package com.medishares.module.common.utils.zilliqa.com.firestack.laksaj.crypto;

import com.medishares.module.common.utils.trx.org.tron.common.crypto.ECKey;
import com.medishares.module.common.utils.trx.org.tron.common.utils.Utils;
import com.medishares.module.common.utils.zilliqa.com.firestack.laksaj.crypto.Signature;
import com.medishares.module.common.utils.zilliqa.com.firestack.laksaj.utils.HashUtil;
import f0.c.g.o.c;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.Security;
import java.util.Arrays;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.crypto.prng.SP800SecureRandomBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.math.ec.ECPoint;

/* compiled from: TbsSdkJava */
/* loaded from: classes9.dex */
public class Schnorr {
    private static final byte[] ALG;
    private static final int ENT_BITS = 256;
    private static final int PUBKEY_COMPRESSED_SIZE_BYTES = 33;
    private static final c secp256k1;

    static {
        if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
        secp256k1 = f0.c.g.c.a("secp256k1");
        ALG = "Schnorr+SHA256 ".getBytes();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ECKey generateKeyPair() throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        return new ECKey(Utils.getRandom());
    }

    private static SecureRandom getDRBG(byte[] bArr) {
        return new SP800SecureRandomBuilder().setEntropyBitsRequired(256).setPersonalizationString(ALG).buildHMAC(new HMac(new SHA256Digest()), bArr, true);
    }

    private static BigInteger hash(ECPoint eCPoint, ECPoint eCPoint2, byte[] bArr) {
        int length = bArr.length + 66;
        byte[] encoded = eCPoint.getEncoded(true);
        byte[] encoded2 = eCPoint2.getEncoded(true);
        byte[] bArr2 = new byte[length];
        Arrays.fill(bArr2, (byte) 0);
        System.arraycopy(encoded, 0, bArr2, 0, 33);
        System.arraycopy(encoded2, 0, bArr2, 33, 33);
        System.arraycopy(bArr, 0, bArr2, 66, bArr.length);
        return new BigInteger(1, HashUtil.sha256(bArr2));
    }

    public static Signature sign(ECKey eCKey, byte[] bArr) {
        SecureRandom drbg = getDRBG(bArr);
        byte[] bArr2 = new byte[secp256k1.d().bitLength() / 8];
        drbg.nextBytes(bArr2);
        Signature signature = null;
        while (signature == null) {
            signature = trySign(eCKey, bArr, new BigInteger(1, bArr2));
        }
        return signature;
    }

    public static Signature trySign(ECKey eCKey, byte[] bArr, BigInteger bigInteger) throws IllegalArgumentException {
        BigInteger d = secp256k1.d();
        BigInteger privKey = eCKey.getPrivKey();
        ECPoint decodePoint = secp256k1.a().decodePoint(eCKey.getPubKeyPoint().getEncoded(true));
        if (privKey.equals(BigInteger.ZERO)) {
            throw new IllegalArgumentException("Private key must be >= 0");
        }
        if (privKey.compareTo(d) >= 0) {
            throw new IllegalArgumentException("Private key cannot be greater than curve order");
        }
        BigInteger mod = hash(secp256k1.b().multiply(bigInteger), decodePoint, bArr).mod(secp256k1.d());
        if (mod.equals(BigInteger.ZERO)) {
            return null;
        }
        BigInteger mod2 = bigInteger.subtract(mod.multiply(privKey).mod(d)).mod(d);
        if (mod2.equals(BigInteger.ZERO)) {
            return null;
        }
        return new Signature.Builder().r(mod).s(mod2).build();
    }

    public static boolean verify(byte[] bArr, Signature signature, ECPoint eCPoint) throws IllegalArgumentException {
        if (signature.getR().equals(BigInteger.ZERO) || signature.getS().equals(BigInteger.ZERO)) {
            throw new IllegalArgumentException("Invalid R or S value: cannot be zero.");
        }
        if (signature.getR().signum() == -1 || signature.getS().signum() == -1) {
            throw new IllegalArgumentException("Invalid R or S value: cannot be negative.");
        }
        if (!eCPoint.getCurve().equals(secp256k1.a())) {
            throw new IllegalArgumentException("The public key must be a point on secp256k1.");
        }
        if (!eCPoint.isValid()) {
            throw new IllegalArgumentException("Invalid public key.");
        }
        ECPoint add = eCPoint.multiply(signature.getR()).add(secp256k1.b().multiply(signature.getS()));
        if (add.isInfinity() || !add.isValid()) {
            throw new IllegalArgumentException("Invalid intermediate point.");
        }
        BigInteger mod = hash(add, eCPoint, bArr).mod(secp256k1.d());
        if (mod.equals(BigInteger.ZERO)) {
            throw new IllegalArgumentException("Invalid hash.");
        }
        return mod.equals(signature.getR());
    }
}
