package no.digipost.api.client.util;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import no.digipost.api.client.errorhandling.DigipostClientException;
import no.digipost.api.client.errorhandling.ErrorCode;
import no.motif.Exceptions;
import no.motif.f.Fn;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.cms.CMSAlgorithm;
import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;

/* loaded from: input_file:no/digipost/api/client/util/Encrypter.class */
public final class Encrypter {
    public static final Encrypter FAIL_IF_TRYING_TO_ENCRYPT = new Encrypter(null);
    public static final Fn<DigipostPublicKey, Encrypter> keyToEncrypter = new Fn<DigipostPublicKey, Encrypter>() { // from class: no.digipost.api.client.util.Encrypter.1
        public Encrypter $(DigipostPublicKey digipostPublicKey) {
            return Encrypter.using(digipostPublicKey);
        }
    };
    private final DigipostPublicKey key;
    private final JceCMSContentEncryptorBuilder encryptorBuilder = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES256_CBC).setProvider("BC");

    public static Encrypter using(DigipostPublicKey digipostPublicKey) {
        return new Encrypter(digipostPublicKey);
    }

    private Encrypter(DigipostPublicKey digipostPublicKey) {
        this.key = digipostPublicKey;
    }

    public InputStream encrypt(InputStream inputStream) {
        try {
            return encrypt(IOUtils.toByteArray(inputStream));
        } catch (IOException e) {
            throw Exceptions.asRuntimeException(e);
        }
    }

    public InputStream encrypt(byte[] bArr) {
        if (this.key == null) {
            throw new DigipostClientException(ErrorCode.ENCRYPTION_KEY_NOT_FOUND, "Trying to preencrypt but have no encryption key.");
        }
        try {
            CMSEnvelopedDataGenerator cMSEnvelopedDataGenerator = new CMSEnvelopedDataGenerator();
            cMSEnvelopedDataGenerator.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(this.key.publicKeyHash.getBytes(), this.key.publicKey));
            return new ByteArrayInputStream(cMSEnvelopedDataGenerator.generate(new CMSProcessableByteArray(bArr), this.encryptorBuilder.build()).getEncoded());
        } catch (Exception e) {
            throw new DigipostClientException(ErrorCode.FAILED_PREENCRYPTION, "Feil ved kryptering av innhold: " + e.getMessage(), e);
        }
    }
}
