package com.google.crypto.tink.hybrid.internal;

import com.google.apps.tiktok.account.ui.modalselector.SelectAccountActivityPeer;
import com.google.crypto.tink.HybridDecrypt;
import com.google.firebase.DataCollectionDefaultChange;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.util.Arrays;

/* compiled from: PG */
/* loaded from: classes3.dex */
final class HpkeDecrypt implements HybridDecrypt {
    private static final byte[] EMPTY_ASSOCIATED_DATA = new byte[0];
    private final HpkeAead aead;
    private final int encapsulatedKeyLength;
    private final SelectAccountActivityPeer kdf$ar$class_merging$ar$class_merging$ar$class_merging$ar$class_merging;
    private final HpkeKem kem;
    private final HpkeKemPrivateKey recipientPrivateKey;

    public HpkeDecrypt(HpkeKemPrivateKey hpkeKemPrivateKey, HpkeKem hpkeKem, SelectAccountActivityPeer selectAccountActivityPeer, HpkeAead hpkeAead, int i) {
        this.recipientPrivateKey = hpkeKemPrivateKey;
        this.kem = hpkeKem;
        this.kdf$ar$class_merging$ar$class_merging$ar$class_merging$ar$class_merging = selectAccountActivityPeer;
        this.aead = hpkeAead;
        this.encapsulatedKeyLength = i;
    }

    @Override // com.google.crypto.tink.HybridDecrypt
    public final byte[] decrypt$ar$ds(byte[] bArr) {
        int length = bArr.length;
        int i = this.encapsulatedKeyLength;
        if (length < i) {
            throw new GeneralSecurityException("Ciphertext is too short.");
        }
        byte[] copyOf = Arrays.copyOf(bArr, i);
        byte[] copyOfRange = Arrays.copyOfRange(bArr, this.encapsulatedKeyLength, length);
        HpkeKemPrivateKey hpkeKemPrivateKey = this.recipientPrivateKey;
        HpkeKem hpkeKem = this.kem;
        SelectAccountActivityPeer selectAccountActivityPeer = this.kdf$ar$class_merging$ar$class_merging$ar$class_merging$ar$class_merging;
        HpkeAead hpkeAead = this.aead;
        byte[] decapsulate = hpkeKem.decapsulate(copyOf, hpkeKemPrivateKey);
        byte[] bArr2 = HpkeUtil.BASE_MODE;
        byte[] concat = DataCollectionDefaultChange.concat(HpkeUtil.HPKE, hpkeKem.getKemId(), selectAccountActivityPeer.getKdfId(), hpkeAead.getAeadId());
        byte[] concat2 = DataCollectionDefaultChange.concat(bArr2, selectAccountActivityPeer.labeledExtract(HpkeUtil.EMPTY_SALT, HpkeContext.EMPTY_IKM, "psk_id_hash", concat), selectAccountActivityPeer.labeledExtract(HpkeUtil.EMPTY_SALT, new byte[0], "info_hash", concat));
        byte[] labeledExtract = selectAccountActivityPeer.labeledExtract(decapsulate, HpkeContext.EMPTY_IKM, "secret", concat);
        HpkeContext hpkeContext = new HpkeContext(selectAccountActivityPeer.labeledExpand(labeledExtract, concat2, "key", concat, hpkeAead.getKeyLength()), selectAccountActivityPeer.labeledExpand(labeledExtract, concat2, "base_nonce", concat, 12), BigInteger.ONE.shiftLeft(96).subtract(BigInteger.ONE), hpkeAead);
        return hpkeContext.aead.open(hpkeContext.key, hpkeContext.computeNonceAndIncrementSequenceNumber(), copyOfRange, EMPTY_ASSOCIATED_DATA);
    }
}
