package org.bouncycastle.jce.provider.test;

import java.io.IOException;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.Security;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidParameterSpecException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import junit.framework.TestCase;
import org.bouncycastle.internal.asn1.cms.GCMParameters;
import org.bouncycastle.jcajce.spec.AEADParameterSpec;
import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.encoders.Hex;
import org.bouncycastle.util.test.SimpleTest;

/* loaded from: input_file:org/bouncycastle/jce/provider/test/AEADTest.class */
public class AEADTest extends SimpleTest {
    private byte[] K2 = Hex.decode("91945D3F4DCBEE0BF45EF52255F095A4");
    private byte[] N2 = Hex.decode("BECAF043B0A23D843194BA972C66DEBD");
    private byte[] A2 = Hex.decode("FA3BFD4806EB53FA");
    private byte[] P2 = Hex.decode("F7FB");
    private byte[] C2 = Hex.decode("19DD5C4C9331049D0BDAB0277408F67967E5");
    private byte[] C2_short = Hex.decode("19DD5C4C9331049D0BDA");
    private byte[] KGCM = Hex.decode("00000000000000000000000000000000");
    private byte[] NGCM = Hex.decode("000000000000000000000000");
    private byte[] CGCM = Hex.decode("58e2fccefa7e3061367f1d57a4e7455a");

    @Override // org.bouncycastle.util.test.SimpleTest, org.bouncycastle.util.test.Test
    public String getName() {
        return "AEAD";
    }

    @Override // org.bouncycastle.util.test.SimpleTest
    public void performTest() throws Exception {
        boolean z = false;
        try {
            getClass().getClassLoader().loadClass("javax.crypto.spec.GCMParameterSpec");
            z = true;
        } catch (ClassNotFoundException e) {
        }
        testAEADParameterSpec(this.K2, this.N2, this.A2, this.P2, this.C2);
        if (z) {
            checkCipherWithAD(this.K2, this.N2, this.A2, this.P2, this.C2_short);
            testGCMParameterSpec(this.K2, this.N2, this.A2, this.P2, this.C2);
            testGCMParameterSpecWithRepeatKey(this.K2, this.N2, this.A2, this.P2, this.C2);
            testGCMGeneric(this.KGCM, this.NGCM, new byte[0], new byte[0], this.CGCM);
            testGCMParameterSpecWithMultipleUpdates(this.K2, this.N2, this.A2, this.P2, this.C2);
            testRepeatedGCMWithSpec(this.KGCM, this.NGCM, this.A2, this.P2, Hex.decode("f4732d84342623f65b7d63c3c335dd44b87d"));
        } else {
            System.err.println("GCM AEADTests disabled due to JDK");
        }
        testTampering(z);
    }

    private void testTampering(boolean z) throws InvalidKeyException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException {
        Cipher cipher = Cipher.getInstance("AES/EAX/NoPadding", "BC");
        SecretKeySpec secretKeySpec = new SecretKeySpec(new byte[cipher.getBlockSize()], cipher.getAlgorithm());
        IvParameterSpec ivParameterSpec = new IvParameterSpec(new byte[cipher.getBlockSize()]);
        cipher.init(1, secretKeySpec, ivParameterSpec);
        byte[] doFinal = cipher.doFinal(new byte[100]);
        doFinal[doFinal.length - 1] = (byte) (doFinal[doFinal.length - 1] + 1);
        try {
            cipher.init(2, secretKeySpec, ivParameterSpec);
            cipher.doFinal(doFinal);
            fail("Tampered ciphertext should be invalid");
        } catch (BadPaddingException e) {
            if (!z || e.getClass().getName().equals("javax.crypto.AEADBadTagException")) {
                return;
            }
            fail("Tampered AEAD ciphertext should fail with AEADBadTagException when available.");
        }
    }

    private void checkCipherWithAD(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, NoSuchProviderException {
        Cipher cipher = Cipher.getInstance("AES/EAX/NoPadding", "BC");
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr2);
        cipher.init(1, secretKeySpec, ivParameterSpec);
        cipher.updateAAD(bArr3);
        if (!areEqual(bArr5, cipher.doFinal(bArr4))) {
            fail("JCE encrypt with additional data failed.");
        }
        cipher.init(2, secretKeySpec, ivParameterSpec);
        cipher.updateAAD(bArr3);
        if (areEqual(bArr4, cipher.doFinal(bArr5))) {
            return;
        }
        fail("JCE decrypt with additional data failed.");
    }

    private void testAEADParameterSpec(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5) throws Exception {
        Cipher cipher = Cipher.getInstance("AES/EAX/NoPadding", "BC");
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        AlgorithmParameterSpec aEADParameterSpec = new AEADParameterSpec(bArr2, 128, bArr3);
        cipher.init(1, secretKeySpec, aEADParameterSpec);
        if (!Arrays.areEqual(bArr5, cipher.doFinal(bArr4))) {
            TestCase.fail("JCE encrypt with additional data and AEADParameterSpec failed.");
        }
        if (!Arrays.areEqual(bArr5, cipher.doFinal(bArr4))) {
            TestCase.fail("JCE encrypt with additional data and AEADParameterSpec failed after do final");
        }
        cipher.init(2, secretKeySpec, aEADParameterSpec);
        if (!Arrays.areEqual(bArr4, cipher.doFinal(bArr5))) {
            TestCase.fail("JCE decrypt with additional data and AEADParameterSpec failed.");
        }
        AlgorithmParameters parameters = cipher.getParameters();
        GCMParameters gCMParameters = GCMParameters.getInstance(parameters.getEncoded());
        if (!Arrays.areEqual(aEADParameterSpec.getIV(), gCMParameters.getNonce()) || aEADParameterSpec.getMacSizeInBits() != gCMParameters.getIcvLen() * 8) {
            TestCase.fail("parameters mismatch");
        }
        AEADParameterSpec parameterSpec = parameters.getParameterSpec(AEADParameterSpec.class);
        if (!Arrays.areEqual(aEADParameterSpec.getIV(), parameterSpec.getNonce()) || aEADParameterSpec.getMacSizeInBits() != parameterSpec.getMacSizeInBits() || parameterSpec.getAssociatedData() != null) {
            TestCase.fail("parameters mismatch");
        }
        AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance("GCM", "BC");
        algorithmParameters.init(aEADParameterSpec);
        AEADParameterSpec parameterSpec2 = algorithmParameters.getParameterSpec(AEADParameterSpec.class);
        if (Arrays.areEqual(aEADParameterSpec.getIV(), parameterSpec2.getNonce()) && aEADParameterSpec.getMacSizeInBits() == parameterSpec2.getMacSizeInBits() && parameterSpec2.getAssociatedData() == null) {
            return;
        }
        TestCase.fail("parameters mismatch");
    }

    private void testGCMParameterSpec(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, NoSuchProviderException, IOException {
        Cipher cipher = Cipher.getInstance("AES/EAX/NoPadding", "BC");
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, bArr2);
        cipher.init(1, secretKeySpec, gCMParameterSpec);
        cipher.updateAAD(bArr3);
        if (!areEqual(bArr5, cipher.doFinal(bArr4))) {
            fail("JCE encrypt with additional data and GCMParameterSpec failed.");
        }
        cipher.init(2, secretKeySpec, gCMParameterSpec);
        cipher.updateAAD(bArr3);
        if (!areEqual(bArr4, cipher.doFinal(bArr5))) {
            fail("JCE decrypt with additional data and GCMParameterSpec failed.");
        }
        GCMParameters gCMParameters = GCMParameters.getInstance(cipher.getParameters().getEncoded());
        if (Arrays.areEqual(gCMParameterSpec.getIV(), gCMParameters.getNonce()) && gCMParameterSpec.getTLen() == gCMParameters.getIcvLen() * 8) {
            return;
        }
        fail("parameters mismatch");
    }

    private void testGCMParameterSpecWithMultipleUpdates(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5) throws Exception {
        Cipher cipher = Cipher.getInstance("AES/EAX/NoPadding", "BC");
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        SecureRandom secureRandom = new SecureRandom();
        GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, bArr2);
        for (int i = 900; i != 1024; i++) {
            byte[] bArr6 = new byte[i];
            secureRandom.nextBytes(bArr6);
            cipher.init(1, secretKeySpec, gCMParameterSpec);
            byte[] bArr7 = new byte[cipher.getOutputSize(i)];
            int i2 = 0;
            int i3 = 0;
            while (i3 < i / 21) {
                i2 += cipher.update(bArr6, i3 * 21, 21, bArr7, i2);
                i3++;
            }
            int doFinal = i2 + cipher.doFinal(bArr6, i3 * 21, i - (i3 * 21), bArr7, i2);
            byte[] bArr8 = new byte[i];
            cipher.init(2, secretKeySpec, gCMParameterSpec);
            int i4 = 0;
            int i5 = 0;
            while (i5 < doFinal / 10) {
                i4 += cipher.update(bArr7, i5 * 10, 10, bArr8, i4);
                i5++;
            }
            int doFinal2 = i4 + cipher.doFinal(bArr7, i5 * 10, doFinal - (i5 * 10), bArr8, i4);
            if (!Arrays.areEqual(bArr6, bArr8) || doFinal2 != bArr6.length) {
                fail("message mismatch");
            }
        }
    }

    private void testGCMParameterSpecWithRepeatKey(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, NoSuchProviderException, IOException {
        Cipher cipher = Cipher.getInstance("AES/EAX/NoPadding", "BC");
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, bArr2);
        cipher.init(1, secretKeySpec, gCMParameterSpec);
        cipher.updateAAD(bArr3);
        if (!areEqual(bArr5, cipher.doFinal(bArr4))) {
            fail("JCE encrypt with additional data and RepeatedSecretKeySpec failed.");
        }
        cipher.init(2, new RepeatedSecretKeySpec("AES"), gCMParameterSpec);
        cipher.updateAAD(bArr3);
        if (!areEqual(bArr4, cipher.doFinal(bArr5))) {
            fail("JCE decrypt with additional data and RepeatedSecretKeySpec failed.");
        }
        GCMParameters gCMParameters = GCMParameters.getInstance(cipher.getParameters().getEncoded());
        if (Arrays.areEqual(gCMParameterSpec.getIV(), gCMParameters.getNonce()) && gCMParameterSpec.getTLen() == gCMParameters.getIcvLen() * 8) {
            return;
        }
        fail("parameters mismatch");
    }

    private void testGCMGeneric(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, NoSuchProviderException, IOException, InvalidParameterSpecException {
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC");
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, bArr2);
        cipher.init(1, secretKeySpec, gCMParameterSpec);
        cipher.updateAAD(bArr3);
        if (!areEqual(bArr5, cipher.doFinal(bArr4))) {
            fail("JCE encrypt with additional data and GCMParameterSpec failed.");
        }
        Cipher cipher2 = Cipher.getInstance("GCM", "BC");
        cipher2.init(2, secretKeySpec, gCMParameterSpec);
        cipher2.updateAAD(bArr3);
        if (!areEqual(bArr4, cipher2.doFinal(bArr5))) {
            fail("JCE decrypt with additional data and GCMParameterSpec failed.");
        }
        AlgorithmParameters parameters = cipher2.getParameters();
        GCMParameters gCMParameters = GCMParameters.getInstance(parameters.getEncoded());
        if (!Arrays.areEqual(gCMParameterSpec.getIV(), gCMParameters.getNonce()) || gCMParameterSpec.getTLen() != gCMParameters.getIcvLen() * 8) {
            fail("parameters mismatch");
        }
        GCMParameterSpec gCMParameterSpec2 = (GCMParameterSpec) parameters.getParameterSpec(GCMParameterSpec.class);
        if (!Arrays.areEqual(gCMParameterSpec2.getIV(), gCMParameters.getNonce()) || gCMParameterSpec2.getTLen() != gCMParameters.getIcvLen() * 8) {
            fail("spec parameters mismatch");
        }
        if (Arrays.areEqual(cipher2.getIV(), gCMParameters.getNonce())) {
            return;
        }
        fail("iv mismatch");
    }

    private void testRepeatedGCMWithSpec(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, byte[] bArr5) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, NoSuchProviderException, IOException {
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC");
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, bArr2);
        cipher.init(1, secretKeySpec, gCMParameterSpec);
        cipher.updateAAD(bArr3);
        if (!areEqual(bArr5, cipher.doFinal(bArr4))) {
            fail("JCE encrypt with additional data and RepeatedSecretKeySpec failed.");
        }
        Cipher cipher2 = Cipher.getInstance("GCM", "BC");
        cipher2.init(2, secretKeySpec, gCMParameterSpec);
        cipher2.updateAAD(bArr3);
        if (!areEqual(bArr4, cipher2.doFinal(bArr5))) {
            fail("JCE decrypt with additional data and GCMParameterSpec failed.");
        }
        try {
            cipher2.init(1, (Key) new RepeatedSecretKeySpec("AES"), (AlgorithmParameterSpec) gCMParameterSpec);
            fail("no exception");
        } catch (InvalidAlgorithmParameterException e) {
            isTrue("wrong message", "cannot reuse nonce for GCM encryption".equals(e.getMessage()));
        }
        try {
            cipher2.init(1, (Key) new RepeatedSecretKeySpec("AES"), (AlgorithmParameterSpec) new IvParameterSpec(gCMParameterSpec.getIV()));
            fail("no exception");
        } catch (InvalidAlgorithmParameterException e2) {
            isTrue("wrong message", "cannot reuse nonce for GCM encryption".equals(e2.getMessage()));
        }
        try {
            cipher2.init(1, new SecretKeySpec(bArr, "AES"), new IvParameterSpec(gCMParameterSpec.getIV()));
            fail("no exception");
        } catch (InvalidAlgorithmParameterException e3) {
            isTrue("wrong message", "cannot reuse nonce for GCM encryption".equals(e3.getMessage()));
        }
    }

    public static void main(String[] strArr) throws Exception {
        Security.addProvider(new BouncyCastleProvider());
        runTest(new AEADTest());
    }
}
