package sa;

import com.google.android.gms.common.api.internal.x0;
import com.google.crypto.tink.config.internal.TinkFipsUtil$AlgorithmFipsCompatibility;
import java.security.GeneralSecurityException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import ma.j0;
import ma.p0;

/* JADX INFO: loaded from: classes2.dex */
public final class c implements da.a {

    /* JADX INFO: renamed from: a, reason: collision with root package name */
    public final SecretKeySpec f32716a;

    /* JADX INFO: renamed from: b, reason: collision with root package name */
    public final byte[] f32717b;

    public c(byte[] bArr, ta.a aVar) throws GeneralSecurityException {
        if (!TinkFipsUtil$AlgorithmFipsCompatibility.f23815b.a()) {
            throw new GeneralSecurityException("Can not use AES-GCM in FIPS-mode, as BoringCrypto module is not available.");
        }
        x0 x0Var = fa.c.f25988a;
        o.a(bArr.length);
        this.f32716a = new SecretKeySpec(bArr, "AES");
        this.f32717b = aVar.b();
    }

    @Override // da.a
    public final byte[] a(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        if (bArr == null) {
            throw new NullPointerException("plaintext is null");
        }
        byte[] bArrA = j0.a(12);
        AlgorithmParameterSpec algorithmParameterSpecA = fa.c.a(0, bArrA.length, bArrA);
        Cipher cipher = (Cipher) fa.c.f25988a.get();
        cipher.init(1, this.f32716a, algorithmParameterSpecA);
        if (bArr2 != null && bArr2.length != 0) {
            cipher.updateAAD(bArr2);
        }
        int outputSize = cipher.getOutputSize(bArr.length);
        byte[] bArr3 = this.f32717b;
        if (outputSize > 2147483635 - bArr3.length) {
            throw new GeneralSecurityException("plaintext too long");
        }
        byte[] bArrCopyOf = Arrays.copyOf(bArr3, bArr3.length + 12 + outputSize);
        System.arraycopy(bArrA, 0, bArrCopyOf, bArr3.length, 12);
        if (cipher.doFinal(bArr, 0, bArr.length, bArrCopyOf, bArr3.length + 12) == outputSize) {
            return bArrCopyOf;
        }
        throw new GeneralSecurityException("not enough data written");
    }

    @Override // da.a
    public final byte[] b(byte[] bArr, byte[] bArr2) throws GeneralSecurityException {
        if (bArr == null) {
            throw new NullPointerException("ciphertext is null");
        }
        int length = bArr.length;
        byte[] bArr3 = this.f32717b;
        if (length < bArr3.length + 28) {
            throw new GeneralSecurityException("ciphertext too short");
        }
        if (!p0.b(bArr3, bArr)) {
            throw new GeneralSecurityException("Decryption failed (OutputPrefix mismatch).");
        }
        AlgorithmParameterSpec algorithmParameterSpecA = fa.c.a(bArr3.length, 12, bArr);
        Cipher cipher = (Cipher) fa.c.f25988a.get();
        cipher.init(2, this.f32716a, algorithmParameterSpecA);
        if (bArr2 != null && bArr2.length != 0) {
            cipher.updateAAD(bArr2);
        }
        return cipher.doFinal(bArr, bArr3.length + 12, (bArr.length - bArr3.length) - 12);
    }
}
