package de.adorsys.docusafe2.business.impl.cmsencryption.services;

import de.adorsys.common.exceptions.BaseExceptionHandler;
import de.adorsys.docusafe2.business.api.cmsencryption.CMSEncryptionService;
import de.adorsys.docusafe2.business.api.keystore.types.KeyID;
import de.adorsys.docusafe2.business.api.keystore.types.KeyStoreAccess;
import de.adorsys.docusafe2.business.api.types.DocumentContent;
import de.adorsys.docusafe2.business.impl.cmsencryption.exceptions.AsymmetricEncryptionException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Iterator;
import org.bouncycastle.cms.CMSAlgorithm;
import org.bouncycastle.cms.CMSEnvelopedData;
import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.RecipientInformation;
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/adorsys/docusafe2/business/impl/cmsencryption/services/CMSEncryptionServiceImpl.class */
public class CMSEncryptionServiceImpl implements CMSEncryptionService {
    private static final Logger log = LoggerFactory.getLogger(CMSEncryptionServiceImpl.class);

    public CMSEnvelopedData encrypt(DocumentContent documentContent, PublicKey publicKey, KeyID keyID) {
        try {
            CMSEnvelopedDataGenerator cMSEnvelopedDataGenerator = new CMSEnvelopedDataGenerator();
            cMSEnvelopedDataGenerator.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(keyID.getValue().getBytes(), publicKey));
            return cMSEnvelopedDataGenerator.generate(new CMSProcessableByteArray(documentContent.getValue()), new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider("BC").build());
        } catch (Exception e) {
            throw BaseExceptionHandler.handle(e);
        }
    }

    public DocumentContent decrypt(CMSEnvelopedData cMSEnvelopedData, KeyStoreAccess keyStoreAccess) {
        try {
            Iterator it = cMSEnvelopedData.getRecipientInfos().getRecipients().iterator();
            if (!it.hasNext()) {
                throw new AsymmetricEncryptionException("CMS Envelope doesn't contain recipients");
            }
            RecipientInformation recipientInformation = (RecipientInformation) it.next();
            if (it.hasNext()) {
                throw new AsymmetricEncryptionException("PROGRAMMING ERROR. HANDLE OF MORE THAN ONE RECIPIENT NOT DONE YET");
            }
            String str = new String(recipientInformation.getRID().getSubjectKeyIdentifier());
            log.debug("Private key ID from envelope: {}", str);
            return new DocumentContent(recipientInformation.getContent(new JceKeyTransEnvelopedRecipient((PrivateKey) keyStoreAccess.getKeyStore().getKey(str, keyStoreAccess.getKeyStoreAuth().getReadKeyPassword().getValue().toCharArray()))));
        } catch (Exception e) {
            throw BaseExceptionHandler.handle(e);
        }
    }
}
