package com.google.crypto.tink.subtle;

import com.google.crypto.tink.config.internal.TinkFipsUtil;
import defpackage.c;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.MessageDigest;
import java.util.Arrays;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import k.d;

/* loaded from: classes2.dex */
public final class AesCtrHmacStreaming extends NonceBasedStreamingAead {

    /* renamed from: a, reason: collision with root package name */
    public final int f7493a;

    /* renamed from: b, reason: collision with root package name */
    public final String f7494b;

    /* renamed from: c, reason: collision with root package name */
    public final int f7495c;

    /* renamed from: d, reason: collision with root package name */
    public final int f7496d;

    /* renamed from: e, reason: collision with root package name */
    public final int f7497e;

    /* renamed from: f, reason: collision with root package name */
    public final int f7498f;

    /* renamed from: g, reason: collision with root package name */
    public final String f7499g;

    /* renamed from: h, reason: collision with root package name */
    public final byte[] f7500h;

    /* loaded from: classes2.dex */
    public class AesCtrHmacStreamDecrypter implements StreamSegmentDecrypter {

        /* renamed from: a, reason: collision with root package name */
        public SecretKeySpec f7501a;

        /* renamed from: b, reason: collision with root package name */
        public SecretKeySpec f7502b;

        /* renamed from: c, reason: collision with root package name */
        public Cipher f7503c;

        /* renamed from: d, reason: collision with root package name */
        public Mac f7504d;

        /* renamed from: e, reason: collision with root package name */
        public byte[] f7505e;

        public AesCtrHmacStreamDecrypter() {
        }

        @Override // com.google.crypto.tink.subtle.StreamSegmentDecrypter
        public synchronized void a(ByteBuffer byteBuffer, byte[] bArr) throws GeneralSecurityException {
            if (byteBuffer.remaining() != AesCtrHmacStreaming.this.e()) {
                throw new InvalidAlgorithmParameterException("Invalid header length");
            }
            if (byteBuffer.get() != AesCtrHmacStreaming.this.e()) {
                throw new GeneralSecurityException("Invalid ciphertext");
            }
            this.f7505e = new byte[7];
            byte[] bArr2 = new byte[AesCtrHmacStreaming.this.f7493a];
            byteBuffer.get(bArr2);
            byteBuffer.get(this.f7505e);
            AesCtrHmacStreaming aesCtrHmacStreaming = AesCtrHmacStreaming.this;
            byte[] a10 = Hkdf.a(aesCtrHmacStreaming.f7499g, aesCtrHmacStreaming.f7500h, bArr2, bArr, aesCtrHmacStreaming.f7493a + 32);
            AesCtrHmacStreaming aesCtrHmacStreaming2 = AesCtrHmacStreaming.this;
            Objects.requireNonNull(aesCtrHmacStreaming2);
            this.f7501a = new SecretKeySpec(a10, 0, aesCtrHmacStreaming2.f7493a, "AES");
            AesCtrHmacStreaming aesCtrHmacStreaming3 = AesCtrHmacStreaming.this;
            Objects.requireNonNull(aesCtrHmacStreaming3);
            this.f7502b = new SecretKeySpec(a10, aesCtrHmacStreaming3.f7493a, 32, aesCtrHmacStreaming3.f7494b);
            this.f7503c = EngineFactory.f7567b.f7569a.a("AES/CTR/NoPadding");
            AesCtrHmacStreaming aesCtrHmacStreaming4 = AesCtrHmacStreaming.this;
            Objects.requireNonNull(aesCtrHmacStreaming4);
            this.f7504d = EngineFactory.f7568c.a(aesCtrHmacStreaming4.f7494b);
        }

        @Override // com.google.crypto.tink.subtle.StreamSegmentDecrypter
        public synchronized void b(ByteBuffer byteBuffer, int i10, boolean z10, ByteBuffer byteBuffer2) throws GeneralSecurityException {
            int position = byteBuffer.position();
            byte[] i11 = AesCtrHmacStreaming.this.i(this.f7505e, i10, z10);
            int remaining = byteBuffer.remaining();
            int i12 = AesCtrHmacStreaming.this.f7495c;
            if (remaining < i12) {
                throw new GeneralSecurityException("Ciphertext too short");
            }
            int i13 = (remaining - i12) + position;
            ByteBuffer duplicate = byteBuffer.duplicate();
            duplicate.limit(i13);
            ByteBuffer duplicate2 = byteBuffer.duplicate();
            duplicate2.position(i13);
            this.f7504d.init(this.f7502b);
            this.f7504d.update(i11);
            this.f7504d.update(duplicate);
            byte[] copyOf = Arrays.copyOf(this.f7504d.doFinal(), AesCtrHmacStreaming.this.f7495c);
            byte[] bArr = new byte[AesCtrHmacStreaming.this.f7495c];
            duplicate2.get(bArr);
            if (!MessageDigest.isEqual(bArr, copyOf)) {
                throw new GeneralSecurityException("Tag mismatch");
            }
            byteBuffer.limit(i13);
            this.f7503c.init(1, this.f7501a, new IvParameterSpec(i11));
            this.f7503c.doFinal(byteBuffer, byteBuffer2);
        }
    }

    /* loaded from: classes2.dex */
    public class AesCtrHmacStreamEncrypter implements StreamSegmentEncrypter {

        /* renamed from: a, reason: collision with root package name */
        public final SecretKeySpec f7507a;

        /* renamed from: b, reason: collision with root package name */
        public final SecretKeySpec f7508b;

        /* renamed from: c, reason: collision with root package name */
        public final Cipher f7509c = EngineFactory.f7567b.f7569a.a("AES/CTR/NoPadding");

        /* renamed from: d, reason: collision with root package name */
        public final Mac f7510d;

        /* renamed from: e, reason: collision with root package name */
        public final byte[] f7511e;

        /* renamed from: f, reason: collision with root package name */
        public ByteBuffer f7512f;

        /* renamed from: g, reason: collision with root package name */
        public long f7513g;

        public AesCtrHmacStreamEncrypter(byte[] bArr) throws GeneralSecurityException {
            this.f7513g = 0L;
            this.f7510d = EngineFactory.f7568c.a(AesCtrHmacStreaming.this.f7494b);
            this.f7513g = 0L;
            byte[] a10 = Random.a(AesCtrHmacStreaming.this.f7493a);
            byte[] a11 = Random.a(7);
            this.f7511e = a11;
            ByteBuffer allocate = ByteBuffer.allocate(AesCtrHmacStreaming.this.e());
            this.f7512f = allocate;
            allocate.put((byte) AesCtrHmacStreaming.this.e());
            this.f7512f.put(a10);
            this.f7512f.put(a11);
            this.f7512f.flip();
            byte[] a12 = Hkdf.a(AesCtrHmacStreaming.this.f7499g, AesCtrHmacStreaming.this.f7500h, a10, bArr, AesCtrHmacStreaming.this.f7493a + 32);
            this.f7507a = new SecretKeySpec(a12, 0, AesCtrHmacStreaming.this.f7493a, "AES");
            this.f7508b = new SecretKeySpec(a12, AesCtrHmacStreaming.this.f7493a, 32, AesCtrHmacStreaming.this.f7494b);
        }

        @Override // com.google.crypto.tink.subtle.StreamSegmentEncrypter
        public synchronized void a(ByteBuffer byteBuffer, boolean z10, ByteBuffer byteBuffer2) throws GeneralSecurityException {
            int position = byteBuffer2.position();
            byte[] i10 = AesCtrHmacStreaming.this.i(this.f7511e, this.f7513g, z10);
            this.f7509c.init(1, this.f7507a, new IvParameterSpec(i10));
            this.f7513g++;
            this.f7509c.doFinal(byteBuffer, byteBuffer2);
            ByteBuffer duplicate = byteBuffer2.duplicate();
            duplicate.flip();
            duplicate.position(position);
            this.f7510d.init(this.f7508b);
            this.f7510d.update(i10);
            this.f7510d.update(duplicate);
            byteBuffer2.put(this.f7510d.doFinal(), 0, AesCtrHmacStreaming.this.f7495c);
        }

        @Override // com.google.crypto.tink.subtle.StreamSegmentEncrypter
        public synchronized void b(ByteBuffer byteBuffer, ByteBuffer byteBuffer2, boolean z10, ByteBuffer byteBuffer3) throws GeneralSecurityException {
            int position = byteBuffer3.position();
            byte[] i10 = AesCtrHmacStreaming.this.i(this.f7511e, this.f7513g, z10);
            this.f7509c.init(1, this.f7507a, new IvParameterSpec(i10));
            this.f7513g++;
            this.f7509c.update(byteBuffer, byteBuffer3);
            this.f7509c.doFinal(byteBuffer2, byteBuffer3);
            ByteBuffer duplicate = byteBuffer3.duplicate();
            duplicate.flip();
            duplicate.position(position);
            this.f7510d.init(this.f7508b);
            this.f7510d.update(i10);
            this.f7510d.update(duplicate);
            byteBuffer3.put(this.f7510d.doFinal(), 0, AesCtrHmacStreaming.this.f7495c);
        }

        @Override // com.google.crypto.tink.subtle.StreamSegmentEncrypter
        public ByteBuffer getHeader() {
            return this.f7512f.asReadOnlyBuffer();
        }
    }

    public AesCtrHmacStreaming(byte[] bArr, String str, int i10, String str2, int i11, int i12, int i13) throws GeneralSecurityException {
        if (!TinkFipsUtil.AlgorithmFipsCompatibility.ALGORITHM_NOT_FIPS.a()) {
            throw new GeneralSecurityException("Can not use AES-CTR-HMAC streaming in FIPS-mode.");
        }
        int length = bArr.length;
        if (length < 16 || length < i10) {
            StringBuilder a10 = c.a("ikm too short, must be >= ");
            a10.append(Math.max(16, i10));
            throw new InvalidAlgorithmParameterException(a10.toString());
        }
        Validators.a(i10);
        if (i11 < 10) {
            throw new InvalidAlgorithmParameterException(d.a("tag size too small ", i11));
        }
        if ((str2.equals("HmacSha1") && i11 > 20) || ((str2.equals("HmacSha256") && i11 > 32) || (str2.equals("HmacSha512") && i11 > 64))) {
            throw new InvalidAlgorithmParameterException("tag size too big");
        }
        if (((((i12 - i13) - i11) - i10) - 7) - 1 <= 0) {
            throw new InvalidAlgorithmParameterException("ciphertextSegmentSize too small");
        }
        this.f7500h = Arrays.copyOf(bArr, bArr.length);
        this.f7499g = str;
        this.f7493a = i10;
        this.f7494b = str2;
        this.f7495c = i11;
        this.f7496d = i12;
        this.f7498f = i13;
        this.f7497e = i12 - i11;
    }

    @Override // com.google.crypto.tink.subtle.NonceBasedStreamingAead
    public int c() {
        return e() + this.f7498f;
    }

    @Override // com.google.crypto.tink.subtle.NonceBasedStreamingAead
    public int d() {
        return this.f7496d;
    }

    @Override // com.google.crypto.tink.subtle.NonceBasedStreamingAead
    public int e() {
        return this.f7493a + 1 + 7;
    }

    @Override // com.google.crypto.tink.subtle.NonceBasedStreamingAead
    public int f() {
        return this.f7497e;
    }

    @Override // com.google.crypto.tink.subtle.NonceBasedStreamingAead
    public StreamSegmentDecrypter g() throws GeneralSecurityException {
        return new AesCtrHmacStreamDecrypter();
    }

    @Override // com.google.crypto.tink.subtle.NonceBasedStreamingAead
    public StreamSegmentEncrypter h(byte[] bArr) throws GeneralSecurityException {
        return new AesCtrHmacStreamEncrypter(bArr);
    }

    public byte[] i(byte[] bArr, long j10, boolean z10) throws GeneralSecurityException {
        ByteBuffer allocate = ByteBuffer.allocate(16);
        allocate.order(ByteOrder.BIG_ENDIAN);
        allocate.put(bArr);
        SubtleUtil.b(allocate, j10);
        allocate.put(z10 ? (byte) 1 : (byte) 0);
        allocate.putInt(0);
        return allocate.array();
    }
}
