package org.bouncycastle.pqc.crypto.sphincsplus;

import java.security.SecureRandom;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.pqc.crypto.MessageSigner;
import org.bouncycastle.util.Arrays;

/* loaded from: classes5.dex */
public class SPHINCSPlusSigner implements MessageSigner {
    private SPHINCSPlusPrivateKeyParameters privKey;
    private SPHINCSPlusPublicKeyParameters pubKey;
    private SecureRandom random;

    @Override // org.bouncycastle.pqc.crypto.MessageSigner
    public byte[] generateSignature(byte[] bArr) {
        SPHINCSPlusEngine a2 = this.privKey.getParameters().a();
        a2.c(this.privKey.j.f13637a);
        int i2 = a2.b;
        byte[] bArr2 = new byte[i2];
        SecureRandom secureRandom = this.random;
        int i3 = 0;
        if (secureRandom != null) {
            secureRandom.nextBytes(bArr2);
        } else {
            System.arraycopy(this.privKey.j.f13637a, 0, bArr2, 0, i2);
        }
        Fors fors = new Fors(a2);
        byte[] PRF_msg = a2.PRF_msg(this.privKey.f13653i.b, bArr2, bArr);
        PK pk = this.privKey.j;
        IndexedDigest a3 = a2.a(PRF_msg, pk.f13637a, pk.b, bArr);
        ADRS adrs = new ADRS();
        adrs.setType(3);
        long j = a3.f13634a;
        adrs.setTreeAddress(j);
        int i4 = a3.b;
        adrs.setKeyPairAddress(i4);
        SPHINCSPlusPrivateKeyParameters sPHINCSPlusPrivateKeyParameters = this.privKey;
        byte[] bArr3 = sPHINCSPlusPrivateKeyParameters.f13653i.f13641a;
        byte[] bArr4 = sPHINCSPlusPrivateKeyParameters.j.f13637a;
        byte[] bArr5 = a3.f13635c;
        SIG_FORS[] sign = fors.sign(bArr5, bArr3, bArr4, adrs);
        ADRS adrs2 = new ADRS();
        adrs2.setType(3);
        adrs2.setTreeAddress(j);
        adrs2.setKeyPairAddress(i4);
        byte[] pkFromSig = fors.pkFromSig(sign, bArr5, this.privKey.j.f13637a, adrs2);
        new ADRS().setType(2);
        byte[] a4 = new HT(a2, this.privKey.getSeed(), this.privKey.getPublicSeed()).a(i4, j, pkFromSig);
        int length = sign.length;
        byte[][] bArr6 = new byte[length + 2];
        bArr6[0] = PRF_msg;
        while (i3 != sign.length) {
            int i5 = i3 + 1;
            SIG_FORS sig_fors = sign[i3];
            bArr6[i5] = Arrays.concatenate(sig_fors.b, Arrays.concatenate(sig_fors.f13639a));
            i3 = i5;
        }
        bArr6[length + 1] = a4;
        return Arrays.concatenate(bArr6);
    }

    @Override // org.bouncycastle.pqc.crypto.MessageSigner
    public void init(boolean z2, CipherParameters cipherParameters) {
        if (!z2) {
            this.pubKey = (SPHINCSPlusPublicKeyParameters) cipherParameters;
        } else {
            if (!(cipherParameters instanceof ParametersWithRandom)) {
                this.privKey = (SPHINCSPlusPrivateKeyParameters) cipherParameters;
                return;
            }
            ParametersWithRandom parametersWithRandom = (ParametersWithRandom) cipherParameters;
            this.privKey = (SPHINCSPlusPrivateKeyParameters) parametersWithRandom.getParameters();
            this.random = parametersWithRandom.getRandom();
        }
    }

    @Override // org.bouncycastle.pqc.crypto.MessageSigner
    public boolean verifySignature(byte[] bArr, byte[] bArr2) {
        SPHINCSPlusEngine a2 = this.pubKey.getParameters().a();
        a2.c(this.pubKey.getSeed());
        ADRS adrs = new ADRS();
        SIG sig = new SIG(a2.b, a2.j, a2.f13645i, a2.h, a2.f13646l, a2.e, bArr2);
        byte[] r2 = sig.getR();
        SIG_FORS[] sig_fors = sig.getSIG_FORS();
        SIG_XMSS[] sig_ht = sig.getSIG_HT();
        IndexedDigest a3 = a2.a(r2, this.pubKey.getSeed(), this.pubKey.getRoot(), bArr);
        adrs.setType(3);
        adrs.setLayerAddress(0);
        long j = a3.f13634a;
        adrs.setTreeAddress(j);
        int i2 = a3.b;
        adrs.setKeyPairAddress(i2);
        byte[] pkFromSig = new Fors(a2).pkFromSig(sig_fors, a3.f13635c, this.pubKey.getSeed(), adrs);
        adrs.setType(2);
        adrs.setLayerAddress(0);
        adrs.setTreeAddress(j);
        adrs.setKeyPairAddress(i2);
        return new HT(a2, null, this.pubKey.getSeed()).verify(pkFromSig, sig_ht, this.pubKey.getSeed(), j, i2, this.pubKey.getRoot());
    }
}
