package de.governikus.ozgpp.client.sdk.api.impl;

import de.fraunhofer.aisec.proxycrypt.selvi.SelviLevel2Ciphertext;
import de.fraunhofer.aisec.proxycrypt.selvi.SelviPublicKey;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.io.SequenceInputStream;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.SecureRandom;
import java.util.zip.DeflaterInputStream;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import lombok.NonNull;

/* loaded from: input_file:de/governikus/ozgpp/client/sdk/api/impl/CryptoHelper.class */
public final class CryptoHelper {
    public static final String ALGORITHM_PRE = "https://eprint.iacr.org/2018/1136";
    public static final String ALGORITHM_AES256_GCM = "http://www.w3.org/2009/xmlenc11#aes256-gcm";
    public static final String ALGORITHM_AES_GCM_JCA_JCE = "AES/GCM/NoPadding";
    public static final String ALGORITHM_AES_JCA_JCE = "AES";
    public static final int AES_LENGTH = 256;
    public static final int IV_BYTES_LENGTH = 12;
    public static final String SECURITY_PROVIDER_NAME = "BC";
    public static final String SECURE_RANDOM_ALGORITHM = "DEFAULT";

    public static SecretKey createSymmetricKey() throws GeneralSecurityException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(ALGORITHM_AES_JCA_JCE, SECURITY_PROVIDER_NAME);
        keyGenerator.init(AES_LENGTH);
        return keyGenerator.generateKey();
    }

    public static InputStream encryptContent(InputStream inputStream, Key key, boolean z) throws GeneralSecurityException {
        byte[] createRandomBytes = createRandomBytes(12);
        Cipher cipher = Cipher.getInstance(ALGORITHM_AES_GCM_JCA_JCE, SECURITY_PROVIDER_NAME);
        cipher.init(1, key, new IvParameterSpec(createRandomBytes));
        return new SequenceInputStream(new ByteArrayInputStream(createRandomBytes), z ? new CipherInputStream(new DeflaterInputStream(inputStream), cipher) : new CipherInputStream(inputStream, cipher));
    }

    public static byte[] encryptSecretKey(@NonNull SecretKey secretKey, @NonNull byte[] bArr) {
        if (secretKey == null) {
            throw new NullPointerException("secretKey is marked non-null but is null");
        }
        if (bArr == null) {
            throw new NullPointerException("prePublicKey is marked non-null but is null");
        }
        SelviPublicKey selviPublicKey = new SelviPublicKey(bArr);
        try {
            SelviLevel2Ciphertext encrypt2 = selviPublicKey.encrypt2(secretKey.getEncoded());
            try {
                byte[] serialize = encrypt2.serialize();
                if (encrypt2 != null) {
                    encrypt2.close();
                }
                selviPublicKey.close();
                return serialize;
            } finally {
            }
        } catch (Throwable th) {
            try {
                selviPublicKey.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private static byte[] createRandomBytes(int i) throws GeneralSecurityException {
        byte[] bArr = new byte[i];
        SecureRandom.getInstance(SECURE_RANDOM_ALGORITHM, SECURITY_PROVIDER_NAME).nextBytes(bArr);
        return bArr;
    }

    private CryptoHelper() {
        throw new UnsupportedOperationException("This is a utility class and cannot be instantiated");
    }
}
