package io.nem.core.crypto.ed25519;

import io.nem.core.crypto.CryptoException;
import io.nem.core.crypto.DsaSigner;
import io.nem.core.crypto.KeyPair;
import io.nem.core.crypto.SignSchema;
import io.nem.core.crypto.Signature;
import io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedFieldElement;
import io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement;
import io.nem.core.crypto.ed25519.arithmetic.Ed25519Group;
import io.nem.core.crypto.ed25519.arithmetic.Ed25519GroupElement;
import io.nem.core.utils.ArrayUtils;
import java.math.BigInteger;
import java.util.Arrays;

/* loaded from: input_file:io/nem/core/crypto/ed25519/Ed25519DsaSigner.class */
public class Ed25519DsaSigner implements DsaSigner {
    private final SignSchema signSchema;
    private final KeyPair keyPair;

    public Ed25519DsaSigner(KeyPair keyPair, SignSchema signSchema) {
        this.keyPair = keyPair;
        this.signSchema = signSchema;
    }

    public KeyPair getKeyPair() {
        return this.keyPair;
    }

    /* JADX WARN: Type inference failed for: r3v1, types: [byte[], byte[][]] */
    /* JADX WARN: Type inference failed for: r3v3, types: [byte[], byte[][]] */
    @Override // io.nem.core.crypto.DsaSigner
    public Signature sign(byte[] bArr) {
        if (!getKeyPair().hasPrivateKey()) {
            throw new CryptoException("cannot sign without private key");
        }
        Ed25519EncodedFieldElement modQ = new Ed25519EncodedFieldElement(SignSchema.toHash64Bytes(this.signSchema, new byte[]{Arrays.copyOfRange(SignSchema.toHash(getKeyPair().getPrivateKey(), this.signSchema), 32, 64), bArr})).modQ();
        Ed25519EncodedGroupElement encode = Ed25519Group.BASE_POINT.scalarMultiply(modQ).encode();
        Signature signature = new Signature(encode.getRaw(), new Ed25519EncodedFieldElement(SignSchema.toHash64Bytes(this.signSchema, new byte[]{encode.getRaw(), getKeyPair().getPublicKey().getBytes(), bArr})).modQ().multiplyAndAddModQ(Ed25519Utils.prepareForScalarMultiply(getKeyPair().getPrivateKey(), this.signSchema), modQ).getRaw());
        if (isCanonicalSignature(signature)) {
            return signature;
        }
        throw new CryptoException("Generated signature is not canonical");
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v1, types: [byte[], byte[][]] */
    @Override // io.nem.core.crypto.DsaSigner
    public boolean verify(byte[] bArr, Signature signature) {
        if (!isCanonicalSignature(signature) || 1 == ArrayUtils.isEqualConstantTime(getKeyPair().getPublicKey().getBytes(), new byte[32])) {
            return false;
        }
        SignSchema.Hasher hasher = SignSchema.getHasher(this.signSchema, SignSchema.HashSize.HASH_SIZE_64_BYTES);
        byte[] binaryR = signature.getBinaryR();
        byte[] bytes = getKeyPair().getPublicKey().getBytes();
        Ed25519EncodedFieldElement modQ = new Ed25519EncodedFieldElement(hasher.hash(new byte[]{binaryR, bytes, bArr})).modQ();
        Ed25519GroupElement decode = new Ed25519EncodedGroupElement(bytes).decode();
        decode.precomputeForDoubleScalarMultiplication();
        return 1 == ArrayUtils.isEqualConstantTime(Ed25519Group.BASE_POINT.doubleScalarMultiplyVariableTime(decode, modQ, new Ed25519EncodedFieldElement(signature.getBinaryS())).encode().getRaw(), binaryR);
    }

    @Override // io.nem.core.crypto.DsaSigner
    public boolean isCanonicalSignature(Signature signature) {
        return 0 > signature.getS().compareTo(Ed25519Group.GROUP_ORDER) && 0 < signature.getS().compareTo(BigInteger.ZERO);
    }

    @Override // io.nem.core.crypto.DsaSigner
    public Signature makeSignatureCanonical(Signature signature) {
        return new Signature(signature.getBinaryR(), new Ed25519EncodedFieldElement(Arrays.copyOf(signature.getBinaryS(), 64)).modQ().getRaw());
    }
}
