package org.kapott.hbci.passport;

import java.io.CharConversionException;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyFactory;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.Enumeration;
import java.util.Properties;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.PBEParameterSpec;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.kapott.cryptalgs.RSAPrivateCrtKey2;
import org.kapott.hbci.comm.Comm;
import org.kapott.hbci.exceptions.HBCI_Exception;
import org.kapott.hbci.exceptions.InvalidPassphraseException;
import org.kapott.hbci.manager.HBCIKey;
import org.kapott.hbci.manager.HBCIUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/kapott/hbci/passport/HBCIPassportRDHNew.class */
public class HBCIPassportRDHNew extends AbstractRDHSWFileBasedPassport {
    private String profileVersion;

    public HBCIPassportRDHNew(Object obj, int i) {
        super(obj);
    }

    public HBCIPassportRDHNew(Object obj) {
        this(obj, 0);
        Element element;
        setParamHeader("client.passport.RDHNew");
        String param = HBCIUtils.getParam(getParamHeader() + ".filename");
        boolean equals = HBCIUtils.getParam(getParamHeader() + ".init", "1").equals("1");
        if (param == null) {
            throw new NullPointerException(getParamHeader() + ".filename must not be null");
        }
        HBCIUtils.log("loading passport data from file " + param, 4);
        setFilename(param);
        if (equals) {
            HBCIUtils.log("loading data from file " + param, 4);
            setFilterType("None");
            setPort(new Integer(3000));
            if (!new File(param).canRead()) {
                HBCIUtils.log("have to create new passport file", 2);
                askForMissingData(true, true, true, true, false, true, true);
                saveChanges();
            }
            try {
                DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
                newInstance.setValidating(false);
                DocumentBuilder newDocumentBuilder = newInstance.newDocumentBuilder();
                int parseInt = Integer.parseInt(HBCIUtils.getParam("client.retries.passphrase", "3"));
                do {
                    if (getPassportKey() == null) {
                        setPassportKey(calculatePassportKey(false));
                    }
                    PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(CIPHER_SALT, 987);
                    String param2 = HBCIUtils.getParam("kernel.security.provider");
                    Cipher cipher = param2 == null ? Cipher.getInstance("PBEWithMD5AndDES") : Cipher.getInstance("PBEWithMD5AndDES", param2);
                    cipher.init(2, getPassportKey(), pBEParameterSpec);
                    element = null;
                    CipherInputStream cipherInputStream = null;
                    try {
                        try {
                            cipherInputStream = new CipherInputStream(new FileInputStream(getFilename()), cipher);
                            element = newDocumentBuilder.parse(cipherInputStream).getDocumentElement();
                            if (cipherInputStream != null) {
                                cipherInputStream.close();
                            }
                        } catch (Exception e) {
                            if (!(e instanceof SAXException) && !(e instanceof CharConversionException)) {
                                throw e;
                            }
                            resetPassphrase();
                            parseInt--;
                            if (parseInt <= 0) {
                                throw new InvalidPassphraseException();
                            }
                            if (cipherInputStream != null) {
                                cipherInputStream.close();
                            }
                        }
                    } catch (Throwable th) {
                        if (0 != 0) {
                            cipherInputStream.close();
                        }
                        throw th;
                    }
                } while (element == null);
                setBLZ(getElementValue(element, "blz"));
                setCountry(getElementValue(element, "country"));
                setHost(getElementValue(element, "host"));
                setPort(new Integer(getElementValue(element, "port")));
                setUserId(getElementValue(element, "userid"));
                setCustomerId(getElementValue(element, "customerid"));
                setSysId(getElementValue(element, "sysid"));
                setSigId(new Long(getElementValue(element, "sigid")));
                String elementValue = getElementValue(element, "rdhprofile");
                setProfileVersion(elementValue != null ? elementValue : "");
                setHBCIVersion(getElementValue(element, "hbciversion"));
                setBPD(getElementProps(element, "bpd"));
                setUPD(getElementProps(element, "upd"));
                setInstSigKey(getElementKey(element, "inst", "S", "public"));
                setInstEncKey(getElementKey(element, "inst", "V", "public"));
                setMyPublicSigKey(getElementKey(element, "user", "S", "public"));
                setMyPrivateSigKey(getElementKey(element, "user", "S", "private"));
                setMyPublicEncKey(getElementKey(element, "user", "V", "public"));
                setMyPrivateEncKey(getElementKey(element, "user", "V", "private"));
                if (askForMissingData(true, true, true, true, false, true, true)) {
                    saveChanges();
                }
            } catch (HBCI_Exception e2) {
                throw e2;
            } catch (Exception e3) {
                throw new HBCI_Exception("*** error while reading passport file", e3);
            }
        }
    }

    protected String getElementValue(Element element, String str) {
        Node firstChild;
        String str2 = null;
        NodeList elementsByTagName = element.getElementsByTagName(str);
        if (elementsByTagName != null && elementsByTagName.getLength() != 0 && (firstChild = elementsByTagName.item(0).getFirstChild()) != null) {
            str2 = firstChild.getNodeValue();
        }
        if (str2 == null || str2.length() <= 0) {
            return null;
        }
        return str2;
    }

    protected Properties getElementProps(Element element, String str) {
        Properties properties = null;
        Node item = element.getElementsByTagName(str).item(0);
        if (item != null) {
            properties = new Properties();
            NodeList childNodes = item.getChildNodes();
            int length = childNodes.getLength();
            for (int i = 0; i < length; i++) {
                Node item2 = childNodes.item(i);
                if (item2.getNodeType() == 1) {
                    properties.setProperty(((Element) item2).getAttribute("name"), ((Element) item2).getAttribute("value"));
                }
            }
        }
        return properties;
    }

    protected HBCIKey getElementKey(Element element, String str, String str2, String str3) throws Exception {
        Key generatePrivate;
        HBCIKey hBCIKey = null;
        NodeList elementsByTagName = element.getElementsByTagName("key");
        int length = elementsByTagName.getLength();
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            Node item = elementsByTagName.item(i);
            if (item.getNodeType() == 1) {
                Element element2 = (Element) item;
                if (element2.getAttribute("owner").equals(str) && element2.getAttribute("type").equals(str2) && element2.getAttribute("part").equals(str3)) {
                    if (str3.equals("public")) {
                        generatePrivate = KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(getElementValue(element2, "modulus")), new BigInteger(getElementValue(element2, "exponent"))));
                    } else {
                        String elementValue = getElementValue(element2, "modulus");
                        String elementValue2 = getElementValue(element2, "exponent");
                        String elementValue3 = getElementValue(element2, "pubexponent");
                        String elementValue4 = getElementValue(element2, "p");
                        String elementValue5 = getElementValue(element2, "q");
                        String elementValue6 = getElementValue(element2, "dP");
                        String elementValue7 = getElementValue(element2, "dQ");
                        String elementValue8 = getElementValue(element2, "qInv");
                        if (elementValue2 == null) {
                            HBCIUtils.log("private " + str2 + " key is CRT-only", 4);
                            generatePrivate = new RSAPrivateCrtKey2(new BigInteger(elementValue4), new BigInteger(elementValue5), new BigInteger(elementValue6), new BigInteger(elementValue7), new BigInteger(elementValue8));
                        } else if (elementValue4 == null) {
                            HBCIUtils.log("private " + str2 + " key is exponent-only", 4);
                            generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateKeySpec(new BigInteger(elementValue), new BigInteger(elementValue2)));
                        } else {
                            HBCIUtils.log("private " + str2 + " key is fully specified", 4);
                            generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateCrtKeySpec(new BigInteger(elementValue), new BigInteger(elementValue3), new BigInteger(elementValue2), new BigInteger(elementValue4), new BigInteger(elementValue5), new BigInteger(elementValue6), new BigInteger(elementValue7), new BigInteger(elementValue8)));
                        }
                    }
                    hBCIKey = new HBCIKey(getElementValue(element2, "country"), getElementValue(element2, "blz"), getElementValue(element2, "userid"), getElementValue(element2, "keynum"), getElementValue(element2, "keyversion"), generatePrivate);
                }
            }
            i++;
        }
        return hBCIKey;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public void saveChanges() {
        try {
            if (getPassportKey() == null) {
                setPassportKey(calculatePassportKey(true));
            }
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(CIPHER_SALT, 987);
            String param = HBCIUtils.getParam("kernel.security.provider");
            Cipher cipher = param == null ? Cipher.getInstance("PBEWithMD5AndDES") : Cipher.getInstance("PBEWithMD5AndDES", param);
            cipher.init(1, getPassportKey(), pBEParameterSpec);
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setValidating(false);
            Document newDocument = newInstance.newDocumentBuilder().newDocument();
            Element createElement = newDocument.createElement("HBCIPassportRDHNew");
            createElement(newDocument, createElement, "country", getCountry());
            createElement(newDocument, createElement, "blz", getBLZ());
            createElement(newDocument, createElement, "host", getHost());
            createElement(newDocument, createElement, "port", getPort().toString());
            createElement(newDocument, createElement, "userid", getUserId());
            createElement(newDocument, createElement, "customerid", getCustomerId());
            createElement(newDocument, createElement, "sysid", getSysId());
            createElement(newDocument, createElement, "sigid", getSigId().toString());
            createElement(newDocument, createElement, "rdhprofile", getProfileVersion());
            createElement(newDocument, createElement, "hbciversion", getHBCIVersion());
            createPropsElement(newDocument, createElement, "bpd", getBPD());
            createPropsElement(newDocument, createElement, "upd", getUPD());
            createKeyElement(newDocument, createElement, "inst", "S", "public", getInstSigKey());
            createKeyElement(newDocument, createElement, "inst", "V", "public", getInstEncKey());
            createKeyElement(newDocument, createElement, "user", "S", "public", getMyPublicSigKey());
            createKeyElement(newDocument, createElement, "user", "S", "private", getMyPrivateSigKey());
            createKeyElement(newDocument, createElement, "user", "V", "public", getMyPublicEncKey());
            createKeyElement(newDocument, createElement, "user", "V", "private", getMyPrivateEncKey());
            Transformer newTransformer = TransformerFactory.newInstance().newTransformer();
            newTransformer.setOutputProperty("method", "xml");
            newTransformer.setOutputProperty("omit-xml-declaration", "no");
            newTransformer.setOutputProperty("encoding", Comm.ENCODING);
            newTransformer.setOutputProperty("indent", "yes");
            File file = new File(getFilename());
            File createTempFile = File.createTempFile(file.getName() + "_", "", file.getAbsoluteFile().getParentFile());
            CipherOutputStream cipherOutputStream = new CipherOutputStream(new FileOutputStream(createTempFile), cipher);
            newTransformer.transform(new DOMSource(createElement), new StreamResult(cipherOutputStream));
            cipherOutputStream.close();
            safeReplace(file, createTempFile);
        } catch (HBCI_Exception e) {
            throw e;
        } catch (Exception e2) {
            throw new HBCI_Exception("*** saving of passport file failed", e2);
        }
    }

    protected void createElement(Document document, Element element, String str, String str2) {
        Element createElement = document.createElement(str);
        element.appendChild(createElement);
        createElement.appendChild(document.createTextNode(notNull(str2)));
    }

    private String notNull(String str) {
        return str != null ? str : "";
    }

    protected void createPropsElement(Document document, Element element, String str, Properties properties) {
        if (properties != null) {
            Element createElement = document.createElement(str);
            element.appendChild(createElement);
            Enumeration<?> propertyNames = properties.propertyNames();
            while (propertyNames.hasMoreElements()) {
                String str2 = (String) propertyNames.nextElement();
                String property = properties.getProperty(str2);
                Element createElement2 = document.createElement("entry");
                createElement2.setAttribute("name", str2);
                createElement2.setAttribute("value", notNull(property));
                createElement.appendChild(createElement2);
            }
        }
    }

    protected void createKeyElement(Document document, Element element, String str, String str2, String str3, HBCIKey hBCIKey) {
        if (hBCIKey != null) {
            Element createElement = document.createElement("key");
            createElement.setAttribute("owner", str);
            createElement.setAttribute("type", str2);
            createElement.setAttribute("part", str3);
            element.appendChild(createElement);
            createElement(document, createElement, "country", notNull(hBCIKey.country));
            createElement(document, createElement, "blz", notNull(hBCIKey.blz));
            createElement(document, createElement, "userid", notNull(hBCIKey.userid));
            createElement(document, createElement, "keynum", notNull(hBCIKey.num));
            createElement(document, createElement, "keyversion", notNull(hBCIKey.version));
            Element createElement2 = document.createElement("keydata");
            createElement.appendChild(createElement2);
            byte[] encoded = hBCIKey.key.getEncoded();
            String encodeBase64 = encoded != null ? HBCIUtils.encodeBase64(encoded) : null;
            String format = hBCIKey.key.getFormat();
            if (encodeBase64 != null) {
                Element createElement3 = document.createElement("rawdata");
                createElement3.setAttribute("format", format);
                createElement3.setAttribute("encoding", "base64");
                createElement2.appendChild(createElement3);
                createElement3.appendChild(document.createTextNode(encodeBase64));
            }
            if (str3.equals("public") && hBCIKey.key != null) {
                createElement(document, createElement2, "modulus", ((RSAPublicKey) hBCIKey.key).getModulus().toString());
                createElement(document, createElement2, "exponent", ((RSAPublicKey) hBCIKey.key).getPublicExponent().toString());
                return;
            }
            if (hBCIKey.key instanceof RSAPrivateCrtKey) {
                HBCIUtils.log("saving " + str2 + " key as fully specified", 4);
                createElement(document, createElement2, "modulus", ((RSAPrivateCrtKey) hBCIKey.key).getModulus().toString());
                createElement(document, createElement2, "exponent", ((RSAPrivateCrtKey) hBCIKey.key).getPrivateExponent().toString());
                createElement(document, createElement2, "pubexponent", ((RSAPrivateCrtKey) hBCIKey.key).getPublicExponent().toString());
                createElement(document, createElement2, "p", ((RSAPrivateCrtKey) hBCIKey.key).getPrimeP().toString());
                createElement(document, createElement2, "q", ((RSAPrivateCrtKey) hBCIKey.key).getPrimeQ().toString());
                createElement(document, createElement2, "dP", ((RSAPrivateCrtKey) hBCIKey.key).getPrimeExponentP().toString());
                createElement(document, createElement2, "dQ", ((RSAPrivateCrtKey) hBCIKey.key).getPrimeExponentQ().toString());
                createElement(document, createElement2, "qInv", ((RSAPrivateCrtKey) hBCIKey.key).getCrtCoefficient().toString());
                return;
            }
            if (hBCIKey.key instanceof RSAPrivateKey) {
                HBCIUtils.log("saving " + str2 + " key as exponent-only", 4);
                createElement(document, createElement2, "modulus", ((RSAPrivateKey) hBCIKey.key).getModulus().toString());
                createElement(document, createElement2, "exponent", ((RSAPrivateKey) hBCIKey.key).getPrivateExponent().toString());
            } else {
                if (!(hBCIKey.key instanceof RSAPrivateCrtKey2)) {
                    HBCIUtils.log("key has none of the known types - please contact the author!", 2);
                    return;
                }
                HBCIUtils.log("saving " + str2 + " key as crt-only", 4);
                createElement(document, createElement2, "p", ((RSAPrivateCrtKey2) hBCIKey.key).getP().toString());
                createElement(document, createElement2, "q", ((RSAPrivateCrtKey2) hBCIKey.key).getQ().toString());
                createElement(document, createElement2, "dP", ((RSAPrivateCrtKey2) hBCIKey.key).getdP().toString());
                createElement(document, createElement2, "dQ", ((RSAPrivateCrtKey2) hBCIKey.key).getdQ().toString());
                createElement(document, createElement2, "qInv", ((RSAPrivateCrtKey2) hBCIKey.key).getQInv().toString());
            }
        }
    }

    @Override // org.kapott.hbci.passport.AbstractHBCIPassport, org.kapott.hbci.passport.HBCIPassportInternal
    public void setProfileVersion(String str) {
        this.profileVersion = str;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getProfileVersion() {
        String str = this.profileVersion;
        if (str == null) {
            str = "";
        }
        if (str.length() == 0) {
            HBCIUtils.log("have to determine my rdh-profile-version, but have no information about it yet", 4);
            if (hasMySigKey()) {
                HBCIUtils.log("found user sig key in passport file, but no profile version, so I guess it is an old RDHnew file, which always stored RDH-1 keys", 4);
                str = "1";
            } else {
                HBCIUtils.log("no user keys found in passport - so we use the highest available profile", 4);
                String[][] suppSecMethods = getSuppSecMethods();
                int i = 0;
                for (int i2 = 0; i2 < suppSecMethods.length; i2++) {
                    String str2 = suppSecMethods[i2][0];
                    int parseInt = Integer.parseInt(suppSecMethods[i2][1]);
                    if (str2.equals("RDH") && ((parseInt == 1 || parseInt == 2 || parseInt == 10) && parseInt > i)) {
                        i = parseInt;
                    }
                }
                if (i != 0) {
                    str = Integer.toString(i);
                }
                HBCIUtils.log("using RDH profile " + str + " taken from supported profiles (BPD)", 4);
            }
        }
        if (str == null || str.length() == 0) {
            str = HBCIUtils.getParam(getParamHeader() + ".defaultprofile", null);
            HBCIUtils.log("unable to determine rdh-profile-version using BPD, using default version " + str, 2);
        }
        setProfileVersion(str);
        return str;
    }
}
