package org.alfresco.encryption;

import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:WEB-INF/lib/alfresco-core-23.3.0.21.jar:org/alfresco/encryption/EncryptingOutputStream.class */
public class EncryptingOutputStream extends OutputStream {
    private final OutputStream wrapped;
    private final Cipher outputCipher;
    private final Mac mac;
    private final ByteArrayOutputStream buffer;
    private final DataOutputStream dataStr;

    public EncryptingOutputStream(OutputStream outputStream, PublicKey publicKey, SecureRandom secureRandom) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        this(outputStream, publicKey, "AES", secureRandom, 128, "CBC", "PKCS5PADDING");
    }

    public EncryptingOutputStream(OutputStream outputStream, PublicKey publicKey, String str, SecureRandom secureRandom, int i, String str2, String str3) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        this.buffer = new ByteArrayOutputStream(1024);
        this.dataStr = new DataOutputStream(this.buffer);
        this.wrapped = outputStream;
        KeyGenerator keyGenerator = KeyGenerator.getInstance(str);
        keyGenerator.init(i, secureRandom);
        SecretKey generateKey = keyGenerator.generateKey();
        this.outputCipher = Cipher.getInstance(str + "/" + str2 + "/" + str3);
        this.outputCipher.init(1, generateKey, secureRandom);
        this.mac = Mac.getInstance("HMACSHA1");
        byte[] bArr = new byte[20];
        secureRandom.nextBytes(bArr);
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "HMACSHA1");
        this.mac.init(secretKeySpec);
        Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWITHSHA1ANDMGF1PADDING");
        cipher.init(1, publicKey, secureRandom);
        writeBlock(cipher.doFinal(generateKey.getEncoded()));
        writeBlock(cipher.doFinal(this.outputCipher.getIV()));
        writeBlock(this.outputCipher.doFinal(secretKeySpec.getEncoded()));
    }

    @Override // java.io.OutputStream
    public void write(int i) throws IOException {
        write(new byte[]{(byte) i}, 0, 1);
    }

    @Override // java.io.OutputStream
    public void write(byte[] bArr) throws IOException {
        write(bArr, 0, bArr.length);
    }

    @Override // java.io.OutputStream
    public void write(byte[] bArr, int i, int i2) throws IOException {
        byte[] update;
        if (bArr == null) {
            throw new NullPointerException();
        }
        if (i < 0 || i > bArr.length || i2 < 0 || i + i2 > bArr.length || i + i2 < 0) {
            throw new IndexOutOfBoundsException();
        }
        if (i2 == 0 || (update = this.outputCipher.update(bArr, i, i2)) == null || update.length <= 0) {
            return;
        }
        writeBlock(update);
    }

    private void writeBlock(byte[] bArr) throws IOException {
        this.dataStr.writeInt(bArr.length);
        this.dataStr.write(bArr);
        this.dataStr.flush();
        byte[] byteArray = this.buffer.toByteArray();
        this.buffer.reset();
        this.mac.update(byteArray);
        this.wrapped.write(byteArray);
    }

    @Override // java.io.OutputStream, java.io.Flushable
    public void flush() throws IOException {
        this.wrapped.flush();
    }

    @Override // java.io.OutputStream, java.io.Closeable, java.lang.AutoCloseable
    public void close() throws IOException {
        try {
            writeBlock(this.outputCipher.doFinal());
            writeBlock(this.mac.doFinal());
            this.wrapped.close();
            this.dataStr.close();
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }
}
