package org.kapott.hbci.passport;

import Ma.k;
import Ma.o;
import com.microsoft.identity.common.java.eststelemetry.SchemaConstants;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import javax.crypto.spec.IvParameterSpec;
import org.kapott.cryptalgs.RSAPrivateCrtKey2;
import org.kapott.hbci.exceptions.HBCI_Exception;
import org.kapott.hbci.manager.HBCIKey;

/* loaded from: classes8.dex */
public abstract class AbstractRDHSWPassport extends AbstractRDHPassport {
    protected HBCIKey[][] keys;

    @Override // org.kapott.hbci.passport.b
    public final byte[] decrypt(byte[] bArr, byte[] bArr2) {
        byte[] byteArray;
        try {
            Key key = f(2, 1).key;
            if (key instanceof RSAPrivateKey) {
                k.m(4, "decrypting message key with (n,d)-algorithm");
                byteArray = new BigInteger(1, bArr).modPow(((RSAPrivateKey) key).getPrivateExponent(), ((RSAPrivateKey) key).getModulus()).toByteArray();
            } else {
                k.m(4, "decrypting message key with (p,q,dP,dQ,qInv)-algorithm");
                BigInteger a9 = ((RSAPrivateCrtKey2) key).a();
                BigInteger b10 = ((RSAPrivateCrtKey2) key).b();
                BigInteger d10 = ((RSAPrivateCrtKey2) key).d();
                BigInteger e5 = ((RSAPrivateCrtKey2) key).e();
                BigInteger c10 = ((RSAPrivateCrtKey2) key).c();
                BigInteger bigInteger = new BigInteger(1, bArr);
                BigInteger modPow = bigInteger.modPow(d10, a9);
                BigInteger modPow2 = bigInteger.modPow(e5, b10);
                byteArray = modPow2.add(b10.multiply(modPow.subtract(modPow2).multiply(c10).mod(a9))).toByteArray();
            }
            byte[] bArr3 = new byte[24];
            System.arraycopy(byteArray, byteArray.length - 16, bArr3, 0, 16);
            System.arraycopy(byteArray, byteArray.length - 16, bArr3, 16, 8);
            DESedeKeySpec dESedeKeySpec = new DESedeKeySpec(bArr3);
            String a10 = Xa.a.a();
            SecretKey generateSecret = (a10 == null ? SecretKeyFactory.getInstance("DESede") : SecretKeyFactory.getInstance("DESede", a10)).generateSecret(dESedeKeySpec);
            Cipher cipher = a10 == null ? Cipher.getInstance("DESede/CBC/NoPadding") : Cipher.getInstance("DESede/CBC/NoPadding", a10);
            byte[] bArr4 = new byte[8];
            Arrays.fill(bArr4, (byte) 0);
            cipher.init(2, generateSecret, new IvParameterSpec(bArr4));
            return cipher.doFinal(bArr2);
        } catch (Exception e7) {
            throw new HBCI_Exception("*** error while decrypting message", e7);
        }
    }

    public final byte[] e(SecretKey secretKey) {
        try {
            String a9 = Xa.a.a();
            byte[] key = ((DESedeKeySpec) (a9 == null ? SecretKeyFactory.getInstance("DESede") : SecretKeyFactory.getInstance("DESede", a9)).getKeySpec(secretKey, DESedeKeySpec.class)).getKey();
            int b10 = b(f(0, 1).key);
            byte[] bArr = new byte[b10];
            Arrays.fill(bArr, (byte) 0);
            System.arraycopy(key, 0, bArr, b10 - 16, 16);
            BigInteger bigInteger = new BigInteger(1, bArr);
            Key key2 = f(0, 1).key;
            return AbstractHBCIPassport.checkForCryptDataSize(bigInteger.modPow(((RSAPublicKey) key2).getPublicExponent(), ((RSAPublicKey) key2).getModulus()).toByteArray(), b10);
        } catch (Exception e5) {
            throw new HBCI_Exception("*** can not encrypt message key", e5);
        }
    }

    @Override // org.kapott.hbci.passport.b
    public final byte[][] encrypt(byte[] bArr) {
        try {
            SecretKey a9 = AbstractRDHPassport.a();
            try {
                String a10 = Xa.a.a();
                Cipher cipher = a10 == null ? Cipher.getInstance("DESede/CBC/NoPadding") : Cipher.getInstance("DESede/CBC/NoPadding", a10);
                byte[] bArr2 = new byte[8];
                Arrays.fill(bArr2, (byte) 0);
                cipher.init(1, a9, new IvParameterSpec(bArr2));
                return new byte[][]{e(a9), cipher.doFinal(bArr)};
            } catch (Exception e5) {
                throw new HBCI_Exception("*** can not encrypt message", e5);
            }
        } catch (Exception e7) {
            throw new HBCI_Exception("*** error while encrypting", e7);
        }
    }

    public final HBCIKey f(int i10, int i11) {
        return this.keys[i10][i11];
    }

    public final int g() {
        int i10;
        int parseInt = Integer.parseInt(((HBCIPassportRDHNew) this).getProfileVersion());
        if (parseInt == 1) {
            i10 = 768;
        } else if (parseInt == 2) {
            i10 = 2048;
        } else {
            if (parseInt != 10) {
                throw new HBCI_Exception("*** dont know which keysize to use for profile rdh-" + parseInt);
            }
            HBCIKey f10 = f(0, 0);
            if (f10 == null) {
                f10 = f(0, 1);
            }
            i10 = f10 != null ? ((RSAPublicKey) f10.key).getModulus().bitLength() : 4096;
        }
        k.m(4, "using keysize " + i10 + " bits for newly generated keys");
        return i10;
    }

    @Override // org.kapott.hbci.passport.AbstractHBCIPassport, org.kapott.hbci.passport.b
    public final HBCIKey[][] generateNewUserKeys() {
        int i10;
        int i11;
        HBCIKey[] hBCIKeyArr;
        try {
            k.m(3, "Erzeuge neue Benutzerschlüssel");
            String blz = getBLZ();
            String country = getCountry();
            String userId = getUserId();
            String profileVersion = ((HBCIPassportRDHNew) this).getProfileVersion();
            HBCIKey[] hBCIKeyArr2 = new HBCIKey[2];
            HBCIKey[] hBCIKeyArr3 = new HBCIKey[2];
            if (hasMySigKey()) {
                profileVersion = f(1, 0).num;
            }
            String str = profileVersion;
            String num = Integer.toString(Integer.parseInt(hasMySigKey() ? f(1, 0).version : SchemaConstants.Value.FALSE) + 1);
            int g10 = g();
            int i12 = 0;
            while (i12 < 2) {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
                keyPairGenerator.initialize(g10);
                KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                if (i12 == 0) {
                    i10 = i12;
                    i11 = g10;
                    hBCIKeyArr = hBCIKeyArr3;
                    hBCIKeyArr2[0] = new HBCIKey(country, blz, userId, str, num, generateKeyPair.getPublic());
                    hBCIKeyArr2[1] = new HBCIKey(country, blz, userId, str, num, generateKeyPair.getPrivate());
                } else {
                    i10 = i12;
                    i11 = g10;
                    hBCIKeyArr = hBCIKeyArr3;
                    hBCIKeyArr[0] = new HBCIKey(country, blz, userId, str, num, generateKeyPair.getPublic());
                    hBCIKeyArr[1] = new HBCIKey(country, blz, userId, str, num, generateKeyPair.getPrivate());
                }
                i12 = i10 + 1;
                g10 = i11;
                hBCIKeyArr3 = hBCIKeyArr;
            }
            return new HBCIKey[][]{hBCIKeyArr2, hBCIKeyArr3, null};
        } catch (Exception e5) {
            throw new HBCI_Exception(o.d("EXCMSG_GENKEYS_ERR"), e5);
        }
    }

    @Override // org.kapott.hbci.passport.b
    public final String getInstEncKeyName() {
        if (f(0, 1) != null) {
            return f(0, 1).userid;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.b
    public final String getInstEncKeyNum() {
        if (f(0, 1) != null) {
            return f(0, 1).num;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.b
    public final String getInstEncKeyVersion() {
        if (f(0, 1) != null) {
            return f(0, 1).version;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.b
    public final String getInstSigKeyName() {
        if (f(0, 0) != null) {
            return f(0, 0).userid;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.b
    public final String getInstSigKeyNum() {
        if (f(0, 0) != null) {
            return f(0, 0).num;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.b
    public final String getInstSigKeyVersion() {
        if (f(0, 0) != null) {
            return f(0, 0).version;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public final HBCIKey getMyPrivateEncKey() {
        return f(2, 1);
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public final HBCIKey getMyPublicEncKey() {
        return f(2, 0);
    }

    @Override // org.kapott.hbci.passport.AbstractHBCIPassport, org.kapott.hbci.passport.b
    public final String getMySigKeyName() {
        if (f(1, 0) != null) {
            return f(1, 0).userid;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.AbstractHBCIPassport, org.kapott.hbci.passport.b
    public final String getMySigKeyNum() {
        if (f(1, 0) != null) {
            return f(1, 0).num;
        }
        return null;
    }

    @Override // org.kapott.hbci.passport.AbstractHBCIPassport, org.kapott.hbci.passport.b
    public final String getMySigKeyVersion() {
        if (f(1, 0) != null) {
            return f(1, 0).version;
        }
        return null;
    }

    public final void h(int i10, int i11, HBCIKey hBCIKey) {
        this.keys[i10][i11] = hBCIKey;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public final boolean hasInstEncKey() {
        return f(0, 1) != null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public final boolean hasInstSigKey() {
        return f(0, 0) != null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public final boolean hasMyEncKey() {
        return f(2, 0) != null;
    }

    @Override // org.kapott.hbci.passport.HBCIPassport
    public final boolean hasMySigKey() {
        return f(1, 0) != null;
    }

    @Override // org.kapott.hbci.passport.b
    public final void setInstEncKey(HBCIKey hBCIKey) {
        h(0, 1, hBCIKey);
    }

    @Override // org.kapott.hbci.passport.b
    public final void setInstSigKey(HBCIKey hBCIKey) {
        h(0, 0, hBCIKey);
    }

    @Override // org.kapott.hbci.passport.b
    public final void setMyPrivateDigKey(HBCIKey hBCIKey) {
    }

    @Override // org.kapott.hbci.passport.b
    public final void setMyPrivateEncKey(HBCIKey hBCIKey) {
        h(2, 1, hBCIKey);
    }

    @Override // org.kapott.hbci.passport.b
    public final void setMyPrivateSigKey(HBCIKey hBCIKey) {
        h(1, 1, hBCIKey);
    }

    @Override // org.kapott.hbci.passport.b
    public final void setMyPublicDigKey(HBCIKey hBCIKey) {
    }

    @Override // org.kapott.hbci.passport.b
    public final void setMyPublicEncKey(HBCIKey hBCIKey) {
        h(2, 0, hBCIKey);
    }

    @Override // org.kapott.hbci.passport.b
    public final void setMyPublicSigKey(HBCIKey hBCIKey) {
        h(1, 0, hBCIKey);
    }

    @Override // org.kapott.hbci.passport.b
    public final byte[] sign(byte[] bArr) {
        try {
            Signature c10 = c();
            c10.initSign((PrivateKey) f(1, 1).key);
            c10.update(bArr);
            return AbstractHBCIPassport.checkForCryptDataSize(c10.sign(), b(f(1, 0).key));
        } catch (Exception e5) {
            throw new HBCI_Exception("*** signing of message failed", e5);
        }
    }

    @Override // org.kapott.hbci.passport.b
    public final boolean verify(byte[] bArr, byte[] bArr2) {
        try {
            Signature c10 = c();
            c10.initVerify((PublicKey) f(0, 0).key);
            c10.update(bArr);
            return c10.verify(bArr2);
        } catch (Exception e5) {
            throw new HBCI_Exception("*** verification of message signature failed", e5);
        }
    }
}
