package com.huawei.signclient.hap.provider;

import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import com.huawei.signclient.hap.api.ResignServer;
import com.huawei.signclient.hap.config.SignerConfig;
import com.huawei.signclient.hap.entity.SigningBlock;
import com.huawei.signclient.hap.exception.SignatureException;
import com.huawei.signclient.hap.sign.SignBin;
import com.huawei.signclient.hap.sign.SignHapV2;
import com.huawei.signclient.hap.utils.DigestUtils;
import com.huawei.signclient.hap.utils.EscapeCharacter;
import com.huawei.signclient.hap.utils.HapUtils;
import com.huawei.signclient.hap.utils.ParamConstants;
import com.huawei.signclient.hap.utils.ParamProcessUtil;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TimeZone;
import java.util.jar.JarFile;
import java.util.jar.JarOutputStream;
import org.apache.commons.io.FileUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.logging.log4j.util.ProcessIdUtil;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import sun.security.pkcs.PKCS7;

/* loaded from: input_file:com/huawei/signclient/hap/provider/SignProvider.class */
public abstract class SignProvider {
    private static final Logger LOGGER = LogManager.getLogger((Class<?>) SignProvider.class);
    private static final List<String> VALID_SIGN_ALG_NAME = new ArrayList();
    private static final List<String> PARAMETERS_NEED_ESCAPE = new ArrayList();
    protected List<SigningBlock> optionalBlocks = new ArrayList();
    protected Map<String, String> inputParams = new HashMap();
    protected Map<String, String> signParams = new HashMap();
    protected ResignServer server = null;

    public void setResignServer(ResignServer resignServer) {
        this.server = resignServer;
    }

    private boolean loadOptionalBlocks() {
        if (!loadOptionalBlock(this.signParams.get(ParamConstants.PARAM_BASIC_PROPERTY), HapUtils.HAP_PROPERTY_BLOCK_ID)) {
            LOGGER.error("Load blcokId: 536870915failed!");
            return false;
        }
        if (!loadOptionalBlock(this.signParams.get(ParamConstants.PARAM_BASIC_PROFILE), HapUtils.HAP_PROFILE_BLOCK_ID)) {
            LOGGER.error("Load blcokId: 536870914failed!");
            return false;
        }
        if (loadOptionalBlock(this.signParams.get(ParamConstants.PARAM_BASIC_PROOF), HapUtils.HAP_PROOF_OF_ROTATION_BLOCK_ID)) {
            return true;
        }
        LOGGER.error("Load blcokId: 536870913failed!");
        return false;
    }

    private boolean loadOptionalBlock(String str, int i) {
        if (!checkStringIsNotNullAndEmity(str)) {
            return true;
        }
        if (!checkFile(str)) {
            LOGGER.error("check file failed");
            return false;
        }
        try {
            byte[] readFileToByte = HapUtils.readFileToByte(str);
            if (readFileToByte == null || readFileToByte.length <= 0) {
                LOGGER.error("Optional block is null!");
                return true;
            }
            this.optionalBlocks.add(new SigningBlock(i, readFileToByte));
            return true;
        } catch (IOException e) {
            LOGGER.error("read file error", (Throwable) e);
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean checkFile(String str) {
        if (!checkStringIsNotNullAndEmity(str)) {
            LOGGER.error("fileName is null");
            return false;
        }
        File file = new File(str);
        if (!file.canRead()) {
            LOGGER.error(str + " not exist or can not read!");
            return false;
        }
        if (file.isFile()) {
            return true;
        }
        LOGGER.error(str + " is not a file!");
        return false;
    }

    private boolean checkStringIsNotNullAndEmity(String str) {
        return (str == null || "".equals(str)) ? false : true;
    }

    public List<X509Certificate> getPublicCerts() {
        return Collections.emptyList();
    }

    public X509CRL getCrl() {
        return null;
    }

    public SignerConfig createV2SignerConfigs(List<X509Certificate> list, X509CRL x509crl) throws InvalidKeyException {
        SignerConfig signerConfig = new SignerConfig();
        signerConfig.fillParameters(this.signParams);
        signerConfig.certificates = list;
        if (x509crl != null) {
            signerConfig.x509CRLs = Collections.singletonList(x509crl);
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(ParamProcessUtil.getSignatureAlgorithm(this.signParams.get(ParamConstants.PARAM_BASIC_SIGANTURE_ALG)));
        signerConfig.signatureAlgorithms = arrayList;
        return signerConfig;
    }

    private boolean checkLiteParams(String[] strArr) {
        Set<String> initParamField = ParamProcessUtil.initParamField(new String[]{ParamConstants.PARAM_BASIC_PROFILE_SIGNED});
        for (String str : this.inputParams.keySet()) {
            if (initParamField.contains(str)) {
                this.signParams.put(str, this.inputParams.get(str));
            }
        }
        return 1 != 0 && checkProfileSigned();
    }

    private boolean checkProfileSigned() {
        if (this.signParams.containsKey(ParamConstants.PARAM_BASIC_PROFILE_SIGNED)) {
            return true;
        }
        LOGGER.error("Missing parameter : profileSigned");
        return false;
    }

    public boolean signBin(String[] strArr) {
        Security.addProvider(new BouncyCastleProvider());
        if (!checkParams(strArr)) {
            LOGGER.error("Check parameters failed.");
            return false;
        }
        if (!checkLiteParams(strArr)) {
            LOGGER.error("Check profile signed failed.");
            return false;
        }
        if (!loadOptionalBlocks()) {
            LOGGER.error("Load optional blocks failed.");
            return false;
        }
        try {
            if (SignBin.sign(createV2SignerConfigs(getPublicCerts(), getCrl()), this.signParams)) {
                LOGGER.info("Sign success");
                return true;
            }
            LOGGER.error("The sign head data made failed.");
            return false;
        } catch (InvalidKeyException e) {
            LOGGER.error("create v2 signer configs failed.", (Throwable) e);
            return false;
        }
    }

    /* JADX WARN: Failed to calculate best type for var: r13v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r14v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r15v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r16v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r17v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r18v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.RegisterArg.getSVar()" because the return value of "jadx.core.dex.nodes.InsnNode.getResult()" is null
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.collectRelatedVars(AbstractTypeConstraint.java:31)
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.<init>(AbstractTypeConstraint.java:19)
    	at jadx.core.dex.visitors.typeinference.TypeSearch$1.<init>(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeMoveConstraint(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeConstraint(TypeSearch.java:361)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.collectConstraints(TypeSearch.java:341)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:60)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 13, insn: 0x028f: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r13 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:124:0x028f */
    /* JADX WARN: Not initialized variable reg: 14, insn: 0x0294: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r14 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:126:0x0294 */
    /* JADX WARN: Not initialized variable reg: 15, insn: 0x0238: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r15 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:109:0x0238 */
    /* JADX WARN: Not initialized variable reg: 16, insn: 0x023d: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r16 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:111:0x023d */
    /* JADX WARN: Not initialized variable reg: 17, insn: 0x01e1: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r17 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:93:0x01e1 */
    /* JADX WARN: Not initialized variable reg: 18, insn: 0x01e6: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r18 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:95:0x01e6 */
    /* JADX WARN: Type inference failed for: r13v0, types: [java.util.jar.JarFile] */
    /* JADX WARN: Type inference failed for: r14v0, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r15v0, types: [java.io.FileOutputStream] */
    /* JADX WARN: Type inference failed for: r16v0, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r17v0, types: [java.io.ByteArrayOutputStream] */
    /* JADX WARN: Type inference failed for: r18v0, types: [java.lang.Throwable] */
    public boolean sign(String[] strArr) {
        boolean z;
        JarFile jarFile;
        Throwable th;
        ?? r15;
        ?? r16;
        ?? r17;
        ?? r18;
        Security.addProvider(new BouncyCastleProvider());
        if (!checkParams(strArr)) {
            LOGGER.error("Check parameters failed!");
            return false;
        }
        List<X509Certificate> publicCerts = getPublicCerts();
        if (!loadOptionalBlocks()) {
            LOGGER.error("Load optional blocks failed!");
            return false;
        }
        String str = this.signParams.get(ParamConstants.PARAM_BASIC_INPUT_FILE);
        String str2 = this.signParams.get(ParamConstants.PARAM_BASIC_OUTPUT_FILE);
        try {
            try {
                jarFile = new JarFile(new File(str), false);
                th = null;
            } catch (SignatureException | IOException | GeneralSecurityException e) {
                LOGGER.error("sign failed.", e);
                ParamProcessUtil.delDir(new File(str2));
                z = false;
            }
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(str2);
                Throwable th2 = null;
                try {
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    Throwable th3 = null;
                    JarOutputStream jarOutputStream = new JarOutputStream(byteArrayOutputStream);
                    Throwable th4 = null;
                    try {
                        try {
                            jarOutputStream.setLevel(9);
                            SignHapV2.copyFiles(SignHapV2.getEntryNamesFromHap(jarFile), jarFile, jarOutputStream, 1230768000000L - TimeZone.getDefault().getOffset(1230768000000L), Integer.parseInt(this.signParams.get(ParamConstants.PARAM_BASIC_ALIGNMENT)));
                            jarOutputStream.close();
                            ByteBuffer wrap = ByteBuffer.wrap(byteArrayOutputStream.toByteArray());
                            byteArrayOutputStream.reset();
                            for (ByteBuffer byteBuffer : SignHapV2.sign(wrap, createV2SignerConfigs(publicCerts, getCrl()), this.optionalBlocks)) {
                                fileOutputStream.write(byteBuffer.array(), byteBuffer.arrayOffset() + byteBuffer.position(), byteBuffer.remaining());
                                byteBuffer.position(byteBuffer.limit());
                            }
                            z = true;
                            LOGGER.info("sign success");
                            if (jarOutputStream != null) {
                                if (0 != 0) {
                                    try {
                                        jarOutputStream.close();
                                    } catch (Throwable th5) {
                                        th4.addSuppressed(th5);
                                    }
                                } else {
                                    jarOutputStream.close();
                                }
                            }
                            if (byteArrayOutputStream != null) {
                                if (0 != 0) {
                                    try {
                                        byteArrayOutputStream.close();
                                    } catch (Throwable th6) {
                                        th3.addSuppressed(th6);
                                    }
                                } else {
                                    byteArrayOutputStream.close();
                                }
                            }
                            if (fileOutputStream != null) {
                                if (0 != 0) {
                                    try {
                                        fileOutputStream.close();
                                    } catch (Throwable th7) {
                                        th2.addSuppressed(th7);
                                    }
                                } else {
                                    fileOutputStream.close();
                                }
                            }
                            if (jarFile != null) {
                                if (0 != 0) {
                                    try {
                                        jarFile.close();
                                    } catch (Throwable th8) {
                                        th.addSuppressed(th8);
                                    }
                                } else {
                                    jarFile.close();
                                }
                            }
                            return z;
                        } finally {
                        }
                    } catch (Throwable th9) {
                        if (jarOutputStream != null) {
                            if (th4 != null) {
                                try {
                                    jarOutputStream.close();
                                } catch (Throwable th10) {
                                    th4.addSuppressed(th10);
                                }
                            } else {
                                jarOutputStream.close();
                            }
                        }
                        throw th9;
                    }
                } catch (Throwable th11) {
                    if (r17 != 0) {
                        if (r18 != 0) {
                            try {
                                r17.close();
                            } catch (Throwable th12) {
                                r18.addSuppressed(th12);
                            }
                        } else {
                            r17.close();
                        }
                    }
                    throw th11;
                }
            } catch (Throwable th13) {
                if (r15 != 0) {
                    if (r16 != 0) {
                        try {
                            r15.close();
                        } catch (Throwable th14) {
                            r16.addSuppressed(th14);
                        }
                    } else {
                        r15.close();
                    }
                }
                throw th13;
            }
        } finally {
        }
    }

    public boolean checkPrivateKeyPath() {
        if (this.signParams.containsKey(ParamConstants.PARAM_BASIC_PRIVATE_KEY)) {
            return true;
        }
        LOGGER.error("Missing parameter : privatekey");
        return false;
    }

    public boolean checkInputFile() {
        if (this.signParams.containsKey(ParamConstants.PARAM_BASIC_INPUT_FILE)) {
            return true;
        }
        LOGGER.error("Missing parameter : inputFile");
        return false;
    }

    public boolean checkSignatureAlg() {
        if (!this.signParams.containsKey(ParamConstants.PARAM_BASIC_SIGANTURE_ALG)) {
            LOGGER.error("Missing parameter : signAlg");
            return false;
        }
        String trim = this.signParams.get(ParamConstants.PARAM_BASIC_SIGANTURE_ALG).trim();
        Iterator<String> it = VALID_SIGN_ALG_NAME.iterator();
        while (it.hasNext()) {
            if (it.next().equals(trim)) {
                return true;
            }
        }
        LOGGER.error("Unsupport signature algorithm :" + trim);
        return false;
    }

    public boolean checkOutputFile() {
        if (this.signParams.containsKey(ParamConstants.PARAM_BASIC_OUTPUT_FILE)) {
            return true;
        }
        LOGGER.error("Missing parameter : outputFile");
        return false;
    }

    public boolean checkProfile() {
        if (this.signParams.containsKey(ParamConstants.PARAM_BASIC_PROFILE)) {
            return true;
        }
        LOGGER.error("Missing parameter : profile");
        return false;
    }

    public boolean checkSignAlignment() {
        if (this.signParams.containsKey(ParamConstants.PARAM_BASIC_ALIGNMENT)) {
            return true;
        }
        this.signParams.put(ParamConstants.PARAM_BASIC_ALIGNMENT, ParamConstants.ALIGNMENT);
        return true;
    }

    protected String getDevelopmentCertificate(JsonObject jsonObject) {
        return getCertificateCNFromProfile(jsonObject, "development-certificate");
    }

    protected String getReleaseCertificate(JsonObject jsonObject) {
        return getCertificateCNFromProfile(jsonObject, "distribution-certificate");
    }

    private String getCertificateCNFromProfile(JsonObject jsonObject, String str) {
        X509Certificate decodeBase64ToX509Certifate = DigestUtils.decodeBase64ToX509Certifate(jsonObject.get(str).getAsString());
        if (decodeBase64ToX509Certifate == null) {
            return "";
        }
        for (String str2 : decodeBase64ToX509Certifate.getSubjectDN().toString().replaceAll("\"", "").split(",")) {
            if (str2.trim().startsWith("CN=")) {
                LOGGER.info(str2);
                return str2.split("=")[1];
            }
        }
        return "";
    }

    public boolean checkKeyAndProfileValid() {
        try {
            try {
                PKCS7 pkcs7 = new PKCS7(FileUtils.readFileToByteArray(new File(this.inputParams.get(ParamConstants.PARAM_BASIC_PROFILE))));
                if (pkcs7.verify() == null) {
                    LOGGER.error("Verify profile pkcs7 failed!");
                    return false;
                }
                return checkProfileJson(new JsonParser().parse(new String(pkcs7.getContentInfo().getContentBytes(), "utf8")).getAsJsonObject());
            } catch (NoSuchAlgorithmException | java.security.SignatureException e) {
                LOGGER.error("Verify pkcs7 error!", e);
                return false;
            }
        } catch (IOException e2) {
            LOGGER.error("Read profile error!", (Throwable) e2);
            return false;
        }
    }

    private boolean checkProfileJson(JsonObject jsonObject) {
        String developmentCertificate;
        String asString = jsonObject.get("type").getAsString();
        if (asString == null || asString.length() == 0) {
            LOGGER.error("Get profile type error!");
            return false;
        }
        JsonObject asJsonObject = jsonObject.getAsJsonObject("bundle-info");
        if (asString.equalsIgnoreCase("release")) {
            developmentCertificate = getReleaseCertificate(asJsonObject);
        } else {
            if (!asString.equalsIgnoreCase("debug")) {
                LOGGER.error("Unsupported profile type!");
                return false;
            }
            developmentCertificate = getDevelopmentCertificate(asJsonObject);
        }
        return !developmentCertificate.isEmpty();
    }

    public boolean checkParams(String[] strArr) {
        for (int i = 0; i < strArr.length; i += 2) {
            if (!strArr[i].startsWith(ProcessIdUtil.DEFAULT_PROCESSID)) {
                LOGGER.error("Invalid parameter format: " + strArr[i]);
                return false;
            }
            String substring = strArr[i].substring(1);
            this.inputParams.put(substring, getParamValue(substring, strArr[i + 1]));
        }
        Set<String> initParamField = ParamProcessUtil.initParamField(new String[]{ParamConstants.PARAM_BASIC_ALIGNMENT, ParamConstants.PARAM_BASIC_SIGANTURE_ALG, ParamConstants.PARAM_BASIC_INPUT_FILE, ParamConstants.PARAM_BASIC_OUTPUT_FILE, ParamConstants.PARAM_BASIC_PRIVATE_KEY, ParamConstants.PARAM_BASIC_PROFILE, ParamConstants.PARAM_BASIC_PROOF, ParamConstants.PARAM_BASIC_PROPERTY, ParamConstants.PARAM_REMOTE_SERVER});
        for (String str : this.inputParams.keySet()) {
            if (initParamField.contains(str)) {
                this.signParams.put(str, this.inputParams.get(str));
            }
        }
        return (((((checkPrivateKeyPath() && checkSignatureAlg()) && checkInputFile()) && checkOutputFile()) && checkProfile()) && checkSignAlignment()) && checkKeyAndProfileValid();
    }

    private String getParamValue(String str, String str2) {
        Iterator<String> it = PARAMETERS_NEED_ESCAPE.iterator();
        while (it.hasNext()) {
            if (it.next().equals(str)) {
                return EscapeCharacter.unescape(str2);
            }
        }
        return str2;
    }

    public boolean checkResignParams(String[] strArr) {
        for (int i = 0; i < strArr.length; i += 2) {
            if (!strArr[i].startsWith(ProcessIdUtil.DEFAULT_PROCESSID)) {
                LOGGER.error("Invalid parameter format: " + strArr[i]);
                return false;
            }
            this.inputParams.put(strArr[i].substring(1), strArr[i + 1]);
        }
        Set<String> initParamField = ParamProcessUtil.initParamField(new String[]{ParamConstants.PARAM_BASIC_PROFILE_SIGNED, ParamConstants.PARAM_BASIC_SIGANTURE_ALG, ParamConstants.PARAM_BASIC_INPUT_FILE, ParamConstants.PARAM_BASIC_OUTPUT_FILE, ParamConstants.PARAM_BASIC_PROFILE});
        for (String str : this.inputParams.keySet()) {
            if (initParamField.contains(str)) {
                this.signParams.put(str, this.inputParams.get(str));
            }
        }
        return ((((checkSignatureAlg() && checkInputFile()) && checkOutputFile()) && checkProfile()) && checkProfileSigned()) && checkSignAlignment();
    }

    static {
        VALID_SIGN_ALG_NAME.add("SHA256withECDSA");
        VALID_SIGN_ALG_NAME.add("SHA384withECDSA");
        VALID_SIGN_ALG_NAME.add("SHA512withECDSA");
        VALID_SIGN_ALG_NAME.add("SHA256withRSA/PSS");
        VALID_SIGN_ALG_NAME.add("SHA384withRSA/PSS");
        VALID_SIGN_ALG_NAME.add("SHA512withRSA/PSS");
        VALID_SIGN_ALG_NAME.add("SHA512withRSA");
        PARAMETERS_NEED_ESCAPE.add(ParamConstants.PARAM_REMOTE_CODE);
        PARAMETERS_NEED_ESCAPE.add(ParamConstants.PARAM_LOCAL_JKS_KEYSTORE_CODE);
        PARAMETERS_NEED_ESCAPE.add(ParamConstants.PARAM_LOCAL_JKS_KEYALIAS_CODE);
    }
}
