package com.yandex.strannik.internal.sso;

import com.avstaim.darkside.service.LogLevel;
import ip0.v;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.PublicKey;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorResult;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Set;
import kotlin.collections.CollectionsKt___CollectionsKt;
import kotlin.collections.o;
import kotlin.collections.o0;
import kotlin.jvm.internal.Intrinsics;
import kotlin.sequences.SequencesKt___SequencesKt;
import no0.r;
import org.jetbrains.annotations.NotNull;

/* loaded from: classes4.dex */
public final class b {

    /* renamed from: a, reason: collision with root package name */
    @NotNull
    private final String f70933a;

    /* renamed from: b, reason: collision with root package name */
    @NotNull
    private final com.yandex.strannik.internal.entities.f f70934b;

    /* renamed from: c, reason: collision with root package name */
    private final int f70935c;

    /* renamed from: d, reason: collision with root package name */
    private final X509Certificate f70936d;

    public b(@NotNull String packageName, @NotNull com.yandex.strannik.internal.entities.f signatureInfo, int i14, X509Certificate x509Certificate) {
        Intrinsics.checkNotNullParameter(packageName, "packageName");
        Intrinsics.checkNotNullParameter(signatureInfo, "signatureInfo");
        this.f70933a = packageName;
        this.f70934b = signatureInfo;
        this.f70935c = i14;
        this.f70936d = x509Certificate;
    }

    public final int a() {
        return this.f70935c;
    }

    @NotNull
    public final String b() {
        return this.f70933a;
    }

    @NotNull
    public final com.yandex.strannik.internal.entities.f c() {
        return this.f70934b;
    }

    public final X509Certificate d() {
        return this.f70936d;
    }

    public final boolean e(@NotNull X509Certificate trustedCertificate, @NotNull zo0.l<? super Exception, r> reportException) {
        CertPathValidatorResult certPathValidatorResult;
        Object obj;
        Intrinsics.checkNotNullParameter(trustedCertificate, "trustedCertificate");
        Intrinsics.checkNotNullParameter(reportException, "reportException");
        if (this.f70934b.j()) {
            return true;
        }
        if (this.f70934b.k(this.f70933a)) {
            i9.c cVar = i9.c.f92750a;
            if (cVar.b()) {
                cVar.c(LogLevel.DEBUG, null, "isTrusted: true, reason: isSsoEnabledByFingerPrint()", null);
            }
            return true;
        }
        X509Certificate x509Certificate = this.f70936d;
        if (x509Certificate == null) {
            i9.c cVar2 = i9.c.f92750a;
            if (cVar2.b()) {
                cVar2.c(LogLevel.DEBUG, null, "isTrusted: false, reason: ssoCertificate=null", null);
            }
            return false;
        }
        String str = this.f70933a;
        String name = x509Certificate.getSubjectX500Principal().getName("RFC2253");
        i9.c cVar3 = i9.c.f92750a;
        if (cVar3.b()) {
            cVar3.c(LogLevel.DEBUG, null, n4.a.p("checkCN: ", name), null);
        }
        if (!Intrinsics.d("CN=" + str, name)) {
            if (cVar3.b()) {
                cVar3.c(LogLevel.DEBUG, null, "isTrusted=false, reason=checkPackageName", null);
            }
            return false;
        }
        try {
            CertPath generateCertPath = CertificateFactory.getInstance("X509").generateCertPath(o.b(this.f70936d));
            PKIXParameters pKIXParameters = new PKIXParameters((Set<TrustAnchor>) o0.b(new TrustAnchor(trustedCertificate, null)));
            pKIXParameters.setRevocationEnabled(false);
            certPathValidatorResult = CertPathValidator.getInstance("PKIX").validate(generateCertPath, pKIXParameters);
        } catch (GeneralSecurityException e14) {
            reportException.invoke(e14);
            certPathValidatorResult = null;
        }
        if (certPathValidatorResult == null) {
            i9.c cVar4 = i9.c.f92750a;
            if (cVar4.b()) {
                cVar4.c(LogLevel.DEBUG, null, "isTrusted=false, reason=verifyCertificate", null);
            }
            return false;
        }
        PublicKey publicKey = this.f70936d.getPublicKey();
        Intrinsics.checkNotNullExpressionValue(publicKey, "ssoCertificate.publicKey");
        final MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
        byte[] digest = messageDigest.digest(publicKey.getEncoded());
        v.a aVar = new v.a((v) SequencesKt___SequencesKt.A(CollectionsKt___CollectionsKt.H(this.f70934b.h()), new zo0.l<X509Certificate, byte[]>() { // from class: com.yandex.strannik.internal.sso.SsoApplication$checkPublicKey$validateSignature$1
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(1);
            }

            @Override // zo0.l
            public byte[] invoke(X509Certificate x509Certificate2) {
                X509Certificate it3 = x509Certificate2;
                Intrinsics.checkNotNullParameter(it3, "it");
                return messageDigest.digest(it3.getPublicKey().getEncoded());
            }
        }));
        while (true) {
            if (!aVar.hasNext()) {
                obj = null;
                break;
            }
            obj = aVar.next();
            if (Arrays.equals((byte[]) obj, digest)) {
                break;
            }
        }
        if (((byte[]) obj) != null) {
            return true;
        }
        i9.c cVar5 = i9.c.f92750a;
        if (cVar5.b()) {
            cVar5.c(LogLevel.DEBUG, null, "isTrusted=false, reason=checkPublicKey", null);
        }
        return false;
    }
}
