package org.bouncycastle.crypto.engines;

import defpackage.d;
import java.math.BigInteger;
import java.security.SecureRandom;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.CryptoServicesRegistrar;
import org.bouncycastle.crypto.DataLengthException;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.ExtendedDigest;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.constraints.ConstraintUtils;
import org.bouncycastle.crypto.constraints.DefaultServiceProperties;
import org.bouncycastle.crypto.digests.SM3Digest;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECKeyParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.math.ec.ECFieldElement;
import org.bouncycastle.math.ec.ECPoint;
import org.bouncycastle.math.ec.FixedPointCombMultiplier;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.BigIntegers;
import org.bouncycastle.util.Memoable;
import org.bouncycastle.util.Pack;

/* loaded from: classes2.dex */
public class SM2Engine {

    /* renamed from: a, reason: collision with root package name */
    public final Digest f33771a;

    /* renamed from: b, reason: collision with root package name */
    public final Mode f33772b;

    /* renamed from: c, reason: collision with root package name */
    public boolean f33773c;

    /* renamed from: d, reason: collision with root package name */
    public ECKeyParameters f33774d;

    /* renamed from: e, reason: collision with root package name */
    public ECDomainParameters f33775e;

    /* renamed from: f, reason: collision with root package name */
    public int f33776f;

    /* renamed from: g, reason: collision with root package name */
    public SecureRandom f33777g;

    /* renamed from: org.bouncycastle.crypto.engines.SM2Engine$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class AnonymousClass1 {

        /* renamed from: a, reason: collision with root package name */
        public static final /* synthetic */ int[] f33778a;

        static {
            int[] iArr = new int[Mode.values().length];
            f33778a = iArr;
            try {
                iArr[Mode.C1C3C2.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
        }
    }

    /* loaded from: classes2.dex */
    public enum Mode {
        C1C2C3,
        C1C3C2
    }

    public SM2Engine() {
        this(new SM3Digest());
    }

    public SM2Engine(ExtendedDigest extendedDigest) {
        Mode mode = Mode.C1C2C3;
        if (mode == null) {
            throw new IllegalArgumentException("mode cannot be NULL");
        }
        this.f33771a = extendedDigest;
        this.f33772b = mode;
    }

    public final void a(Digest digest, ECFieldElement eCFieldElement) {
        byte[] b10 = BigIntegers.b(this.f33776f, eCFieldElement.t());
        digest.update(b10, 0, b10.length);
    }

    public final void b(boolean z9, CipherParameters cipherParameters) {
        this.f33773c = z9;
        if (z9) {
            ParametersWithRandom parametersWithRandom = (ParametersWithRandom) cipherParameters;
            ECKeyParameters eCKeyParameters = (ECKeyParameters) parametersWithRandom.f34457b;
            this.f33774d = eCKeyParameters;
            ECDomainParameters eCDomainParameters = eCKeyParameters.f34406b;
            this.f33775e = eCDomainParameters;
            if (((ECPublicKeyParameters) eCKeyParameters).f34409c.m(eCDomainParameters.f34400k).l()) {
                throw new IllegalArgumentException("invalid key: [h]Q at infinity");
            }
            this.f33777g = parametersWithRandom.f34456a;
        } else {
            ECKeyParameters eCKeyParameters2 = (ECKeyParameters) cipherParameters;
            this.f33774d = eCKeyParameters2;
            this.f33775e = eCKeyParameters2.f34406b;
        }
        this.f33776f = (this.f33775e.f34396g.k() + 7) / 8;
        CryptoServicesRegistrar.a(new DefaultServiceProperties("SM2", ConstraintUtils.b(this.f33775e.f34396g), this.f33774d, Utils.a(z9)));
    }

    public final void c(Digest digest, ECPoint eCPoint, byte[] bArr) {
        Memoable memoable;
        Memoable memoable2;
        int digestSize = digest.getDigestSize();
        byte[] bArr2 = new byte[Math.max(4, digestSize)];
        if (digest instanceof Memoable) {
            eCPoint.b();
            a(digest, eCPoint.f35655b);
            a(digest, eCPoint.e());
            memoable = (Memoable) digest;
            memoable2 = memoable.copy();
        } else {
            memoable = null;
            memoable2 = null;
        }
        int i10 = 0;
        int i11 = 0;
        while (i10 < bArr.length) {
            if (memoable != null) {
                memoable.b(memoable2);
            } else {
                eCPoint.b();
                a(digest, eCPoint.f35655b);
                a(digest, eCPoint.e());
            }
            i11++;
            Pack.c(i11, bArr2, 0);
            digest.update(bArr2, 0, 4);
            digest.doFinal(bArr2, 0);
            int min = Math.min(digestSize, bArr.length - i10);
            for (int i12 = 0; i12 != min; i12++) {
                int i13 = i10 + i12;
                bArr[i13] = (byte) (bArr[i13] ^ bArr2[i12]);
            }
            i10 += min;
        }
    }

    public final byte[] d(byte[] bArr, int i10) {
        int i11;
        BigInteger e10;
        byte[] h10;
        ECPoint o9;
        boolean z9;
        if (i10 + 0 > bArr.length || i10 == 0) {
            throw new DataLengthException("input buffer too short");
        }
        boolean z10 = this.f33773c;
        Mode mode = this.f33772b;
        Digest digest = this.f33771a;
        if (z10) {
            byte[] bArr2 = new byte[i10];
            System.arraycopy(bArr, 0, bArr2, 0, i10);
            FixedPointCombMultiplier fixedPointCombMultiplier = new FixedPointCombMultiplier();
            do {
                int bitLength = this.f33775e.f34399j.bitLength();
                while (true) {
                    e10 = BigIntegers.e(bitLength, this.f33777g);
                    if (!e10.equals(BigIntegers.f38065a) && e10.compareTo(this.f33775e.f34399j) < 0) {
                        break;
                    }
                }
                h10 = fixedPointCombMultiplier.a(this.f33775e.f34398i, e10).o().h(false);
                o9 = ((ECPublicKeyParameters) this.f33774d).f34409c.m(e10).o();
                c(digest, o9, bArr2);
                int i12 = 0;
                while (true) {
                    if (i12 == i10) {
                        z9 = true;
                        break;
                    }
                    if (bArr2[i12] != bArr[0 + i12]) {
                        z9 = false;
                        break;
                    }
                    i12++;
                }
            } while (z9);
            byte[] bArr3 = new byte[digest.getDigestSize()];
            o9.b();
            a(digest, o9.f35655b);
            digest.update(bArr, 0, i10);
            a(digest, o9.e());
            digest.doFinal(bArr3, 0);
            return AnonymousClass1.f33778a[mode.ordinal()] != 1 ? Arrays.h(h10, bArr2, bArr3) : Arrays.h(h10, bArr3, bArr2);
        }
        int i13 = (this.f33776f * 2) + 1;
        byte[] bArr4 = new byte[i13];
        System.arraycopy(bArr, 0, bArr4, 0, i13);
        ECPoint g10 = this.f33775e.f34396g.g(bArr4);
        if (g10.m(this.f33775e.f34400k).l()) {
            throw new InvalidCipherTextException("[h]C1 at infinity");
        }
        ECPoint o10 = g10.m(((ECPrivateKeyParameters) this.f33774d).f34408c).o();
        int digestSize = digest.getDigestSize();
        int i14 = (i10 - i13) - digestSize;
        byte[] bArr5 = new byte[i14];
        Mode mode2 = Mode.C1C3C2;
        if (mode == mode2) {
            System.arraycopy(bArr, i13 + 0 + digestSize, bArr5, 0, i14);
        } else {
            System.arraycopy(bArr, i13 + 0, bArr5, 0, i14);
        }
        c(digest, o10, bArr5);
        int digestSize2 = digest.getDigestSize();
        byte[] bArr6 = new byte[digestSize2];
        o10.b();
        a(digest, o10.f35655b);
        digest.update(bArr5, 0, i14);
        a(digest, o10.e());
        digest.doFinal(bArr6, 0);
        if (mode == mode2) {
            i11 = 0;
            for (int i15 = 0; i15 != digestSize2; i15++) {
                i11 |= bArr6[i15] ^ bArr[(0 + i13) + i15];
            }
        } else {
            i11 = 0;
            for (int i16 = 0; i16 != digestSize2; i16++) {
                i11 |= bArr6[i16] ^ bArr[d.z(0, i13, i14, i16)];
            }
        }
        java.util.Arrays.fill(bArr4, (byte) 0);
        java.util.Arrays.fill(bArr6, (byte) 0);
        if (i11 == 0) {
            return bArr5;
        }
        java.util.Arrays.fill(bArr5, (byte) 0);
        throw new InvalidCipherTextException("invalid cipher text");
    }
}
