package V6;

import Ba0.C1857d;
import S1.C2955c;
import android.util.Log;
import com.huawei.wisesecurity.kfs.crypto.key.KeyStoreProvider;
import com.huawei.wisesecurity.kfs.exception.KfsException;
import com.huawei.wisesecurity.kfs.exception.KfsValidationException;
import d7.C5156a;
import e7.C5341a;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Arrays;

/* loaded from: classes2.dex */
public abstract class d {

    /* renamed from: a, reason: collision with root package name */
    private KeyStore f20727a;

    /* renamed from: b, reason: collision with root package name */
    private final KeyStoreProvider f20728b;

    public d() {
        this(KeyStoreProvider.ANDROID_KEYSTORE);
    }

    public d(KeyStoreProvider keyStoreProvider) {
        this.f20728b = keyStoreProvider;
    }

    public static void h(R6.e eVar) throws KfsException {
        K6.b.c();
        byte[] a10 = K6.b.a(32);
        if (!Arrays.equals(a10, eVar.getDecryptHandler().from(eVar.getEncryptHandler().from(a10).to()).to())) {
            throw new KfsException("validate crypto key get bad result");
        }
    }

    public static void k(W6.d dVar) throws KfsException {
        K6.b.c();
        byte[] a10 = K6.b.a(32);
        if (!dVar.getVerifyHandler().fromData(a10).verify(dVar.getSignHandler().from(a10).sign())) {
            throw new KfsException("validate sign key get bad result");
        }
    }

    public final void a(c cVar) throws KfsException {
        C5341a.a(cVar);
        j(cVar);
        b(cVar);
        try {
            i(cVar);
        } catch (KfsException e11) {
            StringBuilder b2 = C1857d.b("validate key failed, try to remove the key entry for alias:");
            b2.append(cVar.a());
            Log.i("KeyStoreKeyManager", b2.toString());
            String a10 = cVar.a();
            if (f(a10)) {
                try {
                    this.f20727a.deleteEntry(a10);
                    Log.i("KeyStoreKeyManager", "keyEntry: " + a10 + " removed");
                } catch (KeyStoreException e12) {
                    StringBuilder b10 = C1857d.b("delete key entry failed, ");
                    b10.append(e12.getMessage());
                    throw new KfsException(b10.toString());
                }
            }
            throw e11;
        }
    }

    public abstract void b(c cVar) throws KfsException;

    public final Certificate[] c(String str) throws KfsException {
        g();
        try {
            return this.f20727a.getCertificateChain(str);
        } catch (KeyStoreException e11) {
            StringBuilder b2 = C1857d.b("keystore get certificate chain failed, ");
            b2.append(e11.getMessage());
            throw new KfsException(b2.toString());
        }
    }

    public final Key d() throws KfsException {
        g();
        try {
            return this.f20727a.getKey("ucs_aes_alias_rootKey", null);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e11) {
            StringBuilder b2 = C1857d.b("keystore get key failed, ");
            b2.append(e11.getMessage());
            throw new KfsException(b2.toString());
        }
    }

    public final KeyStoreProvider e() {
        return this.f20728b;
    }

    public final boolean f(String str) throws KfsException {
        g();
        try {
            return this.f20727a.containsAlias(str);
        } catch (KeyStoreException e11) {
            StringBuilder b2 = C1857d.b("keystore check alias failed, ");
            b2.append(e11.getMessage());
            throw new KfsException(b2.toString());
        }
    }

    public final void g() throws KfsException {
        if (this.f20727a != null) {
            return;
        }
        KeyStoreProvider keyStoreProvider = KeyStoreProvider.HUAWEI_KEYSTORE;
        KeyStoreProvider keyStoreProvider2 = this.f20728b;
        if (keyStoreProvider2 == keyStoreProvider) {
            C5156a.a();
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(keyStoreProvider2.getName());
            this.f20727a = keyStore;
            keyStore.load(null);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e11) {
            throw new KfsException(C2955c.h(e11, C1857d.b("init keystore failed, ")));
        }
    }

    public abstract void i(c cVar) throws KfsException;

    public abstract void j(c cVar) throws KfsValidationException;
}
