// 
// Decompiled by Procyon v0.6.0
// 

package com.google.crypto.tink.aead;

import com.google.protobuf.MessageLite;
import com.google.protobuf.Parser;
import com.google.crypto.tink.internal.LegacyKeyManagerImpl;
import com.google.crypto.tink.proto.KmsEnvelopeAeadKey;
import com.google.crypto.tink.proto.KeyData;
import com.google.crypto.tink.internal.KeyManagerRegistry;
import com.google.crypto.tink.internal.MutablePrimitiveRegistry;
import com.google.crypto.tink.internal.MutableKeyCreationRegistry;
import com.google.crypto.tink.config.internal.TinkFipsUtil;
import com.google.crypto.tink.KeyTemplate;
import com.google.crypto.tink.Parameters;
import com.google.crypto.tink.aead.internal.LegacyFullAead;
import com.google.crypto.tink.KmsClients;
import com.google.crypto.tink.AccessesPartialKey;
import java.security.GeneralSecurityException;
import javax.annotation.Nullable;
import com.google.crypto.tink.internal.PrimitiveConstructor;
import com.google.crypto.tink.internal.KeyCreator;
import com.google.crypto.tink.Aead;
import com.google.crypto.tink.KeyManager;

public class KmsEnvelopeAeadKeyManager
{
    private static final String TYPE_URL = "type.googleapis.com/google.crypto.tink.KmsEnvelopeAeadKey";
    private static final KeyManager<Aead> legacyKeyManager;
    private static final KeyCreator<LegacyKmsEnvelopeAeadParameters> KEY_CREATOR;
    private static final PrimitiveConstructor<LegacyKmsEnvelopeAeadKey, Aead> LEGACY_KMS_ENVELOPE_AEAD_PRIMITIVE_CONSTRUCTOR;
    
    @AccessesPartialKey
    private static LegacyKmsEnvelopeAeadKey newKey(final LegacyKmsEnvelopeAeadParameters parameters, @Nullable final Integer idRequirement) throws GeneralSecurityException {
        return LegacyKmsEnvelopeAeadKey.create(parameters, idRequirement);
    }
    
    @AccessesPartialKey
    private static Aead create(final LegacyKmsEnvelopeAeadKey key) throws GeneralSecurityException {
        final String kekUri = key.getParameters().getKekUri();
        final Aead rawAead = KmsEnvelopeAead.create(key.getParameters().getDekParametersForNewKeys(), KmsClients.get(kekUri).getAead(kekUri));
        return LegacyFullAead.create(rawAead, key.getOutputPrefix());
    }
    
    static String getKeyType() {
        return "type.googleapis.com/google.crypto.tink.KmsEnvelopeAeadKey";
    }
    
    private static AeadParameters makeRawAesGcm(final AesGcmParameters parameters) throws GeneralSecurityException {
        return AesGcmParameters.builder().setIvSizeBytes(parameters.getIvSizeBytes()).setKeySizeBytes(parameters.getKeySizeBytes()).setTagSizeBytes(parameters.getTagSizeBytes()).setVariant(AesGcmParameters.Variant.NO_PREFIX).build();
    }
    
    private static AeadParameters makeRawChaCha20Poly1305() {
        return ChaCha20Poly1305Parameters.create(ChaCha20Poly1305Parameters.Variant.NO_PREFIX);
    }
    
    private static AeadParameters makeRawXChaCha20Poly1305() {
        return XChaCha20Poly1305Parameters.create(XChaCha20Poly1305Parameters.Variant.NO_PREFIX);
    }
    
    private static AeadParameters makeRawAesCtrHmacAead(final AesCtrHmacAeadParameters parameters) throws GeneralSecurityException {
        return AesCtrHmacAeadParameters.builder().setAesKeySizeBytes(parameters.getAesKeySizeBytes()).setHmacKeySizeBytes(parameters.getHmacKeySizeBytes()).setTagSizeBytes(parameters.getTagSizeBytes()).setIvSizeBytes(parameters.getIvSizeBytes()).setHashType(parameters.getHashType()).setVariant(AesCtrHmacAeadParameters.Variant.NO_PREFIX).build();
    }
    
    private static AeadParameters makeRawAesEax(final AesEaxParameters parameters) throws GeneralSecurityException {
        return AesEaxParameters.builder().setIvSizeBytes(parameters.getIvSizeBytes()).setKeySizeBytes(parameters.getKeySizeBytes()).setTagSizeBytes(parameters.getTagSizeBytes()).setVariant(AesEaxParameters.Variant.NO_PREFIX).build();
    }
    
    private static AeadParameters makeRawAesGcmSiv(final AesGcmSivParameters parameters) throws GeneralSecurityException {
        return AesGcmSivParameters.builder().setKeySizeBytes(parameters.getKeySizeBytes()).setVariant(AesGcmSivParameters.Variant.NO_PREFIX).build();
    }
    
    private static AeadParameters makeRaw(final Parameters parameters) throws GeneralSecurityException {
        if (parameters instanceof AesGcmParameters) {
            return makeRawAesGcm((AesGcmParameters)parameters);
        }
        if (parameters instanceof ChaCha20Poly1305Parameters) {
            return makeRawChaCha20Poly1305();
        }
        if (parameters instanceof XChaCha20Poly1305Parameters) {
            return makeRawXChaCha20Poly1305();
        }
        if (parameters instanceof AesCtrHmacAeadParameters) {
            return makeRawAesCtrHmacAead((AesCtrHmacAeadParameters)parameters);
        }
        if (parameters instanceof AesEaxParameters) {
            return makeRawAesEax((AesEaxParameters)parameters);
        }
        if (parameters instanceof AesGcmSivParameters) {
            return makeRawAesGcmSiv((AesGcmSivParameters)parameters);
        }
        throw new IllegalArgumentException("Illegal parameters" + parameters);
    }
    
    private static LegacyKmsEnvelopeAeadParameters.DekParsingStrategy getRequiredParsingStrategy(final AeadParameters parameters) {
        if (parameters instanceof AesGcmParameters) {
            return LegacyKmsEnvelopeAeadParameters.DekParsingStrategy.ASSUME_AES_GCM;
        }
        if (parameters instanceof ChaCha20Poly1305Parameters) {
            return LegacyKmsEnvelopeAeadParameters.DekParsingStrategy.ASSUME_CHACHA20POLY1305;
        }
        if (parameters instanceof XChaCha20Poly1305Parameters) {
            return LegacyKmsEnvelopeAeadParameters.DekParsingStrategy.ASSUME_XCHACHA20POLY1305;
        }
        if (parameters instanceof AesCtrHmacAeadParameters) {
            return LegacyKmsEnvelopeAeadParameters.DekParsingStrategy.ASSUME_AES_CTR_HMAC;
        }
        if (parameters instanceof AesEaxParameters) {
            return LegacyKmsEnvelopeAeadParameters.DekParsingStrategy.ASSUME_AES_EAX;
        }
        if (parameters instanceof AesGcmSivParameters) {
            return LegacyKmsEnvelopeAeadParameters.DekParsingStrategy.ASSUME_AES_GCM_SIV;
        }
        throw new IllegalArgumentException("Illegal parameters" + parameters);
    }
    
    @AccessesPartialKey
    public static KeyTemplate createKeyTemplate(final String kekUri, final KeyTemplate dekTemplate) {
        try {
            final Parameters parameters = dekTemplate.toParameters();
            final AeadParameters outputPrefixRawParameters = makeRaw(parameters);
            final LegacyKmsEnvelopeAeadParameters legacyKmsEnvelopeAeadParameters = LegacyKmsEnvelopeAeadParameters.builder().setKekUri(kekUri).setDekParsingStrategy(getRequiredParsingStrategy(outputPrefixRawParameters)).setDekParametersForNewKeys(outputPrefixRawParameters).build();
            return KeyTemplate.createFrom(legacyKmsEnvelopeAeadParameters);
        }
        catch (final GeneralSecurityException e) {
            throw new IllegalArgumentException("Cannot create LegacyKmsEnvelopeAeadParameters for template: " + dekTemplate, e);
        }
    }
    
    public static void register(final boolean newKeyAllowed) throws GeneralSecurityException {
        if (!TinkFipsUtil.AlgorithmFipsCompatibility.ALGORITHM_NOT_FIPS.isCompatible()) {
            throw new GeneralSecurityException("Registering KMS Envelope AEAD is not supported in FIPS mode");
        }
        LegacyKmsEnvelopeAeadProtoSerialization.register();
        MutableKeyCreationRegistry.globalInstance().add(KmsEnvelopeAeadKeyManager.KEY_CREATOR, LegacyKmsEnvelopeAeadParameters.class);
        MutablePrimitiveRegistry.globalInstance().registerPrimitiveConstructor(KmsEnvelopeAeadKeyManager.LEGACY_KMS_ENVELOPE_AEAD_PRIMITIVE_CONSTRUCTOR);
        KeyManagerRegistry.globalInstance().registerKeyManager(KmsEnvelopeAeadKeyManager.legacyKeyManager, newKeyAllowed);
    }
    
    private KmsEnvelopeAeadKeyManager() {
    }
    
    static {
        legacyKeyManager = LegacyKeyManagerImpl.create(getKeyType(), Aead.class, KeyData.KeyMaterialType.SYMMETRIC, KmsEnvelopeAeadKey.parser());
        KEY_CREATOR = KmsEnvelopeAeadKeyManager::newKey;
        LEGACY_KMS_ENVELOPE_AEAD_PRIMITIVE_CONSTRUCTOR = PrimitiveConstructor.create(KmsEnvelopeAeadKeyManager::create, LegacyKmsEnvelopeAeadKey.class, Aead.class);
    }
}