package com.yandex.passport.internal.sso;

import At.AbstractC0142m;
import At.q;
import At.s;
import P.C0752n0;
import Z3.p;
import android.content.pm.Signature;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.PublicKey;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorResult;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import kotlin.jvm.functions.Function1;

/* loaded from: classes2.dex */
public final class d {

    /* renamed from: a, reason: collision with root package name */
    public final String f51927a;

    /* renamed from: b, reason: collision with root package name */
    public final com.yandex.passport.internal.entities.j f51928b;

    /* renamed from: c, reason: collision with root package name */
    public final com.yandex.passport.internal.entities.j f51929c;

    /* renamed from: d, reason: collision with root package name */
    public final int f51930d;

    /* renamed from: e, reason: collision with root package name */
    public final X509Certificate f51931e;

    public d(String packageName, com.yandex.passport.internal.entities.j jVar, com.yandex.passport.internal.entities.j jVar2, int i3, X509Certificate x509Certificate) {
        kotlin.jvm.internal.l.f(packageName, "packageName");
        this.f51927a = packageName;
        this.f51928b = jVar;
        this.f51929c = jVar2;
        this.f51930d = i3;
        this.f51931e = x509Certificate;
    }

    /* JADX WARN: Type inference failed for: r3v1, types: [java.util.Map, java.lang.Object] */
    public final boolean a(X509Certificate trustedCertificate, Function1 function1) {
        boolean equals;
        CertPathValidatorResult certPathValidatorResult;
        Object obj;
        kotlin.jvm.internal.l.f(trustedCertificate, "trustedCertificate");
        com.yandex.passport.internal.entities.j jVar = this.f51928b;
        com.yandex.passport.internal.entities.j jVar2 = this.f51929c;
        if (!jVar2.e(jVar)) {
            String packageName = this.f51927a;
            kotlin.jvm.internal.l.f(packageName, "packageName");
            String str = (String) com.yandex.passport.internal.entities.j.f48612h.get(packageName);
            if (str == null) {
                equals = false;
            } else {
                byte[] decode = Base64.decode(str, 0);
                kotlin.jvm.internal.l.c(decode);
                equals = Arrays.equals(jVar2.a(), decode);
            }
            if (!equals) {
                X509Certificate x509Certificate = this.f51931e;
                if (x509Certificate != null) {
                    String name = x509Certificate.getSubjectX500Principal().getName("RFC2253");
                    if (com.yandex.passport.common.logger.a.f46181a.isEnabled()) {
                        com.yandex.passport.common.logger.a.c(com.yandex.passport.common.logger.b.f46183c, null, "checkCN: " + name, 8);
                    }
                    if (kotlin.jvm.internal.l.b("CN=".concat(packageName), name)) {
                        try {
                            CertPath generateCertPath = CertificateFactory.getInstance("X509").generateCertPath(W9.a.I(x509Certificate));
                            PKIXParameters pKIXParameters = new PKIXParameters((Set<TrustAnchor>) p.V(new TrustAnchor(trustedCertificate, null)));
                            pKIXParameters.setRevocationEnabled(false);
                            certPathValidatorResult = CertPathValidator.getInstance("PKIX").validate(generateCertPath, pKIXParameters);
                        } catch (GeneralSecurityException e10) {
                            function1.invoke(e10);
                            certPathValidatorResult = null;
                        }
                        if (certPathValidatorResult != null) {
                            PublicKey publicKey = x509Certificate.getPublicKey();
                            kotlin.jvm.internal.l.e(publicKey, "getPublicKey(...)");
                            MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
                            byte[] digest = messageDigest.digest(publicKey.getEncoded());
                            List V10 = AbstractC0142m.V(jVar2.f48614b);
                            ArrayList arrayList = new ArrayList(s.j0(V10, 10));
                            Iterator it = V10.iterator();
                            while (it.hasNext()) {
                                byte[] byteArray = ((Signature) it.next()).toByteArray();
                                kotlin.jvm.internal.l.e(byteArray, "toByteArray(...)");
                                Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(byteArray));
                                kotlin.jvm.internal.l.d(generateCertificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
                                arrayList.add((X509Certificate) generateCertificate);
                            }
                            Vt.n R4 = Vt.j.R(q.x0(arrayList), new C0752n0(23, messageDigest));
                            Iterator it2 = R4.f20679a.iterator();
                            while (true) {
                                if (!it2.hasNext()) {
                                    obj = null;
                                    break;
                                }
                                obj = R4.f20680b.invoke(it2.next());
                                if (Arrays.equals((byte[]) obj, digest)) {
                                    break;
                                }
                            }
                            if (!(((byte[]) obj) != null)) {
                                if (com.yandex.passport.common.logger.a.f46181a.isEnabled()) {
                                    com.yandex.passport.common.logger.a.c(com.yandex.passport.common.logger.b.f46183c, null, "isTrusted=false, reason=checkPublicKey", 8);
                                }
                            }
                        } else if (com.yandex.passport.common.logger.a.f46181a.isEnabled()) {
                            com.yandex.passport.common.logger.a.c(com.yandex.passport.common.logger.b.f46183c, null, "isTrusted=false, reason=verifyCertificate", 8);
                        }
                    } else if (com.yandex.passport.common.logger.a.f46181a.isEnabled()) {
                        com.yandex.passport.common.logger.a.c(com.yandex.passport.common.logger.b.f46183c, null, "isTrusted=false, reason=checkPackageName", 8);
                        return false;
                    }
                } else if (com.yandex.passport.common.logger.a.f46181a.isEnabled()) {
                    com.yandex.passport.common.logger.a.c(com.yandex.passport.common.logger.b.f46183c, null, "isTrusted: false, reason: ssoCertificate=null", 8);
                    return false;
                }
                return false;
            }
            if (com.yandex.passport.common.logger.a.f46181a.isEnabled()) {
                com.yandex.passport.common.logger.a.c(com.yandex.passport.common.logger.b.f46183c, null, "isTrusted: true, reason: isSsoEnabledByFingerPrint()", 8);
                return true;
            }
        }
        return true;
    }
}
