package com.microsoft.identity.common.c.a;

import android.annotation.SuppressLint;
import android.content.Context;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.pm.Signature;
import android.util.Base64;
import ch.qos.logback.core.CoreConstants;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertPathValidator;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Set;

/* loaded from: classes2.dex */
public class e {

    /* renamed from: a, reason: collision with root package name */
    private final Context f11552a;

    /* renamed from: b, reason: collision with root package name */
    private final String f11553b = com.microsoft.identity.common.a.a.a.INSTANCE.e();

    public e(Context context) {
        this.f11552a = context;
    }

    public static String a(Context context, String str) {
        return i.a(str, new i(context.getPackageManager()).a(str));
    }

    private X509Certificate a(List<X509Certificate> list) throws com.microsoft.identity.common.b.c {
        int i2 = 0;
        X509Certificate x509Certificate = null;
        for (X509Certificate x509Certificate2 : list) {
            if (x509Certificate2.getSubjectDN().equals(x509Certificate2.getIssuerDN())) {
                i2++;
                x509Certificate = x509Certificate2;
            }
        }
        if (i2 > 1 || x509Certificate == null) {
            throw new com.microsoft.identity.common.b.c("Calling app could not be verified", "Multiple self signed certs found or no self signed cert existed.");
        }
        return x509Certificate;
    }

    private void b(List<X509Certificate> list) throws GeneralSecurityException, com.microsoft.identity.common.b.c {
        PKIXParameters pKIXParameters = new PKIXParameters((Set<TrustAnchor>) Collections.singleton(new TrustAnchor(a(list), null)));
        pKIXParameters.setRevocationEnabled(false);
        CertPathValidator.getInstance("PKIX").validate(CertificateFactory.getInstance("X.509").generateCertPath(list), pKIXParameters);
    }

    private String c(List<X509Certificate> list) throws NoSuchAlgorithmException, CertificateEncodingException, com.microsoft.identity.common.b.c {
        StringBuilder sb = new StringBuilder();
        for (X509Certificate x509Certificate : list) {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA");
            messageDigest.update(x509Certificate.getEncoded());
            String encodeToString = Base64.encodeToString(messageDigest.digest(), 2);
            sb.append(encodeToString);
            sb.append(CoreConstants.COMMA_CHAR);
            if (this.f11553b.equals(encodeToString) || "ho040S3ffZkmxqtQrSwpTVOn9r0=".equals(encodeToString)) {
                return encodeToString;
            }
        }
        throw new com.microsoft.identity.common.b.c("Calling app could not be verified", "SignatureHashes: " + sb.toString());
    }

    @SuppressLint({"PackageManagerGetSignatures"})
    private List<X509Certificate> c(String str) throws PackageManager.NameNotFoundException, com.microsoft.identity.common.b.c, IOException, GeneralSecurityException {
        PackageInfo packageInfo = this.f11552a.getPackageManager().getPackageInfo(str, 64);
        if (packageInfo == null) {
            throw new com.microsoft.identity.common.b.c("App package name is not found in the package manager", "No broker package existed.");
        }
        Signature[] signatureArr = packageInfo.signatures;
        if (signatureArr == null || signatureArr.length == 0) {
            throw new com.microsoft.identity.common.b.c("Calling app could not be verified", "No signature associated with the broker package.");
        }
        ArrayList arrayList = new ArrayList(signatureArr.length);
        for (Signature signature : packageInfo.signatures) {
            try {
                arrayList.add((X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(signature.toByteArray())));
            } catch (CertificateException unused) {
                throw new com.microsoft.identity.common.b.c("Calling app could not be verified");
            }
        }
        return arrayList;
    }

    public boolean a(String str) {
        try {
            return b(str) != null;
        } catch (com.microsoft.identity.common.b.c e2) {
            com.microsoft.identity.common.c.e.g.a("BrokerValidator:verifySignature", e2.b() + ": " + e2.getMessage(), e2);
            return false;
        }
    }

    public String b(String str) throws com.microsoft.identity.common.b.c {
        try {
            List<X509Certificate> c2 = c(str);
            String c3 = c(c2);
            if (c2.size() > 1) {
                b(c2);
            }
            return c3;
        } catch (PackageManager.NameNotFoundException e2) {
            throw new com.microsoft.identity.common.b.c("App package name is not found in the package manager", e2.getMessage(), e2);
        } catch (IOException e3) {
            e = e3;
            throw new com.microsoft.identity.common.b.c("Signature could not be verified", e.getMessage(), e);
        } catch (NoSuchAlgorithmException e4) {
            throw new com.microsoft.identity.common.b.c("no_such_algorithm", e4.getMessage(), e4);
        } catch (GeneralSecurityException e5) {
            e = e5;
            throw new com.microsoft.identity.common.b.c("Signature could not be verified", e.getMessage(), e);
        }
    }
}
