package com.htc.mirrorlinkserver.certhandler;

import android.content.pm.PackageManager;
import android.os.Build;
import android.util.Log;
import com.htc.mirrorlinkserver.certhandler.d;
import com.htc.mirrorlinkserver.certhandler.e;
import com.htc.mirrorlinkserver.common.MirrorLinkApplication;
import com.htc.mirrorlinkserver.common.Platform;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.jar.JarFile;
import org.spongycastle.asn1.ASN1OctetString;

/* loaded from: classes.dex */
public class f {

    /* renamed from: a, reason: collision with root package name */
    private static String f684a = "[MirrorLinkServer]" + f.class.getSimpleName();
    private X509Certificate b;
    private X509Certificate c;
    private X509Certificate d;
    private PackageManager e;
    private d.b f;

    public f(X509Certificate x509Certificate) {
        this(x509Certificate, null);
    }

    public f(X509Certificate x509Certificate, PackageManager packageManager) {
        this.b = null;
        this.c = null;
        this.d = null;
        this.e = null;
        this.d = x509Certificate;
        this.e = packageManager;
    }

    public static boolean a(MirrorLinkApplication mirrorLinkApplication, PackageManager packageManager) {
        String f = mirrorLinkApplication.f();
        String a2 = e.a(f, packageManager.getPackageInfo(f, 0).versionCode, new JarFile(packageManager.getApplicationInfo(f, 0).sourceDir));
        if (mirrorLinkApplication.d() != null && a2.equals(mirrorLinkApplication.d())) {
            return true;
        }
        Log.e(f684a, "The calculated App ID doesn't match the one in the self-signed certificate.");
        Log.e(f684a, "The calculated App ID:" + a2);
        Log.e(f684a, "The Self-signed App ID:" + mirrorLinkApplication.d());
        return false;
    }

    private boolean a(Platform platform) {
        if (!platform.a().equals("Android")) {
            Log.e(f684a, "Invalid Platform Id: " + platform.a());
            return false;
        }
        if (!platform.b().equals("Native")) {
            Log.e(f684a, "Invalid Runtime Id: " + platform.b());
            return false;
        }
        List<String> c = platform.c();
        if (!c.contains(Integer.toString(Build.VERSION.SDK_INT))) {
            return true;
        }
        Iterator<String> it = c.iterator();
        while (it.hasNext()) {
            Log.e(f684a, "BlackListed Platform Version::" + it.next());
        }
        Log.e(f684a, "Invalid Platform Version: " + Integer.toString(Build.VERSION.SDK_INT));
        return false;
    }

    public static boolean a(X509Certificate x509Certificate) {
        if (x509Certificate != null) {
            try {
                x509Certificate.checkValidity();
                return true;
            } catch (CertificateExpiredException e) {
                e.printStackTrace();
            } catch (CertificateNotYetValidException e2) {
                e2.printStackTrace();
            }
        }
        Log.d(f684a, "Application Development Certificate Expired");
        return false;
    }

    private boolean b() {
        boolean z;
        try {
            this.b.checkValidity();
            this.c.checkValidity();
            z = true;
        } catch (CertificateExpiredException e) {
            Log.d(f684a, e.getMessage());
            z = false;
        } catch (CertificateNotYetValidException e2) {
            Log.d(f684a, e2.getMessage());
            z = false;
        }
        if (!z) {
            this.f = d.b.INVALID_EXPIRATION_DATE;
        }
        return z;
    }

    public d.b a() {
        return this.f;
    }

    public d.EnumC0046d a(List<X509Certificate> list, MirrorLinkApplication mirrorLinkApplication) {
        d.EnumC0046d enumC0046d;
        d.EnumC0046d enumC0046d2 = d.EnumC0046d.FAILED;
        if (list == null || mirrorLinkApplication == null) {
            Log.e(f684a, "Input certificates are NULL");
            enumC0046d = enumC0046d2;
        } else if (list.isEmpty() || list.size() <= 1) {
            Log.e(f684a, "Certificate contains no intermediate certificates or is empty");
            enumC0046d = enumC0046d2;
        } else {
            this.b = list.get(1);
            this.c = list.get(0);
            if (!b()) {
                enumC0046d = d.EnumC0046d.RETRY;
            } else if (a(list)) {
                try {
                    if (!a(mirrorLinkApplication, this.e)) {
                        this.f = d.b.INVALID_APP_IDENTIFIER;
                        enumC0046d = enumC0046d2;
                    }
                } catch (PackageManager.NameNotFoundException e) {
                    e.printStackTrace();
                } catch (e.a e2) {
                    e2.printStackTrace();
                } catch (IOException e3) {
                    e3.printStackTrace();
                } catch (NoSuchAlgorithmException e4) {
                    e4.printStackTrace();
                }
                enumC0046d = !a(mirrorLinkApplication.c().a()) ? d.EnumC0046d.RETRY : d.EnumC0046d.SUCCESS;
            } else {
                enumC0046d = enumC0046d2;
            }
        }
        this.b = null;
        this.c = null;
        Log.d(f684a, "Certificate validation result=" + enumC0046d);
        return enumC0046d;
    }

    public d.EnumC0046d a(List<X509Certificate> list, String str, String str2, String str3) {
        d.EnumC0046d enumC0046d;
        d.EnumC0046d enumC0046d2 = d.EnumC0046d.FAILED;
        if (list == null) {
            Log.e(f684a, "Input certificates is NULL");
            enumC0046d = enumC0046d2;
        } else if (list.isEmpty() || list.size() <= 1) {
            Log.e(f684a, "Certificate contains no intermediate certificates or is empty");
            enumC0046d = enumC0046d2;
        } else {
            this.b = list.get(1);
            this.c = list.get(0);
            if (!b()) {
                Log.e(f684a, "Certificate Expired");
                enumC0046d = d.EnumC0046d.RETRY;
            } else if (a(list)) {
                String str4 = new String(ASN1OctetString.getInstance(this.c.getExtensionValue("1.3.6.1.4.1.41577.3.1")).getOctets());
                Log.d(f684a, "Check IMPL::" + str4);
                if (str4.equals(str)) {
                    String str5 = new String(ASN1OctetString.getInstance(this.c.getExtensionValue("1.3.6.1.4.1.41577.3.2")).getOctets());
                    Log.d(f684a, "Check IMPL::" + str5);
                    if (str5.contains(str2)) {
                        byte[] octets = ASN1OctetString.getInstance(this.c.getExtensionValue("1.3.6.1.4.1.41577.3.3")).getOctets();
                        if (octets != null) {
                            String str6 = new String(octets);
                            Log.d(f684a, "Black list of clients" + str6);
                            if (str3 != null && str3.length() > 0 && str6.toLowerCase().contains(str3.toLowerCase())) {
                                Log.d(f684a, "The Developer ID certificate is blocked by " + str3);
                                this.f = d.b.INVALID_CLIENT_ID;
                                enumC0046d = d.EnumC0046d.RETRY;
                            }
                        }
                        enumC0046d = d.EnumC0046d.SUCCESS;
                    } else {
                        Log.e(f684a, "Invalid Server Id");
                        this.f = d.b.INVALID_SERVER_ID;
                        enumC0046d = enumC0046d2;
                    }
                } else {
                    Log.e(f684a, "Invalid developer ID");
                    this.f = d.b.INVALID_DEV_IDENTIFIER;
                    enumC0046d = enumC0046d2;
                }
            } else {
                enumC0046d = enumC0046d2;
            }
        }
        this.b = null;
        this.c = null;
        return enumC0046d;
    }

    public boolean a(List<X509Certificate> list) {
        boolean z;
        try {
            CertPath generateCertPath = CertificateFactory.getInstance("X.509").generateCertPath(list);
            PKIXParameters pKIXParameters = new PKIXParameters((Set<TrustAnchor>) Collections.singleton(new TrustAnchor(this.d, null)));
            pKIXParameters.setRevocationEnabled(false);
            CertPathValidator.getInstance("PKIX").validate(generateCertPath, pKIXParameters);
            z = true;
        } catch (InvalidAlgorithmParameterException e) {
            e.printStackTrace();
            z = false;
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
            z = false;
        } catch (CertPathValidatorException e3) {
            e3.printStackTrace();
            z = false;
        } catch (CertificateException e4) {
            e4.printStackTrace();
            z = false;
        }
        if (!z) {
            this.f = d.b.INVALID_CERTIFICAE_CHAIN;
        }
        return z;
    }
}
