package org.spongycastle.pqc.crypto.mceliece;

import java.security.SecureRandom;
import org.spongycastle.crypto.CipherParameters;
import org.spongycastle.crypto.Digest;
import org.spongycastle.crypto.digests.SHA1Digest;
import org.spongycastle.crypto.params.ParametersWithRandom;
import org.spongycastle.crypto.prng.DigestRandomGenerator;
import org.spongycastle.pqc.crypto.MessageEncryptor;
import org.spongycastle.pqc.math.linearalgebra.ByteUtils;
import org.spongycastle.pqc.math.linearalgebra.GF2Vector;

/* loaded from: classes.dex */
public class McEliecePointchevalCipher implements MessageEncryptor {
    private int bAo;
    private int bRV;
    private Digest bSB;
    McElieceCCA2KeyParameters bUm;
    private int baK;
    private SecureRandom bvf;

    public int a(McElieceCCA2KeyParameters mcElieceCCA2KeyParameters) {
        if (mcElieceCCA2KeyParameters instanceof McElieceCCA2PublicKeyParameters) {
            return ((McElieceCCA2PublicKeyParameters) mcElieceCCA2KeyParameters).AX();
        }
        if (mcElieceCCA2KeyParameters instanceof McElieceCCA2PrivateKeyParameters) {
            return ((McElieceCCA2PrivateKeyParameters) mcElieceCCA2KeyParameters).AX();
        }
        throw new IllegalArgumentException("unsupported type");
    }

    public void a(McElieceCCA2PrivateKeyParameters mcElieceCCA2PrivateKeyParameters) {
        this.bSB = mcElieceCCA2PrivateKeyParameters.ID().IE();
        this.bAo = mcElieceCCA2PrivateKeyParameters.AX();
        this.baK = mcElieceCCA2PrivateKeyParameters.IF();
        this.bRV = mcElieceCCA2PrivateKeyParameters.IG();
    }

    public void a(McElieceCCA2PublicKeyParameters mcElieceCCA2PublicKeyParameters) {
        this.bvf = this.bvf != null ? this.bvf : new SecureRandom();
        this.bSB = mcElieceCCA2PublicKeyParameters.ID().IE();
        this.bAo = mcElieceCCA2PublicKeyParameters.AX();
        this.baK = mcElieceCCA2PublicKeyParameters.IF();
        this.bRV = mcElieceCCA2PublicKeyParameters.IG();
    }

    public void a(boolean z, CipherParameters cipherParameters) {
        if (!z) {
            this.bUm = (McElieceCCA2PrivateKeyParameters) cipherParameters;
            a((McElieceCCA2PrivateKeyParameters) this.bUm);
        } else if (!(cipherParameters instanceof ParametersWithRandom)) {
            this.bvf = new SecureRandom();
            this.bUm = (McElieceCCA2PublicKeyParameters) cipherParameters;
            a((McElieceCCA2PublicKeyParameters) this.bUm);
        } else {
            ParametersWithRandom parametersWithRandom = (ParametersWithRandom) cipherParameters;
            this.bvf = parametersWithRandom.zl();
            this.bUm = (McElieceCCA2PublicKeyParameters) parametersWithRandom.BC();
            a((McElieceCCA2PublicKeyParameters) this.bUm);
        }
    }

    public byte[] be(byte[] bArr) {
        int i = this.baK >> 3;
        byte[] bArr2 = new byte[i];
        this.bvf.nextBytes(bArr2);
        GF2Vector gF2Vector = new GF2Vector(this.baK, this.bvf);
        byte[] encoded = gF2Vector.getEncoded();
        byte[] H = ByteUtils.H(bArr, bArr2);
        this.bSB.update(H, 0, H.length);
        byte[] bArr3 = new byte[this.bSB.yS()];
        this.bSB.doFinal(bArr3, 0);
        byte[] encoded2 = McElieceCCA2Primitives.a((McElieceCCA2PublicKeyParameters) this.bUm, gF2Vector, Conversions.b(this.bAo, this.bRV, bArr3)).getEncoded();
        DigestRandomGenerator digestRandomGenerator = new DigestRandomGenerator(new SHA1Digest());
        digestRandomGenerator.aa(encoded);
        byte[] bArr4 = new byte[bArr.length + i];
        digestRandomGenerator.nextBytes(bArr4);
        for (int i2 = 0; i2 < bArr.length; i2++) {
            bArr4[i2] = (byte) (bArr4[i2] ^ bArr[i2]);
        }
        for (int i3 = 0; i3 < i; i3++) {
            int length = bArr.length + i3;
            bArr4[length] = (byte) (bArr4[length] ^ bArr2[i3]);
        }
        return ByteUtils.H(encoded2, bArr4);
    }

    public byte[] bf(byte[] bArr) {
        int i = (this.bAo + 7) >> 3;
        int length = bArr.length - i;
        byte[][] S = ByteUtils.S(bArr, i);
        byte[] bArr2 = S[0];
        byte[] bArr3 = S[1];
        GF2Vector[] a = McElieceCCA2Primitives.a((McElieceCCA2PrivateKeyParameters) this.bUm, GF2Vector.h(this.bAo, bArr2));
        byte[] encoded = a[0].getEncoded();
        GF2Vector gF2Vector = a[1];
        DigestRandomGenerator digestRandomGenerator = new DigestRandomGenerator(new SHA1Digest());
        digestRandomGenerator.aa(encoded);
        byte[] bArr4 = new byte[length];
        digestRandomGenerator.nextBytes(bArr4);
        for (int i2 = 0; i2 < length; i2++) {
            bArr4[i2] = (byte) (bArr4[i2] ^ bArr3[i2]);
        }
        this.bSB.update(bArr4, 0, bArr4.length);
        byte[] bArr5 = new byte[this.bSB.yS()];
        this.bSB.doFinal(bArr5, 0);
        if (Conversions.b(this.bAo, this.bRV, bArr5).equals(gF2Vector)) {
            return ByteUtils.S(bArr4, length - (this.baK >> 3))[0];
        }
        throw new Exception("Bad Padding: Invalid ciphertext.");
    }
}
