package com.google.crypto.tink.subtle;

import com.google.crypto.tink.AccessesPartialKey;
import com.google.crypto.tink.Aead;
import com.google.crypto.tink.SecretKeyAccess;
import com.google.crypto.tink.aead.AesGcmKey;
import com.google.crypto.tink.aead.internal.InsecureNonceAesGcmJce;
import com.google.crypto.tink.config.internal.TinkFipsUtil;
import com.google.crypto.tink.internal.Random;
import com.google.crypto.tink.internal.Util;
import com.google.errorprone.annotations.Immutable;
import java.security.GeneralSecurityException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

@Immutable
/* loaded from: classes2.dex */
public final class AesGcmJce implements Aead {
    public static final TinkFipsUtil.AlgorithmFipsCompatibility a = TinkFipsUtil.AlgorithmFipsCompatibility.ALGORITHM_REQUIRES_BORINGCRYPTO;
    private final SecretKey b;
    private final byte[] c;

    private AesGcmJce(byte[] bArr, com.google.crypto.tink.util.Bytes bytes) {
        if (!a.isCompatible()) {
            throw new GeneralSecurityException("Can not use AES-GCM in FIPS-mode, as BoringCrypto module is not available.");
        }
        Validators.a(bArr.length);
        this.b = new SecretKeySpec(bArr, "AES");
        this.c = bytes.a();
    }

    @AccessesPartialKey
    public static Aead a(AesGcmKey aesGcmKey) {
        if (aesGcmKey.a.b != 12) {
            throw new GeneralSecurityException("Expected IV Size 12, got " + aesGcmKey.a.b);
        }
        if (aesGcmKey.a.c == 16) {
            return new AesGcmJce(aesGcmKey.b.a(SecretKeyAccess.a), aesGcmKey.c);
        }
        throw new GeneralSecurityException("Expected tag Size 16, got " + aesGcmKey.a.c);
    }

    @Override // com.google.crypto.tink.Aead
    public final byte[] a(byte[] bArr, byte[] bArr2) {
        if (bArr == null) {
            throw new NullPointerException("plaintext is null");
        }
        byte[] a2 = Random.a(12);
        AlgorithmParameterSpec a3 = InsecureNonceAesGcmJce.a(a2);
        Cipher a4 = InsecureNonceAesGcmJce.a();
        a4.init(1, this.b, a3);
        if (bArr2 != null && bArr2.length != 0) {
            a4.updateAAD(bArr2);
        }
        int outputSize = a4.getOutputSize(bArr.length);
        byte[] bArr3 = this.c;
        if (outputSize > (Integer.MAX_VALUE - bArr3.length) - 12) {
            throw new GeneralSecurityException("plaintext too long");
        }
        byte[] copyOf = Arrays.copyOf(bArr3, bArr3.length + 12 + outputSize);
        System.arraycopy(a2, 0, copyOf, this.c.length, 12);
        if (a4.doFinal(bArr, 0, bArr.length, copyOf, this.c.length + 12) == outputSize) {
            return copyOf;
        }
        throw new GeneralSecurityException("not enough data written");
    }

    @Override // com.google.crypto.tink.Aead
    public final byte[] b(byte[] bArr, byte[] bArr2) {
        if (bArr == null) {
            throw new NullPointerException("ciphertext is null");
        }
        int length = bArr.length;
        byte[] bArr3 = this.c;
        if (length < bArr3.length + 12 + 16) {
            throw new GeneralSecurityException("ciphertext too short");
        }
        if (!Util.a(bArr3, bArr)) {
            throw new GeneralSecurityException("Decryption failed (OutputPrefix mismatch).");
        }
        byte[] bArr4 = new byte[12];
        System.arraycopy(bArr, this.c.length, bArr4, 0, 12);
        AlgorithmParameterSpec a2 = InsecureNonceAesGcmJce.a(bArr4);
        Cipher a3 = InsecureNonceAesGcmJce.a();
        a3.init(2, this.b, a2);
        if (bArr2 != null && bArr2.length != 0) {
            a3.updateAAD(bArr2);
        }
        byte[] bArr5 = this.c;
        return a3.doFinal(bArr, bArr5.length + 12, (bArr.length - bArr5.length) - 12);
    }
}
