package de.adorsys.opba.protocol.facade.config.encryption;

import de.adorsys.datasafe.encrypiton.impl.utils.ProviderUtils;
import de.adorsys.opba.protocol.api.services.EncryptionService;
import de.adorsys.xs2a.adapter.signing.util.Constants;
import java.beans.ConstructorProperties;
import java.nio.charset.StandardCharsets;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import lombok.Generated;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
import org.bouncycastle.cms.CMSEnvelopedDataParser;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;

/* loaded from: input_file:BOOT-INF/lib/opba-banking-protocol-facade-0.20.0.2-RC1.jar:de/adorsys/opba/protocol/facade/config/encryption/CmsEncryptionOper.class */
public class CmsEncryptionOper {
    private final CmsEncSpec cmsEncSpec;

    /* loaded from: input_file:BOOT-INF/lib/opba-banking-protocol-facade-0.20.0.2-RC1.jar:de/adorsys/opba/protocol/facade/config/encryption/CmsEncryptionOper$CmsEncryption.class */
    public static class CmsEncryption implements EncryptionService {
        private final String encryptionKeyId;
        private final ASN1ObjectIdentifier algorithm;
        private final PublicKey publicKey;
        private final PrivateKey privateKey;

        @Override // de.adorsys.opba.protocol.api.services.EncryptionService
        public byte[] encrypt(byte[] bArr) {
            CMSEnvelopedDataGenerator cMSEnvelopedDataGenerator = new CMSEnvelopedDataGenerator();
            cMSEnvelopedDataGenerator.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(this.encryptionKeyId.getBytes(StandardCharsets.UTF_8), this.publicKey));
            return cMSEnvelopedDataGenerator.generate(new CMSProcessableByteArray(bArr), new JceCMSContentEncryptorBuilder(this.algorithm).setProvider(ProviderUtils.bcProvider).build()).getEncoded();
        }

        @Override // de.adorsys.opba.protocol.api.services.EncryptionService
        public byte[] decrypt(byte[] bArr) {
            return new CMSEnvelopedDataParser(bArr).getRecipientInfos().iterator().next().getContent(new JceKeyTransEnvelopedRecipient(this.privateKey));
        }

        @Generated
        @ConstructorProperties({"encryptionKeyId", Constants.ALGORITHM_ATTRIBUTE_NAME, "publicKey", "privateKey"})
        public CmsEncryption(String str, ASN1ObjectIdentifier aSN1ObjectIdentifier, PublicKey publicKey, PrivateKey privateKey) {
            this.encryptionKeyId = str;
            this.algorithm = aSN1ObjectIdentifier;
            this.publicKey = publicKey;
            this.privateKey = privateKey;
        }

        @Override // de.adorsys.opba.protocol.api.services.EncryptionService
        @Generated
        public String getEncryptionKeyId() {
            return this.encryptionKeyId;
        }
    }

    public EncryptionService encryptionService(String str, PrivateKey privateKey) {
        return new CmsEncryption(str, this.cmsEncSpec.getCipherAlgo(), null, privateKey);
    }

    public EncryptionService encryptionService(String str, PublicKey publicKey) {
        return new CmsEncryption(str, this.cmsEncSpec.getCipherAlgo(), publicKey, null);
    }

    public KeyPair generatePublicPrivateKey() {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(this.cmsEncSpec.getKeyAlgo());
        keyPairGenerator.initialize(this.cmsEncSpec.getLen());
        return keyPairGenerator.genKeyPair();
    }

    @Generated
    @ConstructorProperties({"cmsEncSpec"})
    public CmsEncryptionOper(CmsEncSpec cmsEncSpec) {
        this.cmsEncSpec = cmsEncSpec;
    }
}
