package com.huawei.wisesecurity.kfs.crypto.key;

import android.util.Log;
import com.huawei.hms.network.networkkit.api.cy0;
import com.huawei.hms.network.networkkit.api.iy0;
import com.huawei.hms.network.networkkit.api.lx0;
import com.huawei.hms.network.networkkit.api.sz0;
import com.huawei.hms.network.networkkit.api.yu1;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Arrays;

/* compiled from: KeyStoreKeyManager.java */
/* loaded from: classes2.dex */
public abstract class d implements e {
    private static final String c = "KeyStoreKeyManager";
    private KeyStore a;
    private final KeyStoreProvider b;

    public d() {
        this(KeyStoreProvider.ANDROID_KEYSTORE);
    }

    public d(KeyStoreProvider keyStoreProvider) {
        this.b = keyStoreProvider;
    }

    private void g(String str) throws cy0 {
        if (f(str)) {
            try {
                this.a.deleteEntry(str);
                Log.i(c, "keyEntry: " + str + " removed");
            } catch (KeyStoreException e) {
                throw new cy0("delete key entry failed, " + e.getMessage());
            }
        }
    }

    @Override // com.huawei.wisesecurity.kfs.crypto.key.e
    public PublicKey a(String str) throws cy0 {
        j();
        try {
            return this.a.getCertificate(str).getPublicKey();
        } catch (KeyStoreException e) {
            throw new cy0("keystore get public key failed, " + e.getMessage());
        }
    }

    @Override // com.huawei.wisesecurity.kfs.crypto.key.e
    public Key b(String str) throws cy0 {
        j();
        try {
            return this.a.getKey(str, null);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw new cy0("keystore get key failed, " + e.getMessage());
        }
    }

    @Override // com.huawei.wisesecurity.kfs.crypto.key.e
    public void c(lx0 lx0Var) throws cy0 {
        com.huawei.wisesecurity.kfs.validation.a.b(lx0Var);
        m(lx0Var);
        h(lx0Var);
        try {
            l(lx0Var);
        } catch (cy0 e) {
            Log.i(c, "validate key failed, try to remove the key entry for alias:" + lx0Var.a());
            g(lx0Var.a());
            throw e;
        }
    }

    @Override // com.huawei.wisesecurity.kfs.crypto.key.e
    public PrivateKey d(String str) throws cy0 {
        j();
        try {
            return (PrivateKey) this.a.getKey(str, null);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw new cy0("keystore get private key failed, " + e.getMessage());
        }
    }

    @Override // com.huawei.wisesecurity.kfs.crypto.key.e
    public Certificate[] e(String str) throws cy0 {
        j();
        try {
            return this.a.getCertificateChain(str);
        } catch (KeyStoreException e) {
            throw new cy0("keystore get certificate chain failed, " + e.getMessage());
        }
    }

    @Override // com.huawei.wisesecurity.kfs.crypto.key.e
    public boolean f(String str) throws cy0 {
        j();
        try {
            return this.a.containsAlias(str);
        } catch (KeyStoreException e) {
            throw new cy0("keystore check alias failed, " + e.getMessage());
        }
    }

    abstract void h(lx0 lx0Var) throws cy0;

    public KeyStoreProvider i() {
        return this.b;
    }

    protected void j() throws cy0 {
        if (this.a != null) {
            return;
        }
        if (i() == KeyStoreProvider.HUAWEI_KEYSTORE) {
            com.huawei.wisesecurity.kfs.util.d.a();
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(this.b.getName());
            this.a = keyStore;
            keyStore.load(null);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new cy0("init keystore failed, " + e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void k(com.huawei.wisesecurity.kfs.crypto.cipher.f fVar) throws cy0 {
        byte[] a = yu1.a(32);
        if (!Arrays.equals(a, fVar.getDecryptHandler().from(fVar.getEncryptHandler().from(a).to()).to())) {
            throw new iy0("validate crypto key get bad result");
        }
    }

    abstract void l(lx0 lx0Var) throws cy0;

    abstract void m(lx0 lx0Var) throws sz0;

    /* JADX INFO: Access modifiers changed from: protected */
    public void n(com.huawei.wisesecurity.kfs.crypto.signer.d dVar) throws cy0 {
        byte[] a = yu1.a(32);
        if (!dVar.getVerifyHandler().fromData(a).verify(dVar.getSignHandler().from(a).sign())) {
            throw new iy0("validate sign key get bad result");
        }
    }
}
