package org.bouncycastle.pqc.crypto.bike;

import java.security.SecureRandom;
import org.bouncycastle.crypto.digests.SHA3Digest;
import org.bouncycastle.crypto.digests.SHAKEDigest;
import org.bouncycastle.pqc.crypto.crystals.kyber.KyberEngine;
import org.bouncycastle.pqc.math.linearalgebra.GF2mField;
import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM;
import org.bouncycastle.util.Arrays;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:brooklyn-jmxmp-agent-shaded-1.1.0-20231116.1002.jar:org/bouncycastle/pqc/crypto/bike/BIKEEngine.class */
public class BIKEEngine {
    private int r;
    private int w;
    private int hw;
    private int t;
    private int l;
    private int nbIter;
    private int tau;
    private GF2mField field;
    private final PolynomialGF2mSmallM reductionPoly;
    private int L_BYTE;
    private int R_BYTE;

    public BIKEEngine(int i, int i2, int i3, int i4, int i5, int i6) {
        this.r = i;
        this.w = i2;
        this.t = i3;
        this.l = i4;
        this.nbIter = i5;
        this.tau = i6;
        this.hw = this.w / 2;
        this.L_BYTE = i4 / 8;
        this.R_BYTE = (i + 7) / 8;
        GF2mField gF2mField = new GF2mField(1);
        this.field = gF2mField;
        this.reductionPoly = new PolynomialGF2mSmallM(gF2mField, i).addMonomial(0);
    }

    public int getSessionKeySize() {
        return this.L_BYTE;
    }

    private byte[] functionH(byte[] bArr) {
        SHAKEDigest sHAKEDigest = new SHAKEDigest(256);
        sHAKEDigest.update(bArr, 0, bArr.length);
        return BIKERandomGenerator.generateRandomByteArray(this.r * 2, 2 * this.R_BYTE, this.t, sHAKEDigest);
    }

    private byte[] functionL(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[48];
        byte[] bArr4 = new byte[this.L_BYTE];
        SHA3Digest sHA3Digest = new SHA3Digest(KyberEngine.KyberPolyBytes);
        sHA3Digest.update(bArr, 0, bArr.length);
        sHA3Digest.update(bArr2, 0, bArr2.length);
        sHA3Digest.doFinal(bArr3, 0);
        System.arraycopy(bArr3, 0, bArr4, 0, this.L_BYTE);
        return bArr4;
    }

    private byte[] functionK(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        byte[] bArr4 = new byte[48];
        byte[] bArr5 = new byte[this.L_BYTE];
        SHA3Digest sHA3Digest = new SHA3Digest(KyberEngine.KyberPolyBytes);
        sHA3Digest.update(bArr, 0, bArr.length);
        sHA3Digest.update(bArr2, 0, bArr2.length);
        sHA3Digest.update(bArr3, 0, bArr3.length);
        sHA3Digest.doFinal(bArr4, 0);
        System.arraycopy(bArr4, 0, bArr5, 0, this.L_BYTE);
        return bArr5;
    }

    public void genKeyPair(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, SecureRandom secureRandom) {
        byte[] bArr5 = new byte[64];
        secureRandom.nextBytes(bArr5);
        byte[] bArr6 = new byte[this.L_BYTE];
        byte[] bArr7 = new byte[this.L_BYTE];
        System.arraycopy(bArr5, 0, bArr6, 0, bArr6.length);
        System.arraycopy(bArr5, bArr6.length, bArr7, 0, bArr7.length);
        SHAKEDigest sHAKEDigest = new SHAKEDigest(256);
        sHAKEDigest.update(bArr6, 0, bArr6.length);
        byte[] generateRandomByteArray = BIKERandomGenerator.generateRandomByteArray(this.r, this.R_BYTE, this.hw, sHAKEDigest);
        byte[] generateRandomByteArray2 = BIKERandomGenerator.generateRandomByteArray(this.r, this.R_BYTE, this.hw, sHAKEDigest);
        System.arraycopy(generateRandomByteArray, 0, bArr, 0, bArr.length);
        System.arraycopy(generateRandomByteArray2, 0, bArr2, 0, bArr2.length);
        byte[] bArr8 = new byte[this.r];
        byte[] bArr9 = new byte[this.r];
        Utils.fromByteArrayToBitArray(bArr9, generateRandomByteArray);
        Utils.fromByteArrayToBitArray(bArr8, generateRandomByteArray2);
        byte[] removeLast0Bits = Utils.removeLast0Bits(bArr9);
        byte[] encoded = new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(bArr8)).modKaratsubaMultiplyBigDeg(new PolynomialGF2mSmallM(this.field, removeLast0Bits).modInverseBigDeg(this.reductionPoly), this.reductionPoly).getEncoded();
        byte[] bArr10 = new byte[this.R_BYTE];
        Utils.fromBitArrayToByteArray(bArr10, encoded);
        System.arraycopy(bArr10, 0, bArr4, 0, bArr4.length);
        System.arraycopy(bArr7, 0, bArr3, 0, bArr3.length);
    }

    public void encaps(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, SecureRandom secureRandom) {
        byte[] bArr5 = new byte[64];
        secureRandom.nextBytes(bArr5);
        byte[] bArr6 = new byte[this.L_BYTE];
        System.arraycopy(bArr5, 0, bArr6, 0, bArr6.length);
        byte[] functionH = functionH(bArr6);
        byte[] bArr7 = new byte[2 * this.r];
        Utils.fromByteArrayToBitArray(bArr7, functionH);
        byte[] copyOfRange = Arrays.copyOfRange(bArr7, 0, this.r);
        byte[] copyOfRange2 = Arrays.copyOfRange(bArr7, this.r, bArr7.length);
        byte[] removeLast0Bits = Utils.removeLast0Bits(copyOfRange);
        byte[] removeLast0Bits2 = Utils.removeLast0Bits(copyOfRange2);
        PolynomialGF2mSmallM polynomialGF2mSmallM = new PolynomialGF2mSmallM(this.field, removeLast0Bits);
        PolynomialGF2mSmallM polynomialGF2mSmallM2 = new PolynomialGF2mSmallM(this.field, removeLast0Bits2);
        byte[] bArr8 = new byte[this.r];
        Utils.fromByteArrayToBitArray(bArr8, bArr4);
        byte[] encoded = polynomialGF2mSmallM.add(polynomialGF2mSmallM2.modKaratsubaMultiplyBigDeg(new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(bArr8)), this.reductionPoly)).getEncoded();
        byte[] bArr9 = new byte[this.R_BYTE];
        Utils.fromBitArrayToByteArray(bArr9, encoded);
        System.arraycopy(bArr9, 0, bArr, 0, bArr.length);
        byte[] bArr10 = new byte[this.R_BYTE];
        Utils.fromBitArrayToByteArray(bArr10, copyOfRange);
        byte[] bArr11 = new byte[this.R_BYTE];
        Utils.fromBitArrayToByteArray(bArr11, copyOfRange2);
        System.arraycopy(Utils.xorBytes(bArr6, functionL(bArr10, bArr11), this.L_BYTE), 0, bArr2, 0, bArr2.length);
        byte[] functionK = functionK(bArr6, bArr, bArr2);
        System.arraycopy(functionK, 0, bArr3, 0, functionK.length);
    }

    public void decaps(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5, byte[] bArr6) {
        byte[] bArr7 = new byte[this.r];
        byte[] bArr8 = new byte[this.r];
        byte[] bArr9 = new byte[this.l];
        Utils.fromByteArrayToBitArray(bArr7, bArr5);
        Utils.fromByteArrayToBitArray(bArr8, bArr2);
        Utils.fromByteArrayToBitArray(bArr9, bArr4);
        byte[] removeLast0Bits = Utils.removeLast0Bits(bArr7);
        byte[] removeLast0Bits2 = Utils.removeLast0Bits(bArr8);
        int[] iArr = new int[this.hw];
        int[] iArr2 = new int[this.hw];
        convertToCompact(iArr, bArr2);
        convertToCompact(iArr2, bArr3);
        byte[] BGFDecoder = BGFDecoder(computeSyndrome(removeLast0Bits, removeLast0Bits2), iArr, iArr2);
        byte[] bArr10 = new byte[2 * this.R_BYTE];
        Utils.fromBitArrayToByteArray(bArr10, BGFDecoder);
        byte[] copyOfRange = Arrays.copyOfRange(BGFDecoder, 0, this.r);
        byte[] copyOfRange2 = Arrays.copyOfRange(BGFDecoder, this.r, BGFDecoder.length);
        byte[] bArr11 = new byte[this.R_BYTE];
        Utils.fromBitArrayToByteArray(bArr11, copyOfRange);
        byte[] bArr12 = new byte[this.R_BYTE];
        Utils.fromBitArrayToByteArray(bArr12, copyOfRange2);
        byte[] xorBytes = Utils.xorBytes(bArr6, functionL(bArr11, bArr12), this.L_BYTE);
        byte[] bArr13 = new byte[this.l];
        byte[] functionK = Arrays.areEqual(bArr10, functionH(xorBytes)) ? functionK(xorBytes, bArr5, bArr6) : functionK(bArr4, bArr5, bArr6);
        System.arraycopy(functionK, 0, bArr, 0, functionK.length);
    }

    private byte[] computeSyndrome(byte[] bArr, byte[] bArr2) {
        return transpose(new PolynomialGF2mSmallM(this.field, bArr2).modKaratsubaMultiplyBigDeg(new PolynomialGF2mSmallM(this.field, bArr), this.reductionPoly).getEncoded());
    }

    private byte[] BGFDecoder(byte[] bArr, int[] iArr, int[] iArr2) {
        byte[] bArr2 = new byte[2 * this.r];
        int[] columnFromCompactVersion = getColumnFromCompactVersion(iArr);
        int[] columnFromCompactVersion2 = getColumnFromCompactVersion(iArr2);
        for (int i = 1; i <= this.nbIter; i++) {
            byte[] bArr3 = new byte[2 * this.r];
            byte[] bArr4 = new byte[2 * this.r];
            BFIter(bArr, bArr2, threshold(Utils.getHammingWeight(bArr), i, this.r), iArr, iArr2, columnFromCompactVersion, columnFromCompactVersion2, bArr3, bArr4);
            if (i == 1) {
                BFMaskedIter(bArr, bArr2, bArr3, ((this.hw + 1) / 2) + 1, iArr, iArr2, columnFromCompactVersion, columnFromCompactVersion2);
                BFMaskedIter(bArr, bArr2, bArr4, ((this.hw + 1) / 2) + 1, iArr, iArr2, columnFromCompactVersion, columnFromCompactVersion2);
            }
        }
        if (Utils.getHammingWeight(bArr) == 0) {
            return bArr2;
        }
        return null;
    }

    private byte[] transpose(byte[] bArr) {
        byte[] append0s = Utils.append0s(bArr, this.r);
        byte[] bArr2 = new byte[this.r];
        bArr2[0] = append0s[0];
        for (int i = 1; i < this.r; i++) {
            bArr2[i] = append0s[this.r - i];
        }
        return bArr2;
    }

    private void BFIter(byte[] bArr, byte[] bArr2, int i, int[] iArr, int[] iArr2, int[] iArr3, int[] iArr4, byte[] bArr3, byte[] bArr4) {
        int[] iArr5 = new int[2 * this.r];
        for (int i2 = 0; i2 < this.r; i2++) {
            if (ctr(iArr3, bArr, i2) >= i) {
                updateNewErrorIndex(bArr2, i2);
                iArr5[i2] = 1;
                bArr3[i2] = 1;
            } else if (ctr(iArr3, bArr, i2) >= i - this.tau) {
                bArr4[i2] = 1;
            }
        }
        for (int i3 = 0; i3 < this.r; i3++) {
            if (ctr(iArr4, bArr, i3) >= i) {
                updateNewErrorIndex(bArr2, this.r + i3);
                iArr5[this.r + i3] = 1;
                bArr3[this.r + i3] = 1;
            } else if (ctr(iArr4, bArr, i3) >= i - this.tau) {
                bArr4[this.r + i3] = 1;
            }
        }
        for (int i4 = 0; i4 < 2 * this.r; i4++) {
            if (iArr5[i4] == 1) {
                recomputeSyndrome(bArr, i4, iArr, iArr2);
            }
        }
    }

    private void BFMaskedIter(byte[] bArr, byte[] bArr2, byte[] bArr3, int i, int[] iArr, int[] iArr2, int[] iArr3, int[] iArr4) {
        int[] iArr5 = new int[2 * this.r];
        for (int i2 = 0; i2 < this.r; i2++) {
            if (ctr(iArr3, bArr, i2) >= i && bArr3[i2] == 1) {
                updateNewErrorIndex(bArr2, i2);
                iArr5[i2] = 1;
            }
        }
        for (int i3 = 0; i3 < this.r; i3++) {
            if (ctr(iArr4, bArr, i3) >= i && bArr3[this.r + i3] == 1) {
                updateNewErrorIndex(bArr2, this.r + i3);
                iArr5[this.r + i3] = 1;
            }
        }
        for (int i4 = 0; i4 < 2 * this.r; i4++) {
            if (iArr5[i4] == 1) {
                recomputeSyndrome(bArr, i4, iArr, iArr2);
            }
        }
    }

    private int threshold(int i, int i2, int i3) {
        int i4 = 0;
        switch (i3) {
            case 12323:
                int floor = (int) Math.floor((0.0069722d * i) + 13.53d);
                i4 = floor > 36 ? floor : 36;
                break;
            case 24659:
                int floor2 = (int) Math.floor((0.005265d * i) + 15.2588d);
                i4 = floor2 > 52 ? floor2 : 52;
                break;
            case 40973:
                int floor3 = (int) Math.floor((0.00402312d * i) + 17.8785d);
                i4 = floor3 > 69 ? floor3 : 69;
                break;
        }
        return i4;
    }

    private int ctr(int[] iArr, byte[] bArr, int i) {
        int i2 = 0;
        for (int i3 = 0; i3 < this.hw; i3++) {
            if (bArr[(iArr[i3] + i) % this.r] == 1) {
                i2++;
            }
        }
        return i2;
    }

    private void convertToCompact(int[] iArr, byte[] bArr) {
        int i = 0;
        for (int i2 = 0; i2 < this.R_BYTE; i2++) {
            for (int i3 = 0; i3 < 8 && (i2 * 8) + i3 != this.r; i3++) {
                if (((bArr[i2] >> i3) & 1) == 1) {
                    int i4 = i;
                    i++;
                    iArr[i4] = (i2 * 8) + i3;
                }
            }
        }
    }

    private int[] getColumnFromCompactVersion(int[] iArr) {
        int[] iArr2 = new int[this.hw];
        if (iArr[0] == 0) {
            iArr2[0] = 0;
            for (int i = 1; i < this.hw; i++) {
                iArr2[i] = this.r - iArr[this.hw - i];
            }
        } else {
            for (int i2 = 0; i2 < this.hw; i2++) {
                iArr2[i2] = this.r - iArr[(this.hw - 1) - i2];
            }
        }
        return iArr2;
    }

    private void recomputeSyndrome(byte[] bArr, int i, int[] iArr, int[] iArr2) {
        if (i < this.r) {
            for (int i2 = 0; i2 < this.hw; i2++) {
                if (iArr[i2] <= i) {
                    int i3 = i - iArr[i2];
                    bArr[i3] = (byte) (bArr[i3] ^ 1);
                } else {
                    int i4 = (this.r + i) - iArr[i2];
                    bArr[i4] = (byte) (bArr[i4] ^ 1);
                }
            }
            return;
        }
        for (int i5 = 0; i5 < this.hw; i5++) {
            if (iArr2[i5] <= i - this.r) {
                int i6 = (i - this.r) - iArr2[i5];
                bArr[i6] = (byte) (bArr[i6] ^ 1);
            } else {
                int i7 = (this.r - iArr2[i5]) + (i - this.r);
                bArr[i7] = (byte) (bArr[i7] ^ 1);
            }
        }
    }

    private void updateNewErrorIndex(byte[] bArr, int i) {
        int i2 = i;
        if (i != 0 && i != this.r) {
            i2 = i > this.r ? ((2 * this.r) - i) + this.r : this.r - i;
        }
        int i3 = i2;
        bArr[i3] = (byte) (bArr[i3] ^ 1);
    }
}
