package com.huawei.wisesecurity.ucs_credential;

import android.annotation.SuppressLint;
import com.huawei.wisesecurity.kfs.crypto.cipher.CipherAlg;
import com.huawei.wisesecurity.kfs.crypto.cipher.rsa.RSACipher;
import com.huawei.wisesecurity.kfs.crypto.key.KeyGenerateParam;
import com.huawei.wisesecurity.kfs.crypto.key.KfsKeyPurpose;
import com.huawei.wisesecurity.kfs.crypto.key.RSAKeyStoreKeyManager;
import com.huawei.wisesecurity.kfs.crypto.signer.KfsSigner;
import com.huawei.wisesecurity.kfs.crypto.signer.SignAlg;
import com.huawei.wisesecurity.kfs.crypto.signer.rsa.RSASigner;
import com.huawei.wisesecurity.kfs.exception.KfsException;
import com.huawei.wisesecurity.ucs.common.exception.UcsKeyStoreException;
import com.huawei.wisesecurity.ucs.common.log.LogUcs;
import com.huawei.wisesecurity.ucs.credential.entity.UcsKeyStoreProvider;
import java.security.cert.Certificate;

/* loaded from: classes7.dex */
public class o0 implements n0 {

    /* renamed from: a, reason: collision with root package name */
    public static RSAKeyStoreKeyManager f14609a;
    public static final o0 b = new o0();
    public static final Object c = new Object();

    public void a(UcsKeyStoreProvider ucsKeyStoreProvider) {
        f14609a = new RSAKeyStoreKeyManager();
    }

    @Override // com.huawei.wisesecurity.ucs_credential.n0
    public byte[] a(String str, String str2) throws UcsKeyStoreException {
        byte[] sign;
        synchronized (c) {
            try {
                try {
                    sign = ((KfsSigner) new RSASigner.Builder(f14609a.f()).e(SignAlg.RSA_SHA256_PSS).c(str).a()).getSignHandler().from(str2).sign();
                } catch (KfsException e) {
                    LogUcs.b("KeyStoreManager", "doSign failed, " + e.getMessage(), new Object[0]);
                    throw new UcsKeyStoreException("doSign failed , exception " + e.getMessage());
                }
            } catch (Throwable th) {
                throw th;
            }
        }
        return sign;
    }

    @SuppressLint({"NewApi"})
    public void b(String str) throws UcsKeyStoreException {
        try {
            if (f14609a.g(str)) {
                LogUcs.e("KeyStoreManager", "the alias exists", new Object[0]);
                return;
            }
            try {
                f14609a.b(new KeyGenerateParam.Builder().a(str).d(KfsKeyPurpose.PURPOSE_ALL).c(3072).b());
                LogUcs.e("KeyStoreManager", "generateKeyPair OK", new Object[0]);
            } catch (KfsException e) {
                LogUcs.b("KeyStoreManager", k0.a(e, a.a("generateKeyPair failed, ")), new Object[0]);
                throw new UcsKeyStoreException(k0.a(e, a.a("generateKeyPair failed , exception ")));
            }
        } catch (KfsException e2) {
            LogUcs.b("KeyStoreManager", k0.a(e2, a.a("containsAlias failed, ")), new Object[0]);
            throw new UcsKeyStoreException(k0.a(e2, a.a("containsAlias failed , exception ")));
        }
    }

    public byte[] c(String str, byte[] bArr) throws UcsKeyStoreException {
        byte[] bArr2;
        synchronized (c) {
            try {
                try {
                    bArr2 = new RSACipher.Builder(f14609a.f()).f(CipherAlg.RSA_OAEP).c(str).a().getDecryptHandler().from(bArr).to();
                } catch (KfsException e) {
                    LogUcs.b("KeyStoreManager", "doDecrypt failed, " + e.getMessage(), new Object[0]);
                    throw new UcsKeyStoreException("doDecrypt failed , exception " + e.getMessage());
                }
            } catch (Throwable th) {
                throw th;
            }
        }
        return bArr2;
    }

    public Certificate[] d(String str) throws UcsKeyStoreException {
        try {
            return f14609a.d(str);
        } catch (KfsException e) {
            LogUcs.b("KeyStoreManager", k0.a(e, a.a("getCertificateChain failed, ")), new Object[0]);
            throw new UcsKeyStoreException(k0.a(e, a.a("getCertificateChain failed , exception ")));
        }
    }
}
