package org.bouncycastle.pqc.crypto.snova;

import com.itextpdf.text.pdf.BidiOrder;
import java.lang.reflect.Array;
import java.security.SecureRandom;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.CryptoServicesRegistrar;
import org.bouncycastle.crypto.digests.SHAKEDigest;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.pqc.crypto.MessageSigner;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.GF16;

/* loaded from: classes4.dex */
public class SnovaSigner implements MessageSigner {
    private SnovaEngine engine;
    private SnovaParameters params;
    private SnovaPrivateKeyParameters privKey;
    private SnovaPublicKeyParameters pubKey;
    private SecureRandom random;
    private final SHAKEDigest shake = new SHAKEDigest(256);

    private void evaluation(byte[] bArr, MapGroup1 mapGroup1, byte[][][][] bArr2, byte[] bArr3) {
        MapGroup1 mapGroup12 = mapGroup1;
        int m9 = this.params.getM();
        int alpha = this.params.getAlpha();
        int n9 = this.params.getN();
        int l7 = this.params.getL();
        int lsq = this.params.getLsq();
        int o9 = this.params.getO();
        Class cls = Byte.TYPE;
        byte[][][] bArr4 = (byte[][][]) Array.newInstance((Class<?>) cls, alpha, n9, lsq);
        byte[][][] bArr5 = (byte[][][]) Array.newInstance((Class<?>) cls, alpha, n9, lsq);
        byte[] bArr6 = new byte[lsq];
        int i = 0;
        int i2 = 0;
        while (i < m9) {
            int i7 = 0;
            int i9 = 0;
            while (i7 < n9) {
                int i10 = 0;
                while (i10 < alpha) {
                    GF16Utils.gf16mTranMulMul(bArr3, i9, mapGroup12.aAlpha[i][i10], mapGroup12.bAlpha[i][i10], mapGroup12.qAlpha1[i][i10], mapGroup12.qAlpha2[i][i10], bArr6, bArr4[i10][i7], bArr5[i10][i7], l7);
                    i10++;
                    i7 = i7;
                }
                i9 += lsq;
                i7++;
            }
            int i11 = l7;
            int i12 = i;
            int i13 = 0;
            while (i13 < alpha) {
                if (i12 >= o9) {
                    i12 -= o9;
                }
                int i14 = i;
                int i15 = 0;
                while (i15 < n9) {
                    int i16 = i2;
                    int i17 = i14;
                    int i18 = lsq;
                    int i19 = o9;
                    int i20 = i12;
                    GF16Utils.gf16mMul(getPMatrix(mapGroup12, bArr2, i20, i15, 0), bArr5[i13][0], bArr6, i11);
                    int i21 = 1;
                    while (i21 < n9) {
                        GF16Utils.gf16mMulTo(getPMatrix(mapGroup1, bArr2, i20, i15, i21), bArr5[i13][i21], bArr6, i11);
                        i21++;
                        m9 = m9;
                    }
                    GF16Utils.gf16mMulTo(bArr4[i13][i15], bArr6, bArr, i16, i11);
                    i15++;
                    mapGroup12 = mapGroup1;
                    i12 = i20;
                    lsq = i18;
                    o9 = i19;
                    i14 = i17;
                    i2 = i16;
                }
                i13++;
                i12++;
                mapGroup12 = mapGroup1;
                o9 = o9;
                i = i14;
            }
            i++;
            i2 += lsq;
            mapGroup12 = mapGroup1;
            l7 = i11;
        }
    }

    private byte[] getMessageHash(byte[] bArr) {
        byte[] bArr2 = new byte[this.shake.getDigestSize()];
        this.shake.update(bArr, 0, bArr.length);
        this.shake.doFinal(bArr2, 0);
        return bArr2;
    }

    private byte[] getPMatrix(MapGroup1 mapGroup1, byte[][][][] bArr, int i, int i2, int i7) {
        int v9 = this.params.getV();
        return i2 < v9 ? i7 < v9 ? mapGroup1.p11[i][i2][i7] : mapGroup1.p12[i][i2][i7 - v9] : i7 < v9 ? mapGroup1.p21[i][i2 - v9][i7] : bArr[i][i2 - v9][i7 - v9];
    }

    private int performGaussianElimination(byte[][] bArr, byte[] bArr2, int i) {
        int i2 = i + 1;
        int i7 = 0;
        while (i7 < i) {
            int i9 = i7;
            while (i9 < i && bArr[i9][i7] == 0) {
                i9++;
            }
            if (i9 >= i) {
                return 1;
            }
            if (i9 != i7) {
                byte[] bArr3 = bArr[i7];
                bArr[i7] = bArr[i9];
                bArr[i9] = bArr3;
            }
            byte inv = GF16.inv(bArr[i7][i7]);
            for (int i10 = i7; i10 < i2; i10++) {
                byte[] bArr4 = bArr[i7];
                bArr4[i10] = GF16.mul(bArr4[i10], inv);
            }
            int i11 = i7 + 1;
            for (int i12 = i11; i12 < i; i12++) {
                byte b9 = bArr[i12][i7];
                if (b9 != 0) {
                    for (int i13 = i7; i13 < i2; i13++) {
                        byte[] bArr5 = bArr[i12];
                        bArr5[i13] = (byte) (bArr5[i13] ^ GF16.mul(bArr[i7][i13], b9));
                    }
                }
            }
            i7 = i11;
        }
        for (int i14 = i - 1; i14 >= 0; i14--) {
            byte b10 = bArr[i14][i];
            for (int i15 = i14 + 1; i15 < i; i15++) {
                b10 = (byte) (b10 ^ GF16.mul(bArr[i14][i15], bArr2[i15]));
            }
            bArr2[i14] = b10;
        }
        return 0;
    }

    public void createSignedHash(byte[] bArr, int i, byte[] bArr2, int i2, byte[] bArr3, int i7, int i9, byte[] bArr4, int i10) {
        this.shake.update(bArr, 0, i);
        this.shake.update(bArr2, 0, i2);
        this.shake.update(bArr3, i7, i9);
        this.shake.doFinal(bArr4, 0, i10);
    }

    @Override // org.bouncycastle.pqc.crypto.MessageSigner
    public byte[] generateSignature(byte[] bArr) {
        byte[] copyOfRange;
        byte[] copyOfRange2;
        byte[] messageHash = getMessageHash(bArr);
        byte[] bArr2 = new byte[this.params.getSaltLength()];
        this.random.nextBytes(bArr2);
        byte[] bArr3 = new byte[this.params.getSaltLength() + (((this.params.getLsq() * this.params.getN()) + 1) >>> 1)];
        SnovaKeyElements snovaKeyElements = new SnovaKeyElements(this.params);
        if (this.params.isSkIsSeed()) {
            byte[] privateKey = this.privKey.getPrivateKey();
            copyOfRange = Arrays.copyOfRange(privateKey, 0, 16);
            copyOfRange2 = Arrays.copyOfRange(privateKey, 16, privateKey.length);
            this.engine.genMap1T12Map2(snovaKeyElements, copyOfRange, copyOfRange2);
        } else {
            byte[] privateKey2 = this.privKey.getPrivateKey();
            int length = (privateKey2.length - 48) << 1;
            byte[] bArr4 = new byte[length];
            GF16Utils.decodeMergeInHalf(privateKey2, bArr4, length);
            SnovaKeyElements.copy4d(bArr4, SnovaKeyElements.copy4d(bArr4, SnovaKeyElements.copy4d(bArr4, SnovaKeyElements.copy3d(bArr4, SnovaKeyElements.copy3d(bArr4, SnovaKeyElements.copy3d(bArr4, SnovaKeyElements.copy3d(bArr4, SnovaKeyElements.copy3d(bArr4, 0, snovaKeyElements.map1.aAlpha), snovaKeyElements.map1.bAlpha), snovaKeyElements.map1.qAlpha1), snovaKeyElements.map1.qAlpha2), snovaKeyElements.T12), snovaKeyElements.map2.f11), snovaKeyElements.map2.f12), snovaKeyElements.map2.f21);
            copyOfRange = Arrays.copyOfRange(privateKey2, privateKey2.length - 48, privateKey2.length - 32);
            copyOfRange2 = Arrays.copyOfRange(privateKey2, privateKey2.length - 32, privateKey2.length);
        }
        byte[] bArr5 = copyOfRange2;
        byte[] bArr6 = copyOfRange;
        MapGroup1 mapGroup1 = snovaKeyElements.map1;
        byte[][][] bArr7 = mapGroup1.aAlpha;
        byte[][][] bArr8 = mapGroup1.bAlpha;
        byte[][][] bArr9 = mapGroup1.qAlpha1;
        byte[][][] bArr10 = mapGroup1.qAlpha2;
        byte[][][] bArr11 = snovaKeyElements.T12;
        MapGroup2 mapGroup2 = snovaKeyElements.map2;
        signDigestCore(bArr3, messageHash, bArr2, bArr7, bArr8, bArr9, bArr10, bArr11, mapGroup2.f11, mapGroup2.f12, mapGroup2.f21, bArr6, bArr5);
        return Arrays.concatenate(bArr3, bArr);
    }

    @Override // org.bouncycastle.pqc.crypto.MessageSigner
    public void init(boolean z8, CipherParameters cipherParameters) {
        SecureRandom secureRandom;
        if (z8) {
            this.pubKey = null;
            if (cipherParameters instanceof ParametersWithRandom) {
                ParametersWithRandom parametersWithRandom = (ParametersWithRandom) cipherParameters;
                this.privKey = (SnovaPrivateKeyParameters) parametersWithRandom.getParameters();
                secureRandom = parametersWithRandom.getRandom();
            } else {
                this.privKey = (SnovaPrivateKeyParameters) cipherParameters;
                secureRandom = CryptoServicesRegistrar.getSecureRandom();
            }
            this.random = secureRandom;
            this.params = this.privKey.getParameters();
        } else {
            SnovaPublicKeyParameters snovaPublicKeyParameters = (SnovaPublicKeyParameters) cipherParameters;
            this.pubKey = snovaPublicKeyParameters;
            this.params = snovaPublicKeyParameters.getParameters();
            this.privKey = null;
            this.random = null;
        }
        this.engine = new SnovaEngine(this.params);
    }

    public void signDigestCore(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[][][] bArr4, byte[][][] bArr5, byte[][][] bArr6, byte[][][] bArr7, byte[][][] bArr8, byte[][][][] bArr9, byte[][][][] bArr10, byte[][][][] bArr11, byte[] bArr12, byte[] bArr13) {
        int i;
        int i2;
        int i7;
        int i9;
        byte[] bArr14;
        int i10;
        byte b9;
        int i11;
        byte b10;
        byte[] bArr15 = bArr13;
        int m9 = this.params.getM();
        int l7 = this.params.getL();
        int lsq = this.params.getLsq();
        int alpha = this.params.getAlpha();
        int v9 = this.params.getV();
        int o9 = this.params.getO();
        int n9 = this.params.getN();
        int i12 = m9 * lsq;
        int i13 = o9 * lsq;
        int i14 = v9 * lsq;
        int i15 = (i13 + 1) >>> 1;
        Class cls = Byte.TYPE;
        byte[][] bArr16 = (byte[][]) Array.newInstance((Class<?>) cls, i12, i12 + 1);
        byte[][] bArr17 = (byte[][]) Array.newInstance((Class<?>) cls, lsq, lsq);
        byte[] bArr18 = new byte[i12];
        byte[][][] bArr19 = (byte[][][]) Array.newInstance((Class<?>) cls, alpha, v9, lsq);
        byte[][][] bArr20 = (byte[][][]) Array.newInstance((Class<?>) cls, alpha, v9, lsq);
        byte[] bArr21 = new byte[lsq];
        byte[] bArr22 = new byte[lsq];
        byte[] bArr23 = new byte[lsq];
        byte[] bArr24 = new byte[i12];
        int i16 = n9 * lsq;
        byte[] bArr25 = new byte[i15];
        int i17 = (i14 + 1) >>> 1;
        int i18 = lsq;
        byte[] bArr26 = new byte[i17];
        byte[] bArr27 = new byte[l7];
        int i19 = l7;
        int i20 = o9;
        int i21 = v9;
        byte b11 = 0;
        byte[] bArr28 = bArr18;
        byte[] bArr29 = new byte[i16];
        int i22 = i17;
        byte[] bArr30 = bArr23;
        byte[] bArr31 = bArr22;
        int i23 = m9;
        int i24 = alpha;
        int i25 = i12;
        createSignedHash(bArr12, bArr12.length, bArr2, bArr2.length, bArr3, 0, bArr3.length, bArr25, i15);
        byte[] bArr32 = bArr2;
        GF16.decode(bArr25, 0, bArr24, 0, i25);
        byte b12 = 0;
        while (true) {
            for (int i26 = b11; i26 < bArr16.length; i26++) {
                Arrays.fill(bArr16[i26], b11);
            }
            byte b13 = (byte) (b12 + 1);
            for (int i27 = b11; i27 < i25; i27++) {
                bArr16[i27][i25] = bArr24[i27];
            }
            this.shake.update(bArr15, b11, bArr15.length);
            this.shake.update(bArr32, b11, bArr32.length);
            this.shake.update(bArr3, b11, bArr3.length);
            this.shake.update(b13);
            int i28 = i22;
            this.shake.doFinal(bArr26, b11, i28);
            byte[] bArr33 = bArr29;
            GF16.decode(bArr26, bArr33, i28 << 1);
            int i29 = b11;
            int i30 = i23;
            int i31 = i29;
            while (i29 < i30) {
                byte[] bArr34 = bArr30;
                Arrays.fill(bArr34, b11);
                int i32 = i29;
                int i33 = b11;
                int i34 = i24;
                while (i33 < i34) {
                    byte b14 = b13;
                    int i35 = i20;
                    if (i32 >= i35) {
                        i32 -= i35;
                    }
                    int i36 = i32;
                    byte[] bArr35 = bArr24;
                    byte[] bArr36 = bArr26;
                    int i37 = i21;
                    int i38 = 0;
                    int i39 = 0;
                    while (i38 < i37) {
                        int i40 = i34;
                        byte[] bArr37 = bArr33;
                        byte[] bArr38 = bArr27;
                        GF16Utils.gf16mTranMulMul(bArr37, i39, bArr4[i29][i33], bArr5[i29][i33], bArr6[i29][i33], bArr7[i29][i33], bArr38, bArr19[i33][i38], bArr20[i33][i38], i19);
                        i39 += i18;
                        i25 = i25;
                        i38++;
                        bArr36 = bArr36;
                        i34 = i40;
                        bArr27 = bArr38;
                        bArr33 = bArr37;
                    }
                    byte[] bArr39 = bArr33;
                    int i41 = i34;
                    int i42 = i25;
                    byte[] bArr40 = bArr27;
                    int i43 = 0;
                    byte[] bArr41 = bArr36;
                    int i44 = 0;
                    while (i44 < i37) {
                        int i45 = i43;
                        while (i45 < i37) {
                            int i46 = i44;
                            int i47 = i41;
                            byte[] bArr42 = bArr40;
                            GF16Utils.gf16mMulMulTo(bArr19[i33][i44], bArr9[i36][i44][i45], bArr20[i33][i45], bArr42, bArr34, i19);
                            i45++;
                            i29 = i29;
                            i30 = i30;
                            i33 = i33;
                            i28 = i28;
                            bArr40 = bArr42;
                            i41 = i47;
                            i44 = i46;
                        }
                        i33 = i33;
                        i43 = 0;
                        bArr40 = bArr40;
                        i41 = i41;
                        i44++;
                        i29 = i29;
                    }
                    i34 = i41;
                    i20 = i35;
                    i21 = i37;
                    b13 = b14;
                    bArr24 = bArr35;
                    bArr26 = bArr41;
                    i33++;
                    bArr27 = bArr40;
                    i29 = i29;
                    bArr33 = bArr39;
                    i25 = i42;
                    i32 = i36 + 1;
                    i28 = i28;
                }
                int i48 = i28;
                int i49 = i30;
                byte[] bArr43 = bArr33;
                bArr30 = bArr34;
                byte b15 = b13;
                byte[] bArr44 = bArr24;
                int i50 = i25;
                int i51 = i18;
                byte[] bArr45 = bArr27;
                int i52 = i19;
                int i53 = i21;
                int i54 = i20;
                int i55 = i29;
                byte[] bArr46 = bArr26;
                int i56 = 0;
                int i57 = 0;
                while (i56 < i52) {
                    int i58 = i57;
                    int i59 = 0;
                    while (i59 < i52) {
                        byte[] bArr47 = bArr16[i31 + i58];
                        bArr47[i50] = (byte) (bArr30[i58] ^ bArr47[i50]);
                        i59++;
                        i58++;
                    }
                    i56++;
                    i57 = i58;
                }
                int i60 = 0;
                int i61 = 0;
                while (i60 < i54) {
                    int i62 = i55;
                    int i63 = 0;
                    while (i63 < i34) {
                        if (i62 >= i54) {
                            i62 -= i54;
                        }
                        int i64 = i62;
                        for (int i65 = 0; i65 < i51; i65++) {
                            Arrays.fill(bArr17[i65], (byte) 0);
                        }
                        int i66 = 0;
                        while (i66 < i53) {
                            int i67 = i63;
                            int i68 = i66;
                            GF16Utils.gf16mMulMul(bArr19[i63][i66], bArr10[i64][i66][i60], bArr7[i55][i63], bArr45, bArr21, i52);
                            byte[] bArr48 = bArr31;
                            GF16Utils.gf16mMulMul(bArr6[i55][i67], bArr11[i64][i60][i68], bArr20[i67][i68], bArr45, bArr48, i52);
                            int i69 = 0;
                            int i70 = 0;
                            int i71 = 0;
                            while (i69 < i51) {
                                if (i70 == i52) {
                                    i71 += i52;
                                    i70 = 0;
                                }
                                int i72 = i69;
                                int i73 = i70;
                                byte b16 = bArr21[i71];
                                byte b17 = bArr48[i70];
                                int i74 = 0;
                                int i75 = 0;
                                int i76 = 0;
                                int i77 = 0;
                                int i78 = 0;
                                while (i74 < i51) {
                                    if (i75 == i52) {
                                        i76++;
                                        i77 += i52;
                                        i10 = i74;
                                        b9 = bArr21[i71 + i76];
                                        b10 = bArr48[i77 + i73];
                                        i78 = 0;
                                        i11 = 0;
                                    } else {
                                        byte b18 = b16;
                                        i10 = i74;
                                        b9 = b18;
                                        byte b19 = b17;
                                        i11 = i75;
                                        b10 = b19;
                                    }
                                    int i79 = i71;
                                    byte b20 = bArr5[i55][i67][i78 + i73];
                                    byte[] bArr49 = bArr45;
                                    byte b21 = bArr4[i55][i67][i79 + i11];
                                    byte[] bArr50 = bArr17[i72];
                                    bArr50[i10] = (byte) (bArr50[i10] ^ (GF16.mul(b9, b20) ^ GF16.mul(b21, b10)));
                                    int i80 = i10 + 1;
                                    int i81 = i11 + 1;
                                    i78 += i52;
                                    b16 = b9;
                                    b17 = b10;
                                    i74 = i80;
                                    i75 = i81;
                                    i71 = i79;
                                    bArr45 = bArr49;
                                }
                                i69 = i72 + 1;
                                i70 = i73 + 1;
                            }
                            i66 = i68 + 1;
                            bArr31 = bArr48;
                            i63 = i67;
                        }
                        int i82 = i63;
                        byte[] bArr51 = bArr45;
                        byte[] bArr52 = bArr31;
                        int i83 = 0;
                        while (i83 < i51) {
                            int i84 = 0;
                            while (i84 < i51) {
                                byte[] bArr53 = bArr16[i31 + i83];
                                int i85 = i61 + i84;
                                bArr53[i85] = (byte) (bArr53[i85] ^ bArr17[i83][i84]);
                                i84++;
                                i83 = i83;
                            }
                            i83++;
                        }
                        i63 = i82 + 1;
                        i62 = i64 + 1;
                        bArr31 = bArr52;
                        bArr45 = bArr51;
                    }
                    i60++;
                    i61 += i51;
                }
                byte[] bArr54 = bArr45;
                i29 = i55 + 1;
                i31 += i51;
                i25 = i50;
                i19 = i52;
                i20 = i54;
                i21 = i53;
                i18 = i51;
                i30 = i49;
                b13 = b15;
                bArr24 = bArr44;
                bArr26 = bArr46;
                bArr33 = bArr43;
                i28 = i48;
                bArr27 = bArr54;
                i24 = i34;
                b11 = 0;
            }
            i22 = i28;
            bArr29 = bArr33;
            byte b22 = b13;
            byte[] bArr55 = bArr24;
            int i86 = i25;
            int i87 = i24;
            i = i18;
            byte[] bArr56 = bArr31;
            byte[] bArr57 = bArr27;
            i2 = i19;
            i7 = i21;
            i9 = i20;
            bArr14 = bArr28;
            int i88 = i30;
            byte[] bArr58 = bArr26;
            if (performGaussianElimination(bArr16, bArr14, i86) == 0) {
                break;
            }
            i25 = i86;
            bArr28 = bArr14;
            bArr31 = bArr56;
            i19 = i2;
            i20 = i9;
            i21 = i7;
            i18 = i;
            i23 = i88;
            b12 = b22;
            bArr24 = bArr55;
            bArr26 = bArr58;
            bArr27 = bArr57;
            bArr32 = bArr2;
            bArr15 = bArr13;
            i24 = i87;
            b11 = 0;
        }
        int i89 = 0;
        int i90 = 0;
        while (i89 < i7) {
            int i91 = 0;
            int i92 = 0;
            while (i92 < i9) {
                GF16Utils.gf16mMulTo(bArr8[i89][i92], bArr14, i91, bArr29, i90, i2);
                i92++;
                i91 += i;
            }
            i89++;
            i90 += i;
        }
        System.arraycopy(bArr14, 0, bArr29, i14, i13);
        GF16.encode(bArr29, bArr, i16);
        System.arraycopy(bArr3, 0, bArr, bArr.length - 16, 16);
    }

    @Override // org.bouncycastle.pqc.crypto.MessageSigner
    public boolean verifySignature(byte[] bArr, byte[] bArr2) {
        byte[] messageHash = getMessageHash(bArr);
        MapGroup1 mapGroup1 = new MapGroup1(this.params);
        byte[] encoded = this.pubKey.getEncoded();
        byte[] copyOf = Arrays.copyOf(encoded, 16);
        byte[] copyOfRange = Arrays.copyOfRange(encoded, 16, encoded.length);
        this.engine.genABQP(mapGroup1, copyOf);
        byte[][][][] bArr3 = (byte[][][][]) Array.newInstance((Class<?>) Byte.TYPE, this.params.getM(), this.params.getO(), this.params.getO(), this.params.getLsq());
        if ((this.params.getLsq() & 1) == 0) {
            MapGroup1.decodeP(copyOfRange, 0, bArr3, copyOfRange.length << 1);
        } else {
            int length = copyOfRange.length << 1;
            byte[] bArr4 = new byte[length];
            GF16.decode(copyOfRange, bArr4, length);
            MapGroup1.fillP(bArr4, 0, bArr3, length);
        }
        return verifySignatureCore(messageHash, bArr2, copyOf, mapGroup1, bArr3);
    }

    public boolean verifySignatureCore(byte[] bArr, byte[] bArr2, byte[] bArr3, MapGroup1 mapGroup1, byte[][][][] bArr4) {
        int lsq = this.params.getLsq();
        int o9 = this.params.getO() * lsq;
        int i = (o9 + 1) >>> 1;
        int saltLength = this.params.getSaltLength();
        int m9 = this.params.getM();
        int n9 = this.params.getN() * lsq;
        byte[] bArr5 = new byte[i];
        createSignedHash(bArr3, bArr3.length, bArr, bArr.length, bArr2, (n9 + 1) >>> 1, saltLength, bArr5, i);
        if ((o9 & 1) != 0) {
            int i2 = i - 1;
            bArr5[i2] = (byte) (bArr5[i2] & BidiOrder.f12711B);
        }
        byte[] bArr6 = new byte[n9];
        GF16.decode(bArr2, 0, bArr6, 0, n9);
        int i7 = m9 * lsq;
        byte[] bArr7 = new byte[i7];
        evaluation(bArr7, mapGroup1, bArr4, bArr6);
        byte[] bArr8 = new byte[i];
        GF16.encode(bArr7, bArr8, i7);
        return Arrays.areEqual(bArr5, bArr8);
    }
}
