package defpackage;

import android.util.Log;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Arrays;

/* loaded from: classes2.dex */
public abstract class bh2 {
    private KeyStore a;
    private final ch2 b;

    public bh2() {
        this(ch2.ANDROID_KEYSTORE);
    }

    public bh2(ch2 ch2Var) {
        this.b = ch2Var;
    }

    private void a(String str) throws jh2 {
        if (g(str)) {
            try {
                this.a.deleteEntry(str);
                Log.i("KeyStoreKeyManager", "keyEntry: " + str + " removed");
            } catch (KeyStoreException e) {
                StringBuilder a = vu5.a("delete key entry failed, ");
                a.append(e.getMessage());
                throw new jh2(a.toString());
            }
        }
    }

    public void b(zg2 zg2Var) throws jh2 {
        oj2.b(zg2Var);
        k(zg2Var);
        c(zg2Var);
        try {
            j(zg2Var);
        } catch (jh2 e) {
            StringBuilder a = vu5.a("validate key failed, try to remove the key entry for alias:");
            a.append(zg2Var.a());
            Log.i("KeyStoreKeyManager", a.toString());
            a(zg2Var.a());
            throw e;
        }
    }

    public abstract void c(zg2 zg2Var) throws jh2;

    public Certificate[] d(String str) throws jh2 {
        h();
        try {
            return this.a.getCertificateChain(str);
        } catch (KeyStoreException e) {
            StringBuilder a = vu5.a("keystore get certificate chain failed, ");
            a.append(e.getMessage());
            throw new jh2(a.toString());
        }
    }

    public Key e(String str) throws jh2 {
        h();
        try {
            return this.a.getKey(str, null);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            StringBuilder a = vu5.a("keystore get key failed, ");
            a.append(e.getMessage());
            throw new jh2(a.toString());
        }
    }

    public ch2 f() {
        return this.b;
    }

    public boolean g(String str) throws jh2 {
        h();
        try {
            return this.a.containsAlias(str);
        } catch (KeyStoreException e) {
            StringBuilder a = vu5.a("keystore check alias failed, ");
            a.append(e.getMessage());
            throw new jh2(a.toString());
        }
    }

    public void h() throws jh2 {
        if (this.a != null) {
            return;
        }
        if (f() == ch2.HUAWEI_KEYSTORE) {
            ny1.a();
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(this.b.a());
            this.a = keyStore;
            keyStore.load(null);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new jh2(qu5.a(e, vu5.a("init keystore failed, ")));
        }
    }

    public void i(gh2 gh2Var) throws jh2 {
        byte[] a = x54.a(32);
        if (!Arrays.equals(a, gh2Var.getDecryptHandler().from(gh2Var.getEncryptHandler().from(a).to()).to())) {
            throw new sh2("validate crypto key get bad result");
        }
    }

    public abstract void j(zg2 zg2Var) throws jh2;

    public abstract void k(zg2 zg2Var) throws nj2;

    public void l(si2 si2Var) throws jh2 {
        byte[] a = x54.a(32);
        if (!si2Var.getVerifyHandler().fromData(a).verify(si2Var.getSignHandler().from(a).sign())) {
            throw new sh2("validate sign key get bad result");
        }
    }
}
