package wq;

import com.itextpdf.text.pdf.security.SecurityConstants;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.lang.reflect.Method;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Hashtable;
import org.codehaus.jackson.util.MinimalPrettyPrinter;

/* loaded from: classes4.dex */
public final class e0 implements l {

    /* renamed from: t, reason: collision with root package name */
    public static Class f42651t;

    /* renamed from: u, reason: collision with root package name */
    public static j f42652u;

    /* renamed from: g, reason: collision with root package name */
    public KeyStore f42659g;

    /* renamed from: o, reason: collision with root package name */
    public Hashtable<String, Key> f42667o;

    /* renamed from: p, reason: collision with root package name */
    public Hashtable f42668p;

    /* renamed from: q, reason: collision with root package name */
    public Hashtable f42669q;

    /* renamed from: r, reason: collision with root package name */
    public s f42670r;

    /* renamed from: s, reason: collision with root package name */
    public Hashtable f42671s;

    /* renamed from: a, reason: collision with root package name */
    public final String f42653a = "sec_security.lic";

    /* renamed from: b, reason: collision with root package name */
    public final String f42654b = "sec_certificates.pem";

    /* renamed from: c, reason: collision with root package name */
    public final String f42655c = "No valid tester license file given.";

    /* renamed from: d, reason: collision with root package name */
    public boolean f42656d = false;

    /* renamed from: e, reason: collision with root package name */
    public String f42657e = "";

    /* renamed from: f, reason: collision with root package name */
    public boolean f42658f = false;

    /* renamed from: h, reason: collision with root package name */
    public final X509Certificate[] f42660h = new X509Certificate[3];

    /* renamed from: i, reason: collision with root package name */
    public X509Certificate f42661i = null;

    /* renamed from: j, reason: collision with root package name */
    public X509Certificate f42662j = null;

    /* renamed from: k, reason: collision with root package name */
    public X509Certificate f42663k = null;

    /* renamed from: l, reason: collision with root package name */
    public X509Certificate f42664l = null;

    /* renamed from: m, reason: collision with root package name */
    public String f42665m = "";

    /* renamed from: n, reason: collision with root package name */
    public String f42666n = "";

    public static void l(Certificate[] certificateArr) {
        PublicKey publicKey;
        String str = "";
        if (certificateArr == null || certificateArr.length == 0) {
            throw new z(x.NULL_ARGUMENTS_AREN_T_ALLOWED);
        }
        try {
            try {
                X509Certificate x509Certificate = null;
                int length = certificateArr.length - 1;
                String str2 = "";
                while (length >= 0) {
                    try {
                        X509Certificate e10 = e.e(certificateArr[length].getEncoded());
                        str2 = e10.getSubjectDN().getName();
                        String name = e10.getIssuerDN().getName();
                        if (x509Certificate == null) {
                            if (str2.compareTo(name) != 0) {
                                throw new z(x.SUBJECT_AND_ISSUER_FROM_ROOT_CERTIFICATE_DOESN_T_MATCH, new Object[]{str2, name});
                            }
                            publicKey = e10.getPublicKey();
                        } else {
                            if (str.compareTo(name) != 0) {
                                throw new z(x.SUBJECT_OF_PARENT_CERTIFICATE_DOESN_T_MATCH_TO_ISSUER_OF_CLIENT_CERTIFICATE, new Object[]{str, name});
                            }
                            publicKey = x509Certificate.getPublicKey();
                        }
                        e10.verify(publicKey);
                        try {
                            e10.checkValidity();
                        } catch (CertificateExpiredException | CertificateNotYetValidException unused) {
                        }
                        length--;
                        str = str2;
                        x509Certificate = e10;
                    } catch (SignatureException e11) {
                        e = e11;
                        str = str2;
                        throw new z(x.COULDN_T_VERIFY_CLIENT_SIGNATURE_OF_CERTIFICATE, e, new Object[]{str});
                    }
                }
            } catch (SignatureException e12) {
                e = e12;
            }
        } catch (InvalidKeyException e13) {
            throw new z(x.INVALID_KEY_USED_TO_CHECK_CERTIFICATE_SIGNATURE, e13);
        } catch (NoSuchAlgorithmException e14) {
            throw new z(x.UNABLE_TO_OBTAIN_CRYPTOGRAPHICAL_ALGORITHM_TO_CHECK_CERTIFICATE_SIGNATURE, e14);
        } catch (NoSuchProviderException e15) {
            throw new z(x.COULDN_T_USE_JCE_PROVIDER_TO_VERIFY_CERTIFICATE_SIGNATURE, e15);
        } catch (CertificateException e16) {
            throw new z(x.COULDN_T_CHECK_CERTIFICATE_CHAIN, e16);
        }
    }

    @Override // wq.l
    public X509Certificate a() {
        if (c()) {
            return this.f42661i;
        }
        return null;
    }

    @Override // wq.l
    public byte[] b() {
        try {
            return q();
        } catch (RuntimeException unused) {
            return this.f42661i.getSerialNumber().toByteArray();
        }
    }

    @Override // wq.l
    public boolean c() {
        return this.f42658f;
    }

    @Override // wq.l
    public boolean d(String str) {
        if (!c()) {
            throw new z(x.INVALID_CALL_VALIDATE_SESSION_KEY_REFERENCE, new Object[]{"No valid tester license file given."});
        }
        if (str == null || str.length() == 0) {
            throw new z(x.NULL_ARGUMENTS_AREN_T_ALLOWED_PLEASE_CALL_WITH_A_NOT_NULL_ARGUMENT);
        }
        Hashtable<String, Key> hashtable = this.f42667o;
        if (hashtable == null || hashtable.isEmpty()) {
            throw new z(x.SESSION_KEY_LIST_IS_NULL_OR_CONTAINS_NO_SESSION_KEYS);
        }
        return this.f42667o.containsKey(str);
    }

    @Override // wq.l
    public byte[] e(int i10, byte[] bArr, String str) {
        if (c()) {
            return e.n(i10, n(this.f42657e), bArr, str);
        }
        throw new z(x.INVALID_CALL_FOR_CRYPTO_ROUTINES_FOR_MSM, new Object[]{"No valid tester license file given."});
    }

    @Override // wq.l
    public Key f(p pVar, String str) {
        if (!c()) {
            throw new z(x.INVALID_CALL_FOR_DECRYPT_WITH_SESSION_KEY, new Object[]{"No valid tester license file given."});
        }
        if (pVar == null || pVar.d() == null || pVar.b() == null || str == null) {
            throw new v(x.NULL_ARGUMENTS_AREN_T_ALLOWED_PLEASE_CALL_WITH_CORRECT_PARAMETERS);
        }
        return !pVar.e() ? e.i(pVar, g(str)) : e.r(pVar.d(), pVar.f());
    }

    public final Key g(String str) {
        if (!c()) {
            throw new z(x.INVALID_CALL_FOR_KEY_REFERENCE_KEYS, new Object[]{"No valid tester license file given."});
        }
        if (str == null || str.length() == 0) {
            throw new v(x.NULL_ARGUMENTS_AREN_T_ALLOWED);
        }
        Key key = this.f42667o.get(str);
        if (key != null) {
            return key;
        }
        throw new v(x.UNABLE_TO_GET_SESSION_KEY_WITH_NAME, new Object[]{str});
    }

    @Override // wq.l
    public i0 getType() {
        return i0.a;
    }

    public final void h() {
        X509Certificate x509Certificate = this.f42663k;
        if (x509Certificate == null) {
            k(false);
            throw new a0(x.ERROR_CHECKING_CERTIFICATE_CHAIN_NO_CLIENT_CERTIFICATES_WERE_READ);
        }
        X509Certificate[] x509CertificateArr = this.f42660h;
        x509CertificateArr[0] = x509Certificate;
        l(x509CertificateArr);
        X509Certificate x509Certificate2 = this.f42662j;
        if (x509Certificate2 != null) {
            X509Certificate[] x509CertificateArr2 = this.f42660h;
            x509CertificateArr2[0] = x509Certificate2;
            l(x509CertificateArr2);
        }
        X509Certificate x509Certificate3 = this.f42664l;
        if (x509Certificate3 != null) {
            X509Certificate[] x509CertificateArr3 = this.f42660h;
            x509CertificateArr3[0] = x509Certificate3;
            l(x509CertificateArr3);
        }
        this.f42660h[0] = null;
        k(true);
    }

    public final void i(File file) {
        k(false);
        d0 d0Var = new d0(file);
        this.f42668p = new Hashtable();
        Hashtable<String, Certificate> b10 = d0Var.b();
        Enumeration<String> keys = b10.keys();
        while (keys.hasMoreElements()) {
            String nextElement = keys.nextElement();
            X509Certificate x509Certificate = (X509Certificate) b10.get(nextElement);
            String lowerCase = nextElement.toLowerCase();
            if (lowerCase.indexOf("fzg-root-ca") >= 0) {
                String name = x509Certificate.getIssuerDN().getName();
                if (name.indexOf("fzg-root-ca") < 0) {
                    throw new z(x.ROOT_CERTIFICATE_IS_NOT_SELF_SIGNED_ISSUER_IS_SUBJECT_IS, new Object[]{name, "fzg-root-ca"});
                }
                this.f42660h[2] = x509Certificate;
            } else if (lowerCase.indexOf("fzgsec-ca") >= 0) {
                this.f42660h[1] = x509Certificate;
            } else if (lowerCase.indexOf("codier-sign") >= 0) {
                byte[] l10 = e.l(x509Certificate.getPublicKey().getEncoded());
                if (lowerCase.startsWith("uid=develop")) {
                    this.f42665m = f.f(l10);
                    this.f42662j = x509Certificate;
                } else if (lowerCase.startsWith("uid=field")) {
                    this.f42666n = f.f(l10);
                    this.f42663k = x509Certificate;
                }
            } else if (lowerCase.indexOf("kis-sign") >= 0) {
                this.f42664l = x509Certificate;
            } else if (lowerCase.indexOf("zentrale master freischaltcodestelle") >= 0) {
                this.f42668p.put(x509Certificate.getSerialNumber(), x509Certificate);
            }
        }
    }

    public final void j(File file, String str) {
        try {
            u d10 = u.d(file);
            this.f42667o = new Hashtable<>();
            PrivateKey n10 = n(this.f42657e);
            Enumeration keys = d10.c().keys();
            while (keys.hasMoreElements()) {
                String str2 = (String) keys.nextElement();
                q qVar = (q) d10.c().get(str2);
                if (qVar.d().compareToIgnoreCase(str) == 0) {
                    try {
                        this.f42667o.put(str2, e.s(e.g(qVar.a(), n10), qVar.b()));
                    } catch (Exception e10) {
                        throw new Exception("Double keyReference entry for same license key." + e10.toString());
                    }
                }
            }
            f0.b(d10.b());
            Hashtable<String, Key> hashtable = this.f42667o;
            if (hashtable == null || hashtable.isEmpty()) {
                k(false);
                throw new z(x.NO_SESSION_KEY_FOUND_FOR_TLD_ACCESS_TO_AUTH_AND_NCD_KEYS_AREN_T_ALLOWED);
            }
        } catch (Exception e11) {
            this.f42667o.clear();
            k(false);
            throw new z(x.ERROR_ANALYSING_KEYREFERENCE_FILE, e11);
        }
    }

    public final void k(boolean z10) {
        this.f42658f = z10;
    }

    public final char[] m(byte[] bArr) {
        return f.f(e.k(bArr, SecurityConstants.SHA1)).toCharArray();
    }

    public final PrivateKey n(String str) {
        PrivateKey privateKey;
        Enumeration keys = this.f42671s.keys();
        while (true) {
            if (!keys.hasMoreElements()) {
                privateKey = null;
                break;
            }
            String str2 = (String) keys.nextElement();
            if (str2 != null && str2.indexOf(str) >= 0) {
                privateKey = (PrivateKey) this.f42671s.get(str2);
                break;
            }
        }
        if (privateKey != null) {
            return privateKey;
        }
        throw new z(x.TLD_RSA_KEY_WAS_NOT_FOUND_WITHIN_THE_TLD_INVALID_TLD_FILE);
    }

    public final void o() {
        try {
            Object[] objArr = new Object[0];
            Class<?>[] clsArr = new Class[0];
            if (f42651t == null) {
                f42651t = Class.forName("com.bmw.est.cm.core.ESTCM", false, Thread.currentThread().getContextClassLoader());
            }
            Method declaredMethod = f42651t.getDeclaredMethod("getInstance", clsArr);
            if (f42652u == null) {
                f42652u = (j) declaredMethod.invoke(objArr, objArr);
            }
            f42652u.getVersion();
            this.f42656d = true;
        } catch (ClassNotFoundException | Exception unused) {
            this.f42656d = false;
        }
    }

    public final void p(File file) {
        X509Certificate x509Certificate;
        k(false);
        c0 c0Var = new c0(file);
        this.f42669q = new Hashtable();
        this.f42671s = new Hashtable();
        try {
            try {
                try {
                    try {
                        try {
                            try {
                                try {
                                    s sVar = new s();
                                    this.f42670r = sVar;
                                    char[] m10 = m(sVar.b(c0Var.c()));
                                    KeyStore keyStore = KeyStore.getInstance("PKCS12");
                                    this.f42659g = keyStore;
                                    keyStore.load(c0Var.d(), m10);
                                    Enumeration<String> aliases = this.f42659g.aliases();
                                    while (aliases.hasMoreElements()) {
                                        String nextElement = aliases.nextElement();
                                        Certificate[] certificateChain = this.f42659g.getCertificateChain(nextElement);
                                        if (certificateChain == null) {
                                            k(false);
                                            throw new z(x.NO_CERTIFICATES_FOUND_IN_TLD);
                                        }
                                        if (certificateChain.length == 1) {
                                            if (nextElement.toLowerCase().indexOf("codier-encrypt") >= 0) {
                                                certificateChain[0] = g.a("codier-encrypt");
                                            } else if (nextElement.toLowerCase().indexOf("e-sys") >= 0) {
                                                certificateChain[0] = g.a("e-sys");
                                            }
                                        }
                                        if (!((X509Certificate) certificateChain[0]).getSubjectDN().toString().equalsIgnoreCase(nextElement)) {
                                            throw new z(x.CERTIFICATE_SUBJECT_IS_NOT_A_WELL_DEFINED_TLD_SUBJECT, new Object[]{"[Different TLD alias (" + nextElement + ") and Certificate subject: " + ((X509Certificate) certificateChain[0]).getSubjectDN().toString() + "]"});
                                        }
                                        Key key = this.f42659g.getKey(nextElement, m10);
                                        if (key == null) {
                                            throw new z(x.NO_CRYPTOGRAPHIC_KEYS_FOUND_WITHIN_TLD_INVALID_TLD_FILE);
                                        }
                                        this.f42671s.put(nextElement, key);
                                        if (nextElement.toLowerCase().indexOf("codier-encrypt") >= 0) {
                                            this.f42669q.put(certificateChain[0], nextElement);
                                        } else {
                                            if (nextElement.toLowerCase().indexOf("-sys") < 0) {
                                                k(false);
                                                throw new z(x.CERTIFICATE_SUBJECT_IS_NOT_A_WELL_DEFINED_TLD_SUBJECT, new Object[]{nextElement});
                                            }
                                            this.f42661i = (X509Certificate) certificateChain[0];
                                            this.f42657e = nextElement;
                                        }
                                    }
                                    c0Var.b();
                                    if (this.f42669q.isEmpty() || (x509Certificate = this.f42661i) == null) {
                                        k(false);
                                        throw new z(x.IT_WAS_NOT_POSSIBLE_TO_READ_COMPLETE_CERTIFICATE_CHAIN_FROM, new Object[]{"sec_security.lic"});
                                    }
                                    X509Certificate[] x509CertificateArr = this.f42660h;
                                    x509CertificateArr[0] = x509Certificate;
                                    l(x509CertificateArr);
                                    Enumeration keys = this.f42669q.keys();
                                    while (keys.hasMoreElements()) {
                                        this.f42660h[0] = (X509Certificate) keys.nextElement();
                                        l(this.f42660h);
                                    }
                                    this.f42660h[0] = null;
                                } catch (NoSuchAlgorithmException e10) {
                                    k(false);
                                    throw new z(x.UNABLE_TO_DECRYPT_TLD, e10);
                                }
                            } catch (CertificateException e11) {
                                k(false);
                                throw new z(x.UNABLE_TO_DECRYPT_TLD, e11);
                            }
                        } catch (KeyStoreException e12) {
                            k(false);
                            throw new z(x.UNABLE_TO_DECRYPT_TLD, e12, new Object[]{file.getAbsolutePath()});
                        }
                    } catch (UnrecoverableKeyException e13) {
                        k(false);
                        throw new z(x.UNABLE_TO_DECRYPT_TLD, e13);
                    }
                } catch (IOException e14) {
                    k(false);
                    throw new v(x.COULDN_T_READ, e14, new Object[]{file.getAbsolutePath()});
                }
            } catch (FileNotFoundException e15) {
                k(false);
                throw new v(x.TESTER_LICENSE_FILE_NOT_FOUND, e15, new Object[]{file.getAbsolutePath()});
            } catch (IllegalArgumentException e16) {
                k(false);
                throw new v(x.TESTER_LICENSE_FILE_NOT_FOUND, e16, new Object[]{file.getAbsolutePath()});
            }
        } catch (Throwable th2) {
            c0Var.b();
            throw th2;
        }
    }

    public final byte[] q() {
        if (!this.f42656d) {
            throw new RuntimeException("EST-CM isn't connected; unable to read EST certificate serial number.");
        }
        try {
            f42651t.getMethod("getEstSerialNo", new Class[0]);
            return f.e(f42652u.a());
        } catch (Exception e10) {
            throw new RuntimeException("Unable to read EST certificate serial number.", e10);
        }
    }

    public void r(File file, File file2) {
        o();
        i(new File(file2.getAbsolutePath(), "sec_certificates.pem"));
        p(new File(file.getAbsolutePath(), "sec_security.lic"));
        h();
        if (!c()) {
            throw new a0(x.INVALID_CALL_FOR_INIT_PLEASE_AUTHENTICATE_TESTER_FIRST);
        }
        j(file2, this.f42661i.getSubjectDN().toString().replaceAll(MinimalPrettyPrinter.DEFAULT_ROOT_VALUE_SEPARATOR, ""));
    }
}
