package org.spongycastle.crypto.prng.drbg;

import org.spongycastle.crypto.BlockCipher;
import org.spongycastle.crypto.params.KeyParameter;
import org.spongycastle.crypto.prng.EntropySource;
import org.spongycastle.util.Arrays;
import org.spongycastle.util.encoders.Hex;

/* loaded from: classes8.dex */
public class CTRSP800DRBG implements SP80090DRBG {
    private static final int AES_MAX_BITS_REQUEST = 262144;
    private static final long AES_RESEED_MAX = 140737488355328L;
    private static final byte[] K_BITS = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
    private static final int TDEA_MAX_BITS_REQUEST = 4096;
    private static final long TDEA_RESEED_MAX = 2147483648L;
    private byte[] _Key;
    private byte[] _V;
    private BlockCipher _engine;
    private EntropySource _entropySource;
    private boolean _isTDEA;
    private int _keySizeInBits;
    private long _reseedCounter = 0;
    private int _securityStrength;
    private int _seedLength;

    public CTRSP800DRBG(BlockCipher blockCipher, int i19, int i29, EntropySource entropySource, byte[] bArr, byte[] bArr2) {
        this._isTDEA = false;
        this._entropySource = entropySource;
        this._engine = blockCipher;
        this._keySizeInBits = i19;
        this._securityStrength = i29;
        this._seedLength = (blockCipher.getBlockSize() * 8) + i19;
        this._isTDEA = isTDEA(blockCipher);
        if (i29 > 256) {
            throw new IllegalArgumentException("Requested security strength is not supported by the derivation function");
        }
        if (getMaxSecurityStrength(blockCipher, i19) < i29) {
            throw new IllegalArgumentException("Requested security strength is not supported by block cipher and key size");
        }
        if (entropySource.entropySize() < i29) {
            throw new IllegalArgumentException("Not enough entropy for security strength required");
        }
        CTR_DRBG_Instantiate_algorithm(getEntropy(), bArr2, bArr);
    }

    private void BCC(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) {
        int blockSize = this._engine.getBlockSize();
        byte[] bArr5 = new byte[blockSize];
        int length = bArr4.length / blockSize;
        byte[] bArr6 = new byte[blockSize];
        this._engine.init(true, new KeyParameter(expandKey(bArr2)));
        this._engine.processBlock(bArr3, 0, bArr5, 0);
        for (int i19 = 0; i19 < length; i19++) {
            XOR(bArr6, bArr5, bArr4, i19 * blockSize);
            this._engine.processBlock(bArr6, 0, bArr5, 0);
        }
        System.arraycopy(bArr5, 0, bArr, 0, bArr.length);
    }

    private byte[] Block_Cipher_df(byte[] bArr, int i19) {
        int blockSize = this._engine.getBlockSize();
        int length = bArr.length;
        int i29 = length + 8;
        byte[] bArr2 = new byte[((((i29 + 1) + blockSize) - 1) / blockSize) * blockSize];
        copyIntToByteArray(bArr2, length, 0);
        copyIntToByteArray(bArr2, i19 / 8, 4);
        System.arraycopy(bArr, 0, bArr2, 8, length);
        bArr2[i29] = Byte.MIN_VALUE;
        int i39 = this._keySizeInBits;
        int i49 = (i39 / 8) + blockSize;
        byte[] bArr3 = new byte[i49];
        byte[] bArr4 = new byte[blockSize];
        byte[] bArr5 = new byte[blockSize];
        int i59 = i39 / 8;
        byte[] bArr6 = new byte[i59];
        System.arraycopy(K_BITS, 0, bArr6, 0, i59);
        int i69 = 0;
        while (true) {
            int i78 = i69 * blockSize;
            if (i78 * 8 >= this._keySizeInBits + (blockSize * 8)) {
                break;
            }
            copyIntToByteArray(bArr5, i69, 0);
            BCC(bArr4, bArr6, bArr5, bArr2);
            int i79 = i49 - i78;
            if (i79 > blockSize) {
                i79 = blockSize;
            }
            System.arraycopy(bArr4, 0, bArr3, i78, i79);
            i69++;
        }
        byte[] bArr7 = new byte[blockSize];
        System.arraycopy(bArr3, 0, bArr6, 0, i59);
        System.arraycopy(bArr3, i59, bArr7, 0, blockSize);
        int i88 = i19 / 2;
        byte[] bArr8 = new byte[i88];
        this._engine.init(true, new KeyParameter(expandKey(bArr6)));
        int i89 = 0;
        while (true) {
            int i98 = i89 * blockSize;
            if (i98 >= i88) {
                return bArr8;
            }
            this._engine.processBlock(bArr7, 0, bArr7, 0);
            int i99 = i88 - i98;
            if (i99 > blockSize) {
                i99 = blockSize;
            }
            System.arraycopy(bArr7, 0, bArr8, i98, i99);
            i89++;
        }
    }

    private void CTR_DRBG_Instantiate_algorithm(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        byte[] Block_Cipher_df = Block_Cipher_df(Arrays.concatenate(bArr, bArr2, bArr3), this._seedLength);
        int blockSize = this._engine.getBlockSize();
        byte[] bArr4 = new byte[(this._keySizeInBits + 7) / 8];
        this._Key = bArr4;
        byte[] bArr5 = new byte[blockSize];
        this._V = bArr5;
        CTR_DRBG_Update(Block_Cipher_df, bArr4, bArr5);
        this._reseedCounter = 1L;
    }

    private void CTR_DRBG_Reseed_algorithm(byte[] bArr) {
        CTR_DRBG_Update(Block_Cipher_df(Arrays.concatenate(getEntropy(), bArr), this._seedLength), this._Key, this._V);
        this._reseedCounter = 1L;
    }

    private void CTR_DRBG_Update(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        int length = bArr.length;
        byte[] bArr4 = new byte[length];
        byte[] bArr5 = new byte[this._engine.getBlockSize()];
        int blockSize = this._engine.getBlockSize();
        this._engine.init(true, new KeyParameter(expandKey(bArr2)));
        int i19 = 0;
        while (true) {
            int i29 = i19 * blockSize;
            if (i29 >= bArr.length) {
                XOR(bArr4, bArr, bArr4, 0);
                System.arraycopy(bArr4, 0, bArr2, 0, bArr2.length);
                System.arraycopy(bArr4, bArr2.length, bArr3, 0, bArr3.length);
                return;
            } else {
                addOneTo(bArr3);
                this._engine.processBlock(bArr3, 0, bArr5, 0);
                int i39 = length - i29;
                if (i39 > blockSize) {
                    i39 = blockSize;
                }
                System.arraycopy(bArr5, 0, bArr4, i29, i39);
                i19++;
            }
        }
    }

    private void XOR(byte[] bArr, byte[] bArr2, byte[] bArr3, int i19) {
        for (int i29 = 0; i29 < bArr.length; i29++) {
            bArr[i29] = (byte) (bArr2[i29] ^ bArr3[i29 + i19]);
        }
    }

    private void addOneTo(byte[] bArr) {
        int i19 = 1;
        for (int i29 = 1; i29 <= bArr.length; i29++) {
            int i39 = (bArr[bArr.length - i29] & 255) + i19;
            i19 = i39 > 255 ? 1 : 0;
            bArr[bArr.length - i29] = (byte) i39;
        }
    }

    private void copyIntToByteArray(byte[] bArr, int i19, int i29) {
        bArr[i29 + 0] = (byte) (i19 >> 24);
        bArr[i29 + 1] = (byte) (i19 >> 16);
        bArr[i29 + 2] = (byte) (i19 >> 8);
        bArr[i29 + 3] = (byte) i19;
    }

    private byte[] getEntropy() {
        byte[] entropy = this._entropySource.getEntropy();
        if (entropy.length >= (this._securityStrength + 7) / 8) {
            return entropy;
        }
        throw new IllegalStateException("Insufficient entropy provided by entropy source");
    }

    private int getMaxSecurityStrength(BlockCipher blockCipher, int i19) {
        if (isTDEA(blockCipher) && i19 == 168) {
            return 112;
        }
        if (blockCipher.getAlgorithmName().equals("AES")) {
            return i19;
        }
        return -1;
    }

    private boolean isTDEA(BlockCipher blockCipher) {
        return blockCipher.getAlgorithmName().equals("DESede") || blockCipher.getAlgorithmName().equals("TDEA");
    }

    private void padKey(byte[] bArr, int i19, byte[] bArr2, int i29) {
        int i39 = i19 + 0;
        bArr2[i29 + 0] = (byte) (bArr[i39] & 254);
        int i49 = i19 + 1;
        bArr2[i29 + 1] = (byte) ((bArr[i39] << 7) | ((bArr[i49] & 252) >>> 1));
        int i59 = bArr[i49] << 6;
        int i69 = i19 + 2;
        bArr2[i29 + 2] = (byte) (i59 | ((bArr[i69] & 248) >>> 2));
        int i78 = bArr[i69] << 5;
        int i79 = i19 + 3;
        bArr2[i29 + 3] = (byte) (i78 | ((bArr[i79] & 240) >>> 3));
        int i88 = bArr[i79] << 4;
        int i89 = i19 + 4;
        bArr2[i29 + 4] = (byte) (i88 | ((bArr[i89] & 224) >>> 4));
        int i98 = bArr[i89] << 3;
        int i99 = i19 + 5;
        bArr2[i29 + 5] = (byte) (i98 | ((bArr[i99] & 192) >>> 5));
        int i100 = i19 + 6;
        bArr2[i29 + 6] = (byte) ((bArr[i99] << 2) | ((bArr[i100] & 128) >>> 6));
        int i101 = i29 + 7;
        bArr2[i101] = (byte) (bArr[i100] << 1);
        while (i29 <= i101) {
            byte b19 = bArr2[i29];
            bArr2[i29] = (byte) (((((b19 >> 7) ^ ((((((b19 >> 1) ^ (b19 >> 2)) ^ (b19 >> 3)) ^ (b19 >> 4)) ^ (b19 >> 5)) ^ (b19 >> 6))) ^ 1) & 1) | (b19 & 254));
            i29++;
        }
    }

    byte[] expandKey(byte[] bArr) {
        if (!this._isTDEA) {
            return bArr;
        }
        byte[] bArr2 = new byte[24];
        padKey(bArr, 0, bArr2, 0);
        padKey(bArr, 7, bArr2, 8);
        padKey(bArr, 14, bArr2, 16);
        return bArr2;
    }

    @Override // org.spongycastle.crypto.prng.drbg.SP80090DRBG
    public int generate(byte[] bArr, byte[] bArr2, boolean z19) {
        byte[] bArr3;
        if (this._isTDEA) {
            if (this._reseedCounter > TDEA_RESEED_MAX) {
                return -1;
            }
            if (Utils.isTooLarge(bArr, 512)) {
                throw new IllegalArgumentException("Number of bits per request limited to 4096");
            }
        } else {
            if (this._reseedCounter > AES_RESEED_MAX) {
                return -1;
            }
            if (Utils.isTooLarge(bArr, 32768)) {
                throw new IllegalArgumentException("Number of bits per request limited to 262144");
            }
        }
        if (z19) {
            CTR_DRBG_Reseed_algorithm(bArr2);
            bArr2 = null;
        }
        if (bArr2 != null) {
            bArr3 = Block_Cipher_df(bArr2, this._seedLength);
            CTR_DRBG_Update(bArr3, this._Key, this._V);
        } else {
            bArr3 = new byte[this._seedLength];
        }
        int length = this._V.length;
        byte[] bArr4 = new byte[length];
        this._engine.init(true, new KeyParameter(expandKey(this._Key)));
        for (int i19 = 0; i19 <= bArr.length / length; i19++) {
            int i29 = i19 * length;
            int length2 = bArr.length - i29 > length ? length : bArr.length - (this._V.length * i19);
            if (length2 != 0) {
                addOneTo(this._V);
                this._engine.processBlock(this._V, 0, bArr4, 0);
                System.arraycopy(bArr4, 0, bArr, i29, length2);
            }
        }
        CTR_DRBG_Update(bArr3, this._Key, this._V);
        this._reseedCounter++;
        return bArr.length * 8;
    }

    @Override // org.spongycastle.crypto.prng.drbg.SP80090DRBG
    public int getBlockSize() {
        return this._V.length * 8;
    }

    @Override // org.spongycastle.crypto.prng.drbg.SP80090DRBG
    public void reseed(byte[] bArr) {
        CTR_DRBG_Reseed_algorithm(bArr);
    }
}
