package org.bouncycastle.pqc.crypto.saber;

import org.bouncycastle.asn1.BERTags;
import org.bouncycastle.crypto.digests.Blake2xsDigest;
import org.bouncycastle.pqc.crypto.crystals.dilithium.DilithiumEngine;
import org.bouncycastle.pqc.crypto.crystals.kyber.KyberEngine;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes3.dex */
public class Poly {
    private static final int KARATSUBA_N = 64;
    private static int SCHB_N = 16;
    private final int N_RES;
    private final int N_SB;
    private final int N_SB_RES;
    private final int SABER_L;
    private final int SABER_N;
    private final SABEREngine engine;
    private final Utils utils;

    public Poly(SABEREngine sABEREngine) {
        this.engine = sABEREngine;
        this.SABER_L = sABEREngine.getSABER_L();
        int saber_n = sABEREngine.getSABER_N();
        this.SABER_N = saber_n;
        this.N_RES = saber_n << 1;
        this.N_SB = saber_n >> 2;
        this.N_SB_RES = (r0 * 2) - 1;
        this.utils = sABEREngine.getUtils();
    }

    private short OVERFLOWING_MUL(int i12, int i13) {
        return (short) (i12 * i13);
    }

    private void cbd(short[] sArr, byte[] bArr, int i12) {
        int[] iArr = new int[4];
        if (this.engine.getSABER_MU() == 6) {
            for (int i13 = 0; i13 < this.SABER_N / 4; i13++) {
                int load_littleendian = (int) load_littleendian(bArr, i12 + (i13 * 3), 3);
                int i14 = 0;
                for (int i15 = 0; i15 < 3; i15++) {
                    i14 += (load_littleendian >> i15) & 2396745;
                }
                iArr[0] = i14 & 7;
                iArr[1] = (i14 >>> 6) & 7;
                iArr[2] = (i14 >>> 12) & 7;
                iArr[3] = (i14 >>> 18) & 7;
                int i16 = i13 * 4;
                sArr[i16] = (short) (iArr[0] - ((i14 >>> 3) & 7));
                sArr[i16 + 1] = (short) (iArr[1] - ((i14 >>> 9) & 7));
                sArr[i16 + 2] = (short) (iArr[2] - ((i14 >>> 15) & 7));
                sArr[i16 + 3] = (short) (iArr[3] - (i14 >>> 21));
            }
            return;
        }
        char c12 = 15;
        if (this.engine.getSABER_MU() == 8) {
            for (int i17 = 0; i17 < this.SABER_N / 4; i17++) {
                int i18 = i17 * 4;
                int load_littleendian2 = (int) load_littleendian(bArr, i12 + i18, 4);
                int i19 = 0;
                for (int i22 = 0; i22 < 4; i22++) {
                    i19 += (load_littleendian2 >>> i22) & 286331153;
                }
                iArr[0] = i19 & 15;
                iArr[1] = (i19 >>> 8) & 15;
                iArr[2] = (i19 >>> 16) & 15;
                iArr[3] = (i19 >>> 24) & 15;
                sArr[i18] = (short) (iArr[0] - ((i19 >>> 4) & 15));
                sArr[i18 + 1] = (short) (iArr[1] - ((i19 >>> 12) & 15));
                sArr[i18 + 2] = (short) (iArr[2] - ((i19 >>> 20) & 15));
                sArr[i18 + 3] = (short) (iArr[3] - (i19 >>> 28));
            }
            return;
        }
        if (this.engine.getSABER_MU() == 10) {
            int i23 = 0;
            while (i23 < this.SABER_N / 4) {
                long load_littleendian3 = load_littleendian(bArr, i12 + (i23 * 5), 5);
                long j12 = 0;
                for (int i24 = 0; i24 < 5; i24++) {
                    j12 += (load_littleendian3 >>> i24) & 35468117025L;
                }
                iArr[0] = (int) (j12 & 31);
                iArr[1] = (int) ((j12 >>> 10) & 31);
                iArr[2] = (int) ((j12 >>> 20) & 31);
                iArr[3] = (int) ((j12 >>> 30) & 31);
                int i25 = i23 * 4;
                sArr[i25] = (short) (iArr[0] - ((int) ((j12 >>> 5) & 31)));
                sArr[i25 + 1] = (short) (iArr[1] - ((int) ((j12 >>> c12) & 31)));
                sArr[i25 + 2] = (short) (iArr[2] - ((int) ((j12 >>> 25) & 31)));
                sArr[i25 + 3] = (short) (iArr[3] - ((int) (j12 >>> 35)));
                i23++;
                c12 = 15;
            }
        }
    }

    private void karatsuba_simple(int[] iArr, int[] iArr2, int[] iArr3) {
        int i12 = 31;
        int[] iArr4 = new int[31];
        int[] iArr5 = new int[31];
        int[] iArr6 = new int[31];
        int[] iArr7 = new int[63];
        int i13 = 0;
        while (true) {
            if (i13 >= 16) {
                break;
            }
            int i14 = iArr[i13];
            int i15 = iArr[i13 + 16];
            int i16 = iArr[i13 + 32];
            int i17 = iArr[i13 + 48];
            int i18 = 0;
            for (int i19 = 16; i18 < i19; i19 = 16) {
                int i22 = iArr2[i18];
                int i23 = iArr2[i18 + 16];
                int i24 = i13 + i18;
                iArr3[i24] = iArr3[i24] + OVERFLOWING_MUL(i14, i22);
                int i25 = i24 + 32;
                iArr3[i25] = iArr3[i25] + OVERFLOWING_MUL(i15, i23);
                int i26 = i14;
                int[] iArr8 = iArr7;
                iArr4[i24] = (int) (iArr4[i24] + ((i22 + i23) * (i14 + i15)));
                int i27 = iArr2[i18 + 32];
                int i28 = iArr2[i18 + 48];
                int i29 = i24 + 64;
                iArr3[i29] = iArr3[i29] + OVERFLOWING_MUL(i27, i16);
                int i32 = i24 + 96;
                iArr3[i32] = iArr3[i32] + OVERFLOWING_MUL(i28, i17);
                iArr6[i24] = iArr6[i24] + OVERFLOWING_MUL(i16 + i17, i27 + i28);
                int i33 = i22 + i27;
                int i34 = i26 + i16;
                iArr8[i24] = iArr8[i24] + OVERFLOWING_MUL(i33, i34);
                int i35 = i23 + i28;
                int i36 = i15 + i17;
                iArr8[i25] = iArr8[i25] + OVERFLOWING_MUL(i35, i36);
                iArr5[i24] = iArr5[i24] + OVERFLOWING_MUL(i33 + i35, i34 + i36);
                i18++;
                i14 = i26;
                i13 = i13;
                iArr7 = iArr8;
            }
            i13++;
            i12 = 31;
        }
        int[] iArr9 = iArr7;
        int i37 = 0;
        while (i37 < i12) {
            int i38 = i37 + 32;
            iArr5[i37] = (iArr5[i37] - iArr9[i37]) - iArr9[i38];
            iArr4[i37] = (iArr4[i37] - iArr3[i37]) - iArr3[i38];
            iArr6[i37] = (iArr6[i37] - iArr3[i37 + 64]) - iArr3[i37 + 96];
            i37++;
            i12 = 31;
        }
        for (int i39 = 0; i39 < i12; i39++) {
            int i42 = i39 + 16;
            iArr9[i42] = iArr9[i42] + iArr5[i39];
            iArr3[i42] = iArr3[i42] + iArr4[i39];
            int i43 = i39 + 80;
            iArr3[i43] = iArr3[i43] + iArr6[i39];
        }
        int i44 = 63;
        int i45 = 0;
        while (i45 < i44) {
            iArr9[i45] = (iArr9[i45] - iArr3[i45]) - iArr3[i45 + 64];
            i45++;
            i44 = 63;
        }
        for (int i46 = 0; i46 < i44; i46++) {
            int i47 = i46 + 32;
            iArr3[i47] = iArr3[i47] + iArr9[i46];
        }
    }

    private long load_littleendian(byte[] bArr, int i12, int i13) {
        long j12 = bArr[i12] & 255;
        for (int i14 = 1; i14 < i13; i14++) {
            j12 |= (bArr[i12 + i14] & 255) << (i14 * 8);
        }
        return j12;
    }

    private void poly_mul_acc(short[] sArr, short[] sArr2, short[] sArr3) {
        short[] sArr4 = new short[this.SABER_N * 2];
        toom_cook_4way(sArr, sArr2, sArr4);
        int i12 = this.SABER_N;
        while (true) {
            int i13 = this.SABER_N;
            if (i12 >= i13 * 2) {
                return;
            }
            int i14 = i12 - i13;
            sArr3[i14] = (short) (sArr3[i14] + (sArr4[i12 - i13] - sArr4[i12]));
            i12++;
        }
    }

    private void toom_cook_4way(short[] sArr, short[] sArr2, short[] sArr3) {
        int i12 = this.N_SB;
        int[] iArr = new int[i12];
        int[] iArr2 = new int[i12];
        int[] iArr3 = new int[i12];
        int[] iArr4 = new int[i12];
        int[] iArr5 = new int[i12];
        int[] iArr6 = new int[i12];
        int[] iArr7 = new int[i12];
        int[] iArr8 = new int[i12];
        int[] iArr9 = new int[i12];
        int[] iArr10 = new int[i12];
        int[] iArr11 = new int[i12];
        int[] iArr12 = new int[i12];
        int[] iArr13 = new int[i12];
        int[] iArr14 = new int[i12];
        int i13 = this.N_SB_RES;
        int[] iArr15 = new int[i13];
        int[] iArr16 = new int[i13];
        int[] iArr17 = new int[i13];
        int[] iArr18 = new int[i13];
        int[] iArr19 = new int[i13];
        int[] iArr20 = new int[i13];
        int[] iArr21 = new int[i13];
        int i14 = 0;
        while (true) {
            int i15 = this.N_SB;
            if (i14 >= i15) {
                break;
            }
            short s12 = sArr[i14];
            short s13 = sArr[i14 + i15];
            short s14 = sArr[i14 + (i15 * 2)];
            short s15 = sArr[(i15 * 3) + i14];
            int[] iArr22 = iArr14;
            short s16 = (short) (s12 + s14);
            int[] iArr23 = iArr9;
            short s17 = (short) (s13 + s15);
            iArr3[i14] = (short) (s16 + s17);
            iArr4[i14] = (short) (s16 - s17);
            short s18 = (short) (((s12 << 2) + s14) << 1);
            short s19 = (short) ((s13 << 2) + s15);
            iArr5[i14] = (short) (s18 + s19);
            iArr6[i14] = (short) (s18 - s19);
            iArr2[i14] = (short) ((s15 << 3) + (s14 << 2) + (s13 << 1) + s12);
            iArr7[i14] = s12;
            iArr[i14] = s15;
            i14++;
            iArr14 = iArr22;
            iArr9 = iArr23;
            iArr13 = iArr13;
        }
        int[] iArr24 = iArr14;
        int[] iArr25 = iArr9;
        int[] iArr26 = iArr13;
        int i16 = 0;
        while (true) {
            int i17 = this.N_SB;
            if (i16 >= i17) {
                break;
            }
            short s22 = sArr2[i16];
            short s23 = sArr2[i16 + i17];
            short s24 = sArr2[(i17 * 2) + i16];
            short s25 = sArr2[(i17 * 3) + i16];
            int i18 = s22 + s24;
            int i19 = s23 + s25;
            iArr10[i16] = i18 + i19;
            iArr11[i16] = i18 - i19;
            int i22 = ((s22 << 2) + s24) << 1;
            int i23 = (s23 << 2) + s25;
            iArr12[i16] = i22 + i23;
            iArr26[i16] = i22 - i23;
            iArr25[i16] = (s25 << 3) + (s24 << 2) + (s23 << 1) + s22;
            iArr24[i16] = s22;
            iArr8[i16] = s25;
            i16++;
        }
        karatsuba_simple(iArr, iArr8, iArr15);
        karatsuba_simple(iArr2, iArr25, iArr16);
        karatsuba_simple(iArr3, iArr10, iArr17);
        karatsuba_simple(iArr4, iArr11, iArr18);
        karatsuba_simple(iArr5, iArr12, iArr19);
        karatsuba_simple(iArr6, iArr26, iArr20);
        karatsuba_simple(iArr7, iArr24, iArr21);
        for (int i24 = 0; i24 < this.N_SB_RES; i24++) {
            int i25 = iArr15[i24];
            int i26 = iArr16[i24];
            int i27 = iArr17[i24];
            int i28 = iArr18[i24];
            int i29 = iArr19[i24];
            int i32 = iArr20[i24];
            int i33 = iArr21[i24];
            int i34 = i32 - i29;
            int i35 = ((i28 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH) - (i27 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH)) >>> 1;
            int i36 = i27 + i35;
            int i37 = ((i26 + i29) - (i36 << 6)) - i36;
            int i38 = (i36 - i33) - i25;
            int i39 = i37 + (i38 * 45);
            int i42 = (((((((i29 - i25) - (i33 << 6)) << 1) + i34) & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH) - (i38 << 3)) * 43691) >> 3;
            int i43 = i34 + i39;
            int i44 = (((i39 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH) + ((i35 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH) << 4)) * 36409) >> 1;
            int i45 = -(i35 + i44);
            int i46 = ((((i44 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH) * 30) - (i43 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH)) * 61167) >> 2;
            int i47 = i38 - i42;
            int i48 = i44 - i46;
            sArr3[i24] = (short) (sArr3[i24] + (i33 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH));
            int i49 = i24 + 64;
            sArr3[i49] = (short) (sArr3[i49] + (i46 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH));
            int i52 = i24 + 128;
            sArr3[i52] = (short) (sArr3[i52] + (i42 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH));
            int i53 = i24 + BERTags.PRIVATE;
            sArr3[i53] = (short) (sArr3[i53] + (i45 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH));
            int i54 = i24 + 256;
            sArr3[i54] = (short) (sArr3[i54] + (i47 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH));
            int i55 = i24 + DilithiumEngine.DilithiumPolyT1PackedBytes;
            sArr3[i55] = (short) (sArr3[i55] + (i48 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH));
            int i56 = i24 + KyberEngine.KyberPolyBytes;
            sArr3[i56] = (short) (sArr3[i56] + (i25 & Blake2xsDigest.UNKNOWN_DIGEST_LENGTH));
        }
    }

    public void GenMatrix(short[][][] sArr, byte[] bArr) {
        int saber_polyvecbytes = this.SABER_L * this.engine.getSABER_POLYVECBYTES();
        byte[] bArr2 = new byte[saber_polyvecbytes];
        SABEREngine sABEREngine = this.engine;
        sABEREngine.symmetric.prf(bArr2, bArr, sABEREngine.getSABER_SEEDBYTES(), saber_polyvecbytes);
        for (int i12 = 0; i12 < this.SABER_L; i12++) {
            this.utils.BS2POLVECq(bArr2, this.engine.getSABER_POLYVECBYTES() * i12, sArr[i12]);
        }
    }

    public void GenSecret(short[][] sArr, byte[] bArr) {
        int saber_polycoinbytes = this.SABER_L * this.engine.getSABER_POLYCOINBYTES();
        byte[] bArr2 = new byte[saber_polycoinbytes];
        SABEREngine sABEREngine = this.engine;
        sABEREngine.symmetric.prf(bArr2, bArr, sABEREngine.getSABER_NOISE_SEEDBYTES(), saber_polycoinbytes);
        for (int i12 = 0; i12 < this.SABER_L; i12++) {
            SABEREngine sABEREngine2 = this.engine;
            if (sABEREngine2.usingEffectiveMasking) {
                for (int i13 = 0; i13 < this.SABER_N / 4; i13++) {
                    int i14 = i13 * 4;
                    sArr[i12][i14] = (short) (((bArr2[(this.engine.getSABER_POLYCOINBYTES() * i12) + i13] & 3) ^ 2) - 2);
                    sArr[i12][i14 + 1] = (short) ((((bArr2[(this.engine.getSABER_POLYCOINBYTES() * i12) + i13] >>> 2) & 3) ^ 2) - 2);
                    sArr[i12][i14 + 2] = (short) ((((bArr2[(this.engine.getSABER_POLYCOINBYTES() * i12) + i13] >>> 4) & 3) ^ 2) - 2);
                    sArr[i12][i14 + 3] = (short) ((((bArr2[(this.engine.getSABER_POLYCOINBYTES() * i12) + i13] >>> 6) & 3) ^ 2) - 2);
                }
            } else {
                cbd(sArr[i12], bArr2, sABEREngine2.getSABER_POLYCOINBYTES() * i12);
            }
        }
    }

    public void InnerProd(short[][] sArr, short[][] sArr2, short[] sArr3) {
        for (int i12 = 0; i12 < this.SABER_L; i12++) {
            poly_mul_acc(sArr[i12], sArr2[i12], sArr3);
        }
    }

    public void MatrixVectorMul(short[][][] sArr, short[][] sArr2, short[][] sArr3, int i12) {
        for (int i13 = 0; i13 < this.SABER_L; i13++) {
            for (int i14 = 0; i14 < this.SABER_L; i14++) {
                if (i12 == 1) {
                    poly_mul_acc(sArr[i14][i13], sArr2[i14], sArr3[i13]);
                } else {
                    poly_mul_acc(sArr[i13][i14], sArr2[i14], sArr3[i13]);
                }
            }
        }
    }
}
