package com.tencent.soter.a.e;

import com.baidu.android.common.security.RSAUtil;
import com.tencent.soter.a.d.f;
import com.tencent.soter.a.d.g;
import com.tencent.soter.a.d.h;
import com.tencent.soter.a.d.i;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;

/* compiled from: CertSoterCore.java */
/* loaded from: classes5.dex */
public final class a extends c {
    public a(String str) {
        super(str);
    }

    @Override // com.tencent.soter.a.e.c, com.tencent.soter.a.e.b
    public final f a() {
        com.tencent.soter.a.d.d.c("Soter.CertSoterCore", "soter: start generate ask", new Object[0]);
        if (c()) {
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSAUtil.ALGORITHM_RSA, this.f14454b);
                keyPairGenerator.initialize(com.tencent.soter.a.c.a.a(com.tencent.soter.a.d.e.a().f14442a + ".addcounter.auto_signed_when_get_pubkey_attk", 16).a("SHA-256").b("PSS").a());
                long nanoTime = System.nanoTime();
                keyPairGenerator.generateKeyPair();
                com.tencent.soter.a.d.d.c("Soter.CertSoterCore", "soter: generate successfully. cost: %d ms", Long.valueOf(g.a(nanoTime)));
                return new f(0);
            } catch (Exception e) {
                com.tencent.soter.a.d.d.e("Soter.CertSoterCore", "soter: generateAppGlobalSecureKey " + e.toString(), new Object[0]);
                com.tencent.soter.a.d.d.a(e);
                return new f(4, e.toString());
            } catch (OutOfMemoryError e2) {
                com.tencent.soter.a.d.d.a(e2);
                h.a();
            }
        } else {
            com.tencent.soter.a.d.d.e("Soter.CertSoterCore", "soter: not support soter", new Object[0]);
        }
        return new f(2);
    }

    @Override // com.tencent.soter.a.e.c
    public final Signature a(String str) throws InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, IOException, CertificateException, UnrecoverableEntryException {
        com.tencent.soter.a.d.d.b("Monday", "CertSoterCore initAuthKeySignature", new Object[0]);
        if (g.a(str)) {
            com.tencent.soter.a.d.d.e("Soter.CertSoterCore", "soter: auth key name is null or nil. abort.", new Object[0]);
            return null;
        }
        Signature signature = Signature.getInstance("SHA256withRSA/PSS");
        KeyStore keyStore = KeyStore.getInstance(this.f14454b);
        keyStore.load(null);
        Key key = keyStore.getKey(str, null);
        if (key != null) {
            signature.initSign((PrivateKey) key);
            return signature;
        }
        com.tencent.soter.a.d.d.e("Soter.CertSoterCore", "soter: entry not exists", new Object[0]);
        return null;
    }

    @Override // com.tencent.soter.a.e.c, com.tencent.soter.a.e.b
    public final i b() {
        com.tencent.soter.a.d.d.c("Soter.CertSoterCore", "soter: start get app global secure key pub", new Object[0]);
        if (c()) {
            try {
                KeyStore keyStore = KeyStore.getInstance(this.f14454b);
                keyStore.load(null);
                try {
                    Certificate[] certificateChain = keyStore.getCertificateChain(com.tencent.soter.a.d.e.a().f14442a);
                    if (certificateChain != null) {
                        return new i(certificateChain);
                    }
                    com.tencent.soter.a.d.d.e("Soter.CertSoterCore", "soter: key can not be retrieved", new Object[0]);
                    return null;
                } catch (ClassCastException e) {
                    com.tencent.soter.a.d.d.e("Soter.CertSoterCore", "soter: cast error: " + e.toString(), new Object[0]);
                    return null;
                }
            } catch (Exception e2) {
                com.tencent.soter.a.d.d.a(e2);
            } catch (OutOfMemoryError e3) {
                com.tencent.soter.a.d.d.a(e3);
                h.a();
            }
        } else {
            com.tencent.soter.a.d.d.e("Soter.CertSoterCore", "soter: not support soter", new Object[0]);
        }
        return null;
    }
}
