package org.bouncycastle.crypto.engines;

import java.io.ByteArrayOutputStream;
import java.util.Arrays;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.CryptoServicesRegistrar;
import org.bouncycastle.crypto.DataLengthException;
import org.bouncycastle.crypto.OutputLengthException;
import org.bouncycastle.crypto.constraints.DefaultServiceProperties;
import org.bouncycastle.crypto.modes.AEADCipher;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.util.Pack;

/* loaded from: classes3.dex */
public class XoodyakEngine implements AEADCipher {

    /* renamed from: a, reason: collision with root package name */
    public boolean f34617a;

    /* renamed from: b, reason: collision with root package name */
    public byte[] f34618b;

    /* renamed from: c, reason: collision with root package name */
    public int f34619c;

    /* renamed from: d, reason: collision with root package name */
    public MODE f34620d;

    /* renamed from: e, reason: collision with root package name */
    public int f34621e;

    /* renamed from: f, reason: collision with root package name */
    public byte[] f34622f;

    /* renamed from: g, reason: collision with root package name */
    public byte[] f34623g;

    /* renamed from: h, reason: collision with root package name */
    public byte[] f34624h;

    /* renamed from: j, reason: collision with root package name */
    public boolean f34626j;

    /* renamed from: k, reason: collision with root package name */
    public boolean f34627k;

    /* renamed from: i, reason: collision with root package name */
    public final int[] f34625i = {88, 56, 960, 208, 288, 20, 96, 44, 896, 240, 416, 18};

    /* renamed from: l, reason: collision with root package name */
    public boolean f34628l = false;

    /* renamed from: m, reason: collision with root package name */
    public final ByteArrayOutputStream f34629m = new ByteArrayOutputStream();

    /* renamed from: n, reason: collision with root package name */
    public final ByteArrayOutputStream f34630n = new ByteArrayOutputStream();

    /* loaded from: classes3.dex */
    public enum MODE {
        ModeHash,
        ModeKeyed
    }

    public static int c(int i10, int i11) {
        return (i10 >>> ((32 - i11) & 31)) ^ (i10 << (i11 & 31));
    }

    @Override // org.bouncycastle.crypto.modes.AEADCipher
    public final void a(boolean z10, CipherParameters cipherParameters) {
        this.f34617a = z10;
        if (!(cipherParameters instanceof ParametersWithIV)) {
            throw new IllegalArgumentException("Xoodyak init parameters must include an IV");
        }
        ParametersWithIV parametersWithIV = (ParametersWithIV) cipherParameters;
        byte[] bArr = parametersWithIV.f35247a;
        this.f34623g = bArr;
        if (bArr == null || bArr.length != 16) {
            throw new IllegalArgumentException("Xoodyak requires exactly 16 bytes of IV");
        }
        CipherParameters cipherParameters2 = parametersWithIV.f35248b;
        if (!(cipherParameters2 instanceof KeyParameter)) {
            throw new IllegalArgumentException("Xoodyak init parameters must include a key");
        }
        byte[] bArr2 = ((KeyParameter) cipherParameters2).f35233a;
        this.f34622f = bArr2;
        if (bArr2.length != 16) {
            throw new IllegalArgumentException("Xoodyak key must be 128 bits long");
        }
        CryptoServicesRegistrar.a(new DefaultServiceProperties("Xoodyak AEAD", 128, cipherParameters, Utils.a(z10)));
        this.f34618b = new byte[48];
        this.f34624h = new byte[16];
        this.f34628l = true;
        reset();
    }

    public final void b(int i10, int i11, int i12, byte[] bArr) {
        int i13 = 0;
        while (i13 < i11) {
            byte[] bArr2 = this.f34618b;
            bArr2[i13] = (byte) (bArr[i10] ^ bArr2[i13]);
            i13++;
            i10++;
        }
        byte[] bArr3 = this.f34618b;
        bArr3[i11] = (byte) (bArr3[i11] ^ 1);
        byte b10 = bArr3[47];
        if (this.f34620d == MODE.ModeHash) {
            i12 &= 1;
        }
        bArr3[47] = (byte) (i12 ^ b10);
        this.f34619c = 1;
    }

    public final void d(int i10, int i11, byte[] bArr) {
        int i12;
        if (this.f34620d != MODE.ModeHash) {
            byte[] bArr2 = this.f34618b;
            bArr2[47] = (byte) (bArr2[47] ^ i11);
        }
        int i13 = 12;
        int[] iArr = new int[12];
        Pack.k(this.f34618b, 0, iArr, 0, 12);
        int[] iArr2 = new int[12];
        int[] iArr3 = new int[4];
        int[] iArr4 = new int[4];
        for (int i14 = 0; i14 < i13; i14++) {
            for (int i15 = 0; i15 < 4; i15++) {
                iArr3[i15] = (iArr[f(i15, 1)] ^ iArr[f(i15, 0)]) ^ iArr[f(i15, 2)];
            }
            int i16 = 0;
            while (true) {
                i12 = 3;
                if (i16 >= 4) {
                    break;
                }
                int i17 = iArr3[3 & (i16 + 3)];
                iArr4[i16] = c(i17, 14) ^ c(i17, 5);
                i16++;
            }
            for (int i18 = 0; i18 < 4; i18++) {
                for (int i19 = 0; i19 < 3; i19++) {
                    int f10 = f(i18, i19);
                    iArr[f10] = iArr[f10] ^ iArr4[i18];
                }
            }
            for (int i20 = 0; i20 < 4; i20++) {
                iArr2[f(i20, 0)] = iArr[f(i20, 0)];
                iArr2[f(i20, 1)] = iArr[f(i20 + 3, 1)];
                iArr2[f(i20, 2)] = c(iArr[f(i20, 2)], 11);
            }
            iArr2[0] = iArr2[0] ^ this.f34625i[i14];
            int i21 = 0;
            while (i21 < 4) {
                int i22 = 0;
                while (i22 < i12) {
                    int i23 = i22 + 1;
                    iArr[f(i21, i22)] = ((~iArr2[f(i21, i23)]) & iArr2[f(i21, i22 + 2)]) ^ iArr2[f(i21, i22)];
                    i22 = i23;
                    i12 = 3;
                }
                i21++;
                i12 = 3;
            }
            for (int i24 = 0; i24 < 4; i24++) {
                iArr2[f(i24, 0)] = iArr[f(i24, 0)];
                iArr2[f(i24, 1)] = c(iArr[f(i24, 1)], 1);
                iArr2[f(i24, 2)] = c(iArr[f(i24 + 2, 2)], 8);
            }
            i13 = 12;
            System.arraycopy(iArr2, 0, iArr, 0, 12);
        }
        Pack.f(this.f34618b, iArr, i13, 0);
        this.f34619c = 2;
        if (bArr != null) {
            System.arraycopy(this.f34618b, 0, bArr, 0, i10);
        }
    }

    @Override // org.bouncycastle.crypto.modes.AEADCipher
    public final int doFinal(byte[] bArr, int i10) {
        int i11;
        if (!this.f34628l) {
            throw new IllegalArgumentException("Need call init function before encryption/decryption");
        }
        ByteArrayOutputStream byteArrayOutputStream = this.f34630n;
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        int size = byteArrayOutputStream.size();
        boolean z10 = this.f34617a;
        if ((z10 && size + 16 + i10 > bArr.length) || (!z10 && (size - 16) + i10 > bArr.length)) {
            throw new OutputLengthException("output buffer too short");
        }
        if (!this.f34626j) {
            byte[] byteArray2 = this.f34629m.toByteArray();
            int length = byteArray2.length;
            int i12 = this.f34621e;
            int i13 = 3;
            int i14 = 0;
            while (true) {
                if (this.f34619c != 2) {
                    d(0, 0, null);
                }
                int min = Math.min(length, i12);
                b(i14, min, i13, byteArray2);
                i14 += min;
                length -= min;
                if (length == 0) {
                    break;
                }
                i13 = 0;
            }
            this.f34626j = true;
        }
        if (this.f34617a) {
            e(byteArray, size, bArr, i10);
            byte[] bArr2 = new byte[16];
            this.f34624h = bArr2;
            d(16, 64, bArr2);
            System.arraycopy(this.f34624h, 0, bArr, i10 + size, 16);
            i11 = size + 16;
        } else {
            i11 = size - 16;
            e(byteArray, i11, bArr, i10);
            byte[] bArr3 = new byte[16];
            this.f34624h = bArr3;
            d(16, 64, bArr3);
            int i15 = i11;
            int i16 = 0;
            while (i16 < 16) {
                int i17 = i15 + 1;
                if (this.f34624h[i16] != byteArray[i15]) {
                    throw new IllegalArgumentException("Mac does not match");
                }
                i16++;
                i15 = i17;
            }
        }
        g(false);
        return i11;
    }

    public final void e(byte[] bArr, int i10, byte[] bArr2, int i11) {
        byte[] bArr3 = new byte[24];
        int i12 = this.f34627k ? 0 : 128;
        int i13 = 0;
        while (true) {
            if (i10 == 0 && this.f34627k) {
                return;
            }
            int min = Math.min(i10, 24);
            if (this.f34617a) {
                System.arraycopy(bArr, i13, bArr3, 0, min);
            }
            d(0, i12, null);
            int i14 = 0;
            while (i14 < min) {
                bArr2[i11 + i14] = (byte) (bArr[i13] ^ this.f34618b[i14]);
                i14++;
                i13++;
            }
            if (this.f34617a) {
                b(0, min, 0, bArr3);
            } else {
                b(i11, min, 0, bArr2);
            }
            i11 += min;
            i10 -= min;
            this.f34627k = true;
            i12 = 0;
        }
    }

    public final int f(int i10, int i11) {
        return (i10 % 4) + ((i11 % 3) * 4);
    }

    public final void g(boolean z10) {
        if (z10) {
            this.f34624h = null;
        }
        Arrays.fill(this.f34618b, (byte) 0);
        this.f34626j = false;
        this.f34627k = false;
        this.f34619c = 2;
        this.f34630n.reset();
        this.f34629m.reset();
        byte[] bArr = this.f34622f;
        int length = bArr.length;
        int length2 = this.f34623g.length;
        byte[] bArr2 = new byte[44];
        this.f34620d = MODE.ModeKeyed;
        this.f34621e = 44;
        System.arraycopy(bArr, 0, bArr2, 0, length);
        System.arraycopy(this.f34623g, 0, bArr2, length, length2);
        int i10 = length + length2;
        bArr2[i10] = (byte) length2;
        int i11 = i10 + 1;
        int i12 = this.f34621e;
        int i13 = 2;
        int i14 = 0;
        while (true) {
            if (this.f34619c != 2) {
                d(0, 0, null);
            }
            int min = Math.min(i11, i12);
            b(i14, min, i13, bArr2);
            i14 += min;
            i11 -= min;
            if (i11 == 0) {
                return;
            } else {
                i13 = 0;
            }
        }
    }

    @Override // org.bouncycastle.crypto.modes.AEADCipher
    public final String getAlgorithmName() {
        return "Xoodyak AEAD";
    }

    @Override // org.bouncycastle.crypto.modes.AEADCipher
    public final byte[] getMac() {
        return this.f34624h;
    }

    @Override // org.bouncycastle.crypto.modes.AEADCipher
    public final int getOutputSize(int i10) {
        return i10 + 16;
    }

    @Override // org.bouncycastle.crypto.modes.AEADCipher
    public final int getUpdateOutputSize(int i10) {
        return i10;
    }

    @Override // org.bouncycastle.crypto.modes.AEADCipher
    public final void processAADBytes(byte[] bArr, int i10, int i11) {
        if (this.f34626j) {
            throw new IllegalArgumentException("AAD cannot be added after reading a full block(24 bytes) of input for ".concat(this.f34617a ? "encryption" : "decryption"));
        }
        if (i10 + i11 > bArr.length) {
            throw new DataLengthException("input buffer too short");
        }
        this.f34629m.write(bArr, i10, i11);
    }

    @Override // org.bouncycastle.crypto.modes.AEADCipher
    public final int processBytes(byte[] bArr, int i10, int i11, byte[] bArr2, int i12) {
        if (!this.f34628l) {
            throw new IllegalArgumentException("Need call init function before encryption/decryption");
        }
        if (this.f34620d != MODE.ModeKeyed) {
            throw new IllegalArgumentException("Xoodyak has not been initialised");
        }
        if (i10 + i11 > bArr.length) {
            throw new DataLengthException("input buffer too short");
        }
        ByteArrayOutputStream byteArrayOutputStream = this.f34630n;
        byteArrayOutputStream.write(bArr, i10, i11);
        int size = byteArrayOutputStream.size() - (this.f34617a ? 0 : 16);
        if (size < 24) {
            return 0;
        }
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        int i13 = (size / 24) * 24;
        if (i13 + i12 > bArr2.length) {
            throw new OutputLengthException("output buffer is too short");
        }
        if (!this.f34626j) {
            byte[] byteArray2 = this.f34629m.toByteArray();
            int length = byteArray2.length;
            int i14 = this.f34621e;
            int i15 = 3;
            int i16 = 0;
            while (true) {
                if (this.f34619c != 2) {
                    d(0, 0, null);
                }
                int min = Math.min(length, i14);
                b(i16, min, i15, byteArray2);
                i16 += min;
                length -= min;
                if (length == 0) {
                    break;
                }
                i15 = 0;
            }
            this.f34626j = true;
        }
        e(byteArray, i13, bArr2, i12);
        byteArrayOutputStream.reset();
        byteArrayOutputStream.write(byteArray, i13, byteArray.length - i13);
        return i13;
    }

    @Override // org.bouncycastle.crypto.modes.AEADCipher
    public final void reset() {
        if (!this.f34628l) {
            throw new IllegalArgumentException("Need call init function before encryption/decryption");
        }
        g(true);
    }
}
