package com.xtdroid.installer.suite;

import com.xtdroid.installer.Cancelable;
import com.xtdroid.util.Base64;
import com.xtdroid.util.Log;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXCertPathValidatorResult;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class PropsValidator implements Cancelable {
    public static final String CERT_PREFIX = "MIDlet-Certificate-";
    static final String CONFIGURATION = "MicroEdition-Configuration";
    static final String DELETE_CONFIRM = "MIDlet-Delete-Confirm";
    static final String DESCRIPTION = "MIDlet-Description";
    static final String INFO_URL = "MIDlet-Info-URL";
    static final String JAR_URL = "MIDlet-Jar-URL";
    static final String MICROEDITION_PREFIX = "MicroEdition-";
    static final String MIDLET_PREFIX = "MIDlet-";
    static final String NAME = "MIDlet-Name";
    static final String PROFILE = "MicroEdition-Profile";
    static final String PROFILE_MIDP1 = "MIDP-1.0";
    static final String PROFILE_MIDP2 = "MIDP-2.0";
    static final String PROFILE_MIDP21 = "MIDP-2.1";
    static final String PUSH_PREFIX = "MIDlet-Push-";
    static final String RUNTIME_EXECUTION_ENVIRONMENT = "Runtime-Execution-Environment";
    private static final String TCK_CERT_PATH = "/res/certs/esm_public_tck1.cer";
    static final String VENDOR = "MIDlet-Vendor";
    static final String VERSION = "MIDlet-Version";
    private boolean canceled = false;
    static final String JAR_SIZE = "MIDlet-Jar-Size";
    static final String MIDLET_ICON = "MIDlet-Icon";
    static final String DATA_SIZE = "MIDlet-Data-Size";
    static final String PERMISSIONS = "MIDlet-Permissions";
    static final String PERMISSIONS_OPT = "MIDlet-Permissions-Opt";
    static final String INSTALL_NOTIFY = "MIDlet-Install-Notify";
    static final String DELETE_NOTIFY = "MIDlet-Delete-Notify";
    static final String SIG = "MIDlet-Jar-RSA-SHA1";
    private static final String[] allPreDefinedProps = {"MIDlet-Name", "MIDlet-Version", "MIDlet-Vendor", "MicroEdition-Configuration", "MicroEdition-Profile", JAR_SIZE, "MIDlet-Jar-URL", "MIDlet-Description", MIDLET_ICON, "MIDlet-Info-URL", DATA_SIZE, PERMISSIONS, PERMISSIONS_OPT, INSTALL_NOTIFY, DELETE_NOTIFY, "MIDlet-Delete-Confirm", SIG};
    private static final String[] jadMandatoryProps = {"MIDlet-Name", "MIDlet-Version", "MIDlet-Vendor", "MIDlet-Jar-URL", JAR_SIZE};
    private static final String[] jarMandatoryProps = {"MIDlet-Name", "MIDlet-Version", "MIDlet-Vendor"};
    static final String MIDLET_1 = "MIDlet-1";
    private static final String[] mandatoryProps = {MIDLET_1, "MicroEdition-Profile", "MicroEdition-Configuration"};
    private static final String[] duplicateProps = {"MIDlet-Name", "MIDlet-Version", "MIDlet-Vendor"};
    private static Set<String> allPropsSet = null;
    private static PKIXParameters authParams = null;

    private void authenticate(Hashtable<String, String> hashtable, File file) throws PropsValidatorException, FileNotFoundException {
        FileInputStream fileInputStream;
        FileInputStream fileInputStream2 = null;
        try {
            try {
                fileInputStream = new FileInputStream(file);
            } catch (CertificateException e) {
            }
        } catch (Throwable th) {
            th = th;
        }
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
            int i = 1;
            while (true) {
                ArrayList<X509Certificate> arrayList = new ArrayList<>();
                int i2 = 1;
                while (true) {
                    String str = CERT_PREFIX + i + "-" + i2;
                    if (!hashtable.containsKey(str)) {
                        break;
                    }
                    arrayList.add((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.decode(hashtable.get(str).getBytes()))));
                    i2++;
                }
                if (arrayList.size() <= 0) {
                    throw new PropsValidatorException(5, "fail to authenticate the jar");
                }
                try {
                    if (this.canceled) {
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                                return;
                            } catch (IOException e2) {
                                throw new PropsValidatorException(5, "error happens during authenticating the jar");
                            }
                        }
                        return;
                    }
                    PublicKey verifySignerCertificate = verifySignerCertificate(arrayList);
                    if (this.canceled) {
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                                return;
                            } catch (IOException e3) {
                                throw new PropsValidatorException(5, "error happens during authenticating the jar");
                            }
                        }
                        return;
                    }
                    if (!verifyJARSignature(verifySignerCertificate, fileInputStream, Base64.decode(hashtable.get(SIG).getBytes()))) {
                        throw new PropsValidatorException(5, "fail to authenticate the jar");
                        break;
                    } else {
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                                return;
                            } catch (IOException e4) {
                                throw new PropsValidatorException(5, "error happens during authenticating the jar");
                            }
                        }
                        return;
                    }
                } catch (PropsValidatorException e5) {
                    throw e5;
                } catch (CertPathValidatorException e6) {
                    i++;
                } catch (Exception e7) {
                    throw new PropsValidatorException(5, "fail to authenticate the jar");
                }
            }
        } catch (CertificateException e8) {
            fileInputStream2 = fileInputStream;
            throw new PropsValidatorException(5, "fail to authenticate the jar");
        } catch (Throwable th2) {
            th = th2;
            fileInputStream2 = fileInputStream;
            if (fileInputStream2 != null) {
                try {
                    fileInputStream2.close();
                } catch (IOException e9) {
                    throw new PropsValidatorException(5, "error happens during authenticating the jar");
                }
            }
            throw th;
        }
    }

    private void checkAppAttributes(Hashtable<String, String> hashtable) throws PropsValidatorException {
        Set<String> keySet = hashtable.keySet();
        Set<String> allProps = getAllProps();
        for (String str : keySet) {
            if (str.startsWith(MIDLET_PREFIX)) {
                if (allProps.contains(str)) {
                    continue;
                } else if (str.startsWith(PUSH_PREFIX)) {
                    try {
                        Integer.parseInt(str.substring(PUSH_PREFIX.length()));
                    } catch (NumberFormatException e) {
                        throw new PropsValidatorException(3, "Attribute " + str + " is not allowed.");
                    }
                } else if (str.startsWith(CERT_PREFIX)) {
                    String substring = str.substring(CERT_PREFIX.length(), str.lastIndexOf("-"));
                    String substring2 = str.substring(str.lastIndexOf("-"));
                    try {
                        Integer.parseInt(substring);
                        Integer.parseInt(substring2);
                    } catch (NumberFormatException e2) {
                        throw new PropsValidatorException(3, "Attribute " + str + " is not allowed.");
                    }
                } else {
                    try {
                        Integer.parseInt(str.substring(7));
                    } catch (NumberFormatException e3) {
                        throw new PropsValidatorException(3, "Attribute " + str + " is not allowed.");
                    }
                }
            } else if (str.startsWith(MICROEDITION_PREFIX) && !allProps.contains(str)) {
                throw new PropsValidatorException(3, "Attribute " + str + " is not allowed.");
            }
        }
    }

    private void checkConsecutiveProps(Hashtable<String, String> hashtable, String str) {
        int i = 0;
        for (int i2 = 1; hashtable.containsKey(str + i2); i2++) {
            i = i2;
        }
        if (i == 0) {
            return;
        }
        HashSet hashSet = new HashSet();
        for (String str2 : hashtable.keySet()) {
            if (str2.startsWith(str)) {
                try {
                    if (Integer.parseInt(str2.substring(str.length())) > i) {
                        hashSet.add(str2);
                    }
                } catch (NumberFormatException e) {
                }
            }
        }
        if (hashSet.isEmpty()) {
            return;
        }
        Iterator it = hashSet.iterator();
        while (it.hasNext()) {
            hashtable.remove((String) it.next());
        }
    }

    private void checkMandatoryProps(String[] strArr, Hashtable<String, String> hashtable) throws PropsValidatorException {
        if (strArr != null) {
            int length = strArr.length;
            for (int i = 0; i < length; i++) {
                String str = hashtable.get(strArr[i]);
                if (str == null || str.length() == 0) {
                    throw new PropsValidatorException(1, "Missing mandatory attribute: " + strArr[i]);
                }
            }
        }
    }

    private void checkNumberValue(Hashtable<String, String> hashtable, String str) throws PropsValidatorException {
        if (hashtable.containsKey(str)) {
            try {
                Integer.parseInt(hashtable.get(str));
            } catch (NumberFormatException e) {
                throw new PropsValidatorException(4, "Invalid value for key: " + str);
            }
        }
    }

    private void checkValues(Hashtable<String, String> hashtable) throws PropsValidatorException {
        checkNumberValue(hashtable, JAR_SIZE);
        checkNumberValue(hashtable, DATA_SIZE);
        checkVersionFormat(hashtable.get("MIDlet-Version"));
    }

    private void checkVersionFormat(String str) throws PropsValidatorException {
        int indexOf;
        int i = 0;
        int length = str.length();
        for (int i2 = 0; i2 < length; i2 = indexOf + 1) {
            if (i >= 3 || i2 == length) {
                throw new PropsValidatorException(4, "Invalid version format: " + str);
            }
            indexOf = str.indexOf(46, i2);
            if (indexOf == -1) {
                indexOf = length;
            }
            if (indexOf - i2 > 2) {
                throw new PropsValidatorException(4, "Invalid version format: " + str);
            }
            if (Integer.parseInt(str.substring(i2, indexOf)) < 0) {
                throw new PropsValidatorException(4, "Invalid version format: " + str);
            }
            i++;
        }
    }

    private void commonCheck(String[] strArr, Hashtable<String, String> hashtable) throws PropsValidatorException {
        checkMandatoryProps(strArr, hashtable);
        checkAppAttributes(hashtable);
        checkConsecutiveProps(hashtable, MIDLET_PREFIX);
        checkConsecutiveProps(hashtable, PUSH_PREFIX);
    }

    private synchronized Set<String> getAllProps() {
        if (allPropsSet == null) {
            allPropsSet = new HashSet(Arrays.asList(allPreDefinedProps));
        }
        return allPropsSet;
    }

    private synchronized PKIXParameters getPKIXParameters() throws NoSuchAlgorithmException, KeyStoreException, InvalidAlgorithmParameterException {
        if (authParams == null) {
            HashSet hashSet = new HashSet();
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
            trustManagerFactory.init((KeyStore) null);
            for (X509Certificate x509Certificate : ((X509TrustManager) trustManagerFactory.getTrustManagers()[0]).getAcceptedIssuers()) {
                hashSet.add(new TrustAnchor(x509Certificate, null));
            }
            try {
                hashSet.add(new TrustAnchor((X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(getClass().getResourceAsStream(TCK_CERT_PATH)), null));
                authParams = new PKIXParameters(hashSet);
                authParams.setRevocationEnabled(false);
            } catch (CertificateException e) {
                if (Log.ON) {
                    Log.warn("Failed to get the trusted certificate: " + e);
                }
                throw new KeyStoreException();
            }
        }
        return authParams;
    }

    private boolean verifyJARSignature(PublicKey publicKey, InputStream inputStream, byte[] bArr) throws IOException, GeneralSecurityException {
        Signature signature = Signature.getInstance("SHA1withRSA");
        signature.initVerify(publicKey);
        byte[] bArr2 = new byte[1024];
        while (true) {
            int read = inputStream.read(bArr2);
            if (read == -1) {
                return signature.verify(bArr);
            }
            signature.update(bArr2, 0, read);
        }
    }

    private PublicKey verifySignerCertificate(ArrayList<X509Certificate> arrayList) throws CertificateException, NoSuchAlgorithmException, CertPathValidatorException, InvalidAlgorithmParameterException, KeyStoreException {
        return ((PKIXCertPathValidatorResult) CertPathValidator.getInstance("PKIX").validate(CertificateFactory.getInstance("X509").generateCertPath(arrayList), getPKIXParameters())).getPublicKey();
    }

    @Override // com.xtdroid.installer.Cancelable
    public void cancel() {
        this.canceled = true;
    }

    public Hashtable<String, String> validate(File file, Hashtable<String, String> hashtable, Hashtable<String, String> hashtable2) throws PropsValidatorException {
        commonCheck(jarMandatoryProps, hashtable2);
        Hashtable<String, String> hashtable3 = new Hashtable<>(hashtable2);
        if (hashtable != null) {
            commonCheck(jadMandatoryProps, hashtable);
            for (int i = 0; i < duplicateProps.length; i++) {
                String str = duplicateProps[i];
                if (!hashtable3.get(str).equals(hashtable.get(str))) {
                    throw new PropsValidatorException(2, "Miss-matching attribute: " + str);
                }
            }
            if (hashtable.containsKey(SIG)) {
                for (String str2 : hashtable.keySet()) {
                    String str3 = hashtable.get(str2);
                    if (hashtable3.containsKey(str2) && !str3.equals(hashtable3.get(str2))) {
                        throw new PropsValidatorException(2, "Miss-matching attribute: " + str2);
                    }
                    hashtable3.put(str2, str3);
                }
                try {
                    if (this.canceled) {
                        return null;
                    }
                    authenticate(hashtable, file);
                    if (this.canceled) {
                        return null;
                    }
                } catch (FileNotFoundException e) {
                    throw new PropsValidatorException(5, "The jar file can not be found");
                }
            } else {
                for (String str4 : hashtable.keySet()) {
                    hashtable3.put(str4, hashtable.get(str4));
                }
            }
        }
        checkMandatoryProps(mandatoryProps, hashtable3);
        checkValues(hashtable3);
        if (hashtable3.get(JAR_SIZE) != null) {
            if (file.length() != Long.parseLong(hashtable3.get(JAR_SIZE))) {
                throw new PropsValidatorException(6, "The jar size is not match the property MIDlet-Jar-Size");
            }
        }
        return hashtable3;
    }
}
