package org.bouncycastle.tls.crypto.impl;

import java.io.IOException;
import org.bouncycastle.asn1.cmc.BodyPartID;
import org.bouncycastle.tls.TlsFatalAlert;
import org.bouncycastle.tls.TlsUtils;
import org.bouncycastle.tls.crypto.TlsCipher;
import org.bouncycastle.tls.crypto.TlsCryptoParameters;
import org.bouncycastle.tls.crypto.TlsMAC;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.Pack;

/* loaded from: input_file:org/bouncycastle/tls/crypto/impl/ChaCha20Poly1305Cipher.class */
public class ChaCha20Poly1305Cipher implements TlsCipher {
    private static final byte[] ZEROES = new byte[15];
    protected TlsCryptoParameters context;
    protected TlsMAC writeMac;
    protected TlsMAC readMac;
    protected TlsStreamCipherImpl encryptCipher;
    protected TlsStreamCipherImpl decryptCipher;
    protected byte[] encryptIV;
    protected byte[] decryptIV;

    public ChaCha20Poly1305Cipher(TlsCryptoParameters tlsCryptoParameters, TlsStreamCipherImpl tlsStreamCipherImpl, TlsStreamCipherImpl tlsStreamCipherImpl2, TlsMAC tlsMAC, TlsMAC tlsMAC2) throws IOException {
        byte[] bArr;
        byte[] bArr2;
        if (!TlsImplUtils.isTLSv12(tlsCryptoParameters)) {
            throw new TlsFatalAlert((short) 80);
        }
        this.context = tlsCryptoParameters;
        int i = (2 * 32) + (2 * 12);
        byte[] calculateKeyBlock = TlsImplUtils.calculateKeyBlock(tlsCryptoParameters, i);
        byte[] copyOfRange = Arrays.copyOfRange(calculateKeyBlock, 0, 0 + 32);
        int i2 = 0 + 32;
        byte[] copyOfRange2 = Arrays.copyOfRange(calculateKeyBlock, i2, i2 + 32);
        int i3 = i2 + 32;
        byte[] copyOfRange3 = Arrays.copyOfRange(calculateKeyBlock, i3, i3 + 12);
        int i4 = i3 + 12;
        byte[] copyOfRange4 = Arrays.copyOfRange(calculateKeyBlock, i4, i4 + 12);
        if (i4 + 12 != i) {
            throw new TlsFatalAlert((short) 80);
        }
        this.writeMac = tlsMAC;
        this.readMac = tlsMAC2;
        this.encryptCipher = tlsStreamCipherImpl;
        this.decryptCipher = tlsStreamCipherImpl2;
        if (tlsCryptoParameters.isServer()) {
            bArr = copyOfRange2;
            bArr2 = copyOfRange;
            this.encryptIV = copyOfRange4;
            this.decryptIV = copyOfRange3;
        } else {
            bArr = copyOfRange;
            bArr2 = copyOfRange2;
            this.encryptIV = copyOfRange3;
            this.decryptIV = copyOfRange4;
        }
        this.encryptCipher.setKey(bArr);
        this.encryptCipher.init(this.encryptIV);
        this.decryptCipher.setKey(bArr2);
        this.decryptCipher.init(this.decryptIV);
    }

    @Override // org.bouncycastle.tls.crypto.TlsCipher
    public int getPlaintextLimit(int i) {
        return i - 16;
    }

    @Override // org.bouncycastle.tls.crypto.TlsCipher
    public byte[] encodePlaintext(long j, short s, byte[] bArr, int i, int i2) throws IOException {
        initRecord(this.encryptCipher, j, this.encryptIV);
        byte[] bArr2 = new byte[64 + i2];
        System.arraycopy(bArr, i, bArr2, 64, i2);
        this.encryptCipher.doFinal(bArr2, 0, bArr2.length, bArr2, 0);
        byte[] bArr3 = new byte[i2 + 16];
        byte[] copyOfRange = Arrays.copyOfRange(bArr2, 0, 32);
        System.arraycopy(bArr2, 64, bArr3, 0, i2);
        Arrays.fill(bArr2, (byte) 0);
        this.writeMac.setKey(copyOfRange);
        byte[] calculateRecordMAC = calculateRecordMAC(this.writeMac, getAdditionalData(j, s, i2), bArr3, 0, i2);
        System.arraycopy(calculateRecordMAC, 0, bArr3, i2, calculateRecordMAC.length);
        return bArr3;
    }

    @Override // org.bouncycastle.tls.crypto.TlsCipher
    public byte[] decodeCiphertext(long j, short s, byte[] bArr, int i, int i2) throws IOException {
        if (getPlaintextLimit(i2) < 0) {
            throw new TlsFatalAlert((short) 50);
        }
        initRecord(this.decryptCipher, j, this.decryptIV);
        int i3 = i2 - 16;
        byte[] bArr2 = new byte[64 + i3];
        System.arraycopy(bArr, i, bArr2, 64, i3);
        this.decryptCipher.doFinal(bArr2, 0, bArr2.length, bArr2, 0);
        this.readMac.setKey(Arrays.copyOfRange(bArr2, 0, 32));
        byte[] calculateRecordMAC = calculateRecordMAC(this.readMac, getAdditionalData(j, s, i3), bArr, i, i3);
        byte[] copyOfRange = Arrays.copyOfRange(bArr, i + i3, i + i2);
        byte[] bArr3 = new byte[i3];
        System.arraycopy(bArr2, 64, bArr3, 0, i3);
        Arrays.fill(bArr2, (byte) 0);
        if (Arrays.constantTimeAreEqual(calculateRecordMAC, copyOfRange)) {
            return bArr3;
        }
        throw new TlsFatalAlert((short) 20);
    }

    protected void initRecord(TlsStreamCipherImpl tlsStreamCipherImpl, long j, byte[] bArr) throws IOException {
        tlsStreamCipherImpl.init(calculateNonce(j, bArr));
    }

    protected byte[] calculateNonce(long j, byte[] bArr) {
        byte[] bArr2 = new byte[12];
        TlsUtils.writeUint64(j, bArr2, 4);
        for (int i = 0; i < 12; i++) {
            int i2 = i;
            bArr2[i2] = (byte) (bArr2[i2] ^ bArr[i]);
        }
        return bArr2;
    }

    protected byte[] calculateRecordMAC(TlsMAC tlsMAC, byte[] bArr, byte[] bArr2, int i, int i2) {
        updateRecordMACText(tlsMAC, bArr, 0, bArr.length);
        updateRecordMACText(tlsMAC, bArr2, i, i2);
        updateRecordMACLength(tlsMAC, bArr.length);
        updateRecordMACLength(tlsMAC, i2);
        return tlsMAC.calculateMAC();
    }

    protected void updateRecordMACLength(TlsMAC tlsMAC, int i) {
        byte[] longToLittleEndian = Pack.longToLittleEndian(i & BodyPartID.bodyIdMax);
        tlsMAC.update(longToLittleEndian, 0, longToLittleEndian.length);
    }

    protected void updateRecordMACText(TlsMAC tlsMAC, byte[] bArr, int i, int i2) {
        tlsMAC.update(bArr, i, i2);
        int i3 = i2 % 16;
        if (i3 != 0) {
            tlsMAC.update(ZEROES, 0, 16 - i3);
        }
    }

    protected byte[] getAdditionalData(long j, short s, int i) throws IOException {
        byte[] bArr = new byte[13];
        TlsUtils.writeUint64(j, bArr, 0);
        TlsUtils.writeUint8(s, bArr, 8);
        TlsUtils.writeVersion(this.context.getServerVersion(), bArr, 9);
        TlsUtils.writeUint16(i, bArr, 11);
        return bArr;
    }
}
