package de.petendi.commons.crypto;

import de.petendi.commons.crypto.connector.SecurityProviderConnector;
import de.petendi.commons.crypto.model.HybridEncrypted;
import java.io.IOException;
import java.io.InputStream;
import java.io.Reader;
import java.io.StringReader;
import java.io.StringWriter;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;

/* loaded from: input_file:de/petendi/commons/crypto/HybridCrypto.class */
public class HybridCrypto {
    private byte[] symmetricPassPhrase = null;
    private HybridEncrypted encryptedMessage = new HybridEncrypted();
    private SymmetricCrypto symmetricCrypto = new SymmetricCrypto();
    private AsymmetricCrypto asymmetricCrypto;
    private final SecurityProviderConnector securityProviderConnector;

    public HybridCrypto(SecurityProviderConnector securityProviderConnector) {
        this.securityProviderConnector = securityProviderConnector;
        this.asymmetricCrypto = new AsymmetricCrypto(securityProviderConnector);
        this.encryptedMessage.setHeaders(new HashMap());
        this.encryptedMessage.setRecipients(new HashMap());
        this.encryptedMessage.setCertificates(new HashMap());
    }

    private synchronized void createSymmetricPassphrase() {
        if (this.symmetricPassPhrase == null) {
            this.symmetricPassPhrase = this.securityProviderConnector.generateSecretKey().getEncoded();
        }
    }

    public HybridCrypto addRecipient(String str, Reader reader) {
        try {
            createSymmetricPassphrase();
            String iOUtils = IOUtils.toString(reader);
            this.encryptedMessage.getRecipients().put(str, this.asymmetricCrypto.encrypt(this.symmetricPassPhrase, new StringReader(iOUtils)));
            this.encryptedMessage.getCertificates().put(str, iOUtils);
            return this;
        } catch (IOException e) {
            throw new IllegalStateException(e);
        }
    }

    public HybridCrypto addRecipient(String str, X509Certificate x509Certificate) {
        try {
            createSymmetricPassphrase();
            this.encryptedMessage.getRecipients().put(str, this.asymmetricCrypto.encrypt(this.symmetricPassPhrase, x509Certificate.getPublicKey()));
            StringWriter stringWriter = new StringWriter();
            this.securityProviderConnector.writeCertificate(stringWriter, x509Certificate);
            this.encryptedMessage.getCertificates().put(str, stringWriter.toString());
            return this;
        } catch (IOException e) {
            throw new IllegalStateException(e);
        }
    }

    public HybridEncrypted build(byte[] bArr, char[] cArr, InputStream inputStream) {
        this.encryptedMessage.setSignature(new Signature(this.securityProviderConnector).sign(encryptInternal(bArr), cArr, inputStream));
        return this.encryptedMessage;
    }

    public HybridEncrypted build(byte[] bArr, PrivateKey privateKey) {
        this.encryptedMessage.setSignature(new Signature(this.securityProviderConnector).sign(encryptInternal(bArr), privateKey));
        return this.encryptedMessage;
    }

    private byte[] encryptInternal(byte[] bArr) {
        createSymmetricPassphrase();
        byte[] encrypt = this.symmetricCrypto.encrypt(bArr, Base64.encodeBase64String(this.symmetricPassPhrase).toCharArray());
        this.encryptedMessage.setEncryptedBody(encrypt);
        return encrypt;
    }

    public byte[] decrypt(HybridEncrypted hybridEncrypted, String str, char[] cArr, InputStream inputStream) {
        return this.symmetricCrypto.decrypt(hybridEncrypted.getEncryptedBody(), retrievePassPhrase(hybridEncrypted.getRecipients().get(str), cArr, inputStream));
    }

    public byte[] decrypt(HybridEncrypted hybridEncrypted, String str, PrivateKey privateKey) {
        return this.symmetricCrypto.decrypt(hybridEncrypted.getEncryptedBody(), retrievePassPhrase(hybridEncrypted.getRecipients().get(str), privateKey));
    }

    private char[] retrievePassPhrase(byte[] bArr, PrivateKey privateKey) {
        return new String(Base64.encodeBase64(this.asymmetricCrypto.decrypt(bArr, privateKey))).toCharArray();
    }

    private char[] retrievePassPhrase(byte[] bArr, char[] cArr, InputStream inputStream) {
        return new String(Base64.encodeBase64(this.asymmetricCrypto.decrypt(bArr, cArr, inputStream))).toCharArray();
    }
}
