package com.microsoft.identity.common.internal.broker;

import android.content.Context;
import com.microsoft.identity.common.internal.util.PackageUtils;
import com.microsoft.identity.common.logging.Logger;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import kotlin.Metadata;
import kotlin.jvm.internal.FunctionReferenceImpl;
import tt.ew5;
import tt.hz8;
import tt.kg3;
import tt.l02;
import tt.md6;
import tt.pf6;
import tt.qi4;
import tt.ux7;
import tt.wda;
import tt.yg3;

@Metadata
/* loaded from: classes3.dex */
public class BrokerValidator implements IBrokerValidator {

    @md6
    public static final Companion Companion = new Companion(null);

    @pf6
    private static final String TAG = ux7.b(BrokerValidator.class).b();

    @md6
    private final Set<BrokerData> allowedBrokerApps;

    @md6
    private final kg3<String, List<X509Certificate>> getSigningCertificateForApp;

    @md6
    private final yg3<String, List<? extends X509Certificate>, wda> validateSigningCertificate;

    @ew5
    /* renamed from: com.microsoft.identity.common.internal.broker.BrokerValidator$2, reason: invalid class name */
    /* loaded from: classes3.dex */
    /* synthetic */ class AnonymousClass2 extends FunctionReferenceImpl implements yg3<String, List<? extends X509Certificate>, wda> {
        AnonymousClass2(Object obj) {
            super(2, obj, Companion.class, "validateSigningCertificate", "validateSigningCertificate(Ljava/lang/String;Ljava/util/List;)V", 0);
        }

        @Override // tt.yg3
        /* renamed from: invoke */
        public /* bridge */ /* synthetic */ Object mo3invoke(Object obj, Object obj2) {
            invoke((String) obj, (List<? extends X509Certificate>) obj2);
            return wda.a;
        }

        public final void invoke(@md6 String str, @md6 List<? extends X509Certificate> list) {
            qi4.f(str, "p0");
            qi4.f(list, "p1");
            ((Companion) this.receiver).validateSigningCertificate(str, list);
        }
    }

    @Metadata
    /* loaded from: classes3.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(l02 l02Var) {
            this();
        }

        public final void validateSigningCertificate(@md6 String str, @md6 List<? extends X509Certificate> list) {
            Set d;
            qi4.f(str, "expectedSigningCertificateSignature");
            qi4.f(list, "signingCertificates");
            d = hz8.d(str);
            PackageUtils.verifySignatureHash(list, d.iterator());
            if (list.size() > 1) {
                PackageUtils.verifyCertificateChain(list);
            }
        }
    }

    /* JADX WARN: 'this' call moved to the top of the method (can break code semantics) */
    public BrokerValidator(@md6 final Context context) {
        this(BrokerData.Companion.getKnownBrokerApps(), new kg3<String, List<? extends X509Certificate>>() { // from class: com.microsoft.identity.common.internal.broker.BrokerValidator.1
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(1);
            }

            @Override // tt.kg3
            @md6
            public final List<X509Certificate> invoke(@md6 String str) {
                qi4.f(str, "packageName");
                List<X509Certificate> readCertDataForApp = PackageUtils.readCertDataForApp(str, context);
                qi4.e(readCertDataForApp, "readCertDataForApp(packageName, context)");
                return readCertDataForApp;
            }
        }, new AnonymousClass2(Companion));
        qi4.f(context, "context");
    }

    /* JADX WARN: Multi-variable type inference failed */
    public BrokerValidator(@md6 Set<BrokerData> set, @md6 kg3<? super String, ? extends List<? extends X509Certificate>> kg3Var, @md6 yg3<? super String, ? super List<? extends X509Certificate>, wda> yg3Var) {
        qi4.f(set, "allowedBrokerApps");
        qi4.f(kg3Var, "getSigningCertificateForApp");
        qi4.f(yg3Var, "validateSigningCertificate");
        this.allowedBrokerApps = set;
        this.getSigningCertificateForApp = kg3Var;
        this.validateSigningCertificate = yg3Var;
    }

    @Override // com.microsoft.identity.common.internal.broker.IBrokerValidator
    public boolean isSignedByKnownKeys(@md6 BrokerData brokerData) {
        qi4.f(brokerData, "brokerData");
        String str = TAG + ":isSignedByKnownKeys";
        try {
            this.validateSigningCertificate.mo3invoke(brokerData.getSigningCertificateThumbprint(), (List) this.getSigningCertificateForApp.invoke(brokerData.getPackageName()));
            Logger.info(str, brokerData.getPackageName() + " is installed, and is a valid broker.");
            return true;
        } catch (Throwable th) {
            Logger.error(str, th.getMessage(), th);
            return false;
        }
    }

    @Override // com.microsoft.identity.common.internal.broker.IBrokerValidator
    public boolean isValidBrokerPackage(@md6 String str) {
        Object obj;
        qi4.f(str, "packageName");
        String str2 = TAG + ":isValidBrokerPackage";
        Iterator<T> it = this.allowedBrokerApps.iterator();
        while (true) {
            if (!it.hasNext()) {
                obj = null;
                break;
            }
            obj = it.next();
            if (qi4.a(((BrokerData) obj).getPackageName(), str)) {
                break;
            }
        }
        BrokerData brokerData = (BrokerData) obj;
        if (brokerData != null) {
            return isSignedByKnownKeys(brokerData);
        }
        Logger.info(str2, str + " does not match with any known broker apps.");
        return false;
    }

    public boolean verifySignature(@md6 String str) {
        qi4.f(str, "packageName");
        return isValidBrokerPackage(str);
    }
}
