package org.spongycastle.crypto.prng.drbg;

import org.spongycastle.crypto.Mac;
import org.spongycastle.crypto.params.KeyParameter;
import org.spongycastle.crypto.prng.EntropySource;
import org.spongycastle.util.Arrays;

/* loaded from: classes.dex */
public class HMacSP800DRBG implements SP80090DRBG {
    private EntropySource bBE;
    private int bBI;
    private byte[] bBK;
    private long bBL;
    private byte[] bCl;
    private Mac bCm;

    public HMacSP800DRBG(Mac mac, int i, EntropySource entropySource, byte[] bArr, byte[] bArr2) {
        if (i > Utils.a(mac)) {
            throw new IllegalArgumentException("Requested security strength is not supported by the derivation function");
        }
        if (entropySource.BN() < i) {
            throw new IllegalArgumentException("Not enough entropy for security strength required");
        }
        this.bBI = i;
        this.bBE = entropySource;
        this.bCm = mac;
        byte[] f = Arrays.f(BM(), bArr2, bArr);
        this.bCl = new byte[mac.zm()];
        this.bBK = new byte[this.bCl.length];
        Arrays.fill(this.bBK, (byte) 1);
        ai(f);
        this.bBL = 1L;
    }

    private byte[] BM() {
        byte[] BM = this.bBE.BM();
        if (BM.length < (this.bBI + 7) / 8) {
            throw new IllegalStateException("Insufficient entropy provided by entropy source");
        }
        return BM;
    }

    private void a(byte[] bArr, byte b) {
        this.bCm.a(new KeyParameter(this.bCl));
        this.bCm.update(this.bBK, 0, this.bBK.length);
        this.bCm.update(b);
        if (bArr != null) {
            this.bCm.update(bArr, 0, bArr.length);
        }
        this.bCm.doFinal(this.bCl, 0);
        this.bCm.a(new KeyParameter(this.bCl));
        this.bCm.update(this.bBK, 0, this.bBK.length);
        this.bCm.doFinal(this.bBK, 0);
    }

    private void ai(byte[] bArr) {
        a(bArr, (byte) 0);
        if (bArr != null) {
            a(bArr, (byte) 1);
        }
    }

    @Override // org.spongycastle.crypto.prng.drbg.SP80090DRBG
    public int a(byte[] bArr, byte[] bArr2, boolean z) {
        int length = bArr.length * 8;
        if (length > 262144) {
            throw new IllegalArgumentException("Number of bits per request limited to 262144");
        }
        if (this.bBL > 140737488355328L) {
            return -1;
        }
        if (z) {
            ag(bArr2);
            bArr2 = null;
        }
        if (bArr2 != null) {
            ai(bArr2);
        }
        byte[] bArr3 = new byte[bArr.length];
        int length2 = bArr.length / this.bBK.length;
        this.bCm.a(new KeyParameter(this.bCl));
        for (int i = 0; i < length2; i++) {
            this.bCm.update(this.bBK, 0, this.bBK.length);
            this.bCm.doFinal(this.bBK, 0);
            System.arraycopy(this.bBK, 0, bArr3, this.bBK.length * i, this.bBK.length);
        }
        if (this.bBK.length * length2 < bArr3.length) {
            this.bCm.update(this.bBK, 0, this.bBK.length);
            this.bCm.doFinal(this.bBK, 0);
            System.arraycopy(this.bBK, 0, bArr3, this.bBK.length * length2, bArr3.length - (length2 * this.bBK.length));
        }
        ai(bArr2);
        this.bBL++;
        System.arraycopy(bArr3, 0, bArr, 0, bArr.length);
        return length;
    }

    @Override // org.spongycastle.crypto.prng.drbg.SP80090DRBG
    public void ag(byte[] bArr) {
        ai(Arrays.H(BM(), bArr));
        this.bBL = 1L;
    }
}
