package com.yandex.passport.internal.sso;

import android.content.pm.Signature;
import android.util.Base64;
import defpackage.C14694iq8;
import defpackage.C18307on7;
import defpackage.C1839Ai7;
import defpackage.C18433p03;
import defpackage.C24753zS2;
import defpackage.C4842Mz0;
import defpackage.C5510Pp;
import defpackage.C6077Rz0;
import defpackage.C6110Sc6;
import defpackage.C7848Zm;
import defpackage.EE7;
import defpackage.EnumC3321Go3;
import defpackage.InterfaceC8442an2;
import java.io.ByteArrayInputStream;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.PublicKey;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorResult;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.Set;

/* loaded from: classes4.dex */
public final class d {

    /* renamed from: do, reason: not valid java name */
    public final String f70631do;

    /* renamed from: for, reason: not valid java name */
    public final com.yandex.passport.internal.entities.g f70632for;

    /* renamed from: if, reason: not valid java name */
    public final com.yandex.passport.internal.entities.g f70633if;

    /* renamed from: new, reason: not valid java name */
    public final int f70634new;

    /* renamed from: try, reason: not valid java name */
    public final X509Certificate f70635try;

    public d(String str, com.yandex.passport.internal.entities.g gVar, com.yandex.passport.internal.entities.g gVar2, int i, X509Certificate x509Certificate) {
        C24753zS2.m34507goto(str, "packageName");
        this.f70631do = str;
        this.f70633if = gVar;
        this.f70632for = gVar2;
        this.f70634new = i;
        this.f70635try = x509Certificate;
    }

    /* renamed from: do, reason: not valid java name */
    public final boolean m22458do(X509Certificate x509Certificate, InterfaceC8442an2<? super Exception, C18307on7> interfaceC8442an2) {
        CertPathValidatorResult certPathValidatorResult;
        Object obj;
        C24753zS2.m34507goto(x509Certificate, "trustedCertificate");
        com.yandex.passport.internal.entities.g gVar = this.f70632for;
        if (gVar.m22030try(this.f70633if)) {
            return true;
        }
        String str = this.f70631do;
        C24753zS2.m34507goto(str, "packageName");
        String str2 = com.yandex.passport.internal.entities.g.f66769goto.get(str);
        if (str2 != null) {
            byte[] decode = Base64.decode(str2, 0);
            C24753zS2.m34504else(decode, "otherHash");
            if (Arrays.equals(gVar.m22026do(), decode)) {
                C18433p03 c18433p03 = C18433p03.f101470do;
                c18433p03.getClass();
                if (C18433p03.f101471if.isEnabled()) {
                    C18433p03.m29258for(c18433p03, EnumC3321Go3.DEBUG, null, "isTrusted: true, reason: isSsoEnabledByFingerPrint()", 8);
                }
                return true;
            }
        }
        X509Certificate x509Certificate2 = this.f70635try;
        if (x509Certificate2 == null) {
            C18433p03 c18433p032 = C18433p03.f101470do;
            c18433p032.getClass();
            if (C18433p03.f101471if.isEnabled()) {
                C18433p03.m29258for(c18433p032, EnumC3321Go3.DEBUG, null, "isTrusted: false, reason: ssoCertificate=null", 8);
            }
            return false;
        }
        String name = x509Certificate2.getSubjectX500Principal().getName("RFC2253");
        C18433p03 c18433p033 = C18433p03.f101470do;
        c18433p033.getClass();
        if (C18433p03.f101471if.isEnabled()) {
            C18433p03.m29258for(c18433p033, EnumC3321Go3.DEBUG, null, C7848Zm.m15654do("checkCN: ", name), 8);
        }
        if (!C24753zS2.m34506for("CN=".concat(str), name)) {
            if (C18433p03.f101471if.isEnabled()) {
                C18433p03.m29258for(c18433p033, EnumC3321Go3.DEBUG, null, "isTrusted=false, reason=checkPackageName", 8);
            }
            return false;
        }
        try {
            CertPath generateCertPath = CertificateFactory.getInstance("X509").generateCertPath(EE7.m3119final(x509Certificate2));
            PKIXParameters pKIXParameters = new PKIXParameters((Set<TrustAnchor>) C14694iq8.m26331extends(new TrustAnchor(x509Certificate, null)));
            pKIXParameters.setRevocationEnabled(false);
            certPathValidatorResult = CertPathValidator.getInstance("PKIX").validate(generateCertPath, pKIXParameters);
        } catch (GeneralSecurityException e) {
            interfaceC8442an2.invoke(e);
            certPathValidatorResult = null;
        }
        if (certPathValidatorResult == null) {
            C18433p03 c18433p034 = C18433p03.f101470do;
            c18433p034.getClass();
            if (C18433p03.f101471if.isEnabled()) {
                C18433p03.m29258for(c18433p034, EnumC3321Go3.DEBUG, null, "isTrusted=false, reason=verifyCertificate", 8);
            }
            return false;
        }
        PublicKey publicKey = x509Certificate2.getPublicKey();
        C24753zS2.m34504else(publicKey, "ssoCertificate.publicKey");
        MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
        byte[] digest = messageDigest.digest(publicKey.getEncoded());
        ArrayList throwables = C5510Pp.throwables(gVar.f66773if);
        ArrayList arrayList = new ArrayList(C4842Mz0.m8900throws(throwables, 10));
        Iterator it = throwables.iterator();
        while (it.hasNext()) {
            byte[] byteArray = ((Signature) it.next()).toByteArray();
            C24753zS2.m34504else(byteArray, "it.toByteArray()");
            Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(byteArray));
            C24753zS2.m34499case(generateCertificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
            arrayList.add((X509Certificate) generateCertificate);
        }
        C1839Ai7 b = C6110Sc6.b(C6077Rz0.throwables(arrayList), new c(messageDigest));
        Iterator it2 = b.f1560do.iterator();
        while (true) {
            if (!it2.hasNext()) {
                obj = null;
                break;
            }
            obj = b.f1561if.invoke(it2.next());
            if (Arrays.equals((byte[]) obj, digest)) {
                break;
            }
        }
        if (((byte[]) obj) != null) {
            return true;
        }
        C18433p03 c18433p035 = C18433p03.f101470do;
        c18433p035.getClass();
        if (C18433p03.f101471if.isEnabled()) {
            C18433p03.m29258for(c18433p035, EnumC3321Go3.DEBUG, null, "isTrusted=false, reason=checkPublicKey", 8);
        }
        return false;
    }
}
