package org.bouncycastle.pqc.crypto.lms;

import java.util.List;
import java.util.Objects;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.pqc.crypto.ExhaustedPrivateKeyException;
import org.bouncycastle.util.Pack;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes12.dex */
public class b {

    /* loaded from: classes12.dex */
    static class a extends LMSPrivateKeyParameters {
        public a(LMSigParameters lMSigParameters, LMOtsParameters lMOtsParameters, int i, byte[] bArr, int i2, byte[] bArr2) {
            super(lMSigParameters, lMOtsParameters, i, bArr, i2, bArr2);
        }

        @Override // org.bouncycastle.pqc.crypto.lms.LMSPrivateKeyParameters
        c e() {
            throw new RuntimeException("placeholder only");
        }

        @Override // org.bouncycastle.pqc.crypto.lms.LMSPrivateKeyParameters
        public LMSPublicKeyParameters getPublicKey() {
            throw new RuntimeException("placeholder only");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void a(byte[] bArr, Digest digest) {
        digest.update(bArr, 0, bArr.length);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int b(LMSParameters lMSParameters) {
        Objects.requireNonNull(lMSParameters, "lmsParameters cannot be null");
        LMSigParameters lMSigParam = lMSParameters.getLMSigParam();
        return lMSigParam.getM() * (1 << lMSigParam.getH());
    }

    public static int c(byte[] bArr, int i, LMOtsParameters lMOtsParameters) {
        int w = (1 << lMOtsParameters.getW()) - 1;
        int i2 = 0;
        for (int i3 = 0; i3 < (i * 8) / lMOtsParameters.getW(); i3++) {
            i2 = (i2 + w) - d(bArr, i3, lMOtsParameters.getW());
        }
        return i2 << lMOtsParameters.getLs();
    }

    public static int d(byte[] bArr, int i, int i2) {
        int i3 = (i * i2) / 8;
        return (bArr[i3] >>> (((~i) & ((8 / i2) - 1)) * i2)) & ((1 << i2) - 1);
    }

    public static LMSPrivateKeyParameters e(LMSigParameters lMSigParameters, LMOtsParameters lMOtsParameters, int i, byte[] bArr, byte[] bArr2) throws IllegalArgumentException {
        if (bArr2 != null && bArr2.length >= lMSigParameters.getM()) {
            return new LMSPrivateKeyParameters(lMSigParameters, lMOtsParameters, i, bArr, 1 << lMSigParameters.getH(), bArr2);
        }
        StringBuilder J0 = a.a.a.a.a.J0("root seed is less than ");
        J0.append(lMSigParameters.getM());
        throw new IllegalArgumentException(J0.toString());
    }

    public static f f(LMSContext lMSContext) {
        c c = lMSContext.c();
        byte[] d = lMSContext.d();
        byte[] a2 = lMSContext.a();
        LMOtsParameters c2 = c.c();
        int n = c2.getN();
        int p = c2.getP();
        int w = c2.getW();
        byte[] bArr = new byte[p * n];
        Digest a3 = org.bouncycastle.pqc.crypto.lms.a.a(c2.getDigestOID());
        h a4 = c.a();
        int c3 = c(d, n, c2);
        d[n] = (byte) ((c3 >>> 8) & 255);
        d[n + 1] = (byte) c3;
        int i = n + 23;
        byte[] build = Composer.compose().bytes(c.b()).u32str(c.d()).padUntil(0, i).build();
        a4.b(0);
        int i2 = 0;
        while (i2 < p) {
            Pack.shortToBigEndian((short) i2, build, 20);
            int i3 = 23;
            a4.a(build, i2 < p + (-1), 23);
            int d2 = d(d, i2, w);
            for (int i4 = 0; i4 < d2; i4++) {
                build[22] = (byte) i4;
                a3.update(build, 0, i);
                i3 = 23;
                a3.doFinal(build, 23);
            }
            System.arraycopy(build, i3, bArr, n * i2, n);
            i2++;
        }
        return new f(lMSContext.c().d(), new e(c2, a2, bArr), lMSContext.e(), lMSContext.b());
    }

    public static f g(LMSPrivateKeyParameters lMSPrivateKeyParameters, byte[] bArr) {
        LMSContext generateLMSContext = lMSPrivateKeyParameters.generateLMSContext();
        generateLMSContext.update(bArr, 0, bArr.length);
        return f(generateLMSContext);
    }

    public static HSSSignature h(HSSPrivateKeyParameters hSSPrivateKeyParameters, byte[] bArr) {
        int i;
        LMSPrivateKeyParameters lMSPrivateKeyParameters;
        g[] gVarArr;
        int l = hSSPrivateKeyParameters.getL();
        synchronized (hSSPrivateKeyParameters) {
            i(hSSPrivateKeyParameters);
            List<LMSPrivateKeyParameters> b = hSSPrivateKeyParameters.b();
            List<f> c = hSSPrivateKeyParameters.c();
            i = l - 1;
            lMSPrivateKeyParameters = hSSPrivateKeyParameters.b().get(i);
            gVarArr = new g[i];
            int i2 = 0;
            while (i2 < i) {
                int i3 = i2 + 1;
                gVarArr[i2] = new g(c.get(i2), b.get(i3).getPublicKey());
                i2 = i3;
            }
            hSSPrivateKeyParameters.d();
        }
        LMSContext generateLMSContext = lMSPrivateKeyParameters.generateLMSContext();
        generateLMSContext.g(gVarArr);
        generateLMSContext.update(bArr, 0, bArr.length);
        return new HSSSignature(i, generateLMSContext.f(), f(generateLMSContext));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void i(HSSPrivateKeyParameters hSSPrivateKeyParameters) {
        synchronized (hSSPrivateKeyParameters) {
            if (hSSPrivateKeyParameters.getIndex() >= hSSPrivateKeyParameters.a()) {
                StringBuilder sb = new StringBuilder();
                sb.append("hss private key");
                sb.append(hSSPrivateKeyParameters.e() ? " shard" : "");
                sb.append(" is exhausted");
                throw new ExhaustedPrivateKeyException(sb.toString());
            }
            int l = hSSPrivateKeyParameters.getL();
            List<LMSPrivateKeyParameters> b = hSSPrivateKeyParameters.b();
            int i = l;
            while (true) {
                int i2 = i - 1;
                if (b.get(i2).getIndex() != (1 << b.get(i2).getSigParameters().getH())) {
                    while (i < l) {
                        hSSPrivateKeyParameters.g(i);
                        i++;
                    }
                } else {
                    if (i2 == 0) {
                        StringBuilder sb2 = new StringBuilder();
                        sb2.append("hss private key");
                        sb2.append(hSSPrivateKeyParameters.e() ? " shard" : "");
                        sb2.append(" is exhausted the maximum limit for this HSS private key");
                        throw new ExhaustedPrivateKeyException(sb2.toString());
                    }
                    i = i2;
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void j(short s, Digest digest) {
        digest.update((byte) (s >>> 8));
        digest.update((byte) s);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void k(int i, Digest digest) {
        digest.update((byte) (i >>> 24));
        digest.update((byte) (i >>> 16));
        digest.update((byte) (i >>> 8));
        digest.update((byte) i);
    }

    public static boolean l(HSSPublicKeyParameters hSSPublicKeyParameters, HSSSignature hSSSignature, byte[] bArr) {
        int i = hSSSignature.getlMinus1();
        int i2 = i + 1;
        if (i2 != hSSPublicKeyParameters.getL()) {
            return false;
        }
        f[] fVarArr = new f[i2];
        LMSPublicKeyParameters[] lMSPublicKeyParametersArr = new LMSPublicKeyParameters[i];
        for (int i3 = 0; i3 < i; i3++) {
            fVarArr[i3] = hSSSignature.getSignedPubKey()[i3].b();
            lMSPublicKeyParametersArr[i3] = hSSSignature.getSignedPubKey()[i3].a();
        }
        fVarArr[i] = hSSSignature.getSignature();
        LMSPublicKeyParameters lMSPublicKey = hSSPublicKeyParameters.getLMSPublicKey();
        for (int i4 = 0; i4 < i; i4++) {
            if (!n(lMSPublicKey, fVarArr[i4], lMSPublicKeyParametersArr[i4].toByteArray())) {
                return false;
            }
            try {
                lMSPublicKey = lMSPublicKeyParametersArr[i4];
            } catch (Exception e) {
                throw new IllegalStateException(e.getMessage(), e);
            }
        }
        return n(lMSPublicKey, fVarArr[i], bArr);
    }

    public static boolean m(LMSPublicKeyParameters lMSPublicKeyParameters, LMSContext lMSContext) {
        f fVar = (f) lMSContext.getSignature();
        LMSigParameters c = fVar.c();
        int h = c.getH();
        byte[][] e = fVar.e();
        d publicKey = lMSContext.getPublicKey();
        LMOtsParameters c2 = publicKey.c();
        Object signature = lMSContext.getSignature();
        e b = signature instanceof f ? ((f) signature).b() : (e) signature;
        int n = c2.getN();
        int w = c2.getW();
        int p = c2.getP();
        byte[] d = lMSContext.d();
        int c3 = c(d, n, c2);
        d[n] = (byte) ((c3 >>> 8) & 255);
        d[n + 1] = (byte) c3;
        byte[] b2 = publicKey.b();
        int d2 = publicKey.d();
        Digest a2 = org.bouncycastle.pqc.crypto.lms.a.a(c2.getDigestOID());
        a(b2, a2);
        k(d2, a2);
        a2.update((byte) 16777088);
        a2.update((byte) (-32640));
        Composer u32str = Composer.compose().bytes(b2).u32str(d2);
        int i = n + 23;
        byte[] build = u32str.padUntil(0, i).build();
        int i2 = (1 << w) - 1;
        byte[] d3 = b.d();
        Digest a3 = org.bouncycastle.pqc.crypto.lms.a.a(c2.getDigestOID());
        int i3 = 0;
        while (i3 < p) {
            int i4 = p;
            Pack.shortToBigEndian((short) i3, build, 20);
            int i5 = 23;
            System.arraycopy(d3, i3 * n, build, 23, n);
            for (int d4 = d(d, i3, w); d4 < i2; d4++) {
                build[22] = (byte) d4;
                a3.update(build, 0, i);
                i5 = 23;
                a3.doFinal(build, 23);
            }
            a2.update(build, i5, n);
            i3++;
            p = i4;
        }
        byte[] bArr = new byte[n];
        a2.doFinal(bArr, 0);
        int d5 = (1 << h) + fVar.d();
        byte[] i6 = lMSPublicKeyParameters.getI();
        Digest a4 = org.bouncycastle.pqc.crypto.lms.a.a(c.getDigestOID());
        int digestSize = a4.getDigestSize();
        byte[] bArr2 = new byte[digestSize];
        a4.update(i6, 0, i6.length);
        k(d5, a4);
        a4.update((byte) 16777090);
        a4.update((byte) (-32126));
        a4.update(bArr, 0, n);
        a4.doFinal(bArr2, 0);
        int i7 = 0;
        while (d5 > 1) {
            if ((d5 & 1) == 1) {
                a4.update(i6, 0, i6.length);
                k(d5 / 2, a4);
                a4.update((byte) 16777091);
                a4.update((byte) (-31869));
                a4.update(e[i7], 0, e[i7].length);
                a4.update(bArr2, 0, digestSize);
            } else {
                a4.update(i6, 0, i6.length);
                k(d5 / 2, a4);
                a4.update((byte) 16777091);
                a4.update((byte) (-31869));
                a4.update(bArr2, 0, digestSize);
                a4.update(e[i7], 0, e[i7].length);
            }
            a4.doFinal(bArr2, 0);
            d5 /= 2;
            i7++;
        }
        return lMSPublicKeyParameters.b(bArr2);
    }

    public static boolean n(LMSPublicKeyParameters lMSPublicKeyParameters, f fVar, byte[] bArr) {
        LMSContext a2 = lMSPublicKeyParameters.a(fVar);
        a2.update(bArr, 0, bArr.length);
        return m(lMSPublicKeyParameters, a2);
    }
}
