package com.mulesoft.connectors.as2.internal.crypto;

import com.mulesoft.connectors.as2.internal.enums.EncryptionAlgorithm;
import com.mulesoft.connectors.as2.internal.error.AS2ErrorType;
import com.mulesoft.connectors.as2.internal.error.exception.AS2ExtensionException;
import com.mulesoft.connectors.as2.internal.stream.OutputTransformationInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import org.bouncycastle.cms.CMSEnvelopedDataStreamGenerator;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.OutputEncryptor;

/* loaded from: input_file:com/mulesoft/connectors/as2/internal/crypto/PKCS7EncryptedEnvelopeStreamBuilder.class */
public class PKCS7EncryptedEnvelopeStreamBuilder {
    private X509Certificate certificate;
    private EncryptionAlgorithm encryptionAlgorithm;
    private InputStream content;

    public PKCS7EncryptedEnvelopeStreamBuilder withCertificate(X509Certificate x509Certificate) {
        this.certificate = x509Certificate;
        return this;
    }

    public PKCS7EncryptedEnvelopeStreamBuilder withEncryptionAlgorithm(EncryptionAlgorithm encryptionAlgorithm) {
        this.encryptionAlgorithm = encryptionAlgorithm;
        return this;
    }

    public PKCS7EncryptedEnvelopeStreamBuilder withContent(InputStream inputStream) {
        this.content = inputStream;
        return this;
    }

    public InputStream build() {
        try {
            CMSEnvelopedDataStreamGenerator cMSEnvelopedDataStreamGenerator = new CMSEnvelopedDataStreamGenerator();
            cMSEnvelopedDataStreamGenerator.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(this.certificate));
            OutputEncryptor build = new JceCMSContentEncryptorBuilder(EncryptionAlgorithmMapper.map(this.encryptionAlgorithm)).setProvider(new BouncyCastleProvider()).build();
            return new OutputTransformationInputStream(this.content, outputStream -> {
                try {
                    return cMSEnvelopedDataStreamGenerator.open(outputStream, build);
                } catch (CMSException e) {
                    throw new IOException((Throwable) e);
                }
            });
        } catch (IOException | CertificateEncodingException | CMSException e) {
            throw new AS2ExtensionException("Error encrypting content with algorithm " + this.encryptionAlgorithm.name(), AS2ErrorType.SECURITY, e);
        }
    }
}
