package com.google.crypto.tink.signature.internal;

import com.google.crypto.tink.PublicKeyVerify;
import com.google.crypto.tink.config.internal.TinkFipsUtil;
import com.google.crypto.tink.internal.ConscryptUtil;
import com.google.crypto.tink.internal.Util;
import com.google.crypto.tink.signature.Ed25519Parameters;
import com.google.crypto.tink.signature.Ed25519PublicKey;
import com.google.crypto.tink.subtle.Bytes;
import com.google.errorprone.annotations.Immutable;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.X509EncodedKeySpec;

@Immutable
/* loaded from: classes5.dex */
public final class Ed25519VerifyJce implements PublicKeyVerify {

    /* renamed from: e, reason: collision with root package name */
    public static final byte[] f23637e = {48, 42, 48, 5, 6, 3, 43, 101, 112, 3, 33, 0};

    /* renamed from: a, reason: collision with root package name */
    public final PublicKey f23638a;

    /* renamed from: b, reason: collision with root package name */
    public final byte[] f23639b;

    /* renamed from: c, reason: collision with root package name */
    public final byte[] f23640c;

    /* renamed from: d, reason: collision with root package name */
    public final Provider f23641d;

    public Ed25519VerifyJce(byte[] bArr, byte[] bArr2, byte[] bArr3, Provider provider) {
        if (!TinkFipsUtil.AlgorithmFipsCompatibility.f22222b.a()) {
            throw new GeneralSecurityException("Can not use Ed25519 in FIPS-mode.");
        }
        if (bArr.length != 32) {
            throw new IllegalArgumentException("Given public key's length is not 32.");
        }
        this.f23638a = KeyFactory.getInstance("Ed25519", provider).generatePublic(new X509EncodedKeySpec(Bytes.a(f23637e, bArr)));
        this.f23639b = bArr2;
        this.f23640c = bArr3;
        this.f23641d = provider;
    }

    public static Ed25519VerifyJce b(Ed25519PublicKey ed25519PublicKey) {
        Provider a9 = ConscryptUtil.a();
        if (a9 == null) {
            throw new NoSuchProviderException("Ed25519VerifyJce requires the Conscrypt provider.");
        }
        if (TinkFipsUtil.AlgorithmFipsCompatibility.f22222b.a()) {
            return new Ed25519VerifyJce(ed25519PublicKey.f23482b.b(), ed25519PublicKey.f23483c.b(), ed25519PublicKey.f23481a.f23467a.equals(Ed25519Parameters.Variant.f23470d) ? new byte[]{0} : new byte[0], a9);
        }
        throw new GeneralSecurityException("Can not use Ed25519 in FIPS-mode.");
    }

    @Override // com.google.crypto.tink.PublicKeyVerify
    public final void a(byte[] bArr, byte[] bArr2) {
        boolean z8;
        int length = bArr.length;
        byte[] bArr3 = this.f23639b;
        if (length != bArr3.length + 64) {
            throw new GeneralSecurityException("Invalid signature length: 64");
        }
        if (!Util.b(bArr3, bArr)) {
            throw new GeneralSecurityException("Invalid signature (output prefix mismatch)");
        }
        Signature signature = Signature.getInstance("Ed25519", this.f23641d);
        signature.initVerify(this.f23638a);
        signature.update(bArr2);
        signature.update(this.f23640c);
        try {
            z8 = signature.verify(bArr, bArr3.length, 64);
        } catch (RuntimeException unused) {
            z8 = false;
        }
        if (!z8) {
            throw new GeneralSecurityException("Signature check failed.");
        }
    }
}
