package org.bouncycastle.pqc.crypto.xmss;

import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.pqc.crypto.StateAwareMessageSigner;
import org.bouncycastle.pqc.crypto.xmss.OTSHashAddress;
import org.bouncycastle.pqc.crypto.xmss.XMSSMTSignature;
import org.bouncycastle.pqc.crypto.xmss.XMSSReducedSignature;
import org.bouncycastle.util.Arrays;

/* loaded from: classes4.dex */
public class XMSSMTSigner implements StateAwareMessageSigner {
    public boolean initSign;
    public XMSSMTParameters params;
    public XMSSMTPrivateKeyParameters privateKey;
    public XMSSMTPublicKeyParameters publicKey;
    public WOTSPlus wotsPlus;
    public XMSSParameters xmssParams;

    public final byte[] generateSignature(byte[] bArr) {
        byte[] byteArray;
        long j;
        boolean z;
        if (!this.initSign) {
            throw new IllegalStateException("signer not initialized for signature generation");
        }
        XMSSMTPrivateKeyParameters xMSSMTPrivateKeyParameters = this.privateKey;
        if (xMSSMTPrivateKeyParameters == null) {
            throw new IllegalStateException("signing key no longer usable");
        }
        synchronized (xMSSMTPrivateKeyParameters) {
            if (this.privateKey.getUsagesRemaining() <= 0) {
                throw new IllegalStateException("no usages of private key remaining");
            }
            if (this.privateKey.bdsState.isEmpty()) {
                throw new IllegalStateException("not initialized");
            }
            try {
                BDSStateMap bDSStateMap = this.privateKey.bdsState;
                long j2 = this.privateKey.index;
                this.params.getClass();
                int i = this.xmssParams.height;
                if (this.privateKey.getUsagesRemaining() <= 0) {
                    throw new IllegalStateException("index out of bounds");
                }
                byte[] PRF = this.wotsPlus.khf.PRF(XMSSUtil.cloneArray(this.privateKey.secretKeyPRF), XMSSUtil.toBytesBigEndian(32, j2));
                byte[] HMsg = this.wotsPlus.khf.HMsg(Arrays.concatenate(PRF, XMSSUtil.cloneArray(this.privateKey.root), XMSSUtil.toBytesBigEndian(this.params.xmssParams.treeDigestSize, j2)), bArr);
                XMSSMTSignature.Builder builder = new XMSSMTSignature.Builder(this.params);
                builder.index = j2;
                builder.random = XMSSUtil.cloneArray(PRF);
                XMSSMTSignature xMSSMTSignature = new XMSSMTSignature(builder);
                long j3 = j2 >> i;
                int leafIndex = XMSSUtil.getLeafIndex(i, j2);
                this.wotsPlus.importKeys(new byte[this.params.xmssParams.treeDigestSize], this.privateKey.getPublicSeed());
                OTSHashAddress.Builder withTreeAddress = new OTSHashAddress.Builder().withTreeAddress(j3);
                withTreeAddress.otsAddress = leafIndex;
                OTSHashAddress oTSHashAddress = new OTSHashAddress(withTreeAddress);
                boolean z2 = false;
                if (bDSStateMap.get(0) == null || leafIndex == 0) {
                    bDSStateMap.put(0, new BDS(this.xmssParams, this.privateKey.getPublicSeed(), XMSSUtil.cloneArray(this.privateKey.secretKeySeed), oTSHashAddress));
                }
                WOTSPlusSignature wotsSign = wotsSign(HMsg, oTSHashAddress);
                XMSSReducedSignature.Builder builder2 = new XMSSReducedSignature.Builder(this.xmssParams);
                builder2.wotsPlusSignature = wotsSign;
                builder2.authPath = bDSStateMap.get(0).getAuthenticationPath();
                xMSSMTSignature.reducedSignatures.add(new XMSSReducedSignature(builder2));
                int i2 = 1;
                int i3 = 1;
                while (i3 < this.params.layers) {
                    XMSSNode root = bDSStateMap.get(i3 - 1).getRoot();
                    int leafIndex2 = XMSSUtil.getLeafIndex(i, j3);
                    long j4 = j3 >> i;
                    OTSHashAddress.Builder withTreeAddress2 = new OTSHashAddress.Builder().withLayerAddress(i3).withTreeAddress(j4);
                    withTreeAddress2.otsAddress = leafIndex2;
                    OTSHashAddress oTSHashAddress2 = new OTSHashAddress(withTreeAddress2);
                    WOTSPlusSignature wotsSign2 = wotsSign(root.getValue(), oTSHashAddress2);
                    if (bDSStateMap.get(i3) != null) {
                        if (j2 == 0) {
                            j = j4;
                            z = z2;
                        } else {
                            j = j4;
                            z = j2 % ((long) Math.pow((double) (i2 << i), (double) (i3 + 1))) == 0 ? true : z2;
                        }
                        if (!z) {
                            XMSSReducedSignature.Builder builder3 = new XMSSReducedSignature.Builder(this.xmssParams);
                            builder3.wotsPlusSignature = wotsSign2;
                            builder3.authPath = bDSStateMap.get(i3).getAuthenticationPath();
                            xMSSMTSignature.reducedSignatures.add(new XMSSReducedSignature(builder3));
                            i3++;
                            j3 = j;
                            i2 = 1;
                            z2 = false;
                        }
                    } else {
                        j = j4;
                    }
                    bDSStateMap.put(i3, new BDS(this.xmssParams, this.privateKey.getPublicSeed(), XMSSUtil.cloneArray(this.privateKey.secretKeySeed), oTSHashAddress2));
                    XMSSReducedSignature.Builder builder32 = new XMSSReducedSignature.Builder(this.xmssParams);
                    builder32.wotsPlusSignature = wotsSign2;
                    builder32.authPath = bDSStateMap.get(i3).getAuthenticationPath();
                    xMSSMTSignature.reducedSignatures.add(new XMSSReducedSignature(builder32));
                    i3++;
                    j3 = j;
                    i2 = 1;
                    z2 = false;
                }
                byteArray = xMSSMTSignature.toByteArray();
                this.privateKey.rollKey();
            } catch (Throwable th) {
                this.privateKey.rollKey();
                throw th;
            }
        }
        return byteArray;
    }

    public final void init(boolean z, CipherParameters cipherParameters) {
        XMSSMTParameters xMSSMTParameters;
        if (z) {
            this.initSign = true;
            XMSSMTPrivateKeyParameters xMSSMTPrivateKeyParameters = (XMSSMTPrivateKeyParameters) cipherParameters;
            this.privateKey = xMSSMTPrivateKeyParameters;
            xMSSMTParameters = xMSSMTPrivateKeyParameters.params;
        } else {
            this.initSign = false;
            XMSSMTPublicKeyParameters xMSSMTPublicKeyParameters = (XMSSMTPublicKeyParameters) cipherParameters;
            this.publicKey = xMSSMTPublicKeyParameters;
            xMSSMTParameters = xMSSMTPublicKeyParameters.params;
        }
        this.params = xMSSMTParameters;
        this.xmssParams = xMSSMTParameters.xmssParams;
        this.wotsPlus = this.params.xmssParams.getWOTSPlus();
    }

    public final boolean verifySignature(byte[] bArr, byte[] bArr2) {
        if (bArr2 == null) {
            throw new NullPointerException("signature == null");
        }
        if (this.publicKey == null) {
            throw new NullPointerException("publicKey == null");
        }
        XMSSMTSignature.Builder builder = new XMSSMTSignature.Builder(this.params);
        builder.signature = Arrays.clone(bArr2);
        XMSSMTSignature xMSSMTSignature = new XMSSMTSignature(builder);
        byte[] HMsg = this.wotsPlus.khf.HMsg(Arrays.concatenate(XMSSUtil.cloneArray(xMSSMTSignature.random), XMSSUtil.cloneArray(this.publicKey.root), XMSSUtil.toBytesBigEndian(this.params.xmssParams.treeDigestSize, xMSSMTSignature.index)), bArr);
        long j = xMSSMTSignature.index;
        int i = this.xmssParams.height;
        long j2 = j >> i;
        int leafIndex = XMSSUtil.getLeafIndex(i, j);
        this.wotsPlus.importKeys(new byte[this.params.xmssParams.treeDigestSize], XMSSUtil.cloneArray(this.publicKey.publicSeed));
        OTSHashAddress.Builder withTreeAddress = new OTSHashAddress.Builder().withTreeAddress(j2);
        withTreeAddress.otsAddress = leafIndex;
        OTSHashAddress oTSHashAddress = new OTSHashAddress(withTreeAddress);
        XMSSNode rootNodeFromSignature = XMSSVerifierUtil.getRootNodeFromSignature(this.wotsPlus, i, HMsg, (XMSSReducedSignature) xMSSMTSignature.reducedSignatures.get(0), oTSHashAddress, leafIndex);
        int i2 = 1;
        while (i2 < this.params.layers) {
            XMSSReducedSignature xMSSReducedSignature = (XMSSReducedSignature) xMSSMTSignature.reducedSignatures.get(i2);
            int leafIndex2 = XMSSUtil.getLeafIndex(i, j2);
            long j3 = j2 >> i;
            OTSHashAddress.Builder withTreeAddress2 = new OTSHashAddress.Builder().withLayerAddress(i2).withTreeAddress(j3);
            withTreeAddress2.otsAddress = leafIndex2;
            rootNodeFromSignature = XMSSVerifierUtil.getRootNodeFromSignature(this.wotsPlus, i, rootNodeFromSignature.getValue(), xMSSReducedSignature, new OTSHashAddress(withTreeAddress2), leafIndex2);
            i2++;
            j2 = j3;
        }
        return Arrays.constantTimeAreEqual(rootNodeFromSignature.getValue(), XMSSUtil.cloneArray(this.publicKey.root));
    }

    public final WOTSPlusSignature wotsSign(byte[] bArr, OTSHashAddress oTSHashAddress) {
        if (bArr.length != this.params.xmssParams.treeDigestSize) {
            throw new IllegalArgumentException("size of messageDigest needs to be equal to size of digest");
        }
        WOTSPlus wOTSPlus = this.wotsPlus;
        wOTSPlus.importKeys(wOTSPlus.getWOTSPlusSecretKey(XMSSUtil.cloneArray(this.privateKey.secretKeySeed), oTSHashAddress), this.privateKey.getPublicSeed());
        return this.wotsPlus.sign(bArr, oTSHashAddress);
    }
}
