package org.bouncycastle.pqc.crypto.xmss;

import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.pqc.crypto.StateAwareMessageSigner;
import org.bouncycastle.pqc.crypto.xmss.OTSHashAddress;
import org.bouncycastle.pqc.crypto.xmss.XMSSSignature;
import org.bouncycastle.util.Arrays;
import u1.b.f.a.d.b;
import u1.b.f.a.d.c;
import u1.b.f.a.d.h;

/* loaded from: classes3.dex */
public class XMSSSigner implements StateAwareMessageSigner {

    /* renamed from: a, reason: collision with root package name */
    public XMSSPrivateKeyParameters f11761a;
    public XMSSPrivateKeyParameters b;
    public XMSSPublicKeyParameters c;
    public XMSSParameters d;
    public b e;
    public boolean f;
    public boolean g;

    @Override // org.bouncycastle.pqc.crypto.MessageSigner
    public byte[] generateSignature(byte[] bArr) {
        if (bArr == null) {
            throw new NullPointerException("message == null");
        }
        if (!this.f) {
            throw new IllegalStateException("signer not initialized for signature generation");
        }
        XMSSPrivateKeyParameters xMSSPrivateKeyParameters = this.f11761a;
        if (xMSSPrivateKeyParameters == null) {
            throw new IllegalStateException("signing key no longer usable");
        }
        if (xMSSPrivateKeyParameters.g.getAuthenticationPath().isEmpty()) {
            throw new IllegalStateException("not initialized");
        }
        int index = this.f11761a.getIndex();
        long j = index;
        if (!XMSSUtil.isIndexValid(this.d.getHeight(), j)) {
            throw new IllegalStateException("index out of bounds");
        }
        byte[] b = this.e.b(this.f11761a.getSecretKeyPRF(), XMSSUtil.toBytesBigEndian(j, 32));
        byte[] a2 = this.e.a(Arrays.concatenate(b, this.f11761a.getRoot(), XMSSUtil.toBytesBigEndian(j, this.d.getDigestSize())), bArr);
        OTSHashAddress oTSHashAddress = (OTSHashAddress) new OTSHashAddress.Builder().withOTSAddress(index).build();
        if (a2.length != this.d.getDigestSize()) {
            throw new IllegalArgumentException("size of messageDigest needs to be equal to size of digest");
        }
        if (oTSHashAddress == null) {
            throw new NullPointerException("otsHashAddress == null");
        }
        c cVar = this.d.f11756a;
        cVar.f(cVar.e(this.f11761a.getSecretKeySeed(), oTSHashAddress), this.f11761a.getPublicSeed());
        XMSSSignature xMSSSignature = (XMSSSignature) new XMSSSignature.Builder(this.d).withIndex(index).withRandom(b).withWOTSPlusSignature(this.d.f11756a.g(a2, oTSHashAddress)).withAuthPath(this.f11761a.g.getAuthenticationPath()).build();
        this.g = true;
        XMSSPrivateKeyParameters xMSSPrivateKeyParameters2 = this.b;
        if (xMSSPrivateKeyParameters2 != null) {
            XMSSPrivateKeyParameters nextKey = xMSSPrivateKeyParameters2.getNextKey();
            this.f11761a = nextKey;
            this.b = nextKey;
        } else {
            this.f11761a = null;
        }
        return xMSSSignature.toByteArray();
    }

    @Override // org.bouncycastle.pqc.crypto.StateAwareMessageSigner
    public AsymmetricKeyParameter getUpdatedPrivateKey() {
        XMSSPrivateKeyParameters nextKey;
        if (this.g) {
            nextKey = this.f11761a;
            this.f11761a = null;
        } else {
            nextKey = this.b.getNextKey();
        }
        this.b = null;
        return nextKey;
    }

    @Override // org.bouncycastle.pqc.crypto.MessageSigner
    public void init(boolean z, CipherParameters cipherParameters) {
        c cVar;
        if (z) {
            this.f = true;
            this.g = false;
            XMSSPrivateKeyParameters xMSSPrivateKeyParameters = (XMSSPrivateKeyParameters) cipherParameters;
            this.f11761a = xMSSPrivateKeyParameters;
            this.b = xMSSPrivateKeyParameters;
            XMSSParameters parameters = xMSSPrivateKeyParameters.getParameters();
            this.d = parameters;
            cVar = parameters.f11756a;
        } else {
            this.f = false;
            XMSSPublicKeyParameters xMSSPublicKeyParameters = (XMSSPublicKeyParameters) cipherParameters;
            this.c = xMSSPublicKeyParameters;
            XMSSParameters parameters2 = xMSSPublicKeyParameters.getParameters();
            this.d = parameters2;
            cVar = parameters2.f11756a;
        }
        this.e = cVar.b;
    }

    @Override // org.bouncycastle.pqc.crypto.MessageSigner
    public boolean verifySignature(byte[] bArr, byte[] bArr2) {
        XMSSSignature build = new XMSSSignature.Builder(this.d).withSignature(bArr2).build();
        int index = build.getIndex();
        XMSSParameters xMSSParameters = this.d;
        xMSSParameters.f11756a.f(new byte[xMSSParameters.getDigestSize()], this.c.getPublicSeed());
        long j = index;
        byte[] a2 = this.e.a(Arrays.concatenate(build.getRandom(), this.c.getRoot(), XMSSUtil.toBytesBigEndian(j, this.d.getDigestSize())), bArr);
        int height = this.d.getHeight();
        return Arrays.constantTimeAreEqual(h.a(this.d.f11756a, height, a2, build, (OTSHashAddress) new OTSHashAddress.Builder().withOTSAddress(index).build(), XMSSUtil.getLeafIndex(j, height)).getValue(), this.c.getRoot());
    }
}
