package defpackage;

import com.huawei.reader.utils.plugin.Plugin;
import java.io.File;
import java.security.cert.X509Certificate;
import java.util.List;

/* loaded from: classes3.dex */
public class of3 {
    public static boolean a(String str, String str2, List<String> list) {
        au.i("ReaderUtils_PluginCheckUtils", "verifySign");
        if (hy.isEmpty(str) || hy.isEmpty(str2)) {
            au.e("ReaderUtils_PluginCheckUtils", "verifySign fileSha512 or signSha512 is empty");
            return false;
        }
        if (pw.isEmpty(list)) {
            au.e("ReaderUtils_PluginCheckUtils", "verifySign certChainStrList is empty");
            return false;
        }
        List<X509Certificate> certChain = qf3.getCertChain(list);
        if (pw.isEmpty(certChain)) {
            au.e("ReaderUtils_PluginCheckUtils", "verifySign certChain is empty");
            return false;
        }
        au.i("ReaderUtils_PluginCheckUtils", "verifySign certChain.size:" + certChain.size());
        if (!qf3.verifyCertChain(qf3.getCBGRootCA(ow.getContext()), certChain)) {
            au.e("ReaderUtils_PluginCheckUtils", "verifySign failed to verify cert chain");
            return false;
        }
        X509Certificate x509Certificate = certChain.get(certChain.size() - 1);
        if (!qf3.checkSubjectDefaultCN(x509Certificate)) {
            au.e("ReaderUtils_PluginCheckUtils", "verifySign checkSubjectCN CN is invalid");
            return false;
        }
        if (!qf3.checkSubjectDefaultOU(x509Certificate)) {
            au.e("ReaderUtils_PluginCheckUtils", "verifySign checkSubjectOU OU is invalid");
            return false;
        }
        if (qf3.checkSignature(x509Certificate, str, str2)) {
            return true;
        }
        au.e("ReaderUtils_PluginCheckUtils", "verifySign checkSignature sign is invalid");
        return false;
    }

    public static boolean checkSign(File file, File file2) {
        au.i("ReaderUtils_PluginCheckUtils", "checkSign");
        return checkSign(file, getPlugSignInfo(file2));
    }

    public static boolean checkSign(File file, pf3 pf3Var) {
        au.i("ReaderUtils_PluginCheckUtils", "checkSign");
        if (!ag3.isFileExists(file)) {
            au.e("ReaderUtils_PluginCheckUtils", "checkSign pluginFile is not exists");
            return false;
        }
        if (pf3Var == null) {
            au.e("ReaderUtils_PluginCheckUtils", "checkSign pluginSignInfo is null");
            return false;
        }
        Plugin plugin = pf3Var.getPlugin();
        if (plugin == null) {
            au.e("ReaderUtils_PluginCheckUtils", "checkSign plugin is null");
            return false;
        }
        String summary = plugin.getSummary();
        boolean a2 = a(summary, plugin.getSign(), pf3Var.getCertChain());
        au.i("ReaderUtils_PluginCheckUtils", "checkSign isVerifySignPass:" + a2);
        if (!a2) {
            return false;
        }
        boolean validateFileSHA = ii3.validateFileSHA(file, summary, "SHA-512");
        au.i("ReaderUtils_PluginCheckUtils", "checkSign isValidate:" + validateFileSHA);
        return validateFileSHA;
    }

    public static pf3 getPlugSignInfo(File file) {
        au.i("ReaderUtils_PluginCheckUtils", "getPlugSignInfo");
        if (!ag3.isFileExists(file)) {
            au.e("ReaderUtils_PluginCheckUtils", "getPlugSignInfo signFile is not exists");
            return null;
        }
        String readFileToString = ag3.readFileToString(jx.getCanonicalPath(file));
        if (!hy.isEmpty(readFileToString)) {
            return (pf3) dd3.fromJson(readFileToString, pf3.class);
        }
        au.e("ReaderUtils_PluginCheckUtils", "getPlugSignInfo signContent is empty");
        return null;
    }
}
