package org.bouncycastle.pqc.crypto.saber;

import java.lang.reflect.Array;
import okio.Utf8;
import org.bouncycastle.crypto.EncapsulatedSecretExtractor;
import org.bouncycastle.crypto.digests.SHA3Digest;
import org.bouncycastle.util.Arrays;

/* loaded from: classes7.dex */
public class SABERKEMExtractor implements EncapsulatedSecretExtractor {
    private SABEREngine engine;
    private SABERKeyParameters key;

    public SABERKEMExtractor(SABERKeyParameters sABERKeyParameters) {
        this.key = sABERKeyParameters;
        initCipher(sABERKeyParameters.getParameters());
    }

    private void initCipher(SABERParameters sABERParameters) {
        this.engine = sABERParameters.getEngine();
    }

    @Override // org.bouncycastle.crypto.EncapsulatedSecretExtractor
    public byte[] extractSecret(byte[] bArr) {
        byte[] bArr2;
        int i;
        int i2;
        SABEREngine sABEREngine = this.engine;
        byte[] bArr3 = new byte[sABEREngine.f31623l / 8];
        byte[] privateKey = ((SABERPrivateKeyParameters) this.key).getPrivateKey();
        int i3 = sABEREngine.k;
        byte[] bArr4 = new byte[i3];
        byte[] bArr5 = new byte[64];
        byte[] bArr6 = new byte[64];
        byte[] copyOfRange = Arrays.copyOfRange(privateKey, sABEREngine.h, privateKey.length);
        int[] iArr = {r8, 256};
        int i4 = sABEREngine.f31619a;
        short[][] sArr = (short[][]) Array.newInstance((Class<?>) Short.TYPE, iArr);
        short[][] sArr2 = (short[][]) Array.newInstance((Class<?>) Short.TYPE, i4, 256);
        short[] sArr3 = new short[256];
        short[] sArr4 = new short[256];
        Utils utils = sABEREngine.f31625n;
        utils.b(privateKey, 0, sArr);
        utils.a(bArr, sArr2);
        int i5 = 0;
        while (true) {
            Poly poly = sABEREngine.o;
            bArr2 = bArr3;
            if (i5 >= poly.f31618c) {
                break;
            }
            poly.f(sArr2[i5], sArr[i5], sArr3);
            i5++;
            bArr3 = bArr2;
            sArr2 = sArr2;
        }
        int i6 = utils.f31629b;
        int i7 = sABEREngine.f31622f;
        if (i6 == 3) {
            short s = 0;
            for (short s2 = 32; s < s2; s2 = 32) {
                short s3 = (short) (s * 8);
                int i8 = ((short) (s * 3)) + i7;
                byte b2 = bArr[i8 + 0];
                sArr4[s3 + 0] = (short) (b2 & 7);
                sArr4[s3 + 1] = (short) ((b2 >> 3) & 7);
                byte b3 = bArr[i8 + 1];
                sArr4[s3 + 2] = (short) (((b2 >> 6) & 3) | ((b3 & 1) << 2));
                sArr4[s3 + 3] = (short) ((b3 >> 1) & 7);
                sArr4[s3 + 4] = (short) ((b3 >> 4) & 7);
                byte b4 = bArr[i8 + 2];
                sArr4[s3 + 5] = (short) (((b3 >> 7) & 1) | ((b4 & 3) << 1));
                sArr4[s3 + 6] = (short) ((b4 >> 2) & 7);
                sArr4[s3 + 7] = (short) ((b4 >> 5) & 7);
                s = (short) (s + 1);
                i3 = i3;
            }
            i = i3;
        } else {
            i = i3;
            if (i6 == 4) {
                for (short s4 = 0; s4 < 128; s4 = (short) (s4 + 1)) {
                    short s5 = (short) (s4 * 2);
                    byte b5 = bArr[i7 + s4];
                    sArr4[s5] = (short) (b5 & 15);
                    sArr4[s5 + 1] = (short) ((b5 >> 4) & 15);
                }
            } else if (i6 == 6) {
                for (short s6 = 0; s6 < 64; s6 = (short) (s6 + 1)) {
                    short s7 = (short) (s6 * 4);
                    int i9 = ((short) (s6 * 3)) + i7;
                    byte b6 = bArr[i9 + 0];
                    sArr4[s7 + 0] = (short) (b6 & Utf8.REPLACEMENT_BYTE);
                    byte b7 = bArr[i9 + 1];
                    sArr4[s7 + 1] = (short) (((b6 >> 6) & 3) | ((b7 & 15) << 2));
                    byte b8 = bArr[i9 + 2];
                    sArr4[s7 + 2] = (short) (((b7 & 255) >> 4) | ((b8 & 3) << 4));
                    sArr4[s7 + 3] = (short) ((b8 & 255) >> 2);
                }
            }
        }
        for (int i10 = 0; i10 < 256; i10++) {
            sArr3[i10] = (short) ((((sArr3[i10] + sABEREngine.f31624m) - (sArr4[i10] << (10 - sABEREngine.f31621c))) & 65535) >> 9);
        }
        for (byte b9 = 0; b9 < 32; b9 = (byte) (b9 + 1)) {
            for (byte b10 = 0; b10 < 8; b10 = (byte) (b10 + 1)) {
                bArr5[b9] = (byte) (bArr5[b9] | ((sArr3[(b9 * 8) + b10] & 1) << b10));
            }
        }
        int i11 = 0;
        while (true) {
            i2 = sABEREngine.j;
            if (i11 >= 32) {
                break;
            }
            bArr5[i11 + 32] = privateKey[(i2 - 64) + i11];
            i11++;
        }
        SHA3Digest sHA3Digest = new SHA3Digest(256);
        SHA3Digest sHA3Digest2 = new SHA3Digest(512);
        sHA3Digest2.update(bArr5, 0, 64);
        sHA3Digest2.doFinal(bArr6, 0);
        sABEREngine.a(bArr5, Arrays.copyOfRange(bArr6, 32, 64), copyOfRange, bArr4);
        long j = 0;
        int i12 = i;
        for (int i13 = 0; i13 < i12; i13++) {
            j |= bArr[i13] ^ bArr4[i13];
        }
        sHA3Digest.update(bArr, 0, i12);
        int i14 = 32;
        sHA3Digest.doFinal(bArr6, 32);
        int i15 = i2 - 32;
        byte b11 = (byte) (-((byte) ((-j) >>> 63)));
        int i16 = 0;
        while (i16 < i14) {
            byte b12 = bArr6[i16];
            bArr6[i16] = (byte) (b12 ^ ((privateKey[i16 + i15] ^ b12) & b11));
            i16++;
            i14 = 32;
        }
        byte[] bArr7 = new byte[i14];
        sHA3Digest.update(bArr6, 0, 64);
        sHA3Digest.doFinal(bArr7, 0);
        System.arraycopy(bArr7, 0, bArr2, 0, sABEREngine.f31623l / 8);
        return bArr2;
    }

    @Override // org.bouncycastle.crypto.EncapsulatedSecretExtractor
    public int getEncapsulationLength() {
        return this.engine.k;
    }
}
