package net.sf.ntru.encrypt;

import java.nio.ByteBuffer;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Random;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import net.sf.ntru.encrypt.EncryptionParameters;
import net.sf.ntru.exception.NtruException;
import net.sf.ntru.polynomial.DenseTernaryPolynomial;
import net.sf.ntru.polynomial.IntegerPolynomial;
import net.sf.ntru.polynomial.Polynomial;
import net.sf.ntru.polynomial.PolynomialGenerator;
import net.sf.ntru.polynomial.ProductFormPolynomial;
import net.sf.ntru.polynomial.SparseTernaryPolynomial;

/* loaded from: input_file:net/sf/ntru/encrypt/NtruEncrypt.class */
public class NtruEncrypt {
    private EncryptionParameters params;

    public NtruEncrypt(EncryptionParameters encryptionParameters) {
        this.params = encryptionParameters;
    }

    public EncryptionKeyPair generateKeyPair() {
        return generateKeyPair((Random) new SecureRandom(), true);
    }

    public EncryptionKeyPair generateKeyPairSingleThread() {
        return generateKeyPair((Random) new SecureRandom(), false);
    }

    public EncryptionKeyPair generateKeyPair(char[] cArr, byte[] bArr) {
        PassphraseBasedPRNG passphraseBasedPRNG = new PassphraseBasedPRNG(cArr, bArr);
        return generateKeyPair(passphraseBasedPRNG, passphraseBasedPRNG.createBranch(), true);
    }

    public EncryptionKeyPair generateKeyPairSingleThread(char[] cArr, byte[] bArr) {
        return generateKeyPair((Random) new PassphraseBasedPRNG(cArr, bArr), false);
    }

    public byte[] generateSalt() {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    private EncryptionKeyPair generateKeyPair(Random random, boolean z) {
        return generateKeyPair(random, random, z);
    }

    private EncryptionKeyPair generateKeyPair(Random random, final Random random2, boolean z) {
        Polynomial generateRandomTernary;
        IntegerPolynomial integerPolynomial;
        IntegerPolynomial invertFq;
        int i = this.params.N;
        int i2 = this.params.q;
        int i3 = this.params.df;
        int i4 = this.params.df1;
        int i5 = this.params.df2;
        int i6 = this.params.df3;
        boolean z2 = this.params.fastFp;
        boolean z3 = this.params.sparse;
        EncryptionParameters.TernaryPolynomialType ternaryPolynomialType = this.params.polyType;
        IntegerPolynomial integerPolynomial2 = null;
        Future future = null;
        IntegerPolynomial integerPolynomial3 = null;
        if (!z || Runtime.getRuntime().availableProcessors() <= 1) {
            integerPolynomial3 = generateG(random2);
        } else {
            Callable<IntegerPolynomial> callable = new Callable<IntegerPolynomial>() { // from class: net.sf.ntru.encrypt.NtruEncrypt.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.util.concurrent.Callable
                public IntegerPolynomial call() {
                    return NtruEncrypt.this.generateG(random2);
                }
            };
            ExecutorService newSingleThreadExecutor = Executors.newSingleThreadExecutor();
            future = newSingleThreadExecutor.submit(callable);
            newSingleThreadExecutor.shutdown();
        }
        while (true) {
            if (z2) {
                generateRandomTernary = ternaryPolynomialType == EncryptionParameters.TernaryPolynomialType.SIMPLE ? PolynomialGenerator.generateRandomTernary(i, i3, i3, z3, random) : ProductFormPolynomial.generateRandom(i, i4, i5, i6, i6, random);
                integerPolynomial = generateRandomTernary.toIntegerPolynomial();
                integerPolynomial.mult(3);
                int[] iArr = integerPolynomial.coeffs;
                iArr[0] = iArr[0] + 1;
            } else {
                generateRandomTernary = ternaryPolynomialType == EncryptionParameters.TernaryPolynomialType.SIMPLE ? PolynomialGenerator.generateRandomTernary(i, i3, i3 - 1, z3, random) : ProductFormPolynomial.generateRandom(i, i4, i5, i6, i6 - 1, random);
                integerPolynomial = generateRandomTernary.toIntegerPolynomial();
                integerPolynomial2 = integerPolynomial.invertF3();
                if (integerPolynomial2 == null) {
                    continue;
                }
            }
            invertFq = integerPolynomial.invertFq(i2);
            if (invertFq != null) {
                break;
            }
        }
        if (z2) {
            integerPolynomial2 = new IntegerPolynomial(i);
            integerPolynomial2.coeffs[0] = 1;
        }
        if (integerPolynomial3 == null) {
            try {
                integerPolynomial3 = (IntegerPolynomial) future.get();
            } catch (Exception e) {
                throw new NtruException(e);
            }
        }
        IntegerPolynomial mult = integerPolynomial3.mult(invertFq, i2);
        mult.mult3(i2);
        mult.ensurePositive(i2);
        integerPolynomial3.clear();
        invertFq.clear();
        return new EncryptionKeyPair(new EncryptionPrivateKey(generateRandomTernary, integerPolynomial2, i, i2, z3, z2, ternaryPolynomialType), new EncryptionPublicKey(mult, i, i2));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public IntegerPolynomial generateG(Random random) {
        DenseTernaryPolynomial generateRandom;
        int i = this.params.N;
        int i2 = this.params.dg;
        do {
            generateRandom = DenseTernaryPolynomial.generateRandom(i, i2, i2 - 1, random);
        } while (!generateRandom.isInvertiblePow2());
        return generateRandom;
    }

    public byte[] encrypt(byte[] bArr, EncryptionPublicKey encryptionPublicKey) {
        IntegerPolynomial integerPolynomial = encryptionPublicKey.h;
        int i = this.params.N;
        int i2 = this.params.q;
        int i3 = this.params.maxMsgLenBytes;
        int i4 = this.params.db;
        int i5 = this.params.bufferLenBits;
        int i6 = this.params.dm0;
        int i7 = this.params.maxM1;
        int i8 = this.params.minCallsMask;
        boolean z = this.params.hashSeed;
        int length = bArr.length;
        if (i3 > 255) {
            throw new NtruException("llen values bigger than 1 are not supported");
        }
        if (length > i3) {
            throw new NtruException("Message too long: " + length + ">" + i3);
        }
        SecureRandom secureRandom = new SecureRandom();
        while (true) {
            byte[] bArr2 = new byte[i4 / 8];
            secureRandom.nextBytes(bArr2);
            byte[] bArr3 = new byte[(i3 + 1) - length];
            ByteBuffer allocate = ByteBuffer.allocate((i5 + 7) / 8);
            allocate.put(bArr2);
            allocate.put((byte) length);
            allocate.put(bArr);
            allocate.put(bArr3);
            IntegerPolynomial fromBinary3Sves = IntegerPolynomial.fromBinary3Sves(allocate.array(), i, i7 > 0);
            IntegerPolynomial mult = generateBlindingPoly(getSeed(bArr, integerPolynomial, bArr2)).mult(integerPolynomial, i2);
            fromBinary3Sves.add(MGF(mult.toBinary4(), i, i8, z));
            if (i7 > 0) {
                if (fromBinary3Sves.sumCoeffs() > i7) {
                    continue;
                } else {
                    fromBinary3Sves.coeffs[0] = 0;
                }
            }
            fromBinary3Sves.mod3();
            if (fromBinary3Sves.count(-1) >= i6 && fromBinary3Sves.count(0) >= i6 && fromBinary3Sves.count(1) >= i6) {
                mult.add(fromBinary3Sves, i2);
                mult.ensurePositive(i2);
                return mult.toBinary(i2);
            }
        }
    }

    private byte[] getSeed(byte[] bArr, IntegerPolynomial integerPolynomial, byte[] bArr2) {
        byte[] bArr3 = this.params.oid;
        byte[] binaryTrunc = integerPolynomial.toBinaryTrunc(this.params.q, this.params.pkLen / 8);
        byte[] bArr4 = new byte[bArr3.length + bArr.length + bArr2.length + binaryTrunc.length];
        System.arraycopy(bArr3, 0, bArr4, 0, bArr3.length);
        int length = bArr3.length;
        System.arraycopy(bArr, 0, bArr4, length, bArr.length);
        int length2 = length + bArr.length;
        System.arraycopy(bArr2, 0, bArr4, length2, bArr2.length);
        System.arraycopy(binaryTrunc, 0, bArr4, length2 + bArr2.length, binaryTrunc.length);
        return bArr4;
    }

    private Polynomial generateBlindingPoly(byte[] bArr) {
        int i = this.params.N;
        IndexGenerator indexGenerator = new IndexGenerator(bArr, this.params);
        return this.params.polyType == EncryptionParameters.TernaryPolynomialType.PRODUCT ? new ProductFormPolynomial(SparseTernaryPolynomial.generateBlindingPoly(indexGenerator, i, this.params.dr1), SparseTernaryPolynomial.generateBlindingPoly(indexGenerator, i, this.params.dr2), SparseTernaryPolynomial.generateBlindingPoly(indexGenerator, i, this.params.dr3)) : this.params.sparse ? SparseTernaryPolynomial.generateBlindingPoly(indexGenerator, i, this.params.dr) : DenseTernaryPolynomial.generateBlindingPoly(indexGenerator, i, this.params.dr);
    }

    private IntegerPolynomial MGF(byte[] bArr, int i, int i2, boolean z) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(this.params.hashAlg);
            int digestLength = messageDigest.getDigestLength();
            ByteBuffer allocate = ByteBuffer.allocate(i2 * digestLength);
            byte[] digest = z ? messageDigest.digest(bArr) : bArr;
            int i3 = 0;
            while (i3 < i2) {
                ByteBuffer allocate2 = ByteBuffer.allocate(digest.length + 4);
                allocate2.put(digest);
                allocate2.putInt(i3);
                allocate.put(messageDigest.digest(allocate2.array()));
                i3++;
            }
            IntegerPolynomial integerPolynomial = new IntegerPolynomial(i);
            while (true) {
                int i4 = 0;
                for (byte b : allocate.array()) {
                    int i5 = b & 255;
                    if (i5 < 243) {
                        for (int i6 = 0; i6 < 4; i6++) {
                            int i7 = i5 % 3;
                            integerPolynomial.coeffs[i4] = i7 == 2 ? -1 : i7;
                            i4++;
                            if (i4 == i) {
                                return integerPolynomial;
                            }
                            i5 = (i5 - i7) / 3;
                        }
                        integerPolynomial.coeffs[i4] = i5 == 2 ? -1 : i5;
                        i4++;
                        if (i4 == i) {
                            return integerPolynomial;
                        }
                    }
                }
                if (i4 >= i) {
                    return integerPolynomial;
                }
                allocate = ByteBuffer.allocate(digestLength);
                ByteBuffer allocate3 = ByteBuffer.allocate(digest.length + 4);
                allocate3.put(digest);
                allocate3.putInt(i3);
                allocate.put(messageDigest.digest(allocate3.array()));
                i3++;
            }
        } catch (NoSuchAlgorithmException e) {
            throw new NtruException(e);
        }
    }

    public byte[] decrypt(byte[] bArr, EncryptionKeyPair encryptionKeyPair) {
        Polynomial polynomial = encryptionKeyPair.priv.t;
        IntegerPolynomial integerPolynomial = encryptionKeyPair.priv.fp;
        IntegerPolynomial integerPolynomial2 = encryptionKeyPair.pub.h;
        int i = this.params.N;
        int i2 = this.params.q;
        int i3 = this.params.db;
        int i4 = this.params.maxMsgLenBytes;
        int i5 = this.params.dm0;
        int i6 = this.params.maxM1;
        int i7 = this.params.minCallsMask;
        boolean z = this.params.hashSeed;
        if (i4 > 255) {
            throw new NtruException("maxMsgLenBytes values bigger than 255 are not supported");
        }
        int i8 = i3 / 8;
        IntegerPolynomial fromBinary = IntegerPolynomial.fromBinary(bArr, i, i2);
        IntegerPolynomial decrypt = decrypt(fromBinary, polynomial, integerPolynomial);
        if (decrypt.count(-1) < i5) {
            throw new NtruException("Less than dm0 coefficients equal -1");
        }
        if (decrypt.count(0) < i5) {
            throw new NtruException("Less than dm0 coefficients equal 0");
        }
        if (decrypt.count(1) < i5) {
            throw new NtruException("Less than dm0 coefficients equal 1");
        }
        fromBinary.sub(decrypt);
        fromBinary.modPositive(i2);
        decrypt.sub(MGF(fromBinary.toBinary4(), i, i7, z));
        decrypt.mod3();
        ByteBuffer wrap = ByteBuffer.wrap(decrypt.toBinary3Sves(i6 > 0));
        byte[] bArr2 = new byte[i8];
        wrap.get(bArr2);
        int i9 = wrap.get() & 255;
        if (i9 > i4) {
            throw new NtruException("Message too long: " + i9 + ">" + i4);
        }
        byte[] bArr3 = new byte[i9];
        wrap.get(bArr3);
        byte[] bArr4 = new byte[wrap.remaining()];
        wrap.get(bArr4);
        if (!Arrays.equals(bArr4, new byte[bArr4.length])) {
            throw new NtruException("The message is not followed by zeroes");
        }
        IntegerPolynomial mult = generateBlindingPoly(getSeed(bArr3, integerPolynomial2, bArr2)).mult(integerPolynomial2);
        mult.modPositive(i2);
        if (mult.equals(fromBinary)) {
            return bArr3;
        }
        throw new NtruException("Invalid message encoding");
    }

    IntegerPolynomial decrypt(IntegerPolynomial integerPolynomial, Polynomial polynomial, IntegerPolynomial integerPolynomial2) {
        IntegerPolynomial mult;
        int i = this.params.q;
        if (this.params.fastFp) {
            mult = polynomial.mult(integerPolynomial, i);
            mult.mult(3);
            mult.add(integerPolynomial);
        } else {
            mult = polynomial.mult(integerPolynomial, i);
        }
        mult.center0(i);
        mult.mod3();
        IntegerPolynomial mult2 = this.params.fastFp ? mult : new DenseTernaryPolynomial(mult).mult(integerPolynomial2, 3);
        mult2.center0(3);
        return mult2;
    }
}
