package org.bouncycastle.crypto.fips;

import org.bouncycastle.crypto.NativeServices;
import org.bouncycastle.crypto.internal.BlockCipher;
import org.bouncycastle.crypto.internal.CipherParameters;
import org.bouncycastle.crypto.internal.DataLengthException;
import org.bouncycastle.crypto.internal.InvalidCipherTextException;
import org.bouncycastle.crypto.internal.MultiBlockCipher;
import org.bouncycastle.crypto.internal.modes.AEADBlockCipher;
import org.bouncycastle.crypto.internal.params.AEADParameters;
import org.bouncycastle.crypto.internal.params.KeyParameter;
import org.bouncycastle.crypto.internal.params.KeyParameterImpl;
import org.bouncycastle.crypto.internal.params.ParametersWithIV;
import org.bouncycastle.crypto.internal.test.BasicKatTest;
import org.bouncycastle.crypto.util.dispose.NativeDisposer;
import org.bouncycastle.crypto.util.dispose.NativeReference;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.encoders.Hex;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/bouncycastle/crypto/fips/AESNativeGCM.class */
public class AESNativeGCM implements AEADBlockCipher {
    private GCMRefWrapper refWrapper;
    private byte[] nonce;
    private byte[] lastKey;
    private byte[] initialAssociatedText;
    private static byte[] K = Hex.decode("feffe9928665731c6d6a8f9467308308");
    private static byte[] P = Hex.decode("d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39");
    private static byte[] A = Hex.decode("feedfacedeadbeeffeedfacedeadbeefabaddad2");
    private static byte[] IV = Hex.decode("cafebabefacedbaddecaf888");
    private static byte[] C = Hex.decode("42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091");
    private static byte[] T = Hex.decode("5bc94fbc3221a5db94fae95ae7121a47");
    private static TestTrigger trigger = new TestTrigger();
    private int macSize = 0;
    private boolean forEncryption = false;
    private boolean initialised = false;
    private byte[] keptMac = null;

    /* loaded from: input_file:org/bouncycastle/crypto/fips/AESNativeGCM$Disposer.class */
    private static class Disposer extends NativeDisposer {
        Disposer(long j) {
            super(j);
        }

        @Override // org.bouncycastle.crypto.util.dispose.NativeDisposer
        protected void dispose(long j) {
            AESNativeGCM.dispose(j);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/bouncycastle/crypto/fips/AESNativeGCM$GCMRefWrapper.class */
    public static class GCMRefWrapper extends NativeReference {
        public GCMRefWrapper(long j) {
            super(j);
        }

        @Override // org.bouncycastle.crypto.util.dispose.NativeReference
        public Runnable createAction() {
            return new Disposer(this.reference);
        }
    }

    private AESNativeGCM() {
    }

    @Override // org.bouncycastle.crypto.internal.modes.AEADBlockCipher
    public BlockCipher getUnderlyingCipher() {
        MultiBlockCipher createEngine = FipsAES.ENGINE_PROVIDER.createEngine();
        if (this.lastKey != null) {
            createEngine.init(true, new KeyParameterImpl(this.lastKey));
        }
        return createEngine;
    }

    @Override // org.bouncycastle.crypto.internal.modes.AEADCipher
    public void init(boolean z, CipherParameters cipherParameters) throws IllegalArgumentException {
        byte[] iv;
        KeyParameter keyParameter;
        this.forEncryption = z;
        this.keptMac = null;
        if (cipherParameters instanceof AEADParameters) {
            AEADParameters aEADParameters = (AEADParameters) cipherParameters;
            iv = aEADParameters.getNonce();
            this.initialAssociatedText = aEADParameters.getAssociatedText();
            int macSize = aEADParameters.getMacSize();
            if (macSize < 32 || macSize > 128 || macSize % 8 != 0) {
                throw new IllegalArgumentException("invalid value for MAC size: " + macSize);
            }
            this.macSize = macSize;
            keyParameter = aEADParameters.getKey();
        } else {
            if (!(cipherParameters instanceof ParametersWithIV)) {
                throw new IllegalArgumentException("invalid parameters passed to GCM");
            }
            ParametersWithIV parametersWithIV = (ParametersWithIV) cipherParameters;
            iv = parametersWithIV.getIV();
            this.initialAssociatedText = null;
            this.macSize = 128;
            keyParameter = (KeyParameter) parametersWithIV.getParameters();
        }
        if (iv == null || iv.length < 12) {
            throw new IllegalArgumentException("IV must be at least 12 bytes");
        }
        if (z && this.nonce != null && Arrays.areEqual(this.nonce, iv)) {
            if (keyParameter == null) {
                throw new IllegalArgumentException("cannot reuse nonce for GCM encryption");
            }
            if (this.lastKey != null && Arrays.areEqual(this.lastKey, keyParameter.getKey())) {
                throw new IllegalArgumentException("cannot reuse nonce for GCM encryption");
            }
        }
        this.nonce = iv;
        if (keyParameter != null) {
            this.lastKey = keyParameter.getKey();
        }
        switch (this.lastKey.length) {
            case 16:
            case 24:
            case 32:
                initRef(this.lastKey.length);
                initNative(this.refWrapper.getReference(), z, this.lastKey, this.nonce, this.initialAssociatedText, this.macSize);
                this.initialised = true;
                return;
            default:
                throw new IllegalStateException("key must be only 16,24,or 32 bytes long.");
        }
    }

    private void initRef(int i) {
        this.refWrapper = new GCMRefWrapper(makeNative(i, this.forEncryption));
    }

    @Override // org.bouncycastle.crypto.internal.modes.AEADCipher
    public String getAlgorithmName() {
        return NativeServices.AES_GCM;
    }

    @Override // org.bouncycastle.crypto.internal.modes.AEADCipher
    public void processAADByte(byte b) {
        if (this.refWrapper == null) {
            throw new IllegalStateException("GCM is uninitialized");
        }
        processAADByte(this.refWrapper.getReference(), b);
    }

    @Override // org.bouncycastle.crypto.internal.modes.AEADCipher
    public void processAADBytes(byte[] bArr, int i, int i2) {
        if (this.refWrapper == null) {
            throw new IllegalStateException("GCM is uninitialized");
        }
        processAADBytes(this.refWrapper.getReference(), bArr, i, i2);
    }

    @Override // org.bouncycastle.crypto.internal.modes.AEADCipher
    public int processByte(byte b, byte[] bArr, int i) throws DataLengthException {
        if (this.refWrapper == null) {
            throw new IllegalStateException("GCM is uninitialized");
        }
        return processByte(this.refWrapper.getReference(), b, bArr, i);
    }

    @Override // org.bouncycastle.crypto.internal.modes.AEADCipher
    public int processBytes(byte[] bArr, int i, int i2, byte[] bArr2, int i3) throws DataLengthException {
        if (this.refWrapper == null) {
            throw new IllegalStateException("GCM is uninitialized");
        }
        return processBytes(this.refWrapper.getReference(), bArr, i, i2, bArr2, i3);
    }

    @Override // org.bouncycastle.crypto.internal.modes.AEADCipher
    public int doFinal(byte[] bArr, int i) throws IllegalStateException, InvalidCipherTextException {
        checkStatus();
        int doFinal = doFinal(this.refWrapper.getReference(), bArr, i);
        resetKeepMac();
        return doFinal;
    }

    @Override // org.bouncycastle.crypto.internal.modes.AEADCipher
    public byte[] getMac() {
        return this.keptMac != null ? Arrays.clone(this.keptMac) : getMac(this.refWrapper.getReference());
    }

    @Override // org.bouncycastle.crypto.internal.modes.AEADCipher
    public int getUpdateOutputSize(int i) {
        return getUpdateOutputSize(this.refWrapper.getReference(), i);
    }

    @Override // org.bouncycastle.crypto.internal.modes.AEADCipher
    public int getOutputSize(int i) {
        return getOutputSize(this.refWrapper.getReference(), i);
    }

    @Override // org.bouncycastle.crypto.internal.modes.AEADCipher
    public void reset() {
        if (this.refWrapper == null) {
            return;
        }
        reset(this.refWrapper.getReference());
        this.initialised = false;
    }

    private void resetKeepMac() {
        if (this.refWrapper == null) {
            return;
        }
        this.keptMac = getMac();
        reset(this.refWrapper.getReference());
    }

    private void checkStatus() {
        if (this.initialised) {
            return;
        }
        if (!this.forEncryption) {
            throw new IllegalStateException("GCM cipher needs to be initialised");
        }
        throw new IllegalStateException("GCM cipher cannot be reused for encryption");
    }

    private native void reset(long j);

    static native void initNative(long j, boolean z, byte[] bArr, byte[] bArr2, byte[] bArr3, int i);

    static native long makeNative(int i, boolean z);

    static native void dispose(long j);

    private static native void processAADByte(long j, byte b);

    private static native void processAADBytes(long j, byte[] bArr, int i, int i2);

    private static native int processByte(long j, byte b, byte[] bArr, int i);

    private static native int processBytes(long j, byte[] bArr, int i, int i2, byte[] bArr2, int i3);

    private static native int doFinal(long j, byte[] bArr, int i);

    private static native int getUpdateOutputSize(long j, int i);

    private static native int getOutputSize(long j, int i);

    public static native byte[] getMac(long j);

    void setBlocksRemainingDown(long j) {
        setBlocksRemainingDown(this.refWrapper.getReference(), j);
    }

    private native void setBlocksRemainingDown(long j, long j2);

    public String toString() {
        return this.lastKey != null ? "GCM[Native](AES[Native](" + (this.lastKey.length * 8) + "))" : "GCM[Native](AES[Native](not initialized))";
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static AESNativeGCM newInstance() {
        AESNativeGCM aESNativeGCM = new AESNativeGCM();
        return trigger.triggerTest() ? (AESNativeGCM) SelfTestExecutor.validate(FipsAES.GCM.getAlgorithm(), aESNativeGCM, new BasicKatTest<AESNativeGCM>() { // from class: org.bouncycastle.crypto.fips.AESNativeGCM.1
            @Override // org.bouncycastle.crypto.internal.test.BasicKatTest
            public boolean hasTestPassed(AESNativeGCM aESNativeGCM2) throws Exception {
                AEADParameters aEADParameters = new AEADParameters(new KeyParameterImpl(AESNativeGCM.K), AESNativeGCM.T.length * 8, AESNativeGCM.IV, AESNativeGCM.A);
                aESNativeGCM2.init(true, aEADParameters);
                byte[] bArr = new byte[aESNativeGCM2.getOutputSize(AESNativeGCM.P.length)];
                int processBytes = aESNativeGCM2.processBytes(AESNativeGCM.P, 0, AESNativeGCM.P.length, bArr, 0);
                if (bArr.length != processBytes + aESNativeGCM2.doFinal(bArr, processBytes)) {
                    return false;
                }
                byte[] mac = aESNativeGCM2.getMac();
                byte[] bArr2 = new byte[AESNativeGCM.P.length];
                System.arraycopy(bArr, 0, bArr2, 0, bArr2.length);
                byte[] bArr3 = new byte[bArr.length - AESNativeGCM.P.length];
                System.arraycopy(bArr, AESNativeGCM.P.length, bArr3, 0, bArr3.length);
                if (!Arrays.areEqual(AESNativeGCM.C, bArr2) || !Arrays.areEqual(AESNativeGCM.T, mac) || !Arrays.areEqual(AESNativeGCM.T, bArr3)) {
                    return false;
                }
                aESNativeGCM2.init(false, aEADParameters);
                byte[] bArr4 = new byte[aESNativeGCM2.getOutputSize(bArr.length)];
                aESNativeGCM2.doFinal(bArr4, aESNativeGCM2.processBytes(bArr, 0, bArr.length, bArr4, 0));
                byte[] mac2 = aESNativeGCM2.getMac();
                byte[] bArr5 = new byte[AESNativeGCM.C.length];
                System.arraycopy(bArr4, 0, bArr5, 0, bArr5.length);
                return Arrays.areEqual(AESNativeGCM.P, bArr5) && Arrays.areEqual(AESNativeGCM.T, mac2);
            }
        }) : aESNativeGCM;
    }
}
