package org.bouncycastle.crypto.general;

import java.math.BigInteger;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.SecureRandom;
import org.bouncycastle.asn1.cmp.PKIFailureInfo;
import org.bouncycastle.crypto.Algorithm;
import org.bouncycastle.crypto.AsymmetricPrivateKey;
import org.bouncycastle.crypto.AsymmetricPublicKey;
import org.bouncycastle.crypto.CryptoServicesRegistrar;
import org.bouncycastle.crypto.DigestAlgorithm;
import org.bouncycastle.crypto.OutputSignerUsingSecureRandom;
import org.bouncycastle.crypto.OutputVerifier;
import org.bouncycastle.crypto.asymmetric.AsymmetricDSAPrivateKey;
import org.bouncycastle.crypto.asymmetric.AsymmetricDSAPublicKey;
import org.bouncycastle.crypto.asymmetric.AsymmetricKeyPair;
import org.bouncycastle.crypto.asymmetric.DSADomainParameters;
import org.bouncycastle.crypto.asymmetric.DSAValidationParameters;
import org.bouncycastle.crypto.fips.FipsDSA;
import org.bouncycastle.crypto.fips.FipsSHS;
import org.bouncycastle.crypto.fips.FipsUnapprovedOperationError;
import org.bouncycastle.crypto.general.DSAOutputSigner;
import org.bouncycastle.crypto.internal.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.internal.Digest;
import org.bouncycastle.crypto.internal.PrimeCertaintyCalculator;
import org.bouncycastle.crypto.internal.params.DsaKeyGenerationParameters;
import org.bouncycastle.crypto.internal.params.DsaParameterGenerationParameters;
import org.bouncycastle.crypto.internal.params.DsaParameters;
import org.bouncycastle.crypto.internal.params.DsaPrivateKeyParameters;
import org.bouncycastle.crypto.internal.params.DsaPublicKeyParameters;
import org.bouncycastle.crypto.internal.params.DsaValidationParameters;
import org.bouncycastle.crypto.internal.params.ParametersWithRandom;
import org.bouncycastle.crypto.internal.test.ConsistencyTest;
import org.bouncycastle.util.Properties;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:org/bouncycastle/crypto/general/DSA.class */
public final class DSA {
    public static final Algorithm ALGORITHM = FipsDSA.ALGORITHM;
    public static final Parameters DSA = new Parameters(new GeneralAlgorithm(ALGORITHM.getName(), Variations.DSA), FipsSHS.Algorithm.SHA1);
    public static final Parameters DDSA = new Parameters(new GeneralAlgorithm(ALGORITHM.getName(), Variations.DDSA), FipsSHS.Algorithm.SHA1);

    /* loaded from: input_file:org/bouncycastle/crypto/general/DSA$DomainGenParameters.class */
    public static final class DomainGenParameters extends GeneralParameters {
        private final int strength;
        private final int certainty;

        public DomainGenParameters(int i) {
            this(i, PrimeCertaintyCalculator.getDefaultCertainty(i));
        }

        public DomainGenParameters(int i, int i2) {
            super(DSA.ALGORITHM);
            this.strength = i;
            this.certainty = i2;
        }
    }

    /* loaded from: input_file:org/bouncycastle/crypto/general/DSA$DomainParametersGenerator.class */
    public static final class DomainParametersGenerator {
        private final SecureRandom random;
        private final DomainGenParameters parameters;

        public DomainParametersGenerator(DomainGenParameters domainGenParameters, SecureRandom secureRandom) {
            if (CryptoServicesRegistrar.isInApprovedOnlyMode()) {
                throw new FipsUnapprovedOperationError("Attempt to create unapproved generator in approved only mode.");
            }
            this.parameters = domainGenParameters;
            this.random = secureRandom;
        }

        public DSADomainParameters generateDomainParameters() {
            DsaParametersGenerator dsaParametersGenerator = this.parameters.strength <= 1024 ? new DsaParametersGenerator() : new DsaParametersGenerator(Register.createDigest(FipsSHS.Algorithm.SHA256));
            if (this.parameters.strength == 1024) {
                if (Properties.isOverrideSet("org.bouncycastle.dsa.FIPS186-2for1024bits")) {
                    dsaParametersGenerator.init(this.parameters.strength, this.parameters.certainty, this.random);
                } else {
                    dsaParametersGenerator.init(new DsaParameterGenerationParameters(PKIFailureInfo.badRecipientNonce, 160, this.parameters.certainty, this.random));
                }
            } else if (this.parameters.strength > 1024) {
                dsaParametersGenerator.init(new DsaParameterGenerationParameters(this.parameters.strength, PKIFailureInfo.unacceptedPolicy, this.parameters.certainty, this.random));
            } else {
                dsaParametersGenerator.init(this.parameters.strength, this.parameters.certainty, this.random);
            }
            DsaParameters generateParameters = dsaParametersGenerator.generateParameters();
            DsaValidationParameters validationParameters = generateParameters.getValidationParameters();
            return new DSADomainParameters(generateParameters.getP(), generateParameters.getQ(), generateParameters.getG(), new DSAValidationParameters(validationParameters.getSeed(), validationParameters.getCounter(), validationParameters.getUsageIndex()));
        }
    }

    /* loaded from: input_file:org/bouncycastle/crypto/general/DSA$KeyGenParameters.class */
    public static final class KeyGenParameters extends GeneralParameters {
        private final DSADomainParameters domainParameters;

        public KeyGenParameters(Parameters parameters, DSADomainParameters dSADomainParameters) {
            super(parameters.getAlgorithm());
            this.domainParameters = dSADomainParameters;
        }

        public KeyGenParameters(DSADomainParameters dSADomainParameters) {
            super(DSA.ALGORITHM);
            this.domainParameters = dSADomainParameters;
        }

        public DSADomainParameters getDomainParameters() {
            return this.domainParameters;
        }
    }

    /* loaded from: input_file:org/bouncycastle/crypto/general/DSA$KeyPairGenerator.class */
    public static final class KeyPairGenerator extends GuardedAsymmetricKeyPairGenerator<KeyGenParameters, AsymmetricDSAPublicKey, AsymmetricDSAPrivateKey> {
        private final DsaKeyPairGenerator engine;
        private final DSADomainParameters domainParameters;
        private final DsaKeyGenerationParameters param;

        public KeyPairGenerator(KeyGenParameters keyGenParameters, SecureRandom secureRandom) {
            super(keyGenParameters);
            this.engine = new DsaKeyPairGenerator();
            this.domainParameters = keyGenParameters.getDomainParameters();
            this.param = new DsaKeyGenerationParameters(secureRandom, DSA.getDomainParams(this.domainParameters));
            this.engine.init(this.param);
        }

        @Override // org.bouncycastle.crypto.general.GuardedAsymmetricKeyPairGenerator
        protected AsymmetricKeyPair<AsymmetricDSAPublicKey, AsymmetricDSAPrivateKey> doGenerateKeyPair() {
            AsymmetricCipherKeyPair generateKeyPair = this.engine.generateKeyPair();
            DSA.validateKeyPair(generateKeyPair);
            DsaPublicKeyParameters dsaPublicKeyParameters = (DsaPublicKeyParameters) generateKeyPair.getPublic();
            DsaPrivateKeyParameters dsaPrivateKeyParameters = (DsaPrivateKeyParameters) generateKeyPair.getPrivate();
            Algorithm algorithm = getParameters().getAlgorithm();
            return new AsymmetricKeyPair<>(new AsymmetricDSAPublicKey(algorithm, this.domainParameters, dsaPublicKeyParameters.getY()), new AsymmetricDSAPrivateKey(algorithm, this.domainParameters, dsaPrivateKeyParameters.getX()));
        }
    }

    /* loaded from: input_file:org/bouncycastle/crypto/general/DSA$OperatorFactory.class */
    public static final class OperatorFactory extends GuardedSignatureOperatorUsingSecureRandomFactory<Parameters> {
        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.bouncycastle.crypto.general.GuardedSignatureOperatorUsingSecureRandomFactory
        public OutputSignerUsingSecureRandom<Parameters> doCreateSigner(AsymmetricPrivateKey asymmetricPrivateKey, Parameters parameters) {
            Digest createDigest = parameters.digestAlgorithm != null ? Register.createDigest(parameters.digestAlgorithm) : new NullDigest();
            DsaSigner dsaSigner = parameters.getAlgorithm() == DSA.DSA.getAlgorithm() ? new DsaSigner(new RandomDsaKCalculator()) : new DsaSigner(new HMacDsaKCalculator(Register.createDigest(parameters.digestAlgorithm)));
            final DsaPrivateKeyParameters lwKey = DSA.getLwKey((AsymmetricDSAPrivateKey) asymmetricPrivateKey);
            return new DSAOutputSigner(dsaSigner, createDigest, parameters, new DSAOutputSigner.Initializer() { // from class: org.bouncycastle.crypto.general.DSA.OperatorFactory.1
                @Override // org.bouncycastle.crypto.general.DSAOutputSigner.Initializer
                public void initialize(org.bouncycastle.crypto.internal.DSA dsa, SecureRandom secureRandom) {
                    dsa.init(true, new ParametersWithRandom(lwKey, secureRandom));
                }
            });
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.bouncycastle.crypto.general.GuardedSignatureOperatorUsingSecureRandomFactory
        public OutputVerifier<Parameters> doCreateVerifier(AsymmetricPublicKey asymmetricPublicKey, Parameters parameters) {
            Digest createDigest = parameters.digestAlgorithm != null ? Register.createDigest(parameters.digestAlgorithm) : new NullDigest();
            DsaSigner dsaSigner = parameters.getAlgorithm() == DSA.DSA.getAlgorithm() ? new DsaSigner(new RandomDsaKCalculator()) : new DsaSigner(new HMacDsaKCalculator(Register.createDigest(parameters.digestAlgorithm)));
            AsymmetricDSAPublicKey asymmetricDSAPublicKey = (AsymmetricDSAPublicKey) asymmetricPublicKey;
            dsaSigner.init(false, new DsaPublicKeyParameters(asymmetricDSAPublicKey.getY(), DSA.getDomainParams(asymmetricDSAPublicKey.getDomainParameters())));
            return new DSAOutputVerifier(dsaSigner, createDigest, parameters);
        }
    }

    /* loaded from: input_file:org/bouncycastle/crypto/general/DSA$Parameters.class */
    public static final class Parameters extends GeneralParameters {
        private final DigestAlgorithm digestAlgorithm;

        Parameters(GeneralAlgorithm generalAlgorithm, DigestAlgorithm digestAlgorithm) {
            super(generalAlgorithm);
            if (generalAlgorithm.basicVariation() == Variations.DDSA && digestAlgorithm == null) {
                throw new IllegalArgumentException("DDSA cannot be used with a NULL digest");
            }
            this.digestAlgorithm = digestAlgorithm;
        }

        public DigestAlgorithm getDigestAlgorithm() {
            return this.digestAlgorithm;
        }

        public Parameters withDigestAlgorithm(DigestAlgorithm digestAlgorithm) {
            return new Parameters((GeneralAlgorithm) getAlgorithm(), digestAlgorithm);
        }
    }

    /* loaded from: input_file:org/bouncycastle/crypto/general/DSA$Variations.class */
    private enum Variations {
        DSA,
        DDSA
    }

    private DSA() {
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void validateKeyPair(AsymmetricCipherKeyPair asymmetricCipherKeyPair) {
        SelfTestExecutor.validate(ALGORITHM, asymmetricCipherKeyPair, new ConsistencyTest<AsymmetricCipherKeyPair>() { // from class: org.bouncycastle.crypto.general.DSA.1
            @Override // org.bouncycastle.crypto.internal.test.ConsistencyTest
            public boolean hasTestPassed(AsymmetricCipherKeyPair asymmetricCipherKeyPair2) {
                byte[] decode = Hex.decode("576a1f885e3420128c8a656097ba7d8bb4c6f1b1853348cf2ba976971dbdbefc");
                DsaSigner dsaSigner = new DsaSigner(new RandomDsaKCalculator());
                dsaSigner.init(true, new ParametersWithRandom(asymmetricCipherKeyPair2.getPrivate(), Utils.testRandom));
                BigInteger[] generateSignature = dsaSigner.generateSignature(decode);
                dsaSigner.init(false, asymmetricCipherKeyPair2.getPublic());
                dsaSigner.verifySignature(decode, generateSignature[0], generateSignature[1]);
                return dsaSigner.verifySignature(decode, generateSignature[0], generateSignature[1]);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static DsaParameters getDomainParams(DSADomainParameters dSADomainParameters) {
        return new DsaParameters(dSADomainParameters.getP(), dSADomainParameters.getQ(), dSADomainParameters.getG());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static DsaPrivateKeyParameters getLwKey(final AsymmetricDSAPrivateKey asymmetricDSAPrivateKey) {
        return (DsaPrivateKeyParameters) AccessController.doPrivileged(new PrivilegedAction<DsaPrivateKeyParameters>() { // from class: org.bouncycastle.crypto.general.DSA.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public DsaPrivateKeyParameters run() {
                return new DsaPrivateKeyParameters(AsymmetricDSAPrivateKey.this.getX(), DSA.getDomainParams(AsymmetricDSAPrivateKey.this.getDomainParameters()));
            }
        });
    }
}
