package org.nem.core.crypto.ed25519;

import java.math.BigInteger;
import java.util.Arrays;
import org.nem.core.crypto.CryptoException;
import org.nem.core.crypto.DsaSigner;
import org.nem.core.crypto.Hashes;
import org.nem.core.crypto.KeyPair;
import org.nem.core.crypto.Signature;
import org.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedFieldElement;
import org.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement;
import org.nem.core.crypto.ed25519.arithmetic.Ed25519Group;
import org.nem.core.crypto.ed25519.arithmetic.Ed25519GroupElement;
import org.nem.core.utils.ArrayUtils;

/* loaded from: input_file:org/nem/core/crypto/ed25519/Ed25519DsaSigner.class */
public class Ed25519DsaSigner implements DsaSigner {
    private final KeyPair keyPair;

    public Ed25519DsaSigner(KeyPair keyPair) {
        this.keyPair = keyPair;
    }

    public KeyPair getKeyPair() {
        return this.keyPair;
    }

    /* JADX WARN: Type inference failed for: r0v4, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r2v2, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r2v5, types: [byte[], byte[][]] */
    @Override // org.nem.core.crypto.DsaSigner
    public Signature sign(byte[] bArr) {
        if (!getKeyPair().hasPrivateKey()) {
            throw new CryptoException("cannot sign without private key");
        }
        Ed25519EncodedFieldElement modQ = new Ed25519EncodedFieldElement(Hashes.sha3_512(new byte[]{Arrays.copyOfRange(Hashes.sha3_512(new byte[]{ArrayUtils.toByteArray(getKeyPair().getPrivateKey().getRaw(), 32)}), 32, 64), bArr})).modQ();
        Ed25519EncodedGroupElement encode = Ed25519Group.BASE_POINT.scalarMultiply(modQ).encode();
        Signature signature = new Signature(encode.getRaw(), new Ed25519EncodedFieldElement(Hashes.sha3_512(new byte[]{encode.getRaw(), getKeyPair().getPublicKey().getRaw(), bArr})).modQ().multiplyAndAddModQ(Ed25519Utils.prepareForScalarMultiply(getKeyPair().getPrivateKey()), modQ).getRaw());
        if (isCanonicalSignature(signature)) {
            return signature;
        }
        throw new CryptoException("Generated signature is not canonical");
    }

    /* JADX WARN: Type inference failed for: r2v3, types: [byte[], byte[][]] */
    @Override // org.nem.core.crypto.DsaSigner
    public boolean verify(byte[] bArr, Signature signature) {
        if (!isCanonicalSignature(signature) || 1 == ArrayUtils.isEqualConstantTime(getKeyPair().getPublicKey().getRaw(), new byte[32])) {
            return false;
        }
        byte[] binaryR = signature.getBinaryR();
        byte[] raw = getKeyPair().getPublicKey().getRaw();
        Ed25519EncodedFieldElement modQ = new Ed25519EncodedFieldElement(Hashes.sha3_512(new byte[]{binaryR, raw, bArr})).modQ();
        Ed25519GroupElement decode = new Ed25519EncodedGroupElement(raw).decode();
        decode.precomputeForDoubleScalarMultiplication();
        return 1 == ArrayUtils.isEqualConstantTime(Ed25519Group.BASE_POINT.doubleScalarMultiplyVariableTime(decode, modQ, new Ed25519EncodedFieldElement(signature.getBinaryS())).encode().getRaw(), binaryR);
    }

    @Override // org.nem.core.crypto.DsaSigner
    public boolean isCanonicalSignature(Signature signature) {
        return -1 == signature.getS().compareTo(Ed25519Group.GROUP_ORDER) && 1 == signature.getS().compareTo(BigInteger.ZERO);
    }

    @Override // org.nem.core.crypto.DsaSigner
    public Signature makeSignatureCanonical(Signature signature) {
        return new Signature(signature.getBinaryR(), new Ed25519EncodedFieldElement(Arrays.copyOf(signature.getBinaryS(), 64)).modQ().getRaw());
    }
}
