package com.huawei.reader.utils.plugin;

import com.huawei.hvi.ability.util.AppContext;
import com.huawei.reader.utils.base.JsonUtils;
import com.huawei.reader.utils.store.HRFileUtils;
import defpackage.kx0;
import defpackage.l10;
import defpackage.m00;
import defpackage.oz;
import defpackage.w00;
import java.io.File;
import java.security.cert.X509Certificate;
import java.util.List;

/* loaded from: classes4.dex */
public class PluginCheckUtils {
    private PluginCheckUtils() {
    }

    private static boolean a(String str, String str2, List<String> list) {
        oz.i("ReaderUtils_PluginCheckUtils", "verifySign");
        if (l10.isEmpty(str) || l10.isEmpty(str2)) {
            oz.e("ReaderUtils_PluginCheckUtils", "verifySign fileSha512 or signSha512 is empty");
            return false;
        }
        if (m00.isEmpty(list)) {
            oz.e("ReaderUtils_PluginCheckUtils", "verifySign certChainStrList is empty");
            return false;
        }
        List<X509Certificate> certChain = X509CertUtils.getCertChain(list);
        if (m00.isEmpty(certChain)) {
            oz.e("ReaderUtils_PluginCheckUtils", "verifySign certChain is empty");
            return false;
        }
        oz.i("ReaderUtils_PluginCheckUtils", "verifySign certChain.size:" + certChain.size());
        if (!X509CertUtils.verifyCertChain(X509CertUtils.getCBGRootCA(AppContext.getContext()), certChain)) {
            oz.e("ReaderUtils_PluginCheckUtils", "verifySign failed to verify cert chain");
            return false;
        }
        X509Certificate x509Certificate = certChain.get(certChain.size() - 1);
        if (!X509CertUtils.checkSubjectDefaultCN(x509Certificate)) {
            oz.e("ReaderUtils_PluginCheckUtils", "verifySign checkSubjectCN CN is invalid");
            return false;
        }
        if (!X509CertUtils.checkSubjectDefaultOU(x509Certificate)) {
            oz.e("ReaderUtils_PluginCheckUtils", "verifySign checkSubjectOU OU is invalid");
            return false;
        }
        if (X509CertUtils.checkSignature(x509Certificate, str, str2)) {
            return true;
        }
        oz.e("ReaderUtils_PluginCheckUtils", "verifySign checkSignature sign is invalid");
        return false;
    }

    public static boolean checkSign(File file, PluginSignInfo pluginSignInfo) {
        oz.i("ReaderUtils_PluginCheckUtils", "checkSign");
        if (!HRFileUtils.isFileExists(file)) {
            oz.e("ReaderUtils_PluginCheckUtils", "checkSign pluginFile is not exists");
            return false;
        }
        if (pluginSignInfo == null) {
            oz.e("ReaderUtils_PluginCheckUtils", "checkSign pluginSignInfo is null");
            return false;
        }
        Plugin plugin = pluginSignInfo.getPlugin();
        if (plugin == null) {
            oz.e("ReaderUtils_PluginCheckUtils", "checkSign plugin is null");
            return false;
        }
        String summary = plugin.getSummary();
        boolean a2 = a(summary, plugin.getSign(), pluginSignInfo.getCertChain());
        oz.i("ReaderUtils_PluginCheckUtils", "checkSign isVerifySignPass:" + a2);
        if (!a2) {
            return false;
        }
        boolean validateFileSHA = kx0.validateFileSHA(file, summary, "SHA-512");
        oz.i("ReaderUtils_PluginCheckUtils", "checkSign isValidate:" + validateFileSHA);
        return validateFileSHA;
    }

    public static boolean checkSign(File file, File file2) {
        oz.i("ReaderUtils_PluginCheckUtils", "checkSign");
        return checkSign(file, getPlugSignInfo(file2));
    }

    public static PluginSignInfo getPlugSignInfo(File file) {
        oz.i("ReaderUtils_PluginCheckUtils", "getPlugSignInfo");
        if (!HRFileUtils.isFileExists(file)) {
            oz.e("ReaderUtils_PluginCheckUtils", "getPlugSignInfo signFile is not exists");
            return null;
        }
        String readFileToString = HRFileUtils.readFileToString(w00.getCanonicalPath(file));
        if (!l10.isEmpty(readFileToString)) {
            return (PluginSignInfo) JsonUtils.fromJson(readFileToString, PluginSignInfo.class);
        }
        oz.e("ReaderUtils_PluginCheckUtils", "getPlugSignInfo signContent is empty");
        return null;
    }
}
