package org.kapott.cryptalgs;

import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.SignatureSpi;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;

/* loaded from: input_file:BOOT-INF/lib/hbci4j-adorsys-3.0.24.jar:org/kapott/cryptalgs/PKCS1_PSS.class */
public class PKCS1_PSS extends SignatureSpi {
    private RSAPublicKey pubKey;
    private PrivateKey privKey;
    private SignatureParamSpec param;
    private ByteArrayOutputStream plainmsg;

    @Override // java.security.SignatureSpi
    @Deprecated
    protected void engineSetParameter(String str, Object obj) {
    }

    @Override // java.security.SignatureSpi
    protected void engineSetParameter(AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException {
        if (!(algorithmParameterSpec instanceof SignatureParamSpec)) {
            throw new InvalidAlgorithmParameterException();
        }
        this.param = (SignatureParamSpec) algorithmParameterSpec;
    }

    @Override // java.security.SignatureSpi
    @Deprecated
    protected Object engineGetParameter(String str) {
        return null;
    }

    public static MessageDigest getMessageDigest(SignatureParamSpec signatureParamSpec) {
        try {
            String provider = signatureParamSpec.getProvider();
            return provider != null ? MessageDigest.getInstance(signatureParamSpec.getHashAlg(), provider) : MessageDigest.getInstance(signatureParamSpec.getHashAlg());
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        } catch (NoSuchProviderException e2) {
            throw new RuntimeException(e2);
        }
    }

    @Override // java.security.SignatureSpi
    protected void engineInitSign(PrivateKey privateKey) {
        this.privKey = privateKey;
        this.plainmsg = new ByteArrayOutputStream();
    }

    @Override // java.security.SignatureSpi
    protected void engineInitVerify(PublicKey publicKey) {
        this.pubKey = (RSAPublicKey) publicKey;
        this.plainmsg = new ByteArrayOutputStream();
    }

    @Override // java.security.SignatureSpi
    protected void engineUpdate(byte b) {
        this.plainmsg.write(b);
    }

    @Override // java.security.SignatureSpi
    protected void engineUpdate(byte[] bArr, int i, int i2) {
        for (int i3 = 0; i3 < i2; i3++) {
            engineUpdate(bArr[i + i3]);
        }
    }

    @Override // java.security.SignatureSpi
    protected int engineSign(byte[] bArr, int i, int i2) throws SignatureException {
        byte[] engineSign = engineSign();
        if (i + i2 > bArr.length) {
            throw new SignatureException("output result too large for buffer");
        }
        System.arraycopy(engineSign, 0, bArr, i, engineSign.length);
        return engineSign.length;
    }

    @Override // java.security.SignatureSpi
    protected byte[] engineSign() {
        return pss_sign(this.privKey, this.plainmsg.toByteArray());
    }

    @Override // java.security.SignatureSpi
    protected boolean engineVerify(byte[] bArr) {
        return pss_verify(this.pubKey, this.plainmsg.toByteArray(), bArr);
    }

    private static byte[] i2os(BigInteger bigInteger, int i) {
        byte[] byteArray = bigInteger.toByteArray();
        if (byteArray.length > i) {
            for (int i2 = 0; i2 < byteArray.length - i; i2++) {
                if (byteArray[i2] != 0) {
                    throw new RuntimeException("value too large");
                }
            }
            byte[] bArr = new byte[i];
            System.arraycopy(byteArray, byteArray.length - i, bArr, 0, i);
            byteArray = bArr;
        } else if (byteArray.length < i) {
            byte[] bArr2 = new byte[i];
            System.arraycopy(byteArray, 0, bArr2, i - byteArray.length, byteArray.length);
            byteArray = bArr2;
        }
        return byteArray;
    }

    private static BigInteger os2i(byte[] bArr) {
        return new BigInteger(1, bArr);
    }

    private static BigInteger sp1(PrivateKey privateKey, BigInteger bigInteger) {
        BigInteger add;
        if (privateKey instanceof RSAPrivateKey) {
            add = bigInteger.modPow(((RSAPrivateKey) privateKey).getPrivateExponent(), ((RSAPrivateKey) privateKey).getModulus());
        } else {
            RSAPrivateCrtKey2 rSAPrivateCrtKey2 = (RSAPrivateCrtKey2) privateKey;
            BigInteger p = rSAPrivateCrtKey2.getP();
            BigInteger q = rSAPrivateCrtKey2.getQ();
            BigInteger dPVar = rSAPrivateCrtKey2.getdP();
            BigInteger dQVar = rSAPrivateCrtKey2.getdQ();
            BigInteger qInv = rSAPrivateCrtKey2.getQInv();
            BigInteger modPow = bigInteger.modPow(dPVar, p);
            BigInteger modPow2 = bigInteger.modPow(dQVar, q);
            add = modPow2.add(q.multiply(modPow.subtract(modPow2).multiply(qInv).mod(p)));
        }
        return add;
    }

    private static BigInteger vp1(RSAPublicKey rSAPublicKey, BigInteger bigInteger) {
        return bigInteger.modPow(rSAPublicKey.getPublicExponent(), rSAPublicKey.getModulus());
    }

    private static byte[] concat(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        return bArr3;
    }

    private static byte[] hash(SignatureParamSpec signatureParamSpec, byte[] bArr) {
        MessageDigest messageDigest = getMessageDigest(signatureParamSpec);
        messageDigest.reset();
        return messageDigest.digest(bArr);
    }

    private static byte[] mgf1(SignatureParamSpec signatureParamSpec, byte[] bArr, int i) {
        int digestLength = getMessageDigest(signatureParamSpec).getDigestLength();
        byte[] bArr2 = new byte[0];
        for (int i2 = 0; i2 < Math.ceil(i / digestLength); i2++) {
            bArr2 = concat(bArr2, hash(signatureParamSpec, concat(bArr, i2os(new BigInteger(Integer.toString(i2)), 4))));
        }
        byte[] bArr3 = new byte[i];
        System.arraycopy(bArr2, 0, bArr3, 0, i);
        return bArr3;
    }

    private static byte[] random_os(int i) {
        byte[] bArr = new byte[i];
        for (int i2 = 0; i2 < i; i2++) {
            bArr[i2] = (byte) (256.0d * Math.random());
        }
        return bArr;
    }

    private static byte[] xor_os(byte[] bArr, byte[] bArr2) {
        if (bArr.length != bArr2.length) {
            throw new RuntimeException("a1.len != a2.len");
        }
        byte[] bArr3 = new byte[bArr.length];
        for (int i = 0; i < bArr3.length; i++) {
            bArr3[i] = (byte) (bArr[i] ^ bArr2[i]);
        }
        return bArr3;
    }

    public static byte[] emsa_pss_encode(SignatureParamSpec signatureParamSpec, byte[] bArr, int i) {
        int i2 = i >> 3;
        if ((i & 7) != 0) {
            i2++;
        }
        byte[] hash = hash(signatureParamSpec, bArr);
        int digestLength = getMessageDigest(signatureParamSpec).getDigestLength();
        byte[] random_os = random_os(digestLength);
        byte[] hash2 = hash(signatureParamSpec, concat(concat(new byte[8], hash), random_os));
        byte[] xor_os = xor_os(concat(concat(new byte[((i2 - digestLength) - digestLength) - 2], new byte[]{1}), random_os), mgf1(signatureParamSpec, hash2, (i2 - digestLength) - 1));
        xor_os[0] = (byte) (xor_os[0] & ((byte) (255 >>> ((i2 << 3) - i))));
        return concat(concat(xor_os, hash2), new byte[]{-68});
    }

    public static boolean emsa_pss_verify(SignatureParamSpec signatureParamSpec, byte[] bArr, byte[] bArr2, int i) {
        int i2 = i >> 3;
        if ((i & 7) != 0) {
            i2++;
        }
        byte[] hash = hash(signatureParamSpec, bArr);
        int digestLength = getMessageDigest(signatureParamSpec).getDigestLength();
        if (bArr2[bArr2.length - 1] != -68) {
            return false;
        }
        byte[] bArr3 = new byte[(i2 - digestLength) - 1];
        byte[] bArr4 = new byte[digestLength];
        System.arraycopy(bArr2, 0, bArr3, 0, (i2 - digestLength) - 1);
        System.arraycopy(bArr2, (i2 - digestLength) - 1, bArr4, 0, digestLength);
        byte[] xor_os = xor_os(bArr3, mgf1(signatureParamSpec, bArr4, (i2 - digestLength) - 1));
        xor_os[0] = (byte) (xor_os[0] & ((byte) (255 >>> ((i2 << 3) - i))));
        byte[] bArr5 = new byte[digestLength];
        System.arraycopy(xor_os, xor_os.length - digestLength, bArr5, 0, digestLength);
        return Arrays.equals(bArr4, hash(signatureParamSpec, concat(concat(new byte[8], hash), bArr5)));
    }

    public static int calculateEMBitLen(BigInteger bigInteger) {
        return bigInteger.bitLength() - 1;
    }

    private byte[] pss_sign(PrivateKey privateKey, byte[] bArr) {
        int bitLength = (privateKey instanceof RSAPrivateKey ? ((RSAPrivateKey) privateKey).getModulus() : ((RSAPrivateCrtKey2) privateKey).getP().multiply(((RSAPrivateCrtKey2) privateKey).getQ())).bitLength();
        int i = bitLength >> 3;
        if ((bitLength & 7) != 0) {
            i++;
        }
        return i2os(sp1(privateKey, os2i(emsa_pss_encode(this.param, bArr, bitLength - 1))), i);
    }

    private boolean pss_verify(RSAPublicKey rSAPublicKey, byte[] bArr, byte[] bArr2) {
        BigInteger vp1 = vp1(rSAPublicKey, os2i(bArr2));
        int bitLength = rSAPublicKey.getModulus().bitLength() - 1;
        int i = bitLength >> 3;
        if ((bitLength & 7) != 0) {
            i++;
        }
        return emsa_pss_verify(this.param, bArr, i2os(vp1, i), bitLength);
    }
}
