package com.google.crypto.tink.signature.internal;

import com.google.crypto.tink.PublicKeyVerify;
import com.google.crypto.tink.config.internal.TinkFipsUtil;
import com.google.crypto.tink.internal.ConscryptUtil;
import com.google.crypto.tink.internal.Util;
import com.google.crypto.tink.signature.RsaSsaPssParameters;
import com.google.crypto.tink.signature.RsaSsaPssPublicKey;
import com.google.crypto.tink.subtle.Validators;
import com.google.errorprone.annotations.Immutable;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.Provider;
import java.security.Signature;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.PSSParameterSpec;
import java.security.spec.RSAPublicKeySpec;

@Immutable
/* loaded from: classes4.dex */
public final class RsaSsaPssVerifyConscrypt implements PublicKeyVerify {

    /* renamed from: f, reason: collision with root package name */
    public static final TinkFipsUtil.AlgorithmFipsCompatibility f69148f = TinkFipsUtil.AlgorithmFipsCompatibility.ALGORITHM_REQUIRES_BORINGCRYPTO;

    /* renamed from: g, reason: collision with root package name */
    private static final byte[] f69149g = new byte[0];

    /* renamed from: h, reason: collision with root package name */
    private static final byte[] f69150h = {0};

    /* renamed from: i, reason: collision with root package name */
    static final Provider f69151i = b();

    /* renamed from: a, reason: collision with root package name */
    private final RSAPublicKey f69152a;

    /* renamed from: b, reason: collision with root package name */
    private final String f69153b;

    /* renamed from: c, reason: collision with root package name */
    private final PSSParameterSpec f69154c;

    /* renamed from: d, reason: collision with root package name */
    private final byte[] f69155d;

    /* renamed from: e, reason: collision with root package name */
    private final byte[] f69156e;

    private RsaSsaPssVerifyConscrypt(RSAPublicKey rSAPublicKey, RsaSsaPssParameters.HashType hashType, RsaSsaPssParameters.HashType hashType2, int i2, byte[] bArr, byte[] bArr2) {
        if (!f69148f.a()) {
            throw new GeneralSecurityException("Cannot use RSA SSA PSS in FIPS-mode, as BoringCrypto module is not available.");
        }
        if (!hashType.equals(hashType2)) {
            throw new GeneralSecurityException("sigHash and mgf1Hash must be the same");
        }
        Validators.c(rSAPublicKey.getModulus().bitLength());
        Validators.d(rSAPublicKey.getPublicExponent());
        this.f69152a = rSAPublicKey;
        this.f69153b = d(hashType);
        this.f69154c = g(hashType, hashType2, i2);
        this.f69155d = bArr;
        this.f69156e = bArr2;
    }

    private static Provider b() {
        if (!Util.d() || Util.c().intValue() > 23) {
            return ConscryptUtil.a();
        }
        return null;
    }

    public static PublicKeyVerify c(RsaSsaPssPublicKey rsaSsaPssPublicKey) {
        if (!h()) {
            throw new GeneralSecurityException("RSA SSA PSS using Conscrypt is not supported.");
        }
        RSAPublicKey rSAPublicKey = (RSAPublicKey) KeyFactory.getInstance("RSA", f69151i).generatePublic(new RSAPublicKeySpec(rsaSsaPssPublicKey.d(), rsaSsaPssPublicKey.e().e()));
        RsaSsaPssParameters e2 = rsaSsaPssPublicKey.e();
        return new RsaSsaPssVerifyConscrypt(rSAPublicKey, e2.g(), e2.c(), e2.f(), rsaSsaPssPublicKey.b().d(), rsaSsaPssPublicKey.e().h().equals(RsaSsaPssParameters.Variant.f69025d) ? f69150h : f69149g);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String d(RsaSsaPssParameters.HashType hashType) {
        if (hashType == RsaSsaPssParameters.HashType.f69019b) {
            return "SHA256withRSA/PSS";
        }
        if (hashType == RsaSsaPssParameters.HashType.f69020c) {
            return "SHA384withRSA/PSS";
        }
        if (hashType == RsaSsaPssParameters.HashType.f69021d) {
            return "SHA512withRSA/PSS";
        }
        throw new IllegalArgumentException("Unsupported hash: " + hashType);
    }

    private static String e(RsaSsaPssParameters.HashType hashType) {
        if (hashType == RsaSsaPssParameters.HashType.f69019b) {
            return "SHA-256";
        }
        if (hashType == RsaSsaPssParameters.HashType.f69020c) {
            return "SHA-384";
        }
        if (hashType == RsaSsaPssParameters.HashType.f69021d) {
            return "SHA-512";
        }
        throw new IllegalArgumentException("Unsupported MD hash: " + hashType);
    }

    private static MGF1ParameterSpec f(RsaSsaPssParameters.HashType hashType) {
        if (hashType == RsaSsaPssParameters.HashType.f69019b) {
            return MGF1ParameterSpec.SHA256;
        }
        if (hashType == RsaSsaPssParameters.HashType.f69020c) {
            return MGF1ParameterSpec.SHA384;
        }
        if (hashType == RsaSsaPssParameters.HashType.f69021d) {
            return MGF1ParameterSpec.SHA512;
        }
        throw new IllegalArgumentException("Unsupported MGF1 hash: " + hashType);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PSSParameterSpec g(RsaSsaPssParameters.HashType hashType, RsaSsaPssParameters.HashType hashType2, int i2) {
        return new PSSParameterSpec(e(hashType), "MGF1", f(hashType2), i2, 1);
    }

    public static boolean h() {
        return f69151i != null;
    }

    @Override // com.google.crypto.tink.PublicKeyVerify
    public void a(byte[] bArr, byte[] bArr2) {
        if (!Util.e(this.f69155d, bArr)) {
            throw new GeneralSecurityException("Invalid signature (output prefix mismatch)");
        }
        Signature signature = Signature.getInstance(this.f69153b, f69151i);
        signature.initVerify(this.f69152a);
        signature.setParameter(this.f69154c);
        signature.update(bArr2);
        byte[] bArr3 = this.f69156e;
        if (bArr3.length > 0) {
            signature.update(bArr3);
        }
        byte[] bArr4 = this.f69155d;
        if (!signature.verify(bArr, bArr4.length, bArr.length - bArr4.length)) {
            throw new GeneralSecurityException("signature verification failed");
        }
    }
}
