package com.huawei.wisesecurity.ucs_credential;

import android.annotation.SuppressLint;
import com.huawei.appmarket.qu;
import com.huawei.wisesecurity.kfs.crypto.cipher.CipherAlg;
import com.huawei.wisesecurity.kfs.crypto.cipher.DefaultDecryptHandler;
import com.huawei.wisesecurity.kfs.crypto.cipher.DefaultEncryptHandler;
import com.huawei.wisesecurity.kfs.crypto.cipher.aes.AESCipher;
import com.huawei.wisesecurity.kfs.crypto.key.AESKeyStoreKeyManager;
import com.huawei.wisesecurity.kfs.crypto.key.KeyGenerateParam;
import com.huawei.wisesecurity.kfs.crypto.key.KfsKeyPurpose;
import com.huawei.wisesecurity.kfs.exception.KfsException;
import com.huawei.wisesecurity.ucs.common.exception.UcsKeyStoreException;
import com.huawei.wisesecurity.ucs.common.log.LogUcs;

/* loaded from: classes4.dex */
public class l0 implements n0 {

    /* renamed from: b, reason: collision with root package name */
    public static final n0 f38012b = new l0();

    /* renamed from: c, reason: collision with root package name */
    public static final Object f38013c = new Object();

    /* renamed from: d, reason: collision with root package name */
    public static AESKeyStoreKeyManager f38014d;

    /* renamed from: a, reason: collision with root package name */
    public byte[] f38015a;

    @SuppressLint({"NewApi"})
    public void a(String str) throws UcsKeyStoreException {
        try {
            if (f38014d.f(str)) {
                LogUcs.e("KeyStoreManager", "the alias exists", new Object[0]);
                return;
            }
            try {
                f38014d.a(new KeyGenerateParam(str, 256, KfsKeyPurpose.PURPOSE_CRYPTO));
            } catch (KfsException e2) {
                LogUcs.b("KeyStoreManager", qu.a(e2, a.a("generateKeyPair failed, ")), new Object[0]);
                throw new UcsKeyStoreException(qu.a(e2, a.a("generateKeyPair failed , exception ")));
            }
        } catch (KfsException e3) {
            LogUcs.b("KeyStoreManager", qu.a(e3, a.a("containsAlias failed, ")), new Object[0]);
            throw new UcsKeyStoreException(qu.a(e3, a.a("containsAlias failed , exception ")));
        }
    }

    @Override // com.huawei.wisesecurity.ucs_credential.n0
    public byte[] b(String str, String str2) throws UcsKeyStoreException {
        return new byte[0];
    }

    public byte[] c(String str, byte[] bArr) throws UcsKeyStoreException {
        byte[] bArr2;
        synchronized (f38013c) {
            byte[] bArr3 = this.f38015a;
            if (bArr3 == null || bArr3.length <= 0) {
                throw new UcsKeyStoreException("iv must be set before AES decrypt");
            }
            try {
                AESCipher.Builder builder = new AESCipher.Builder(f38014d.e());
                builder.b(CipherAlg.AES_GCM);
                builder.d(f38014d.d(str));
                builder.c(this.f38015a);
                DefaultDecryptHandler defaultDecryptHandler = (DefaultDecryptHandler) builder.a().getDecryptHandler();
                defaultDecryptHandler.from(bArr);
                bArr2 = defaultDecryptHandler.to();
            } catch (KfsException e2) {
                LogUcs.b("KeyStoreManager", "AES doDecrypt failed, " + e2.getMessage(), new Object[0]);
                throw new UcsKeyStoreException("AES doDecrypt failed , exception " + e2.getMessage());
            }
        }
        return bArr2;
    }

    public byte[] d(String str, byte[] bArr) throws UcsKeyStoreException {
        byte[] bArr2;
        synchronized (f38013c) {
            byte[] bArr3 = this.f38015a;
            if (bArr3 == null || bArr3.length <= 0) {
                throw new UcsKeyStoreException("iv must be set before AES encrypt");
            }
            try {
                AESCipher.Builder builder = new AESCipher.Builder(f38014d.e());
                builder.b(CipherAlg.AES_GCM);
                builder.d(f38014d.d(str));
                builder.c(this.f38015a);
                DefaultEncryptHandler defaultEncryptHandler = (DefaultEncryptHandler) builder.a().getEncryptHandler();
                defaultEncryptHandler.from(bArr);
                bArr2 = defaultEncryptHandler.to();
            } catch (KfsException e2) {
                LogUcs.b("KeyStoreManager", "AES doEncrypt failed, " + e2.getMessage(), new Object[0]);
                throw new UcsKeyStoreException("AES doEncrypt failed , exception " + e2.getMessage());
            }
        }
        return bArr2;
    }
}
