package ig;

import android.util.Log;
import bh.l;
import com.huawei.wisesecurity.kfs.crypto.key.KeyStoreProvider;
import com.huawei.wisesecurity.kfs.exception.KfsException;
import com.huawei.wisesecurity.kfs.exception.KfsKeyStoreException;
import com.huawei.wisesecurity.kfs.exception.KfsValidationException;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Arrays;

/* loaded from: classes2.dex */
public abstract class d {

    /* renamed from: a, reason: collision with root package name */
    public KeyStore f49501a;

    /* renamed from: b, reason: collision with root package name */
    public final KeyStoreProvider f49502b;

    public d() {
        this(KeyStoreProvider.ANDROID_KEYSTORE);
    }

    public d(KeyStoreProvider keyStoreProvider) {
        this.f49502b = keyStoreProvider;
    }

    public static void g(eg.e eVar) throws KfsException {
        er0.a.b("EncryptUtil", "setBouncycastleFlag: true");
        xf.b.f61669a = true;
        byte[] a12 = xf.b.a(32);
        if (!Arrays.equals(a12, eVar.getDecryptHandler().from(eVar.getEncryptHandler().from(a12).to()).to())) {
            throw new KfsKeyStoreException("validate crypto key get bad result");
        }
    }

    public static void j(jg.d dVar) throws KfsException {
        er0.a.b("EncryptUtil", "setBouncycastleFlag: true");
        xf.b.f61669a = true;
        byte[] a12 = xf.b.a(32);
        if (!dVar.getVerifyHandler().fromData(a12).verify(dVar.getSignHandler().from(a12).sign())) {
            throw new KfsKeyStoreException("validate sign key get bad result");
        }
    }

    public final void a(c cVar) throws KfsException {
        qg.a.a(cVar);
        i(cVar);
        b(cVar);
        try {
            h(cVar);
        } catch (KfsException e12) {
            StringBuilder a12 = l.a("validate key failed, try to remove the key entry for alias:");
            String str = cVar.f49498a;
            a12.append(str);
            Log.i("KeyStoreKeyManager", a12.toString());
            if (e(str)) {
                try {
                    this.f49501a.deleteEntry(str);
                    Log.i("KeyStoreKeyManager", "keyEntry: " + str + " removed");
                } catch (KeyStoreException e13) {
                    StringBuilder a13 = l.a("delete key entry failed, ");
                    a13.append(e13.getMessage());
                    throw new KfsException(a13.toString());
                }
            }
            throw e12;
        }
    }

    public abstract void b(c cVar) throws KfsException;

    public final Certificate[] c(String str) throws KfsException {
        f();
        try {
            return this.f49501a.getCertificateChain(str);
        } catch (KeyStoreException e12) {
            StringBuilder a12 = l.a("keystore get certificate chain failed, ");
            a12.append(e12.getMessage());
            throw new KfsException(a12.toString());
        }
    }

    public final Key d() throws KfsException {
        f();
        try {
            return this.f49501a.getKey("ucs_aes_alias_rootKey", null);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e12) {
            StringBuilder a12 = l.a("keystore get key failed, ");
            a12.append(e12.getMessage());
            throw new KfsException(a12.toString());
        }
    }

    public final boolean e(String str) throws KfsException {
        f();
        try {
            return this.f49501a.containsAlias(str);
        } catch (KeyStoreException e12) {
            StringBuilder a12 = l.a("keystore check alias failed, ");
            a12.append(e12.getMessage());
            throw new KfsException(a12.toString());
        }
    }

    public final void f() throws KfsException {
        if (this.f49501a != null) {
            return;
        }
        if (this.f49502b == KeyStoreProvider.HUAWEI_KEYSTORE && pg.a.f56560a == null) {
            synchronized (pg.a.class) {
                try {
                    if (pg.a.f56560a == null) {
                        pg.a.f56560a = new pg.a();
                    }
                } finally {
                }
            }
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(this.f49502b.getName());
            this.f49501a = keyStore;
            keyStore.load(null);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e12) {
            throw new KfsException(f4.e.a(e12, l.a("init keystore failed, ")));
        }
    }

    public abstract void h(c cVar) throws KfsException;

    public abstract void i(c cVar) throws KfsValidationException;
}
