package org.kapott.hbci.tools;

import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPublicKey;
import java.util.Arrays;
import java.util.List;
import org.kapott.cryptalgs.CryptAlgs4JavaProvider;
import org.kapott.cryptalgs.SignatureParamSpec;
import org.kapott.hbci.comm.Comm;
import org.kapott.hbci.exceptions.HBCI_Exception;
import org.kapott.hbci.manager.HBCIUtils;

/* loaded from: input_file:org/kapott/hbci/tools/CryptUtils.class */
public class CryptUtils {
    public static final String HASH_ALG_SHA256 = "SHA-256";
    public static final String HASH_ALG_SHA1 = "SHA-1";
    public static final String CRYPT_ALG_AES = "AES";
    public static final String CRYPT_ALG_RSA = "RSA";
    public static final String CRYPT_ALG_AES_CBC = "AES/CBC/ISO7816-4Padding";
    public static final String HASH_ALG_RIPE_MD160 = "RIPEMD160";
    private static final List<String> HASH_OWN_PROVIDER = Arrays.asList(HASH_ALG_RIPE_MD160);
    public static final String SIGN_ALG_RSA = "PKCS1_PSS";
    private static final List<String> SIGN_OWN_PROVIDER = Arrays.asList(SIGN_ALG_RSA);

    public static String getSecurityProvider() {
        return HBCIUtils.getParam("kernel.security.provider");
    }

    public static final String hash(String str, String str2) throws HBCI_Exception {
        try {
            return new String(hash(str.getBytes(Comm.ENCODING), str2), Comm.ENCODING);
        } catch (HBCI_Exception e) {
            throw e;
        } catch (Exception e2) {
            throw new HBCI_Exception(e2);
        }
    }

    public static final byte[] hash(byte[] bArr, String str) throws HBCI_Exception {
        try {
            String str2 = HASH_OWN_PROVIDER.contains(str) ? CryptAlgs4JavaProvider.NAME : null;
            HBCIUtils.log("using " + str + "/" + str2 + " for generating hash of " + bArr.length + " bytes", 4);
            return (str2 != null ? MessageDigest.getInstance(str, str2) : MessageDigest.getInstance(str)).digest(bArr);
        } catch (HBCI_Exception e) {
            throw e;
        } catch (Exception e2) {
            throw new HBCI_Exception(e2);
        }
    }

    public static final boolean verifySignature(byte[] bArr, byte[] bArr2, PublicKey publicKey, String str, String str2) throws HBCI_Exception {
        try {
            String str3 = SIGN_OWN_PROVIDER.contains(str) ? CryptAlgs4JavaProvider.NAME : null;
            String str4 = HASH_OWN_PROVIDER.contains(str2) ? CryptAlgs4JavaProvider.NAME : null;
            HBCIUtils.log("using " + str + "+" + str2 + "/" + str3 + "/" + str4 + " for verifying signature of " + bArr.length + " bytes", 4);
            Signature signature = str3 != null ? Signature.getInstance(str, str3) : Signature.getInstance(str);
            signature.setParameter(new SignatureParamSpec(str2, str4));
            signature.initVerify(publicKey);
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (HBCI_Exception e) {
            throw e;
        } catch (Exception e2) {
            throw new HBCI_Exception(e2);
        }
    }

    public static final byte[] sign(byte[] bArr, PrivateKey privateKey, String str, String str2) throws HBCI_Exception {
        try {
            String str3 = SIGN_OWN_PROVIDER.contains(str) ? CryptAlgs4JavaProvider.NAME : null;
            String str4 = HASH_OWN_PROVIDER.contains(str2) ? CryptAlgs4JavaProvider.NAME : null;
            HBCIUtils.log("using " + str + "+" + str2 + "/" + str3 + "/" + str4 + " for generating signature of " + bArr.length + " bytes", 4);
            Signature signature = str3 != null ? Signature.getInstance(str, str3) : Signature.getInstance(str);
            signature.setParameter(new SignatureParamSpec(str2, str4));
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (HBCI_Exception e) {
            throw e;
        } catch (Exception e2) {
            throw new HBCI_Exception(e2);
        }
    }

    public static int getCryptDataSize(RSAPublicKey rSAPublicKey) {
        int bitLength = rSAPublicKey.getModulus().bitLength() / 8;
        if (bitLength % 8 != 0) {
            bitLength++;
        }
        return bitLength;
    }

    public static byte[] padLeft(byte[] bArr, RSAPublicKey rSAPublicKey) {
        return padLeft(bArr, getCryptDataSize(rSAPublicKey));
    }

    public static byte[] padLeft(byte[] bArr, int i) {
        if (bArr.length == i) {
            return bArr;
        }
        byte[] bArr2 = bArr;
        HBCIUtils.log("left-pad " + bArr.length + " bytes to " + i + " bytes length", 5);
        if (bArr.length > i) {
            int length = bArr.length - i;
            boolean z = true;
            for (int i2 = 0; i2 < length; i2++) {
                if (bArr[i2] != 0) {
                    HBCIUtils.log("byte " + i2 + " in data is not zero, but it should be zero", 2);
                    z = false;
                }
            }
            if (z) {
                HBCIUtils.log("removing " + length + " unnecessary null-bytes from data", 4);
                bArr2 = new byte[i];
                System.arraycopy(bArr, length, bArr2, 0, i);
            }
        } else if (bArr.length < i) {
            int length2 = i - bArr.length;
            HBCIUtils.log("prepending " + length2 + " null bytes to data", 5);
            bArr2 = new byte[i];
            Arrays.fill(bArr2, (byte) 0);
            System.arraycopy(bArr, 0, bArr2, length2, bArr.length);
        }
        return bArr2;
    }
}
