package org.kapott.hbci.passport;

import java.io.File;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.kapott.cryptalgs.SignatureParamSpec;
import org.kapott.hbci.comm.Comm;
import org.kapott.hbci.exceptions.HBCI_Exception;
import org.kapott.hbci.manager.HBCIKey;
import org.kapott.hbci.manager.HBCIKeyUtil;
import org.kapott.hbci.manager.HBCIUtils;
import org.kapott.hbci.manager.HBCIUtilsInternal;
import org.kapott.hbci.passport.storage.PassportData;
import org.kapott.hbci.passport.storage.PassportStorage;
import org.kapott.hbci.security.Crypt;
import org.kapott.hbci.security.Sig;
import org.kapott.hbci.tools.CryptUtils;

/* loaded from: input_file:org/kapott/hbci/passport/HBCIPassportRAH10.class */
public class HBCIPassportRAH10 extends AbstractHBCIPassport implements InitLetterPassport, FileBasedPassport {
    private static final String PROFILE_NAME = "RAH";
    private static final String PROFILE_VERSION = "10";
    public static final String PARAM_PREFIX = "client.passport.RAH10";
    private String filename;
    private PassportData data;

    public HBCIPassportRAH10(Object obj) {
        super(obj);
        this.filename = null;
        this.data = null;
        setParamHeader(PARAM_PREFIX);
        String paramHeader = getParamHeader();
        this.filename = HBCIUtils.getParam(paramHeader + ".filename");
        if (this.filename == null) {
            throw new NullPointerException(paramHeader + ".filename must not be null");
        }
        HBCIUtils.log("using passport file " + this.filename, 4);
        if (HBCIUtils.getParam(paramHeader + ".init", "1").equals("1")) {
            HBCIUtils.log("loading data from " + this.filename, 4);
            setFilterType("None");
            setPort(new Integer(3000));
            if (!new File(this.filename).canRead()) {
                HBCIUtils.log("have to create new passport file", 3);
                askForMissingData(true, true, true, true, false, true, true);
                saveChanges();
            }
            this.data = PassportStorage.load(this, new File(this.filename));
            setBLZ(this.data.blz);
            setCountry(this.data.country);
            setHost(this.data.host);
            setPort(this.data.port);
            setUserId(this.data.userId);
            setCustomerId(this.data.customerId);
            setSysId(this.data.sysId);
            setSigId(this.data.sigId);
            setHBCIVersion(this.data.hbciVersion);
            setBPD(this.data.bpd);
            setUPD(this.data.upd);
            if (askForMissingData(true, true, true, true, false, true, true)) {
                saveChanges();
            }
        }
    }

    @Override // org.kapott.hbci.passport.FileBasedPassport
    public String getFilename() {
        return this.filename;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public void saveChanges() {
        try {
            if (this.data == null) {
                this.data = new PassportData();
            }
            this.data.country = getCountry();
            this.data.blz = getBLZ();
            this.data.host = getHost();
            this.data.port = getPort();
            this.data.userId = getUserId();
            this.data.customerId = getCustomerId();
            this.data.sysId = getSysId();
            this.data.sigId = getSigId();
            this.data.hbciVersion = getHBCIVersion();
            this.data.bpd = getBPD();
            this.data.upd = getUPD();
            PassportStorage.save(this, this.data, new File(this.filename));
        } catch (HBCI_Exception e) {
            throw e;
        } catch (Exception e2) {
            throw new HBCI_Exception(HBCIUtilsInternal.getLocMsg("EXCMSG_PASSPORT_WRITEERR"), e2);
        }
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getPassportTypeName() {
        return PROFILE_NAME;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getProfileMethod() {
        return PROFILE_NAME;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getProfileVersion() {
        return "10";
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void resetPassphrase() {
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getSysStatus() {
        return "1";
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public boolean needUserSig() {
        return false;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setInstSigKey(HBCIKey hBCIKey) {
        this.data.instSigKey = hBCIKey;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setInstEncKey(HBCIKey hBCIKey) {
        this.data.instEncKey = hBCIKey;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setMyPublicSigKey(HBCIKey hBCIKey) {
        this.data.myPublicSigKey = hBCIKey;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setMyPrivateSigKey(HBCIKey hBCIKey) {
        this.data.myPrivateSigKey = hBCIKey;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setMyPublicEncKey(HBCIKey hBCIKey) {
        this.data.myPublicEncKey = hBCIKey;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setMyPrivateEncKey(HBCIKey hBCIKey) {
        this.data.myPrivateEncKey = hBCIKey;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setMyPublicDigKey(HBCIKey hBCIKey) {
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setMyPrivateDigKey(HBCIKey hBCIKey) {
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getInstSigKeyName() {
        return HBCIKeyUtil.getUserId(getInstSigKey());
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getInstSigKeyNum() {
        return HBCIKeyUtil.getNum(getInstSigKey());
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getInstSigKeyVersion() {
        return HBCIKeyUtil.getVersion(getInstSigKey());
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getInstEncKeyName() {
        return HBCIKeyUtil.getUserId(getInstEncKey());
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getInstEncKeyNum() {
        return HBCIKeyUtil.getNum(getInstEncKey());
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getInstEncKeyVersion() {
        return HBCIKeyUtil.getVersion(getInstEncKey());
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getMySigKeyName() {
        return HBCIKeyUtil.getUserId(getMyPublicSigKey());
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getMySigKeyNum() {
        return HBCIKeyUtil.getNum(getMyPublicSigKey());
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getMySigKeyVersion() {
        return HBCIKeyUtil.getVersion(getMyPublicSigKey());
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getMyEncKeyName() {
        return HBCIKeyUtil.getUserId(getMyPublicEncKey());
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getMyEncKeyNum() {
        return HBCIKeyUtil.getNum(getMyPublicEncKey());
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getMyEncKeyVersion() {
        return HBCIKeyUtil.getVersion(getMyPublicEncKey());
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getCryptKeyType() {
        return "6";
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getCryptFunction() {
        return "4";
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getCryptAlg() {
        return Crypt.ENCALG_AES256;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getCryptMode() {
        return "2";
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getSigFunction() {
        return "2";
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getSigAlg() {
        return "10";
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getSigMode() {
        return Sig.SIGMODE_PSS;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getHashAlg() {
        return "6";
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public byte[] hash(byte[] bArr) {
        return CryptUtils.hash(bArr, CryptUtils.HASH_ALG_SHA256);
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public byte[] sign(byte[] bArr) {
        return CryptUtils.padLeft(CryptUtils.sign(bArr, (PrivateKey) getMyPrivateSigKey().key, CryptUtils.SIGN_ALG_RSA, CryptUtils.HASH_ALG_SHA256), (RSAPublicKey) getMyPublicSigKey().key);
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public boolean verify(byte[] bArr, byte[] bArr2) {
        return CryptUtils.verifySignature(bArr, bArr2, (PublicKey) getInstSigKey().key, CryptUtils.SIGN_ALG_RSA, CryptUtils.HASH_ALG_SHA256);
    }

    /* JADX WARN: Type inference failed for: r0v11, types: [byte[], byte[][]] */
    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public byte[][] encrypt(byte[] bArr) {
        try {
            String securityProvider = CryptUtils.getSecurityProvider();
            KeyGenerator keyGenerator = securityProvider != null ? KeyGenerator.getInstance(CryptUtils.CRYPT_ALG_AES, securityProvider) : KeyGenerator.getInstance(CryptUtils.CRYPT_ALG_AES);
            keyGenerator.init(32);
            SecretKey generateKey = keyGenerator.generateKey();
            return new byte[]{encryptKey(generateKey.getEncoded()), encryptMessage(bArr, generateKey)};
        } catch (HBCI_Exception e) {
            throw e;
        } catch (Exception e2) {
            throw new HBCI_Exception(e2);
        }
    }

    private byte[] encryptMessage(byte[] bArr, SecretKey secretKey) {
        try {
            String securityProvider = CryptUtils.getSecurityProvider();
            Cipher cipher = securityProvider == null ? Cipher.getInstance(CryptUtils.CRYPT_ALG_AES_CBC) : Cipher.getInstance(CryptUtils.CRYPT_ALG_AES_CBC, securityProvider);
            byte[] bArr2 = new byte[16];
            Arrays.fill(bArr2, (byte) 0);
            cipher.init(1, secretKey, new IvParameterSpec(bArr2));
            return cipher.doFinal(bArr);
        } catch (HBCI_Exception e) {
            throw e;
        } catch (Exception e2) {
            throw new HBCI_Exception(e2);
        }
    }

    private byte[] encryptKey(byte[] bArr) {
        try {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) getInstEncKey().key;
            int cryptDataSize = CryptUtils.getCryptDataSize(rSAPublicKey);
            return checkForCryptDataSize(new BigInteger(1, CryptUtils.padLeft(bArr, cryptDataSize)).modPow(rSAPublicKey.getPublicExponent(), rSAPublicKey.getModulus()).toByteArray(), cryptDataSize);
        } catch (HBCI_Exception e) {
            throw e;
        } catch (Exception e2) {
            throw new HBCI_Exception(e2);
        }
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public byte[] decrypt(byte[] bArr, byte[] bArr2) {
        try {
            String securityProvider = CryptUtils.getSecurityProvider();
            HBCIUtils.log("decrypting message key", 4);
            RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) getMyPrivateEncKey().key;
            byte[] byteArray = new BigInteger(1, bArr).modPow(rSAPrivateKey.getPrivateExponent(), rSAPrivateKey.getModulus()).toByteArray();
            HBCIUtils.log("decrypting message", 4);
            SecretKeySpec secretKeySpec = new SecretKeySpec(byteArray, CryptUtils.CRYPT_ALG_AES);
            Cipher cipher = securityProvider == null ? Cipher.getInstance(CryptUtils.CRYPT_ALG_AES_CBC) : Cipher.getInstance(CryptUtils.CRYPT_ALG_AES_CBC, securityProvider);
            byte[] bArr3 = new byte[16];
            Arrays.fill(bArr3, (byte) 0);
            cipher.init(2, secretKeySpec, new IvParameterSpec(bArr3));
            return cipher.doFinal(bArr2);
        } catch (HBCI_Exception e) {
            throw e;
        } catch (Exception e2) {
            throw new HBCI_Exception(e2);
        }
    }

    /* JADX WARN: Type inference failed for: r0v34, types: [org.kapott.hbci.manager.HBCIKey[], org.kapott.hbci.manager.HBCIKey[][]] */
    @Override // org.kapott.hbci.passport.AbstractHBCIPassport, org.kapott.hbci.passport.HBCIPassportInternal
    public HBCIKey[][] generateNewUserKeys() {
        HBCIKey[] hBCIKeyArr = new HBCIKey[2];
        HBCIKey[] hBCIKeyArr2 = new HBCIKey[2];
        try {
            HBCIUtils.log("Erzeuge neue Benutzerschlüssel", 3);
            String profileVersion = hasMySigKey() ? getMyPublicSigKey().num : getProfileVersion();
            String num = Integer.toString(Integer.parseInt(hasMySigKey() ? getMyPublicSigKey().version : "0") + 1);
            HBCIKey instSigKey = getInstSigKey();
            if (instSigKey == null) {
                instSigKey = getInstEncKey();
            }
            int bitLength = instSigKey != null ? ((RSAPublicKey) instSigKey.key).getModulus().bitLength() : 4096;
            String blz = getBLZ();
            String country = getCountry();
            String userId = getUserId();
            for (int i = 0; i < 2; i++) {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(CryptUtils.CRYPT_ALG_RSA);
                keyPairGenerator.initialize(bitLength);
                KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                if (i == 0) {
                    hBCIKeyArr[0] = new HBCIKey(country, blz, userId, profileVersion, num, generateKeyPair.getPublic());
                    hBCIKeyArr[1] = new HBCIKey(country, blz, userId, profileVersion, num, generateKeyPair.getPrivate());
                } else {
                    hBCIKeyArr2[0] = new HBCIKey(country, blz, userId, profileVersion, num, generateKeyPair.getPublic());
                    hBCIKeyArr2[1] = new HBCIKey(country, blz, userId, profileVersion, num, generateKeyPair.getPrivate());
                }
            }
            return new HBCIKey[]{hBCIKeyArr, hBCIKeyArr2};
        } catch (Exception e) {
            throw new HBCI_Exception(HBCIUtilsInternal.getLocMsg("EXCMSG_GENKEYS_ERR"), e);
        }
    }

    @Override // org.kapott.hbci.passport.InitLetterPassport
    public SignatureParamSpec getSignatureParamSpec() {
        try {
            return new SignatureParamSpec(CryptUtils.HASH_ALG_SHA256, null);
        } catch (Exception e) {
            throw new HBCI_Exception(e);
        }
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public boolean isSupported() {
        if (getBPD() == null) {
            return true;
        }
        for (String[] strArr : getSuppSecMethods()) {
            if (PROFILE_NAME.equals(strArr[0]) && "10".equals(strArr[1])) {
                return true;
            }
        }
        return false;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public boolean needInstKeys() {
        return true;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public boolean needUserKeys() {
        return true;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public boolean hasInstSigKey() {
        return getInstSigKey() != null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public boolean hasInstEncKey() {
        return getInstEncKey() != null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public boolean hasMySigKey() {
        return getMyPublicSigKey() != null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public boolean hasMyEncKey() {
        return getMyPublicEncKey() != null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getMyPublicSigKey() {
        return this.data.myPublicSigKey;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getMyPublicEncKey() {
        return this.data.myPublicEncKey;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getMyPublicDigKey() {
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getMyPrivateSigKey() {
        return this.data.myPrivateSigKey;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getMyPrivateEncKey() {
        return this.data.myPrivateEncKey;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getMyPrivateDigKey() {
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getInstSigKey() {
        return this.data.instSigKey;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getInstEncKey() {
        return this.data.instEncKey;
    }

    @Override // org.kapott.hbci.passport.AbstractHBCIPassport
    public Comm getCommInstance() {
        return Comm.getInstance("Standard", this);
    }
}
