package org.bouncycastle.pqc.crypto.saber;

import org.bouncycastle.crypto.digests.Blake2xsDigest;
import org.bouncycastle.pqc.crypto.crystals.dilithium.DilithiumEngine;
import org.bouncycastle.pqc.crypto.crystals.kyber.KyberEngine;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public class Poly {
    private static final int KARATSUBA_N = 64;
    private static int SCHB_N = 16;
    private final int N_RES;
    private final int N_SB;
    private final int N_SB_RES;
    private final int SABER_L;
    private final int SABER_N;
    private final SABEREngine engine;
    private final Utils utils;

    public Poly(SABEREngine sABEREngine) {
        this.engine = sABEREngine;
        this.SABER_L = sABEREngine.getSABER_L();
        int saber_n = sABEREngine.getSABER_N();
        this.SABER_N = saber_n;
        this.N_RES = saber_n << 1;
        this.N_SB = saber_n >> 2;
        this.N_SB_RES = (r0 * 2) - 1;
        this.utils = sABEREngine.getUtils();
    }

    private short OVERFLOWING_MUL(int i, int i8) {
        return (short) (i * i8);
    }

    private void cbd(short[] sArr, byte[] bArr, int i) {
        int[] iArr = new int[4];
        if (this.engine.getSABER_MU() == 6) {
            for (int i8 = 0; i8 < this.SABER_N / 4; i8++) {
                int load_littleendian = (int) load_littleendian(bArr, (i8 * 3) + i, 3);
                int i9 = 0;
                for (int i10 = 0; i10 < 3; i10++) {
                    i9 += (load_littleendian >> i10) & 2396745;
                }
                iArr[0] = i9 & 7;
                iArr[1] = (i9 >>> 6) & 7;
                iArr[2] = (i9 >>> 12) & 7;
                iArr[3] = (i9 >>> 18) & 7;
                int i11 = i8 * 4;
                sArr[i11] = (short) (iArr[0] - ((i9 >>> 3) & 7));
                sArr[i11 + 1] = (short) (iArr[1] - ((i9 >>> 9) & 7));
                sArr[i11 + 2] = (short) (iArr[2] - ((i9 >>> 15) & 7));
                sArr[i11 + 3] = (short) (iArr[3] - (i9 >>> 21));
            }
            return;
        }
        char c = 15;
        if (this.engine.getSABER_MU() == 8) {
            for (int i12 = 0; i12 < this.SABER_N / 4; i12++) {
                int i13 = i12 * 4;
                int load_littleendian2 = (int) load_littleendian(bArr, i + i13, 4);
                int i14 = 0;
                for (int i15 = 0; i15 < 4; i15++) {
                    i14 += (load_littleendian2 >>> i15) & 286331153;
                }
                iArr[0] = i14 & 15;
                iArr[1] = (i14 >>> 8) & 15;
                iArr[2] = (i14 >>> 16) & 15;
                iArr[3] = (i14 >>> 24) & 15;
                sArr[i13] = (short) (iArr[0] - ((i14 >>> 4) & 15));
                sArr[i13 + 1] = (short) (iArr[1] - ((i14 >>> 12) & 15));
                sArr[i13 + 2] = (short) (iArr[2] - ((i14 >>> 20) & 15));
                sArr[i13 + 3] = (short) (iArr[3] - (i14 >>> 28));
            }
            return;
        }
        if (this.engine.getSABER_MU() == 10) {
            int i16 = 0;
            while (i16 < this.SABER_N / 4) {
                long load_littleendian3 = load_littleendian(bArr, (i16 * 5) + i, 5);
                long j = 0;
                for (int i17 = 0; i17 < 5; i17++) {
                    j += (load_littleendian3 >>> i17) & 35468117025L;
                }
                iArr[0] = (int) (j & 31);
                iArr[1] = (int) ((j >>> 10) & 31);
                iArr[2] = (int) ((j >>> 20) & 31);
                iArr[3] = (int) ((j >>> 30) & 31);
                int i18 = i16 * 4;
                sArr[i18] = (short) (iArr[0] - ((int) ((j >>> 5) & 31)));
                sArr[i18 + 1] = (short) (iArr[1] - ((int) ((j >>> c) & 31)));
                sArr[i18 + 2] = (short) (iArr[2] - ((int) ((j >>> 25) & 31)));
                sArr[i18 + 3] = (short) (iArr[3] - ((int) (j >>> 35)));
                i16++;
                c = 15;
            }
        }
    }

    private void karatsuba_simple(int[] iArr, int[] iArr2, int[] iArr3) {
        int i = 31;
        int[] iArr4 = new int[31];
        int[] iArr5 = new int[31];
        int[] iArr6 = new int[31];
        int[] iArr7 = new int[63];
        int i8 = 0;
        while (true) {
            if (i8 >= 16) {
                break;
            }
            int i9 = iArr[i8];
            int i10 = iArr[i8 + 16];
            int i11 = iArr[i8 + 32];
            int i12 = iArr[i8 + 48];
            int i13 = 0;
            for (int i14 = 16; i13 < i14; i14 = 16) {
                int i15 = iArr2[i13];
                int i16 = iArr2[i13 + 16];
                int i17 = i8 + i13;
                iArr3[i17] = iArr3[i17] + OVERFLOWING_MUL(i9, i15);
                int i18 = i17 + 32;
                iArr3[i18] = iArr3[i18] + OVERFLOWING_MUL(i10, i16);
                int i19 = i9;
                int[] iArr8 = iArr7;
                iArr4[i17] = (int) (((i15 + i16) * (i9 + i10)) + iArr4[i17]);
                int i20 = iArr2[i13 + 32];
                int i21 = iArr2[i13 + 48];
                int i22 = i17 + 64;
                iArr3[i22] = iArr3[i22] + OVERFLOWING_MUL(i20, i11);
                int i23 = i17 + 96;
                iArr3[i23] = iArr3[i23] + OVERFLOWING_MUL(i21, i12);
                iArr6[i17] = iArr6[i17] + OVERFLOWING_MUL(i11 + i12, i20 + i21);
                int i24 = i15 + i20;
                int i25 = i19 + i11;
                iArr8[i17] = iArr8[i17] + OVERFLOWING_MUL(i24, i25);
                int i26 = i16 + i21;
                int i27 = i10 + i12;
                iArr8[i18] = iArr8[i18] + OVERFLOWING_MUL(i26, i27);
                iArr5[i17] = iArr5[i17] + OVERFLOWING_MUL(i24 + i26, i25 + i27);
                i13++;
                i9 = i19;
                i8 = i8;
                iArr7 = iArr8;
            }
            i8++;
            i = 31;
        }
        int[] iArr9 = iArr7;
        int i28 = 0;
        while (i28 < i) {
            int i29 = i28 + 32;
            iArr5[i28] = (iArr5[i28] - iArr9[i28]) - iArr9[i29];
            iArr4[i28] = (iArr4[i28] - iArr3[i28]) - iArr3[i29];
            iArr6[i28] = (iArr6[i28] - iArr3[i28 + 64]) - iArr3[i28 + 96];
            i28++;
            i = 31;
        }
        for (int i30 = 0; i30 < i; i30++) {
            int i31 = i30 + 16;
            iArr9[i31] = iArr9[i31] + iArr5[i30];
            iArr3[i31] = iArr3[i31] + iArr4[i30];
            int i32 = i30 + 80;
            iArr3[i32] = iArr3[i32] + iArr6[i30];
        }
        int i33 = 63;
        int i34 = 0;
        while (i34 < i33) {
            iArr9[i34] = (iArr9[i34] - iArr3[i34]) - iArr3[i34 + 64];
            i34++;
            i33 = 63;
        }
        for (int i35 = 0; i35 < i33; i35++) {
            int i36 = i35 + 32;
            iArr3[i36] = iArr3[i36] + iArr9[i35];
        }
    }

    private long load_littleendian(byte[] bArr, int i, int i8) {
        long j = bArr[i] & 255;
        for (int i9 = 1; i9 < i8; i9++) {
            j |= (bArr[i + i9] & 255) << (i9 * 8);
        }
        return j;
    }

    private void poly_mul_acc(short[] sArr, short[] sArr2, short[] sArr3) {
        short[] sArr4 = new short[this.SABER_N * 2];
        toom_cook_4way(sArr, sArr2, sArr4);
        int i = this.SABER_N;
        while (true) {
            int i8 = this.SABER_N;
            if (i >= i8 * 2) {
                return;
            }
            int i9 = i - i8;
            sArr3[i9] = (short) ((sArr4[i - i8] - sArr4[i]) + sArr3[i9]);
            i++;
        }
    }

    private void toom_cook_4way(short[] sArr, short[] sArr2, short[] sArr3) {
        int i = this.N_SB;
        int[] iArr = new int[i];
        int[] iArr2 = new int[i];
        int[] iArr3 = new int[i];
        int[] iArr4 = new int[i];
        int[] iArr5 = new int[i];
        int[] iArr6 = new int[i];
        int[] iArr7 = new int[i];
        int[] iArr8 = new int[i];
        int[] iArr9 = new int[i];
        int[] iArr10 = new int[i];
        int[] iArr11 = new int[i];
        int[] iArr12 = new int[i];
        int[] iArr13 = new int[i];
        int[] iArr14 = new int[i];
        int i8 = this.N_SB_RES;
        int[] iArr15 = new int[i8];
        int[] iArr16 = new int[i8];
        int[] iArr17 = new int[i8];
        int[] iArr18 = new int[i8];
        int[] iArr19 = new int[i8];
        int[] iArr20 = new int[i8];
        int[] iArr21 = new int[i8];
        int i9 = 0;
        while (true) {
            int i10 = this.N_SB;
            if (i9 >= i10) {
                break;
            }
            short s8 = sArr[i9];
            short s9 = sArr[i9 + i10];
            short s10 = sArr[(i10 * 2) + i9];
            short s11 = sArr[(i10 * 3) + i9];
            int[] iArr22 = iArr14;
            short s12 = (short) (s8 + s10);
            int[] iArr23 = iArr9;
            short s13 = (short) (s9 + s11);
            iArr3[i9] = (short) (s12 + s13);
            iArr4[i9] = (short) (s12 - s13);
            short s14 = (short) (((s8 << 2) + s10) << 1);
            short s15 = (short) ((s9 << 2) + s11);
            iArr5[i9] = (short) (s14 + s15);
            iArr6[i9] = (short) (s14 - s15);
            iArr2[i9] = (short) ((s11 << 3) + (s10 << 2) + (s9 << 1) + s8);
            iArr7[i9] = s8;
            iArr[i9] = s11;
            i9++;
            iArr14 = iArr22;
            iArr9 = iArr23;
            iArr13 = iArr13;
        }
        int[] iArr24 = iArr14;
        int[] iArr25 = iArr9;
        int[] iArr26 = iArr13;
        int i11 = 0;
        while (true) {
            int i12 = this.N_SB;
            if (i11 >= i12) {
                break;
            }
            short s16 = sArr2[i11];
            short s17 = sArr2[i11 + i12];
            short s18 = sArr2[(i12 * 2) + i11];
            short s19 = sArr2[(i12 * 3) + i11];
            int i13 = s16 + s18;
            int i14 = s17 + s19;
            iArr10[i11] = i13 + i14;
            iArr11[i11] = i13 - i14;
            int i15 = ((s16 << 2) + s18) << 1;
            int i16 = (s17 << 2) + s19;
            iArr12[i11] = i15 + i16;
            iArr26[i11] = i15 - i16;
            iArr25[i11] = (s19 << 3) + (s18 << 2) + (s17 << 1) + s16;
            iArr24[i11] = s16;
            iArr8[i11] = s19;
            i11++;
        }
        karatsuba_simple(iArr, iArr8, iArr15);
        karatsuba_simple(iArr2, iArr25, iArr16);
        karatsuba_simple(iArr3, iArr10, iArr17);
        karatsuba_simple(iArr4, iArr11, iArr18);
        karatsuba_simple(iArr5, iArr12, iArr19);
        karatsuba_simple(iArr6, iArr26, iArr20);
        karatsuba_simple(iArr7, iArr24, iArr21);
        for (int i17 = 0; i17 < this.N_SB_RES; i17++) {
            int i18 = iArr15[i17];
            int i19 = iArr16[i17];
            int i20 = iArr17[i17];
            int i21 = iArr18[i17];
            int i22 = iArr19[i17];
            int i23 = iArr20[i17];
            int i24 = iArr21[i17];
            int i25 = i23 - i22;
            int i26 = ((i21 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH) - (i20 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH)) >>> 1;
            int i27 = i20 + i26;
            int i28 = ((i19 + i22) - (i27 << 6)) - i27;
            int i29 = (i27 - i24) - i18;
            int i30 = (i29 * 45) + i28;
            int i31 = (((((((i22 - i18) - (i24 << 6)) << 1) + i25) & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH) - (i29 << 3)) * 43691) >> 3;
            int i32 = (((i30 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH) + ((i26 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH) << 4)) * 36409) >> 1;
            int i33 = -(i26 + i32);
            int i34 = ((((i32 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH) * 30) - ((i25 + i30) & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH)) * 61167) >> 2;
            int i35 = i29 - i31;
            int i36 = i32 - i34;
            sArr3[i17] = (short) (sArr3[i17] + (i24 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH));
            int i37 = i17 + 64;
            sArr3[i37] = (short) (sArr3[i37] + (i34 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH));
            int i38 = i17 + 128;
            sArr3[i38] = (short) (sArr3[i38] + (i31 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH));
            int i39 = i17 + 192;
            sArr3[i39] = (short) (sArr3[i39] + (i33 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH));
            int i40 = i17 + 256;
            sArr3[i40] = (short) (sArr3[i40] + (i35 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH));
            int i41 = i17 + DilithiumEngine.DilithiumPolyT1PackedBytes;
            sArr3[i41] = (short) (sArr3[i41] + (i36 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH));
            int i42 = i17 + KyberEngine.KyberPolyBytes;
            sArr3[i42] = (short) (sArr3[i42] + (i18 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH));
        }
    }

    public void GenMatrix(short[][][] sArr, byte[] bArr) {
        int saber_polyvecbytes = this.SABER_L * this.engine.getSABER_POLYVECBYTES();
        byte[] bArr2 = new byte[saber_polyvecbytes];
        SABEREngine sABEREngine = this.engine;
        sABEREngine.symmetric.prf(bArr2, bArr, sABEREngine.getSABER_SEEDBYTES(), saber_polyvecbytes);
        for (int i = 0; i < this.SABER_L; i++) {
            this.utils.BS2POLVECq(bArr2, this.engine.getSABER_POLYVECBYTES() * i, sArr[i]);
        }
    }

    public void GenSecret(short[][] sArr, byte[] bArr) {
        int saber_polycoinbytes = this.SABER_L * this.engine.getSABER_POLYCOINBYTES();
        byte[] bArr2 = new byte[saber_polycoinbytes];
        SABEREngine sABEREngine = this.engine;
        sABEREngine.symmetric.prf(bArr2, bArr, sABEREngine.getSABER_NOISE_SEEDBYTES(), saber_polycoinbytes);
        for (int i = 0; i < this.SABER_L; i++) {
            SABEREngine sABEREngine2 = this.engine;
            if (sABEREngine2.usingEffectiveMasking) {
                for (int i8 = 0; i8 < this.SABER_N / 4; i8++) {
                    int i9 = i8 * 4;
                    sArr[i][i9] = (short) (((bArr2[(this.engine.getSABER_POLYCOINBYTES() * i) + i8] & 3) ^ 2) - 2);
                    sArr[i][i9 + 1] = (short) ((((bArr2[(this.engine.getSABER_POLYCOINBYTES() * i) + i8] >>> 2) & 3) ^ 2) - 2);
                    sArr[i][i9 + 2] = (short) ((((bArr2[(this.engine.getSABER_POLYCOINBYTES() * i) + i8] >>> 4) & 3) ^ 2) - 2);
                    sArr[i][i9 + 3] = (short) ((((bArr2[(this.engine.getSABER_POLYCOINBYTES() * i) + i8] >>> 6) & 3) ^ 2) - 2);
                }
            } else {
                cbd(sArr[i], bArr2, sABEREngine2.getSABER_POLYCOINBYTES() * i);
            }
        }
    }

    public void InnerProd(short[][] sArr, short[][] sArr2, short[] sArr3) {
        for (int i = 0; i < this.SABER_L; i++) {
            poly_mul_acc(sArr[i], sArr2[i], sArr3);
        }
    }

    public void MatrixVectorMul(short[][][] sArr, short[][] sArr2, short[][] sArr3, int i) {
        for (int i8 = 0; i8 < this.SABER_L; i8++) {
            for (int i9 = 0; i9 < this.SABER_L; i9++) {
                if (i == 1) {
                    poly_mul_acc(sArr[i9][i8], sArr2[i9], sArr3[i8]);
                } else {
                    poly_mul_acc(sArr[i8][i9], sArr2[i9], sArr3[i8]);
                }
            }
        }
    }
}
