package com.google.crypto.tink.aead.subtle;

import androidx.activity.BackEventCompat$$ExternalSyntheticOutline0;
import com.airbnb.lottie.utils.Utils;
import com.google.crypto.tink.Aead;
import com.google.crypto.tink.internal.Util;
import com.google.crypto.tink.subtle.Bytes;
import com.google.crypto.tink.subtle.Hex;
import com.google.crypto.tink.subtle.Random;
import com.google.crypto.tink.subtle.Validators;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes3.dex */
public final class AesGcmSiv implements Aead {
    public final SecretKeySpec keySpec;
    public final byte[] outputPrefix;
    public static final byte[] TEST_PLAINTEXT = Hex.decode("7a806c");
    public static final byte[] TEST_AAD = Hex.decode("46bb91c3c5");
    public static final byte[] TEST_KEY = Hex.decode("36864200e0eaf5284d884a0e77d31646");
    public static final byte[] TEST_NOUNCE = Hex.decode("bae8e37fc83441b16034566b");
    public static final byte[] TEST_RESULT = Hex.decode("af60eb711bd85bc1e4d3e0a462e074eea428a8");
    public static final Utils.AnonymousClass1 localAesGcmSivCipher = new Utils.AnonymousClass1(16);

    public AesGcmSiv(byte[] bArr, byte[] bArr2) {
        this.outputPrefix = bArr2;
        Validators.validateAesKeySize(bArr.length);
        this.keySpec = new SecretKeySpec(bArr, "AES");
    }

    public static boolean access$000(Cipher cipher) {
        try {
            byte[] bArr = TEST_NOUNCE;
            cipher.init(2, new SecretKeySpec(TEST_KEY, "AES"), new GCMParameterSpec(128, bArr, 0, bArr.length));
            cipher.updateAAD(TEST_AAD);
            byte[] bArr2 = TEST_RESULT;
            return MessageDigest.isEqual(cipher.doFinal(bArr2, 0, bArr2.length), TEST_PLAINTEXT);
        } catch (GeneralSecurityException unused) {
            return false;
        }
    }

    @Override // com.google.crypto.tink.Aead
    public final byte[] decrypt(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = this.outputPrefix;
        if (bArr3.length == 0) {
            return rawDecrypt(bArr, bArr2);
        }
        if (Util.isPrefix(bArr3, bArr)) {
            return rawDecrypt(Arrays.copyOfRange(bArr, bArr3.length, bArr.length), bArr2);
        }
        throw new GeneralSecurityException("Decryption failed (OutputPrefix mismatch).");
    }

    @Override // com.google.crypto.tink.Aead
    public final byte[] encrypt(byte[] bArr, byte[] bArr2) {
        Cipher cipher = (Cipher) localAesGcmSivCipher.get();
        if (cipher == null) {
            throw new GeneralSecurityException("AES GCM SIV cipher is not available or is invalid.");
        }
        if (bArr.length > 2147483619) {
            throw new GeneralSecurityException("plaintext too long");
        }
        byte[] bArr3 = new byte[bArr.length + 28];
        byte[] randBytes = Random.randBytes(12);
        System.arraycopy(randBytes, 0, bArr3, 0, 12);
        cipher.init(1, this.keySpec, new GCMParameterSpec(128, randBytes, 0, randBytes.length));
        if (bArr2 != null && bArr2.length != 0) {
            cipher.updateAAD(bArr2);
        }
        int doFinal = cipher.doFinal(bArr, 0, bArr.length, bArr3, 12);
        if (doFinal != bArr.length + 16) {
            throw new GeneralSecurityException(BackEventCompat$$ExternalSyntheticOutline0.m(doFinal - bArr.length, "encryption failed; GCM tag must be 16 bytes, but got only ", " bytes"));
        }
        byte[] bArr4 = this.outputPrefix;
        return bArr4.length == 0 ? bArr3 : Bytes.concat(bArr4, bArr3);
    }

    public final byte[] rawDecrypt(byte[] bArr, byte[] bArr2) {
        Cipher cipher = (Cipher) localAesGcmSivCipher.get();
        if (cipher == null) {
            throw new GeneralSecurityException("AES GCM SIV cipher is not available or is invalid.");
        }
        if (bArr.length < 28) {
            throw new GeneralSecurityException("ciphertext too short");
        }
        cipher.init(2, this.keySpec, new GCMParameterSpec(128, bArr, 0, 12));
        if (bArr2 != null && bArr2.length != 0) {
            cipher.updateAAD(bArr2);
        }
        return cipher.doFinal(bArr, 12, bArr.length - 12);
    }
}
