package sun.security.ec;

import java.math.BigInteger;
import java.security.ProviderException;
import java.security.SecureRandom;
import sun.security.util.math.ImmutableIntegerModuloP;
import sun.security.util.math.IntegerFieldModuloP;
import sun.security.util.math.IntegerModuloP;
import sun.security.util.math.MutableIntegerModuloP;
import sun.security.util.math.SmallValue;
import sun.security.util.math.intpoly.IntegerPolynomial25519;
import sun.security.util.math.intpoly.IntegerPolynomial448;

/* loaded from: input_file:com/kohlschutter/jdk/home/modules/jdk.crypto.ec/sun/security/ec/XECOperations.class */
public class XECOperations {
    private final XECParameters params;
    private final IntegerFieldModuloP field;
    private final ImmutableIntegerModuloP zero;
    private final ImmutableIntegerModuloP one;
    private final SmallValue a24;
    private final ImmutableIntegerModuloP basePoint;

    public XECOperations(XECParameters xECParameters) {
        this.params = xECParameters;
        this.field = getIntegerFieldModulo(this.params.getP());
        this.zero = this.field.getElement(BigInteger.ZERO).fixed();
        this.one = this.field.get1().fixed();
        this.a24 = this.field.getSmallValue(this.params.getA24());
        this.basePoint = this.field.getElement(BigInteger.valueOf(xECParameters.getBasePoint()));
    }

    public XECParameters getParameters() {
        return this.params;
    }

    public byte[] generatePrivate(SecureRandom secureRandom) {
        byte[] bArr = new byte[this.params.getBytes()];
        secureRandom.nextBytes(bArr);
        return bArr;
    }

    public BigInteger computePublic(byte[] bArr) {
        pruneK(bArr);
        return pointMultiply(bArr, this.basePoint).asBigInteger();
    }

    public byte[] encodedPointMultiply(byte[] bArr, BigInteger bigInteger) {
        pruneK(bArr);
        return pointMultiply(bArr, this.field.getElement(bigInteger)).asByteArray(this.params.getBytes());
    }

    public byte[] encodedPointMultiply(byte[] bArr, byte[] bArr2) {
        pruneK(bArr);
        return pointMultiply(bArr, decodeU(bArr2)).asByteArray(this.params.getBytes());
    }

    private ImmutableIntegerModuloP decodeU(byte[] bArr, int i) {
        maskHighOrder(bArr, i);
        return this.field.getElement(bArr);
    }

    private static byte maskHighOrder(byte[] bArr, int i) {
        int length = bArr.length - 1;
        byte b = (byte) (i % 8);
        byte b2 = b == 0 ? (byte) 8 : b;
        bArr[length] = (byte) (bArr[length] & ((byte) ((1 << b2) - 1)));
        return b2;
    }

    private static void pruneK(byte[] bArr, int i, int i2) {
        int length = bArr.length - 1;
        bArr[length] = (byte) (bArr[length] | ((byte) (1 << (maskHighOrder(bArr, i) - 1))));
        bArr[0] = (byte) (bArr[0] & ((byte) (255 << i2)));
    }

    private void pruneK(byte[] bArr) {
        pruneK(bArr, this.params.getBits(), this.params.getLogCofactor());
    }

    private ImmutableIntegerModuloP decodeU(byte[] bArr) {
        return decodeU(bArr, this.params.getBits());
    }

    private static void cswap(int i, MutableIntegerModuloP mutableIntegerModuloP, MutableIntegerModuloP mutableIntegerModuloP2) {
        mutableIntegerModuloP.conditionalSwapWith(mutableIntegerModuloP2, i);
    }

    private static IntegerFieldModuloP getIntegerFieldModulo(BigInteger bigInteger) {
        if (bigInteger.equals(IntegerPolynomial25519.MODULUS)) {
            return IntegerPolynomial25519.ONE;
        }
        if (bigInteger.equals(IntegerPolynomial448.MODULUS)) {
            return IntegerPolynomial448.ONE;
        }
        throw new ProviderException("Unsupported prime: " + bigInteger.toString());
    }

    private int bitAt(byte[] bArr, int i) {
        int i2 = i % 8;
        return (bArr[i / 8] & (1 << i2)) >> i2;
    }

    private IntegerModuloP pointMultiply(byte[] bArr, ImmutableIntegerModuloP immutableIntegerModuloP) {
        MutableIntegerModuloP mutable = this.one.mutable();
        MutableIntegerModuloP mutable2 = this.zero.mutable();
        MutableIntegerModuloP mutable3 = immutableIntegerModuloP.mutable();
        MutableIntegerModuloP mutable4 = this.one.mutable();
        int i = 0;
        MutableIntegerModuloP mutable5 = this.zero.mutable();
        MutableIntegerModuloP mutable6 = this.zero.mutable();
        MutableIntegerModuloP mutable7 = this.zero.mutable();
        MutableIntegerModuloP mutable8 = this.zero.mutable();
        for (int bits = this.params.getBits() - 1; bits >= 0; bits--) {
            int bitAt = bitAt(bArr, bits);
            int i2 = i ^ bitAt;
            cswap(i2, mutable, mutable3);
            cswap(i2, mutable2, mutable4);
            i = bitAt;
            mutable5.setValue(mutable).setSum(mutable2);
            mutable6.setValue(mutable3).setDifference(mutable4).setProduct(mutable5);
            mutable5.setSquare();
            mutable.setDifference(mutable2);
            mutable3.setSum(mutable4).setProduct(mutable);
            mutable.setSquare();
            mutable7.setValue(mutable5).setDifference(mutable);
            mutable8.setValue(mutable7);
            mutable8.setProduct(this.a24);
            mutable.setProduct(mutable5);
            mutable2.setValue(mutable5).setSum(mutable8).setProduct(mutable7);
            mutable4.setValue(mutable6).setDifference(mutable3).setSquare().setProduct(immutableIntegerModuloP);
            mutable3.setSum(mutable6).setSquare();
        }
        cswap(i, mutable, mutable3);
        cswap(i, mutable2, mutable4);
        return mutable.setProduct(mutable2.multiplicativeInverse());
    }
}
