package org.bouncycastle.pqc.crypto.lms;

import androidx.appcompat.widget.ActionMenuView$$ExternalSyntheticOutline0;
import org.bouncycastle.crypto.ExtendedDigest;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.Pack;

/* loaded from: classes6.dex */
class LMS {
    public static LMSPrivateKeyParameters generateKeys(LMSigParameters lMSigParameters, LMOtsParameters lMOtsParameters, int i, byte[] bArr, byte[] bArr2) throws IllegalArgumentException {
        if (bArr2 != null && bArr2.length >= lMSigParameters.m) {
            return new LMSPrivateKeyParameters(lMSigParameters, lMOtsParameters, i, bArr, 1 << lMSigParameters.h, bArr2);
        }
        StringBuilder m = ActionMenuView$$ExternalSyntheticOutline0.m("root seed is less than ");
        m.append(lMSigParameters.m);
        throw new IllegalArgumentException(m.toString());
    }

    public static LMSSignature generateSign(LMSContext lMSContext) {
        LMOtsPrivateKey lMOtsPrivateKey = lMSContext.key;
        byte[] bArr = new byte[34];
        lMSContext.digest.doFinal(0, bArr);
        lMSContext.digest = null;
        byte[] bArr2 = lMSContext.C;
        LMOtsParameters lMOtsParameters = lMOtsPrivateKey.parameter;
        int i = lMOtsParameters.n;
        int i2 = lMOtsParameters.p;
        int i3 = lMOtsParameters.w;
        byte[] bArr3 = new byte[i2 * i];
        ExtendedDigest digest = DigestUtil.getDigest(lMOtsParameters.digestOID);
        SeedDerive derivationFunction = lMOtsPrivateKey.getDerivationFunction();
        int cksm = LM_OTS.cksm(bArr, i, lMOtsParameters);
        bArr[i] = (byte) ((cksm >>> 8) & 255);
        bArr[i + 1] = (byte) cksm;
        Composer composer = new Composer();
        composer.bytes(lMOtsPrivateKey.I);
        composer.u32str(lMOtsPrivateKey.q);
        int i4 = i + 23;
        composer.padUntil(i4);
        byte[] build = composer.build();
        derivationFunction.j = 0;
        int i5 = 0;
        while (i5 < i2) {
            Pack.shortToBigEndian(20, (short) i5, build);
            derivationFunction.deriveSeed(23, i5 < i2 + (-1), build);
            int coef = LM_OTS.coef(bArr, i5, i3);
            int i6 = 0;
            while (i6 < coef) {
                build[22] = (byte) i6;
                digest.update(build, 0, i4);
                digest.doFinal(23, build);
                i6++;
                bArr = bArr;
            }
            System.arraycopy(build, 23, bArr3, i * i5, i);
            i5++;
            bArr = bArr;
        }
        return new LMSSignature(lMSContext.key.q, new LMOtsSignature(lMOtsParameters, bArr2, bArr3), lMSContext.sigParams, lMSContext.path);
    }

    public static boolean verifySignature(LMSPublicKeyParameters lMSPublicKeyParameters, LMSContext lMSContext) {
        Object obj = lMSContext.signature;
        LMSSignature lMSSignature = (LMSSignature) obj;
        LMSigParameters lMSigParameters = lMSSignature.parameter;
        int i = lMSigParameters.h;
        byte[][] bArr = lMSSignature.y;
        LMOtsPublicKey lMOtsPublicKey = lMSContext.publicKey;
        LMOtsParameters lMOtsParameters = lMOtsPublicKey.parameter;
        LMOtsSignature lMOtsSignature = obj instanceof LMSSignature ? lMSSignature.otsSignature : (LMOtsSignature) obj;
        int i2 = lMOtsParameters.n;
        int i3 = lMOtsParameters.w;
        int i4 = lMOtsParameters.p;
        byte[] bArr2 = new byte[34];
        int i5 = 0;
        lMSContext.digest.doFinal(0, bArr2);
        lMSContext.digest = null;
        int cksm = LM_OTS.cksm(bArr2, i2, lMOtsParameters);
        bArr2[i2] = (byte) ((cksm >>> 8) & 255);
        bArr2[i2 + 1] = (byte) cksm;
        byte[] bArr3 = lMOtsPublicKey.I;
        int i6 = lMOtsPublicKey.q;
        ExtendedDigest digest = DigestUtil.getDigest(lMOtsParameters.digestOID);
        LmsUtils.byteArray(digest, bArr3);
        LmsUtils.u32str(i6, digest);
        LmsUtils.u16str((short) -32640, digest);
        Composer composer = new Composer();
        composer.bytes(bArr3);
        composer.u32str(i6);
        int i7 = i2 + 23;
        composer.padUntil(i7);
        byte[] build = composer.build();
        int i8 = (1 << i3) - 1;
        byte[] bArr4 = lMOtsSignature.y;
        ExtendedDigest digest2 = DigestUtil.getDigest(lMOtsParameters.digestOID);
        while (i5 < i4) {
            int i9 = i4;
            byte[][] bArr5 = bArr;
            Pack.shortToBigEndian(20, (short) i5, build);
            int i10 = 23;
            System.arraycopy(bArr4, i5 * i2, build, 23, i2);
            for (int coef = LM_OTS.coef(bArr2, i5, i3); coef < i8; coef++) {
                build[22] = (byte) coef;
                digest2.update(build, 0, i7);
                i10 = 23;
                digest2.doFinal(23, build);
            }
            digest.update(build, i10, i2);
            i5++;
            i4 = i9;
            bArr = bArr5;
        }
        byte[][] bArr6 = bArr;
        byte[] bArr7 = new byte[i2];
        digest.doFinal(0, bArr7);
        int i11 = (1 << i) + lMSSignature.q;
        byte[] clone = Arrays.clone(lMSPublicKeyParameters.I);
        ExtendedDigest digest3 = DigestUtil.getDigest(lMSigParameters.digestOid);
        int digestSize = digest3.getDigestSize();
        byte[] bArr8 = new byte[digestSize];
        digest3.update(clone, 0, clone.length);
        LmsUtils.u32str(i11, digest3);
        LmsUtils.u16str((short) -32126, digest3);
        digest3.update(bArr7, 0, i2);
        digest3.doFinal(0, bArr8);
        int i12 = 0;
        while (i11 > 1) {
            if ((i11 & 1) == 1) {
                digest3.update(clone, 0, clone.length);
                LmsUtils.u32str(i11 / 2, digest3);
                LmsUtils.u16str((short) -31869, digest3);
                byte[] bArr9 = bArr6[i12];
                digest3.update(bArr9, 0, bArr9.length);
                digest3.update(bArr8, 0, digestSize);
            } else {
                digest3.update(clone, 0, clone.length);
                LmsUtils.u32str(i11 / 2, digest3);
                LmsUtils.u16str((short) -31869, digest3);
                digest3.update(bArr8, 0, digestSize);
                byte[] bArr10 = bArr6[i12];
                digest3.update(bArr10, 0, bArr10.length);
            }
            digest3.doFinal(0, bArr8);
            i11 /= 2;
            i12++;
        }
        return Arrays.constantTimeAreEqual(lMSPublicKeyParameters.T1, bArr8);
    }

    public static boolean verifySignature(LMSPublicKeyParameters lMSPublicKeyParameters, LMSSignature lMSSignature, byte[] bArr) {
        LMSContext generateOtsContext = lMSPublicKeyParameters.generateOtsContext(lMSSignature);
        generateOtsContext.update(bArr, 0, bArr.length);
        return verifySignature(lMSPublicKeyParameters, generateOtsContext);
    }
}
