package com.yandex.strannik.internal.sso;

import com.avstaim.darkside.service.LogLevel;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.PublicKey;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorResult;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Set;
import kotlin.collections.a0;
import kotlin.collections.c1;
import kotlin.collections.k0;
import kotlin.jvm.internal.Intrinsics;
import kotlin.sequences.e0;
import kotlin.sequences.n0;
import org.jetbrains.annotations.NotNull;

/* loaded from: classes5.dex */
public final class e {

    /* renamed from: a, reason: collision with root package name */
    @NotNull
    private final String f121497a;

    /* renamed from: b, reason: collision with root package name */
    @NotNull
    private final com.yandex.strannik.internal.entities.p f121498b;

    /* renamed from: c, reason: collision with root package name */
    @NotNull
    private final com.yandex.strannik.internal.entities.p f121499c;

    /* renamed from: d, reason: collision with root package name */
    private final int f121500d;

    /* renamed from: e, reason: collision with root package name */
    private final X509Certificate f121501e;

    public e(String packageName, com.yandex.strannik.internal.entities.p selfSignatureInfo, com.yandex.strannik.internal.entities.p signatureInfo, int i12, X509Certificate x509Certificate) {
        Intrinsics.checkNotNullParameter(packageName, "packageName");
        Intrinsics.checkNotNullParameter(selfSignatureInfo, "selfSignatureInfo");
        Intrinsics.checkNotNullParameter(signatureInfo, "signatureInfo");
        this.f121497a = packageName;
        this.f121498b = selfSignatureInfo;
        this.f121499c = signatureInfo;
        this.f121500d = i12;
        this.f121501e = x509Certificate;
    }

    public final int a() {
        return this.f121500d;
    }

    public final String b() {
        return this.f121497a;
    }

    public final com.yandex.strannik.internal.entities.p c() {
        return this.f121499c;
    }

    public final X509Certificate d() {
        return this.f121501e;
    }

    public final boolean e(X509Certificate trustedCertificate, i70.d reportException) {
        CertPathValidatorResult certPathValidatorResult;
        Object obj;
        Intrinsics.checkNotNullParameter(trustedCertificate, "trustedCertificate");
        Intrinsics.checkNotNullParameter(reportException, "reportException");
        if (this.f121499c.j(this.f121498b)) {
            return true;
        }
        if (this.f121499c.i(this.f121497a)) {
            c4.d dVar = c4.d.f24248a;
            dVar.getClass();
            if (c4.d.b()) {
                c4.d.d(dVar, LogLevel.DEBUG, null, "isTrusted: true, reason: isSsoEnabledByFingerPrint()", 8);
            }
            return true;
        }
        X509Certificate x509Certificate = this.f121501e;
        if (x509Certificate == null) {
            c4.d dVar2 = c4.d.f24248a;
            dVar2.getClass();
            if (c4.d.b()) {
                c4.d.d(dVar2, LogLevel.DEBUG, null, "isTrusted: false, reason: ssoCertificate=null", 8);
            }
            return false;
        }
        String str = this.f121497a;
        String name = x509Certificate.getSubjectX500Principal().getName("RFC2253");
        c4.d dVar3 = c4.d.f24248a;
        dVar3.getClass();
        if (c4.d.b()) {
            c4.d.d(dVar3, LogLevel.DEBUG, null, defpackage.f.g("checkCN: ", name), 8);
        }
        if (!Intrinsics.d("CN=" + str, name)) {
            if (c4.d.b()) {
                c4.d.d(dVar3, LogLevel.DEBUG, null, "isTrusted=false, reason=checkPackageName", 8);
            }
            return false;
        }
        try {
            CertPath generateCertPath = CertificateFactory.getInstance("X509").generateCertPath(a0.b(this.f121501e));
            PKIXParameters pKIXParameters = new PKIXParameters((Set<TrustAnchor>) c1.b(new TrustAnchor(trustedCertificate, null)));
            pKIXParameters.setRevocationEnabled(false);
            certPathValidatorResult = CertPathValidator.getInstance("PKIX").validate(generateCertPath, pKIXParameters);
        } catch (GeneralSecurityException e12) {
            reportException.invoke(e12);
            certPathValidatorResult = null;
        }
        if (certPathValidatorResult == null) {
            c4.d dVar4 = c4.d.f24248a;
            dVar4.getClass();
            if (c4.d.b()) {
                c4.d.d(dVar4, LogLevel.DEBUG, null, "isTrusted=false, reason=verifyCertificate", 8);
            }
            return false;
        }
        PublicKey publicKey = this.f121501e.getPublicKey();
        Intrinsics.checkNotNullExpressionValue(publicKey, "ssoCertificate.publicKey");
        final MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
        byte[] digest = messageDigest.digest(publicKey.getEncoded());
        n0 n0Var = new n0(e0.A(k0.J(this.f121499c.f()), new i70.d() { // from class: com.yandex.strannik.internal.sso.SsoApplication$checkPublicKey$validateSignature$1
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(1);
            }

            @Override // i70.d
            public final Object invoke(Object obj2) {
                X509Certificate it = (X509Certificate) obj2;
                Intrinsics.checkNotNullParameter(it, "it");
                return messageDigest.digest(it.getPublicKey().getEncoded());
            }
        }));
        while (true) {
            if (!n0Var.hasNext()) {
                obj = null;
                break;
            }
            obj = n0Var.next();
            if (Arrays.equals((byte[]) obj, digest)) {
                break;
            }
        }
        if (((byte[]) obj) != null) {
            return true;
        }
        c4.d dVar5 = c4.d.f24248a;
        dVar5.getClass();
        if (c4.d.b()) {
            c4.d.d(dVar5, LogLevel.DEBUG, null, "isTrusted=false, reason=checkPublicKey", 8);
        }
        return false;
    }
}
