package org.bouncycastle.pqc.crypto.xmss;

import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.pqc.crypto.StateAwareMessageSigner;
import org.bouncycastle.pqc.crypto.xmss.OTSHashAddress;
import org.bouncycastle.pqc.crypto.xmss.XMSSMTSignature;
import org.bouncycastle.pqc.crypto.xmss.XMSSReducedSignature;
import org.bouncycastle.util.Arrays;

/* loaded from: input_file:org/bouncycastle/pqc/crypto/xmss/XMSSMTSigner.class */
public class XMSSMTSigner implements StateAwareMessageSigner {

    /* renamed from: a, reason: collision with root package name */
    private XMSSMTPrivateKeyParameters f5983a;
    private XMSSMTPrivateKeyParameters b;
    private XMSSMTPublicKeyParameters c;
    private XMSSMTParameters d;
    private XMSSParameters e;
    private WOTSPlus f;
    private boolean g;
    private boolean h;

    @Override // org.bouncycastle.pqc.crypto.MessageSigner
    public void init(boolean z, CipherParameters cipherParameters) {
        if (z) {
            this.h = true;
            this.g = false;
            this.f5983a = (XMSSMTPrivateKeyParameters) cipherParameters;
            this.b = this.f5983a;
            this.d = this.f5983a.getParameters();
            this.e = this.d.getXMSSParameters();
        } else {
            this.h = false;
            this.c = (XMSSMTPublicKeyParameters) cipherParameters;
            this.d = this.c.getParameters();
            this.e = this.d.getXMSSParameters();
        }
        this.f = new WOTSPlus(new WOTSPlusParameters(this.d.getDigest()));
    }

    @Override // org.bouncycastle.pqc.crypto.MessageSigner
    public byte[] generateSignature(byte[] bArr) {
        if (bArr == null) {
            throw new NullPointerException("message == null");
        }
        if (!this.h) {
            throw new IllegalStateException("signer not initialized for signature generation");
        }
        if (this.f5983a == null) {
            throw new IllegalStateException("signing key no longer usable");
        }
        if (this.f5983a.getBDSState().isEmpty()) {
            throw new IllegalStateException("not initialized");
        }
        BDSStateMap bDSState = this.f5983a.getBDSState();
        long index = this.f5983a.getIndex();
        int height = this.d.getHeight();
        int height2 = this.e.getHeight();
        if (!XMSSUtil.isIndexValid(height, index)) {
            throw new IllegalStateException("index out of bounds");
        }
        byte[] b = this.f.getKhf().b(this.f5983a.getSecretKeyPRF(), XMSSUtil.toBytesBigEndian(index, 32));
        byte[] a2 = this.f.getKhf().a(Arrays.concatenate(b, this.f5983a.getRoot(), XMSSUtil.toBytesBigEndian(index, this.d.getDigestSize())), bArr);
        XMSSMTSignature build = new XMSSMTSignature.Builder(this.d).withIndex(index).withRandom(b).build();
        long treeIndex = XMSSUtil.getTreeIndex(index, height2);
        int leafIndex = XMSSUtil.getLeafIndex(index, height2);
        this.f.a(new byte[this.d.getDigestSize()], this.f5983a.getPublicSeed());
        OTSHashAddress oTSHashAddress = (OTSHashAddress) new OTSHashAddress.Builder().withTreeAddress(treeIndex).withOTSAddress(leafIndex).build();
        if (bDSState.get(0) == null || leafIndex == 0) {
            bDSState.a(0, new BDS(this.e, this.f5983a.getPublicSeed(), this.f5983a.getSecretKeySeed(), oTSHashAddress));
        }
        build.getReducedSignatures().add(new XMSSReducedSignature.Builder(this.e).withWOTSPlusSignature(a(a2, oTSHashAddress)).withAuthPath(bDSState.get(0).getAuthenticationPath()).build());
        for (int i = 1; i < this.d.getLayers(); i++) {
            XMSSNode root = bDSState.get(i - 1).getRoot();
            int leafIndex2 = XMSSUtil.getLeafIndex(treeIndex, height2);
            treeIndex = XMSSUtil.getTreeIndex(treeIndex, height2);
            OTSHashAddress oTSHashAddress2 = (OTSHashAddress) new OTSHashAddress.Builder().withLayerAddress(i).withTreeAddress(treeIndex).withOTSAddress(leafIndex2).build();
            WOTSPlusSignature a3 = a(root.getValue(), oTSHashAddress2);
            if (bDSState.get(i) == null || XMSSUtil.isNewBDSInitNeeded(index, height2, i)) {
                bDSState.a(i, new BDS(this.e, this.f5983a.getPublicSeed(), this.f5983a.getSecretKeySeed(), oTSHashAddress2));
            }
            build.getReducedSignatures().add(new XMSSReducedSignature.Builder(this.e).withWOTSPlusSignature(a3).withAuthPath(bDSState.get(i).getAuthenticationPath()).build());
        }
        this.g = true;
        if (this.b != null) {
            this.f5983a = this.b.getNextKey();
            this.b = this.f5983a;
        } else {
            this.f5983a = null;
        }
        return build.toByteArray();
    }

    @Override // org.bouncycastle.pqc.crypto.MessageSigner
    public boolean verifySignature(byte[] bArr, byte[] bArr2) {
        if (bArr == null) {
            throw new NullPointerException("message == null");
        }
        if (bArr2 == null) {
            throw new NullPointerException("signature == null");
        }
        if (this.c == null) {
            throw new NullPointerException("publicKey == null");
        }
        XMSSMTSignature build = new XMSSMTSignature.Builder(this.d).withSignature(bArr2).build();
        byte[] a2 = this.f.getKhf().a(Arrays.concatenate(build.getRandom(), this.c.getRoot(), XMSSUtil.toBytesBigEndian(build.getIndex(), this.d.getDigestSize())), bArr);
        long index = build.getIndex();
        int height = this.e.getHeight();
        long treeIndex = XMSSUtil.getTreeIndex(index, height);
        int leafIndex = XMSSUtil.getLeafIndex(index, height);
        this.f.a(new byte[this.d.getDigestSize()], this.c.getPublicSeed());
        XMSSNode a3 = XMSSVerifierUtil.a(this.f, height, a2, build.getReducedSignatures().get(0), (OTSHashAddress) new OTSHashAddress.Builder().withTreeAddress(treeIndex).withOTSAddress(leafIndex).build(), leafIndex);
        for (int i = 1; i < this.d.getLayers(); i++) {
            XMSSReducedSignature xMSSReducedSignature = build.getReducedSignatures().get(i);
            int leafIndex2 = XMSSUtil.getLeafIndex(treeIndex, height);
            treeIndex = XMSSUtil.getTreeIndex(treeIndex, height);
            a3 = XMSSVerifierUtil.a(this.f, height, a3.getValue(), xMSSReducedSignature, (OTSHashAddress) new OTSHashAddress.Builder().withLayerAddress(i).withTreeAddress(treeIndex).withOTSAddress(leafIndex2).build(), leafIndex2);
        }
        return Arrays.constantTimeAreEqual(a3.getValue(), this.c.getRoot());
    }

    private WOTSPlusSignature a(byte[] bArr, OTSHashAddress oTSHashAddress) {
        if (bArr.length != this.d.getDigestSize()) {
            throw new IllegalArgumentException("size of messageDigest needs to be equal to size of digest");
        }
        if (oTSHashAddress == null) {
            throw new NullPointerException("otsHashAddress == null");
        }
        this.f.a(this.f.b(this.f5983a.getSecretKeySeed(), oTSHashAddress), this.f5983a.getPublicSeed());
        return this.f.a(bArr, oTSHashAddress);
    }

    public long getUsagesRemaining() {
        return this.f5983a.getUsagesRemaining();
    }

    @Override // org.bouncycastle.pqc.crypto.StateAwareMessageSigner
    public AsymmetricKeyParameter getUpdatedPrivateKey() {
        if (!this.g) {
            XMSSMTPrivateKeyParameters nextKey = this.b.getNextKey();
            this.b = null;
            return nextKey;
        }
        XMSSMTPrivateKeyParameters xMSSMTPrivateKeyParameters = this.f5983a;
        this.f5983a = null;
        this.b = null;
        return xMSSMTPrivateKeyParameters;
    }
}
