package org.bouncycastle.pqc.crypto.picnic;

import java.util.logging.Logger;
import org.bouncycastle.crypto.digests.SHAKEDigest;
import org.bouncycastle.util.Pack;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes6.dex */
public class PicnicEngine {
    public static final Logger LOG = Logger.getLogger(PicnicEngine.class.getName());
    public final int CRYPTO_BYTES;
    public final int CRYPTO_PUBLICKEYBYTES;
    public final int CRYPTO_SECRETKEYBYTES;
    public final int UnruhGWithInputBytes;
    public final int UnruhGWithoutInputBytes;
    public final int andSizeBytes;
    public final SHAKEDigest digest;
    public final int digestSizeBytes;
    public final int numMPCParties;
    public final int numMPCRounds;
    public final int numOpenedRounds;
    public final int numRounds;
    public final int numSboxes;
    public final int parameters;
    public final int pqSecurityLevel;
    public final int seedSizeBytes;
    public int signatureLength;
    public final int stateSizeBits;
    public final int stateSizeBytes;
    public final int stateSizeWords;
    public final int transform;

    /* JADX WARN: Failed to find 'out' block for switch in B:2:0x001e. Please report as an issue. */
    /* JADX WARN: Removed duplicated region for block: B:11:0x00eb  */
    /* JADX WARN: Removed duplicated region for block: B:14:0x017f  */
    /* JADX WARN: Removed duplicated region for block: B:17:0x018b  */
    /* JADX WARN: Removed duplicated region for block: B:19:0x0198 A[ADDED_TO_REGION] */
    /* JADX WARN: Removed duplicated region for block: B:24:0x0192  */
    /* JADX WARN: Removed duplicated region for block: B:25:0x0182  */
    /* JADX WARN: Removed duplicated region for block: B:26:0x0185  */
    /* JADX WARN: Removed duplicated region for block: B:27:0x00f1  */
    /* JADX WARN: Removed duplicated region for block: B:28:0x00f9  */
    /* JADX WARN: Removed duplicated region for block: B:29:0x0101  */
    /* JADX WARN: Removed duplicated region for block: B:30:0x010a  */
    /* JADX WARN: Removed duplicated region for block: B:31:0x0112  */
    /* JADX WARN: Removed duplicated region for block: B:32:0x011a  */
    /* JADX WARN: Removed duplicated region for block: B:33:0x0123  */
    /* JADX WARN: Removed duplicated region for block: B:34:0x012b  */
    /* JADX WARN: Removed duplicated region for block: B:35:0x0133  */
    /* JADX WARN: Removed duplicated region for block: B:36:0x013b  */
    /* JADX WARN: Removed duplicated region for block: B:37:0x0143  */
    /* JADX WARN: Removed duplicated region for block: B:38:0x014b  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public PicnicEngine(int r15) {
        /*
            Method dump skipped, instructions count: 512
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.pqc.crypto.picnic.PicnicEngine.<init>(int):void");
    }

    public static boolean arePaddingBitsZero(int i, byte[] bArr) {
        int numBytes = Utils.numBytes(i);
        while (i < numBytes * 8) {
            if (Utils.getBit(i, bArr) != 0) {
                return false;
            }
            i++;
        }
        return true;
    }

    public static int bitsToChunks(int i, int i2, byte[] bArr, int[] iArr) {
        int i3 = i2 * 8;
        if (i > i3) {
            return 0;
        }
        int i4 = i3 / i;
        for (int i5 = 0; i5 < i4; i5++) {
            iArr[i5] = 0;
            for (int i6 = 0; i6 < i; i6++) {
                iArr[i5] = iArr[i5] + (Utils.getBit((i5 * i) + i6, bArr) << i6);
            }
        }
        return i4;
    }

    public static boolean contains(int i, int i2, int[] iArr) {
        for (int i3 = 0; i3 < i; i3++) {
            if (iArr[i3] == i2) {
                return true;
            }
        }
        return false;
    }

    public static int getChallenge(int i, byte[] bArr) {
        int i2 = i * 2;
        return Utils.getBit(i2, bArr) | (Utils.getBit(i2 + 1, bArr) << 1);
    }

    public static int indexOf(int i, int i2, int[] iArr) {
        for (int i3 = 0; i3 < i; i3++) {
            if (iArr[i3] == i2) {
                return i3;
            }
        }
        return -1;
    }

    public static void mpc_AND(int[] iArr, int[] iArr2, int[] iArr3, Tape tape, View[] viewArr) {
        int i = 0;
        int[] iArr4 = {Utils.getBit(tape.pos, tape.tapes[0]), Utils.getBit(tape.pos, tape.tapes[1]), Utils.getBit(tape.pos, tape.tapes[2])};
        while (i < 3) {
            int i2 = iArr[i];
            int i3 = i + 1;
            int i4 = i3 % 3;
            int i5 = iArr2[i4] & i2;
            int i6 = iArr[i4];
            int i7 = iArr2[i];
            int i8 = (((i2 & i7) ^ (i5 ^ (i6 & i7))) ^ iArr4[i]) ^ iArr4[i4];
            iArr3[i] = i8;
            Utils.setBit(viewArr[i].communicatedBits, tape.pos, (byte) (i8 & 255));
            i = i3;
        }
        tape.pos++;
    }

    public static void mpc_AND_verify(int[] iArr, int[] iArr2, int[] iArr3, Tape tape, View view, View view2) {
        byte[] bArr = tape.tapes[0];
        byte bit = Utils.getBit(tape.pos, tape.tapes[1]);
        int[] iArr4 = {Utils.getBit(tape.pos, bArr), bit};
        int i = iArr[0];
        int i2 = iArr2[1] & i;
        int i3 = iArr[1];
        int i4 = iArr2[0];
        int i5 = ((((i3 & i4) ^ i2) ^ (i4 & i)) ^ iArr4[0]) ^ bit;
        iArr3[0] = i5;
        Utils.setBit(view.communicatedBits, tape.pos, (byte) (i5 & 255));
        iArr3[1] = Utils.getBit(tape.pos, view2.communicatedBits);
        tape.pos++;
    }

    public static void xor_array(int i, int i2, int[] iArr, int[] iArr2, int[] iArr3) {
        for (int i3 = 0; i3 < i2; i3++) {
            iArr[i3] = iArr2[i3] ^ iArr3[i3 + i];
        }
    }

    public static void zeroTrailingBits(int i, byte[] bArr) {
        int numBytes = Utils.numBytes(i);
        while (i < numBytes * 8) {
            Utils.setBit(bArr, i, (byte) 0);
            i++;
        }
    }

    public final void Commit(byte[] bArr, int i, View view, byte[] bArr2) {
        this.digest.update((byte) 4);
        this.digest.absorb(bArr, i, this.seedSizeBytes);
        this.digest.doFinal(bArr2, 0, this.digestSizeBytes);
        this.digest.update((byte) 0);
        this.digest.absorb(bArr2, 0, this.digestSizeBytes);
        SHAKEDigest sHAKEDigest = this.digest;
        int[] iArr = view.inputShare;
        byte[] bArr3 = new byte[iArr.length * 4];
        Pack.intToLittleEndian(0, bArr3, iArr);
        sHAKEDigest.absorb(bArr3, 0, this.stateSizeBytes);
        this.digest.absorb(view.communicatedBits, 0, this.andSizeBytes);
        SHAKEDigest sHAKEDigest2 = this.digest;
        int[] iArr2 = view.outputShare;
        byte[] bArr4 = new byte[iArr2.length * 4];
        Pack.intToLittleEndian(0, bArr4, iArr2);
        sHAKEDigest2.absorb(bArr4, 0, this.stateSizeBytes);
        this.digest.doFinal(bArr2, 0, this.digestSizeBytes);
    }

    public final void G(int i, byte[] bArr, int i2, View view, byte[] bArr2) {
        int i3 = this.seedSizeBytes + this.andSizeBytes;
        this.digest.update((byte) 5);
        this.digest.absorb(bArr, i2, this.seedSizeBytes);
        this.digest.doFinal(bArr2, 0, this.digestSizeBytes);
        this.digest.absorb(bArr2, 0, this.digestSizeBytes);
        if (i == 2) {
            SHAKEDigest sHAKEDigest = this.digest;
            int[] iArr = view.inputShare;
            byte[] bArr3 = new byte[iArr.length * 4];
            Pack.intToLittleEndian(0, bArr3, iArr);
            sHAKEDigest.absorb(bArr3, 0, this.stateSizeBytes);
            i3 += this.stateSizeBytes;
        }
        this.digest.absorb(view.communicatedBits, 0, this.andSizeBytes);
        this.digest.absorb(Pack.intToLittleEndian(i3), 0, 2);
        this.digest.doFinal(bArr2, 0, i3);
    }

    public final void H3(int[] iArr, int[] iArr2, int[][][] iArr3, byte[][][] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[][][] bArr5) {
        byte[] bArr6 = new byte[this.digestSizeBytes];
        bArr2[Utils.numBytes(this.numMPCRounds * 2) - 1] = 0;
        this.digest.update((byte) 1);
        for (int i = 0; i < this.numMPCRounds; i++) {
            for (int i2 = 0; i2 < 3; i2++) {
                SHAKEDigest sHAKEDigest = this.digest;
                int[] iArr4 = iArr3[i][i2];
                byte[] bArr7 = new byte[iArr4.length * 4];
                Pack.intToLittleEndian(0, bArr7, iArr4);
                sHAKEDigest.absorb(bArr7, 0, this.stateSizeBytes);
            }
        }
        for (int i3 = 0; i3 < this.numMPCRounds; i3++) {
            for (int i4 = 0; i4 < 3; i4++) {
                this.digest.absorb(bArr[i3][i4], 0, this.digestSizeBytes);
            }
        }
        if (this.transform == 1) {
            for (int i5 = 0; i5 < this.numMPCRounds; i5++) {
                int i6 = 0;
                while (i6 < 3) {
                    this.digest.absorb(bArr5[i5][i6], 0, i6 == 2 ? this.UnruhGWithInputBytes : this.UnruhGWithoutInputBytes);
                    i6++;
                }
            }
        }
        SHAKEDigest sHAKEDigest2 = this.digest;
        byte[] bArr8 = new byte[iArr.length * 4];
        Pack.intToLittleEndian(0, bArr8, iArr);
        sHAKEDigest2.absorb(bArr8, 0, this.stateSizeBytes);
        SHAKEDigest sHAKEDigest3 = this.digest;
        byte[] bArr9 = new byte[iArr2.length * 4];
        Pack.intToLittleEndian(0, bArr9, iArr2);
        sHAKEDigest3.absorb(bArr9, 0, this.stateSizeBytes);
        this.digest.absorb(bArr3, 0, 32);
        this.digest.absorb(bArr4, 0, bArr4.length);
        this.digest.doFinal(bArr6, 0, this.digestSizeBytes);
        boolean z = true;
        int i7 = 0;
        while (z) {
            for (int i8 = 0; i8 < this.digestSizeBytes; i8++) {
                byte b = bArr6[i8];
                int i9 = 0;
                while (true) {
                    if (i9 >= 8) {
                        break;
                    }
                    int i10 = (b >>> (6 - i9)) & 3;
                    if (i10 < 3) {
                        int i11 = i7 * 2;
                        Utils.setBit(bArr2, i11, (byte) (i10 & 1));
                        Utils.setBit(bArr2, i11 + 1, (byte) ((i10 >>> 1) & 1));
                        i7++;
                        if (i7 == this.numMPCRounds) {
                            z = false;
                            break;
                        }
                    }
                    i9 += 2;
                }
                if (!z) {
                    break;
                }
            }
            if (!z) {
                return;
            }
            this.digest.update((byte) 1);
            this.digest.absorb(bArr6, 0, this.digestSizeBytes);
            this.digest.doFinal(bArr6, 0, this.digestSizeBytes);
        }
    }

    public final void HCP(byte[] bArr, int[] iArr, int[] iArr2, byte[][] bArr2, byte[] bArr3, byte[] bArr4, int[] iArr3, int[] iArr4, byte[] bArr5) {
        for (int i = 0; i < this.numMPCRounds; i++) {
            this.digest.absorb(bArr2[i], 0, this.digestSizeBytes);
        }
        this.digest.absorb(bArr3, 0, this.digestSizeBytes);
        this.digest.absorb(bArr4, 0, 32);
        SHAKEDigest sHAKEDigest = this.digest;
        byte[] bArr6 = new byte[iArr3.length * 4];
        Pack.intToLittleEndian(0, bArr6, iArr3);
        sHAKEDigest.absorb(bArr6, 0, this.stateSizeBytes);
        SHAKEDigest sHAKEDigest2 = this.digest;
        byte[] bArr7 = new byte[iArr4.length * 4];
        Pack.intToLittleEndian(0, bArr7, iArr4);
        sHAKEDigest2.absorb(bArr7, 0, this.stateSizeBytes);
        this.digest.absorb(bArr5, 0, bArr5.length);
        this.digest.doFinal(bArr, 0, this.digestSizeBytes);
        if (iArr == null || iArr2 == null) {
            return;
        }
        expandChallengeHash(bArr, iArr, iArr2);
    }

    public final void aux_mpc_AND(int i, int i2, int i3, Tape tape) {
        int i4 = this.numMPCParties - 1;
        int tapesToWord = tape.tapesToWord();
        int i5 = tapesToWord ^ (tapesToWord >>> 1);
        int i6 = i5 ^ (i5 >>> 2);
        int i7 = i6 ^ (i6 >>> 4);
        Utils.setBit(tape.tapes[i4], tape.pos - 1, (byte) ((((i & i2) ^ (((i7 ^ (i7 >>> 8)) & 1) ^ Utils.getBit(tape.pos - 1, tape.tapes[i4]))) ^ i3) & 255));
    }

    public final void commit(int i, int i2, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) {
        this.digest.absorb(bArr2, 0, this.seedSizeBytes);
        if (bArr3 != null) {
            this.digest.absorb(bArr3, 0, this.andSizeBytes);
        }
        this.digest.absorb(bArr4, 0, 32);
        this.digest.absorb(Pack.intToLittleEndian(i), 0, 2);
        this.digest.absorb(Pack.intToLittleEndian(i2), 0, 2);
        this.digest.doFinal(bArr, 0, this.digestSizeBytes);
    }

    public final void commit_h(byte[] bArr, byte[][] bArr2) {
        for (int i = 0; i < this.numMPCParties; i++) {
            this.digest.absorb(bArr2[i], 0, this.digestSizeBytes);
        }
        this.digest.doFinal(bArr, 0, this.digestSizeBytes);
    }

    public final void commit_v(byte[] bArr, byte[] bArr2, Msg msg) {
        this.digest.absorb(bArr2, 0, this.stateSizeBytes);
        for (int i = 0; i < this.numMPCParties; i++) {
            this.digest.absorb(msg.msgs[i], 0, Utils.numBytes(msg.pos));
        }
        this.digest.doFinal(bArr, 0, this.digestSizeBytes);
    }

    public final boolean createRandomTape(int i, int i2, int i3, int i4, byte[] bArr, byte[] bArr2, byte[] bArr3) {
        if (i4 < this.digestSizeBytes) {
            return false;
        }
        this.digest.update((byte) 2);
        this.digest.absorb(bArr, i, this.seedSizeBytes);
        this.digest.doFinal(bArr3, 0, this.digestSizeBytes);
        this.digest.absorb(bArr3, 0, this.digestSizeBytes);
        this.digest.absorb(bArr2, 0, 32);
        this.digest.absorb(Pack.intToLittleEndian(i2), 0, 2);
        this.digest.absorb(Pack.intToLittleEndian(i3), 0, 2);
        this.digest.absorb(Pack.intToLittleEndian(i4), 0, 2);
        this.digest.doFinal(bArr3, 0, i4);
        return true;
    }

    public final void createRandomTapes(Tape tape, byte[][] bArr, int i, byte[] bArr2, int i2) {
        int i3 = this.andSizeBytes * 2;
        for (int i4 = 0; i4 < this.numMPCParties; i4++) {
            this.digest.absorb(bArr[i4 + i], 0, this.seedSizeBytes);
            this.digest.absorb(bArr2, 0, 32);
            this.digest.absorb(Pack.intToLittleEndian(i2), 0, 2);
            this.digest.absorb(Pack.intToLittleEndian(i4), 0, 2);
            this.digest.doFinal(tape.tapes[i4], 0, i3);
        }
    }

    public final void expandChallengeHash(byte[] bArr, int[] iArr, int[] iArr2) {
        int ceil_log2 = Utils.ceil_log2(this.numMPCRounds);
        int ceil_log22 = Utils.ceil_log2(this.numMPCParties);
        int[] iArr3 = new int[(this.digestSizeBytes * 8) / Math.min(ceil_log2, ceil_log22)];
        byte[] bArr2 = new byte[64];
        System.arraycopy(bArr, 0, bArr2, 0, this.digestSizeBytes);
        int i = 0;
        while (i < this.numOpenedRounds) {
            int bitsToChunks = bitsToChunks(ceil_log2, this.digestSizeBytes, bArr2, iArr3);
            for (int i2 = 0; i2 < bitsToChunks; i2++) {
                int i3 = iArr3[i2];
                if (i3 < this.numMPCRounds) {
                    if (i == 0) {
                        iArr[i] = i3;
                    } else {
                        for (int i4 = 0; i4 < i; i4++) {
                            if (iArr[i4] == i3) {
                                break;
                            }
                        }
                        iArr[i] = i3;
                    }
                    i++;
                }
                if (i == this.numOpenedRounds) {
                    break;
                }
            }
            this.digest.update((byte) 1);
            this.digest.absorb(bArr2, 0, this.digestSizeBytes);
            this.digest.doFinal(bArr2, 0, this.digestSizeBytes);
        }
        int i5 = 0;
        while (i5 < this.numOpenedRounds) {
            int bitsToChunks2 = bitsToChunks(ceil_log22, this.digestSizeBytes, bArr2, iArr3);
            for (int i6 = 0; i6 < bitsToChunks2; i6++) {
                int i7 = iArr3[i6];
                if (i7 < this.numMPCParties) {
                    iArr2[i5] = i7;
                    i5++;
                }
                if (i5 == this.numOpenedRounds) {
                    break;
                }
            }
            this.digest.update((byte) 1);
            this.digest.absorb(bArr2, 0, this.digestSizeBytes);
            this.digest.doFinal(bArr2, 0, this.digestSizeBytes);
        }
    }

    public final void getAuxBits(byte[] bArr, Tape tape) {
        int i = this.numMPCParties - 1;
        int i2 = this.stateSizeBits;
        int i3 = 0;
        for (int i4 = 0; i4 < this.numRounds; i4++) {
            int i5 = 0;
            while (i5 < i2) {
                Utils.setBit(bArr, i3, Utils.getBit((i2 * 2 * i4) + i2 + i5, tape.tapes[i]));
                i5++;
                i3++;
            }
        }
    }

    public final int[] getMissingLeavesList(int[] iArr) {
        int[] iArr2 = new int[this.numMPCRounds - this.numOpenedRounds];
        int i = 0;
        for (int i2 = 0; i2 < this.numMPCRounds; i2++) {
            if (!contains(this.numOpenedRounds, i2, iArr)) {
                iArr2[i] = i2;
                i++;
            }
        }
        return iArr2;
    }

    public final void matrix_mul(int i, int[] iArr, int[] iArr2, int[] iArr3) {
        matrix_mul_offset(iArr, 0, iArr2, 0, iArr3, i);
    }

    public final void matrix_mul_offset(int[] iArr, int i, int[] iArr2, int i2, int[] iArr3, int i3) {
        int[] iArr4 = new int[16];
        iArr4[this.stateSizeWords - 1] = 0;
        int i4 = this.stateSizeBits / 32;
        for (int i5 = 0; i5 < this.stateSizeBits; i5++) {
            int i6 = 0;
            for (int i7 = 0; i7 < i4; i7++) {
                i6 ^= iArr3[((this.stateSizeWords * i5) + i7) + i3] & iArr2[i7 + i2];
            }
            for (int i8 = i4 * 32; i8 < this.stateSizeBits; i8++) {
                i6 ^= Utils.getBitFromWordArray((i3 * 32) + (((this.stateSizeWords * i5) * 32) + i8), iArr3) & Utils.getBitFromWordArray((i2 * 32) + i8, iArr2);
            }
            int i9 = (i6 >>> 1) ^ i6;
            int i10 = i9 ^ (i9 >>> 2);
            int i11 = i10 ^ (i10 >>> 4);
            int i12 = i11 ^ (i11 >>> 8);
            Utils.setBit(i5, (i12 ^ (i12 >>> 16)) & 1, iArr4);
        }
        System.arraycopy(iArr4, 0, iArr, i, this.stateSizeWords);
    }

    public final int mpc_AND(int i, int i2, int i3, int i4, Tape tape, Msg msg) {
        int tapesToWord = ((i3 & (~(i2 - 1))) ^ (i4 & (~(i - 1)))) ^ tape.tapesToWord();
        byte[] intToLittleEndian = Pack.intToLittleEndian(tapesToWord);
        int i5 = msg.unopened;
        if (i5 >= 0) {
            Utils.setBit(intToLittleEndian, msg.unopened, (byte) (Utils.getBit(msg.pos, msg.msgs[i5]) & 255));
            tapesToWord = Pack.littleEndianToInt(0, intToLittleEndian);
        }
        for (int i6 = 0; i6 < this.numMPCParties; i6++) {
            Utils.setBit(msg.msgs[i6], msg.pos, (byte) (Utils.getBit(i6, Pack.intToLittleEndian(tapesToWord)) & 255));
        }
        msg.pos++;
        int i7 = tapesToWord ^ (tapesToWord >>> 1);
        int i8 = i7 ^ (i7 >>> 2);
        int i9 = i8 ^ (i8 >>> 4);
        return (i & i2) ^ ((i9 ^ (i9 >>> 8)) & 1);
    }

    public final void mpc_xor(int i, int i2, int[] iArr, int[] iArr2) {
        for (int i3 = 0; i3 < i2; i3++) {
            for (int i4 = 0; i4 < i; i4++) {
                int i5 = this.stateSizeWords;
                int i6 = ((i2 + i3) * i5) + i4;
                iArr[i6] = iArr2[(i5 * i3) + i4] ^ iArr[i6];
            }
        }
    }

    public final void mpc_xor_constant_verify(int i, int i2, int[] iArr, int[] iArr2, int i3) {
        int i4;
        if (i3 == 0) {
            i4 = this.stateSizeWords * 2;
        } else if (i3 != 2) {
            return;
        } else {
            i4 = this.stateSizeWords * 3;
        }
        for (int i5 = 0; i5 < i2; i5++) {
            int i6 = i5 + i4;
            iArr[i6] = iArr[i6] ^ iArr2[i5 + i];
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:29:0x00e3 A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:31:0x00e5  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final int simulateOnline(int[] r24, org.bouncycastle.pqc.crypto.picnic.Tape r25, int[] r26, org.bouncycastle.pqc.crypto.picnic.Msg r27, int[] r28, int[] r29) {
        /*
            Method dump skipped, instructions count: 231
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.pqc.crypto.picnic.PicnicEngine.simulateOnline(int[], org.bouncycastle.pqc.crypto.picnic.Tape, int[], org.bouncycastle.pqc.crypto.picnic.Msg, int[], int[]):int");
    }

    public final void xor_three(int[] iArr, int[] iArr2, int[] iArr3, int[] iArr4) {
        int i = this.stateSizeWords;
        for (int i2 = 0; i2 < i; i2++) {
            iArr[i2] = (iArr2[i2] ^ iArr3[i2]) ^ iArr4[i2];
        }
    }
}
