package org.bouncycastle.pqc.crypto.saber;

import com.google.common.base.Ascii;
import java.lang.reflect.Array;
import okio.Utf8;
import org.bouncycastle.crypto.EncapsulatedSecretExtractor;
import org.bouncycastle.crypto.digests.SHA3Digest;
import org.bouncycastle.util.Arrays;
import uf.a;
import uf.b;
import uf.c;

/* loaded from: classes8.dex */
public class SABERKEMExtractor implements EncapsulatedSecretExtractor {

    /* renamed from: a, reason: collision with root package name */
    public final SABERKeyParameters f79773a;

    /* renamed from: a, reason: collision with other field name */
    public b f31975a;

    public SABERKEMExtractor(SABERKeyParameters sABERKeyParameters) {
        this.f79773a = sABERKeyParameters;
        this.f31975a = sABERKeyParameters.getParameters().getEngine();
    }

    @Override // org.bouncycastle.crypto.EncapsulatedSecretExtractor
    public byte[] extractSecret(byte[] bArr) {
        byte[] bArr2;
        int i4;
        int i5;
        b bVar = this.f31975a;
        byte[] bArr3 = new byte[bVar.f82039l / 8];
        byte[] privateKey = ((SABERPrivateKeyParameters) this.f79773a).getPrivateKey();
        int i10 = bVar.f82038k;
        byte[] bArr4 = new byte[i10];
        byte[] bArr5 = new byte[64];
        byte[] bArr6 = new byte[64];
        byte[] copyOfRange = Arrays.copyOfRange(privateKey, bVar.f82035h, privateKey.length);
        int[] iArr = {r8, 256};
        int i11 = bVar.f82030a;
        short[][] sArr = (short[][]) Array.newInstance((Class<?>) Short.TYPE, iArr);
        short[][] sArr2 = (short[][]) Array.newInstance((Class<?>) Short.TYPE, i11, 256);
        short[] sArr3 = new short[256];
        short[] sArr4 = new short[256];
        c cVar = bVar.f33783a;
        cVar.b(privateKey, 0, sArr);
        cVar.a(bArr, sArr2);
        int i12 = 0;
        while (true) {
            a aVar = bVar.f33782a;
            bArr2 = bArr3;
            if (i12 >= aVar.f82029c) {
                break;
            }
            aVar.f(sArr2[i12], sArr[i12], sArr3);
            i12++;
            bArr3 = bArr2;
            sArr2 = sArr2;
        }
        int i13 = cVar.f82042b;
        int i14 = bVar.f;
        if (i13 == 3) {
            short s10 = 0;
            for (short s11 = 32; s10 < s11; s11 = 32) {
                short s12 = (short) (s10 * 8);
                int i15 = ((short) (s10 * 3)) + i14;
                byte b3 = bArr[i15 + 0];
                sArr4[s12 + 0] = (short) (b3 & 7);
                sArr4[s12 + 1] = (short) ((b3 >> 3) & 7);
                byte b10 = bArr[i15 + 1];
                sArr4[s12 + 2] = (short) (((b3 >> 6) & 3) | ((b10 & 1) << 2));
                sArr4[s12 + 3] = (short) ((b10 >> 1) & 7);
                sArr4[s12 + 4] = (short) ((b10 >> 4) & 7);
                byte b11 = bArr[i15 + 2];
                sArr4[s12 + 5] = (short) (((b10 >> 7) & 1) | ((b11 & 3) << 1));
                sArr4[s12 + 6] = (short) ((b11 >> 2) & 7);
                sArr4[s12 + 7] = (short) ((b11 >> 5) & 7);
                s10 = (short) (s10 + 1);
                i10 = i10;
            }
            i4 = i10;
        } else {
            i4 = i10;
            if (i13 == 4) {
                for (short s13 = 0; s13 < 128; s13 = (short) (s13 + 1)) {
                    short s14 = (short) (s13 * 2);
                    byte b12 = bArr[i14 + s13];
                    sArr4[s14] = (short) (b12 & Ascii.SI);
                    sArr4[s14 + 1] = (short) ((b12 >> 4) & 15);
                }
            } else if (i13 == 6) {
                for (short s15 = 0; s15 < 64; s15 = (short) (s15 + 1)) {
                    short s16 = (short) (s15 * 4);
                    int i16 = ((short) (s15 * 3)) + i14;
                    byte b13 = bArr[i16 + 0];
                    sArr4[s16 + 0] = (short) (b13 & Utf8.REPLACEMENT_BYTE);
                    byte b14 = bArr[i16 + 1];
                    sArr4[s16 + 1] = (short) (((b13 >> 6) & 3) | ((b14 & Ascii.SI) << 2));
                    byte b15 = bArr[i16 + 2];
                    sArr4[s16 + 2] = (short) (((b14 & 255) >> 4) | ((b15 & 3) << 4));
                    sArr4[s16 + 3] = (short) ((b15 & 255) >> 2);
                }
            }
        }
        for (int i17 = 0; i17 < 256; i17++) {
            sArr3[i17] = (short) ((((sArr3[i17] + bVar.f82040m) - (sArr4[i17] << (10 - bVar.f82032c))) & 65535) >> 9);
        }
        for (byte b16 = 0; b16 < 32; b16 = (byte) (b16 + 1)) {
            for (byte b17 = 0; b17 < 8; b17 = (byte) (b17 + 1)) {
                bArr5[b16] = (byte) (bArr5[b16] | ((sArr3[(b16 * 8) + b17] & 1) << b17));
            }
        }
        int i18 = 0;
        while (true) {
            i5 = bVar.f82037j;
            if (i18 >= 32) {
                break;
            }
            bArr5[i18 + 32] = privateKey[(i5 - 64) + i18];
            i18++;
        }
        SHA3Digest sHA3Digest = new SHA3Digest(256);
        SHA3Digest sHA3Digest2 = new SHA3Digest(512);
        sHA3Digest2.update(bArr5, 0, 64);
        sHA3Digest2.doFinal(bArr6, 0);
        bVar.a(bArr5, Arrays.copyOfRange(bArr6, 32, 64), copyOfRange, bArr4);
        long j10 = 0;
        int i19 = i4;
        for (int i20 = 0; i20 < i19; i20++) {
            j10 |= bArr[i20] ^ bArr4[i20];
        }
        sHA3Digest.update(bArr, 0, i19);
        int i21 = 32;
        sHA3Digest.doFinal(bArr6, 32);
        int i22 = i5 - 32;
        byte b18 = (byte) (-((byte) ((-j10) >>> 63)));
        int i23 = 0;
        while (i23 < i21) {
            byte b19 = bArr6[i23];
            bArr6[i23] = (byte) (b19 ^ ((privateKey[i23 + i22] ^ b19) & b18));
            i23++;
            i21 = 32;
        }
        byte[] bArr7 = new byte[i21];
        sHA3Digest.update(bArr6, 0, 64);
        sHA3Digest.doFinal(bArr7, 0);
        System.arraycopy(bArr7, 0, bArr2, 0, bVar.f82039l / 8);
        return bArr2;
    }

    @Override // org.bouncycastle.crypto.EncapsulatedSecretExtractor
    public int getEncapsulationLength() {
        return this.f31975a.f82038k;
    }
}
