// 
// Decompiled by Procyon v0.6.0
// 

package com.google.crypto.tink.aead.internal;

import java.util.Arrays;
import com.google.crypto.tink.internal.Util;
import com.google.crypto.tink.util.Bytes;
import com.google.crypto.tink.proto.OutputPrefixType;
import com.google.crypto.tink.KeyManager;
import com.google.crypto.tink.internal.ProtoKeySerialization;
import java.security.GeneralSecurityException;
import com.google.crypto.tink.internal.OutputPrefixUtil;
import com.google.crypto.tink.internal.KeyManagerRegistry;
import com.google.crypto.tink.InsecureSecretKeyAccess;
import com.google.crypto.tink.internal.LegacyProtoKey;
import com.google.crypto.tink.Aead;

public class LegacyFullAead implements Aead
{
    private final Aead rawAead;
    private final byte[] identifier;
    
    public static Aead create(final LegacyProtoKey key) throws GeneralSecurityException {
        final ProtoKeySerialization protoKeySerialization = key.getSerialization(InsecureSecretKeyAccess.get());
        final KeyManager<Aead> manager = KeyManagerRegistry.globalInstance().getKeyManager(protoKeySerialization.getTypeUrl(), Aead.class);
        final Aead rawPrimitive = manager.getPrimitive(protoKeySerialization.getValue());
        final OutputPrefixType outputPrefixType = protoKeySerialization.getOutputPrefixType();
        byte[] identifier = null;
        switch (outputPrefixType) {
            case RAW: {
                identifier = OutputPrefixUtil.EMPTY_PREFIX.toByteArray();
                break;
            }
            case LEGACY:
            case CRUNCHY: {
                identifier = OutputPrefixUtil.getLegacyOutputPrefix(key.getIdRequirementOrNull()).toByteArray();
                break;
            }
            case TINK: {
                identifier = OutputPrefixUtil.getTinkOutputPrefix(key.getIdRequirementOrNull()).toByteArray();
                break;
            }
            default: {
                throw new GeneralSecurityException("unknown output prefix type " + outputPrefixType);
            }
        }
        return new LegacyFullAead(rawPrimitive, identifier);
    }
    
    public static Aead create(final Aead rawAead, final Bytes outputPrefix) {
        return new LegacyFullAead(rawAead, outputPrefix.toByteArray());
    }
    
    private LegacyFullAead(final Aead rawAead, final byte[] identifier) {
        this.rawAead = rawAead;
        if (identifier.length != 0 && identifier.length != 5) {
            throw new IllegalArgumentException("identifier has an invalid length");
        }
        this.identifier = identifier;
    }
    
    @Override
    public byte[] encrypt(final byte[] plaintext, final byte[] associatedData) throws GeneralSecurityException {
        if (this.identifier.length == 0) {
            return this.rawAead.encrypt(plaintext, associatedData);
        }
        return com.google.crypto.tink.subtle.Bytes.concat(new byte[][] { this.identifier, this.rawAead.encrypt(plaintext, associatedData) });
    }
    
    @Override
    public byte[] decrypt(final byte[] ciphertext, final byte[] associatedData) throws GeneralSecurityException {
        if (this.identifier.length == 0) {
            return this.rawAead.decrypt(ciphertext, associatedData);
        }
        if (!Util.isPrefix(this.identifier, ciphertext)) {
            throw new GeneralSecurityException("wrong prefix");
        }
        return this.rawAead.decrypt(Arrays.copyOfRange(ciphertext, 5, ciphertext.length), associatedData);
    }
}