package Xb;

import Lb.e;
import Xb.J;
import com.google.errorprone.annotations.Immutable;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.interfaces.RSAPublicKey;

/* compiled from: RsaSsaPkcs1VerifyJce.java */
@Immutable
/* loaded from: classes3.dex */
public final class da implements Hb.K {
    private static final String eKa = "3031300d060960864801650304020105000420";
    private static final String fKa = "3041300d060960864801650304020205000430";
    private static final String gKa = "3051300d060960864801650304020305000440";
    public static final e.a jIa = e.a.Kxb;
    private final J.a hash;
    private final RSAPublicKey publicKey;

    public da(RSAPublicKey rSAPublicKey, J.a aVar) throws GeneralSecurityException {
        if (!jIa.DQ()) {
            throw new GeneralSecurityException("Can not use RSA-PKCS1.5 in FIPS-mode, as BoringCrypto module is not available.");
        }
        ra.d(aVar);
        ra.Bd(rSAPublicKey.getModulus().bitLength());
        ra.d(rSAPublicKey.getPublicExponent());
        this.publicKey = rSAPublicKey;
        this.hash = aVar;
    }

    private byte[] b(byte[] bArr, int i2, J.a aVar) throws GeneralSecurityException {
        ra.d(aVar);
        MessageDigest h2 = H.MESSAGE_DIGEST.getInstance(pa.a(this.hash));
        h2.update(bArr);
        byte[] digest = h2.digest();
        byte[] f2 = f(aVar);
        if (i2 < f2.length + digest.length + 11) {
            throw new GeneralSecurityException("intended encoded message length too short");
        }
        byte[] bArr2 = new byte[i2];
        bArr2[0] = 0;
        bArr2[1] = 1;
        int i3 = 0;
        int i4 = 2;
        while (i3 < (i2 - r0) - 3) {
            bArr2[i4] = -1;
            i3++;
            i4++;
        }
        int i5 = i4 + 1;
        bArr2[i4] = 0;
        System.arraycopy(f2, 0, bArr2, i5, f2.length);
        System.arraycopy(digest, 0, bArr2, i5 + f2.length, digest.length);
        return bArr2;
    }

    private byte[] f(J.a aVar) throws GeneralSecurityException {
        int i2 = ca.MHa[aVar.ordinal()];
        if (i2 == 1) {
            return L.decode(eKa);
        }
        if (i2 == 2) {
            return L.decode(fKa);
        }
        if (i2 == 3) {
            return L.decode(gKa);
        }
        throw new GeneralSecurityException("Unsupported hash " + aVar);
    }

    @Override // Hb.K
    public void d(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        BigInteger publicExponent = this.publicKey.getPublicExponent();
        BigInteger modulus = this.publicKey.getModulus();
        int bitLength = (modulus.bitLength() + 7) / 8;
        if (bitLength != bArr.length) {
            throw new GeneralSecurityException("invalid signature's length");
        }
        BigInteger ma2 = pa.ma(bArr);
        if (ma2.compareTo(modulus) >= 0) {
            throw new GeneralSecurityException("signature out of range");
        }
        if (!C0872m.j(pa.b(ma2.modPow(publicExponent, modulus), bitLength), b(bArr2, bitLength, this.hash))) {
            throw new GeneralSecurityException("invalid signature");
        }
    }
}
