package com.google.crypto.tink.aead.subtle;

import com.google.crypto.tink.Aead;
import com.google.crypto.tink.internal.Util;
import com.google.crypto.tink.subtle.EngineFactory;
import com.google.crypto.tink.subtle.Validators;
import com.google.firebase.DataCollectionDefaultChange;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* compiled from: PG */
/* loaded from: classes3.dex */
public final class AesGcmSiv implements Aead {
    private final SecretKey keySpec;
    private final byte[] outputPrefix;
    private static final byte[] TEST_PLAINTEXT = DataCollectionDefaultChange.decode("7a806c");
    private static final byte[] TEST_AAD = DataCollectionDefaultChange.decode("46bb91c3c5");
    private static final byte[] TEST_KEY = DataCollectionDefaultChange.decode("36864200e0eaf5284d884a0e77d31646");
    private static final byte[] TEST_NOUNCE = DataCollectionDefaultChange.decode("bae8e37fc83441b16034566b");
    private static final byte[] TEST_RESULT = DataCollectionDefaultChange.decode("af60eb711bd85bc1e4d3e0a462e074eea428a8");
    private static final ThreadLocal localAesGcmSivCipher = new ThreadLocal() { // from class: com.google.crypto.tink.aead.subtle.AesGcmSiv.1
        protected static final Cipher initialValue$ar$ds$e355cf85_1() {
            try {
                Cipher cipher = (Cipher) EngineFactory.CIPHER.getInstance("AES/GCM-SIV/NoPadding");
                if (AesGcmSiv.isAesGcmSivCipher(cipher)) {
                    return cipher;
                }
                return null;
            } catch (GeneralSecurityException e) {
                throw new IllegalStateException(e);
            }
        }

        @Override // java.lang.ThreadLocal
        protected final /* bridge */ /* synthetic */ Object initialValue() {
            return initialValue$ar$ds$e355cf85_1();
        }
    };

    public AesGcmSiv(byte[] bArr, byte[] bArr2) {
        this.outputPrefix = bArr2;
        Validators.validateAesKeySize(bArr.length);
        this.keySpec = new SecretKeySpec(bArr, "AES");
    }

    private static AlgorithmParameterSpec getParams$ar$ds(byte[] bArr, int i) {
        return new GCMParameterSpec(128, bArr, 0, i);
    }

    public static boolean isAesGcmSivCipher(Cipher cipher) {
        try {
            byte[] bArr = TEST_NOUNCE;
            cipher.init(2, new SecretKeySpec(TEST_KEY, "AES"), getParams$ar$ds(bArr, bArr.length));
            cipher.updateAAD(TEST_AAD);
            byte[] bArr2 = TEST_RESULT;
            return MessageDigest.isEqual(cipher.doFinal(bArr2, 0, bArr2.length), TEST_PLAINTEXT);
        } catch (GeneralSecurityException e) {
            return false;
        }
    }

    private final byte[] rawDecrypt$ar$ds(byte[] bArr) {
        Cipher cipher = (Cipher) localAesGcmSivCipher.get();
        if (cipher == null) {
            throw new GeneralSecurityException("AES GCM SIV cipher is not available or is invalid.");
        }
        int length = bArr.length;
        if (length < 28) {
            throw new GeneralSecurityException("ciphertext too short");
        }
        cipher.init(2, this.keySpec, getParams$ar$ds(bArr, 12));
        return cipher.doFinal(bArr, 12, length - 12);
    }

    @Override // com.google.crypto.tink.Aead
    public final byte[] decrypt(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = this.outputPrefix;
        if (bArr3.length == 0) {
            return rawDecrypt$ar$ds(bArr);
        }
        if (!Util.isPrefix(bArr3, bArr)) {
            throw new GeneralSecurityException("Decryption failed (OutputPrefix mismatch).");
        }
        byte[] bArr4 = this.outputPrefix;
        return rawDecrypt$ar$ds(Arrays.copyOfRange(bArr, bArr4.length, bArr.length));
    }
}
