package org.bouncycastle.pqc.crypto.lms;

import java.util.Arrays;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.util.Pack;
import yg.C0605;
import yg.C0611;

/* loaded from: classes2.dex */
public class LM_OTS {
    public static final short D_MESG = -32383;
    public static final short D_PBLC = -32640;
    public static final int ITER_J = 22;
    public static final int ITER_K = 20;
    public static final int ITER_PREV = 23;
    public static final int MAX_HASH = 32;
    public static final int SEED_LEN = 32;
    public static final int SEED_RANDOMISER_INDEX = -3;

    public static int cksm(byte[] bArr, int i10, LMOtsParameters lMOtsParameters) {
        int w10 = (1 << lMOtsParameters.getW()) - 1;
        int i11 = 0;
        for (int i12 = 0; i12 < (i10 * 8) / lMOtsParameters.f22970w; i12++) {
            i11 = (i11 + w10) - coef(bArr, i12, lMOtsParameters.f22970w);
        }
        return i11 << lMOtsParameters.ls;
    }

    public static int coef(byte[] bArr, int i10, int i11) {
        return (bArr[(i10 * i11) / 8] >>> (((~i10) & ((8 / i11) - 1)) * i11)) & ((1 << i11) - 1);
    }

    public static LMOtsSignature lm_ots_generate_signature(LMOtsPrivateKey lMOtsPrivateKey, byte[] bArr, byte[] bArr2) {
        LMOtsParameters lMOtsParameters = lMOtsPrivateKey.parameter;
        int i10 = lMOtsParameters.f22968n;
        int i11 = lMOtsParameters.f22969p;
        int i12 = lMOtsParameters.f22970w;
        byte[] bArr3 = new byte[i11 * i10];
        Digest digest = DigestUtil.getDigest(lMOtsParameters.digestOID);
        SeedDerive derivationFunction = lMOtsPrivateKey.getDerivationFunction();
        int cksm = cksm(bArr, i10, lMOtsParameters);
        bArr[i10] = (byte) ((cksm >>> 8) & 255);
        bArr[i10 + 1] = (byte) cksm;
        Composer u32str = Composer.compose().bytes(lMOtsPrivateKey.I).u32str(lMOtsPrivateKey.f22971q);
        int i13 = i10 + 23;
        byte[] build = u32str.padUntil(0, i13).build();
        derivationFunction.f22979j = 0;
        int i14 = 0;
        while (i14 < i11) {
            Pack.shortToBigEndian((short) i14, build, 20);
            int i15 = 23;
            derivationFunction.deriveSeed(build, i14 < i11 + (-1), 23);
            int coef = coef(bArr, i14, i12);
            for (int i16 = 0; i16 < coef; i16++) {
                build[22] = (byte) i16;
                digest.update(build, 0, i13);
                i15 = 23;
                digest.doFinal(build, 23);
            }
            System.arraycopy(build, i15, bArr3, i10 * i14, i10);
            i14++;
        }
        return new LMOtsSignature(lMOtsParameters, bArr2, bArr3);
    }

    public static LMOtsSignature lm_ots_generate_signature(LMSigParameters lMSigParameters, LMOtsPrivateKey lMOtsPrivateKey, byte[][] bArr, byte[] bArr2, boolean z10) {
        byte[] bArr3;
        byte[] bArr4 = new byte[34];
        if (z10) {
            bArr3 = new byte[32];
            System.arraycopy(bArr2, 0, bArr4, 0, lMOtsPrivateKey.parameter.f22968n);
        } else {
            LMSContext signatureContext = lMOtsPrivateKey.getSignatureContext(lMSigParameters, bArr);
            signatureContext.update(bArr2, 0, bArr2.length);
            bArr3 = signatureContext.C;
            bArr4 = signatureContext.getQ();
        }
        return lm_ots_generate_signature(lMOtsPrivateKey, bArr4, bArr3);
    }

    public static boolean lm_ots_validate_signature(LMOtsPublicKey lMOtsPublicKey, LMOtsSignature lMOtsSignature, byte[] bArr, boolean z10) {
        if (!lMOtsSignature.type.equals(lMOtsPublicKey.parameter)) {
            throw new LMSException(C0611.m265("\u001axu\u001d\u0001\u001eDm\u0019n\u0019v9\u001f`O\t\u0007S\\1\f-\u001ae?c&rv&:\u001d\u000b\r\r\u0002\fENM^aU\u007f\u0001@", (short) (C0605.m250() ^ (-13922))));
        }
        Digest digest = DigestUtil.getDigest(lMOtsPublicKey.parameter.digestOID);
        LmsUtils.byteArray(lMOtsPublicKey.I, digest);
        LmsUtils.u32str(lMOtsPublicKey.f22972q, digest);
        LmsUtils.u16str(D_MESG, digest);
        LmsUtils.byteArray(lMOtsSignature.C, digest);
        LMSContext lMSContext = new LMSContext(lMOtsPublicKey, lMOtsSignature, digest);
        LmsUtils.byteArray(bArr, lMSContext);
        return Arrays.equals(lm_ots_validate_signature_calculate(lMSContext), lMOtsPublicKey.K);
    }

    public static byte[] lm_ots_validate_signature_calculate(LMSContext lMSContext) {
        LMOtsPublicKey lMOtsPublicKey = lMSContext.publicKey;
        LMOtsParameters lMOtsParameters = lMOtsPublicKey.parameter;
        Object obj = lMSContext.signature;
        LMOtsSignature lMOtsSignature = obj instanceof LMSSignature ? ((LMSSignature) obj).otsSignature : (LMOtsSignature) obj;
        int i10 = lMOtsParameters.f22968n;
        int i11 = lMOtsParameters.f22970w;
        int i12 = lMOtsParameters.f22969p;
        byte[] q10 = lMSContext.getQ();
        int cksm = cksm(q10, i10, lMOtsParameters);
        q10[i10] = (byte) ((cksm >>> 8) & 255);
        q10[i10 + 1] = (byte) cksm;
        byte[] bArr = lMOtsPublicKey.I;
        int i13 = lMOtsPublicKey.f22972q;
        Digest digest = DigestUtil.getDigest(lMOtsParameters.digestOID);
        LmsUtils.byteArray(bArr, digest);
        LmsUtils.u32str(i13, digest);
        LmsUtils.u16str(D_PBLC, digest);
        int i14 = i10 + 23;
        byte[] build = Composer.compose().bytes(bArr).u32str(i13).padUntil(0, i14).build();
        int i15 = (1 << i11) - 1;
        byte[] bArr2 = lMOtsSignature.f22973y;
        Digest digest2 = DigestUtil.getDigest(lMOtsParameters.digestOID);
        for (int i16 = 0; i16 < i12; i16++) {
            Pack.shortToBigEndian((short) i16, build, 20);
            System.arraycopy(bArr2, i16 * i10, build, 23, i10);
            for (int coef = coef(q10, i16, i11); coef < i15; coef++) {
                build[22] = (byte) coef;
                digest2.update(build, 0, i14);
                digest2.doFinal(build, 23);
            }
            digest.update(build, 23, i10);
        }
        byte[] bArr3 = new byte[i10];
        digest.doFinal(bArr3, 0);
        return bArr3;
    }

    public static LMOtsPublicKey lms_ots_generatePublicKey(LMOtsPrivateKey lMOtsPrivateKey) {
        return new LMOtsPublicKey(lMOtsPrivateKey.parameter, lMOtsPrivateKey.I, lMOtsPrivateKey.f22971q, lms_ots_generatePublicKey(lMOtsPrivateKey.parameter, lMOtsPrivateKey.I, lMOtsPrivateKey.f22971q, lMOtsPrivateKey.masterSecret));
    }

    public static byte[] lms_ots_generatePublicKey(LMOtsParameters lMOtsParameters, byte[] bArr, int i10, byte[] bArr2) {
        Digest digest = DigestUtil.getDigest(lMOtsParameters.getDigestOID());
        Composer u32str = Composer.compose().bytes(bArr).u32str(i10);
        int i11 = (-32640) & 65535;
        u32str.bos.write((byte) (i11 >>> 8));
        u32str.bos.write((byte) i11);
        byte[] build = u32str.padUntil(0, 22).build();
        digest.update(build, 0, build.length);
        Digest digest2 = DigestUtil.getDigest(lMOtsParameters.digestOID);
        byte[] build2 = Composer.compose().bytes(bArr).u32str(i10).padUntil(0, digest2.getDigestSize() + 23).build();
        SeedDerive seedDerive = new SeedDerive(bArr, bArr2, DigestUtil.getDigest(lMOtsParameters.digestOID));
        seedDerive.f22980q = i10;
        seedDerive.f22979j = 0;
        int i12 = lMOtsParameters.f22969p;
        int i13 = lMOtsParameters.f22968n;
        int i14 = (1 << lMOtsParameters.f22970w) - 1;
        int i15 = 0;
        while (i15 < i12) {
            seedDerive.deriveSeed(build2, i15 < i12 + (-1), 23);
            Pack.shortToBigEndian((short) i15, build2, 20);
            for (int i16 = 0; i16 < i14; i16++) {
                build2[22] = (byte) i16;
                digest2.update(build2, 0, build2.length);
                digest2.doFinal(build2, 23);
            }
            digest.update(build2, 23, i13);
            i15++;
        }
        byte[] bArr3 = new byte[digest.getDigestSize()];
        digest.doFinal(bArr3, 0);
        return bArr3;
    }
}
