package com.huawei.wisesecurity.ucs_credential;

import android.annotation.SuppressLint;
import com.huawei.wisesecurity.kfs.constant.KfsConstant;
import com.huawei.wisesecurity.kfs.crypto.cipher.CipherAlg;
import com.huawei.wisesecurity.kfs.crypto.cipher.rsa.RSACipher;
import com.huawei.wisesecurity.kfs.crypto.key.KeyGenerateParam;
import com.huawei.wisesecurity.kfs.crypto.key.KfsKeyPurpose;
import com.huawei.wisesecurity.kfs.crypto.key.RSAKeyStoreKeyManager;
import com.huawei.wisesecurity.kfs.crypto.signer.KfsSigner;
import com.huawei.wisesecurity.kfs.crypto.signer.SignAlg;
import com.huawei.wisesecurity.kfs.crypto.signer.rsa.RSASigner;
import com.huawei.wisesecurity.kfs.exception.KfsException;
import com.huawei.wisesecurity.ucs.common.exception.UcsKeyStoreException;
import com.huawei.wisesecurity.ucs.common.log.LogUcs;
import com.huawei.wisesecurity.ucs.credential.entity.UcsKeyStoreProvider;
import java.security.cert.Certificate;

/* compiled from: TbsSdkJava */
/* loaded from: classes3.dex */
public class p0 implements o0 {

    /* renamed from: a, reason: collision with root package name */
    public static RSAKeyStoreKeyManager f14036a;

    /* renamed from: b, reason: collision with root package name */
    public static final p0 f14037b = new p0();

    /* renamed from: c, reason: collision with root package name */
    public static final Object f14038c = new Object();

    public void a(UcsKeyStoreProvider ucsKeyStoreProvider) {
        f14036a = new RSAKeyStoreKeyManager();
    }

    @SuppressLint({"NewApi"})
    public void a(String str) throws UcsKeyStoreException {
        try {
            if (f14036a.hasAlias(str)) {
                LogUcs.i("KeyStoreManager", "the alias exists", new Object[0]);
                return;
            }
            try {
                f14036a.generate(new KeyGenerateParam.Builder().alias(str).purpose(KfsKeyPurpose.PURPOSE_ALL).keyLen(KfsConstant.KFS_RSA_KEY_LEN_3072).build());
                LogUcs.i("KeyStoreManager", "generateKeyPair OK", new Object[0]);
            } catch (KfsException e10) {
                LogUcs.e("KeyStoreManager", l0.a(e10, f.a("generateKeyPair failed, ")), new Object[0]);
                throw new UcsKeyStoreException(l0.a(e10, f.a("generateKeyPair failed , exception ")));
            }
        } catch (KfsException e11) {
            LogUcs.e("KeyStoreManager", l0.a(e11, f.a("containsAlias failed, ")), new Object[0]);
            throw new UcsKeyStoreException(l0.a(e11, f.a("containsAlias failed , exception ")));
        }
    }

    @Override // com.huawei.wisesecurity.ucs_credential.o0
    public byte[] a(String str, String str2) throws UcsKeyStoreException {
        byte[] sign;
        synchronized (f14038c) {
            try {
                try {
                    sign = ((KfsSigner) new RSASigner.Builder(f14036a.getProvider()).withAlg(SignAlg.RSA_SHA256_PSS).withKeyStoreAlias(str).build()).getSignHandler().from(str2).sign();
                } catch (KfsException e10) {
                    LogUcs.e("KeyStoreManager", "doSign failed, " + e10.getMessage(), new Object[0]);
                    throw new UcsKeyStoreException("doSign failed , exception " + e10.getMessage());
                }
            } catch (Throwable th2) {
                throw th2;
            }
        }
        return sign;
    }

    public byte[] a(String str, byte[] bArr) throws UcsKeyStoreException {
        byte[] bArr2;
        synchronized (f14038c) {
            try {
                try {
                    bArr2 = new RSACipher.Builder(f14036a.getProvider()).withAlg(CipherAlg.RSA_OAEP).withKeyStoreAlias(str).build().getDecryptHandler().from(bArr).to();
                } catch (KfsException e10) {
                    LogUcs.e("KeyStoreManager", "doDecrypt failed, " + e10.getMessage(), new Object[0]);
                    throw new UcsKeyStoreException("doDecrypt failed , exception " + e10.getMessage());
                }
            } catch (Throwable th2) {
                throw th2;
            }
        }
        return bArr2;
    }

    public Certificate[] b(String str) throws UcsKeyStoreException {
        try {
            return f14036a.getCertificateChain(str);
        } catch (KfsException e10) {
            LogUcs.e("KeyStoreManager", l0.a(e10, f.a("getCertificateChain failed, ")), new Object[0]);
            throw new UcsKeyStoreException(l0.a(e10, f.a("getCertificateChain failed , exception ")));
        }
    }
}
