package com.rsa.cryptoj.c;

import com.rsa.crypto.CryptoException;
import com.rsa.crypto.CryptoModule;
import com.rsa.crypto.KeyBuilder;
import com.rsa.crypto.PrivateKey;
import com.rsa.jsafe.provider.HardwareIterator;
import com.rsa.jsafe.provider.HardwareStore;
import com.rsa.jsafe.provider.HardwareStoreException;
import com.rsa.jsafe.provider.HardwareStoreSpi;
import com.rsa.jsafe.provider.PKCS11CertIteratorParameters;
import com.rsa.jsafe.provider.PKCS11KeyIteratorParameters;
import java.nio.ByteBuffer;
import java.security.Key;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import java.util.List;
import java.util.NoSuchElementException;

/* loaded from: classes.dex */
public class my extends HardwareStoreSpi {
    private final cf a;
    private final List<ca> b;
    private final CryptoModule c;
    private final com.rsa.crypto.ncm.key.l d;

    /* loaded from: classes.dex */
    private class a implements HardwareIterator<Certificate> {
        private com.rsa.crypto.ncm.cert.b b;
        private com.rsa.crypto.ncm.cert.c c = null;

        public a(com.rsa.crypto.ncm.cert.b bVar) {
            this.b = bVar;
        }

        @Override // java.util.Iterator
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public synchronized Certificate next() {
            try {
                if (this.c != null) {
                    this.c.clearSensitiveData();
                    this.c = null;
                }
                if (this.b == null) {
                    throw new NoSuchElementException();
                }
                this.c = this.b.next();
            } catch (CryptoException e) {
                throw new SecurityException("Failed to get next certificate.", e);
            } catch (CertificateException e2) {
                throw new SecurityException("Failed to decode the found certificate.", e2);
            }
            return pg.a(my.this.a, kb.b, ByteBuffer.wrap(this.c.getEncoded()));
        }

        @Override // com.rsa.jsafe.provider.HardwareIterator
        public synchronized byte[] getId() {
            if (this.c == null) {
                throw new IllegalStateException("No certificate available.");
            }
            try {
            } catch (CryptoException e) {
                throw new SecurityException("Failed to retrieve the PKCS #11 certificate ID.", e);
            }
            return this.c.getCertID();
        }

        @Override // com.rsa.jsafe.provider.HardwareIterator
        public synchronized String getLabel() {
            if (this.c == null) {
                throw new IllegalStateException("No certificate available.");
            }
            try {
            } catch (CryptoException e) {
                throw new SecurityException("Failed to retrieve the PKCS #11 certificate label.", e);
            }
            return this.c.getCertLabel();
        }

        @Override // java.util.Iterator
        public synchronized boolean hasNext() {
            if (this.b == null) {
                return false;
            }
            try {
                boolean hasNext = this.b.hasNext();
                if (!hasNext) {
                    this.b.clearSensitiveData();
                    this.b = null;
                }
                return hasNext;
            } catch (CryptoException e) {
                throw new SecurityException("Failed to check for next certificate.", e);
            }
        }

        @Override // java.util.Iterator
        public synchronized void remove() {
            if (this.c == null) {
                throw new IllegalStateException("No certificate to remove.");
            }
            try {
                this.c.deleteCertFromDevice();
                this.c.clearSensitiveData();
                this.c = null;
            } catch (CryptoException e) {
                throw new SecurityException("Failed to remove certificate from the device.", e);
            }
        }

        @Override // com.rsa.jsafe.provider.HardwareIterator
        public synchronized void removeNext() {
            try {
                if (this.c != null) {
                    this.c.clearSensitiveData();
                    this.c = null;
                }
                if (this.b == null) {
                    throw new NoSuchElementException();
                }
                com.rsa.crypto.ncm.cert.c next = this.b.next();
                next.deleteCertFromDevice();
                next.clearSensitiveData();
            } catch (CryptoException e) {
                throw new SecurityException("Failed to remove next certificate.", e);
            }
        }

        @Override // com.rsa.jsafe.provider.HardwareIterator
        public synchronized void stop() {
            if (this.c != null) {
                this.c.clearSensitiveData();
                this.c = null;
            }
            if (this.b != null) {
                this.b.clearSensitiveData();
                this.b = null;
            }
        }
    }

    /* loaded from: classes.dex */
    private class b implements HardwareIterator<Key> {
        private com.rsa.crypto.ncm.key.o b;
        private final String c;
        private com.rsa.crypto.ncm.key.j d = null;

        public b(com.rsa.crypto.ncm.key.o oVar, String str) {
            this.b = oVar;
            this.c = str;
        }

        @Override // java.util.Iterator
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public synchronized Key next() {
            try {
                this.d = null;
                if (this.b == null) {
                    throw new NoSuchElementException();
                }
                this.d = this.b.next();
            } catch (CryptoException e) {
                throw new SecurityException("Failed to get next key.", e);
            }
            return fg.a(this.c, (PrivateKey) this.d, my.this.c);
        }

        @Override // com.rsa.jsafe.provider.HardwareIterator
        public synchronized byte[] getId() {
            if (this.d == null) {
                throw new IllegalStateException("No key available.");
            }
            try {
            } catch (CryptoException e) {
                throw new SecurityException("Failed to retrieve the PKCS #11 key ID.", e);
            }
            return this.d.getKeyID();
        }

        @Override // com.rsa.jsafe.provider.HardwareIterator
        public synchronized String getLabel() {
            if (this.d == null) {
                throw new IllegalStateException("No key available.");
            }
            try {
            } catch (CryptoException e) {
                throw new SecurityException("Failed to retrieve the PKCS #11 key label.", e);
            }
            return this.d.getKeyLabel();
        }

        @Override // java.util.Iterator
        public synchronized boolean hasNext() {
            if (this.b == null) {
                return false;
            }
            try {
                boolean hasNext = this.b.hasNext();
                if (!hasNext) {
                    this.b.clearSensitiveData();
                    this.b = null;
                }
                return hasNext;
            } catch (CryptoException e) {
                throw new SecurityException("Failed to check for next key.", e);
            }
        }

        @Override // java.util.Iterator
        public synchronized void remove() {
            if (this.d == null) {
                throw new IllegalStateException("No key to remove.");
            }
            try {
                this.d.deleteKeyFromDevice();
                this.d = null;
            } catch (CryptoException e) {
                throw new SecurityException("Failed to remove key from the device.", e);
            }
        }

        @Override // com.rsa.jsafe.provider.HardwareIterator
        public synchronized void removeNext() {
            try {
                this.d = null;
                if (this.b == null) {
                    throw new NoSuchElementException();
                }
                com.rsa.crypto.ncm.key.j next = this.b.next();
                next.deleteKeyFromDevice();
                ((PrivateKey) next).clearSensitiveData();
            } catch (CryptoException e) {
                throw new SecurityException("Failed to remove next key.", e);
            }
        }

        @Override // com.rsa.jsafe.provider.HardwareIterator
        public synchronized void stop() {
            this.d = null;
            if (this.b != null) {
                this.b.clearSensitiveData();
                this.b = null;
            }
        }
    }

    public my(cf cfVar, List<ca> list, CryptoModule cryptoModule) {
        this.a = cfVar;
        this.b = list;
        this.c = cryptoModule;
        this.d = (com.rsa.crypto.ncm.key.l) (cryptoModule instanceof cj ? ((cj) cryptoModule).c() : cryptoModule).getKeyBuilder();
    }

    @Override // com.rsa.jsafe.provider.HardwareStoreSpi
    public synchronized HardwareIterator<Certificate> engineCertificateIterator(HardwareStore.CertIteratorParameters certIteratorParameters) throws HardwareStoreException {
        PKCS11CertIteratorParameters pKCS11CertIteratorParameters;
        if (!(certIteratorParameters instanceof PKCS11CertIteratorParameters)) {
            throw new IllegalArgumentException("Unknown parameter type");
        }
        pKCS11CertIteratorParameters = (PKCS11CertIteratorParameters) certIteratorParameters;
        try {
        } catch (CryptoException e) {
            throw new HardwareStoreException("Failed to initialize key iterator.", e);
        }
        return new a(this.d.a(pKCS11CertIteratorParameters.getId(), pKCS11CertIteratorParameters.getLabel()));
    }

    @Override // com.rsa.jsafe.provider.HardwareStoreSpi
    public synchronized HardwareIterator<Key> engineKeyIterator(HardwareStore.KeyIteratorParameters keyIteratorParameters) throws HardwareStoreException {
        PKCS11KeyIteratorParameters pKCS11KeyIteratorParameters;
        if (!(keyIteratorParameters instanceof PKCS11KeyIteratorParameters)) {
            throw new IllegalArgumentException("Unknown parameter type");
        }
        pKCS11KeyIteratorParameters = (PKCS11KeyIteratorParameters) keyIteratorParameters;
        try {
        } catch (CryptoException e) {
            throw new HardwareStoreException("Failed to initialize key iterator.", e);
        }
        return new b(this.d.a(pKCS11KeyIteratorParameters.getAlg(), pKCS11KeyIteratorParameters.getId(), pKCS11KeyIteratorParameters.getLabel()), pKCS11KeyIteratorParameters.getAlg());
    }

    @Override // com.rsa.jsafe.provider.HardwareStoreSpi
    public synchronized void setCertificate(byte[] bArr, String str, Certificate certificate) throws HardwareStoreException {
        try {
            try {
                byte[] encoded = certificate.getEncoded();
                com.rsa.crypto.ncm.cert.c cVar = null;
                try {
                    try {
                        cVar = this.d.a(encoded, 0, encoded.length);
                        if (bArr != null) {
                            cVar.setCertID(bArr);
                        }
                        if (str != null) {
                            cVar.setCertLabel(str);
                        }
                        cVar.store();
                    } finally {
                        if (cVar != null) {
                            cVar.clearSensitiveData();
                        }
                    }
                } catch (CryptoException e) {
                    throw new HardwareStoreException("Failed to store cert to the device.", e);
                }
            } catch (CertificateEncodingException e2) {
                throw new HardwareStoreException("Failed to encode certificate.", e2);
            }
        } catch (Throwable th) {
            throw th;
        }
    }

    @Override // com.rsa.jsafe.provider.HardwareStoreSpi
    public synchronized void setKey(byte[] bArr, String str, Key key) throws HardwareStoreException {
        PrivateKey newECPrivateKey;
        if (!(key instanceof java.security.PrivateKey)) {
            throw new HardwareStoreException("Must be a private key.");
        }
        PrivateKey privateKey = null;
        try {
            try {
                KeyBuilder keyBuilder = this.c.getKeyBuilder();
                if (key instanceof fn) {
                    PrivateKey b2 = ((fn) key).b();
                    PrivateKey privateKey2 = (PrivateKey) Cdo.a(b2, this.c);
                    if (privateKey2 == null) {
                        try {
                            newECPrivateKey = (PrivateKey) b2.clone();
                        } catch (CryptoException e) {
                            e = e;
                            throw new HardwareStoreException("Failed to save key.", e);
                        } catch (Throwable th) {
                            th = th;
                            privateKey = privateKey2;
                            if (privateKey != null) {
                                privateKey.clearSensitiveData();
                            }
                            throw th;
                        }
                    } else {
                        newECPrivateKey = privateKey2;
                    }
                } else if (key instanceof RSAPrivateKey) {
                    if (key instanceof RSAPrivateCrtKey) {
                        RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) key;
                        newECPrivateKey = keyBuilder.newRSAPrivateKey(da.a(rSAPrivateCrtKey.getModulus()), da.a(rSAPrivateCrtKey.getPublicExponent()), da.a(rSAPrivateCrtKey.getPrivateExponent()), da.a(rSAPrivateCrtKey.getPrimeP()), da.a(rSAPrivateCrtKey.getPrimeQ()), da.a(rSAPrivateCrtKey.getPrimeExponentP()), da.a(rSAPrivateCrtKey.getPrimeExponentQ()), da.a(rSAPrivateCrtKey.getCrtCoefficient()), (byte[][]) null);
                    } else {
                        RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) key;
                        newECPrivateKey = keyBuilder.newRSAPrivateKey(da.a(rSAPrivateKey.getModulus()), da.a(rSAPrivateKey.getPrivateExponent()));
                    }
                } else if (key instanceof DSAPrivateKey) {
                    DSAPrivateKey dSAPrivateKey = (DSAPrivateKey) key;
                    newECPrivateKey = keyBuilder.newDSAPrivateKey(da.a(dSAPrivateKey.getX()), keyBuilder.newPQGParams(da.a(dSAPrivateKey.getParams().getP()), da.a(dSAPrivateKey.getParams().getQ()), da.a(dSAPrivateKey.getParams().getG())));
                } else {
                    if (!(key instanceof ECPrivateKey)) {
                        throw new HardwareStoreException("Unknown key type.");
                    }
                    ECPrivateKey eCPrivateKey = (ECPrivateKey) key;
                    newECPrivateKey = keyBuilder.newECPrivateKey(da.a(eCPrivateKey.getS()), kn.a(eCPrivateKey.getParams(), keyBuilder));
                }
                PrivateKey privateKey3 = newECPrivateKey;
                com.rsa.crypto.ncm.key.j jVar = (com.rsa.crypto.ncm.key.j) privateKey3;
                if (bArr != null) {
                    jVar.setKeyID(bArr);
                }
                if (str != null) {
                    jVar.setKeyLabel(str);
                }
                jVar.a();
                if (privateKey3 != null) {
                    privateKey3.clearSensitiveData();
                }
            } catch (Throwable th2) {
                th = th2;
            }
        } catch (CryptoException e2) {
            e = e2;
        }
    }
}
