package org.bouncycastle.mls.crypto.bc;

import java.io.IOException;
import java.math.BigInteger;
import java.security.SecureRandom;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.CryptoException;
import org.bouncycastle.crypto.Signer;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.digests.SHA384Digest;
import org.bouncycastle.crypto.digests.SHA512Digest;
import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
import org.bouncycastle.crypto.generators.Ed25519KeyPairGenerator;
import org.bouncycastle.crypto.generators.Ed448KeyPairGenerator;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.params.Ed25519KeyGenerationParameters;
import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
import org.bouncycastle.crypto.params.Ed448KeyGenerationParameters;
import org.bouncycastle.crypto.params.Ed448PrivateKeyParameters;
import org.bouncycastle.crypto.params.Ed448PublicKeyParameters;
import org.bouncycastle.crypto.params.X25519PublicKeyParameters;
import org.bouncycastle.crypto.params.X448PublicKeyParameters;
import org.bouncycastle.crypto.signers.DSADigestSigner;
import org.bouncycastle.crypto.signers.ECDSASigner;
import org.bouncycastle.crypto.signers.Ed25519Signer;
import org.bouncycastle.crypto.signers.Ed448Signer;
import org.bouncycastle.math.ec.FixedPointCombMultiplier;
import org.bouncycastle.math.ec.custom.sec.SecP256R1Curve;
import org.bouncycastle.math.ec.custom.sec.SecP384R1Curve;
import org.bouncycastle.math.ec.custom.sec.SecP521R1Curve;
import org.bouncycastle.mls.codec.MLSOutputStream;
import org.bouncycastle.mls.crypto.MlsCipherSuite;
import org.bouncycastle.mls.crypto.MlsSigner;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:org/bouncycastle/mls/crypto/bc/BcMlsSigner.class */
public class BcMlsSigner implements MlsSigner {
    Signer signer;
    ECDomainParameters domainParams;
    int sigID;

    public BcMlsSigner(int i) {
        this.sigID = i;
        switch (i) {
            case 3:
                this.signer = new DSADigestSigner(new ECDSASigner(), new SHA256Digest());
                SecP256R1Curve secP256R1Curve = new SecP256R1Curve();
                this.domainParams = new ECDomainParameters(secP256R1Curve, secP256R1Curve.createPoint(new BigInteger(1, Hex.decode("6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296")), new BigInteger(1, Hex.decode("4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5"))), secP256R1Curve.getOrder(), secP256R1Curve.getCofactor(), Hex.decode("c49d360886e704936a6678e1139d26b7819f7e90"));
                return;
            case 4:
                this.signer = new DSADigestSigner(new ECDSASigner(), new SHA512Digest());
                SecP521R1Curve secP521R1Curve = new SecP521R1Curve();
                this.domainParams = new ECDomainParameters(secP521R1Curve, secP521R1Curve.createPoint(new BigInteger("c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", 16), new BigInteger("11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650", 16)), secP521R1Curve.getOrder(), secP521R1Curve.getCofactor(), Hex.decode("d09e8800291cb85396cc6717393284aaa0da64ba"));
                return;
            case 5:
                this.signer = new DSADigestSigner(new ECDSASigner(), new SHA384Digest());
                SecP384R1Curve secP384R1Curve = new SecP384R1Curve();
                this.domainParams = new ECDomainParameters(secP384R1Curve, secP384R1Curve.createPoint(new BigInteger(1, Hex.decode("aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7")), new BigInteger(1, Hex.decode("3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f"))), secP384R1Curve.getOrder(), secP384R1Curve.getCofactor(), Hex.decode("a335926aa319a27a1d00896a6773a4827acdac73"));
                return;
            case 6:
            default:
                return;
            case 7:
                this.signer = new Ed25519Signer();
                return;
            case 8:
                this.signer = new Ed448Signer(new byte[0]);
                return;
        }
    }

    @Override // org.bouncycastle.mls.crypto.MlsSigner
    public AsymmetricCipherKeyPair generateSignatureKeyPair() {
        SecureRandom secureRandom = new SecureRandom();
        switch (this.sigID) {
            case 3:
            case 4:
            case 5:
                ECKeyPairGenerator eCKeyPairGenerator = new ECKeyPairGenerator();
                eCKeyPairGenerator.init(new ECKeyGenerationParameters(this.domainParams, secureRandom));
                return eCKeyPairGenerator.generateKeyPair();
            case 6:
            default:
                throw new IllegalStateException("invalid sig algorithm");
            case 7:
                Ed25519KeyPairGenerator ed25519KeyPairGenerator = new Ed25519KeyPairGenerator();
                ed25519KeyPairGenerator.init(new Ed25519KeyGenerationParameters(secureRandom));
                return ed25519KeyPairGenerator.generateKeyPair();
            case 8:
                Ed448KeyPairGenerator ed448KeyPairGenerator = new Ed448KeyPairGenerator();
                ed448KeyPairGenerator.init(new Ed448KeyGenerationParameters(secureRandom));
                return ed448KeyPairGenerator.generateKeyPair();
        }
    }

    @Override // org.bouncycastle.mls.crypto.MlsSigner
    public byte[] serializePublicKey(AsymmetricKeyParameter asymmetricKeyParameter) {
        switch (this.sigID) {
            case 3:
            case 4:
            case 5:
                return ((ECPublicKeyParameters) asymmetricKeyParameter).getQ().getEncoded(false);
            case 6:
            default:
                throw new IllegalStateException("invalid sig algorithm");
            case 7:
                return ((Ed25519PublicKeyParameters) asymmetricKeyParameter).getEncoded();
            case 8:
                return ((Ed448PublicKeyParameters) asymmetricKeyParameter).getEncoded();
        }
    }

    @Override // org.bouncycastle.mls.crypto.MlsSigner
    public byte[] serializePrivateKey(AsymmetricKeyParameter asymmetricKeyParameter) {
        switch (this.sigID) {
            case 3:
            case 4:
            case 5:
                return ((ECPrivateKeyParameters) asymmetricKeyParameter).getD().toByteArray();
            case 6:
            default:
                throw new IllegalStateException("invalid sig algorithm");
            case 7:
                return ((Ed25519PrivateKeyParameters) asymmetricKeyParameter).getEncoded();
            case 8:
                return ((Ed448PrivateKeyParameters) asymmetricKeyParameter).getEncoded();
        }
    }

    @Override // org.bouncycastle.mls.crypto.MlsSigner
    public AsymmetricKeyParameter deserializePublicKey(byte[] bArr) {
        switch (this.sigID) {
            case 3:
            case 4:
            case 5:
                return new ECPublicKeyParameters(this.domainParams.getCurve().decodePoint(bArr), this.domainParams);
            case 6:
            default:
                throw new IllegalStateException("Unknown mode");
            case 7:
                return new X25519PublicKeyParameters(bArr);
            case 8:
                return new X448PublicKeyParameters(bArr);
        }
    }

    @Override // org.bouncycastle.mls.crypto.MlsSigner
    public AsymmetricCipherKeyPair deserializePrivateKey(byte[] bArr) {
        switch (this.sigID) {
            case 3:
            case 4:
            case 5:
                ECPrivateKeyParameters eCPrivateKeyParameters = new ECPrivateKeyParameters(new BigInteger(1, bArr), this.domainParams);
                return new AsymmetricCipherKeyPair(new ECPublicKeyParameters(new FixedPointCombMultiplier().multiply(this.domainParams.getG(), eCPrivateKeyParameters.getD()), this.domainParams), eCPrivateKeyParameters);
            case 6:
            default:
                throw new IllegalStateException("invalid sig algorithm");
            case 7:
                Ed25519PrivateKeyParameters ed25519PrivateKeyParameters = new Ed25519PrivateKeyParameters(bArr);
                return new AsymmetricCipherKeyPair(ed25519PrivateKeyParameters.generatePublicKey(), ed25519PrivateKeyParameters);
            case 8:
                Ed448PrivateKeyParameters ed448PrivateKeyParameters = new Ed448PrivateKeyParameters(bArr);
                return new AsymmetricCipherKeyPair(ed448PrivateKeyParameters.generatePublicKey(), ed448PrivateKeyParameters);
        }
    }

    @Override // org.bouncycastle.mls.crypto.MlsSigner
    public byte[] signWithLabel(byte[] bArr, String str, byte[] bArr2) throws IOException, CryptoException {
        byte[] encode = MLSOutputStream.encode(new MlsCipherSuite.GenericContent(str, bArr2));
        switch (this.sigID) {
            case 3:
            case 4:
            case 5:
                this.signer.init(true, new ECPrivateKeyParameters(new BigInteger(1, bArr), this.domainParams));
                break;
            case 7:
                this.signer.init(true, new Ed25519PrivateKeyParameters(bArr));
                break;
            case 8:
                this.signer.init(true, new Ed448PrivateKeyParameters(bArr));
                break;
        }
        this.signer.update(encode, 0, encode.length);
        return this.signer.generateSignature();
    }

    @Override // org.bouncycastle.mls.crypto.MlsSigner
    public boolean verifyWithLabel(byte[] bArr, String str, byte[] bArr2, byte[] bArr3) throws IOException {
        byte[] encode = MLSOutputStream.encode(new MlsCipherSuite.GenericContent(str, bArr2));
        switch (this.sigID) {
            case 3:
            case 4:
            case 5:
                this.signer.init(false, new ECPublicKeyParameters(this.domainParams.getCurve().decodePoint(bArr), this.domainParams));
                break;
            case 7:
                this.signer.init(false, new Ed25519PublicKeyParameters(bArr));
                break;
            case 8:
                this.signer.init(false, new Ed448PublicKeyParameters(bArr));
                break;
        }
        this.signer.update(encode, 0, encode.length);
        return this.signer.verifySignature(bArr3);
    }
}
