package org.bouncycastle.crypto.modes;

import c.a.a.a.a;
import org.bouncycastle.crypto.BlockCipher;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.DataLengthException;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.modes.gcm.GCMMultiplier;
import org.bouncycastle.crypto.modes.gcm.Tables8kGCMMultiplier;
import org.bouncycastle.crypto.params.AEADParameters;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.crypto.util.Pack;
import org.bouncycastle.util.Arrays;

/* loaded from: classes4.dex */
public class GCMBlockCipher implements AEADBlockCipher {
    private static final byte[] q = new byte[16];
    private BlockCipher a;
    private GCMMultiplier b;

    /* renamed from: c, reason: collision with root package name */
    private boolean f15222c;

    /* renamed from: d, reason: collision with root package name */
    private int f15223d;

    /* renamed from: e, reason: collision with root package name */
    private byte[] f15224e;

    /* renamed from: f, reason: collision with root package name */
    private byte[] f15225f;

    /* renamed from: g, reason: collision with root package name */
    private KeyParameter f15226g;

    /* renamed from: h, reason: collision with root package name */
    private byte[] f15227h;

    /* renamed from: i, reason: collision with root package name */
    private byte[] f15228i;

    /* renamed from: j, reason: collision with root package name */
    private byte[] f15229j;

    /* renamed from: k, reason: collision with root package name */
    private byte[] f15230k;
    private byte[] l;
    private byte[] m;
    private byte[] n;
    private int o;
    private long p;

    public GCMBlockCipher(BlockCipher blockCipher) {
        this(blockCipher, null);
    }

    public GCMBlockCipher(BlockCipher blockCipher, GCMMultiplier gCMMultiplier) {
        if (blockCipher.getBlockSize() != 16) {
            throw new IllegalArgumentException("cipher required with a block size of 16.");
        }
        gCMMultiplier = gCMMultiplier == null ? new Tables8kGCMMultiplier() : gCMMultiplier;
        this.a = blockCipher;
        this.b = gCMMultiplier;
    }

    private void gCTRBlock(byte[] bArr, int i2, byte[] bArr2, int i3) {
        byte[] bArr3;
        for (int i4 = 15; i4 >= 12; i4--) {
            byte[] bArr4 = this.n;
            byte b = (byte) ((bArr4[i4] + 1) & 255);
            bArr4[i4] = b;
            if (b != 0) {
                break;
            }
        }
        byte[] bArr5 = new byte[16];
        this.a.processBlock(this.n, 0, bArr5, 0);
        if (this.f15222c) {
            System.arraycopy(q, i2, bArr5, i2, 16 - i2);
            bArr3 = bArr5;
        } else {
            bArr3 = bArr;
        }
        for (int i5 = i2 - 1; i5 >= 0; i5--) {
            bArr5[i5] = (byte) (bArr5[i5] ^ bArr[i5]);
            bArr2[i3 + i5] = bArr5[i5];
        }
        xor(this.m, bArr3);
        this.b.multiplyH(this.m);
        this.p += i2;
    }

    private byte[] gHASH(byte[] bArr) {
        byte[] bArr2 = new byte[16];
        for (int i2 = 0; i2 < bArr.length; i2 += 16) {
            byte[] bArr3 = new byte[16];
            System.arraycopy(bArr, i2, bArr3, 0, Math.min(bArr.length - i2, 16));
            xor(bArr2, bArr3);
            this.b.multiplyH(bArr2);
        }
        return bArr2;
    }

    private static void packLength(long j2, byte[] bArr, int i2) {
        Pack.intToBigEndian((int) (j2 >>> 32), bArr, i2);
        Pack.intToBigEndian((int) j2, bArr, i2 + 4);
    }

    private int process(byte b, byte[] bArr, int i2) throws DataLengthException {
        byte[] bArr2 = this.f15230k;
        int i3 = this.o;
        int i4 = i3 + 1;
        this.o = i4;
        bArr2[i3] = b;
        if (i4 != bArr2.length) {
            return 0;
        }
        gCTRBlock(bArr2, 16, bArr, i2);
        if (!this.f15222c) {
            byte[] bArr3 = this.f15230k;
            System.arraycopy(bArr3, 16, bArr3, 0, this.f15223d);
        }
        this.o = this.f15230k.length - 16;
        return 16;
    }

    private void reset(boolean z) {
        this.m = Arrays.b(this.f15228i);
        this.n = Arrays.b(this.f15229j);
        this.o = 0;
        this.p = 0L;
        byte[] bArr = this.f15230k;
        if (bArr != null) {
            Arrays.d(bArr, (byte) 0);
        }
        if (z) {
            this.l = null;
        }
        this.a.reset();
    }

    private static void xor(byte[] bArr, byte[] bArr2) {
        for (int i2 = 15; i2 >= 0; i2--) {
            bArr[i2] = (byte) (bArr[i2] ^ bArr2[i2]);
        }
    }

    @Override // org.bouncycastle.crypto.modes.AEADBlockCipher
    public int doFinal(byte[] bArr, int i2) throws IllegalStateException, InvalidCipherTextException {
        int i3 = this.o;
        if (!this.f15222c) {
            int i4 = this.f15223d;
            if (i3 < i4) {
                throw new InvalidCipherTextException("data too short");
            }
            i3 -= i4;
        }
        if (i3 > 0) {
            byte[] bArr2 = new byte[16];
            System.arraycopy(this.f15230k, 0, bArr2, 0, i3);
            gCTRBlock(bArr2, i3, bArr, i2);
        }
        byte[] bArr3 = new byte[16];
        packLength(this.f15225f.length * 8, bArr3, 0);
        packLength(this.p * 8, bArr3, 8);
        xor(this.m, bArr3);
        this.b.multiplyH(this.m);
        byte[] bArr4 = new byte[16];
        this.a.processBlock(this.f15229j, 0, bArr4, 0);
        xor(bArr4, this.m);
        int i5 = this.f15223d;
        byte[] bArr5 = new byte[i5];
        this.l = bArr5;
        System.arraycopy(bArr4, 0, bArr5, 0, i5);
        if (this.f15222c) {
            System.arraycopy(this.l, 0, bArr, i2 + this.o, this.f15223d);
            i3 += this.f15223d;
        } else {
            int i6 = this.f15223d;
            byte[] bArr6 = new byte[i6];
            System.arraycopy(this.f15230k, i3, bArr6, 0, i6);
            if (!Arrays.c(this.l, bArr6)) {
                throw new InvalidCipherTextException("mac check in GCM failed");
            }
        }
        reset(false);
        return i3;
    }

    public String getAlgorithmName() {
        return this.a.getAlgorithmName() + "/GCM";
    }

    public byte[] getMac() {
        return Arrays.b(this.l);
    }

    @Override // org.bouncycastle.crypto.modes.AEADBlockCipher
    public int getOutputSize(int i2) {
        return this.f15222c ? i2 + this.o + this.f15223d : (i2 + this.o) - this.f15223d;
    }

    @Override // org.bouncycastle.crypto.modes.AEADBlockCipher
    public BlockCipher getUnderlyingCipher() {
        return this.a;
    }

    @Override // org.bouncycastle.crypto.modes.AEADBlockCipher
    public int getUpdateOutputSize(int i2) {
        return ((i2 + this.o) / 16) * 16;
    }

    @Override // org.bouncycastle.crypto.modes.AEADBlockCipher
    public void init(boolean z, CipherParameters cipherParameters) throws IllegalArgumentException {
        KeyParameter keyParameter;
        this.f15222c = z;
        this.l = null;
        if (cipherParameters instanceof AEADParameters) {
            AEADParameters aEADParameters = (AEADParameters) cipherParameters;
            this.f15224e = aEADParameters.getNonce();
            this.f15225f = aEADParameters.getAssociatedText();
            int macSize = aEADParameters.getMacSize();
            if (macSize < 96 || macSize > 128 || macSize % 8 != 0) {
                throw new IllegalArgumentException(a.w("Invalid value for MAC size: ", macSize));
            }
            this.f15223d = macSize / 8;
            keyParameter = aEADParameters.getKey();
        } else {
            if (!(cipherParameters instanceof ParametersWithIV)) {
                throw new IllegalArgumentException("invalid parameters passed to GCM");
            }
            ParametersWithIV parametersWithIV = (ParametersWithIV) cipherParameters;
            this.f15224e = parametersWithIV.getIV();
            this.f15225f = null;
            this.f15223d = 16;
            keyParameter = (KeyParameter) parametersWithIV.getParameters();
        }
        this.f15226g = keyParameter;
        this.f15230k = new byte[z ? 16 : this.f15223d + 16];
        byte[] bArr = this.f15224e;
        if (bArr == null || bArr.length < 1) {
            throw new IllegalArgumentException("IV must be at least 1 byte");
        }
        if (this.f15225f == null) {
            this.f15225f = new byte[0];
        }
        this.a.init(true, this.f15226g);
        byte[] bArr2 = new byte[16];
        this.f15227h = bArr2;
        this.a.processBlock(q, 0, bArr2, 0);
        this.b.init(this.f15227h);
        this.f15228i = gHASH(this.f15225f);
        byte[] bArr3 = this.f15224e;
        if (bArr3.length == 12) {
            byte[] bArr4 = new byte[16];
            this.f15229j = bArr4;
            System.arraycopy(bArr3, 0, bArr4, 0, bArr3.length);
            this.f15229j[15] = 1;
        } else {
            this.f15229j = gHASH(bArr3);
            byte[] bArr5 = new byte[16];
            packLength(this.f15224e.length * 8, bArr5, 8);
            xor(this.f15229j, bArr5);
            this.b.multiplyH(this.f15229j);
        }
        this.m = Arrays.b(this.f15228i);
        this.n = Arrays.b(this.f15229j);
        this.o = 0;
        this.p = 0L;
    }

    public int processByte(byte b, byte[] bArr, int i2) throws DataLengthException {
        return process(b, bArr, i2);
    }

    @Override // org.bouncycastle.crypto.modes.AEADBlockCipher
    public int processBytes(byte[] bArr, int i2, int i3, byte[] bArr2, int i4) throws DataLengthException {
        int i5 = 0;
        for (int i6 = 0; i6 != i3; i6++) {
            byte[] bArr3 = this.f15230k;
            int i7 = this.o;
            int i8 = i7 + 1;
            this.o = i8;
            bArr3[i7] = bArr[i2 + i6];
            if (i8 == bArr3.length) {
                gCTRBlock(bArr3, 16, bArr2, i4 + i5);
                if (!this.f15222c) {
                    byte[] bArr4 = this.f15230k;
                    System.arraycopy(bArr4, 16, bArr4, 0, this.f15223d);
                }
                this.o = this.f15230k.length - 16;
                i5 += 16;
            }
        }
        return i5;
    }

    public void reset() {
        reset(true);
    }
}
