package org.bouncycastle.pqc.crypto.lms;

import org.bouncycastle.asn1.cmc.Utils;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.Pack;
import org.spongycastle.pqc.asn1.GMSSPrivateKey$$ExternalSyntheticOutline0;

/* loaded from: classes2.dex */
public final class LMS {
    public static LMSPrivateKeyParameters generateKeys(LMSigParameters lMSigParameters, LMOtsParameters lMOtsParameters, int i, byte[] bArr, byte[] bArr2) throws IllegalArgumentException {
        if (bArr2 != null && bArr2.length >= lMSigParameters.getM()) {
            return new LMSPrivateKeyParameters(lMSigParameters, lMOtsParameters, i, bArr, 1 << lMSigParameters.getH(), bArr2);
        }
        StringBuilder m = GMSSPrivateKey$$ExternalSyntheticOutline0.m("root seed is less than ");
        m.append(lMSigParameters.getM());
        throw new IllegalArgumentException(m.toString());
    }

    public static LMSSignature generateSign(LMSContext lMSContext) {
        LMOtsPrivateKey lMOtsPrivateKey = lMSContext.key;
        byte[] bArr = new byte[34];
        lMSContext.digest.doFinal(bArr, 0);
        lMSContext.digest = null;
        byte[] bArr2 = lMSContext.C;
        LMOtsParameters lMOtsParameters = lMOtsPrivateKey.parameter;
        int n = lMOtsParameters.getN();
        int p = lMOtsParameters.getP();
        int w = lMOtsParameters.getW();
        byte[] bArr3 = new byte[p * n];
        Digest digest = DigestUtil.getDigest(lMOtsParameters.getDigestOID());
        SeedDerive derivationFunction = lMOtsPrivateKey.getDerivationFunction();
        int cksm = Utils.cksm(bArr, n, lMOtsParameters);
        bArr[n] = (byte) ((cksm >>> 8) & 255);
        bArr[n + 1] = (byte) cksm;
        int i = n + 23;
        byte[] build = Composer.compose().bytes(lMOtsPrivateKey.I).u32str(lMOtsPrivateKey.q).padUntil(0, i).build();
        derivationFunction.j = 0;
        int i2 = 0;
        while (i2 < p) {
            Pack.shortToBigEndian((short) i2, build, 20);
            derivationFunction.deriveSeed(build, i2 < p + (-1), 23);
            int coef = Utils.coef(bArr, i2, w);
            int i3 = 0;
            while (i3 < coef) {
                build[22] = (byte) i3;
                digest.update(build, 0, i);
                digest.doFinal(build, 23);
                i3++;
                bArr = bArr;
            }
            System.arraycopy(build, 23, bArr3, n * i2, n);
            i2++;
            bArr = bArr;
        }
        return new LMSSignature(lMSContext.key.q, new LMOtsSignature(lMOtsParameters, bArr2, bArr3), lMSContext.sigParams, lMSContext.path);
    }

    public static LMSSignature generateSign(LMSPrivateKeyParameters lMSPrivateKeyParameters, byte[] bArr) {
        LMSContext generateLMSContext = lMSPrivateKeyParameters.generateLMSContext();
        generateLMSContext.update(bArr, 0, bArr.length);
        return generateSign(generateLMSContext);
    }

    public static boolean verifySignature(LMSPublicKeyParameters lMSPublicKeyParameters, LMSContext lMSContext) {
        LMSSignature lMSSignature = (LMSSignature) lMSContext.getSignature();
        LMSigParameters lMSigParameters = lMSSignature.parameter;
        int h = lMSigParameters.getH();
        byte[][] bArr = lMSSignature.y;
        LMOtsPublicKey publicKey = lMSContext.getPublicKey();
        LMOtsParameters lMOtsParameters = publicKey.parameter;
        Object signature = lMSContext.getSignature();
        LMOtsSignature lMOtsSignature = signature instanceof LMSSignature ? ((LMSSignature) signature).otsSignature : (LMOtsSignature) signature;
        int n = lMOtsParameters.getN();
        int w = lMOtsParameters.getW();
        int p = lMOtsParameters.getP();
        byte[] bArr2 = new byte[34];
        lMSContext.digest.doFinal(bArr2, 0);
        lMSContext.digest = null;
        int cksm = Utils.cksm(bArr2, n, lMOtsParameters);
        bArr2[n] = (byte) ((cksm >>> 8) & 255);
        bArr2[n + 1] = (byte) cksm;
        byte[] bArr3 = publicKey.I;
        int i = publicKey.q;
        Digest digest = DigestUtil.getDigest(lMOtsParameters.getDigestOID());
        org.bouncycastle.asn1.est.Utils.byteArray(bArr3, digest);
        org.bouncycastle.asn1.est.Utils.u32str(i, digest);
        org.bouncycastle.asn1.est.Utils.u16str((short) -32640, digest);
        Composer u32str = Composer.compose().bytes(bArr3).u32str(i);
        int i2 = n + 23;
        byte[] build = u32str.padUntil(0, i2).build();
        int i3 = (1 << w) - 1;
        byte[] bArr4 = lMOtsSignature.y;
        Digest digest2 = DigestUtil.getDigest(lMOtsParameters.getDigestOID());
        int i4 = 0;
        while (i4 < p) {
            int i5 = p;
            Pack.shortToBigEndian((short) i4, build, 20);
            int i6 = 23;
            System.arraycopy(bArr4, i4 * n, build, 23, n);
            for (int coef = Utils.coef(bArr2, i4, w); coef < i3; coef++) {
                build[22] = (byte) coef;
                digest2.update(build, 0, i2);
                i6 = 23;
                digest2.doFinal(build, 23);
            }
            digest.update(build, i6, n);
            i4++;
            p = i5;
        }
        byte[] bArr5 = new byte[n];
        digest.doFinal(bArr5, 0);
        int i7 = (1 << h) + lMSSignature.q;
        byte[] i8 = lMSPublicKeyParameters.getI();
        Digest digest3 = DigestUtil.getDigest(lMSigParameters.getDigestOID());
        int digestSize = digest3.getDigestSize();
        byte[] bArr6 = new byte[digestSize];
        digest3.update(i8, 0, i8.length);
        org.bouncycastle.asn1.est.Utils.u32str(i7, digest3);
        org.bouncycastle.asn1.est.Utils.u16str((short) -32126, digest3);
        digest3.update(bArr5, 0, n);
        digest3.doFinal(bArr6, 0);
        int i9 = 0;
        while (i7 > 1) {
            if ((i7 & 1) == 1) {
                digest3.update(i8, 0, i8.length);
                org.bouncycastle.asn1.est.Utils.u32str(i7 / 2, digest3);
                org.bouncycastle.asn1.est.Utils.u16str((short) -31869, digest3);
                digest3.update(bArr[i9], 0, bArr[i9].length);
                digest3.update(bArr6, 0, digestSize);
            } else {
                digest3.update(i8, 0, i8.length);
                org.bouncycastle.asn1.est.Utils.u32str(i7 / 2, digest3);
                org.bouncycastle.asn1.est.Utils.u16str((short) -31869, digest3);
                digest3.update(bArr6, 0, digestSize);
                digest3.update(bArr[i9], 0, bArr[i9].length);
            }
            digest3.doFinal(bArr6, 0);
            i7 /= 2;
            i9++;
        }
        return Arrays.constantTimeAreEqual(lMSPublicKeyParameters.T1, bArr6);
    }

    public static boolean verifySignature(LMSPublicKeyParameters lMSPublicKeyParameters, LMSSignature lMSSignature, byte[] bArr) {
        LMSContext generateOtsContext = lMSPublicKeyParameters.generateOtsContext(lMSSignature);
        generateOtsContext.update(bArr, 0, bArr.length);
        return verifySignature(lMSPublicKeyParameters, generateOtsContext);
    }
}
