package org.bouncycastle.pqc.crypto.bike;

import java.security.SecureRandom;
import org.bouncycastle.crypto.digests.SHA3Digest;
import org.bouncycastle.crypto.digests.SHAKEDigest;
import org.bouncycastle.pqc.crypto.crystals.kyber.KyberEngine;
import org.bouncycastle.pqc.math.linearalgebra.GF2mField;
import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM;
import org.bouncycastle.util.Arrays;

/* loaded from: classes4.dex */
public class BIKEEngine {
    private int L_BYTE;
    private int R_BYTE;
    private GF2mField field;
    private int hw;

    /* renamed from: l, reason: collision with root package name */
    private int f54853l;
    private int nbIter;

    /* renamed from: r, reason: collision with root package name */
    private int f54854r;
    private final PolynomialGF2mSmallM reductionPoly;

    /* renamed from: t, reason: collision with root package name */
    private int f54855t;
    private int tau;

    /* renamed from: w, reason: collision with root package name */
    private int f54856w;

    public BIKEEngine(int i10, int i11, int i12, int i13, int i14, int i15) {
        this.f54854r = i10;
        this.f54856w = i11;
        this.f54855t = i12;
        this.f54853l = i13;
        this.nbIter = i14;
        this.tau = i15;
        this.hw = i11 / 2;
        this.L_BYTE = i13 / 8;
        this.R_BYTE = (i10 + 7) / 8;
        GF2mField gF2mField = new GF2mField(1);
        this.field = gF2mField;
        this.reductionPoly = new PolynomialGF2mSmallM(gF2mField, i10).addMonomial(0);
    }

    private void BFIter(byte[] bArr, byte[] bArr2, int i10, int[] iArr, int[] iArr2, int[] iArr3, int[] iArr4, byte[] bArr3, byte[] bArr4) {
        int[] iArr5 = new int[this.f54854r * 2];
        for (int i11 = 0; i11 < this.f54854r; i11++) {
            if (ctr(iArr3, bArr, i11) >= i10) {
                updateNewErrorIndex(bArr2, i11);
                iArr5[i11] = 1;
                bArr3[i11] = 1;
            } else if (ctr(iArr3, bArr, i11) >= i10 - this.tau) {
                bArr4[i11] = 1;
            }
        }
        for (int i12 = 0; i12 < this.f54854r; i12++) {
            if (ctr(iArr4, bArr, i12) >= i10) {
                updateNewErrorIndex(bArr2, this.f54854r + i12);
                int i13 = this.f54854r;
                iArr5[i13 + i12] = 1;
                bArr3[i13 + i12] = 1;
            } else if (ctr(iArr4, bArr, i12) >= i10 - this.tau) {
                bArr4[this.f54854r + i12] = 1;
            }
        }
        for (int i14 = 0; i14 < this.f54854r * 2; i14++) {
            if (iArr5[i14] == 1) {
                recomputeSyndrome(bArr, i14, iArr, iArr2);
            }
        }
    }

    private void BFMaskedIter(byte[] bArr, byte[] bArr2, byte[] bArr3, int i10, int[] iArr, int[] iArr2, int[] iArr3, int[] iArr4) {
        int[] iArr5 = new int[this.f54854r * 2];
        for (int i11 = 0; i11 < this.f54854r; i11++) {
            if (ctr(iArr3, bArr, i11) >= i10 && bArr3[i11] == 1) {
                updateNewErrorIndex(bArr2, i11);
                iArr5[i11] = 1;
            }
        }
        for (int i12 = 0; i12 < this.f54854r; i12++) {
            if (ctr(iArr4, bArr, i12) >= i10) {
                int i13 = this.f54854r;
                if (bArr3[i13 + i12] == 1) {
                    updateNewErrorIndex(bArr2, i13 + i12);
                    iArr5[this.f54854r + i12] = 1;
                }
            }
        }
        for (int i14 = 0; i14 < this.f54854r * 2; i14++) {
            if (iArr5[i14] == 1) {
                recomputeSyndrome(bArr, i14, iArr, iArr2);
            }
        }
    }

    private byte[] BGFDecoder(byte[] bArr, int[] iArr, int[] iArr2) {
        byte[] bArr2 = new byte[this.f54854r * 2];
        int[] columnFromCompactVersion = getColumnFromCompactVersion(iArr);
        int[] columnFromCompactVersion2 = getColumnFromCompactVersion(iArr2);
        int i10 = 1;
        while (i10 <= this.nbIter) {
            int i11 = this.f54854r;
            byte[] bArr3 = new byte[i11 * 2];
            byte[] bArr4 = new byte[i11 * 2];
            int i12 = i10;
            BFIter(bArr, bArr2, threshold(Utils.getHammingWeight(bArr), i10, this.f54854r), iArr, iArr2, columnFromCompactVersion, columnFromCompactVersion2, bArr3, bArr4);
            if (i12 == 1) {
                BFMaskedIter(bArr, bArr2, bArr3, ((this.hw + 1) / 2) + 1, iArr, iArr2, columnFromCompactVersion, columnFromCompactVersion2);
                BFMaskedIter(bArr, bArr2, bArr4, ((this.hw + 1) / 2) + 1, iArr, iArr2, columnFromCompactVersion, columnFromCompactVersion2);
            }
            i10 = i12 + 1;
        }
        if (Utils.getHammingWeight(bArr) == 0) {
            return bArr2;
        }
        return null;
    }

    private byte[] computeSyndrome(byte[] bArr, byte[] bArr2) {
        return transpose(new PolynomialGF2mSmallM(this.field, bArr2).modKaratsubaMultiplyBigDeg(new PolynomialGF2mSmallM(this.field, bArr), this.reductionPoly).getEncoded());
    }

    private void convertToCompact(int[] iArr, byte[] bArr) {
        int i10;
        int i11 = 0;
        for (int i12 = 0; i12 < this.R_BYTE; i12++) {
            for (int i13 = 0; i13 < 8 && (i10 = (i12 * 8) + i13) != this.f54854r; i13++) {
                if (((bArr[i12] >> i13) & 1) == 1) {
                    iArr[i11] = i10;
                    i11++;
                }
            }
        }
    }

    private int ctr(int[] iArr, byte[] bArr, int i10) {
        int i11 = 0;
        for (int i12 = 0; i12 < this.hw; i12++) {
            if (bArr[(iArr[i12] + i10) % this.f54854r] == 1) {
                i11++;
            }
        }
        return i11;
    }

    private byte[] functionH(byte[] bArr) {
        SHAKEDigest sHAKEDigest = new SHAKEDigest(256);
        sHAKEDigest.update(bArr, 0, bArr.length);
        return BIKERandomGenerator.generateRandomByteArray(this.f54854r * 2, this.R_BYTE * 2, this.f54855t, sHAKEDigest);
    }

    private byte[] functionK(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        byte[] bArr4 = new byte[48];
        byte[] bArr5 = new byte[this.L_BYTE];
        SHA3Digest sHA3Digest = new SHA3Digest(KyberEngine.KyberPolyBytes);
        sHA3Digest.update(bArr, 0, bArr.length);
        sHA3Digest.update(bArr2, 0, bArr2.length);
        sHA3Digest.update(bArr3, 0, bArr3.length);
        sHA3Digest.doFinal(bArr4, 0);
        System.arraycopy(bArr4, 0, bArr5, 0, this.L_BYTE);
        return bArr5;
    }

    private byte[] functionL(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[48];
        byte[] bArr4 = new byte[this.L_BYTE];
        SHA3Digest sHA3Digest = new SHA3Digest(KyberEngine.KyberPolyBytes);
        sHA3Digest.update(bArr, 0, bArr.length);
        sHA3Digest.update(bArr2, 0, bArr2.length);
        sHA3Digest.doFinal(bArr3, 0);
        System.arraycopy(bArr3, 0, bArr4, 0, this.L_BYTE);
        return bArr4;
    }

    private int[] getColumnFromCompactVersion(int[] iArr) {
        int[] iArr2 = new int[this.hw];
        int i10 = 0;
        if (iArr[0] != 0) {
            while (true) {
                int i11 = this.hw;
                if (i10 >= i11) {
                    break;
                }
                iArr2[i10] = this.f54854r - iArr[(i11 - 1) - i10];
                i10++;
            }
        } else {
            iArr2[0] = 0;
            int i12 = 1;
            while (true) {
                int i13 = this.hw;
                if (i12 >= i13) {
                    break;
                }
                iArr2[i12] = this.f54854r - iArr[i13 - i12];
                i12++;
            }
        }
        return iArr2;
    }

    private void recomputeSyndrome(byte[] bArr, int i10, int[] iArr, int[] iArr2) {
        int i11 = 0;
        if (i10 < this.f54854r) {
            while (i11 < this.hw) {
                if (iArr[i11] <= i10) {
                    int i12 = i10 - iArr[i11];
                    bArr[i12] = (byte) (bArr[i12] ^ 1);
                } else {
                    int i13 = (this.f54854r + i10) - iArr[i11];
                    bArr[i13] = (byte) (bArr[i13] ^ 1);
                }
                i11++;
            }
            return;
        }
        while (i11 < this.hw) {
            int i14 = iArr2[i11];
            int i15 = this.f54854r;
            if (i14 <= i10 - i15) {
                int i16 = (i10 - i15) - iArr2[i11];
                bArr[i16] = (byte) (bArr[i16] ^ 1);
            } else {
                int i17 = (i15 - iArr2[i11]) + (i10 - i15);
                bArr[i17] = (byte) (bArr[i17] ^ 1);
            }
            i11++;
        }
    }

    private int threshold(int i10, int i11, int i12) {
        if (i12 == 12323) {
            double d10 = i10;
            Double.isNaN(d10);
            int floor = (int) Math.floor((d10 * 0.0069722d) + 13.53d);
            if (floor > 36) {
                return floor;
            }
            return 36;
        }
        if (i12 == 24659) {
            double d11 = i10;
            Double.isNaN(d11);
            int floor2 = (int) Math.floor((d11 * 0.005265d) + 15.2588d);
            if (floor2 > 52) {
                return floor2;
            }
            return 52;
        }
        if (i12 != 40973) {
            return 0;
        }
        double d12 = i10;
        Double.isNaN(d12);
        int floor3 = (int) Math.floor((d12 * 0.00402312d) + 17.8785d);
        if (floor3 > 69) {
            return floor3;
        }
        return 69;
    }

    private byte[] transpose(byte[] bArr) {
        byte[] append0s = Utils.append0s(bArr, this.f54854r);
        byte[] bArr2 = new byte[this.f54854r];
        bArr2[0] = append0s[0];
        int i10 = 1;
        while (true) {
            int i11 = this.f54854r;
            if (i10 >= i11) {
                return bArr2;
            }
            bArr2[i10] = append0s[i11 - i10];
            i10++;
        }
    }

    private void updateNewErrorIndex(byte[] bArr, int i10) {
        int i11;
        if (i10 != 0 && i10 != (i11 = this.f54854r)) {
            i10 = i10 > i11 ? ((i11 * 2) - i10) + i11 : i11 - i10;
        }
        bArr[i10] = (byte) (bArr[i10] ^ 1);
    }

    public void decaps(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5, byte[] bArr6) {
        int i10 = this.f54854r;
        byte[] bArr7 = new byte[i10];
        byte[] bArr8 = new byte[i10];
        byte[] bArr9 = new byte[this.f54853l];
        Utils.fromByteArrayToBitArray(bArr7, bArr5);
        Utils.fromByteArrayToBitArray(bArr8, bArr2);
        Utils.fromByteArrayToBitArray(bArr9, bArr4);
        byte[] removeLast0Bits = Utils.removeLast0Bits(bArr7);
        byte[] removeLast0Bits2 = Utils.removeLast0Bits(bArr8);
        int i11 = this.hw;
        int[] iArr = new int[i11];
        int[] iArr2 = new int[i11];
        convertToCompact(iArr, bArr2);
        convertToCompact(iArr2, bArr3);
        byte[] BGFDecoder = BGFDecoder(computeSyndrome(removeLast0Bits, removeLast0Bits2), iArr, iArr2);
        byte[] bArr10 = new byte[this.R_BYTE * 2];
        Utils.fromBitArrayToByteArray(bArr10, BGFDecoder);
        byte[] copyOfRange = Arrays.copyOfRange(BGFDecoder, 0, this.f54854r);
        byte[] copyOfRange2 = Arrays.copyOfRange(BGFDecoder, this.f54854r, BGFDecoder.length);
        byte[] bArr11 = new byte[this.R_BYTE];
        Utils.fromBitArrayToByteArray(bArr11, copyOfRange);
        byte[] bArr12 = new byte[this.R_BYTE];
        Utils.fromBitArrayToByteArray(bArr12, copyOfRange2);
        byte[] xorBytes = Utils.xorBytes(bArr6, functionL(bArr11, bArr12), this.L_BYTE);
        byte[] bArr13 = new byte[this.f54853l];
        byte[] functionK = Arrays.areEqual(bArr10, functionH(xorBytes)) ? functionK(xorBytes, bArr5, bArr6) : functionK(bArr4, bArr5, bArr6);
        System.arraycopy(functionK, 0, bArr, 0, functionK.length);
    }

    public void encaps(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, SecureRandom secureRandom) {
        byte[] bArr5 = new byte[64];
        secureRandom.nextBytes(bArr5);
        int i10 = this.L_BYTE;
        byte[] bArr6 = new byte[i10];
        System.arraycopy(bArr5, 0, bArr6, 0, i10);
        byte[] functionH = functionH(bArr6);
        int i11 = this.f54854r * 2;
        byte[] bArr7 = new byte[i11];
        Utils.fromByteArrayToBitArray(bArr7, functionH);
        byte[] copyOfRange = Arrays.copyOfRange(bArr7, 0, this.f54854r);
        byte[] copyOfRange2 = Arrays.copyOfRange(bArr7, this.f54854r, i11);
        byte[] removeLast0Bits = Utils.removeLast0Bits(copyOfRange);
        byte[] removeLast0Bits2 = Utils.removeLast0Bits(copyOfRange2);
        PolynomialGF2mSmallM polynomialGF2mSmallM = new PolynomialGF2mSmallM(this.field, removeLast0Bits);
        PolynomialGF2mSmallM polynomialGF2mSmallM2 = new PolynomialGF2mSmallM(this.field, removeLast0Bits2);
        byte[] bArr8 = new byte[this.f54854r];
        Utils.fromByteArrayToBitArray(bArr8, bArr4);
        byte[] encoded = polynomialGF2mSmallM.add(polynomialGF2mSmallM2.modKaratsubaMultiplyBigDeg(new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(bArr8)), this.reductionPoly)).getEncoded();
        byte[] bArr9 = new byte[this.R_BYTE];
        Utils.fromBitArrayToByteArray(bArr9, encoded);
        System.arraycopy(bArr9, 0, bArr, 0, bArr.length);
        byte[] bArr10 = new byte[this.R_BYTE];
        Utils.fromBitArrayToByteArray(bArr10, copyOfRange);
        byte[] bArr11 = new byte[this.R_BYTE];
        Utils.fromBitArrayToByteArray(bArr11, copyOfRange2);
        System.arraycopy(Utils.xorBytes(bArr6, functionL(bArr10, bArr11), this.L_BYTE), 0, bArr2, 0, bArr2.length);
        byte[] functionK = functionK(bArr6, bArr, bArr2);
        System.arraycopy(functionK, 0, bArr3, 0, functionK.length);
    }

    public void genKeyPair(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, SecureRandom secureRandom) {
        byte[] bArr5 = new byte[64];
        secureRandom.nextBytes(bArr5);
        int i10 = this.L_BYTE;
        byte[] bArr6 = new byte[i10];
        byte[] bArr7 = new byte[i10];
        System.arraycopy(bArr5, 0, bArr6, 0, i10);
        System.arraycopy(bArr5, i10, bArr7, 0, i10);
        SHAKEDigest sHAKEDigest = new SHAKEDigest(256);
        sHAKEDigest.update(bArr6, 0, i10);
        byte[] generateRandomByteArray = BIKERandomGenerator.generateRandomByteArray(this.f54854r, this.R_BYTE, this.hw, sHAKEDigest);
        byte[] generateRandomByteArray2 = BIKERandomGenerator.generateRandomByteArray(this.f54854r, this.R_BYTE, this.hw, sHAKEDigest);
        System.arraycopy(generateRandomByteArray, 0, bArr, 0, bArr.length);
        System.arraycopy(generateRandomByteArray2, 0, bArr2, 0, bArr2.length);
        int i11 = this.f54854r;
        byte[] bArr8 = new byte[i11];
        byte[] bArr9 = new byte[i11];
        Utils.fromByteArrayToBitArray(bArr9, generateRandomByteArray);
        Utils.fromByteArrayToBitArray(bArr8, generateRandomByteArray2);
        byte[] removeLast0Bits = Utils.removeLast0Bits(bArr9);
        byte[] encoded = new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(bArr8)).modKaratsubaMultiplyBigDeg(new PolynomialGF2mSmallM(this.field, removeLast0Bits).modInverseBigDeg(this.reductionPoly), this.reductionPoly).getEncoded();
        byte[] bArr10 = new byte[this.R_BYTE];
        Utils.fromBitArrayToByteArray(bArr10, encoded);
        System.arraycopy(bArr10, 0, bArr4, 0, bArr4.length);
        System.arraycopy(bArr7, 0, bArr3, 0, bArr3.length);
    }

    public int getSessionKeySize() {
        return this.L_BYTE;
    }
}
