package com.google.android.gms.internal.p002firebaseauthapi;

import Z0.o;
import com.google.android.gms.internal.p002firebaseauthapi.zzij;
import java.security.GeneralSecurityException;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* JADX INFO: loaded from: classes3.dex */
public final class zzxu implements zzzd {
    private static final zzij.zza zza = zzij.zza.zzb;
    private static final ThreadLocal<Cipher> zzb = new zzxx();
    private final SecretKeySpec zzc;
    private final int zzd;
    private final int zze;

    public zzxu(byte[] bArr, int i6) throws GeneralSecurityException {
        if (!zza.zza()) {
            throw new GeneralSecurityException("Can not use AES-CTR in FIPS-mode, as BoringCrypto module is not available.");
        }
        zzzi.zza(bArr.length);
        this.zzc = new SecretKeySpec(bArr, "AES");
        int blockSize = zzb.get().getBlockSize();
        this.zze = blockSize;
        if (i6 < 12 || i6 > blockSize) {
            throw new GeneralSecurityException("invalid IV size");
        }
        this.zzd = i6;
    }

    private final void zza(byte[] bArr, int i6, int i7, byte[] bArr2, int i8, byte[] bArr3, boolean z6) throws GeneralSecurityException {
        Cipher cipher = zzb.get();
        byte[] bArr4 = new byte[this.zze];
        System.arraycopy(bArr3, 0, bArr4, 0, this.zzd);
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr4);
        if (z6) {
            cipher.init(1, this.zzc, ivParameterSpec);
        } else {
            cipher.init(2, this.zzc, ivParameterSpec);
        }
        if (cipher.doFinal(bArr, i6, i7, bArr2, i8) != i7) {
            throw new GeneralSecurityException("stored output's length does not match input's length");
        }
    }

    @Override // com.google.android.gms.internal.p002firebaseauthapi.zzzd
    public final byte[] zzb(byte[] bArr) throws GeneralSecurityException {
        int length = bArr.length;
        int i6 = this.zzd;
        if (length > Integer.MAX_VALUE - i6) {
            throw new GeneralSecurityException(o.l("plaintext length can not exceed ", Integer.MAX_VALUE - this.zzd));
        }
        byte[] bArr2 = new byte[bArr.length + i6];
        byte[] bArrZza = zzpp.zza(i6);
        System.arraycopy(bArrZza, 0, bArr2, 0, this.zzd);
        zza(bArr, 0, bArr.length, bArr2, this.zzd, bArrZza, true);
        return bArr2;
    }

    @Override // com.google.android.gms.internal.p002firebaseauthapi.zzzd
    public final byte[] zza(byte[] bArr) throws GeneralSecurityException {
        int length = bArr.length;
        int i6 = this.zzd;
        if (length >= i6) {
            byte[] bArr2 = new byte[i6];
            System.arraycopy(bArr, 0, bArr2, 0, i6);
            int length2 = bArr.length;
            int i7 = this.zzd;
            byte[] bArr3 = new byte[length2 - i7];
            zza(bArr, i7, bArr.length - i7, bArr3, 0, bArr2, false);
            return bArr3;
        }
        throw new GeneralSecurityException("ciphertext too short");
    }
}
