package org.bouncycastle.pqc.crypto.hqc;

import org.bouncycastle.pqc.math.linearalgebra.GF2mField;
import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM;
import org.bouncycastle.util.Arrays;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:brooklyn-jmxmp-agent-shaded-1.2.0-20240430-0912.jar:org/bouncycastle/pqc/crypto/hqc/HQCEngine.class */
public class HQCEngine {
    private int n;
    private int n1;
    private int n2;
    private int k;
    private int delta;
    private int w;
    private int wr;
    private int we;
    private int g;
    private int rejectionThreshold;
    private int fft;
    private int mulParam;
    private GF2mField field;
    private PolynomialGF2mSmallM reductionPoly;
    private int N_BYTE;
    private int n1n2;
    private int N_BYTE_64;
    private int K_BYTE;
    private int K_BYTE_64;
    private int N1_BYTE_64;
    private int N1N2_BYTE_64;
    private int N1N2_BYTE;
    private int N1_BYTE;
    private int[] generatorPoly;
    private int SEED_SIZE = 40;
    private byte G_FCT_DOMAIN = 3;
    private byte H_FCT_DOMAIN = 4;
    private byte K_FCT_DOMAIN = 5;
    private int SHA512_BYTES = 64;

    public HQCEngine(int i, int i2, int i3, int i4, int i5, int i6, int i7, int i8, int i9, int i10, int i11, int[] iArr) {
        this.n = i;
        this.k = i4;
        this.delta = i6;
        this.w = i7;
        this.wr = i8;
        this.we = i9;
        this.n1 = i2;
        this.n2 = i3;
        this.n1n2 = i2 * i3;
        this.generatorPoly = iArr;
        this.g = i5;
        this.rejectionThreshold = i10;
        this.fft = i11;
        this.mulParam = (int) Math.ceil(i3 / 128);
        this.N_BYTE = Utils.getByteSizeFromBitSize(i);
        this.K_BYTE = i4;
        this.N_BYTE_64 = Utils.getByte64SizeFromBitSize(i);
        this.K_BYTE_64 = Utils.getByteSizeFromBitSize(i4);
        this.N1_BYTE_64 = Utils.getByteSizeFromBitSize(i2);
        this.N1N2_BYTE_64 = Utils.getByte64SizeFromBitSize(i2 * i3);
        this.N1N2_BYTE = Utils.getByteSizeFromBitSize(i2 * i3);
        this.N1_BYTE = Utils.getByteSizeFromBitSize(i2);
        GF2mField gF2mField = new GF2mField(1);
        this.field = gF2mField;
        this.reductionPoly = new PolynomialGF2mSmallM(gF2mField, i).addMonomial(0);
    }

    public void genKeyPair(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        byte[] bArr4 = new byte[this.SEED_SIZE];
        HQCKeccakRandomGenerator hQCKeccakRandomGenerator = new HQCKeccakRandomGenerator(256);
        hQCKeccakRandomGenerator.randomGeneratorInit(bArr3, null, bArr3.length, 0);
        hQCKeccakRandomGenerator.squeeze(bArr4, 40);
        HQCKeccakRandomGenerator hQCKeccakRandomGenerator2 = new HQCKeccakRandomGenerator(256);
        hQCKeccakRandomGenerator2.seedExpanderInit(bArr4, bArr4.length);
        long[] jArr = new long[this.N_BYTE_64];
        int[] iArr = new int[this.w];
        generateSecretKey(jArr, hQCKeccakRandomGenerator2, this.w);
        generateSecretKeyByCoordinates(iArr, hQCKeccakRandomGenerator2, this.w);
        byte[] fromListOfPos1ToBitArray = Utils.fromListOfPos1ToBitArray(iArr, this.n);
        byte[] bArr5 = new byte[this.n];
        Utils.fromLongArrayToBitArray(bArr5, jArr);
        byte[] bArr6 = new byte[this.SEED_SIZE];
        hQCKeccakRandomGenerator.squeeze(bArr6, 40);
        HQCKeccakRandomGenerator hQCKeccakRandomGenerator3 = new HQCKeccakRandomGenerator(256);
        hQCKeccakRandomGenerator3.seedExpanderInit(bArr6, bArr6.length);
        long[] jArr2 = new long[this.N_BYTE_64];
        generatePublicKeyH(jArr2, hQCKeccakRandomGenerator3);
        byte[] bArr7 = new byte[this.n];
        Utils.fromLongArrayToBitArray(bArr7, jArr2);
        byte[] encoded = new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(bArr5)).add(new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(bArr7)).modKaratsubaMultiplyBigDeg(new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(fromListOfPos1ToBitArray)), this.reductionPoly)).getEncoded();
        byte[] bArr8 = new byte[this.N_BYTE];
        Utils.fromBitArrayToByteArray(bArr8, encoded);
        byte[] concatenate = Arrays.concatenate(bArr6, bArr8);
        byte[] concatenate2 = Arrays.concatenate(bArr4, concatenate);
        System.arraycopy(concatenate, 0, bArr, 0, concatenate.length);
        System.arraycopy(concatenate2, 0, bArr2, 0, concatenate2.length);
    }

    public void encaps(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5, byte[] bArr6) {
        byte[] bArr7 = new byte[this.K_BYTE];
        byte[] bArr8 = new byte[this.SEED_SIZE];
        HQCKeccakRandomGenerator hQCKeccakRandomGenerator = new HQCKeccakRandomGenerator(256);
        hQCKeccakRandomGenerator.randomGeneratorInit(bArr6, null, bArr6.length, 0);
        hQCKeccakRandomGenerator.squeeze(bArr8, 40);
        hQCKeccakRandomGenerator.squeeze(new byte[this.SEED_SIZE], 40);
        hQCKeccakRandomGenerator.squeeze(bArr7, this.K_BYTE);
        long[] jArr = new long[this.K_BYTE_64];
        Utils.fromByteArrayToLongArray(jArr, bArr7);
        byte[] bArr9 = new byte[this.SHA512_BYTES];
        HQCKeccakRandomGenerator hQCKeccakRandomGenerator2 = new HQCKeccakRandomGenerator(256);
        hQCKeccakRandomGenerator2.SHAKE256_512_ds(bArr9, bArr7, bArr7.length, new byte[]{this.G_FCT_DOMAIN});
        long[] jArr2 = new long[this.N_BYTE_64];
        byte[] bArr10 = new byte[this.N_BYTE];
        extractPublicKeys(jArr2, bArr10, bArr5);
        long[] jArr3 = new long[this.N_BYTE_64];
        long[] jArr4 = new long[this.N1N2_BYTE_64];
        encrypt(jArr3, jArr4, jArr2, bArr10, jArr, bArr9);
        Utils.fromLongArrayToByteArray(bArr2, jArr4, this.n1n2);
        Utils.fromLongArrayToByteArray(bArr, jArr3, this.n);
        hQCKeccakRandomGenerator2.SHAKE256_512_ds(bArr4, bArr7, bArr7.length, new byte[]{this.H_FCT_DOMAIN});
        byte[] bArr11 = new byte[this.K_BYTE + this.N_BYTE + this.N1N2_BYTE];
        byte[] concatenate = Arrays.concatenate(Arrays.concatenate(bArr7, bArr), bArr2);
        hQCKeccakRandomGenerator2.SHAKE256_512_ds(bArr3, concatenate, concatenate.length, new byte[]{this.K_FCT_DOMAIN});
    }

    public void decaps(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        byte[] bArr4 = new byte[this.n];
        byte[] bArr5 = new byte[40 + this.N_BYTE];
        extractKeysFromSecretKeys(bArr4, bArr5, bArr3);
        byte[] bArr6 = new byte[this.N_BYTE];
        byte[] bArr7 = new byte[this.N1N2_BYTE];
        byte[] bArr8 = new byte[this.SHA512_BYTES];
        extractCiphertexts(bArr6, bArr7, bArr8, bArr2);
        long[] jArr = new long[this.K_BYTE_64];
        decrypt(jArr, jArr, bArr6, bArr7, bArr4);
        byte[] bArr9 = new byte[this.k];
        Utils.fromLongArrayToByteArray(bArr9, jArr, this.k * 8);
        byte[] bArr10 = new byte[this.SHA512_BYTES];
        HQCKeccakRandomGenerator hQCKeccakRandomGenerator = new HQCKeccakRandomGenerator(256);
        hQCKeccakRandomGenerator.SHAKE256_512_ds(bArr10, bArr9, bArr9.length, new byte[]{this.G_FCT_DOMAIN});
        long[] jArr2 = new long[this.N_BYTE_64];
        byte[] bArr11 = new byte[this.N_BYTE];
        extractPublicKeys(jArr2, bArr11, bArr5);
        long[] jArr3 = new long[this.N_BYTE_64];
        long[] jArr4 = new long[this.N1N2_BYTE_64];
        encrypt(jArr3, jArr4, jArr2, bArr11, jArr, bArr10);
        byte[] bArr12 = new byte[this.N_BYTE];
        byte[] bArr13 = new byte[this.N1N2_BYTE];
        Utils.fromLongArrayToByteArray(bArr12, jArr3, this.n);
        Utils.fromLongArrayToByteArray(bArr13, jArr4, this.n1n2);
        byte[] bArr14 = new byte[this.SHA512_BYTES];
        hQCKeccakRandomGenerator.SHAKE256_512_ds(bArr14, bArr9, bArr9.length, new byte[]{this.H_FCT_DOMAIN});
        byte[] bArr15 = new byte[this.K_BYTE + this.N_BYTE + this.N1N2_BYTE];
        byte[] concatenate = Arrays.concatenate(Arrays.concatenate(bArr9, bArr6), bArr7);
        hQCKeccakRandomGenerator.SHAKE256_512_ds(bArr, concatenate, concatenate.length, new byte[]{this.K_FCT_DOMAIN});
        boolean z = Arrays.areEqual(bArr6, bArr12);
        if (!Arrays.areEqual(bArr7, bArr13)) {
            z = false;
        }
        if (!Arrays.areEqual(bArr8, bArr14)) {
            z = false;
        }
        if (z) {
            return;
        }
        for (int i = 0; i < getSessionKeySize(); i++) {
            bArr[i] = 0;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int getSessionKeySize() {
        return this.SHA512_BYTES;
    }

    private void encrypt(long[] jArr, long[] jArr2, long[] jArr3, byte[] bArr, long[] jArr4, byte[] bArr2) {
        HQCKeccakRandomGenerator hQCKeccakRandomGenerator = new HQCKeccakRandomGenerator(256);
        hQCKeccakRandomGenerator.seedExpanderInit(bArr2, this.SEED_SIZE);
        long[] jArr5 = new long[this.N_BYTE_64];
        long[] jArr6 = new long[this.N_BYTE_64];
        int[] iArr = new int[this.wr];
        generateSecretKey(jArr6, hQCKeccakRandomGenerator, this.wr);
        generateSecretKeyByCoordinates(iArr, hQCKeccakRandomGenerator, this.wr);
        generateSecretKey(jArr5, hQCKeccakRandomGenerator, this.we);
        byte[] bArr3 = new byte[this.n];
        Utils.fromLongArrayToBitArray(bArr3, jArr3);
        byte[] bArr4 = new byte[this.n];
        Utils.fromLongArrayToBitArray(bArr4, jArr6);
        byte[] fromListOfPos1ToBitArray = Utils.fromListOfPos1ToBitArray(iArr, new byte[this.n].length);
        byte[] bArr5 = new byte[this.n];
        Utils.fromLongArrayToBitArray(bArr5, jArr5);
        byte[] bArr6 = new byte[this.n];
        Utils.fromByteArrayToBitArray(bArr6, bArr);
        PolynomialGF2mSmallM polynomialGF2mSmallM = new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(bArr4));
        PolynomialGF2mSmallM polynomialGF2mSmallM2 = new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(fromListOfPos1ToBitArray));
        Utils.fromBitArrayToLongArray(jArr, polynomialGF2mSmallM.add(polynomialGF2mSmallM2.modKaratsubaMultiplyBigDeg(new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(bArr3)), this.reductionPoly)).getEncoded());
        PolynomialGF2mSmallM polynomialGF2mSmallM3 = new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(bArr6));
        PolynomialGF2mSmallM polynomialGF2mSmallM4 = new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(bArr5));
        long[] jArr7 = new long[this.N1_BYTE_64];
        ReedSolomon.encode(jArr7, jArr4, this.K_BYTE * 8, this.n1, this.k, this.g, this.generatorPoly);
        ReedMuller.encode(jArr2, jArr7, this.n1, this.mulParam);
        byte[] bArr7 = new byte[this.n1n2];
        Utils.fromLongArrayToBitArray(bArr7, jArr2);
        PolynomialGF2mSmallM add = new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(bArr7)).add(polynomialGF2mSmallM3.modKaratsubaMultiplyBigDeg(polynomialGF2mSmallM2, this.reductionPoly)).add(polynomialGF2mSmallM4);
        long[] jArr8 = new long[this.N_BYTE_64];
        Utils.fromBitArrayToLongArray(jArr8, add.getEncoded());
        Utils.resizeArray(jArr2, this.n1n2, jArr8, this.n, this.N1N2_BYTE_64, this.N1N2_BYTE_64);
    }

    private void decrypt(long[] jArr, long[] jArr2, byte[] bArr, byte[] bArr2, byte[] bArr3) {
        byte[] bArr4 = new byte[this.n];
        Utils.fromByteArrayToBitArray(bArr4, bArr);
        byte[] bArr5 = new byte[this.n1n2];
        Utils.fromByteArrayToBitArray(bArr5, bArr2);
        Utils.fromBitArrayToLongArray(new long[this.N_BYTE_64], bArr4);
        Utils.fromBitArrayToLongArray(new long[this.N1N2_BYTE_64], bArr5);
        PolynomialGF2mSmallM add = new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(bArr5)).add(new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(bArr4)).modKaratsubaMultiplyBigDeg(new PolynomialGF2mSmallM(this.field, Utils.removeLast0Bits(bArr3)), this.reductionPoly));
        long[] jArr3 = new long[this.N_BYTE_64];
        Utils.fromBitArrayToLongArray(jArr3, add.getEncoded());
        long[] jArr4 = new long[this.N1_BYTE_64];
        ReedMuller.decode(jArr4, jArr3, this.n1, this.mulParam);
        ReedSolomon.decode(jArr2, jArr4, this.n1, this.fft, this.delta, this.k, this.g);
        System.arraycopy(jArr2, 0, jArr, 0, jArr.length);
    }

    private void generateSecretKey(long[] jArr, HQCKeccakRandomGenerator hQCKeccakRandomGenerator, int i) {
        int[] iArr = new int[i];
        generateSecretKeyByCoordinates(iArr, hQCKeccakRandomGenerator, i);
        for (int i2 = 0; i2 < i; i2++) {
            int i3 = iArr[i2] / 64;
            jArr[i3] = jArr[i3] | (1 << (iArr[i2] % 64));
        }
    }

    private void generateSecretKeyByCoordinates(int[] iArr, HQCKeccakRandomGenerator hQCKeccakRandomGenerator, int i) {
        int i2;
        int i3 = 3 * i;
        byte[] bArr = new byte[3 * this.wr];
        int i4 = i3;
        for (int i5 = 0; i5 < i; i5 += i2) {
            do {
                if (i4 == i3) {
                    hQCKeccakRandomGenerator.expandSeed(bArr, i3);
                    i4 = 0;
                }
                int i6 = i4;
                int i7 = i4 + 1;
                iArr[i5] = (bArr[i6] & 255) << 16;
                int i8 = i5;
                int i9 = i7 + 1;
                iArr[i8] = iArr[i8] | ((bArr[i7] & 255) << 8);
                int i10 = i5;
                i4 = i9 + 1;
                iArr[i10] = iArr[i10] | (bArr[i9] & 255);
            } while (iArr[i5] >= this.rejectionThreshold);
            iArr[i5] = iArr[i5] % this.n;
            i2 = 1;
            for (int i11 = 0; i11 < i5; i11++) {
                if (iArr[i11] == iArr[i5]) {
                    i2 = 0;
                }
            }
        }
    }

    void generatePublicKeyH(long[] jArr, HQCKeccakRandomGenerator hQCKeccakRandomGenerator) {
        byte[] bArr = new byte[this.N_BYTE];
        hQCKeccakRandomGenerator.expandSeed(bArr, this.N_BYTE);
        long[] jArr2 = new long[this.N_BYTE_64];
        Utils.fromByteArrayToLongArray(jArr2, bArr);
        int i = this.N_BYTE_64 - 1;
        jArr2[i] = jArr2[i] & Utils.bitMask(this.n, 64L);
        System.arraycopy(jArr2, 0, jArr, 0, jArr.length);
    }

    private void extractPublicKeys(long[] jArr, byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[this.SEED_SIZE];
        System.arraycopy(bArr2, 0, bArr3, 0, bArr3.length);
        HQCKeccakRandomGenerator hQCKeccakRandomGenerator = new HQCKeccakRandomGenerator(256);
        hQCKeccakRandomGenerator.seedExpanderInit(bArr3, bArr3.length);
        long[] jArr2 = new long[this.N_BYTE_64];
        generatePublicKeyH(jArr2, hQCKeccakRandomGenerator);
        System.arraycopy(jArr2, 0, jArr, 0, jArr.length);
        System.arraycopy(bArr2, 40, bArr, 0, bArr.length);
    }

    private void extractKeysFromSecretKeys(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        byte[] bArr4 = new byte[this.SEED_SIZE];
        System.arraycopy(bArr3, 0, bArr4, 0, bArr4.length);
        HQCKeccakRandomGenerator hQCKeccakRandomGenerator = new HQCKeccakRandomGenerator(256);
        hQCKeccakRandomGenerator.seedExpanderInit(bArr4, bArr4.length);
        long[] jArr = new long[this.N_BYTE_64];
        int[] iArr = new int[this.w];
        generateSecretKey(jArr, hQCKeccakRandomGenerator, this.w);
        generateSecretKeyByCoordinates(iArr, hQCKeccakRandomGenerator, this.w);
        System.arraycopy(Utils.fromListOfPos1ToBitArray(iArr, this.n), 0, bArr, 0, bArr.length);
        System.arraycopy(bArr3, this.SEED_SIZE, bArr2, 0, bArr2.length);
    }

    private void extractCiphertexts(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) {
        System.arraycopy(bArr4, 0, bArr, 0, bArr.length);
        System.arraycopy(bArr4, bArr.length, bArr2, 0, bArr2.length);
        System.arraycopy(bArr4, bArr.length + bArr2.length, bArr3, 0, bArr3.length);
    }
}
