package org.bouncycastle.pqc.crypto.xmss;

import java.util.Objects;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.pqc.crypto.StateAwareMessageSigner;
import org.bouncycastle.pqc.crypto.xmss.OTSHashAddress;
import org.bouncycastle.pqc.crypto.xmss.XMSSMTSignature;
import org.bouncycastle.pqc.crypto.xmss.XMSSReducedSignature;
import org.bouncycastle.util.Arrays;

/* loaded from: classes13.dex */
public class XMSSMTSigner implements StateAwareMessageSigner {
    public boolean hasGenerated;
    public boolean initSign;
    public XMSSMTParameters params;
    public XMSSMTPrivateKeyParameters privateKey;
    public XMSSMTPublicKeyParameters publicKey;
    public WOTSPlus wotsPlus;
    public XMSSParameters xmssParams;

    @Override // org.bouncycastle.pqc.crypto.MessageSigner
    public byte[] generateSignature(byte[] bArr) {
        byte[] byteArray;
        Objects.requireNonNull(bArr, "message == null");
        if (!this.initSign) {
            throw new IllegalStateException("signer not initialized for signature generation");
        }
        XMSSMTPrivateKeyParameters xMSSMTPrivateKeyParameters = this.privateKey;
        if (xMSSMTPrivateKeyParameters == null) {
            throw new IllegalStateException("signing key no longer usable");
        }
        synchronized (xMSSMTPrivateKeyParameters) {
            if (this.privateKey.getUsagesRemaining() <= 0) {
                throw new IllegalStateException("no usages of private key remaining");
            }
            XMSSMTPrivateKeyParameters xMSSMTPrivateKeyParameters2 = this.privateKey;
            Objects.requireNonNull(xMSSMTPrivateKeyParameters2);
            if (xMSSMTPrivateKeyParameters2.bdsState.isEmpty()) {
                throw new IllegalStateException("not initialized");
            }
            try {
                XMSSMTPrivateKeyParameters xMSSMTPrivateKeyParameters3 = this.privateKey;
                Objects.requireNonNull(xMSSMTPrivateKeyParameters3);
                BDSStateMap bDSStateMap = xMSSMTPrivateKeyParameters3.bdsState;
                XMSSMTPrivateKeyParameters xMSSMTPrivateKeyParameters4 = this.privateKey;
                Objects.requireNonNull(xMSSMTPrivateKeyParameters4);
                long j = xMSSMTPrivateKeyParameters4.index;
                Objects.requireNonNull(this.params);
                XMSSParameters xMSSParameters = this.xmssParams;
                Objects.requireNonNull(xMSSParameters);
                int i = xMSSParameters.height;
                if (this.privateKey.getUsagesRemaining() <= 0) {
                    throw new IllegalStateException("index out of bounds");
                }
                WOTSPlus wOTSPlus = this.wotsPlus;
                Objects.requireNonNull(wOTSPlus);
                byte[] PRF = wOTSPlus.khf.PRF(this.privateKey.getSecretKeyPRF(), XMSSUtil.toBytesBigEndian(j, 32));
                byte[] concatenate = Arrays.concatenate(PRF, this.privateKey.getRoot(), XMSSUtil.toBytesBigEndian(j, this.params.getTreeDigestSize()));
                WOTSPlus wOTSPlus2 = this.wotsPlus;
                Objects.requireNonNull(wOTSPlus2);
                byte[] HMsg = wOTSPlus2.khf.HMsg(concatenate, bArr);
                this.hasGenerated = true;
                XMSSMTSignature.Builder builder = new XMSSMTSignature.Builder(this.params);
                builder.index = j;
                XMSSMTSignature build = builder.withRandom(PRF).build();
                long j2 = j >> i;
                int leafIndex = XMSSUtil.getLeafIndex(j, i);
                this.wotsPlus.importKeys(new byte[this.params.getTreeDigestSize()], this.privateKey.getPublicSeed());
                OTSHashAddress oTSHashAddress = (OTSHashAddress) new OTSHashAddress.Builder().withTreeAddress(j2).withOTSAddress(leafIndex).build();
                if (bDSStateMap.get(0) == null || leafIndex == 0) {
                    bDSStateMap.put(0, new BDS(this.xmssParams, this.privateKey.getPublicSeed(), this.privateKey.getSecretKeySeed(), oTSHashAddress));
                }
                WOTSPlusSignature wotsSign = wotsSign(HMsg, oTSHashAddress);
                XMSSReducedSignature.Builder builder2 = new XMSSReducedSignature.Builder(this.xmssParams);
                builder2.wotsPlusSignature = wotsSign;
                builder2.authPath = bDSStateMap.get(0).getAuthenticationPath();
                XMSSReducedSignature xMSSReducedSignature = new XMSSReducedSignature(builder2);
                Objects.requireNonNull(build);
                build.reducedSignatures.add(xMSSReducedSignature);
                int i2 = 1;
                while (true) {
                    XMSSMTParameters xMSSMTParameters = this.params;
                    Objects.requireNonNull(xMSSMTParameters);
                    if (i2 < xMSSMTParameters.layers) {
                        BDS bds = bDSStateMap.get(i2 - 1);
                        Objects.requireNonNull(bds);
                        XMSSNode xMSSNode = bds.root;
                        int leafIndex2 = XMSSUtil.getLeafIndex(j2, i);
                        j2 >>= i;
                        OTSHashAddress oTSHashAddress2 = (OTSHashAddress) new OTSHashAddress.Builder().withLayerAddress(i2).withTreeAddress(j2).withOTSAddress(leafIndex2).build();
                        WOTSPlusSignature wotsSign2 = wotsSign(xMSSNode.getValue(), oTSHashAddress2);
                        if (bDSStateMap.get(i2) == null || XMSSUtil.isNewBDSInitNeeded(j, i, i2)) {
                            bDSStateMap.put(i2, new BDS(this.xmssParams, this.privateKey.getPublicSeed(), this.privateKey.getSecretKeySeed(), oTSHashAddress2));
                        }
                        XMSSReducedSignature.Builder builder3 = new XMSSReducedSignature.Builder(this.xmssParams);
                        builder3.wotsPlusSignature = wotsSign2;
                        builder3.authPath = bDSStateMap.get(i2).getAuthenticationPath();
                        build.reducedSignatures.add(new XMSSReducedSignature(builder3));
                        i2++;
                    } else {
                        byteArray = build.toByteArray();
                        this.privateKey.rollKey();
                    }
                }
            } catch (Throwable th) {
                this.privateKey.rollKey();
                throw th;
            }
        }
        return byteArray;
    }

    @Override // org.bouncycastle.pqc.crypto.StateAwareMessageSigner
    public AsymmetricKeyParameter getUpdatedPrivateKey() {
        if (this.hasGenerated) {
            XMSSMTPrivateKeyParameters xMSSMTPrivateKeyParameters = this.privateKey;
            this.privateKey = null;
            return xMSSMTPrivateKeyParameters;
        }
        XMSSMTPrivateKeyParameters xMSSMTPrivateKeyParameters2 = this.privateKey;
        if (xMSSMTPrivateKeyParameters2 != null) {
            this.privateKey = xMSSMTPrivateKeyParameters2.getNextKey();
        }
        return xMSSMTPrivateKeyParameters2;
    }

    public long getUsagesRemaining() {
        return this.privateKey.getUsagesRemaining();
    }

    @Override // org.bouncycastle.pqc.crypto.MessageSigner
    public void init(boolean z, CipherParameters cipherParameters) {
        XMSSMTParameters xMSSMTParameters;
        if (z) {
            this.initSign = true;
            this.hasGenerated = false;
            XMSSMTPrivateKeyParameters xMSSMTPrivateKeyParameters = (XMSSMTPrivateKeyParameters) cipherParameters;
            this.privateKey = xMSSMTPrivateKeyParameters;
            Objects.requireNonNull(xMSSMTPrivateKeyParameters);
            xMSSMTParameters = xMSSMTPrivateKeyParameters.params;
            this.params = xMSSMTParameters;
            Objects.requireNonNull(xMSSMTParameters);
        } else {
            this.initSign = false;
            XMSSMTPublicKeyParameters xMSSMTPublicKeyParameters = (XMSSMTPublicKeyParameters) cipherParameters;
            this.publicKey = xMSSMTPublicKeyParameters;
            Objects.requireNonNull(xMSSMTPublicKeyParameters);
            xMSSMTParameters = xMSSMTPublicKeyParameters.params;
            this.params = xMSSMTParameters;
            Objects.requireNonNull(xMSSMTParameters);
        }
        this.xmssParams = xMSSMTParameters.xmssParams;
        this.wotsPlus = this.params.getWOTSPlus();
    }

    @Override // org.bouncycastle.pqc.crypto.MessageSigner
    public boolean verifySignature(byte[] bArr, byte[] bArr2) {
        Objects.requireNonNull(bArr, "message == null");
        Objects.requireNonNull(bArr2, "signature == null");
        Objects.requireNonNull(this.publicKey, "publicKey == null");
        XMSSMTSignature build = new XMSSMTSignature.Builder(this.params).withSignature(bArr2).build();
        byte[] concatenate = Arrays.concatenate(build.getRandom(), this.publicKey.getRoot(), XMSSUtil.toBytesBigEndian(build.index, this.params.getTreeDigestSize()));
        WOTSPlus wOTSPlus = this.wotsPlus;
        Objects.requireNonNull(wOTSPlus);
        byte[] HMsg = wOTSPlus.khf.HMsg(concatenate, bArr);
        long j = build.index;
        XMSSParameters xMSSParameters = this.xmssParams;
        Objects.requireNonNull(xMSSParameters);
        int i = xMSSParameters.height;
        long j2 = j >> i;
        int leafIndex = XMSSUtil.getLeafIndex(j, i);
        this.wotsPlus.importKeys(new byte[this.params.getTreeDigestSize()], this.publicKey.getPublicSeed());
        OTSHashAddress oTSHashAddress = (OTSHashAddress) new OTSHashAddress.Builder().withTreeAddress(j2).withOTSAddress(leafIndex).build();
        XMSSNode rootNodeFromSignature = XMSSVerifierUtil.getRootNodeFromSignature(this.wotsPlus, i, HMsg, build.reducedSignatures.get(0), oTSHashAddress, leafIndex);
        int i2 = 1;
        while (true) {
            XMSSMTParameters xMSSMTParameters = this.params;
            Objects.requireNonNull(xMSSMTParameters);
            if (i2 >= xMSSMTParameters.layers) {
                return Arrays.constantTimeAreEqual(rootNodeFromSignature.getValue(), this.publicKey.getRoot());
            }
            XMSSReducedSignature xMSSReducedSignature = build.reducedSignatures.get(i2);
            int leafIndex2 = XMSSUtil.getLeafIndex(j2, i);
            long j3 = j2 >> i;
            rootNodeFromSignature = XMSSVerifierUtil.getRootNodeFromSignature(this.wotsPlus, i, rootNodeFromSignature.getValue(), xMSSReducedSignature, (OTSHashAddress) new OTSHashAddress.Builder().withLayerAddress(i2).withTreeAddress(j3).withOTSAddress(leafIndex2).build(), leafIndex2);
            i2++;
            j2 = j3;
        }
    }

    public final WOTSPlusSignature wotsSign(byte[] bArr, OTSHashAddress oTSHashAddress) {
        if (bArr.length != this.params.getTreeDigestSize()) {
            throw new IllegalArgumentException("size of messageDigest needs to be equal to size of digest");
        }
        Objects.requireNonNull(oTSHashAddress, "otsHashAddress == null");
        WOTSPlus wOTSPlus = this.wotsPlus;
        wOTSPlus.importKeys(wOTSPlus.getWOTSPlusSecretKey(this.privateKey.getSecretKeySeed(), oTSHashAddress), this.privateKey.getPublicSeed());
        return this.wotsPlus.sign(bArr, oTSHashAddress);
    }
}
