package org.bouncycastle.pqc.crypto.sike;

import java.lang.reflect.Array;
import org.bouncycastle.crypto.CryptoServicePurpose;
import org.bouncycastle.crypto.CryptoServicesRegistrar;
import org.bouncycastle.crypto.EncapsulatedSecretExtractor;
import org.bouncycastle.crypto.constraints.DefaultServiceProperties;
import org.bouncycastle.crypto.digests.SHAKEDigest;
import org.bouncycastle.util.Arrays;

/* loaded from: classes4.dex */
public class SIKEKEMExtractor implements EncapsulatedSecretExtractor {
    public SIKEEngine engine;
    public SIKEPrivateKeyParameters key;

    public SIKEKEMExtractor(SIKEPrivateKeyParameters sIKEPrivateKeyParameters) {
        System.err.println("WARNING: the SIKE algorithm is only for research purposes, insecure");
        CryptoServicesRegistrar.checkConstraints(new DefaultServiceProperties("SIKEKEM", 0, sIKEPrivateKeyParameters, CryptoServicePurpose.DECRYPTION));
        this.key = sIKEPrivateKeyParameters;
        this.engine = sIKEPrivateKeyParameters.params.engine;
    }

    public final byte[] extractSecret(byte[] bArr) {
        SIKEEngine sIKEEngine;
        Internal internal;
        int i;
        SIKEEngine sIKEEngine2;
        long[] jArr;
        byte[] bArr2;
        SIKEEngine sIKEEngine3;
        Internal internal2;
        int i2;
        SIKEEngine sIKEEngine4;
        int i3 = this.engine.params.MSG_BYTES * 8;
        System.err.println("WARNING: the SIKE algorithm is only for research purposes, insecure");
        byte[] bArr3 = new byte[i3 / 8];
        SIKEEngine sIKEEngine5 = this.engine;
        byte[] clone = Arrays.clone(this.key.privateKey);
        if (!sIKEEngine5.isCompressed) {
            Internal internal3 = sIKEEngine5.params;
            byte[] bArr4 = new byte[internal3.SECRETKEY_A_BYTES];
            byte[] bArr5 = new byte[internal3.FP2_ENCODED_BYTES];
            int i4 = internal3.MSG_BYTES;
            byte[] bArr6 = new byte[i4];
            byte[] bArr7 = new byte[internal3.CRYPTO_PUBLICKEYBYTES];
            byte[] bArr8 = new byte[internal3.CRYPTO_CIPHERTEXTBYTES + i4];
            SIDH sidh = sIKEEngine5.sidh;
            PointProj pointProj = new PointProj(sidh.engine.params.NWORDS_FIELD);
            Internal internal4 = sidh.engine.params;
            PointProj[] pointProjArr = new PointProj[internal4.MAX_INT_POINTS_BOB];
            int[] iArr = {3, 2, internal4.NWORDS_FIELD};
            Class cls = Long.TYPE;
            long[][][] jArr2 = (long[][][]) Array.newInstance((Class<?>) cls, iArr);
            long[][][] jArr3 = (long[][][]) Array.newInstance((Class<?>) cls, 3, 2, sidh.engine.params.NWORDS_FIELD);
            long[][] jArr4 = (long[][]) Array.newInstance((Class<?>) cls, 2, sidh.engine.params.NWORDS_FIELD);
            long[][] jArr5 = (long[][]) Array.newInstance((Class<?>) cls, 2, sidh.engine.params.NWORDS_FIELD);
            long[][] jArr6 = (long[][]) Array.newInstance((Class<?>) cls, 2, sidh.engine.params.NWORDS_FIELD);
            long[][] jArr7 = (long[][]) Array.newInstance((Class<?>) cls, 2, sidh.engine.params.NWORDS_FIELD);
            SIKEEngine sIKEEngine6 = sidh.engine;
            Internal internal5 = sIKEEngine6.params;
            int[] iArr2 = new int[internal5.MAX_INT_POINTS_BOB];
            long[] jArr8 = new long[internal5.NWORDS_ORDER];
            sIKEEngine6.fpx.fp2_decode(0, bArr, jArr3[0]);
            SIKEEngine sIKEEngine7 = sidh.engine;
            sIKEEngine7.fpx.fp2_decode(sIKEEngine7.params.FP2_ENCODED_BYTES, bArr, jArr3[1]);
            SIKEEngine sIKEEngine8 = sidh.engine;
            sIKEEngine8.fpx.fp2_decode(sIKEEngine8.params.FP2_ENCODED_BYTES * 2, bArr, jArr3[2]);
            sidh.engine.isogeny.get_A(jArr3[0], jArr3[1], jArr3[2], jArr7);
            SIKEEngine sIKEEngine9 = sidh.engine;
            Fpx fpx = sIKEEngine9.fpx;
            Internal internal6 = sIKEEngine9.params;
            long[] jArr9 = internal6.Montgomery_one;
            long[] jArr10 = jArr6[0];
            int i5 = internal6.NWORDS_FIELD;
            fpx.getClass();
            Fpx.mp_add(jArr9, i5, jArr9, jArr10);
            sidh.engine.fpx.mp2_add(jArr7, jArr6, jArr5);
            sidh.engine.fpx.mp2_sub_p2(jArr7, jArr6, jArr6);
            SIKEEngine sIKEEngine10 = sidh.engine;
            Fpx fpx2 = sIKEEngine10.fpx;
            Internal internal7 = sIKEEngine10.params;
            int i6 = internal7.MSG_BYTES;
            int i7 = internal7.SECRETKEY_B_BYTES;
            int i8 = internal7.NWORDS_ORDER;
            fpx2.getClass();
            Fpx.decode_to_digits(i6, i7, i8, clone, jArr8);
            SIKEEngine sIKEEngine11 = sidh.engine;
            sIKEEngine11.isogeny.LADDER3PT(jArr3[0], jArr3[1], jArr3[2], jArr8, sIKEEngine11.params.BOB, pointProj, jArr7);
            int i9 = 1;
            int i10 = 0;
            int i11 = 0;
            int i12 = 0;
            while (true) {
                sIKEEngine = sidh.engine;
                if (i9 >= sIKEEngine.params.MAX_Bob) {
                    break;
                }
                while (true) {
                    sIKEEngine2 = sidh.engine;
                    Internal internal8 = sIKEEngine2.params;
                    if (i10 >= internal8.MAX_Bob - i9) {
                        break;
                    }
                    PointProj pointProj2 = new PointProj(internal8.NWORDS_FIELD);
                    pointProjArr[i12] = pointProj2;
                    sidh.engine.fpx.fp2copy(pointProj.X, pointProj2.X);
                    sidh.engine.fpx.fp2copy(pointProj.Z, pointProjArr[i12].Z);
                    int i13 = i12 + 1;
                    iArr2[i12] = i10;
                    SIKEEngine sIKEEngine12 = sidh.engine;
                    int i14 = i11 + 1;
                    int i15 = sIKEEngine12.params.strat_Bob[i11];
                    sIKEEngine12.isogeny.xTPLe(pointProj, pointProj, jArr6, jArr5, i15);
                    i10 += i15;
                    i12 = i13;
                    i11 = i14;
                }
                sIKEEngine2.isogeny.get_3_isog(pointProj, jArr6, jArr5, jArr2);
                for (int i16 = 0; i16 < i12; i16++) {
                    sidh.engine.isogeny.eval_3_isog(pointProjArr[i16], jArr2);
                }
                i12--;
                sidh.engine.fpx.fp2copy(pointProjArr[i12].X, pointProj.X);
                sidh.engine.fpx.fp2copy(pointProjArr[i12].Z, pointProj.Z);
                i10 = iArr2[i12];
                i9++;
            }
            sIKEEngine.isogeny.get_3_isog(pointProj, jArr6, jArr5, jArr2);
            sidh.engine.fpx.fp2add(jArr5, jArr6, jArr7);
            sidh.engine.fpx.fp2add(jArr7, jArr7, jArr7);
            sidh.engine.fpx.fp2sub(jArr5, jArr6, jArr5);
            sidh.engine.isogeny.j_inv(jArr7, jArr5, jArr4);
            sidh.engine.fpx.fp2_encode(0, bArr5, jArr4);
            SHAKEDigest sHAKEDigest = new SHAKEDigest(256);
            sHAKEDigest.absorb(bArr5, 0, sIKEEngine5.params.FP2_ENCODED_BYTES);
            sHAKEDigest.doFinal(bArr6, 0, sIKEEngine5.params.MSG_BYTES);
            int i17 = 0;
            while (true) {
                internal = sIKEEngine5.params;
                i = internal.MSG_BYTES;
                if (i17 >= i) {
                    break;
                }
                bArr8[i17] = (byte) (bArr[internal.CRYPTO_PUBLICKEYBYTES + i17] ^ bArr6[i17]);
                i17++;
            }
            System.arraycopy(clone, internal.SECRETKEY_B_BYTES + i, bArr8, i, internal.CRYPTO_PUBLICKEYBYTES);
            Internal internal9 = sIKEEngine5.params;
            sHAKEDigest.absorb(bArr8, 0, internal9.CRYPTO_PUBLICKEYBYTES + internal9.MSG_BYTES);
            sHAKEDigest.doFinal(bArr4, 0, sIKEEngine5.params.SECRETKEY_A_BYTES);
            Internal internal10 = sIKEEngine5.params;
            int i18 = internal10.SECRETKEY_A_BYTES - 1;
            bArr4[i18] = (byte) (internal10.MASK_ALICE & bArr4[i18]);
            sIKEEngine5.sidh.EphemeralKeyGeneration_A(bArr4, bArr7);
            Fpx fpx3 = sIKEEngine5.fpx;
            int i19 = sIKEEngine5.params.CRYPTO_PUBLICKEYBYTES;
            fpx3.getClass();
            byte b = 0;
            for (int i20 = 0; i20 < i19; i20++) {
                b = (byte) (b | (bArr7[i20] ^ bArr[i20]));
            }
            byte b2 = (byte) ((-b) >>> 7);
            Fpx fpx4 = sIKEEngine5.fpx;
            int i21 = sIKEEngine5.params.MSG_BYTES;
            fpx4.getClass();
            for (int i22 = 0; i22 < i21; i22++) {
                byte b3 = bArr8[i22];
                bArr8[i22] = (byte) (b3 ^ ((clone[i22] ^ b3) & b2));
            }
            Internal internal11 = sIKEEngine5.params;
            System.arraycopy(bArr, 0, bArr8, internal11.MSG_BYTES, internal11.CRYPTO_CIPHERTEXTBYTES);
            Internal internal12 = sIKEEngine5.params;
            sHAKEDigest.absorb(bArr8, 0, internal12.CRYPTO_CIPHERTEXTBYTES + internal12.MSG_BYTES);
            sHAKEDigest.doFinal(bArr3, 0, sIKEEngine5.params.CRYPTO_BYTES);
            return bArr3;
        }
        Internal internal13 = sIKEEngine5.params;
        byte[] bArr9 = new byte[internal13.SECRETKEY_B_BYTES];
        int i23 = internal13.FP2_ENCODED_BYTES;
        byte[] bArr10 = new byte[(i23 * 2) + i23 + internal13.SECRETKEY_A_BYTES];
        int i24 = internal13.MSG_BYTES;
        byte[] bArr11 = new byte[i24];
        byte[] bArr12 = new byte[internal13.CRYPTO_CIPHERTEXTBYTES + i24];
        SIDH_Compressed sIDH_Compressed = sIKEEngine5.sidhCompressed;
        Internal internal14 = sIDH_Compressed.engine.params;
        int[] iArr3 = new int[internal14.MAX_INT_POINTS_ALICE];
        int[] iArr4 = {2, internal14.NWORDS_FIELD};
        Class cls2 = Long.TYPE;
        long[][] jArr11 = (long[][]) Array.newInstance((Class<?>) cls2, iArr4);
        long[][] jArr12 = (long[][]) Array.newInstance((Class<?>) cls2, 2, sIDH_Compressed.engine.params.NWORDS_FIELD);
        PointProj pointProj3 = new PointProj(sIDH_Compressed.engine.params.NWORDS_FIELD);
        Internal internal15 = sIDH_Compressed.engine.params;
        PointProj[] pointProjArr2 = new PointProj[internal15.MAX_INT_POINTS_ALICE];
        long[][] jArr13 = (long[][]) Array.newInstance((Class<?>) cls2, 2, internal15.NWORDS_FIELD);
        long[][] jArr14 = (long[][]) Array.newInstance((Class<?>) cls2, 2, sIDH_Compressed.engine.params.NWORDS_FIELD);
        long[][] jArr15 = (long[][]) Array.newInstance((Class<?>) cls2, 2, sIDH_Compressed.engine.params.NWORDS_FIELD);
        long[][][] jArr16 = (long[][][]) Array.newInstance((Class<?>) cls2, 5, 2, sIDH_Compressed.engine.params.NWORDS_FIELD);
        Internal internal16 = sIDH_Compressed.engine.params;
        int i25 = internal16.FP2_ENCODED_BYTES;
        long[][][] jArr17 = jArr16;
        long[][] jArr18 = (long[][]) Array.newInstance((Class<?>) cls2, 2, internal16.NWORDS_FIELD);
        long[][] jArr19 = (long[][]) Array.newInstance((Class<?>) cls2, 2, sIDH_Compressed.engine.params.NWORDS_FIELD);
        Internal internal17 = sIDH_Compressed.engine.params;
        int i26 = internal17.NWORDS_ORDER;
        int i27 = i26 * 2;
        long[] jArr20 = new long[i27];
        long[] jArr21 = new long[i27];
        long[] jArr22 = new long[i26];
        long[] jArr23 = new long[i27];
        long[] jArr24 = new long[i26];
        long[] jArr25 = new long[i26];
        long[] jArr26 = new long[i26];
        long[] jArr27 = new long[i26];
        long[] jArr28 = new long[i26];
        PointProj[] pointProjArr3 = {new PointProj(internal17.NWORDS_FIELD), new PointProj(sIDH_Compressed.engine.params.NWORDS_FIELD), new PointProj(sIDH_Compressed.engine.params.NWORDS_FIELD)};
        SIKEEngine sIKEEngine13 = sIDH_Compressed.engine;
        Internal internal18 = sIKEEngine13.params;
        long j = (-1) >>> (internal18.MAXBITS_ORDER - internal18.OALICE_BITS);
        sIKEEngine13.fpx.fp2_decode(internal18.ORDER_A_ENCODED_BYTES * 4, bArr, jArr15);
        Internal internal19 = sIDH_Compressed.engine.params;
        int i28 = (internal19.ORDER_A_ENCODED_BYTES * 4) + internal19.FP2_ENCODED_BYTES;
        int i29 = bArr[i28] & 1;
        byte b4 = bArr[i28 + 1];
        long[][] jArr29 = (long[][]) Array.newInstance((Class<?>) cls2, 2, internal19.NWORDS_FIELD);
        long[][] jArr30 = (long[][]) Array.newInstance((Class<?>) cls2, 2, sIDH_Compressed.engine.params.NWORDS_FIELD);
        SIKEEngine sIKEEngine14 = sIDH_Compressed.engine;
        Internal internal20 = sIKEEngine14.params;
        long[][] jArr31 = i29 == 1 ? internal20.table_v_qnr : internal20.table_v_qr;
        if (b4 >= internal20.TABLE_V_LEN / 2) {
            b4 = 0;
        }
        sIKEEngine14.fpx.fp2mul_mont(jArr15, jArr31, b4 * 2, pointProjArr3[0].X);
        sIDH_Compressed.engine.fpx.fp2neg(pointProjArr3[0].X);
        sIDH_Compressed.engine.fpx.fp2add(pointProjArr3[0].X, jArr15, jArr30);
        sIDH_Compressed.engine.fpx.fp2mul_mont(pointProjArr3[0].X, jArr30, jArr30);
        SIKEEngine sIKEEngine15 = sIDH_Compressed.engine;
        Fpx fpx5 = sIKEEngine15.fpx;
        long[] jArr32 = jArr30[0];
        fpx5.fpaddPRIME(jArr32, sIKEEngine15.params.Montgomery_one, jArr32);
        sIDH_Compressed.engine.fpx.fp2mul_mont(pointProjArr3[0].X, jArr30, jArr30);
        if (i29 == 1) {
            SIKEEngine sIKEEngine16 = sIDH_Compressed.engine;
            sIKEEngine16.fpx.fpcopy(0, sIKEEngine16.params.table_r_qnr[b4], jArr29[0]);
        } else {
            SIKEEngine sIKEEngine17 = sIDH_Compressed.engine;
            sIKEEngine17.fpx.fpcopy(0, sIKEEngine17.params.table_r_qr[b4], jArr29[0]);
        }
        sIDH_Compressed.engine.fpx.fp2add(pointProjArr3[0].X, jArr15, pointProjArr3[1].X);
        sIDH_Compressed.engine.fpx.fp2neg(pointProjArr3[1].X);
        sIDH_Compressed.engine.fpx.fp2sub(pointProjArr3[0].X, pointProjArr3[1].X, pointProjArr3[2].Z);
        Fpx fpx6 = sIDH_Compressed.engine.fpx;
        long[][] jArr33 = pointProjArr3[2].Z;
        fpx6.fp2sqr_mont(jArr33, jArr33);
        sIDH_Compressed.engine.fpx.fpcopy(0, jArr29[0], jArr29[1]);
        SIKEEngine sIKEEngine18 = sIDH_Compressed.engine;
        Fpx fpx7 = sIKEEngine18.fpx;
        long[] jArr34 = sIKEEngine18.params.Montgomery_one;
        long[] jArr35 = jArr29[0];
        fpx7.fpaddPRIME(jArr34, jArr35, jArr35);
        sIDH_Compressed.engine.fpx.fp2sqr_mont(jArr29, jArr29);
        sIDH_Compressed.engine.fpx.fp2mul_mont(jArr30, jArr29, pointProjArr3[2].X);
        SIKEEngine sIKEEngine19 = sIDH_Compressed.engine;
        sIKEEngine19.fpx.fpcopy(0, sIKEEngine19.params.Montgomery_one, pointProjArr3[0].Z[0]);
        SIKEEngine sIKEEngine20 = sIDH_Compressed.engine;
        sIKEEngine20.fpx.fpcopy(0, sIKEEngine20.params.Montgomery_one, pointProjArr3[1].Z[0]);
        SIKEEngine sIKEEngine21 = sIDH_Compressed.engine;
        sIKEEngine21.fpx.fpaddPRIME(jArr15[0], sIKEEngine21.params.Montgomery_one, jArr18[0]);
        sIDH_Compressed.engine.fpx.fpcopy(0, jArr15[1], jArr18[1]);
        SIKEEngine sIKEEngine22 = sIDH_Compressed.engine;
        Fpx fpx8 = sIKEEngine22.fpx;
        long[] jArr36 = jArr18[0];
        fpx8.fpaddPRIME(jArr36, sIKEEngine22.params.Montgomery_one, jArr36);
        sIDH_Compressed.engine.fpx.fp2div2(jArr18, jArr18);
        sIDH_Compressed.engine.fpx.fp2div2(jArr18, jArr18);
        SIKEEngine sIKEEngine23 = sIDH_Compressed.engine;
        Fpx fpx9 = sIKEEngine23.fpx;
        Internal internal21 = sIKEEngine23.params;
        int i30 = internal21.SECRETKEY_A_BYTES;
        int i31 = internal21.NWORDS_ORDER;
        fpx9.getClass();
        Fpx.decode_to_digits(i24, i30, i31, clone, jArr24);
        SIKEEngine sIKEEngine24 = sIDH_Compressed.engine;
        Fpx fpx10 = sIKEEngine24.fpx;
        Internal internal22 = sIKEEngine24.params;
        int i32 = internal22.ORDER_A_ENCODED_BYTES;
        int i33 = internal22.NWORDS_ORDER;
        fpx10.getClass();
        Fpx.decode_to_digits(0, i32, i33, bArr, jArr25);
        SIKEEngine sIKEEngine25 = sIDH_Compressed.engine;
        Fpx fpx11 = sIKEEngine25.fpx;
        Internal internal23 = sIKEEngine25.params;
        int i34 = internal23.ORDER_A_ENCODED_BYTES;
        int i35 = internal23.NWORDS_ORDER;
        fpx11.getClass();
        Fpx.decode_to_digits(i34, i34, i35, bArr, jArr27);
        SIKEEngine sIKEEngine26 = sIDH_Compressed.engine;
        Fpx fpx12 = sIKEEngine26.fpx;
        Internal internal24 = sIKEEngine26.params;
        int i36 = internal24.ORDER_A_ENCODED_BYTES;
        int i37 = internal24.NWORDS_ORDER;
        fpx12.getClass();
        Fpx.decode_to_digits(i36 * 2, i36, i37, bArr, jArr26);
        SIKEEngine sIKEEngine27 = sIDH_Compressed.engine;
        Fpx fpx13 = sIKEEngine27.fpx;
        Internal internal25 = sIKEEngine27.params;
        int i38 = internal25.ORDER_A_ENCODED_BYTES;
        int i39 = internal25.NWORDS_ORDER;
        fpx13.getClass();
        Fpx.decode_to_digits(i38 * 3, i38, i39, bArr, jArr28);
        if ((jArr25[0] & 1) == 1) {
            SIKEEngine sIKEEngine28 = sIDH_Compressed.engine;
            Fpx fpx14 = sIKEEngine28.fpx;
            int i40 = sIKEEngine28.params.NWORDS_ORDER;
            fpx14.getClass();
            Fpx.multiply(jArr24, i40, jArr28, jArr20);
            SIKEEngine sIKEEngine29 = sIDH_Compressed.engine;
            Fpx fpx15 = sIKEEngine29.fpx;
            int i41 = sIKEEngine29.params.NWORDS_ORDER;
            fpx15.getClass();
            Fpx.mp_add(jArr20, i41, jArr27, jArr20);
            SIKEEngine sIKEEngine30 = sIDH_Compressed.engine;
            int i42 = sIKEEngine30.params.NWORDS_ORDER;
            int i43 = i42 - 1;
            jArr20[i43] = jArr20[i43] & j;
            sIKEEngine30.fpx.getClass();
            Fpx.multiply(jArr24, i42, jArr26, jArr21);
            SIKEEngine sIKEEngine31 = sIDH_Compressed.engine;
            Fpx fpx16 = sIKEEngine31.fpx;
            int i44 = sIKEEngine31.params.NWORDS_ORDER;
            fpx16.getClass();
            Fpx.mp_add(jArr21, i44, jArr25, jArr21);
            SIKEEngine sIKEEngine32 = sIDH_Compressed.engine;
            int i45 = sIKEEngine32.params.NWORDS_ORDER - 1;
            jArr21[i45] = jArr21[i45] & j;
            jArr = jArr22;
            sIKEEngine32.fpx.inv_mod_orderA(jArr21, jArr);
            SIKEEngine sIKEEngine33 = sIDH_Compressed.engine;
            Fpx fpx17 = sIKEEngine33.fpx;
            int i46 = sIKEEngine33.params.NWORDS_ORDER;
            fpx17.getClass();
            Fpx.multiply(jArr20, i46, jArr, jArr23);
            int i47 = sIDH_Compressed.engine.params.NWORDS_ORDER - 1;
            jArr23[i47] = jArr23[i47] & j;
            sIDH_Compressed.Ladder3pt_dual(pointProjArr3, jArr23, 0, pointProj3, jArr18);
            bArr2 = clone;
        } else {
            jArr = jArr22;
            SIKEEngine sIKEEngine34 = sIDH_Compressed.engine;
            bArr2 = clone;
            Fpx fpx18 = sIKEEngine34.fpx;
            int i48 = sIKEEngine34.params.NWORDS_ORDER;
            fpx18.getClass();
            Fpx.multiply(jArr24, i48, jArr26, jArr20);
            SIKEEngine sIKEEngine35 = sIDH_Compressed.engine;
            Fpx fpx19 = sIKEEngine35.fpx;
            int i49 = sIKEEngine35.params.NWORDS_ORDER;
            fpx19.getClass();
            Fpx.mp_add(jArr20, i49, jArr25, jArr20);
            SIKEEngine sIKEEngine36 = sIDH_Compressed.engine;
            int i50 = sIKEEngine36.params.NWORDS_ORDER;
            int i51 = i50 - 1;
            jArr20[i51] = jArr20[i51] & j;
            sIKEEngine36.fpx.getClass();
            Fpx.multiply(jArr24, i50, jArr28, jArr21);
            SIKEEngine sIKEEngine37 = sIDH_Compressed.engine;
            Fpx fpx20 = sIKEEngine37.fpx;
            int i52 = sIKEEngine37.params.NWORDS_ORDER;
            fpx20.getClass();
            Fpx.mp_add(jArr21, i52, jArr27, jArr21);
            SIKEEngine sIKEEngine38 = sIDH_Compressed.engine;
            int i53 = sIKEEngine38.params.NWORDS_ORDER - 1;
            jArr21[i53] = jArr21[i53] & j;
            sIKEEngine38.fpx.inv_mod_orderA(jArr21, jArr);
            SIKEEngine sIKEEngine39 = sIDH_Compressed.engine;
            Fpx fpx21 = sIKEEngine39.fpx;
            int i54 = sIKEEngine39.params.NWORDS_ORDER;
            fpx21.getClass();
            Fpx.multiply(jArr, i54, jArr20, jArr23);
            SIKEEngine sIKEEngine40 = sIDH_Compressed.engine;
            int i55 = sIKEEngine40.params.NWORDS_ORDER - 1;
            jArr23[i55] = jArr23[i55] & j;
            sIKEEngine40.isogeny.swap_points(pointProjArr3[0], pointProjArr3[1], -1L);
            sIDH_Compressed.engine.params.getClass();
            sIDH_Compressed.Ladder3pt_dual(pointProjArr3, jArr23, 0, pointProj3, jArr18);
        }
        sIDH_Compressed.engine.fpx.fp2div2(jArr15, jArr19);
        SIKEEngine sIKEEngine41 = sIDH_Compressed.engine;
        Isogeny isogeny = sIKEEngine41.isogeny;
        int i56 = sIKEEngine41.params.OBOB_EXPON;
        PointProj pointProj4 = new PointProj(isogeny.engine.params.NWORDS_FIELD);
        isogeny.engine.fpx.copy_words(pointProj3, pointProj4);
        int i57 = 0;
        while (i57 < i56) {
            int[] iArr5 = {2, isogeny.engine.params.NWORDS_FIELD};
            Class cls3 = Long.TYPE;
            long[][] jArr37 = (long[][]) Array.newInstance((Class<?>) cls3, iArr5);
            int i58 = i56;
            long[][] jArr38 = (long[][]) Array.newInstance((Class<?>) cls3, 2, isogeny.engine.params.NWORDS_FIELD);
            long[][] jArr39 = (long[][]) Array.newInstance((Class<?>) cls3, 2, isogeny.engine.params.NWORDS_FIELD);
            long[][] jArr40 = jArr15;
            long[][] jArr41 = (long[][]) Array.newInstance((Class<?>) cls3, 2, isogeny.engine.params.NWORDS_FIELD);
            isogeny.engine.fpx.fp2sqr_mont(pointProj4.X, jArr37);
            isogeny.engine.fpx.fp2sqr_mont(pointProj4.Z, jArr38);
            isogeny.engine.fpx.fp2add(jArr37, jArr38, jArr39);
            isogeny.engine.fpx.fp2add(pointProj4.X, pointProj4.Z, jArr41);
            isogeny.engine.fpx.fp2sqr_mont(jArr41, jArr41);
            isogeny.engine.fpx.fp2sub(jArr41, jArr39, jArr41);
            isogeny.engine.fpx.fp2mul_mont(jArr19, jArr41, jArr41);
            isogeny.engine.fpx.fp2add(jArr39, jArr41, jArr41);
            isogeny.engine.fpx.fp2sub(jArr37, jArr38, jArr39);
            isogeny.engine.fpx.fp2sqr_mont(jArr39, jArr39);
            isogeny.engine.fpx.fp2mul_mont(jArr37, jArr41, jArr37);
            Fpx fpx22 = isogeny.engine.fpx;
            fpx22.fp2copy(jArr37, jArr37);
            for (int i59 = 0; i59 < 2; i59++) {
                fpx22.fp2add(jArr37, jArr37, jArr37);
            }
            isogeny.engine.fpx.fp2sub(jArr37, jArr39, jArr37);
            isogeny.engine.fpx.fp2sqr_mont(jArr37, jArr37);
            isogeny.engine.fpx.fp2mul_mont(jArr38, jArr41, jArr38);
            Fpx fpx23 = isogeny.engine.fpx;
            fpx23.fp2copy(jArr38, jArr38);
            for (int i60 = 0; i60 < 2; i60++) {
                fpx23.fp2add(jArr38, jArr38, jArr38);
            }
            isogeny.engine.fpx.fp2sub(jArr38, jArr39, jArr38);
            isogeny.engine.fpx.fp2sqr_mont(jArr38, jArr38);
            Fpx fpx24 = isogeny.engine.fpx;
            long[][] jArr42 = pointProj4.X;
            fpx24.fp2mul_mont(jArr42, jArr38, jArr42);
            Fpx fpx25 = isogeny.engine.fpx;
            long[][] jArr43 = pointProj4.Z;
            fpx25.fp2mul_mont(jArr43, jArr37, jArr43);
            i57++;
            i56 = i58;
            jArr15 = jArr40;
        }
        isogeny.engine.fpx.copy_words(pointProj4, pointProj3);
        sIDH_Compressed.engine.fpx.fp2_encode(i25, bArr10, pointProj3.X);
        SIKEEngine sIKEEngine42 = sIDH_Compressed.engine;
        sIKEEngine42.fpx.fp2_encode(sIKEEngine42.params.FP2_ENCODED_BYTES + i25, bArr10, pointProj3.Z);
        SIKEEngine sIKEEngine43 = sIDH_Compressed.engine;
        Fpx fpx26 = sIKEEngine43.fpx;
        Internal internal26 = sIKEEngine43.params;
        int i61 = (internal26.FP2_ENCODED_BYTES * 2) + i25;
        int i62 = internal26.ORDER_A_ENCODED_BYTES;
        fpx26.getClass();
        Fpx.encode_to_bytes(i61, i62, bArr10, jArr);
        sIDH_Compressed.engine.fpx.fp2copy(jArr15, jArr14);
        SIKEEngine sIKEEngine44 = sIDH_Compressed.engine;
        Fpx fpx27 = sIKEEngine44.fpx;
        long[] jArr44 = sIKEEngine44.params.Montgomery_one;
        fpx27.fpaddPRIME(jArr44, jArr44, jArr12[0]);
        sIDH_Compressed.engine.fpx.fp2add(jArr14, jArr12, jArr11);
        Fpx fpx28 = sIDH_Compressed.engine.fpx;
        long[] jArr45 = jArr12[0];
        fpx28.fpaddPRIME(jArr45, jArr45, jArr45);
        Internal internal27 = sIDH_Compressed.engine.params;
        if (internal27.OALICE_BITS % 2 == 1) {
            PointProj pointProj5 = new PointProj(internal27.NWORDS_FIELD);
            sIDH_Compressed.engine.isogeny.xDBLe(pointProj3, pointProj5, jArr11, jArr12, r0.params.OALICE_BITS - 1);
            sIDH_Compressed.engine.isogeny.get_2_isog(pointProj5, jArr11, jArr12);
            sIDH_Compressed.engine.isogeny.eval_2_isog(pointProj3, pointProj5);
        }
        int i63 = 0;
        int i64 = 0;
        int i65 = 0;
        int i66 = 1;
        while (true) {
            sIKEEngine3 = sIDH_Compressed.engine;
            if (i66 >= sIKEEngine3.params.MAX_Alice) {
                break;
            }
            while (true) {
                sIKEEngine4 = sIDH_Compressed.engine;
                Internal internal28 = sIKEEngine4.params;
                if (i63 >= internal28.MAX_Alice - i66) {
                    break;
                }
                PointProj pointProj6 = new PointProj(internal28.NWORDS_FIELD);
                pointProjArr2[i65] = pointProj6;
                sIDH_Compressed.engine.fpx.fp2copy(pointProj3.X, pointProj6.X);
                sIDH_Compressed.engine.fpx.fp2copy(pointProj3.Z, pointProjArr2[i65].Z);
                int i67 = i65 + 1;
                iArr3[i65] = i63;
                SIKEEngine sIKEEngine45 = sIDH_Compressed.engine;
                int i68 = i64 + 1;
                int i69 = sIKEEngine45.params.strat_Alice[i64];
                sIKEEngine45.isogeny.xDBLe(pointProj3, pointProj3, jArr11, jArr12, i69 * 2);
                i63 += i69;
                i65 = i67;
                i64 = i68;
            }
            long[][][] jArr46 = jArr17;
            sIKEEngine4.isogeny.get_4_isog(pointProj3, jArr11, jArr12, jArr46);
            for (int i70 = 0; i70 < i65; i70++) {
                sIDH_Compressed.engine.isogeny.eval_4_isog(pointProjArr2[i70], jArr46);
            }
            i65--;
            sIDH_Compressed.engine.fpx.fp2copy(pointProjArr2[i65].X, pointProj3.X);
            sIDH_Compressed.engine.fpx.fp2copy(pointProjArr2[i65].Z, pointProj3.Z);
            i63 = iArr3[i65];
            i66++;
            jArr17 = jArr46;
        }
        sIKEEngine3.isogeny.get_4_isog(pointProj3, jArr11, jArr12, jArr17);
        sIDH_Compressed.engine.fpx.fp2add(jArr11, jArr11, jArr11);
        sIDH_Compressed.engine.fpx.fp2sub(jArr11, jArr12, jArr11);
        sIDH_Compressed.engine.fpx.fp2add(jArr11, jArr11, jArr11);
        sIDH_Compressed.engine.isogeny.j_inv(jArr11, jArr12, jArr13);
        sIDH_Compressed.engine.fpx.fp2_encode(0, bArr10, jArr13);
        SHAKEDigest sHAKEDigest2 = new SHAKEDigest(256);
        sHAKEDigest2.absorb(bArr10, 0, sIKEEngine5.params.FP2_ENCODED_BYTES);
        sHAKEDigest2.doFinal(bArr11, 0, sIKEEngine5.params.MSG_BYTES);
        int i71 = 0;
        while (true) {
            internal2 = sIKEEngine5.params;
            i2 = internal2.MSG_BYTES;
            if (i71 >= i2) {
                break;
            }
            bArr12[i71] = (byte) (bArr[internal2.PARTIALLY_COMPRESSED_CHUNK_CT + i71] ^ bArr11[i71]);
            i71++;
        }
        byte[] bArr13 = bArr2;
        System.arraycopy(bArr13, internal2.SECRETKEY_A_BYTES + i2, bArr12, i2, internal2.CRYPTO_PUBLICKEYBYTES);
        Internal internal29 = sIKEEngine5.params;
        sHAKEDigest2.absorb(bArr12, 0, internal29.CRYPTO_PUBLICKEYBYTES + internal29.MSG_BYTES);
        sHAKEDigest2.doFinal(bArr9, 0, sIKEEngine5.params.SECRETKEY_B_BYTES);
        sIKEEngine5.sidhCompressed.FormatPrivKey_B(bArr9);
        SIDH_Compressed sIDH_Compressed2 = sIKEEngine5.sidhCompressed;
        Internal internal30 = sIKEEngine5.params;
        byte validate_ciphertext = sIDH_Compressed2.validate_ciphertext(internal30.MSG_BYTES + internal30.SECRETKEY_A_BYTES + internal30.CRYPTO_PUBLICKEYBYTES, internal30.FP2_ENCODED_BYTES, bArr9, bArr, bArr13, bArr10);
        Fpx fpx29 = sIKEEngine5.fpx;
        int i72 = sIKEEngine5.params.MSG_BYTES;
        fpx29.getClass();
        for (int i73 = 0; i73 < i72; i73++) {
            byte b5 = bArr12[i73];
            bArr12[i73] = (byte) (b5 ^ ((bArr13[i73] ^ b5) & validate_ciphertext));
        }
        Internal internal31 = sIKEEngine5.params;
        System.arraycopy(bArr, 0, bArr12, internal31.MSG_BYTES, internal31.CRYPTO_CIPHERTEXTBYTES);
        Internal internal32 = sIKEEngine5.params;
        sHAKEDigest2.absorb(bArr12, 0, internal32.CRYPTO_CIPHERTEXTBYTES + internal32.MSG_BYTES);
        sHAKEDigest2.doFinal(bArr3, 0, sIKEEngine5.params.CRYPTO_BYTES);
        return bArr3;
    }

    public final int getEncapsulationLength() {
        return this.engine.params.CRYPTO_CIPHERTEXTBYTES;
    }
}
