package org.kapott.hbci.security;

import java.lang.reflect.Field;
import java.util.Date;
import java.util.Hashtable;
import java.util.List;
import java.util.Random;
import org.kapott.hbci.exceptions.HBCI_Exception;
import org.kapott.hbci.manager.HBCIUtils;
import org.kapott.hbci.manager.IHandlerData;
import org.kapott.hbci.manager.MsgGen;
import org.kapott.hbci.passport.HBCIPassportInternal;
import org.kapott.hbci.passport.HBCIPassportList;
import org.kapott.hbci.protocol.MSG;
import org.kapott.hbci.protocol.MultipleSEGs;
import org.kapott.hbci.protocol.MultipleSyntaxElements;
import org.kapott.hbci.protocol.SEG;
import org.kapott.hbci.protocol.SyntaxElement;
import org.w3c.dom.Element;

/* loaded from: input_file:BOOT-INF/lib/hbci4j-adorsys-3.0.18.jar:org/kapott/hbci/security/Sig.class */
public final class Sig {
    public static final String SECFUNC_HBCI_SIG_RDH = "1";
    public static final String SECFUNC_HBCI_SIG_DDV = "2";
    public static final String SECFUNC_FINTS_SIG_DIG = "1";
    public static final String SECFUNC_FINTS_SIG_SIG = "2";
    public static final String SECFUNC_SIG_PT_1STEP = "999";
    public static final String SECFUNC_SIG_PT_2STEP_MIN = "900";
    public static final String SECFUNC_SIG_PT_2STEP_MAX = "997";
    public static final String HASHALG_SHA1 = "1";
    public static final String HASHALG_SHA256 = "3";
    public static final String HASHALG_SHA384 = "4";
    public static final String HASHALG_SHA512 = "5";
    public static final String HASHALG_SHA256_SHA256 = "6";
    public static final String HASHALG_RIPEMD160 = "999";
    public static final String SIGALG_DES = "1";
    public static final String SIGALG_RSA = "10";
    public static final String SIGMODE_ISO9796_1 = "16";
    public static final String SIGMODE_ISO9796_2 = "17";
    public static final String SIGMODE_PKCS1 = "18";
    public static final String SIGMODE_PSS = "19";
    public static final String SIGMODE_RETAIL_MAC = "999";
    private IHandlerData handlerdata;
    private MSG msg;
    private HBCIPassportList passports;
    private String u_secfunc;
    private String u_cid;
    private String u_role;
    private String u_range;
    private String u_keyblz;
    private String u_keycountry;
    private String u_keyuserid;
    private String u_keynum;
    private String u_keyversion;
    private String u_sysid;
    private String u_sigid;
    private String u_sigalg;
    private String u_sigmode;
    private String u_hashalg;
    private String sigstring;

    public Sig(IHandlerData iHandlerData, MSG msg, HBCIPassportList hBCIPassportList) {
        this.msg = msg;
        this.handlerdata = iHandlerData;
        this.passports = hBCIPassportList;
    }

    private void fillSigHead(SEG seg) {
        String path = seg.getPath();
        String num = Integer.toString(Math.abs(new Random().nextInt()));
        Date date = new Date();
        seg.propagateValue(path + ".secfunc", this.u_secfunc, false, false);
        seg.propagateValue(path + ".seccheckref", num, false, false);
        seg.propagateValue(path + ".role", this.u_role, false, false);
        seg.propagateValue(path + ".SecIdnDetails.func", this.msg.getName().endsWith("Res") ? "2" : "1", false, false);
        if (this.u_cid.length() != 0) {
            seg.propagateValue(path + ".SecIdnDetails.cid", "B" + this.u_cid, false, false);
        } else {
            seg.propagateValue(path + ".SecIdnDetails.sysid", this.u_sysid, false, false);
        }
        seg.propagateValue(path + ".SecTimestamp.date", HBCIUtils.date2StringISO(date), false, false);
        seg.propagateValue(path + ".SecTimestamp.time", HBCIUtils.time2StringISO(date), false, false);
        seg.propagateValue(path + ".secref", this.u_sigid, false, false);
        seg.propagateValue(path + ".HashAlg.alg", this.u_hashalg, false, false);
        seg.propagateValue(path + ".SigAlg.alg", this.u_sigalg, false, false);
        seg.propagateValue(path + ".SigAlg.mode", this.u_sigmode, false, false);
        seg.propagateValue(path + ".KeyName.KIK.country", this.u_keycountry, false, false);
        seg.propagateValue(path + ".KeyName.KIK.blz", this.u_keyblz, false, false);
        seg.propagateValue(path + ".KeyName.userid", this.u_keyuserid, false, false);
        seg.propagateValue(path + ".KeyName.keynum", this.u_keynum, false, false);
        seg.propagateValue(path + ".KeyName.keyversion", this.u_keyversion, false, false);
        seg.propagateValue(path + ".SecProfile.method", this.passports.getMainPassport().getProfileMethod(), false, false);
        seg.propagateValue(path + ".SecProfile.version", this.passports.getMainPassport().getProfileVersion(), false, false);
    }

    private void fillSigTail(SEG seg, SEG seg2) {
        seg2.propagateValue(seg2.getPath() + ".seccheckref", seg.getValueOfDE(seg.getPath() + ".seccheckref"), false, false);
    }

    private String collectHashData(int i) {
        int size = this.passports.size();
        StringBuffer stringBuffer = new StringBuffer(1024);
        List<MultipleSyntaxElements> childContainers = this.msg.getChildContainers();
        List<SyntaxElement> elements = ((MultipleSEGs) childContainers.get(1)).getElements();
        List<SyntaxElement> elements2 = ((MultipleSEGs) childContainers.get(childContainers.size() - 2)).getElements();
        int i2 = (size - 1) - i;
        while (true) {
            if (i2 >= (this.u_range.equals("1") ? size - i : size)) {
                break;
            }
            stringBuffer.append(((SEG) elements.get(i2)).toString(0));
            i2++;
        }
        for (int i3 = 2; i3 < childContainers.size() - 2; i3++) {
            stringBuffer.append(childContainers.get(i3).toString(0));
        }
        int i4 = 0;
        while (true) {
            if (i4 >= (this.u_range.equals("1") ? 0 : i)) {
                return stringBuffer.toString();
            }
            stringBuffer.append(((SEG) elements2.get(i4)).toString(0));
            i4++;
        }
    }

    private String collectHashData(int i, int i2) {
        String str = this.handlerdata.getMsgGen().get("_origSignedMsg");
        return str.substring(str.indexOf("HNSHK:2:"), str.lastIndexOf("HNSHA:"));
    }

    public boolean signIt() {
        boolean z = false;
        if (this.passports.getMainPassport().hasMySigKey()) {
            String name = this.msg.getName();
            MsgGen msgGen = this.handlerdata.getMsgGen();
            if (((Element) this.msg.getSyntaxDef(name, msgGen.getSyntax())).getAttribute("dontsign").length() == 0) {
                try {
                    int size = this.passports.size();
                    for (int i = 0; i < size; i++) {
                        SEG seg = new SEG("SigHeadUser", "SigHead", name, (size - 1) - i, msgGen.getSyntax());
                        SEG seg2 = new SEG("SigTailUser", "SigTail", name, i, msgGen.getSyntax());
                        List<MultipleSyntaxElements> childContainers = this.msg.getChildContainers();
                        List<SyntaxElement> elements = ((MultipleSEGs) childContainers.get(1)).getElements();
                        List<SyntaxElement> elements2 = ((MultipleSEGs) childContainers.get(childContainers.size() - 2)).getElements();
                        if ((size - 1) - i >= elements.size()) {
                            for (int size2 = elements.size() - 1; size2 < (size - 1) - i; size2++) {
                                elements.add(null);
                            }
                        }
                        elements.set((size - 1) - i, seg);
                        if (i >= elements2.size()) {
                            for (int size3 = elements2.size() - 1; size3 < i; size3++) {
                                elements2.add(null);
                            }
                        }
                        elements2.set(i, seg2);
                    }
                    for (int i2 = 0; i2 < size; i2++) {
                        HBCIPassportInternal passport = this.passports.getPassport(i2);
                        String role = this.passports.getRole(i2);
                        setParam("secfunc", passport.getSigFunction());
                        setParam("cid", passport.getCID());
                        setParam("role", role);
                        setParam("range", "1");
                        setParam("keyblz", passport.getBLZ());
                        setParam("keycountry", passport.getCountry());
                        setParam("keyuserid", passport.getMySigKeyName());
                        setParam("keynum", passport.getMySigKeyNum());
                        setParam("keyversion", passport.getMySigKeyVersion());
                        setParam("sysid", passport.getSysId());
                        setParam("sigid", passport.getSigId().toString());
                        setParam("sigalg", passport.getSigAlg());
                        setParam("sigmode", passport.getSigMode());
                        setParam("hashalg", passport.getHashAlg());
                        passport.incSigId();
                        passport.saveChanges();
                        List<MultipleSyntaxElements> childContainers2 = this.msg.getChildContainers();
                        List<SyntaxElement> elements3 = ((MultipleSEGs) childContainers2.get(1)).getElements();
                        List<SyntaxElement> elements4 = ((MultipleSEGs) childContainers2.get(childContainers2.size() - 2)).getElements();
                        SEG seg3 = (SEG) elements3.get((size - 1) - i2);
                        SEG seg4 = (SEG) elements4.get(i2);
                        fillSigHead(seg3);
                        fillSigTail(seg3, seg4);
                    }
                    this.msg.enumerateSegs(0, true);
                    this.msg.validate();
                    this.msg.enumerateSegs(1, true);
                    for (int i3 = 0; i3 < size; i3++) {
                        HBCIPassportInternal passport2 = this.passports.getPassport(i3);
                        List<MultipleSyntaxElements> childContainers3 = this.msg.getChildContainers();
                        SEG seg5 = (SEG) ((MultipleSEGs) childContainers3.get(childContainers3.size() - 2)).getElements().get(i3);
                        byte[] sign = passport2.sign(passport2.hash(collectHashData(i3).getBytes("ISO-8859-1")));
                        if (passport2.needUserSig()) {
                            String str = new String(sign, "ISO-8859-1");
                            int indexOf = str.indexOf("|");
                            if (indexOf != -1) {
                                this.msg.propagateValue(seg5.getPath() + ".UserSig.pin", str.substring(0, indexOf), false, false);
                                if (indexOf < str.length() - 1) {
                                    this.msg.propagateValue(seg5.getPath() + ".UserSig.tan", str.substring(indexOf + 1), false, false);
                                }
                            }
                        } else {
                            this.msg.propagateValue(seg5.getPath() + ".sig", "B" + new String(sign, "ISO-8859-1"), false, false);
                        }
                        this.msg.validate();
                        this.msg.enumerateSegs(1, true);
                        this.msg.autoSetMsgSize(msgGen);
                    }
                } catch (Exception e) {
                    throw new HBCI_Exception("*** error while signing", e);
                }
            } else {
                HBCIUtils.log("did not sign - message does not want to be signed", 4);
            }
            z = true;
        } else {
            HBCIUtils.log("can not sign - no signature key available", 2);
        }
        return z;
    }

    private void readSigHead() {
        HBCIPassportInternal mainPassport = this.passports.getMainPassport();
        String str = this.msg.getName() + ".SigHead";
        this.u_secfunc = this.msg.getValueOfDE(str + ".secfunc");
        this.u_role = this.msg.getValueOfDE(str + ".role");
        this.u_range = this.msg.getValueOfDE(str + ".range");
        this.u_keycountry = this.msg.getValueOfDE(str + ".KeyName.KIK.country");
        this.u_keyuserid = this.msg.getValueOfDE(str + ".KeyName.userid");
        this.u_keynum = this.msg.getValueOfDE(str + ".KeyName.keynum");
        this.u_keyversion = this.msg.getValueOfDE(str + ".KeyName.keyversion");
        this.u_sigid = this.msg.getValueOfDE(str + ".secref");
        this.u_sigalg = this.msg.getValueOfDE(str + ".SigAlg.alg");
        this.u_sigmode = this.msg.getValueOfDE(str + ".SigAlg.mode");
        this.u_hashalg = this.msg.getValueOfDE(str + ".HashAlg.alg");
        try {
            this.u_keyblz = this.msg.getValueOfDE(str + ".KeyName.KIK.blz");
        } catch (Exception e) {
            HBCIUtils.log("missing bank code in message signature, ignoring...", 2);
        }
        if (mainPassport.needUserSig()) {
            Hashtable<String, String> hashtable = new Hashtable<>();
            this.msg.extractValues(hashtable);
            String str2 = hashtable.get(this.msg.getName() + ".SigTail.UserSig.pin");
            String str3 = hashtable.get(this.msg.getName() + ".SigTail.UserSig.tan");
            this.sigstring = (str2 != null ? str2 : "") + "|" + (str3 != null ? str3 : "");
        } else {
            this.sigstring = this.msg.getValueOfDE(this.msg.getName() + ".SigTail.sig");
        }
        String valueOfDE = this.msg.getValueOfDE(this.msg.getName() + ".SigHead.seccheckref");
        String valueOfDE2 = this.msg.getValueOfDE(this.msg.getName() + ".SigTail.seccheckref");
        if (valueOfDE == null || !valueOfDE.equals(valueOfDE2)) {
            String locMsg = HBCIUtils.getLocMsg("EXCMSG_SIGREFFAIL");
            if (!HBCIUtils.ignoreError(null, "client.errors.ignoreSignErrors", locMsg)) {
                throw new HBCI_Exception(locMsg);
            }
        }
    }

    private boolean hasSig() {
        boolean z = true;
        MultipleSyntaxElements multipleSyntaxElements = this.msg.getChildContainers().get(1);
        if (multipleSyntaxElements instanceof MultipleSEGs) {
            SEG seg = null;
            try {
                seg = (SEG) multipleSyntaxElements.getElements().get(0);
            } catch (IndexOutOfBoundsException e) {
                z = false;
            }
            if (z) {
                if (!seg.getCode(this.handlerdata.getMsgGen()).equals("HNSHK")) {
                    z = false;
                }
            }
        } else {
            z = false;
        }
        return z;
    }

    public boolean verify() {
        boolean z;
        HBCIPassportInternal mainPassport = this.passports.getMainPassport();
        if (mainPassport.hasInstSigKey()) {
            if (((Element) this.msg.getSyntaxDef(this.msg.getName(), this.handlerdata.getMsgGen().getSyntax())).getAttribute("dontsign").length() != 0) {
                HBCIUtils.log("message does not need a signature", 4);
                z = true;
            } else if (hasSig()) {
                readSigHead();
                try {
                    z = mainPassport.verify(mainPassport.hash(collectHashData(0, 0).getBytes("ISO-8859-1")), this.sigstring.getBytes("ISO-8859-1"));
                } catch (Exception e) {
                    z = false;
                }
            } else {
                HBCIUtils.log("message has no signature", 2);
                z = true;
            }
        } else {
            HBCIUtils.log("can not check signature - no signature key available", 2);
            z = true;
        }
        return z;
    }

    public void setParam(String str, String str2) {
        try {
            Field declaredField = getClass().getDeclaredField("u_" + str);
            HBCIUtils.log("setting " + str + " to " + str2, 4);
            declaredField.set(this, str2);
        } catch (Exception e) {
            throw new HBCI_Exception("*** error while setting sig parameter", e);
        }
    }
}
