package com.microsoft.identity.common.internal.broker;

import a51.l;
import a51.p;
import android.content.Context;
import com.microsoft.identity.common.internal.util.PackageUtils;
import com.microsoft.identity.common.logging.Logger;
import external.sdk.pendo.io.mozilla.javascript.Token;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import kotlin.Metadata;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.FunctionReferenceImpl;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Reflection;
import l41.h0;
import m41.g1;
import q71.c0;

@Metadata(d1 = {"\u0000J\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010\u000b\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\"\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0010 \n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0006\b\u0016\u0018\u0000 \u001b2\u00020\u0001:\u0001\u001bB\u0011\b\u0016\u0012\u0006\u0010\u0017\u001a\u00020\u0016¢\u0006\u0004\b\u0018\u0010\u0019BQ\b\u0016\u0012\f\u0010\u000b\u001a\b\u0012\u0004\u0012\u00020\u00070\n\u0012\u0018\u0010\u0010\u001a\u0014\u0012\u0004\u0012\u00020\u0002\u0012\n\u0012\b\u0012\u0004\u0012\u00020\u000f0\u000e0\r\u0012\u001e\u0010\u0014\u001a\u001a\u0012\u0004\u0012\u00020\u0002\u0012\n\u0012\b\u0012\u0004\u0012\u00020\u000f0\u000e\u0012\u0004\u0012\u00020\u00130\u0012¢\u0006\u0004\b\u0018\u0010\u001aJ\u0010\u0010\u0005\u001a\u00020\u00042\u0006\u0010\u0003\u001a\u00020\u0002H\u0016J\u0010\u0010\u0006\u001a\u00020\u00042\u0006\u0010\u0003\u001a\u00020\u0002H\u0016J\u0010\u0010\t\u001a\u00020\u00042\u0006\u0010\b\u001a\u00020\u0007H\u0016R\u001a\u0010\u000b\u001a\b\u0012\u0004\u0012\u00020\u00070\n8\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u000b\u0010\fR&\u0010\u0010\u001a\u0014\u0012\u0004\u0012\u00020\u0002\u0012\n\u0012\b\u0012\u0004\u0012\u00020\u000f0\u000e0\r8\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u0010\u0010\u0011R,\u0010\u0014\u001a\u001a\u0012\u0004\u0012\u00020\u0002\u0012\n\u0012\b\u0012\u0004\u0012\u00020\u000f0\u000e\u0012\u0004\u0012\u00020\u00130\u00128\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u0014\u0010\u0015¨\u0006\u001c"}, d2 = {"Lcom/microsoft/identity/common/internal/broker/BrokerValidator;", "Lcom/microsoft/identity/common/internal/broker/IBrokerValidator;", "", "packageName", "", "verifySignature", "isValidBrokerPackage", "Lcom/microsoft/identity/common/internal/broker/BrokerData;", "brokerData", "isSignedByKnownKeys", "", "allowedBrokerApps", "Ljava/util/Set;", "Lkotlin/Function1;", "", "Ljava/security/cert/X509Certificate;", "getSigningCertificateForApp", "La51/l;", "Lkotlin/Function2;", "Ll41/h0;", "validateSigningCertificate", "La51/p;", "Landroid/content/Context;", "context", "<init>", "(Landroid/content/Context;)V", "(Ljava/util/Set;La51/l;La51/p;)V", "Companion", "common_distRelease"}, k = 1, mv = {1, 7, 1})
/* loaded from: classes6.dex */
public class BrokerValidator implements IBrokerValidator {

    /* renamed from: Companion, reason: from kotlin metadata */
    public static final Companion INSTANCE = new Companion(null);
    private static final String TAG = Reflection.getOrCreateKotlinClass(BrokerValidator.class).getSimpleName();
    private final Set<BrokerData> allowedBrokerApps;
    private final l getSigningCertificateForApp;
    private final p validateSigningCertificate;

    @Metadata(k = 3, mv = {1, 7, 1}, xi = Token.REGEXP)
    /* renamed from: com.microsoft.identity.common.internal.broker.BrokerValidator$2, reason: invalid class name */
    /* loaded from: classes6.dex */
    /* synthetic */ class AnonymousClass2 extends FunctionReferenceImpl implements p {
        AnonymousClass2(Object obj) {
            super(2, obj, Companion.class, "validateSigningCertificate", "validateSigningCertificate(Ljava/lang/String;Ljava/util/List;)V", 0);
        }

        @Override // a51.p
        public /* bridge */ /* synthetic */ Object invoke(Object obj, Object obj2) {
            invoke((String) obj, (List<? extends X509Certificate>) obj2);
            return h0.f48068a;
        }

        public final void invoke(String p02, List<? extends X509Certificate> p12) {
            Intrinsics.checkNotNullParameter(p02, "p0");
            Intrinsics.checkNotNullParameter(p12, "p1");
            ((Companion) this.receiver).validateSigningCertificate(p02, p12);
        }
    }

    @Metadata(d1 = {"\u0000 \n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010 \n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0006\b\u0086\u0003\u0018\u00002\u00020\u0001B\t\b\u0002¢\u0006\u0004\b\u000b\u0010\fJ\u001c\u0010\b\u001a\u00020\u00072\u0006\u0010\u0003\u001a\u00020\u00022\f\u0010\u0006\u001a\b\u0012\u0004\u0012\u00020\u00050\u0004R\u0016\u0010\t\u001a\u0004\u0018\u00010\u00028\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\t\u0010\n¨\u0006\r"}, d2 = {"Lcom/microsoft/identity/common/internal/broker/BrokerValidator$Companion;", "", "", "expectedSigningCertificateThumbprint", "", "Ljava/security/cert/X509Certificate;", "signingCertificates", "Ll41/h0;", "validateSigningCertificate", "TAG", "Ljava/lang/String;", "<init>", "()V", "common_distRelease"}, k = 1, mv = {1, 7, 1})
    /* loaded from: classes6.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        public final void validateSigningCertificate(String expectedSigningCertificateThumbprint, List<? extends X509Certificate> signingCertificates) {
            Set c12;
            Intrinsics.checkNotNullParameter(expectedSigningCertificateThumbprint, "expectedSigningCertificateThumbprint");
            Intrinsics.checkNotNullParameter(signingCertificates, "signingCertificates");
            c12 = g1.c(expectedSigningCertificateThumbprint);
            PackageUtils.verifySignatureHash(signingCertificates, c12.iterator());
            if (signingCertificates.size() > 1) {
                PackageUtils.verifyCertificateChain(signingCertificates);
            }
        }
    }

    public BrokerValidator(final Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        this.allowedBrokerApps = BrokerData.INSTANCE.getKnownBrokerApps();
        this.getSigningCertificateForApp = new l() { // from class: com.microsoft.identity.common.internal.broker.BrokerValidator.1
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(1);
            }

            @Override // a51.l
            public final List<X509Certificate> invoke(String packageName) {
                Intrinsics.checkNotNullParameter(packageName, "packageName");
                List<X509Certificate> readCertDataForApp = PackageUtils.readCertDataForApp(packageName, context);
                Intrinsics.checkNotNullExpressionValue(readCertDataForApp, "readCertDataForApp(packageName, context)");
                return readCertDataForApp;
            }
        };
        this.validateSigningCertificate = new AnonymousClass2(INSTANCE);
    }

    public BrokerValidator(Set<BrokerData> allowedBrokerApps, l getSigningCertificateForApp, p validateSigningCertificate) {
        Intrinsics.checkNotNullParameter(allowedBrokerApps, "allowedBrokerApps");
        Intrinsics.checkNotNullParameter(getSigningCertificateForApp, "getSigningCertificateForApp");
        Intrinsics.checkNotNullParameter(validateSigningCertificate, "validateSigningCertificate");
        this.allowedBrokerApps = allowedBrokerApps;
        this.getSigningCertificateForApp = getSigningCertificateForApp;
        this.validateSigningCertificate = validateSigningCertificate;
    }

    @Override // com.microsoft.identity.common.internal.broker.IBrokerValidator
    public boolean isSignedByKnownKeys(BrokerData brokerData) {
        Intrinsics.checkNotNullParameter(brokerData, "brokerData");
        String str = TAG + ":isSignedByKnownKeys";
        try {
            this.validateSigningCertificate.invoke(brokerData.getSigningCertificateThumbprint(), (List) this.getSigningCertificateForApp.invoke(brokerData.getPackageName()));
            Logger.verbose(str, brokerData + " is a valid broker app.");
            return true;
        } catch (Throwable th2) {
            Logger.verbose(str, brokerData + " verification failed: " + th2.getMessage());
            return false;
        }
    }

    @Override // com.microsoft.identity.common.internal.broker.IBrokerValidator
    public boolean isValidBrokerPackage(String packageName) {
        Object obj;
        boolean E;
        Intrinsics.checkNotNullParameter(packageName, "packageName");
        String str = TAG + ":isValidBrokerPackage";
        Set<BrokerData> set = this.allowedBrokerApps;
        ArrayList arrayList = new ArrayList();
        for (Object obj2 : set) {
            E = c0.E(((BrokerData) obj2).getPackageName(), packageName, true);
            if (E) {
                arrayList.add(obj2);
            }
        }
        Iterator it2 = arrayList.iterator();
        while (true) {
            if (!it2.hasNext()) {
                obj = null;
                break;
            }
            obj = it2.next();
            if (isSignedByKnownKeys((BrokerData) obj)) {
                break;
            }
        }
        if (((BrokerData) obj) != null) {
            return true;
        }
        Logger.info(str, packageName + " does not match with any known broker apps.");
        return false;
    }

    public boolean verifySignature(String packageName) {
        Intrinsics.checkNotNullParameter(packageName, "packageName");
        return isValidBrokerPackage(packageName);
    }
}
