package com.google.crypto.tink.subtle;

import com.google.crypto.tink.config.internal.TinkFipsUtil;
import java.io.InputStream;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.nio.channels.ReadableByteChannel;
import java.nio.channels.SeekableByteChannel;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes6.dex */
public final class AesCtrHmacStreaming extends NonceBasedStreamingAead {
    public static final TinkFipsUtil.AlgorithmFipsCompatibility FIPS = TinkFipsUtil.AlgorithmFipsCompatibility.ALGORITHM_NOT_FIPS;
    private static final int HMAC_KEY_SIZE_IN_BYTES = 32;
    private static final int NONCE_PREFIX_IN_BYTES = 7;
    private static final int NONCE_SIZE_IN_BYTES = 16;

    /* renamed from: a, reason: collision with root package name */
    public final int f68544a;

    /* renamed from: b, reason: collision with root package name */
    public final String f68545b;

    /* renamed from: c, reason: collision with root package name */
    public final int f68546c;

    /* renamed from: d, reason: collision with root package name */
    public final int f68547d;

    /* renamed from: e, reason: collision with root package name */
    public final int f68548e;

    /* renamed from: f, reason: collision with root package name */
    public final int f68549f;

    /* renamed from: g, reason: collision with root package name */
    public final String f68550g;

    /* renamed from: h, reason: collision with root package name */
    public final byte[] f68551h;

    /* loaded from: classes6.dex */
    public class AesCtrHmacStreamDecrypter implements StreamSegmentDecrypter {
        static final /* synthetic */ boolean $assertionsDisabled = false;

        /* renamed from: a, reason: collision with root package name */
        public SecretKeySpec f68552a;

        /* renamed from: b, reason: collision with root package name */
        public SecretKeySpec f68553b;

        /* renamed from: c, reason: collision with root package name */
        public Cipher f68554c;

        /* renamed from: d, reason: collision with root package name */
        public Mac f68555d;

        /* renamed from: e, reason: collision with root package name */
        public byte[] f68556e;

        public AesCtrHmacStreamDecrypter() {
        }

        @Override // com.google.crypto.tink.subtle.StreamSegmentDecrypter
        public synchronized void a(ByteBuffer byteBuffer, byte[] bArr) {
            if (byteBuffer.remaining() != AesCtrHmacStreaming.this.g()) {
                throw new InvalidAlgorithmParameterException("Invalid header length");
            }
            if (byteBuffer.get() != AesCtrHmacStreaming.this.g()) {
                throw new GeneralSecurityException("Invalid ciphertext");
            }
            this.f68556e = new byte[7];
            byte[] bArr2 = new byte[AesCtrHmacStreaming.this.f68544a];
            byteBuffer.get(bArr2);
            byteBuffer.get(this.f68556e);
            byte[] k2 = AesCtrHmacStreaming.this.k(bArr2, bArr);
            this.f68552a = AesCtrHmacStreaming.this.l(k2);
            this.f68553b = AesCtrHmacStreaming.this.j(k2);
            this.f68554c = AesCtrHmacStreaming.access$000();
            this.f68555d = AesCtrHmacStreaming.this.m();
        }

        @Override // com.google.crypto.tink.subtle.StreamSegmentDecrypter
        public synchronized void b(ByteBuffer byteBuffer, int i2, boolean z, ByteBuffer byteBuffer2) {
            int position = byteBuffer.position();
            byte[] o2 = AesCtrHmacStreaming.this.o(this.f68556e, i2, z);
            int remaining = byteBuffer.remaining();
            if (remaining < AesCtrHmacStreaming.this.f68546c) {
                throw new GeneralSecurityException("Ciphertext too short");
            }
            int i3 = position + (remaining - AesCtrHmacStreaming.this.f68546c);
            ByteBuffer duplicate = byteBuffer.duplicate();
            duplicate.limit(i3);
            ByteBuffer duplicate2 = byteBuffer.duplicate();
            duplicate2.position(i3);
            this.f68555d.init(this.f68553b);
            this.f68555d.update(o2);
            this.f68555d.update(duplicate);
            byte[] copyOf = Arrays.copyOf(this.f68555d.doFinal(), AesCtrHmacStreaming.this.f68546c);
            byte[] bArr = new byte[AesCtrHmacStreaming.this.f68546c];
            duplicate2.get(bArr);
            if (!Bytes.equal(bArr, copyOf)) {
                throw new GeneralSecurityException("Tag mismatch");
            }
            byteBuffer.limit(i3);
            this.f68554c.init(1, this.f68552a, new IvParameterSpec(o2));
            this.f68554c.doFinal(byteBuffer, byteBuffer2);
        }
    }

    /* loaded from: classes6.dex */
    public class AesCtrHmacStreamEncrypter implements StreamSegmentEncrypter {

        /* renamed from: a, reason: collision with root package name */
        public final SecretKeySpec f68558a;

        /* renamed from: b, reason: collision with root package name */
        public final SecretKeySpec f68559b;

        /* renamed from: c, reason: collision with root package name */
        public final Cipher f68560c;

        /* renamed from: d, reason: collision with root package name */
        public final Mac f68561d;

        /* renamed from: e, reason: collision with root package name */
        public final byte[] f68562e;

        /* renamed from: f, reason: collision with root package name */
        public long f68563f;

        /* renamed from: g, reason: collision with root package name */
        public final /* synthetic */ AesCtrHmacStreaming f68564g;

        @Override // com.google.crypto.tink.subtle.StreamSegmentEncrypter
        public synchronized void a(ByteBuffer byteBuffer, boolean z, ByteBuffer byteBuffer2) {
            int position = byteBuffer2.position();
            byte[] o2 = this.f68564g.o(this.f68562e, this.f68563f, z);
            this.f68560c.init(1, this.f68558a, new IvParameterSpec(o2));
            this.f68563f++;
            this.f68560c.doFinal(byteBuffer, byteBuffer2);
            ByteBuffer duplicate = byteBuffer2.duplicate();
            duplicate.flip();
            duplicate.position(position);
            this.f68561d.init(this.f68559b);
            this.f68561d.update(o2);
            this.f68561d.update(duplicate);
            byteBuffer2.put(this.f68561d.doFinal(), 0, this.f68564g.f68546c);
        }

        @Override // com.google.crypto.tink.subtle.StreamSegmentEncrypter
        public synchronized void b(ByteBuffer byteBuffer, ByteBuffer byteBuffer2, boolean z, ByteBuffer byteBuffer3) {
            int position = byteBuffer3.position();
            byte[] o2 = this.f68564g.o(this.f68562e, this.f68563f, z);
            this.f68560c.init(1, this.f68558a, new IvParameterSpec(o2));
            this.f68563f++;
            this.f68560c.update(byteBuffer, byteBuffer3);
            this.f68560c.doFinal(byteBuffer2, byteBuffer3);
            ByteBuffer duplicate = byteBuffer3.duplicate();
            duplicate.flip();
            duplicate.position(position);
            this.f68561d.init(this.f68559b);
            this.f68561d.update(o2);
            this.f68561d.update(duplicate);
            byteBuffer3.put(this.f68561d.doFinal(), 0, this.f68564g.f68546c);
        }
    }

    public AesCtrHmacStreaming(byte[] bArr, String str, int i2, String str2, int i3, int i4, int i5) {
        if (!FIPS.a()) {
            throw new GeneralSecurityException("Can not use AES-CTR-HMAC streaming in FIPS-mode.");
        }
        validateParameters(bArr.length, i2, str2, i3, i4, i5);
        this.f68551h = Arrays.copyOf(bArr, bArr.length);
        this.f68550g = str;
        this.f68544a = i2;
        this.f68545b = str2;
        this.f68546c = i3;
        this.f68547d = i4;
        this.f68549f = i5;
        this.f68548e = i4 - i3;
    }

    public static /* synthetic */ Cipher access$000() {
        return cipherInstance();
    }

    private static Cipher cipherInstance() {
        return EngineFactory.CIPHER.a("AES/CTR/NoPadding");
    }

    private static void validateParameters(int i2, int i3, String str, int i4, int i5, int i6) {
        if (i2 < 16 || i2 < i3) {
            throw new InvalidAlgorithmParameterException("ikm too short, must be >= " + Math.max(16, i3));
        }
        Validators.validateAesKeySize(i3);
        if (i4 < 10) {
            throw new InvalidAlgorithmParameterException("tag size too small " + i4);
        }
        if ((str.equals("HmacSha1") && i4 > 20) || ((str.equals("HmacSha256") && i4 > 32) || (str.equals("HmacSha512") && i4 > 64))) {
            throw new InvalidAlgorithmParameterException("tag size too big");
        }
        if (((((i5 - i6) - i4) - i3) - 7) - 1 <= 0) {
            throw new InvalidAlgorithmParameterException("ciphertextSegmentSize too small");
        }
    }

    @Override // com.google.crypto.tink.subtle.NonceBasedStreamingAead, com.google.crypto.tink.StreamingAead
    public /* bridge */ /* synthetic */ ReadableByteChannel a(ReadableByteChannel readableByteChannel, byte[] bArr) {
        return super.a(readableByteChannel, bArr);
    }

    @Override // com.google.crypto.tink.subtle.NonceBasedStreamingAead, com.google.crypto.tink.StreamingAead
    public /* bridge */ /* synthetic */ SeekableByteChannel b(SeekableByteChannel seekableByteChannel, byte[] bArr) {
        return super.b(seekableByteChannel, bArr);
    }

    @Override // com.google.crypto.tink.subtle.NonceBasedStreamingAead, com.google.crypto.tink.StreamingAead
    public /* bridge */ /* synthetic */ InputStream c(InputStream inputStream, byte[] bArr) {
        return super.c(inputStream, bArr);
    }

    @Override // com.google.crypto.tink.subtle.NonceBasedStreamingAead
    public int d() {
        return g() + this.f68549f;
    }

    @Override // com.google.crypto.tink.subtle.NonceBasedStreamingAead
    public int e() {
        return this.f68546c;
    }

    @Override // com.google.crypto.tink.subtle.NonceBasedStreamingAead
    public int f() {
        return this.f68547d;
    }

    @Override // com.google.crypto.tink.subtle.NonceBasedStreamingAead
    public int g() {
        return this.f68544a + 1 + 7;
    }

    @Override // com.google.crypto.tink.subtle.NonceBasedStreamingAead
    public int h() {
        return this.f68548e;
    }

    public final SecretKeySpec j(byte[] bArr) {
        return new SecretKeySpec(bArr, this.f68544a, 32, this.f68545b);
    }

    public final byte[] k(byte[] bArr, byte[] bArr2) {
        return Hkdf.computeHkdf(this.f68550g, this.f68551h, bArr, bArr2, this.f68544a + 32);
    }

    public final SecretKeySpec l(byte[] bArr) {
        return new SecretKeySpec(bArr, 0, this.f68544a, "AES");
    }

    public final Mac m() {
        return EngineFactory.MAC.a(this.f68545b);
    }

    @Override // com.google.crypto.tink.subtle.NonceBasedStreamingAead
    /* renamed from: n, reason: merged with bridge method [inline-methods] */
    public AesCtrHmacStreamDecrypter i() {
        return new AesCtrHmacStreamDecrypter();
    }

    public final byte[] o(byte[] bArr, long j2, boolean z) {
        ByteBuffer allocate = ByteBuffer.allocate(16);
        allocate.order(ByteOrder.BIG_ENDIAN);
        allocate.put(bArr);
        SubtleUtil.putAsUnsigedInt(allocate, j2);
        allocate.put(z ? (byte) 1 : (byte) 0);
        allocate.putInt(0);
        return allocate.array();
    }

    public final byte[] p() {
        return Random.randBytes(this.f68544a);
    }

    public final byte[] randomNonce() {
        return Random.randBytes(7);
    }
}
