package defpackage;

import android.content.pm.Signature;
import java.io.ByteArrayInputStream;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.PublicKey;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorResult;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.Set;

/* loaded from: classes2.dex */
public final class ci7 {
    public final String a;
    public final va7 b;
    public final int c;
    public final X509Certificate d;

    public ci7(String str, va7 va7Var, int i, X509Certificate x509Certificate) {
        yg6.g(str, "packageName");
        this.a = str;
        this.b = va7Var;
        this.c = i;
        this.d = x509Certificate;
    }

    public final boolean a(X509Certificate x509Certificate, c83<? super Exception, pe8> c83Var) {
        CertPathValidatorResult certPathValidatorResult;
        Object obj;
        og4 og4Var = og4.DEBUG;
        yg6.g(x509Certificate, "trustedCertificate");
        if (this.b.h()) {
            return true;
        }
        va7 va7Var = this.b;
        String str = this.a;
        Objects.requireNonNull(va7Var);
        yg6.g(str, "packageName");
        String str2 = va7.h.get(str);
        if (str2 == null ? false : va7Var.a(str2)) {
            p74 p74Var = p74.a;
            if (p74Var.b()) {
                p74Var.c(og4Var, null, "isTrusted: true, reason: isSsoEnabledByFingerPrint()", null);
            }
            return true;
        }
        X509Certificate x509Certificate2 = this.d;
        if (x509Certificate2 == null) {
            p74 p74Var2 = p74.a;
            if (p74Var2.b()) {
                p74Var2.c(og4Var, null, "isTrusted: false, reason: ssoCertificate=null", null);
            }
            return false;
        }
        String str3 = this.a;
        String name = x509Certificate2.getSubjectX500Principal().getName("RFC2253");
        p74 p74Var3 = p74.a;
        if (p74Var3.b()) {
            p74Var3.c(og4Var, null, yg6.r("checkCN: ", name), null);
        }
        if (!yg6.a(yg6.r("CN=", str3), name)) {
            if (p74Var3.b()) {
                p74Var3.c(og4Var, null, "isTrusted=false, reason=checkPackageName", null);
            }
            return false;
        }
        try {
            CertPath generateCertPath = CertificateFactory.getInstance("X509").generateCertPath(wr2.w(this.d));
            PKIXParameters pKIXParameters = new PKIXParameters((Set<TrustAnchor>) al.w(new TrustAnchor(x509Certificate, null)));
            pKIXParameters.setRevocationEnabled(false);
            certPathValidatorResult = CertPathValidator.getInstance("PKIX").validate(generateCertPath, pKIXParameters);
        } catch (GeneralSecurityException e) {
            c83Var.invoke(e);
            certPathValidatorResult = null;
        }
        if (certPathValidatorResult == null) {
            p74 p74Var4 = p74.a;
            if (p74Var4.b()) {
                p74Var4.c(og4Var, null, "isTrusted=false, reason=verifyCertificate", null);
            }
            return false;
        }
        PublicKey publicKey = this.d.getPublicKey();
        yg6.f(publicKey, "ssoCertificate.publicKey");
        MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
        byte[] digest = messageDigest.digest(publicKey.getEncoded());
        List C = tk.C(this.b.b);
        ArrayList arrayList = new ArrayList(x91.G(C, 10));
        Iterator it = ((ArrayList) C).iterator();
        while (it.hasNext()) {
            byte[] byteArray = ((Signature) it.next()).toByteArray();
            yg6.f(byteArray, "it.toByteArray()");
            Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(byteArray));
            Objects.requireNonNull(generateCertificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
            arrayList.add((X509Certificate) generateCertificate);
        }
        b98 b98Var = (b98) r47.P(ba1.P(arrayList), new bi7(messageDigest));
        Iterator it2 = b98Var.a.iterator();
        while (true) {
            if (!it2.hasNext()) {
                obj = null;
                break;
            }
            obj = b98Var.b.invoke(it2.next());
            if (Arrays.equals((byte[]) obj, digest)) {
                break;
            }
        }
        if (((byte[]) obj) != null) {
            return true;
        }
        p74 p74Var5 = p74.a;
        if (p74Var5.b()) {
            p74Var5.c(og4Var, null, "isTrusted=false, reason=checkPublicKey", null);
        }
        return false;
    }
}
