package com.qihoo360.common.utils;

import android.content.Context;
import android.content.pm.PackageManager;
import android.content.pm.Signature;
import android.util.Log;
import java.io.ByteArrayInputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.jar.JarFile;

/* loaded from: classes2.dex */
public class CertChainVerify {
    public static final int CHNERR_CERT = -2;
    public static final int CHNERR_CHAIN = -8;
    public static final int CHNERR_INVARG = -1;
    public static final int CHNERR_INVKEY = -3;
    public static final int CHNERR_NOALGO = -4;
    public static final int CHNERR_NOPROV = -5;
    public static final int CHNERR_OK = 0;
    public static final int CHNERR_ROOT = -7;
    public static final int CHNERR_SIGN = -6;
    private static final String TAG = "CertChainVerify";

    static X509Certificate[] getAChain(Certificate[] certificateArr, int i) {
        if (i > certificateArr.length - 1) {
            return null;
        }
        int i2 = i;
        while (i2 < certificateArr.length - 1 && ((X509Certificate) certificateArr[i2 + 1]).getSubjectDN().equals(((X509Certificate) certificateArr[i2]).getIssuerDN())) {
            i2++;
        }
        int i3 = (i2 - i) + 1;
        X509Certificate[] x509CertificateArr = new X509Certificate[i3];
        for (int i4 = 0; i4 < i3; i4++) {
            x509CertificateArr[i4] = (X509Certificate) certificateArr[i + i4];
        }
        return x509CertificateArr;
    }

    public static Certificate[] getCertChain(String str) {
        JarFile jarFile;
        Throwable th;
        Certificate[] certificateArr = null;
        try {
            jarFile = new JarFile(str);
            try {
                certificateArr = getCertChain(jarFile);
                if (jarFile != null) {
                    try {
                        jarFile.close();
                    } catch (Exception e) {
                    }
                }
            } catch (Throwable th2) {
                th = th2;
                if (jarFile != null) {
                    try {
                        jarFile.close();
                    } catch (Exception e2) {
                    }
                }
                throw th;
            }
        } catch (Throwable th3) {
            jarFile = null;
            th = th3;
        }
        return certificateArr;
    }

    /* JADX WARN: Code restructure failed: missing block: B:12:0x0023, code lost:
    
        r3 = new byte[4096];
        r2 = r6.getInputStream(r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:16:0x0032, code lost:
    
        if (r2.read(r3, 0, r3.length) != (-1)) goto L65;
     */
    /* JADX WARN: Code restructure failed: missing block: B:18:0x0034, code lost:
    
        r0 = r0.getCertificates();
     */
    /* JADX WARN: Code restructure failed: missing block: B:19:0x0038, code lost:
    
        if (r0 == null) goto L22;
     */
    /* JADX WARN: Code restructure failed: missing block: B:21:0x003b, code lost:
    
        if (r0.length <= 0) goto L22;
     */
    /* JADX WARN: Code restructure failed: missing block: B:22:0x003d, code lost:
    
        if (r2 == null) goto L66;
     */
    /* JADX WARN: Code restructure failed: missing block: B:24:0x003f, code lost:
    
        r2.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:25:0x0042, code lost:
    
        return r0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:29:?, code lost:
    
        return r0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:30:?, code lost:
    
        return r0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:40:0x0062, code lost:
    
        r0 = th;
     */
    /* JADX WARN: Code restructure failed: missing block: B:41:0x0063, code lost:
    
        r1 = r2;
     */
    /* JADX WARN: Code restructure failed: missing block: B:42:0x0056, code lost:
    
        if (r1 != null) goto L46;
     */
    /* JADX WARN: Code restructure failed: missing block: B:43:0x005b, code lost:
    
        throw r0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:45:0x0058, code lost:
    
        r1.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:49:0x0066, code lost:
    
        r0 = r2;
     */
    /* JADX WARN: Code restructure failed: missing block: B:50:0x004d, code lost:
    
        if (r0 != null) goto L52;
     */
    /* JADX WARN: Code restructure failed: missing block: B:52:0x004f, code lost:
    
        r0.close();
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.cert.Certificate[] getCertChain(java.util.jar.JarFile r6) {
        /*
            r1 = 0
            java.util.Enumeration r2 = r6.entries()     // Catch: java.lang.Throwable -> L4b java.lang.Throwable -> L55
        L5:
            boolean r0 = r2.hasMoreElements()     // Catch: java.lang.Throwable -> L4b java.lang.Throwable -> L55
            if (r0 == 0) goto L43
            java.lang.Object r0 = r2.nextElement()     // Catch: java.lang.Throwable -> L4b java.lang.Throwable -> L55
            java.util.jar.JarEntry r0 = (java.util.jar.JarEntry) r0     // Catch: java.lang.Throwable -> L4b java.lang.Throwable -> L55
            boolean r3 = r0.isDirectory()     // Catch: java.lang.Throwable -> L4b java.lang.Throwable -> L55
            if (r3 != 0) goto L5
            java.lang.String r3 = r0.getName()     // Catch: java.lang.Throwable -> L4b java.lang.Throwable -> L55
            java.lang.String r4 = "META-INF/"
            boolean r3 = r3.startsWith(r4)     // Catch: java.lang.Throwable -> L4b java.lang.Throwable -> L55
            if (r3 != 0) goto L5
            r2 = 4096(0x1000, float:5.74E-42)
            byte[] r3 = new byte[r2]     // Catch: java.lang.Throwable -> L4b java.lang.Throwable -> L55
            java.io.InputStream r2 = r6.getInputStream(r0)     // Catch: java.lang.Throwable -> L4b java.lang.Throwable -> L55
        L2b:
            r4 = 0
            int r5 = r3.length     // Catch: java.lang.Throwable -> L62 java.lang.Throwable -> L65
            int r4 = r2.read(r3, r4, r5)     // Catch: java.lang.Throwable -> L62 java.lang.Throwable -> L65
            r5 = -1
            if (r4 != r5) goto L2b
            java.security.cert.Certificate[] r0 = r0.getCertificates()     // Catch: java.lang.Throwable -> L62 java.lang.Throwable -> L65
            if (r0 == 0) goto L44
            int r3 = r0.length     // Catch: java.lang.Throwable -> L62 java.lang.Throwable -> L65
            if (r3 <= 0) goto L44
            if (r2 == 0) goto L42
            r2.close()     // Catch: java.lang.Exception -> L5c
        L42:
            return r0
        L43:
            r2 = r1
        L44:
            if (r2 == 0) goto L49
            r2.close()     // Catch: java.lang.Exception -> L5e
        L49:
            r0 = r1
            goto L42
        L4b:
            r0 = move-exception
            r0 = r1
        L4d:
            if (r0 == 0) goto L49
            r0.close()     // Catch: java.lang.Exception -> L53
            goto L49
        L53:
            r0 = move-exception
            goto L49
        L55:
            r0 = move-exception
        L56:
            if (r1 == 0) goto L5b
            r1.close()     // Catch: java.lang.Exception -> L60
        L5b:
            throw r0
        L5c:
            r1 = move-exception
            goto L42
        L5e:
            r0 = move-exception
            goto L49
        L60:
            r1 = move-exception
            goto L5b
        L62:
            r0 = move-exception
            r1 = r2
            goto L56
        L65:
            r0 = move-exception
            r0 = r2
            goto L4d
        */
        throw new UnsupportedOperationException("Method not decompiled: com.qihoo360.common.utils.CertChainVerify.getCertChain(java.util.jar.JarFile):java.security.cert.Certificate[]");
    }

    public static boolean isSelfSigned(X509Certificate x509Certificate) throws CertificateException, NoSuchAlgorithmException, NoSuchProviderException {
        try {
            x509Certificate.verify(x509Certificate.getPublicKey());
            return true;
        } catch (InvalidKeyException e) {
            return false;
        } catch (SignatureException e2) {
            return false;
        }
    }

    static void printCert(X509Certificate x509Certificate) {
        if (x509Certificate != null) {
            Log.i(TAG, "subject:" + x509Certificate.getSubjectDN());
            Log.i(TAG, "Issuer:" + x509Certificate.getIssuerDN());
            Log.i(TAG, "Serail:" + x509Certificate.getSerialNumber());
        }
    }

    static void printSignature(Signature signature) {
        printCert(toX509(signature));
    }

    static X509Certificate toX509(Signature signature) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(signature.toByteArray()));
        } catch (CertificateException e) {
            return null;
        }
    }

    static int verifyAChain(X509Certificate[] x509CertificateArr) {
        if (x509CertificateArr == null || x509CertificateArr.length == 0) {
            return -1;
        }
        for (int i = 0; i < x509CertificateArr.length - 1; i++) {
            X509Certificate x509Certificate = x509CertificateArr[i];
            X509Certificate x509Certificate2 = x509CertificateArr[i + 1];
            try {
                x509Certificate.checkValidity();
                x509Certificate2.checkValidity();
                try {
                    x509Certificate.verify(x509Certificate2.getPublicKey());
                } catch (InvalidKeyException e) {
                    return -3;
                } catch (NoSuchAlgorithmException e2) {
                    return -4;
                } catch (NoSuchProviderException e3) {
                    return -5;
                } catch (SignatureException e4) {
                    return -8;
                } catch (CertificateException e5) {
                    return -2;
                }
            } catch (CertificateException e6) {
                return -2;
            }
        }
        X509Certificate x509Certificate3 = x509CertificateArr[x509CertificateArr.length - 1];
        try {
            x509Certificate3.checkValidity();
            return !isSelfSigned(x509Certificate3) ? -7 : 0;
        } catch (NoSuchAlgorithmException e7) {
            return -4;
        } catch (NoSuchProviderException e8) {
            return -5;
        } catch (CertificateException e9) {
            return -2;
        }
    }

    public static int verifyApk(String str) {
        Certificate[] certChain = getCertChain(str);
        if (certChain == null) {
            return -2;
        }
        return verifyChain(certChain);
    }

    public static int verifyChain(Certificate[] certificateArr) {
        int i = 0;
        while (i < certificateArr.length) {
            X509Certificate[] aChain = getAChain(certificateArr, i);
            int verifyAChain = verifyAChain(aChain);
            if (verifyAChain != 0) {
                return verifyAChain;
            }
            i += aChain.length;
        }
        return 0;
    }

    public static int verifyJarFile(JarFile jarFile) {
        Certificate[] certChain = getCertChain(jarFile);
        if (certChain == null) {
            return -2;
        }
        return verifyChain(certChain);
    }

    public static int verifyPackage(Context context, String str) {
        try {
            return verifySignature(context.getPackageManager().getPackageInfo(str, 64).signatures);
        } catch (PackageManager.NameNotFoundException e) {
            return -1;
        }
    }

    public static int verifySignature(Signature[] signatureArr) {
        X509Certificate[] x509CertificateArr = new X509Certificate[signatureArr.length];
        int i = 0;
        for (Signature signature : signatureArr) {
            X509Certificate x509 = toX509(signature);
            if (x509 == null) {
                return -2;
            }
            x509CertificateArr[i] = x509;
            i++;
        }
        return verifyChain(x509CertificateArr);
    }
}
