package com.google.crypto.tink.subtle;

import com.google.crypto.tink.config.internal.c;
import com.google.crypto.tink.subtle.C2666x;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.interfaces.RSAPublicKey;

@Q0.j
/* loaded from: classes2.dex */
public final class K implements com.google.crypto.tink.N {

    /* renamed from: c, reason: collision with root package name */
    public static final c.b f34465c = c.b.f32636e;

    /* renamed from: d, reason: collision with root package name */
    private static final String f34466d = "3031300d060960864801650304020105000420";

    /* renamed from: e, reason: collision with root package name */
    private static final String f34467e = "3041300d060960864801650304020205000430";

    /* renamed from: f, reason: collision with root package name */
    private static final String f34468f = "3051300d060960864801650304020305000440";

    /* renamed from: a, reason: collision with root package name */
    private final RSAPublicKey f34469a;

    /* renamed from: b, reason: collision with root package name */
    private final C2666x.a f34470b;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class a {

        /* renamed from: a, reason: collision with root package name */
        static final /* synthetic */ int[] f34471a;

        static {
            int[] iArr = new int[C2666x.a.values().length];
            f34471a = iArr;
            try {
                iArr[C2666x.a.SHA256.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f34471a[C2666x.a.SHA384.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                f34471a[C2666x.a.SHA512.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    public K(RSAPublicKey rSAPublicKey, C2666x.a aVar) throws GeneralSecurityException {
        if (!f34465c.a()) {
            throw new GeneralSecurityException("Can not use RSA-PKCS1.5 in FIPS-mode, as BoringCrypto module is not available.");
        }
        X.h(aVar);
        X.f(rSAPublicKey.getModulus().bitLength());
        X.g(rSAPublicKey.getPublicExponent());
        this.f34469a = rSAPublicKey;
        this.f34470b = aVar;
    }

    private byte[] a(byte[] bArr, int i5, C2666x.a aVar) throws GeneralSecurityException {
        X.h(aVar);
        MessageDigest a5 = C2664v.f34704e.a(W.g(this.f34470b));
        a5.update(bArr);
        byte[] digest = a5.digest();
        byte[] b5 = b(aVar);
        if (i5 < b5.length + digest.length + 11) {
            throw new GeneralSecurityException("intended encoded message length too short");
        }
        byte[] bArr2 = new byte[i5];
        bArr2[0] = 0;
        bArr2[1] = 1;
        int i6 = 2;
        int i7 = 0;
        while (i7 < (i5 - r0) - 3) {
            bArr2[i6] = -1;
            i7++;
            i6++;
        }
        int i8 = i6 + 1;
        bArr2[i6] = 0;
        System.arraycopy(b5, 0, bArr2, i8, b5.length);
        System.arraycopy(digest, 0, bArr2, i8 + b5.length, digest.length);
        return bArr2;
    }

    private byte[] b(C2666x.a aVar) throws GeneralSecurityException {
        int i5 = a.f34471a[aVar.ordinal()];
        if (i5 == 1) {
            return C2667y.a(f34466d);
        }
        if (i5 == 2) {
            return C2667y.a(f34467e);
        }
        if (i5 == 3) {
            return C2667y.a(f34468f);
        }
        throw new GeneralSecurityException("Unsupported hash " + aVar);
    }

    @Override // com.google.crypto.tink.N
    public void c(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        BigInteger publicExponent = this.f34469a.getPublicExponent();
        BigInteger modulus = this.f34469a.getModulus();
        int bitLength = (modulus.bitLength() + 7) / 8;
        if (bitLength != bArr.length) {
            throw new GeneralSecurityException("invalid signature's length");
        }
        BigInteger b5 = W.b(bArr);
        if (b5.compareTo(modulus) >= 0) {
            throw new GeneralSecurityException("signature out of range");
        }
        if (!C2651h.e(W.c(b5.modPow(publicExponent, modulus), bitLength), a(bArr2, bitLength, this.f34470b))) {
            throw new GeneralSecurityException("invalid signature");
        }
    }
}
