package at.asitplus.signum.supreme.sign;

import at.asitplus.KmmResult;
import at.asitplus.signum.ecmath.ECMathKt;
import at.asitplus.signum.indispensable.CryptoPublicKey;
import at.asitplus.signum.indispensable.CryptoSignature;
import at.asitplus.signum.indispensable.ECCurve;
import at.asitplus.signum.indispensable.ECPoint;
import at.asitplus.signum.indispensable.SignatureAlgorithm;
import at.asitplus.signum.indispensable.misc.BitLength;
import at.asitplus.signum.supreme.sign.Verifier;
import com.ionspin.kotlin.bignum.integer.BigInteger;
import java.util.concurrent.CancellationException;
import kotlin.Metadata;
import kotlin.NoWhenBranchMatchedException;
import kotlin.Result;
import kotlin.ResultKt;
import kotlin.UInt;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: Verifier.kt */
@Metadata(d1 = {"\u00002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\u0018\u00002\u00020\u00012\u00020\u0002B\u0019\b\u0000\u0012\u0006\u0010\u0003\u001a\u00020\u0004\u0012\u0006\u0010\u0005\u001a\u00020\u0006¢\u0006\u0004\b\u0007\u0010\bJ\u001e\u0010\t\u001a\b\u0012\u0004\u0012\u00020\u000b0\n2\u0006\u0010\f\u001a\u00020\r2\u0006\u0010\u000e\u001a\u00020\u000fH\u0016¨\u0006\u0010"}, d2 = {"Lat/asitplus/signum/supreme/sign/KotlinECDSAVerifier;", "Lat/asitplus/signum/supreme/sign/Verifier$EC;", "Lat/asitplus/signum/supreme/sign/KotlinVerifier;", "signatureAlgorithm", "Lat/asitplus/signum/indispensable/SignatureAlgorithm$ECDSA;", "publicKey", "Lat/asitplus/signum/indispensable/CryptoPublicKey$EC;", "<init>", "(Lat/asitplus/signum/indispensable/SignatureAlgorithm$ECDSA;Lat/asitplus/signum/indispensable/CryptoPublicKey$EC;)V", "verify", "Lat/asitplus/KmmResult;", "Lat/asitplus/signum/supreme/sign/Verifier$Success;", "data", "Lat/asitplus/signum/supreme/sign/SignatureInput;", "sig", "Lat/asitplus/signum/indispensable/CryptoSignature;", "supreme_release"}, k = 1, mv = {2, 1, 0}, xi = 48)
/* loaded from: classes3.dex */
public final class KotlinECDSAVerifier extends Verifier.EC implements KotlinVerifier {
    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public KotlinECDSAVerifier(SignatureAlgorithm.ECDSA signatureAlgorithm, CryptoPublicKey.EC publicKey) {
        super(signatureAlgorithm, publicKey, null);
        Intrinsics.checkNotNullParameter(signatureAlgorithm, "signatureAlgorithm");
        Intrinsics.checkNotNullParameter(publicKey, "publicKey");
    }

    @Override // at.asitplus.signum.supreme.sign.Verifier
    public KmmResult<Verifier.Success> verify(SignatureInput data2, CryptoSignature sig) {
        Object m8739constructorimpl;
        Intrinsics.checkNotNullParameter(data2, "data");
        Intrinsics.checkNotNullParameter(sig, "sig");
        KmmResult.Companion companion = KmmResult.INSTANCE;
        try {
            Result.Companion companion2 = Result.INSTANCE;
            KotlinECDSAVerifier kotlinECDSAVerifier = this;
        } catch (Throwable th) {
            Result.Companion companion3 = Result.INSTANCE;
            if ((th instanceof VirtualMachineError) || (th instanceof ThreadDeath) || (th instanceof InterruptedException) || (th instanceof LinkageError) || (th instanceof CancellationException)) {
                throw th;
            }
            m8739constructorimpl = Result.m8739constructorimpl(ResultKt.createFailure(th));
        }
        if (!(sig instanceof CryptoSignature.EC)) {
            throw new IllegalArgumentException("Attempted to validate non-EC signature using EC public key".toString());
        }
        CryptoSignature.EC ec = (CryptoSignature.EC) sig;
        if (ec instanceof CryptoSignature.EC.DefiniteLength) {
            int scalarByteLength = ((CryptoSignature.EC.DefiniteLength) sig).getScalarByteLength();
            ECCurve curve = getPublicKey().getCurve();
            BitLength.Companion companion4 = BitLength.INSTANCE;
            BitLength bitLength = new BitLength(UInt.m8834constructorimpl(curve.getOrder().bitLength()), null);
            if (scalarByteLength != UInt.m8834constructorimpl(Integer.divideUnsigned(bitLength.m7435getBitspVg5ArA(), 8) + (Integer.remainderUnsigned(bitLength.m7435getBitspVg5ArA(), 8) != 0 ? 1 : 0))) {
                throw new IllegalArgumentException("Failed requirement.".toString());
            }
        } else {
            if (!(ec instanceof CryptoSignature.EC.IndefiniteLength)) {
                throw new NoWhenBranchMatchedException();
            }
            ((CryptoSignature.EC.IndefiniteLength) sig).withCurve(getPublicKey().getCurve());
        }
        if (((CryptoSignature.EC) sig).getR().compareTo(0) <= 0 || ((CryptoSignature.EC) sig).getR().compareTo(getPublicKey().getCurve().getOrder()) >= 0) {
            throw new InvalidSignature("r is not in [1,n-1] (r=" + ((CryptoSignature.EC) sig).getR() + ", n=" + getPublicKey().getCurve().getOrder() + ')', null, 2, null);
        }
        if (((CryptoSignature.EC) sig).getS().compareTo(0) <= 0 || ((CryptoSignature.EC) sig).getS().compareTo(getPublicKey().getCurve().getOrder()) >= 0) {
            throw new InvalidSignature("s is not in [1,n-1] (s=" + ((CryptoSignature.EC) sig).getS() + ", n=" + getPublicKey().getCurve().getOrder() + ')', null, 2, null);
        }
        SignatureInput orThrow = data2.convertTo(getSignatureAlgorithm().getDigest()).getOrThrow();
        ECCurve curve2 = getPublicKey().getCurve();
        BitLength.Companion companion5 = BitLength.INSTANCE;
        BigInteger asECDSABigInteger$supreme_release = orThrow.asECDSABigInteger$supreme_release(new BitLength(UInt.m8834constructorimpl(curve2.getOrder().bitLength()), null));
        BigInteger modInverse = ((CryptoSignature.EC) sig).getS().modInverse(getPublicKey().getCurve().getOrder());
        ECPoint straussShamir = ECMathKt.straussShamir((BigInteger) asECDSABigInteger$supreme_release.times(modInverse), getPublicKey().getCurve().getGenerator(), (BigInteger) ((CryptoSignature.EC) sig).getR().times(modInverse), getPublicKey().getPublicPoint());
        ECPoint.Normalized normalize = !straussShamir.getHomZ().isZero() ? straussShamir.normalize() : null;
        if (normalize == null) {
            throw new InvalidSignature("(x1,y1) = additive zero", null, 2, null);
        }
        if (!Intrinsics.areEqual(normalize.getHomX().getResidue().mod(getPublicKey().getCurve().getOrder()), ((CryptoSignature.EC) sig).getR().mod(getPublicKey().getCurve().getOrder()))) {
            throw new InvalidSignature("Signature is invalid: r != s", null, 2, null);
        }
        m8739constructorimpl = Result.m8739constructorimpl(Verifier.Success.INSTANCE);
        return companion.wrap(m8739constructorimpl);
    }
}
