package com.microsoft.identity.common.internal.broker;

import _COROUTINE._BOUNDARY$$ExternalSyntheticOutline0;
import android.content.Context;
import com.microsoft.identity.common.internal.util.PackageUtils;
import com.microsoft.identity.common.logging.Logger;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.List;
import java.util.Set;
import kotlin.Unit;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.functions.Function2;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.FunctionReferenceImpl;
import kotlin.jvm.internal.Reflection;
import okio.Okio;

/* loaded from: classes.dex */
public class BrokerValidator {
    public static final Companion Companion = new Companion(null);
    private static final String TAG = Reflection.getOrCreateKotlinClass(BrokerValidator.class).getSimpleName();
    private final Set<BrokerData> allowedBrokerApps;
    private final Function1 getSigningCertificateForApp;
    private final Function2 validateSigningCertificate;

    /* renamed from: com.microsoft.identity.common.internal.broker.BrokerValidator$2, reason: invalid class name */
    /* loaded from: classes.dex */
    public /* synthetic */ class AnonymousClass2 extends FunctionReferenceImpl implements Function2 {
        public AnonymousClass2(Object obj) {
            super(2, obj, Companion.class, "validateSigningCertificate", "validateSigningCertificate(Ljava/lang/String;Ljava/util/List;)V", 0);
        }

        @Override // kotlin.jvm.functions.Function2
        public /* bridge */ /* synthetic */ Object invoke(Object obj, Object obj2) {
            invoke((String) obj, (List<? extends X509Certificate>) obj2);
            return Unit.INSTANCE;
        }

        public final void invoke(String str, List<? extends X509Certificate> list) {
            Okio.checkNotNullParameter(str, "p0");
            Okio.checkNotNullParameter(list, "p1");
            ((Companion) this.receiver).validateSigningCertificate(str, list);
        }
    }

    /* loaded from: classes.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        public final void validateSigningCertificate(String str, List<? extends X509Certificate> list) {
            Okio.checkNotNullParameter(str, "expectedSigningCertificateThumbprint");
            Okio.checkNotNullParameter(list, "signingCertificates");
            Set singleton = Collections.singleton(str);
            Okio.checkNotNullExpressionValue(singleton, "singleton(...)");
            PackageUtils.verifySignatureHash(list, singleton.iterator());
            if (list.size() > 1) {
                PackageUtils.verifyCertificateChain(list);
            }
        }
    }

    public BrokerValidator(final Context context) {
        Okio.checkNotNullParameter(context, "context");
        this.allowedBrokerApps = BrokerData.Companion.getKnownBrokerApps();
        this.getSigningCertificateForApp = new Function1() { // from class: com.microsoft.identity.common.internal.broker.BrokerValidator.1
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(1);
            }

            @Override // kotlin.jvm.functions.Function1
            public final List<X509Certificate> invoke(String str) {
                Okio.checkNotNullParameter(str, "packageName");
                List<X509Certificate> readCertDataForApp = PackageUtils.readCertDataForApp(str, context);
                Okio.checkNotNullExpressionValue(readCertDataForApp, "readCertDataForApp(packageName, context)");
                return readCertDataForApp;
            }
        };
        this.validateSigningCertificate = new AnonymousClass2(Companion);
    }

    public boolean isSignedByKnownKeys(BrokerData brokerData) {
        Okio.checkNotNullParameter(brokerData, "brokerData");
        String m = _BOUNDARY$$ExternalSyntheticOutline0.m(new StringBuilder(), TAG, ":isSignedByKnownKeys");
        try {
            this.validateSigningCertificate.invoke(brokerData.getSigningCertificateThumbprint(), (List) this.getSigningCertificateForApp.invoke(brokerData.getPackageName()));
            Logger.verbose(m, brokerData + " is a valid broker app.");
            return true;
        } catch (Throwable th) {
            Logger.verbose(m, brokerData + " verification failed: " + th.getMessage());
            return false;
        }
    }
}
