package com.huawei.drawable;

import android.util.Log;
import com.huawei.wisesecurity.kfs.exception.KfsException;
import com.huawei.wisesecurity.kfs.exception.KfsKeyStoreException;
import com.huawei.wisesecurity.kfs.exception.KfsValidationException;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Arrays;

/* loaded from: classes7.dex */
public abstract class kq3 implements kr3 {
    public static final String c = "KeyStoreKeyManager";

    /* renamed from: a, reason: collision with root package name */
    public KeyStore f9819a;
    public final lq3 b;

    public kq3() {
        this(lq3.ANDROID_KEYSTORE);
    }

    public kq3(lq3 lq3Var) {
        this.b = lq3Var;
    }

    @Override // com.huawei.drawable.kr3
    public Key a(String str) throws KfsException {
        j();
        try {
            return this.f9819a.getKey(str, null);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            StringBuilder a2 = ah8.a("keystore get key failed, ");
            a2.append(e.getMessage());
            throw new KfsException(a2.toString());
        }
    }

    @Override // com.huawei.drawable.kr3
    public boolean b(String str) throws KfsException {
        j();
        try {
            return this.f9819a.containsAlias(str);
        } catch (KeyStoreException e) {
            StringBuilder a2 = ah8.a("keystore check alias failed, ");
            a2.append(e.getMessage());
            throw new KfsException(a2.toString());
        }
    }

    @Override // com.huawei.drawable.kr3
    public PublicKey c(String str) throws KfsException {
        j();
        try {
            return this.f9819a.getCertificate(str).getPublicKey();
        } catch (KeyStoreException e) {
            StringBuilder a2 = ah8.a("keystore get public key failed, ");
            a2.append(e.getMessage());
            throw new KfsException(a2.toString());
        }
    }

    @Override // com.huawei.drawable.kr3
    public PrivateKey d(String str) throws KfsException {
        j();
        try {
            return (PrivateKey) this.f9819a.getKey(str, null);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            StringBuilder a2 = ah8.a("keystore get private key failed, ");
            a2.append(e.getMessage());
            throw new KfsException(a2.toString());
        }
    }

    @Override // com.huawei.drawable.kr3
    public Certificate[] e(String str) throws KfsException {
        j();
        try {
            return this.f9819a.getCertificateChain(str);
        } catch (KeyStoreException e) {
            StringBuilder a2 = ah8.a("keystore get certificate chain failed, ");
            a2.append(e.getMessage());
            throw new KfsException(a2.toString());
        }
    }

    @Override // com.huawei.drawable.kr3
    public void f(bq3 bq3Var) throws KfsException {
        ws3.b(bq3Var);
        m(bq3Var);
        h(bq3Var);
        try {
            l(bq3Var);
        } catch (KfsException e) {
            StringBuilder a2 = ah8.a("validate key failed, try to remove the key entry for alias:");
            a2.append(bq3Var.a());
            Log.i(c, a2.toString());
            g(bq3Var.a());
            throw e;
        }
    }

    public final void g(String str) throws KfsException {
        if (b(str)) {
            try {
                this.f9819a.deleteEntry(str);
                Log.i(c, "keyEntry: " + str + " removed");
            } catch (KeyStoreException e) {
                StringBuilder a2 = ah8.a("delete key entry failed, ");
                a2.append(e.getMessage());
                throw new KfsException(a2.toString());
            }
        }
    }

    public abstract void h(bq3 bq3Var) throws KfsException;

    public lq3 i() {
        return this.b;
    }

    public void j() throws KfsException {
        if (this.f9819a != null) {
            return;
        }
        if (i() == lq3.HUAWEI_KEYSTORE) {
            zz2.a();
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(this.b.getName());
            this.f9819a = keyStore;
            keyStore.load(null);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new KfsException(zf8.a(e, ah8.a("init keystore failed, ")));
        }
    }

    public void k(yq3 yq3Var) throws KfsException {
        byte[] a2 = ey5.a(32);
        if (!Arrays.equals(a2, yq3Var.getDecryptHandler().from(yq3Var.getEncryptHandler().from(a2).to()).to())) {
            throw new KfsKeyStoreException("validate crypto key get bad result");
        }
    }

    public abstract void l(bq3 bq3Var) throws KfsException;

    public abstract void m(bq3 bq3Var) throws KfsValidationException;

    public void n(fs3 fs3Var) throws KfsException {
        byte[] a2 = ey5.a(32);
        if (!fs3Var.getVerifyHandler().fromData(a2).verify(fs3Var.getSignHandler().from(a2).sign())) {
            throw new KfsKeyStoreException("validate sign key get bad result");
        }
    }
}
