package org.bouncycastle.crypto.engines;

import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.CryptoServicesRegistrar;
import org.bouncycastle.crypto.constraints.DefaultServiceProperties;
import org.bouncycastle.crypto.engines.AsconBaseEngine;
import org.bouncycastle.crypto.params.AEADParameters;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.util.Pack;

/* loaded from: input_file:org/bouncycastle/crypto/engines/AsconAEAD128.class */
public class AsconAEAD128 extends AsconBaseEngine {
    public AsconAEAD128() {
        this.CRYPTO_KEYBYTES = 16;
        this.CRYPTO_ABYTES = 16;
        this.ASCON_AEAD_RATE = 16;
        this.ASCON_IV = 17594342703105L;
        this.algorithmName = "Ascon-AEAD128";
        this.nr = 8;
        this.m_bufferSizeDecrypt = this.ASCON_AEAD_RATE + this.CRYPTO_ABYTES;
        this.m_buf = new byte[this.m_bufferSizeDecrypt];
        this.dsep = Long.MIN_VALUE;
    }

    @Override // org.bouncycastle.crypto.engines.AsconBaseEngine
    protected long pad(int i) {
        return 1 << (i << 3);
    }

    @Override // org.bouncycastle.crypto.engines.AsconBaseEngine
    protected long loadBytes(byte[] bArr, int i) {
        return Pack.littleEndianToLong(bArr, i);
    }

    @Override // org.bouncycastle.crypto.engines.AsconBaseEngine
    protected void setBytes(long j, byte[] bArr, int i) {
        Pack.longToLittleEndian(j, bArr, i);
    }

    @Override // org.bouncycastle.crypto.engines.AsconBaseEngine
    protected void ascon_aeadinit() {
        this.x0 = this.ASCON_IV;
        this.x1 = this.K0;
        this.x2 = this.K1;
        this.x3 = this.N0;
        this.x4 = this.N1;
        p(12);
        this.x3 ^= this.K0;
        this.x4 ^= this.K1;
    }

    @Override // org.bouncycastle.crypto.engines.AsconBaseEngine
    protected void processFinalAadBlock() {
        if (this.m_bufPos < 8) {
            this.x0 ^= Pack.littleEndianToLong(this.m_buf, 0) ^ pad(this.m_bufPos);
        } else {
            this.x0 ^= Pack.littleEndianToLong(this.m_buf, 0);
            this.x1 ^= Pack.littleEndianToLong(this.m_buf, 8) ^ pad(this.m_bufPos);
        }
    }

    @Override // org.bouncycastle.crypto.engines.AsconBaseEngine
    protected void processFinalDecrypt(byte[] bArr, int i, byte[] bArr2, int i2) {
        if (i >= 8) {
            long littleEndianToLong = Pack.littleEndianToLong(bArr, 0);
            int i3 = i - 8;
            long littleEndianToLong2 = Pack.littleEndianToLong(bArr, 8, i3);
            Pack.longToLittleEndian(this.x0 ^ littleEndianToLong, bArr2, i2);
            Pack.longToLittleEndian(this.x1 ^ littleEndianToLong2, bArr2, i2 + 8, i3);
            this.x0 = littleEndianToLong;
            this.x1 &= -(1 << (i3 << 3));
            this.x1 |= littleEndianToLong2;
            this.x1 ^= pad(i3);
        } else {
            if (i != 0) {
                long littleEndianToLong3 = Pack.littleEndianToLong(bArr, 0, i);
                Pack.longToLittleEndian(this.x0 ^ littleEndianToLong3, bArr2, i2, i);
                this.x0 &= -(1 << (i << 3));
                this.x0 |= littleEndianToLong3;
            }
            this.x0 ^= pad(i);
        }
        finishData(DecFinal);
    }

    @Override // org.bouncycastle.crypto.engines.AsconBaseEngine
    protected void processFinalEncrypt(byte[] bArr, int i, byte[] bArr2, int i2) {
        if (i >= 8) {
            this.x0 ^= Pack.littleEndianToLong(bArr, 0);
            int i3 = i - 8;
            this.x1 ^= Pack.littleEndianToLong(bArr, 8, i3);
            Pack.longToLittleEndian(this.x0, bArr2, i2);
            Pack.longToLittleEndian(this.x1, bArr2, i2 + 8);
            this.x1 ^= pad(i3);
        } else {
            if (i != 0) {
                this.x0 ^= Pack.littleEndianToLong(bArr, 0, i);
                Pack.longToLittleEndian(this.x0, bArr2, i2, i);
            }
            this.x0 ^= pad(i);
        }
        finishData(EncFinal);
    }

    private void finishData(AsconBaseEngine.State state) {
        this.x2 ^= this.K0;
        this.x3 ^= this.K1;
        p(12);
        this.x3 ^= this.K0;
        this.x4 ^= this.K1;
        this.m_state = state;
    }

    @Override // org.bouncycastle.crypto.modes.AEADCipher
    public void init(boolean z, CipherParameters cipherParameters) throws IllegalArgumentException {
        KeyParameter keyParameter;
        byte[] iv;
        if (cipherParameters instanceof AEADParameters) {
            AEADParameters aEADParameters = (AEADParameters) cipherParameters;
            keyParameter = aEADParameters.getKey();
            iv = aEADParameters.getNonce();
            this.initialAssociatedText = aEADParameters.getAssociatedText();
            int macSize = aEADParameters.getMacSize();
            if (macSize != this.CRYPTO_ABYTES * 8) {
                throw new IllegalArgumentException(new StringBuffer().append("Invalid value for MAC size: ").append(macSize).toString());
            }
        } else {
            if (!(cipherParameters instanceof ParametersWithIV)) {
                throw new IllegalArgumentException("invalid parameters passed to Ascon");
            }
            ParametersWithIV parametersWithIV = (ParametersWithIV) cipherParameters;
            keyParameter = (KeyParameter) parametersWithIV.getParameters();
            iv = parametersWithIV.getIV();
            this.initialAssociatedText = null;
        }
        if (keyParameter == null) {
            throw new IllegalArgumentException("Ascon Init parameters must include a key");
        }
        if (iv == null || iv.length != this.CRYPTO_ABYTES) {
            throw new IllegalArgumentException(new StringBuffer().append("Ascon-AEAD-128 requires exactly ").append(this.CRYPTO_ABYTES).append(" bytes of IV").toString());
        }
        byte[] key = keyParameter.getKey();
        if (key.length != this.CRYPTO_KEYBYTES) {
            throw new IllegalArgumentException(new StringBuffer().append("Ascon-AEAD-128 key must be ").append(this.CRYPTO_KEYBYTES).append(" bytes long").toString());
        }
        CryptoServicesRegistrar.checkConstraints(new DefaultServiceProperties(getAlgorithmName(), 128, cipherParameters, Utils.getPurpose(z)));
        this.K0 = Pack.littleEndianToLong(key, 0);
        this.K1 = Pack.littleEndianToLong(key, 8);
        this.N0 = Pack.littleEndianToLong(iv, 0);
        this.N1 = Pack.littleEndianToLong(iv, 8);
        this.m_state = z ? EncInit : DecInit;
        reset(true);
    }

    @Override // org.bouncycastle.crypto.engines.AsconBaseEngine
    public String getAlgorithmVersion() {
        return "v1.3";
    }
}
