package com.rolltech.auer.L3D_NORMAL_zh.installer;

import biz.source_code.base64Coder.Base64Coder;
import com.rolltech.auer.L3D_NORMAL_zh.installer.keystore.MIDPKeyStore;
import com.rolltech.auer.L3D_NORMAL_zh.utility.Config;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;

/* loaded from: classes.dex */
public class JarSecurity {
    private static final int MAX_BUFFER_SIZE = 10240;
    private static final String MIDLET_CERTIFICATE_N = "MIDlet-Certificate-";
    private String mTrustedCA;
    private String mTrustedDomain;

    private static void getCertificateChain(int i, InstallProperty installProperty, StringBuilder sb, CertificateFactory certificateFactory, ArrayList<X509Certificate> arrayList) throws CertificateException {
        sb.setLength(0);
        arrayList.clear();
        int i2 = 0;
        while (true) {
            i2++;
            sb.delete(0, sb.length());
            sb.append(MIDLET_CERTIFICATE_N).append(i).append("-").append(i2);
            String property = installProperty.getProperty(sb.toString());
            if (property == null) {
                int i3 = i2 - 1;
                return;
            }
            arrayList.add((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(Base64Coder.decode(property))));
        }
    }

    public static JarSecurity validate(String str, InstallProperty installProperty, MIDPKeyStore mIDPKeyStore) throws InstallException {
        String jarRSASHA1 = installProperty.getJarRSASHA1();
        if (jarRSASHA1 == null || jarRSASHA1.length() == 0) {
            return null;
        }
        try {
            byte[] decode = Base64Coder.decode(jarRSASHA1);
            StringBuilder sb = new StringBuilder();
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                ArrayList arrayList = new ArrayList(10);
                Date date = new Date(System.currentTimeMillis());
                try {
                    getCertificateChain(0 + 1, installProperty, sb, certificateFactory, arrayList);
                    if (arrayList.size() == 0) {
                        return null;
                    }
                    try {
                        if (!verifyBinary((X509Certificate) arrayList.get(0), str, decode)) {
                            throw new InstallException(9);
                        }
                        try {
                            MIDPKeyStore.Attribute findParentCertAttribute = mIDPKeyStore.findParentCertAttribute(verifyCertChain(arrayList, date));
                            if (findParentCertAttribute == null) {
                                throw new InstallException(6);
                            }
                            if (date.compareTo(findParentCertAttribute.getNotAfter()) > 0) {
                                throw new InstallException(12);
                            }
                            JarSecurity jarSecurity = new JarSecurity();
                            jarSecurity.mTrustedCA = findParentCertAttribute.getOwner();
                            jarSecurity.mTrustedDomain = findParentCertAttribute.getDomain();
                            return jarSecurity;
                        } catch (InstallException e) {
                            throw e;
                        } catch (CertPathValidatorException e2) {
                            throw new InstallException(49);
                        }
                    } catch (IOException e3) {
                        throw new InstallException(20);
                    } catch (NoSuchAlgorithmException e4) {
                        throw new InstallException(InstallPolicy.J2ME_INSTALL_UNKOWN_FAILUIRE);
                    }
                } catch (Exception e5) {
                    throw new InstallException(4);
                }
            } catch (CertificateException e6) {
                throw new InstallException(1001);
            }
        } catch (Exception e7) {
            throw new InstallException(9);
        }
    }

    private static boolean verifyBinary(X509Certificate x509Certificate, String str, byte[] bArr) throws IOException, NoSuchAlgorithmException {
        boolean z = false;
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(fileInputStream, Config.defaultBufferSize);
            try {
                byte[] bArr2 = new byte[MAX_BUFFER_SIZE];
                Signature signature = Signature.getInstance("SHA1withRSA");
                try {
                    signature.initVerify(x509Certificate.getPublicKey());
                    while (true) {
                        try {
                            int read = bufferedInputStream.read(bArr2, 0, MAX_BUFFER_SIZE);
                            if (read <= 0) {
                                break;
                            }
                            signature.update(bArr2, 0, read);
                        } catch (SignatureException e) {
                            e.printStackTrace();
                            fileInputStream.close();
                        }
                    }
                    z = signature.verify(bArr);
                    fileInputStream.close();
                } catch (InvalidKeyException e2) {
                    e2.printStackTrace();
                    fileInputStream.close();
                }
                return z;
            } finally {
                bufferedInputStream.close();
            }
        } catch (Throwable th) {
            fileInputStream.close();
            throw th;
        }
    }

    private static X509Certificate verifyCertChain(List<X509Certificate> list, Date date) throws CertPathValidatorException, InstallException {
        if (list.size() <= 0) {
            return null;
        }
        for (int i = 0; i < list.size(); i++) {
            X509Certificate x509Certificate = list.get(i);
            try {
                x509Certificate.checkValidity(date);
            } catch (CertificateExpiredException e) {
            } catch (CertificateNotYetValidException e2) {
                throw new InstallException(7);
            }
            if (i > 0) {
                try {
                    list.get(i - 1).verify(x509Certificate.getPublicKey());
                } catch (InvalidKeyException e3) {
                    throw new InstallException(28);
                } catch (NoSuchAlgorithmException e4) {
                    throw new InstallException(1001);
                } catch (NoSuchProviderException e5) {
                    throw new InstallException(1001);
                } catch (SignatureException e6) {
                    throw new InstallException(9);
                } catch (CertificateException e7) {
                    throw new InstallException(10);
                }
            }
        }
        return list.get(list.size() - 1);
    }

    public String getTrustedCA() {
        return this.mTrustedCA;
    }

    public String getTrustedDomain() {
        return this.mTrustedDomain;
    }
}
