package org.kapott.hbci.passport;

import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import javax.crypto.spec.IvParameterSpec;
import org.kapott.cryptalgs.RSAPrivateCrtKey2;
import org.kapott.hbci.exceptions.HBCI_Exception;
import org.kapott.hbci.manager.HBCIKey;
import org.kapott.hbci.manager.HBCIUtils;
import org.kapott.hbci.manager.HBCIUtilsInternal;
import org.kapott.hbci.tools.CryptUtils;

/* loaded from: input_file:org/kapott/hbci/passport/AbstractRDHSWPassport.class */
public abstract class AbstractRDHSWPassport extends AbstractRDHPassport {
    protected HBCIKey[][] keys;

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Type inference failed for: r1v2, types: [org.kapott.hbci.manager.HBCIKey[], org.kapott.hbci.manager.HBCIKey[][]] */
    public AbstractRDHSWPassport(Object obj) {
        super(obj);
        this.keys = new HBCIKey[3];
        for (int i = 0; i < 3; i++) {
            this.keys[i] = new HBCIKey[2];
            for (int i2 = 0; i2 < 2; i2++) {
                this.keys[i][i2] = null;
            }
        }
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public boolean hasInstSigKey() {
        return getInstSigKey() != null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public boolean hasInstEncKey() {
        return getInstEncKey() != null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public boolean hasMySigKey() {
        return getMyPublicSigKey() != null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public boolean hasMyEncKey() {
        return getMyPublicEncKey() != null;
    }

    public HBCIKey getKey(int i, int i2) {
        return this.keys[i][i2];
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setInstSigKey(HBCIKey hBCIKey) {
        setKey(0, 0, hBCIKey);
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setInstEncKey(HBCIKey hBCIKey) {
        setKey(0, 1, hBCIKey);
    }

    public void setMySigKey(HBCIKey hBCIKey) {
        setKey(1, 0, hBCIKey);
        setKey(1, 1, hBCIKey);
    }

    public void setMyEncKey(HBCIKey hBCIKey) {
        setKey(2, 0, hBCIKey);
        setKey(2, 1, hBCIKey);
    }

    public void setMyDigKey(HBCIKey hBCIKey) {
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setMyPublicSigKey(HBCIKey hBCIKey) {
        setKey(1, 0, hBCIKey);
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setMyPrivateSigKey(HBCIKey hBCIKey) {
        setKey(1, 1, hBCIKey);
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setMyPublicEncKey(HBCIKey hBCIKey) {
        setKey(2, 0, hBCIKey);
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setMyPrivateEncKey(HBCIKey hBCIKey) {
        setKey(2, 1, hBCIKey);
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setMyPublicDigKey(HBCIKey hBCIKey) {
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public void setMyPrivateDigKey(HBCIKey hBCIKey) {
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getMyPublicSigKey() {
        return getKey(1, 0);
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getMyPrivateSigKey() {
        return getKey(1, 1);
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getMyPublicEncKey() {
        return getKey(2, 0);
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getMyPrivateEncKey() {
        return getKey(2, 1);
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getMyPublicDigKey() {
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getMyPrivateDigKey() {
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getInstSigKey() {
        return getKey(0, 0);
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getInstSigKeyName() {
        if (getInstSigKey() != null) {
            return getInstSigKey().userid;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getInstSigKeyNum() {
        if (getInstSigKey() != null) {
            return getInstSigKey().num;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getInstSigKeyVersion() {
        if (getInstSigKey() != null) {
            return getInstSigKey().version;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public HBCIKey getInstEncKey() {
        return getKey(0, 1);
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getInstEncKeyName() {
        if (getInstEncKey() != null) {
            return getInstEncKey().userid;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getInstEncKeyNum() {
        if (getInstEncKey() != null) {
            return getInstEncKey().num;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getInstEncKeyVersion() {
        if (getInstEncKey() != null) {
            return getInstEncKey().version;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getMySigKeyName() {
        if (getMyPublicSigKey() != null) {
            return getMyPublicSigKey().userid;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getMySigKeyNum() {
        if (getMyPublicSigKey() != null) {
            return getMyPublicSigKey().num;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getMySigKeyVersion() {
        if (getMyPublicSigKey() != null) {
            return getMyPublicSigKey().version;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getMyEncKeyName() {
        if (getMyPublicEncKey() != null) {
            return getMyPublicEncKey().userid;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getMyEncKeyNum() {
        if (getMyPublicEncKey() != null) {
            return getMyPublicEncKey().num;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public String getMyEncKeyVersion() {
        if (getMyPublicEncKey() != null) {
            return getMyPublicEncKey().version;
        }
        return null;
    }

    public final void setKey(int i, int i2, HBCIKey hBCIKey) {
        this.keys[i][i2] = hBCIKey;
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public byte[] sign(byte[] bArr) {
        try {
            Signature signatureInstance = getSignatureInstance();
            signatureInstance.initSign((PrivateKey) getMyPrivateSigKey().key);
            signatureInstance.update(bArr);
            return checkForCryptDataSize(signatureInstance.sign(), getCryptDataSize(getMyPublicSigKey().key));
        } catch (Exception e) {
            throw new HBCI_Exception("*** signing of message failed", e);
        }
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public boolean verify(byte[] bArr, byte[] bArr2) {
        try {
            Signature signatureInstance = getSignatureInstance();
            signatureInstance.initVerify((PublicKey) getInstSigKey().key);
            signatureInstance.update(bArr);
            return signatureInstance.verify(bArr2);
        } catch (Exception e) {
            throw new HBCI_Exception("*** verification of message signature failed", e);
        }
    }

    private byte[] encryptMessage(byte[] bArr, SecretKey secretKey) {
        try {
            String securityProvider = CryptUtils.getSecurityProvider();
            Cipher cipher = securityProvider == null ? Cipher.getInstance("DESede/CBC/NoPadding") : Cipher.getInstance("DESede/CBC/NoPadding", securityProvider);
            byte[] bArr2 = new byte[8];
            Arrays.fill(bArr2, (byte) 0);
            cipher.init(1, secretKey, new IvParameterSpec(bArr2));
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new HBCI_Exception("*** can not encrypt message", e);
        }
    }

    private byte[] encryptKey(SecretKey secretKey) {
        try {
            String securityProvider = CryptUtils.getSecurityProvider();
            byte[] key = ((DESedeKeySpec) (securityProvider == null ? SecretKeyFactory.getInstance("DESede") : SecretKeyFactory.getInstance("DESede", securityProvider)).getKeySpec(secretKey, DESedeKeySpec.class)).getKey();
            int cryptDataSize = getCryptDataSize(getInstEncKey().key);
            byte[] bArr = new byte[cryptDataSize];
            Arrays.fill(bArr, (byte) 0);
            System.arraycopy(key, 0, bArr, bArr.length - 16, 16);
            BigInteger bigInteger = new BigInteger(1, bArr);
            Key key2 = getInstEncKey().key;
            return checkForCryptDataSize(bigInteger.modPow(((RSAPublicKey) key2).getPublicExponent(), ((RSAPublicKey) key2).getModulus()).toByteArray(), cryptDataSize);
        } catch (Exception e) {
            throw new HBCI_Exception("*** can not encrypt message key", e);
        }
    }

    /* JADX WARN: Type inference failed for: r0v8, types: [byte[], byte[][]] */
    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public byte[][] encrypt(byte[] bArr) {
        try {
            SecretKey createMsgKey = createMsgKey();
            return new byte[]{encryptKey(createMsgKey), encryptMessage(bArr, createMsgKey)};
        } catch (Exception e) {
            throw new HBCI_Exception("*** error while encrypting", e);
        }
    }

    @Override // org.kapott.hbci.passport.HBCIPassportInternal
    public byte[] decrypt(byte[] bArr, byte[] bArr2) {
        byte[] byteArray;
        try {
            Key key = getMyPrivateEncKey().key;
            if (key instanceof RSAPrivateKey) {
                HBCIUtils.log("decrypting message key with (n,d)-algorithm", 4);
                byteArray = new BigInteger(1, bArr).modPow(((RSAPrivateKey) key).getPrivateExponent(), ((RSAPrivateKey) key).getModulus()).toByteArray();
            } else {
                HBCIUtils.log("decrypting message key with (p,q,dP,dQ,qInv)-algorithm", 4);
                BigInteger p = ((RSAPrivateCrtKey2) key).getP();
                BigInteger q = ((RSAPrivateCrtKey2) key).getQ();
                BigInteger dPVar = ((RSAPrivateCrtKey2) key).getdP();
                BigInteger dQVar = ((RSAPrivateCrtKey2) key).getdQ();
                BigInteger qInv = ((RSAPrivateCrtKey2) key).getQInv();
                BigInteger bigInteger = new BigInteger(1, bArr);
                BigInteger modPow = bigInteger.modPow(dPVar, p);
                BigInteger modPow2 = bigInteger.modPow(dQVar, q);
                byteArray = modPow2.add(q.multiply(modPow.subtract(modPow2).multiply(qInv).mod(p))).toByteArray();
            }
            byte[] bArr3 = new byte[24];
            System.arraycopy(byteArray, byteArray.length - 16, bArr3, 0, 16);
            System.arraycopy(byteArray, byteArray.length - 16, bArr3, 16, 8);
            DESedeKeySpec dESedeKeySpec = new DESedeKeySpec(bArr3);
            String securityProvider = CryptUtils.getSecurityProvider();
            SecretKey generateSecret = (securityProvider == null ? SecretKeyFactory.getInstance("DESede") : SecretKeyFactory.getInstance("DESede", securityProvider)).generateSecret(dESedeKeySpec);
            Cipher cipher = securityProvider == null ? Cipher.getInstance("DESede/CBC/NoPadding") : Cipher.getInstance("DESede/CBC/NoPadding", securityProvider);
            byte[] bArr4 = new byte[8];
            Arrays.fill(bArr4, (byte) 0);
            cipher.init(2, generateSecret, new IvParameterSpec(bArr4));
            return cipher.doFinal(bArr2);
        } catch (Exception e) {
            throw new HBCI_Exception("*** error while decrypting message", e);
        }
    }

    private int getKeySizeByProfile() {
        int i;
        int parseInt = Integer.parseInt(getProfileVersion());
        switch (parseInt) {
            case 1:
                i = 768;
                break;
            case 2:
                i = 2048;
                break;
            case 10:
                HBCIKey instSigKey = getInstSigKey();
                if (instSigKey == null) {
                    instSigKey = getInstEncKey();
                }
                if (instSigKey == null) {
                    i = 4096;
                    break;
                } else {
                    i = ((RSAPublicKey) instSigKey.key).getModulus().bitLength();
                    break;
                }
            default:
                throw new HBCI_Exception("*** dont know which keysize to use for profile rdh-" + parseInt);
        }
        HBCIUtils.log("using keysize " + i + " bits for newly generated keys", 4);
        return i;
    }

    /* JADX WARN: Type inference failed for: r0v33, types: [org.kapott.hbci.manager.HBCIKey[], org.kapott.hbci.manager.HBCIKey[][]] */
    @Override // org.kapott.hbci.passport.AbstractHBCIPassport, org.kapott.hbci.passport.HBCIPassportInternal
    public HBCIKey[][] generateNewUserKeys() {
        try {
            HBCIUtils.log("Erzeuge neue Benutzerschlüssel", 3);
            String blz = getBLZ();
            String country = getCountry();
            String userId = getUserId();
            HBCIKey[] hBCIKeyArr = new HBCIKey[2];
            HBCIKey[] hBCIKeyArr2 = new HBCIKey[2];
            String profileVersion = hasMySigKey() ? getMyPublicSigKey().num : getProfileVersion();
            String num = Integer.toString(Integer.parseInt(hasMySigKey() ? getMyPublicSigKey().version : "0") + 1);
            int keySizeByProfile = getKeySizeByProfile();
            for (int i = 0; i < 2; i++) {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(CryptUtils.CRYPT_ALG_RSA);
                keyPairGenerator.initialize(keySizeByProfile);
                KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                if (i == 0) {
                    hBCIKeyArr[0] = new HBCIKey(country, blz, userId, profileVersion, num, generateKeyPair.getPublic());
                    hBCIKeyArr[1] = new HBCIKey(country, blz, userId, profileVersion, num, generateKeyPair.getPrivate());
                } else {
                    hBCIKeyArr2[0] = new HBCIKey(country, blz, userId, profileVersion, num, generateKeyPair.getPublic());
                    hBCIKeyArr2[1] = new HBCIKey(country, blz, userId, profileVersion, num, generateKeyPair.getPrivate());
                }
            }
            return new HBCIKey[]{hBCIKeyArr, hBCIKeyArr2, 0};
        } catch (Exception e) {
            throw new HBCI_Exception(HBCIUtilsInternal.getLocMsg("EXCMSG_GENKEYS_ERR"), e);
        }
    }
}
