package iaik.security.ec.eddsa;

import iaik.asn1.ASN;
import iaik.asn1.ASN1;
import iaik.asn1.ASN1Object;
import iaik.asn1.structures.AlgorithmID;
import iaik.security.ec.common.EdParameterSpec;
import iaik.security.ec.common.EdPrivateKey;
import iaik.security.ec.common.EdPublicKey;
import iaik.security.ec.common.EdStandardizedParameterFactory;
import iaik.security.ec.common.EllipticCurve;
import iaik.security.ec.provider.ECCelerate;
import iaik.security.md.SHAKE256InputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.spec.ECPoint;
import java.util.Arrays;

/* loaded from: input_file:iaik/security/ec/eddsa/EdDSAPrivateKey.class */
public final class EdDSAPrivateKey extends EdPrivateKey {
    private transient byte[] a;

    public EdDSAPrivateKey(EdDSAPrivateKeySpec edDSAPrivateKeySpec) {
        this(edDSAPrivateKeySpec.getParams(), edDSAPrivateKeySpec.getSeed());
    }

    public EdDSAPrivateKey(byte[] bArr) throws InvalidKeyException {
        super(bArr);
    }

    public EdDSAPrivateKey(EdParameterSpec edParameterSpec, byte[] bArr) {
        this(edParameterSpec, bArr, a(edParameterSpec, bArr));
    }

    EdDSAPrivateKey(EdParameterSpec edParameterSpec, byte[] bArr, byte[] bArr2) {
        this(edParameterSpec, bArr, bArr2, computeS(edParameterSpec, bArr2));
    }

    EdDSAPrivateKey(EdParameterSpec edParameterSpec, byte[] bArr, byte[] bArr2, BigInteger bigInteger) {
        this(edParameterSpec, bArr, bArr2, bigInteger, edParameterSpec.getCurve().multiplyPoint(edParameterSpec.getGenerator(), bigInteger));
    }

    public EdDSAPrivateKey(EdParameterSpec edParameterSpec, byte[] bArr, byte[] bArr2, BigInteger bigInteger, ECPoint eCPoint) {
        super(edParameterSpec, bArr, bigInteger, eCPoint);
        if (edParameterSpec == null || bArr == null || bArr2 == null || eCPoint == null || bigInteger == null) {
            throw new NullPointerException("At least one of the parameters is null!");
        }
        if (bigInteger.compareTo(edParameterSpec.getOrder().multiply(BigInteger.valueOf(edParameterSpec.getCofactor()))) >= 0) {
            throw new IllegalArgumentException("s is not a value modulo the curve order!");
        }
        this.params_ = edParameterSpec;
        this.seed_ = bArr;
        this.a = bArr2;
        this.s_ = bigInteger;
        this.w_ = eCPoint;
        createEncodedPrivateKey();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // iaik.security.ec.common.EdPrivateKey, iaik.security.ec.common.AbstractECPrivateKey
    public void finalize() throws Throwable {
        if (this.a != null) {
            Arrays.fill(this.a, (byte) 0);
            this.a = null;
        }
        super.finalize();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] a(EdParameterSpec edParameterSpec, byte[] bArr) {
        AlgorithmID hashAlgorithm = edParameterSpec.getHashAlgorithm();
        int keySize = edParameterSpec.getKeySize() >> 2;
        if (bArr.length != (keySize >> 1)) {
            throw new IllegalArgumentException("Invalid seed size!");
        }
        if (!hashAlgorithm.equals(AlgorithmID.shake256)) {
            try {
                MessageDigest messageDigestInstance = hashAlgorithm.getMessageDigestInstance();
                if (messageDigestInstance.getDigestLength() != keySize) {
                    throw new IllegalArgumentException("Invalid hash digest!");
                }
                messageDigestInstance.update(bArr);
                return messageDigestInstance.digest();
            } catch (NoSuchAlgorithmException e) {
                throw new IllegalArgumentException("Invalid hash digest!", e);
            }
        }
        byte[] bArr2 = new byte[keySize];
        SHAKE256InputStream sHAKE256InputStream = new SHAKE256InputStream(keySize);
        sHAKE256InputStream.update(bArr);
        try {
            try {
                sHAKE256InputStream.read(bArr2);
                return bArr2;
            } finally {
                try {
                    sHAKE256InputStream.close();
                } catch (IOException e2) {
                }
            }
        } catch (IOException e3) {
            throw new IllegalArgumentException("SHAKE failure", e3);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] a() {
        return this.a;
    }

    @Override // iaik.security.ec.common.EdPrivateKey
    protected void decode(byte[] bArr) throws InvalidKeyException {
        try {
            this.encodedPrivateKey_ = new ASN1(bArr);
            ASN1Object parameter = this.private_key_algorithm.getParameter();
            if (parameter != null && !parameter.isA(ASN.NULL)) {
                throw new InvalidKeyException("No EdDSA private key: parameters specified!");
            }
            String id = this.private_key_algorithm.getAlgorithm().getID();
            EdParameterSpec parametersByOID = EdStandardizedParameterFactory.getParametersByOID(id);
            if (parametersByOID == null) {
                throw new InvalidKeyException("Unknown parameter oid: " + id);
            }
            byte[] bArr2 = (byte[]) this.encodedPrivateKey_.toASN1Object().getValue();
            if (bArr2.length != (parametersByOID.getKeySize() >>> 3)) {
                throw new IllegalArgumentException("Secret seed does not have the correct length!");
            }
            this.params_ = parametersByOID;
            this.seed_ = bArr2;
            this.a = a(parametersByOID, bArr2);
            this.s_ = computeS(parametersByOID, this.a);
            this.w_ = computeOrGetW();
            if (getPubKey() != null) {
                EllipticCurve curve = parametersByOID.getCurve();
                if (!this.w_.equals(ECCelerate.isSideChannelProtectionEnabled() ? curve.secureMultiplyGenerator(this.s_) : curve.multiplyGenerator(this.s_))) {
                    throw new InvalidKeyException("Public key does not match the private key!");
                }
            }
        } catch (InvalidKeyException e) {
            throw e;
        } catch (Exception e2) {
            throw new InvalidKeyException("Not a valid EdDSA private key!", e2);
        }
    }

    @Override // iaik.security.ec.common.EdPrivateKey, java.security.Key
    public String getAlgorithm() {
        return "EdDSA";
    }

    @Override // iaik.security.ec.common.EdPrivateKey
    protected ECPoint computeOrGetW() {
        PublicKey pubKey = getPubKey();
        if (pubKey instanceof EdPublicKey) {
            return ((EdPublicKey) pubKey).getW();
        }
        EllipticCurve curve = getParams().getCurve();
        return ECCelerate.isSideChannelProtectionEnabled() ? curve.secureMultiplyGenerator(this.s_) : curve.multiplyGenerator(this.s_);
    }
}
