package org.bouncycastle.pqc.addon;

import java.io.IOException;
import java.security.SecureRandom;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.DestroyFailedException;
import org.bouncycastle.crypto.UpdateOutputStream;
import org.bouncycastle.crypto.fips.FipsOutputXOFCalculator;
import org.bouncycastle.crypto.fips.FipsSHS;
import org.bouncycastle.util.Arrays;

/* loaded from: input_file:org/bouncycastle/pqc/addon/PQCSecretKeyProcessor.class */
public class PQCSecretKeyProcessor implements SecretKeyProcessor {
    private final FipsOutputXOFCalculator xofOperator;

    /* loaded from: input_file:org/bouncycastle/pqc/addon/PQCSecretKeyProcessor$PartyUBuilder.class */
    public static class PartyUBuilder {
        private final AsymmetricCipherKeyPair aKp;
        private final EncapsulatedSecretExtractor extractor;
        private byte[] sharedInfo = null;

        public PartyUBuilder(KEMParameters kEMParameters, SecureRandom secureRandom) {
            if (kEMParameters instanceof CMCEParameters) {
                CMCEKeyPairGenerator cMCEKeyPairGenerator = new CMCEKeyPairGenerator();
                cMCEKeyPairGenerator.init(new CMCEKeyGenerationParameters(secureRandom, (CMCEParameters) kEMParameters));
                this.aKp = cMCEKeyPairGenerator.generateKeyPair();
                this.extractor = new CMCEKEMExtractor((CMCEPrivateKeyParameters) this.aKp.getPrivate());
                return;
            }
            FrodoKeyPairGenerator frodoKeyPairGenerator = new FrodoKeyPairGenerator();
            frodoKeyPairGenerator.init(new FrodoKeyGenerationParameters(secureRandom, (FrodoParameters) kEMParameters));
            this.aKp = frodoKeyPairGenerator.generateKeyPair();
            this.extractor = new FrodoKEMExtractor((FrodoPrivateKeyParameters) this.aKp.getPrivate());
        }

        public PartyUBuilder withSharedInfo(byte[] bArr) {
            this.sharedInfo = Arrays.clone(bArr);
            return this;
        }

        public byte[] getPartA() {
            Object obj = this.aKp.getPublic();
            return obj instanceof CMCEPublicKeyParameters ? ((CMCEPublicKeyParameters) obj).getEncoded() : ((FrodoPublicKeyParameters) obj).getEncoded();
        }

        public SecretKeyProcessor build(byte[] bArr) {
            return new PQCSecretKeyProcessor(this.extractor.extractSecret(bArr), this.sharedInfo);
        }
    }

    /* loaded from: input_file:org/bouncycastle/pqc/addon/PQCSecretKeyProcessor$PartyVBuilder.class */
    public static class PartyVBuilder {
        private final KEMParameters kemParameters;
        protected final SecureRandom random;
        private SecretWithEncapsulationImpl secretWithEncapsulation;
        private byte[] sharedInfo = null;
        private byte[] sharedSecret = null;
        private boolean used = false;

        public PartyVBuilder(KEMParameters kEMParameters, SecureRandom secureRandom) {
            this.kemParameters = kEMParameters;
            this.random = secureRandom;
        }

        public PartyVBuilder withSharedInfo(byte[] bArr) {
            this.sharedInfo = Arrays.clone(bArr);
            return this;
        }

        public byte[] getPartB(byte[] bArr) {
            if (this.kemParameters instanceof CMCEParameters) {
                this.secretWithEncapsulation = (SecretWithEncapsulationImpl) new CMCEKEMGenerator(this.random).generateEncapsulated(new CMCEPublicKeyParameters((CMCEParameters) this.kemParameters, bArr));
            } else {
                this.secretWithEncapsulation = (SecretWithEncapsulationImpl) new FrodoKEMGenerator(this.random).generateEncapsulated(new FrodoPublicKeyParameters((FrodoParameters) this.kemParameters, bArr));
            }
            return this.secretWithEncapsulation.getEncapsulation();
        }

        public SecretKeyProcessor build() {
            PQCSecretKeyProcessor pQCSecretKeyProcessor = new PQCSecretKeyProcessor(this.secretWithEncapsulation.getSecret(), this.sharedInfo);
            try {
                this.secretWithEncapsulation.destroy();
                return pQCSecretKeyProcessor;
            } catch (DestroyFailedException e) {
                throw new IllegalStateException("unable to clean up secret data: " + e.getMessage(), e);
            }
        }
    }

    private PQCSecretKeyProcessor(byte[] bArr, byte[] bArr2) {
        this.xofOperator = new FipsSHS.XOFOperatorFactory().createOutputXOFCalculator(FipsSHS.SHAKE256);
        try {
            UpdateOutputStream functionStream = this.xofOperator.getFunctionStream();
            functionStream.write(bArr);
            if (bArr2 != null) {
                functionStream.write(bArr2);
            }
            functionStream.close();
            Arrays.fill(bArr, (byte) 0);
        } catch (IOException e) {
            throw new IllegalStateException("unable to initialize XOF: " + e.getMessage(), e);
        }
    }

    @Override // org.bouncycastle.pqc.addon.SecretKeyProcessor
    public SecretKey processKey(SecretKey secretKey) {
        byte[] encoded = secretKey.getEncoded();
        byte[] functionOutput = this.xofOperator.getFunctionOutput(encoded.length);
        xor(encoded, functionOutput);
        Arrays.fill(functionOutput, (byte) 0);
        return new SecretKeySpec(encoded, secretKey.getAlgorithm());
    }

    private static void xor(byte[] bArr, byte[] bArr2) {
        for (int i = 0; i != bArr.length; i++) {
            int i2 = i;
            bArr[i2] = (byte) (bArr[i2] ^ bArr2[i]);
        }
    }
}
