimbusds.jose.jca.JCAContext;
import com.nimbusds.jose.JOSEException;
import java.util.Collections;
import javax.crypto.SecretKey;
import com.nimbusds.jose.jca.JWEJCAContext;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import java.util.Set;
import com.nimbusds.jose.JWEProvider;

public abstract class BaseJWEProvider implements JWEProvider
{
    private static final Set<String> ACCEPTABLE_CEK_ALGS;
    private final Set<JWEAlgorithm> algs;
    private final Set<EncryptionMethod> encs;
    private final JWEJCAContext jcaContext;
    private final SecretKey cek;
    
    public BaseJWEProvider(final Set<JWEAlgorithm> algs, final Set<EncryptionMethod> encs) {
        this(algs, encs, null);
    }
    
    public BaseJWEProvider(final Set<JWEAlgorithm> algs, final Set<EncryptionMethod> encs, final SecretKey cek) {
        this.jcaContext = new JWEJCAContext();
        if (algs == null) {
            throw new IllegalArgumentException("The supported JWE algorithm set must not be null");
        }
        this.algs = Collections.unmodifiableSet((Set<? extends JWEAlgorithm>)algs);
        if (encs == null) {
            throw new IllegalArgumentException("The supported encryption methods must not be null");
        }
        this.encs = encs;
        if (cek != null && algs.size() > 1 && (cek.getAlgorithm() == null || !BaseJWEProvider.ACCEPTABLE_CEK_ALGS.contains(cek.getAlgorithm()))) {
            throw new IllegalArgumentException("The algorithm of the content encryption key (CEK) must be AES or ChaCha20");
        }
        this.cek = cek;
    }
    
    @Override
    public Set<JWEAlgorithm> supportedJWEAlgorithms() {
        return this.algs;
    }
    
    @Override
    public Set<EncryptionMethod> supportedEncryptionMethods() {
        return this.encs;
    }
    
    @Override
    public JWEJCAContext getJCAContext() {
        return this.jcaContext;
    }
    
    protected boolean isCEKProvided() {
        return this.cek != null;
    }
    
    protected SecretKey getCEK(final EncryptionMethod enc) throws JOSEException {
        return (this.isCEKProvided() || enc == null) ? this.cek : ContentCryptoProvider.generateCEK(enc, this.jcaContext.getSecureRandom());
    }
    
    static {
        ACCEPTABLE_CEK_ALGS = Collections.unmodifiableSet((Set<? extends String>)new HashSet<String>(Arrays.asList("AES", "ChaCha20")));
    }
}