package org.bouncycastle.pqc.crypto.ntruprime;

import java.security.SecureRandom;
import org.bouncycastle.crypto.EncapsulatedSecretGenerator;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.pqc.crypto.util.SecretWithEncapsulationImpl;
import org.bouncycastle.util.Arrays;

/* loaded from: classes6.dex */
public class NTRULPRimeKEMGenerator implements EncapsulatedSecretGenerator {
    public final SecureRandom random;

    public NTRULPRimeKEMGenerator(SecureRandom secureRandom) {
        this.random = secureRandom;
    }

    public final SecretWithEncapsulationImpl generateEncapsulated(AsymmetricKeyParameter asymmetricKeyParameter) {
        NTRULPRimePublicKeyParameters nTRULPRimePublicKeyParameters = (NTRULPRimePublicKeyParameters) asymmetricKeyParameter;
        NTRULPRimeParameters nTRULPRimeParameters = nTRULPRimePublicKeyParameters.params;
        int i = nTRULPRimeParameters.p;
        int i2 = nTRULPRimeParameters.q;
        int i3 = nTRULPRimeParameters.w;
        int i4 = nTRULPRimeParameters.roundedPolynomialBytes;
        int i5 = nTRULPRimeParameters.tau0;
        int i6 = nTRULPRimeParameters.tau1;
        byte[] hashWithPrefix = Utils.getHashWithPrefix(new byte[]{4}, nTRULPRimePublicKeyParameters.getEncoded());
        byte[] bArr = new byte[256];
        byte[] bArr2 = new byte[32];
        this.random.nextBytes(bArr2);
        int i7 = 0;
        for (int i8 = 256; i7 < i8; i8 = 256) {
            bArr[i7] = (byte) ((bArr2[i7 >>> 3] >>> (i7 & 7)) & 1);
            i7++;
        }
        byte[] bArr3 = new byte[32];
        for (int i9 = 0; i9 < 256; i9++) {
            int i10 = i9 >>> 3;
            bArr3[i10] = (byte) (bArr3[i10] | (bArr[i9] << (i9 & 7)));
        }
        short[] sArr = new short[i];
        Utils.getRoundedDecodedPolynomial(i, i2, nTRULPRimePublicKeyParameters.roundEncA, sArr);
        short[] sArr2 = new short[i];
        Utils.generatePolynomialInRQFromSeed(i, i2, nTRULPRimePublicKeyParameters.seed, sArr2);
        int[] iArr = new int[i];
        Utils.expand(Arrays.copyOfRange(Utils.getHashWithPrefix(new byte[]{5}, bArr3), 0, 32), iArr);
        byte[] bArr4 = new byte[i];
        Utils.sortGenerateShortPolynomial(i, i3, bArr4, iArr);
        short[] sArr3 = new short[i];
        Utils.multiplicationInRQ(i, i2, bArr4, sArr3, sArr2);
        short[] sArr4 = new short[i];
        Utils.roundPolynomial(sArr4, sArr3);
        byte[] bArr5 = new byte[i4];
        Utils.getRoundedEncodedPolynomial(i, i2, bArr5, sArr4);
        short[] sArr5 = new short[i];
        Utils.multiplicationInRQ(i, i2, bArr4, sArr5, sArr);
        byte[] bArr6 = new byte[256];
        Utils.top(bArr6, sArr5, bArr, i2, i5, i6);
        byte[] bArr7 = new byte[128];
        for (int i11 = 0; i11 < 128; i11++) {
            int i12 = i11 * 2;
            bArr7[i11] = (byte) (bArr6[i12] + (bArr6[i12 + 1] << 4));
        }
        byte[] bArr8 = new byte[64];
        System.arraycopy(bArr3, 0, bArr8, 0, 32);
        System.arraycopy(hashWithPrefix, 0, bArr8, 32, 32);
        byte[] hashWithPrefix2 = Utils.getHashWithPrefix(new byte[]{2}, bArr8);
        int i13 = i4 + 128;
        int i14 = i13 + 32;
        byte[] bArr9 = new byte[i14];
        System.arraycopy(bArr5, 0, bArr9, 0, i4);
        System.arraycopy(bArr7, 0, bArr9, i4, 128);
        System.arraycopy(hashWithPrefix2, 0, bArr9, i13, 32);
        byte[] bArr10 = new byte[32 + i14];
        System.arraycopy(bArr3, 0, bArr10, 0, 32);
        System.arraycopy(bArr9, 0, bArr10, 32, i14);
        return new SecretWithEncapsulationImpl(Arrays.copyOfRange(Utils.getHashWithPrefix(new byte[]{1}, bArr10), 0, (nTRULPRimeParameters.sharedKeyBytes * 8) / 8), bArr9);
    }
}
