package de.gematik.rbellogger.modifier;

import de.gematik.rbellogger.data.RbelElement;
import de.gematik.rbellogger.data.facet.RbelVauEpaFacet;
import de.gematik.rbellogger.exceptions.RbelPkiException;
import de.gematik.rbellogger.key.RbelKey;
import de.gematik.rbellogger.modifier.RbelModifier;
import de.gematik.rbellogger.util.CryptoUtils;
import java.nio.ByteBuffer;
import java.util.Arrays;
import java.util.Base64;
import java.util.Optional;
import javax.crypto.Cipher;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import lombok.Generated;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.jose4j.jwe.SimpleAeadCipher;
import org.jose4j.keys.AesKey;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/tiger-rbel-3.0.3.jar:de/gematik/rbellogger/modifier/RbelVauEpaWriter.class */
public class RbelVauEpaWriter implements RbelElementWriter {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) RbelVauEpaWriter.class);

    public static byte[] encrypt(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr2, AesKey.ALGORITHM);
        Cipher cipher = Cipher.getInstance(SimpleAeadCipher.GCM_TRANSFORMATION_NAME, BouncyCastleProvider.PROVIDER_NAME);
        cipher.init(1, secretKeySpec, new GCMParameterSpec(128, bArr3));
        byte[] doFinal = cipher.doFinal(bArr);
        byte[] copyOf = Arrays.copyOf(bArr3, 12 + doFinal.length);
        System.arraycopy(doFinal, 0, copyOf, 12, doFinal.length);
        return copyOf;
    }

    @Override // de.gematik.rbellogger.modifier.RbelElementWriter
    public boolean canWrite(RbelElement rbelElement) {
        return rbelElement.hasFacet(RbelVauEpaFacet.class);
    }

    @Override // de.gematik.rbellogger.modifier.RbelElementWriter
    public byte[] write(RbelElement rbelElement, RbelElement rbelElement2, byte[] bArr) {
        Optional flatMap = rbelElement.getFacet(RbelVauEpaFacet.class).flatMap((v0) -> {
            return v0.getKeyUsed();
        });
        if (flatMap.isEmpty()) {
            throw new RbelPkiException("Error while trying to write VAU Erp Message: No decryption-key found!");
        }
        byte[] rawContent = ((RbelVauEpaFacet) rbelElement.getFacetOrFail(RbelVauEpaFacet.class)).getEncryptedMessage().getRawContent();
        byte[] bArr2 = CryptoUtils.decrypt(rawContent, ((RbelVauEpaFacet) rbelElement.getFacetOrFail(RbelVauEpaFacet.class)).getKeyUsed().get().getKey()).get();
        int i = 13 + ByteBuffer.wrap(Arrays.copyOfRange(bArr2, 9, 13)).getInt();
        byte[] copyOfRange = Arrays.copyOfRange(rawContent, 0, 12);
        byte[] addAll = ArrayUtils.addAll(Arrays.copyOfRange(rbelElement.getRawContent(), 0, 32), encrypt(ArrayUtils.addAll(Arrays.copyOfRange(bArr2, 0, i), bArr), ((RbelKey) flatMap.get()).getKey().getEncoded(), copyOfRange));
        Pair<byte[], byte[]> splitVauMessage = splitVauMessage(addAll);
        log.info("splitted into {} and {}", Base64.getEncoder().encodeToString(splitVauMessage.getLeft()), Base64.getEncoder().encodeToString(splitVauMessage.getRight()));
        return addAll;
    }

    private Pair<byte[], byte[]> splitVauMessage(byte[] bArr) {
        try {
            byte[] bArr2 = new byte[32];
            System.arraycopy(bArr, 0, bArr2, 0, 32);
            byte[] bArr3 = new byte[bArr.length - 32];
            System.arraycopy(bArr, 32, bArr3, 0, bArr.length - 32);
            return Pair.of(bArr2, bArr3);
        } catch (ArrayIndexOutOfBoundsException e) {
            throw new RbelModifier.RbelModificationException("Unable to write VAU message", e);
        }
    }

    @Generated
    public RbelVauEpaWriter() {
    }
}
