package q5;

import android.content.Context;
import android.text.TextUtils;
import android.util.Base64;
import com.huawei.hms.framework.common.StringUtils;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import sd.c0;
import sd.v;
import sd.z;

/* loaded from: classes.dex */
public class e {

    /* renamed from: a, reason: collision with root package name */
    public static final int[] f15581a = {1, -65536};

    public static X509Certificate a(String str) {
        ByteArrayInputStream byteArrayInputStream;
        CertificateFactory certificateFactory;
        if (TextUtils.isEmpty(str)) {
            c2.h.f("CertUtil", "certOfStringToX509:cert chain is empty!");
        }
        try {
            byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str, 0));
            try {
                certificateFactory = CertificateFactory.getInstance(com.huawei.hms.feature.dynamic.f.e.f4237b);
            } catch (Throwable th) {
                try {
                    byteArrayInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        } catch (IOException e10) {
            e = e10;
            c2.h.h("CertUtil", "transfer X509 fail:", e.getMessage());
            return r4;
        } catch (CertificateException e11) {
            e = e11;
            c2.h.h("CertUtil", "transfer X509 fail:", e.getMessage());
            return r4;
        } catch (Exception e12) {
            c2.h.h("CertUtil", "transfer X509 fail other Exception:", e12.getMessage());
        }
        if (certificateFactory == null) {
            byteArrayInputStream.close();
            return null;
        }
        Certificate generateCertificate = certificateFactory.generateCertificate(byteArrayInputStream);
        r4 = generateCertificate instanceof X509Certificate ? (X509Certificate) generateCertificate : null;
        byteArrayInputStream.close();
        return r4;
    }

    public static c0 b(X509Certificate x509Certificate) throws CertificateParsingException {
        byte[] extensionValue = x509Certificate.getExtensionValue("1.3.6.1.4.1.11129.2.1.17");
        if (extensionValue == null || extensionValue.length == 0) {
            throw new CertificateParsingException("Did not find extension with OID 1.3.6.1.4.1.11129.2.1.17");
        }
        return c(extensionValue);
    }

    public static c0 c(byte[] bArr) throws CertificateParsingException {
        try {
            sd.o oVar = new sd.o(bArr);
            try {
                c0 d10 = d(oVar);
                oVar.close();
                return d10;
            } catch (Throwable th) {
                try {
                    oVar.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        } catch (IOException e10) {
            e = e10;
            throw new CertificateParsingException("Failed to parse SEQUENCE", e);
        } catch (CertificateParsingException e11) {
            e = e11;
            throw new CertificateParsingException("Failed to parse SEQUENCE", e);
        } catch (Exception e12) {
            throw new CertificateParsingException("Failed to parse SEQUENCE other exception", e12);
        }
    }

    public static c0 d(sd.o oVar) throws IOException, CertificateParsingException {
        z u10 = oVar.u();
        if (!(u10 instanceof v)) {
            throw new CertificateParsingException("Input stream is not ASN1OctetString");
        }
        sd.o oVar2 = new sd.o(((v) u10).u());
        try {
            z u11 = oVar2.u();
            if (!(u11 instanceof c0)) {
                throw new CertificateParsingException("Expected sequence is not ASN1Sequence");
            }
            c0 c0Var = (c0) u11;
            oVar2.close();
            return c0Var;
        } catch (Throwable th) {
            try {
                oVar2.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public static byte[] e(sd.f fVar) throws CertificateParsingException {
        if (fVar instanceof v) {
            return ((v) fVar).u();
        }
        throw new CertificateParsingException("Expected DEROctetString");
    }

    public static String f(String str) {
        if (TextUtils.isEmpty(str)) {
            c2.h.f("CertUtil", "getCertChainForTransfer challenge is empty");
            return "";
        }
        ArrayList<String> g10 = g(d1.a.f().e(), str);
        if (g10.size() != 2) {
            return "";
        }
        return "certBusiness:" + g10.get(0) + "certDevice:" + g10.get(1);
    }

    /* JADX WARN: Removed duplicated region for block: B:17:0x0067  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.util.ArrayList<java.lang.String> g(android.content.Context r8, java.lang.String r9) {
        /*
            java.lang.String r0 = ""
            java.util.ArrayList r1 = new java.util.ArrayList
            r1.<init>()
            java.lang.String r2 = "CertUtil"
            if (r8 == 0) goto L98
            boolean r3 = android.text.TextUtils.isEmpty(r9)
            if (r3 == 0) goto L13
            goto L98
        L13:
            java.security.cert.X509Certificate[] r8 = i(r8, r9)
            int r9 = r8.length
            if (r9 != 0) goto L20
            java.lang.String r8 = "getCertChainStringList: certs is empty"
            c2.h.f(r2, r8)
            return r1
        L20:
            r9 = 2
            r3 = 1
            r4 = 0
            r5 = r8[r4]     // Catch: java.lang.Exception -> L3c java.security.cert.CertificateEncodingException -> L3f
            byte[] r5 = r5.getEncoded()     // Catch: java.lang.Exception -> L3c java.security.cert.CertificateEncodingException -> L3f
            java.lang.String r5 = android.util.Base64.encodeToString(r5, r4)     // Catch: java.lang.Exception -> L3c java.security.cert.CertificateEncodingException -> L3f
            r8 = r8[r3]     // Catch: java.lang.Exception -> L38 java.security.cert.CertificateEncodingException -> L3a
            byte[] r8 = r8.getEncoded()     // Catch: java.lang.Exception -> L38 java.security.cert.CertificateEncodingException -> L3a
            java.lang.String r0 = android.util.Base64.encodeToString(r8, r4)     // Catch: java.lang.Exception -> L38 java.security.cert.CertificateEncodingException -> L3a
            goto L61
        L38:
            r8 = move-exception
            goto L42
        L3a:
            r8 = move-exception
            goto L52
        L3c:
            r8 = move-exception
            r5 = r0
            goto L42
        L3f:
            r8 = move-exception
            r5 = r0
            goto L52
        L42:
            java.lang.Object[] r6 = new java.lang.Object[r9]
            java.lang.String r7 = "getCertChainStringList failed other exception:"
            r6[r4] = r7
            java.lang.String r8 = r8.getMessage()
            r6[r3] = r8
            c2.h.h(r2, r6)
            goto L61
        L52:
            java.lang.Object[] r6 = new java.lang.Object[r9]
            java.lang.String r7 = "getCertChainStringList failed:"
            r6[r4] = r7
            java.lang.String r8 = r8.getMessage()
            r6[r3] = r8
            c2.h.h(r2, r6)
        L61:
            boolean r8 = android.text.TextUtils.isEmpty(r5)
            if (r8 != 0) goto L97
            boolean r8 = android.text.TextUtils.isEmpty(r0)
            if (r8 == 0) goto L6e
            goto L97
        L6e:
            r8 = 4
            java.lang.Object[] r8 = new java.lang.Object[r8]
            java.lang.String r6 = "getCertChainStringList cert size:"
            r8[r4] = r6
            int r4 = r5.length()
            java.lang.Integer r4 = java.lang.Integer.valueOf(r4)
            r8[r3] = r4
            java.lang.String r3 = " : "
            r8[r9] = r3
            int r9 = r0.length()
            java.lang.Integer r9 = java.lang.Integer.valueOf(r9)
            r3 = 3
            r8[r3] = r9
            c2.h.o(r2, r8)
            r1.add(r5)
            r1.add(r0)
        L97:
            return r1
        L98:
            java.lang.String r8 = "getCertChainStringList: param is null"
            c2.h.f(r2, r8)
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: q5.e.g(android.content.Context, java.lang.String):java.util.ArrayList");
    }

    public static String h(X509Certificate x509Certificate) {
        if (x509Certificate == null) {
            c2.h.f("CertUtil", "getChallengeFromX509Cert:attestationCert is null");
            return "";
        }
        try {
            c0 b10 = b(x509Certificate);
            return b10 == null ? "" : new String(e(b10.u(4)), StandardCharsets.UTF_8);
        } catch (CertificateParsingException e10) {
            c2.h.h("CertUtil", "get challenge fail:", e10.getMessage());
            return "";
        } catch (Exception e11) {
            c2.h.h("CertUtil", "get challenge fail other exception:", e11.getMessage());
            return "";
        }
    }

    public static X509Certificate[] i(Context context, String str) {
        if (context == null || str == null) {
            c2.h.f("CertUtil", "getX509CertificateChain error, param is empty");
            return new X509Certificate[0];
        }
        X509Certificate[] x509CertificateArr = new X509Certificate[0];
        try {
            X509Certificate[] x509CertificateArr2 = (X509Certificate[]) Class.forName("com.huawei.security.keystore.HwAttestationUtils").getMethod("attestDeviceIds", Context.class, int[].class, byte[].class).invoke(null, context, f15581a, str.getBytes(StandardCharsets.UTF_8));
            if (x509CertificateArr2 != null) {
                try {
                    if (x509CertificateArr2.length > 2) {
                        c2.h.n("CertUtil", "getX509CertificateChain success");
                        return x509CertificateArr2;
                    }
                } catch (ClassNotFoundException e10) {
                    e = e10;
                    x509CertificateArr = x509CertificateArr2;
                    c2.h.h("CertUtil", "getX509CertificateChain error:", e.getMessage());
                    return x509CertificateArr;
                } catch (IllegalAccessException e11) {
                    e = e11;
                    x509CertificateArr = x509CertificateArr2;
                    c2.h.h("CertUtil", "getX509CertificateChain error:", e.getMessage());
                    return x509CertificateArr;
                } catch (NoSuchMethodException e12) {
                    e = e12;
                    x509CertificateArr = x509CertificateArr2;
                    c2.h.h("CertUtil", "getX509CertificateChain error:", e.getMessage());
                    return x509CertificateArr;
                } catch (InvocationTargetException e13) {
                    e = e13;
                    x509CertificateArr = x509CertificateArr2;
                    c2.h.h("CertUtil", "getX509CertificateChain error:", e.getMessage());
                    return x509CertificateArr;
                } catch (Exception e14) {
                    e = e14;
                    x509CertificateArr = x509CertificateArr2;
                    c2.h.h("CertUtil", "getX509CertificateChain error other exception:", e.getMessage());
                    return x509CertificateArr;
                }
            }
            return new X509Certificate[0];
        } catch (ClassNotFoundException e15) {
            e = e15;
        } catch (IllegalAccessException e16) {
            e = e16;
        } catch (NoSuchMethodException e17) {
            e = e17;
        } catch (InvocationTargetException e18) {
            e = e18;
        } catch (Exception e19) {
            e = e19;
        }
    }

    public static boolean j(String str) {
        X509Certificate x509Certificate;
        if (TextUtils.isEmpty(str)) {
            c2.h.f("CertUtil", "isCACertValid: challenge is empty");
            return false;
        }
        X509Certificate[] i10 = i(d1.a.f().e(), str);
        if (i10.length != 4 || (x509Certificate = i10[2]) == null || x509Certificate.getPublicKey() == null) {
            c2.h.f("CertUtil", "old phone CA cert is invalid");
            return false;
        }
        v4.d.B().E3(i10[2].getPublicKey());
        c2.h.n("CertUtil", "old phone cert is valid");
        return true;
    }

    public static boolean k(String str) {
        if (TextUtils.isEmpty(str)) {
            c2.h.f("CertUtil", "cert is empty");
            return false;
        }
        int indexOf = str.indexOf("certBusiness:");
        int indexOf2 = str.indexOf("certDevice:");
        if (indexOf == -1 || indexOf2 == -1) {
            c2.h.f("CertUtil", "cert chain is invalid");
            return false;
        }
        String substring = StringUtils.substring(str, 13, indexOf2);
        String substring2 = StringUtils.substring(str, indexOf2 + 11);
        X509Certificate a10 = a(substring);
        X509Certificate a11 = a(substring2);
        String h10 = h(a10);
        if (a10 == null || a11 == null) {
            c2.h.f("CertUtil", "the cert to be verified is null.");
            return false;
        }
        if (!v4.d.B().m().equals(h10)) {
            c2.h.f("CertUtil", "the challenge of new phone certificate is not the same as that of the old phone");
            return false;
        }
        try {
            a10.verify(a11.getPublicKey());
            a11.verify(v4.d.B().h0());
        } catch (InvalidKeyException e10) {
            e = e10;
            c2.h.h("CertUtil", "verify cert chain failed:", e.getMessage());
            return false;
        } catch (NoSuchAlgorithmException e11) {
            e = e11;
            c2.h.h("CertUtil", "verify cert chain failed:", e.getMessage());
            return false;
        } catch (NoSuchProviderException e12) {
            e = e12;
            c2.h.h("CertUtil", "verify cert chain failed:", e.getMessage());
            return false;
        } catch (SignatureException e13) {
            e = e13;
            c2.h.h("CertUtil", "verify cert chain failed:", e.getMessage());
            return false;
        } catch (CertificateException e14) {
            e = e14;
            c2.h.h("CertUtil", "verify cert chain failed:", e.getMessage());
            return false;
        } catch (Exception e15) {
            c2.h.h("CertUtil", "verify cert chain failed other exception:", e15.getMessage());
        }
        c2.h.n("CertUtil", "verify cert chain success");
        return true;
    }
}
