package org.bouncycastle.pqc.crypto.ntruprime;

import java.security.SecureRandom;
import org.bouncycastle.crypto.EncapsulatedSecretGenerator;
import org.bouncycastle.crypto.SecretWithEncapsulation;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.pqc.crypto.util.SecretWithEncapsulationImpl;
import org.bouncycastle.util.Arrays;

/* loaded from: classes7.dex */
public class NTRULPRimeKEMGenerator implements EncapsulatedSecretGenerator {
    private final SecureRandom random;

    public NTRULPRimeKEMGenerator(SecureRandom secureRandom) {
        this.random = secureRandom;
    }

    @Override // org.bouncycastle.crypto.EncapsulatedSecretGenerator
    public SecretWithEncapsulation generateEncapsulated(AsymmetricKeyParameter asymmetricKeyParameter) {
        NTRULPRimePublicKeyParameters nTRULPRimePublicKeyParameters = (NTRULPRimePublicKeyParameters) asymmetricKeyParameter;
        NTRULPRimeParameters parameters = nTRULPRimePublicKeyParameters.getParameters();
        int p2 = parameters.getP();
        int q = parameters.getQ();
        int w2 = parameters.getW();
        int roundedPolynomialBytes = parameters.getRoundedPolynomialBytes();
        int tau0 = parameters.getTau0();
        int tau1 = parameters.getTau1();
        byte[] h = Utils.h(new byte[]{4}, nTRULPRimePublicKeyParameters.getEncoded());
        byte[] bArr = new byte[256];
        byte[] bArr2 = new byte[32];
        this.random.nextBytes(bArr2);
        int i = 0;
        for (int i2 = 256; i < i2; i2 = 256) {
            bArr[i] = (byte) ((bArr2[i >>> 3] >>> (i & 7)) & 1);
            i++;
        }
        byte[] bArr3 = new byte[32];
        for (int i3 = 0; i3 < 256; i3++) {
            int i4 = i3 >>> 3;
            bArr3[i4] = (byte) (bArr3[i4] | (bArr[i3] << (i3 & 7)));
        }
        short[] sArr = new short[p2];
        Utils.l(p2, q, nTRULPRimePublicKeyParameters.getRoundEncA(), sArr);
        short[] sArr2 = new short[p2];
        Utils.d(p2, q, nTRULPRimePublicKeyParameters.getSeed(), sArr2);
        int[] iArr = new int[p2];
        Utils.c(Arrays.copyOfRange(Utils.h(new byte[]{5}, bArr3), 0, 32), iArr);
        byte[] bArr4 = new byte[p2];
        Utils.r(bArr4, p2, iArr, w2);
        short[] sArr3 = new short[p2];
        Utils.p(p2, q, bArr4, sArr3, sArr2);
        short[] sArr4 = new short[p2];
        Utils.q(sArr4, sArr3);
        byte[] bArr5 = new byte[roundedPolynomialBytes];
        Utils.m(p2, q, bArr5, sArr4);
        short[] sArr5 = new short[p2];
        Utils.p(p2, q, bArr4, sArr5, sArr);
        byte[] bArr6 = new byte[256];
        Utils.t(bArr6, sArr5, bArr, q, tau0, tau1);
        byte[] bArr7 = new byte[128];
        for (int i5 = 0; i5 < 128; i5++) {
            int i6 = i5 * 2;
            bArr7[i5] = (byte) (bArr6[i6] + (bArr6[i6 + 1] << 4));
        }
        byte[] bArr8 = new byte[64];
        System.arraycopy(bArr3, 0, bArr8, 0, 32);
        System.arraycopy(h, 0, bArr8, 32, 32);
        byte[] h2 = Utils.h(new byte[]{2}, bArr8);
        int i7 = roundedPolynomialBytes + 128;
        int i8 = i7 + 32;
        byte[] bArr9 = new byte[i8];
        System.arraycopy(bArr5, 0, bArr9, 0, roundedPolynomialBytes);
        System.arraycopy(bArr7, 0, bArr9, roundedPolynomialBytes, 128);
        System.arraycopy(h2, 0, bArr9, i7, 32);
        byte[] bArr10 = new byte[32 + i8];
        System.arraycopy(bArr3, 0, bArr10, 0, 32);
        System.arraycopy(bArr9, 0, bArr10, 32, i8);
        return new SecretWithEncapsulationImpl(Arrays.copyOfRange(Utils.h(new byte[]{1}, bArr10), 0, parameters.getSessionKeySize() / 8), bArr9);
    }
}
