package com.google.crypto.tink.signature.internal;

import com.google.crypto.tink.AccessesPartialKey;
import com.google.crypto.tink.PublicKeyVerify;
import com.google.crypto.tink.config.internal.TinkFipsUtil;
import com.google.crypto.tink.internal.ConscryptUtil;
import com.google.crypto.tink.internal.EnumTypeProtoConverter;
import com.google.crypto.tink.internal.Util;
import com.google.crypto.tink.signature.EcdsaParameters;
import com.google.crypto.tink.signature.EcdsaPublicKey;
import com.google.crypto.tink.subtle.EllipticCurves;
import com.google.crypto.tink.subtle.EngineFactory;
import com.google.crypto.tink.subtle.Enums;
import com.google.crypto.tink.subtle.SubtleUtil;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.Provider;
import java.security.Signature;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECPublicKeySpec;
import java.util.Arrays;

/* loaded from: classes2.dex */
public final class EcdsaVerifyJce implements PublicKeyVerify {
    private final EllipticCurves.EcdsaEncoding encoding;
    private final byte[] messageSuffix;
    private final byte[] outputPrefix;
    private final Provider provider;
    private final ECPublicKey publicKey;
    private final String signatureAlgorithm;
    public static final TinkFipsUtil.AlgorithmFipsCompatibility FIPS = TinkFipsUtil.AlgorithmFipsCompatibility.ALGORITHM_REQUIRES_BORINGCRYPTO;
    private static final byte[] EMPTY = new byte[0];
    private static final byte[] legacyMessageSuffix = {0};
    static final EnumTypeProtoConverter<Enums.HashType, EcdsaParameters.HashType> HASH_TYPE_CONVERTER = EnumTypeProtoConverter.builder().add(Enums.HashType.SHA256, EcdsaParameters.HashType.SHA256).add(Enums.HashType.SHA384, EcdsaParameters.HashType.SHA384).add(Enums.HashType.SHA512, EcdsaParameters.HashType.SHA512).build();
    static final EnumTypeProtoConverter<EllipticCurves.EcdsaEncoding, EcdsaParameters.SignatureEncoding> ENCODING_CONVERTER = EnumTypeProtoConverter.builder().add(EllipticCurves.EcdsaEncoding.IEEE_P1363, EcdsaParameters.SignatureEncoding.IEEE_P1363).add(EllipticCurves.EcdsaEncoding.DER, EcdsaParameters.SignatureEncoding.DER).build();
    static final EnumTypeProtoConverter<EllipticCurves.CurveType, EcdsaParameters.CurveType> CURVE_TYPE_CONVERTER = EnumTypeProtoConverter.builder().add(EllipticCurves.CurveType.NIST_P256, EcdsaParameters.CurveType.NIST_P256).add(EllipticCurves.CurveType.NIST_P384, EcdsaParameters.CurveType.NIST_P384).add(EllipticCurves.CurveType.NIST_P521, EcdsaParameters.CurveType.NIST_P521).build();

    /* JADX WARN: Illegal instructions before constructor call */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public EcdsaVerifyJce(java.security.interfaces.ECPublicKey r8, com.google.crypto.tink.subtle.Enums.HashType r9, com.google.crypto.tink.subtle.EllipticCurves.EcdsaEncoding r10) {
        /*
            r7 = this;
            byte[] r4 = com.google.crypto.tink.signature.internal.EcdsaVerifyJce.EMPTY
            java.security.Provider r6 = com.google.crypto.tink.internal.ConscryptUtil.providerOrNull()
            r5 = r4
            r0 = r7
            r1 = r8
            r2 = r9
            r3 = r10
            r0.<init>(r1, r2, r3, r4, r5, r6)
            java.security.spec.ECPoint r8 = r1.getW()
            java.security.spec.ECParameterSpec r9 = r1.getParams()
            java.security.spec.EllipticCurve r9 = r9.getCurve()
            com.google.crypto.tink.internal.EllipticCurvesUtil.checkPointOnCurve(r8, r9)
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.google.crypto.tink.signature.internal.EcdsaVerifyJce.<init>(java.security.interfaces.ECPublicKey, com.google.crypto.tink.subtle.Enums$HashType, com.google.crypto.tink.subtle.EllipticCurves$EcdsaEncoding):void");
    }

    private EcdsaVerifyJce(ECPublicKey eCPublicKey, Enums.HashType hashType, EllipticCurves.EcdsaEncoding ecdsaEncoding, byte[] bArr, byte[] bArr2, Provider provider) {
        if (!FIPS.isCompatible()) {
            throw new GeneralSecurityException("Can not use ECDSA in FIPS-mode, as BoringCrypto is not available.");
        }
        this.signatureAlgorithm = SubtleUtil.toEcdsaAlgo(hashType);
        this.publicKey = eCPublicKey;
        this.encoding = ecdsaEncoding;
        this.outputPrefix = bArr;
        this.messageSuffix = bArr2;
        this.provider = provider;
    }

    @AccessesPartialKey
    public static PublicKeyVerify create(EcdsaPublicKey ecdsaPublicKey) {
        Provider providerOrNull = ConscryptUtil.providerOrNull();
        return new EcdsaVerifyJce((ECPublicKey) (providerOrNull != null ? KeyFactory.getInstance("EC", providerOrNull) : EngineFactory.KEY_FACTORY.getInstance("EC")).generatePublic(new ECPublicKeySpec(ecdsaPublicKey.getPublicPoint(), EllipticCurves.getCurveSpec(CURVE_TYPE_CONVERTER.toProtoEnum(ecdsaPublicKey.getParameters().getCurveType())))), HASH_TYPE_CONVERTER.toProtoEnum(ecdsaPublicKey.getParameters().getHashType()), ENCODING_CONVERTER.toProtoEnum(ecdsaPublicKey.getParameters().getSignatureEncoding()), ecdsaPublicKey.getOutputPrefix().toByteArray(), ecdsaPublicKey.getParameters().getVariant().equals(EcdsaParameters.Variant.LEGACY) ? legacyMessageSuffix : EMPTY, providerOrNull);
    }

    private Signature getInstance(String str) {
        Provider provider = this.provider;
        return provider != null ? Signature.getInstance(str, provider) : EngineFactory.SIGNATURE.getInstance(str);
    }

    private void noPrefixVerify(byte[] bArr, byte[] bArr2) {
        boolean z10;
        if (this.encoding == EllipticCurves.EcdsaEncoding.IEEE_P1363) {
            if (bArr.length != EllipticCurves.fieldSizeInBytes(this.publicKey.getParams().getCurve()) * 2) {
                throw new GeneralSecurityException("Invalid signature");
            }
            bArr = EllipticCurves.ecdsaIeee2Der(bArr);
        }
        if (!EllipticCurves.isValidDerEncoding(bArr)) {
            throw new GeneralSecurityException("Invalid signature");
        }
        Signature ecdsaVerifyJce = getInstance(this.signatureAlgorithm);
        ecdsaVerifyJce.initVerify(this.publicKey);
        ecdsaVerifyJce.update(bArr2);
        byte[] bArr3 = this.messageSuffix;
        if (bArr3.length > 0) {
            ecdsaVerifyJce.update(bArr3);
        }
        try {
            z10 = ecdsaVerifyJce.verify(bArr);
        } catch (RuntimeException unused) {
            z10 = false;
        }
        if (!z10) {
            throw new GeneralSecurityException("Invalid signature");
        }
    }

    @Override // com.google.crypto.tink.PublicKeyVerify
    public void verify(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = this.outputPrefix;
        if (bArr3.length == 0) {
            noPrefixVerify(bArr, bArr2);
        } else {
            if (!Util.isPrefix(bArr3, bArr)) {
                throw new GeneralSecurityException("Invalid signature (output prefix mismatch)");
            }
            noPrefixVerify(Arrays.copyOfRange(bArr, this.outputPrefix.length, bArr.length), bArr2);
        }
    }
}
