package org.bouncycastle.crypto.engines;

import java.math.BigInteger;
import java.security.SecureRandom;
import org.bouncycastle.crypto.InvalidCipherTextException;
import p.b.b.InterfaceC1272j;
import p.b.b.c.I;
import p.b.b.f.ea;
import p.b.b.n.G;
import p.b.b.n.J;
import p.b.b.n.L;
import p.b.b.n.M;
import p.b.b.n.wa;
import p.b.b.s;
import p.b.h.a.AbstractC1545h;
import p.b.h.a.AbstractC1549l;
import p.b.h.a.InterfaceC1547j;
import p.b.h.a.n;
import p.b.j.a;
import p.b.j.b;
import p.b.j.k;
import p.b.j.m;

/* loaded from: classes2.dex */
public class SM2Engine {
    public J DJd;
    public boolean EAd;
    public int EJd;
    public G XNc;
    public final s digest;
    public final Mode mode;
    public SecureRandom random;

    /* loaded from: classes2.dex */
    public enum Mode {
        C1C2C3,
        C1C3C2
    }

    public SM2Engine() {
        this(new I());
    }

    public SM2Engine(Mode mode) {
        this(new I(), mode);
    }

    public SM2Engine(s sVar) {
        this(sVar, Mode.C1C2C3);
    }

    public SM2Engine(s sVar, Mode mode) {
        if (mode == null) {
            throw new IllegalArgumentException("mode cannot be NULL");
        }
        this.digest = sVar;
        this.mode = mode;
    }

    private void a(s sVar, AbstractC1545h abstractC1545h) {
        byte[] g2 = b.g(this.EJd, abstractC1545h.toBigInteger());
        sVar.update(g2, 0, g2.length);
    }

    private void b(byte[] bArr, byte[] bArr2, int i2, int i3) {
        for (int i4 = 0; i4 != i3; i4++) {
            int i5 = i2 + i4;
            bArr[i5] = (byte) (bArr[i5] ^ bArr2[i4]);
        }
    }

    private void c(s sVar, AbstractC1549l abstractC1549l, byte[] bArr) {
        k kVar;
        int tc = sVar.tc();
        byte[] bArr2 = new byte[Math.max(4, tc)];
        k kVar2 = null;
        if (sVar instanceof k) {
            a(sVar, abstractC1549l.yya());
            a(sVar, abstractC1549l.zya());
            kVar2 = (k) sVar;
            kVar = kVar2.copy();
        } else {
            kVar = null;
        }
        int i2 = 0;
        int i3 = 0;
        while (i2 < bArr.length) {
            if (kVar2 != null) {
                kVar2.a(kVar);
            } else {
                a(sVar, abstractC1549l.yya());
                a(sVar, abstractC1549l.zya());
            }
            i3++;
            m.c(i3, bArr2, 0);
            sVar.update(bArr2, 0, 4);
            sVar.doFinal(bArr2, 0);
            int min = Math.min(tc, bArr.length - i2);
            b(bArr, bArr2, i2, min);
            i2 += min;
        }
    }

    private byte[] e(byte[] bArr, int i2, int i3) {
        byte[] _g;
        AbstractC1549l normalize;
        byte[] bArr2 = new byte[i3];
        System.arraycopy(bArr, i2, bArr2, 0, bArr2.length);
        InterfaceC1547j oua = oua();
        do {
            BigInteger ga = ga();
            _g = oua.a(this.XNc.getG(), ga).normalize()._g(false);
            normalize = ((M) this.DJd).getQ().multiply(ga).normalize();
            c(this.digest, normalize, bArr2);
        } while (j(bArr2, bArr, i2));
        byte[] bArr3 = new byte[this.digest.tc()];
        a(this.digest, normalize.yya());
        this.digest.update(bArr, i2, i3);
        a(this.digest, normalize.zya());
        this.digest.doFinal(bArr3, 0);
        return ea.CJd[this.mode.ordinal()] != 1 ? a.h(_g, bArr2, bArr3) : a.h(_g, bArr3, bArr2);
    }

    private BigInteger ga() {
        int bitLength = this.XNc.MR().bitLength();
        while (true) {
            BigInteger d2 = b.d(bitLength, this.random);
            if (!d2.equals(b.ZERO) && d2.compareTo(this.XNc.MR()) < 0) {
                return d2;
            }
        }
    }

    private boolean j(byte[] bArr, byte[] bArr2, int i2) {
        for (int i3 = 0; i3 != bArr.length; i3++) {
            if (bArr[i3] != bArr2[i2 + i3]) {
                return false;
            }
        }
        return true;
    }

    private byte[] za(byte[] bArr, int i2, int i3) {
        int i4;
        byte[] bArr2 = new byte[(this.EJd * 2) + 1];
        System.arraycopy(bArr, i2, bArr2, 0, bArr2.length);
        AbstractC1549l qf = this.XNc.getCurve().qf(bArr2);
        if (qf.multiply(this.XNc.Lsa()).Jya()) {
            throw new InvalidCipherTextException("[h]C1 at infinity");
        }
        AbstractC1549l normalize = qf.multiply(((L) this.DJd).Kb()).normalize();
        int tc = this.digest.tc();
        byte[] bArr3 = new byte[(i3 - bArr2.length) - tc];
        if (this.mode == Mode.C1C3C2) {
            System.arraycopy(bArr, bArr2.length + i2 + tc, bArr3, 0, bArr3.length);
        } else {
            System.arraycopy(bArr, bArr2.length + i2, bArr3, 0, bArr3.length);
        }
        c(this.digest, normalize, bArr3);
        byte[] bArr4 = new byte[this.digest.tc()];
        a(this.digest, normalize.yya());
        this.digest.update(bArr3, 0, bArr3.length);
        a(this.digest, normalize.zya());
        this.digest.doFinal(bArr4, 0);
        if (this.mode == Mode.C1C3C2) {
            i4 = 0;
            for (int i5 = 0; i5 != bArr4.length; i5++) {
                i4 |= bArr4[i5] ^ bArr[(bArr2.length + i2) + i5];
            }
        } else {
            i4 = 0;
            for (int i6 = 0; i6 != bArr4.length; i6++) {
                i4 |= bArr4[i6] ^ bArr[((bArr2.length + i2) + bArr3.length) + i6];
            }
        }
        a.fill(bArr2, (byte) 0);
        a.fill(bArr4, (byte) 0);
        if (i4 == 0) {
            return bArr3;
        }
        a.fill(bArr3, (byte) 0);
        throw new InvalidCipherTextException("invalid cipher text");
    }

    public void a(boolean z, InterfaceC1272j interfaceC1272j) {
        this.EAd = z;
        if (z) {
            wa waVar = (wa) interfaceC1272j;
            this.DJd = (J) waVar.getParameters();
            this.XNc = this.DJd.getParameters();
            if (((M) this.DJd).getQ().multiply(this.XNc.Lsa()).Jya()) {
                throw new IllegalArgumentException("invalid key: [h]Q at infinity");
            }
            this.random = waVar.getRandom();
        } else {
            this.DJd = (J) interfaceC1272j;
            this.XNc = this.DJd.getParameters();
        }
        this.EJd = (this.XNc.getCurve().getFieldSize() + 7) / 8;
    }

    public byte[] f(byte[] bArr, int i2, int i3) {
        return this.EAd ? e(bArr, i2, i3) : za(bArr, i2, i3);
    }

    public int getOutputSize(int i2) {
        return (this.EJd * 2) + 1 + i2 + this.digest.tc();
    }

    public InterfaceC1547j oua() {
        return new n();
    }
}
