package com.microsoft.identity.common.internal.broker;

import android.content.Context;
import com.microsoft.identity.common.internal.util.PackageUtils;
import com.microsoft.identity.common.logging.Logger;
import f.h;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import kotlin.jvm.internal.i;
import kotlin.jvm.internal.j;
import kotlin.jvm.internal.t;
import ln.k;
import wn.c;
import wn.e;

/* loaded from: classes.dex */
public class BrokerValidator implements IBrokerValidator {
    public static final Companion Companion = new Companion(null);
    private static final String TAG = t.a(BrokerValidator.class).b();
    private final Set<BrokerData> allowedBrokerApps;
    private final c getSigningCertificateForApp;
    private final e validateSigningCertificate;

    /* renamed from: com.microsoft.identity.common.internal.broker.BrokerValidator$1, reason: invalid class name */
    /* loaded from: classes.dex */
    public static final class AnonymousClass1 extends j implements c {
        final /* synthetic */ Context $context;

        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        public AnonymousClass1(Context context) {
            super(1);
            this.$context = context;
        }

        @Override // wn.c
        public final List<X509Certificate> invoke(String str) {
            om.c.l(str, "packageName");
            List<X509Certificate> readCertDataForApp = PackageUtils.readCertDataForApp(str, this.$context);
            om.c.k(readCertDataForApp, "readCertDataForApp(packageName, context)");
            return readCertDataForApp;
        }
    }

    /* renamed from: com.microsoft.identity.common.internal.broker.BrokerValidator$2, reason: invalid class name */
    /* loaded from: classes.dex */
    public /* synthetic */ class AnonymousClass2 extends i implements e {
        public AnonymousClass2(Object obj) {
            super(2, obj, Companion.class, "validateSigningCertificate", "validateSigningCertificate(Ljava/lang/String;Ljava/util/List;)V");
        }

        @Override // wn.e
        public /* bridge */ /* synthetic */ Object invoke(Object obj, Object obj2) {
            invoke((String) obj, (List<? extends X509Certificate>) obj2);
            return k.f12880a;
        }

        public final void invoke(String str, List<? extends X509Certificate> list) {
            om.c.l(str, "p0");
            om.c.l(list, "p1");
            ((Companion) this.receiver).validateSigningCertificate(str, list);
        }
    }

    /* loaded from: classes.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(kotlin.jvm.internal.e eVar) {
            this();
        }

        public final void validateSigningCertificate(String str, List<? extends X509Certificate> list) {
            om.c.l(str, "expectedSigningCertificateSignature");
            om.c.l(list, "signingCertificates");
            Set singleton = Collections.singleton(str);
            om.c.k(singleton, "singleton(...)");
            PackageUtils.verifySignatureHash(list, singleton.iterator());
            if (list.size() > 1) {
                PackageUtils.verifyCertificateChain(list);
            }
        }
    }

    /* JADX WARN: 'this' call moved to the top of the method (can break code semantics) */
    public BrokerValidator(Context context) {
        this(BrokerData.Companion.getKnownBrokerApps(), new AnonymousClass1(context), new AnonymousClass2(Companion));
        om.c.l(context, "context");
    }

    public BrokerValidator(Set<BrokerData> set, c cVar, e eVar) {
        om.c.l(set, "allowedBrokerApps");
        om.c.l(cVar, "getSigningCertificateForApp");
        om.c.l(eVar, "validateSigningCertificate");
        this.allowedBrokerApps = set;
        this.getSigningCertificateForApp = cVar;
        this.validateSigningCertificate = eVar;
    }

    @Override // com.microsoft.identity.common.internal.broker.IBrokerValidator
    public boolean isSignedByKnownKeys(BrokerData brokerData) {
        om.c.l(brokerData, "brokerData");
        String s3 = h.s(new StringBuilder(), TAG, ":isSignedByKnownKeys");
        try {
            this.validateSigningCertificate.invoke(brokerData.getSigningCertificateThumbprint(), (List) this.getSigningCertificateForApp.invoke(brokerData.getPackageName()));
            Logger.info(s3, brokerData.getPackageName() + " is installed, and is a valid broker.");
            return true;
        } catch (Throwable th2) {
            Logger.error(s3, th2.getMessage(), th2);
            return false;
        }
    }

    @Override // com.microsoft.identity.common.internal.broker.IBrokerValidator
    public boolean isValidBrokerPackage(String str) {
        Object obj;
        om.c.l(str, "packageName");
        String s3 = h.s(new StringBuilder(), TAG, ":isValidBrokerPackage");
        Iterator<T> it = this.allowedBrokerApps.iterator();
        while (true) {
            if (!it.hasNext()) {
                obj = null;
                break;
            }
            obj = it.next();
            if (om.c.b(((BrokerData) obj).getPackageName(), str)) {
                break;
            }
        }
        BrokerData brokerData = (BrokerData) obj;
        if (brokerData != null) {
            return isSignedByKnownKeys(brokerData);
        }
        Logger.info(s3, str.concat(" does not match with any known broker apps."));
        return false;
    }

    public boolean verifySignature(String str) {
        om.c.l(str, "packageName");
        return isValidBrokerPackage(str);
    }
}
