package org.spongycastle.crypto.signers;

import java.math.BigInteger;
import java.security.SecureRandom;
import org.spongycastle.crypto.CipherParameters;
import org.spongycastle.crypto.DSA;
import org.spongycastle.crypto.params.ECDomainParameters;
import org.spongycastle.crypto.params.ECKeyParameters;
import org.spongycastle.crypto.params.ECPrivateKeyParameters;
import org.spongycastle.crypto.params.ECPublicKeyParameters;
import org.spongycastle.crypto.params.ParametersWithRandom;
import org.spongycastle.math.ec.ECAlgorithms;
import org.spongycastle.math.ec.ECConstants;
import org.spongycastle.math.ec.ECCurve;
import org.spongycastle.math.ec.ECFieldElement;
import org.spongycastle.math.ec.ECMultiplier;
import org.spongycastle.math.ec.ECPoint;
import org.spongycastle.math.ec.FixedPointCombMultiplier;

/* loaded from: classes6.dex */
public class ECDSASigner implements ECConstants, DSA {
    private final DSAKCalculator a;
    private ECKeyParameters b;
    private SecureRandom c;

    public ECDSASigner() {
        this.a = new RandomDSAKCalculator();
    }

    public ECDSASigner(DSAKCalculator dSAKCalculator) {
        this.a = dSAKCalculator;
    }

    protected BigInteger a(BigInteger bigInteger, byte[] bArr) {
        int bitLength = bigInteger.bitLength();
        int length = bArr.length * 8;
        BigInteger bigInteger2 = new BigInteger(1, bArr);
        return bitLength < length ? bigInteger2.shiftRight(length - bitLength) : bigInteger2;
    }

    protected SecureRandom a(boolean z, SecureRandom secureRandom) {
        if (z) {
            return secureRandom != null ? secureRandom : new SecureRandom();
        }
        return null;
    }

    protected ECFieldElement a(int i, ECPoint eCPoint) {
        if (i != 1) {
            if (i == 2 || i == 3 || i == 4) {
                return eCPoint.a(0).k();
            }
            if (i != 6 && i != 7) {
                return null;
            }
        }
        return eCPoint.a(0);
    }

    protected ECMultiplier a() {
        return new FixedPointCombMultiplier();
    }

    @Override // org.spongycastle.crypto.DSA
    public BigInteger[] generateSignature(byte[] bArr) {
        ECDomainParameters b = this.b.b();
        BigInteger d = b.d();
        BigInteger a = a(d, bArr);
        BigInteger c = ((ECPrivateKeyParameters) this.b).c();
        if (this.a.isDeterministic()) {
            this.a.init(d, c, bArr);
        } else {
            this.a.init(d, this.c);
        }
        ECMultiplier a2 = a();
        while (true) {
            BigInteger nextK = this.a.nextK();
            BigInteger mod = a2.multiply(b.b(), nextK).w().c().m().mod(d);
            if (!mod.equals(ECConstants.a)) {
                BigInteger mod2 = nextK.modInverse(d).multiply(a.add(c.multiply(mod))).mod(d);
                if (!mod2.equals(ECConstants.a)) {
                    return new BigInteger[]{mod, mod2};
                }
            }
        }
    }

    @Override // org.spongycastle.crypto.DSA
    public void init(boolean z, CipherParameters cipherParameters) {
        SecureRandom secureRandom;
        if (!z) {
            this.b = (ECPublicKeyParameters) cipherParameters;
        } else {
            if (cipherParameters instanceof ParametersWithRandom) {
                ParametersWithRandom parametersWithRandom = (ParametersWithRandom) cipherParameters;
                this.b = (ECPrivateKeyParameters) parametersWithRandom.a();
                secureRandom = parametersWithRandom.b();
                this.c = a((z || this.a.isDeterministic()) ? false : true, secureRandom);
            }
            this.b = (ECPrivateKeyParameters) cipherParameters;
        }
        secureRandom = null;
        this.c = a((z || this.a.isDeterministic()) ? false : true, secureRandom);
    }

    @Override // org.spongycastle.crypto.DSA
    public boolean verifySignature(byte[] bArr, BigInteger bigInteger, BigInteger bigInteger2) {
        BigInteger g;
        ECFieldElement a;
        ECDomainParameters b = this.b.b();
        BigInteger d = b.d();
        BigInteger a2 = a(d, bArr);
        if (bigInteger.compareTo(ECConstants.b) < 0 || bigInteger.compareTo(d) >= 0 || bigInteger2.compareTo(ECConstants.b) < 0 || bigInteger2.compareTo(d) >= 0) {
            return false;
        }
        BigInteger modInverse = bigInteger2.modInverse(d);
        ECPoint d2 = ECAlgorithms.d(b.b(), a2.multiply(modInverse).mod(d), ((ECPublicKeyParameters) this.b).c(), bigInteger.multiply(modInverse).mod(d));
        if (d2.s()) {
            return false;
        }
        ECCurve f = d2.f();
        if (f == null || (g = f.g()) == null || g.compareTo(ECConstants.f) > 0 || (a = a(f.h(), d2)) == null || a.h()) {
            return d2.w().c().m().mod(d).equals(bigInteger);
        }
        ECFieldElement n = d2.n();
        while (f.b(bigInteger)) {
            if (f.a(bigInteger).c(a).equals(n)) {
                return true;
            }
            bigInteger = bigInteger.add(d);
        }
        return false;
    }
}
