package org.kapott.hbci.passport.storage.format;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.kapott.hbci.exceptions.HBCI_Exception;
import org.kapott.hbci.manager.HBCIUtils;
import org.kapott.hbci.passport.HBCIPassport;
import org.kapott.hbci.passport.storage.PassportData;
import org.kapott.hbci.tools.IOUtils;

/* loaded from: input_file:org/kapott/hbci/passport/storage/format/AESFormat.class */
public class AESFormat extends AbstractFormat {
    private static final String FORMAT_NAME = "H4JAES";
    private static final int FORMAT_VERSION = 1;
    private static final String ENCODING = "UTF-8";
    private static final SecureRandom RAND = new SecureRandom();
    private static final String KEY_ALG_NAME = "PBKDF2WithHmacSHA256";
    private static final String KEY_ALG = "AES";
    private static final String CIPHER_ALG = "AES/CBC/PKCS5Padding";
    private static final int CIPHER_ITERATIONS = 65536;
    private static final int KEY_SIZE = 256;
    private static final int SALT_SIZE = 8;

    @Override // org.kapott.hbci.passport.storage.format.PassportFormat
    public PassportData load(HBCIPassport hBCIPassport, byte[] bArr) throws UnsupportedOperationException {
        long currentTimeMillis = System.currentTimeMillis();
        if (bArr == null || bArr.length < 20) {
            throw new UnsupportedOperationException("not enough data");
        }
        try {
            if (!FORMAT_NAME.equals(new String(Arrays.copyOfRange(bArr, 0, 0 + FORMAT_NAME.length()), "UTF-8"))) {
                throw new UnsupportedOperationException("wrong format identifier, expected: H4JAES");
            }
            int length = 0 + FORMAT_NAME.length();
            if (1 != bArr[FORMAT_NAME.length()]) {
                throw new UnsupportedOperationException("wrong format version, expected: 1");
            }
            int i = length + 1;
            byte b = bArr[i];
            int i2 = i + 1;
            if (bArr.length < i2 + b) {
                throw new HBCI_Exception("passport file corrupted, not enough data");
            }
            byte[] copyOfRange = Arrays.copyOfRange(bArr, i2, i2 + b);
            int i3 = i2 + b;
            byte b2 = bArr[i3];
            int i4 = i3 + 1;
            if (bArr.length < i4 + b2) {
                throw new HBCI_Exception("passport file corrupted, not enough data");
            }
            byte[] copyOfRange2 = Arrays.copyOfRange(bArr, i4, i4 + b2);
            int i5 = i4 + b2;
            int retries = getRetries();
            for (int i6 = 0; i6 < 10; i6++) {
                ObjectInputStream objectInputStream = null;
                try {
                    try {
                        Cipher cipher = getCipher();
                        cipher.init(2, getPassportKey(hBCIPassport, copyOfRange, false), new IvParameterSpec(copyOfRange2));
                        objectInputStream = new ObjectInputStream(new CipherInputStream(new ByteArrayInputStream(Arrays.copyOfRange(bArr, i5, bArr.length)), cipher));
                        PassportData passportData = (PassportData) objectInputStream.readObject();
                        HBCIUtils.log("used time for decrypting " + bArr.length + " bytes: " + (System.currentTimeMillis() - currentTimeMillis) + " millis", 4);
                        IOUtils.close(objectInputStream);
                        return passportData;
                    } catch (HBCI_Exception e) {
                        try {
                            int i7 = retries;
                            retries--;
                            if (i7 <= 0) {
                                throw e;
                            }
                            IOUtils.close(objectInputStream);
                        } catch (Throwable th) {
                            IOUtils.close(objectInputStream);
                            throw th;
                        }
                    }
                } catch (UnsupportedOperationException e2) {
                    throw e2;
                } catch (Exception e3) {
                    int i8 = retries;
                    retries--;
                    if (i8 <= 0) {
                        throw new HBCI_Exception("unable to load passport data", e3);
                    }
                    IOUtils.close(objectInputStream);
                }
            }
            throw new HBCI_Exception("unable to load passport data");
        } catch (UnsupportedEncodingException e4) {
            HBCIUtils.log(e4);
            throw new UnsupportedOperationException();
        }
    }

    @Override // org.kapott.hbci.passport.storage.format.PassportFormat
    public byte[] save(HBCIPassport hBCIPassport, PassportData passportData) throws UnsupportedOperationException {
        long currentTimeMillis = System.currentTimeMillis();
        ObjectOutputStream objectOutputStream = null;
        try {
            try {
                try {
                    try {
                        Cipher cipher = getCipher();
                        byte[] bArr = new byte[8];
                        RAND.nextBytes(bArr);
                        cipher.init(1, getPassportKey(hBCIPassport, bArr, true));
                        byte[] iv = ((IvParameterSpec) cipher.getParameters().getParameterSpec(IvParameterSpec.class)).getIV();
                        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                        byteArrayOutputStream.write(FORMAT_NAME.getBytes("UTF-8"));
                        byteArrayOutputStream.write(1);
                        byteArrayOutputStream.write(bArr.length);
                        byteArrayOutputStream.write(bArr);
                        byteArrayOutputStream.write(iv.length);
                        byteArrayOutputStream.write(iv);
                        objectOutputStream = new ObjectOutputStream(new CipherOutputStream(byteArrayOutputStream, cipher));
                        objectOutputStream.writeObject(passportData);
                        objectOutputStream.close();
                        byte[] byteArray = byteArrayOutputStream.toByteArray();
                        HBCIUtils.log("used time for encrypting passort into " + byteArray.length + " bytes: " + (System.currentTimeMillis() - currentTimeMillis) + " millis", 4);
                        IOUtils.close(objectOutputStream);
                        return byteArray;
                    } catch (HBCI_Exception e) {
                        throw e;
                    }
                } catch (Exception e2) {
                    throw new HBCI_Exception("unable to load passport data", e2);
                }
            } catch (UnsupportedOperationException e3) {
                throw e3;
            }
        } catch (Throwable th) {
            IOUtils.close(objectOutputStream);
            throw th;
        }
    }

    @Override // org.kapott.hbci.passport.storage.format.AbstractFormat
    protected String getCipherAlg() {
        return CIPHER_ALG;
    }

    @Override // org.kapott.hbci.passport.storage.format.AbstractFormat, org.kapott.hbci.passport.storage.format.PassportFormat
    public boolean supported() {
        try {
            Cipher cipher = getCipher();
            byte[] bArr = new byte[8];
            RAND.nextBytes(bArr);
            byte[] bArr2 = new byte[10];
            RAND.nextBytes(bArr2);
            cipher.init(1, getPassportKey(new String(bArr2, StandardCharsets.UTF_8).toCharArray(), bArr));
            return super.supported();
        } catch (Exception e) {
            HBCIUtils.log("no support for passport format " + getClass().getSimpleName() + ": " + e.getMessage(), 3);
            return false;
        }
    }

    private SecretKey getPassportKey(HBCIPassport hBCIPassport, byte[] bArr, boolean z) throws GeneralSecurityException {
        try {
            return getPassportKey(getPassword(hBCIPassport, z), bArr);
        } catch (NoSuchAlgorithmException e) {
            HBCIUtils.log("AES-Format not supported in this Java version", 4);
            throw new UnsupportedOperationException("AES-Format not supported in this Java version");
        }
    }

    private SecretKey getPassportKey(char[] cArr, byte[] bArr) throws GeneralSecurityException {
        try {
            String securityProvider = getSecurityProvider();
            return new SecretKeySpec((securityProvider != null ? SecretKeyFactory.getInstance(KEY_ALG_NAME, securityProvider) : SecretKeyFactory.getInstance(KEY_ALG_NAME)).generateSecret(new PBEKeySpec(cArr, bArr, CIPHER_ITERATIONS, KEY_SIZE)).getEncoded(), KEY_ALG);
        } catch (NoSuchAlgorithmException e) {
            HBCIUtils.log("AES-Format not supported in this Java version", 4);
            throw new UnsupportedOperationException("AES-Format not supported in this Java version");
        }
    }
}
