package com.qihoo360.mobilesafe.utils.pkg;

import android.content.Context;
import android.content.pm.PackageManager;
import android.content.pm.Signature;
import com.stub.StubApp;
import java.io.ByteArrayInputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.jar.JarFile;

/* loaded from: classes4.dex */
public class CertChainVerify {
    public static final int CHNERR_CERT = -2;
    public static final int CHNERR_CHAIN = -8;
    public static final int CHNERR_INVARG = -1;
    public static final int CHNERR_INVKEY = -3;
    public static final int CHNERR_NOALGO = -4;
    public static final int CHNERR_NOPROV = -5;
    public static final int CHNERR_OK = 0;
    public static final int CHNERR_ROOT = -7;
    public static final int CHNERR_SIGN = -6;
    public static final String TAG = StubApp.getString2(28167);

    public static X509Certificate[] getAChain(Certificate[] certificateArr, int i2) {
        if (i2 > certificateArr.length - 1) {
            return null;
        }
        int i3 = i2;
        while (i3 < certificateArr.length - 1) {
            int i4 = i3 + 1;
            if (!((X509Certificate) certificateArr[i4]).getSubjectDN().equals(((X509Certificate) certificateArr[i3]).getIssuerDN())) {
                break;
            }
            i3 = i4;
        }
        int i5 = (i3 - i2) + 1;
        X509Certificate[] x509CertificateArr = new X509Certificate[i5];
        for (int i6 = 0; i6 < i5; i6++) {
            x509CertificateArr[i6] = (X509Certificate) certificateArr[i2 + i6];
        }
        return x509CertificateArr;
    }

    public static Certificate[] getCertChain(String str) {
        JarFile jarFile;
        try {
            jarFile = new JarFile(str);
        } catch (Throwable unused) {
            jarFile = null;
        }
        try {
            Certificate[] certChain = getCertChain(jarFile);
            try {
                jarFile.close();
            } catch (Exception unused2) {
            }
            return certChain;
        } catch (Throwable unused3) {
            if (jarFile != null) {
                try {
                    jarFile.close();
                } catch (Exception unused4) {
                }
            }
            return null;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:15:0x0028, code lost:
    
        r1 = new byte[4096];
        r5 = r5.getInputStream(r2);
     */
    /* JADX WARN: Code restructure failed: missing block: B:19:0x0037, code lost:
    
        if (r5.read(r1, 0, r1.length) == (-1)) goto L48;
     */
    /* JADX WARN: Code restructure failed: missing block: B:22:0x003a, code lost:
    
        r1 = r2.getCertificates();
     */
    /* JADX WARN: Code restructure failed: missing block: B:23:0x003e, code lost:
    
        if (r1 == null) goto L25;
     */
    /* JADX WARN: Code restructure failed: missing block: B:25:0x0041, code lost:
    
        if (r1.length <= 0) goto L25;
     */
    /* JADX WARN: Code restructure failed: missing block: B:26:0x0043, code lost:
    
        if (r5 == null) goto L22;
     */
    /* JADX WARN: Code restructure failed: missing block: B:30:0x0045, code lost:
    
        r5.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:34:0x004c, code lost:
    
        if (r5 != null) goto L40;
     */
    /* JADX WARN: Code restructure failed: missing block: B:35:0x0056, code lost:
    
        return null;
     */
    /* JADX WARN: Code restructure failed: missing block: B:37:0x004e, code lost:
    
        r5.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:41:0x0053, code lost:
    
        if (r5 == null) goto L31;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.cert.Certificate[] getCertChain(java.util.jar.JarFile r5) {
        /*
            r0 = 0
            java.util.Enumeration r1 = r5.entries()     // Catch: java.lang.Throwable -> L52
        L5:
            boolean r2 = r1.hasMoreElements()     // Catch: java.lang.Throwable -> L52
            if (r2 == 0) goto L4b
            java.lang.Object r2 = r1.nextElement()     // Catch: java.lang.Throwable -> L52
            java.util.jar.JarEntry r2 = (java.util.jar.JarEntry) r2     // Catch: java.lang.Throwable -> L52
            boolean r3 = r2.isDirectory()     // Catch: java.lang.Throwable -> L52
            if (r3 != 0) goto L5
            java.lang.String r3 = r2.getName()     // Catch: java.lang.Throwable -> L52
            java.lang.String r4 = "28166"
            java.lang.String r4 = com.stub.StubApp.getString2(r4)     // Catch: java.lang.Throwable -> L52
            boolean r3 = r3.startsWith(r4)     // Catch: java.lang.Throwable -> L52
            if (r3 == 0) goto L28
            goto L5
        L28:
            r1 = 4096(0x1000, float:5.74E-42)
            byte[] r1 = new byte[r1]     // Catch: java.lang.Throwable -> L52
            java.io.InputStream r5 = r5.getInputStream(r2)     // Catch: java.lang.Throwable -> L52
        L30:
            r3 = 0
            int r4 = r1.length     // Catch: java.lang.Throwable -> L49
            int r3 = r5.read(r1, r3, r4)     // Catch: java.lang.Throwable -> L49
            r4 = -1
            if (r3 == r4) goto L3a
            goto L30
        L3a:
            java.security.cert.Certificate[] r1 = r2.getCertificates()     // Catch: java.lang.Throwable -> L49
            if (r1 == 0) goto L4c
            int r2 = r1.length     // Catch: java.lang.Throwable -> L49
            if (r2 <= 0) goto L4c
            if (r5 == 0) goto L48
            r5.close()     // Catch: java.lang.Exception -> L48
        L48:
            return r1
        L49:
            goto L53
        L4b:
            r5 = r0
        L4c:
            if (r5 == 0) goto L56
        L4e:
            r5.close()     // Catch: java.lang.Exception -> L56
            goto L56
        L52:
            r5 = r0
        L53:
            if (r5 == 0) goto L56
            goto L4e
        L56:
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.qihoo360.mobilesafe.utils.pkg.CertChainVerify.getCertChain(java.util.jar.JarFile):java.security.cert.Certificate[]");
    }

    public static boolean isSelfSigned(X509Certificate x509Certificate) {
        try {
            x509Certificate.verify(x509Certificate.getPublicKey());
            return true;
        } catch (InvalidKeyException | SignatureException unused) {
            return false;
        }
    }

    public static void printCert(X509Certificate x509Certificate) {
    }

    public static void printSignature(Signature signature) {
        printCert(toX509(signature));
    }

    public static X509Certificate toX509(Signature signature) {
        try {
            return (X509Certificate) CertificateFactory.getInstance(StubApp.getString2("20065")).generateCertificate(new ByteArrayInputStream(signature.toByteArray()));
        } catch (CertificateException unused) {
            return null;
        }
    }

    public static int verifyAChain(X509Certificate[] x509CertificateArr) {
        if (x509CertificateArr == null || x509CertificateArr.length == 0) {
            return -1;
        }
        int i2 = 0;
        while (i2 < x509CertificateArr.length - 1) {
            X509Certificate x509Certificate = x509CertificateArr[i2];
            i2++;
            X509Certificate x509Certificate2 = x509CertificateArr[i2];
            try {
                x509Certificate.checkValidity();
                x509Certificate2.checkValidity();
                try {
                    x509Certificate.verify(x509Certificate2.getPublicKey());
                } catch (InvalidKeyException unused) {
                    return -3;
                } catch (NoSuchAlgorithmException unused2) {
                    return -4;
                } catch (NoSuchProviderException unused3) {
                    return -5;
                } catch (SignatureException unused4) {
                    return -8;
                } catch (CertificateException unused5) {
                    return -2;
                }
            } catch (CertificateException unused6) {
                return -2;
            }
        }
        X509Certificate x509Certificate3 = x509CertificateArr[x509CertificateArr.length - 1];
        try {
            x509Certificate3.checkValidity();
            return isSelfSigned(x509Certificate3) ? 0 : -7;
        } catch (NoSuchAlgorithmException unused7) {
            return -4;
        } catch (NoSuchProviderException unused8) {
            return -5;
        } catch (CertificateException unused9) {
            return -2;
        }
    }

    public static int verifyApk(String str) {
        Certificate[] certChain = getCertChain(str);
        if (certChain == null) {
            return -2;
        }
        return verifyChain(certChain);
    }

    public static int verifyChain(Certificate[] certificateArr) {
        int i2 = 0;
        while (i2 < certificateArr.length) {
            X509Certificate[] aChain = getAChain(certificateArr, i2);
            int verifyAChain = verifyAChain(aChain);
            if (verifyAChain != 0) {
                return verifyAChain;
            }
            i2 += aChain.length;
        }
        return 0;
    }

    public static int verifyJarFile(JarFile jarFile) {
        Certificate[] certChain = getCertChain(jarFile);
        if (certChain == null) {
            return -2;
        }
        return verifyChain(certChain);
    }

    public static int verifyPackage(Context context, String str) {
        try {
            return verifySignature(context.getPackageManager().getPackageInfo(str, 64).signatures);
        } catch (PackageManager.NameNotFoundException unused) {
            return -1;
        }
    }

    public static int verifySignature(Signature[] signatureArr) {
        X509Certificate[] x509CertificateArr = new X509Certificate[signatureArr.length];
        int i2 = 0;
        for (Signature signature : signatureArr) {
            X509Certificate x509 = toX509(signature);
            if (x509 == null) {
                return -2;
            }
            x509CertificateArr[i2] = x509;
            i2++;
        }
        return verifyChain(x509CertificateArr);
    }
}
