package com.huawei.reader.utils.plugin;

import com.huawei.hbu.foundation.log.Logger;
import com.huawei.hbu.foundation.utils.AppContext;
import com.huawei.hbu.foundation.utils.as;
import com.huawei.hbu.foundation.utils.e;
import com.huawei.hbu.foundation.utils.v;
import defpackage.emb;
import defpackage.eny;
import defpackage.epi;
import defpackage.wn;
import java.io.File;
import java.security.cert.X509Certificate;
import java.util.List;

/* compiled from: PluginCheckUtils.java */
/* loaded from: classes10.dex */
public class a {
    private a() {
    }

    private static boolean a(String str, String str2, List<String> list) {
        Logger.i("ReaderUtils_PluginCheckUtils", "verifySign");
        if (as.isEmpty(str) || as.isEmpty(str2)) {
            Logger.e("ReaderUtils_PluginCheckUtils", "verifySign fileSha512 or signSha512 is empty");
            return false;
        }
        if (e.isEmpty(list)) {
            Logger.e("ReaderUtils_PluginCheckUtils", "verifySign certChainStrList is empty");
            return false;
        }
        List<X509Certificate> certificateChain = wn.getCertificateChain(list);
        if (e.isEmpty(certificateChain)) {
            Logger.e("ReaderUtils_PluginCheckUtils", "verifySign certChain is empty");
            return false;
        }
        Logger.i("ReaderUtils_PluginCheckUtils", "verifySign certChain.size:" + certificateChain.size());
        if (!wn.verifyCertChain(wn.getCBGRootCertificate(AppContext.getContext(), eny.getInstance().enableTestUrl()), certificateChain)) {
            Logger.e("ReaderUtils_PluginCheckUtils", "verifySign failed to verify cert chain");
            return false;
        }
        X509Certificate x509Certificate = certificateChain.get(certificateChain.size() - 1);
        if (!wn.checkSubjectDefaultCN(x509Certificate)) {
            Logger.e("ReaderUtils_PluginCheckUtils", "verifySign checkSubjectCN CN is invalid");
            return false;
        }
        if (!wn.checkSubjectDefaultOU(x509Certificate)) {
            Logger.e("ReaderUtils_PluginCheckUtils", "verifySign checkSubjectOU OU is invalid");
            return false;
        }
        if (wn.checkSignature(x509Certificate, str, str2)) {
            return true;
        }
        Logger.e("ReaderUtils_PluginCheckUtils", "verifySign checkSignature sign is invalid");
        return false;
    }

    public static boolean checkSign(File file, PluginSignInfo pluginSignInfo) {
        Logger.i("ReaderUtils_PluginCheckUtils", "checkSign");
        if (!v.isFileExists(file)) {
            Logger.e("ReaderUtils_PluginCheckUtils", "checkSign pluginFile is not exists");
            return false;
        }
        if (pluginSignInfo == null) {
            Logger.e("ReaderUtils_PluginCheckUtils", "checkSign pluginSignInfo is null");
            return false;
        }
        Plugin plugin = pluginSignInfo.getPlugin();
        if (plugin == null) {
            Logger.e("ReaderUtils_PluginCheckUtils", "checkSign plugin is null");
            return false;
        }
        String summary = plugin.getSummary();
        boolean a = a(summary, plugin.getSign(), pluginSignInfo.getCertChain());
        Logger.i("ReaderUtils_PluginCheckUtils", "checkSign isVerifySignPass:" + a);
        if (!a) {
            return false;
        }
        boolean validateFileSHA = epi.validateFileSHA(file, summary, "SHA-512");
        Logger.i("ReaderUtils_PluginCheckUtils", "checkSign isValidate:" + validateFileSHA);
        return validateFileSHA;
    }

    public static boolean checkSign(File file, File file2) {
        Logger.i("ReaderUtils_PluginCheckUtils", "checkSign");
        return checkSign(file, getPlugSignInfo(file2));
    }

    public static PluginSignInfo getPlugSignInfo(File file) {
        Logger.i("ReaderUtils_PluginCheckUtils", "getPlugSignInfo");
        if (!v.isFileExists(file)) {
            Logger.e("ReaderUtils_PluginCheckUtils", "getPlugSignInfo signFile is not exists");
            return null;
        }
        String readFile = v.readFile(file);
        if (!as.isEmpty(readFile)) {
            return (PluginSignInfo) emb.fromJson(readFile, PluginSignInfo.class);
        }
        Logger.e("ReaderUtils_PluginCheckUtils", "getPlugSignInfo signContent is empty");
        return null;
    }
}
