package org.bouncycastle.pqc.crypto.qtesla;

import java.security.SecureRandom;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
import org.bouncycastle.crypto.KeyGenerationParameters;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.pqc.crypto.qtesla.QTesla1p;
import org.bouncycastle.pqc.crypto.qtesla.QTesla3p;
import org.bouncycastle.util.Pack;
import yg.C0661;
import yg.C0676;

/* loaded from: classes2.dex */
public final class QTESLAKeyPairGenerator implements AsymmetricCipherKeyPairGenerator {
    public SecureRandom secureRandom;
    public int securityCategory;

    @Override // org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator
    public AsymmetricCipherKeyPair generateKeyPair() {
        int i10;
        int i11;
        byte[] bArr = new byte[QTESLASecurityCategory.getPrivateSize(this.securityCategory)];
        byte[] bArr2 = new byte[QTESLASecurityCategory.getPublicSize(this.securityCategory)];
        int i12 = this.securityCategory;
        if (i12 == 5) {
            byte[] bArr3 = new byte[32];
            byte[] bArr4 = new byte[224];
            int[] iArr = new int[1024];
            int[] iArr2 = new int[4096];
            int[] iArr3 = new int[4096];
            int[] iArr4 = new int[4096];
            int[] iArr5 = new int[1024];
            this.secureRandom.nextBytes(bArr3);
            HashUtils.secureHashAlgorithmKECCAK128(bArr4, 0, 224, bArr3, 0, 32);
            int i13 = 0;
            int i14 = 0;
            for (int i15 = 0; i15 < 4; i15++) {
                do {
                    i14++;
                    i10 = i15 * 1024;
                    QTesla1p.Gaussian.sample_gauss_poly(i14, bArr4, i15 * 32, iArr2, i10);
                } while (QTesla1p.checkPolynomial(iArr2, i10, 554));
            }
            do {
                i14++;
                QTesla1p.Gaussian.sample_gauss_poly(i14, bArr4, 128, iArr, 0);
            } while (QTesla1p.checkPolynomial(iArr, 0, 554));
            QTesla1p.QTesla1PPolynomial.poly_uniform(iArr3, bArr4, 160);
            QTesla1p.QTesla1PPolynomial.poly_ntt(iArr5, iArr);
            while (i13 < 4) {
                int i16 = i13 * 1024;
                QTesla1p.QTesla1PPolynomial.poly_mul(iArr4, i16, iArr3, i16, iArr5);
                int[] iArr6 = iArr4;
                iArr2 = iArr2;
                for (int i17 = 0; i17 < 1024; i17++) {
                    iArr6[i16 + i17] = QTesla1p.QTesla1PPolynomial.correct(QTesla1p.QTesla1PPolynomial.correct(iArr6[i16 + i17] + iArr2[i16 + i17]) - QTesla1p.PARAM_Q);
                }
                i13++;
                iArr4 = iArr6;
            }
            int i18 = 0;
            for (int i19 = 0; i19 < 3712; i19 += 29) {
                int i20 = i18 + 1;
                Pack.intToLittleEndian(iArr4[i18] | (iArr4[i20] << 29), bArr2, (i19 + 0) << 2);
                int i21 = i18 + 2;
                Pack.intToLittleEndian((iArr4[i20] >> 3) | (iArr4[i21] << 26), bArr2, (i19 + 1) << 2);
                int i22 = iArr4[i21] >> 6;
                int i23 = i18 + 3;
                Pack.intToLittleEndian(i22 | (iArr4[i23] << 23), bArr2, (i19 + 2) << 2);
                int i24 = i18 + 4;
                Pack.intToLittleEndian((iArr4[i23] >> 9) | (iArr4[i24] << 20), bArr2, (i19 + 3) << 2);
                int i25 = i18 + 5;
                Pack.intToLittleEndian((iArr4[i24] >> 12) | (iArr4[i25] << 17), bArr2, (i19 + 4) << 2);
                int i26 = i18 + 6;
                Pack.intToLittleEndian((iArr4[i25] >> 15) | (iArr4[i26] << 14), bArr2, (i19 + 5) << 2);
                int i27 = iArr4[i26] >> 18;
                int i28 = i18 + 7;
                Pack.intToLittleEndian(i27 | (iArr4[i28] << 11), bArr2, (i19 + 6) << 2);
                int i29 = iArr4[i28] >> 21;
                int i30 = i18 + 8;
                Pack.intToLittleEndian(i29 | (iArr4[i30] << 8), bArr2, (i19 + 7) << 2);
                int i31 = i18 + 9;
                Pack.intToLittleEndian((iArr4[i30] >> 24) | (iArr4[i31] << 5), bArr2, (i19 + 8) << 2);
                int i32 = (iArr4[i31] >> 27) | (iArr4[i18 + 10] << 2);
                int i33 = i18 + 11;
                Pack.intToLittleEndian(i32 | (iArr4[i33] << 31), bArr2, (i19 + 9) << 2);
                int i34 = i18 + 12;
                Pack.intToLittleEndian((iArr4[i33] >> 1) | (iArr4[i34] << 28), bArr2, (10 + i19) << 2);
                int i35 = i18 + 13;
                Pack.intToLittleEndian((iArr4[i34] >> 4) | (iArr4[i35] << 25), bArr2, (i19 + 11) << 2);
                int i36 = iArr4[i35] >> 7;
                int i37 = i18 + 14;
                Pack.intToLittleEndian(i36 | (iArr4[i37] << 22), bArr2, (i19 + 12) << 2);
                int i38 = iArr4[i37] >> 10;
                int i39 = i18 + 15;
                Pack.intToLittleEndian(i38 | (iArr4[i39] << 19), bArr2, (i19 + 13) << 2);
                int i40 = iArr4[i39] >> 13;
                int i41 = i18 + 16;
                Pack.intToLittleEndian(i40 | (iArr4[i41] << 16), bArr2, (i19 + 14) << 2);
                int i42 = iArr4[i41] >> 16;
                int i43 = i18 + 17;
                Pack.intToLittleEndian(i42 | (iArr4[i43] << 13), bArr2, (i19 + 15) << 2);
                int i44 = i18 + 18;
                Pack.intToLittleEndian((iArr4[i44] << 10) | (iArr4[i43] >> 19), bArr2, (i19 + 16) << 2);
                int i45 = iArr4[i44] >> 22;
                int i46 = i18 + 19;
                Pack.intToLittleEndian(i45 | (iArr4[i46] << 7), bArr2, (17 + i19) << 2);
                int i47 = i18 + 20;
                Pack.intToLittleEndian((iArr4[i46] >> 25) | (iArr4[i47] << 4), bArr2, (18 + i19) << 2);
                int i48 = (iArr4[i18 + 21] << 1) | (iArr4[i47] >> 28);
                int i49 = i18 + 22;
                Pack.intToLittleEndian(i48 | (iArr4[i49] << 30), bArr2, (i19 + 19) << 2);
                int i50 = iArr4[i49] >> 2;
                int i51 = i18 + 23;
                Pack.intToLittleEndian(i50 | (iArr4[i51] << 27), bArr2, (20 + i19) << 2);
                int i52 = iArr4[i51] >> 5;
                int i53 = i18 + 24;
                Pack.intToLittleEndian(i52 | (iArr4[i53] << 24), bArr2, (21 + i19) << 2);
                int i54 = iArr4[i53] >> 8;
                int i55 = i18 + 25;
                Pack.intToLittleEndian(i54 | (iArr4[i55] << 21), bArr2, (i19 + 22) << 2);
                int i56 = i18 + 26;
                Pack.intToLittleEndian((iArr4[i55] >> 11) | (iArr4[i56] << 18), bArr2, (23 + i19) << 2);
                int i57 = i18 + 27;
                Pack.intToLittleEndian((iArr4[i56] >> 14) | (iArr4[i57] << 15), bArr2, (i19 + 24) << 2);
                int i58 = i18 + 28;
                Pack.intToLittleEndian((iArr4[i57] >> 17) | (iArr4[i58] << 12), bArr2, (i19 + 25) << 2);
                int i59 = i18 + 29;
                Pack.intToLittleEndian((iArr4[i58] >> 20) | (iArr4[i59] << 9), bArr2, (i19 + 26) << 2);
                int i60 = i18 + 30;
                Pack.intToLittleEndian((iArr4[i59] >> 23) | (iArr4[i60] << 6), bArr2, (i19 + 27) << 2);
                Pack.intToLittleEndian((iArr4[i60] >> 26) | (iArr4[i18 + 31] << 3), bArr2, (i19 + 28) << 2);
                i18 += 32;
            }
            System.arraycopy(bArr4, 160, bArr2, 14848, 32);
            for (int i61 = 0; i61 < 1024; i61++) {
                bArr[0 + i61] = (byte) iArr[i61];
            }
            for (int i62 = 0; i62 < 4; i62++) {
                for (int i63 = 0; i63 < 1024; i63++) {
                    int i64 = (i62 * 1024) + i63;
                    bArr[1024 + i64] = (byte) iArr2[i64];
                }
            }
            System.arraycopy(bArr4, 160, bArr, 5120, 64);
            HashUtils.secureHashAlgorithmKECCAK128(bArr, 5184, 40, bArr2, 0, 14848);
        } else {
            if (i12 != 6) {
                throw new IllegalArgumentException(C0661.m372("~V2TD)~\u0013UfAR\u001ew\u0002\u0004\u0019;\u0018.,\r\u0014UK\rq", (short) (C0676.m402() ^ (-5155)), (short) (C0676.m402() ^ (-28161))) + this.securityCategory);
            }
            byte[] bArr5 = new byte[32];
            byte[] bArr6 = new byte[256];
            long[] jArr = new long[2048];
            long[] jArr2 = new long[10240];
            long[] jArr3 = new long[10240];
            long[] jArr4 = new long[10240];
            long[] jArr5 = new long[2048];
            this.secureRandom.nextBytes(bArr5);
            HashUtils.secureHashAlgorithmKECCAK256(bArr6, 0, 256, bArr5, 0, 32);
            int i65 = 0;
            int i66 = 0;
            for (int i67 = 0; i67 < 5; i67++) {
                do {
                    i66++;
                    i11 = i67 * 2048;
                    QTesla3p.Gaussian.sample_gauss_poly(i66, bArr6, i67 * 32, jArr2, i11);
                } while (QTesla3p.checkPolynomial(jArr2, i11, 901));
            }
            do {
                i66++;
                QTesla3p.Gaussian.sample_gauss_poly(i66, bArr6, 160, jArr, 0);
            } while (QTesla3p.checkPolynomial(jArr, 0, 901));
            QTesla3p.QTesla3PPolynomial.poly_uniform(jArr3, bArr6, 192);
            QTesla3p.QTesla3PPolynomial.poly_ntt(jArr5, jArr);
            while (i65 < 5) {
                int i68 = i65 * 2048;
                QTesla3p.QTesla3PPolynomial.poly_mul(jArr4, i68, jArr3, i68, jArr5);
                long[] jArr6 = jArr4;
                jArr2 = jArr2;
                for (int i69 = 0; i69 < 2048; i69++) {
                    int i70 = i68 + i69;
                    jArr6[i70] = jArr6[i68 + i69] + jArr2[i68 + i69];
                    jArr6[i70] = jArr6[i70] - 856145921;
                    jArr6[i70] = jArr6[i70] + (856145921 & (jArr6[i70] >> 31));
                }
                i65++;
                jArr4 = jArr6;
            }
            int i71 = 0;
            int i72 = 0;
            int i73 = 0;
            while (i72 < 9600) {
                int i74 = i73 + 1;
                Pack.intToLittleEndian((int) (jArr4[i73] | (jArr4[i74] << 30)), bArr2, (i72 * 4) + (i71 * 4));
                int i75 = i73 + 2;
                Pack.intToLittleEndian((int) ((jArr4[i74] >> 2) | (jArr4[i75] << 28)), bArr2, (i72 * 4) + (1 * 4));
                long j10 = jArr4[i75] >> 4;
                int i76 = i73 + 3;
                Pack.intToLittleEndian((int) (j10 | (jArr4[i76] << 26)), bArr2, (i72 * 4) + (2 * 4));
                long j11 = jArr4[i76] >> 6;
                int i77 = i73 + 4;
                Pack.intToLittleEndian((int) (j11 | (jArr4[i77] << 24)), bArr2, (i72 * 4) + (3 * 4));
                long j12 = jArr4[i77] >> 8;
                int i78 = i73 + 5;
                Pack.intToLittleEndian((int) (j12 | (jArr4[i78] << 22)), bArr2, (i72 * 4) + (4 * 4));
                long j13 = jArr4[i78] >> 10;
                int i79 = i73 + 6;
                Pack.intToLittleEndian((int) (j13 | (jArr4[i79] << 20)), bArr2, (i72 * 4) + (5 * 4));
                long j14 = jArr4[i79] >> 12;
                int i80 = i73 + 7;
                Pack.intToLittleEndian((int) (j14 | (jArr4[i80] << 18)), bArr2, (i72 * 4) + (6 * 4));
                int i81 = i73 + 8;
                Pack.intToLittleEndian((int) ((jArr4[i80] >> 14) | (jArr4[i81] << 16)), bArr2, (i72 * 4) + (7 * 4));
                int i82 = i73 + 9;
                Pack.intToLittleEndian((int) ((jArr4[i81] >> 16) | (jArr4[i82] << 14)), bArr2, (i72 * 4) + (8 * 4));
                long j15 = jArr4[i82] >> 18;
                int i83 = i73 + 10;
                Pack.intToLittleEndian((int) (j15 | (jArr4[i83] << 12)), bArr2, (i72 * 4) + (9 * 4));
                long j16 = jArr4[i83] >> 20;
                int i84 = i73 + 11;
                Pack.intToLittleEndian((int) (j16 | (jArr4[i84] << 10)), bArr2, (i72 * 4) + (10 * 4));
                long j17 = jArr4[i84] >> 22;
                int i85 = i73 + 12;
                Pack.intToLittleEndian((int) (j17 | (jArr4[i85] << 8)), bArr2, (i72 * 4) + (11 * 4));
                long j18 = jArr4[i85] >> 24;
                int i86 = i73 + 13;
                Pack.intToLittleEndian((int) (j18 | (jArr4[i86] << 6)), bArr2, (i72 * 4) + (12 * 4));
                long j19 = jArr4[i86] >> 26;
                int i87 = i73 + 14;
                Pack.intToLittleEndian((int) (j19 | (jArr4[i87] << 4)), bArr2, (i72 * 4) + (13 * 4));
                Pack.intToLittleEndian((int) ((jArr4[i87] >> 28) | (jArr4[i73 + 15] << 2)), bArr2, (i72 * 4) + (14 * 4));
                i73 += 16;
                i72 += 15;
                i71 = 0;
            }
            System.arraycopy(bArr6, 192, bArr2, 38400, 32);
            for (int i88 = 0; i88 < 2048; i88++) {
                bArr[0 + i88] = (byte) jArr[i88];
            }
            for (int i89 = 0; i89 < 5; i89++) {
                for (int i90 = 0; i90 < 2048; i90++) {
                    bArr[2048 + (i89 * 2048) + i90] = (byte) jArr2[r1];
                }
            }
            System.arraycopy(bArr6, 192, bArr, 12288, 64);
            HashUtils.secureHashAlgorithmKECCAK256(bArr, 12352, 40, bArr2, 0, 38400);
        }
        return new AsymmetricCipherKeyPair((AsymmetricKeyParameter) new QTESLAPublicKeyParameters(this.securityCategory, bArr2), (AsymmetricKeyParameter) new QTESLAPrivateKeyParameters(this.securityCategory, bArr));
    }

    @Override // org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator
    public void init(KeyGenerationParameters keyGenerationParameters) {
        QTESLAKeyGenerationParameters qTESLAKeyGenerationParameters = (QTESLAKeyGenerationParameters) keyGenerationParameters;
        this.secureRandom = qTESLAKeyGenerationParameters.random;
        this.securityCategory = qTESLAKeyGenerationParameters.securityCategory;
    }
}
