package com.fido.android.framework.service;

import android.util.Base64;
import com.fido.android.framework.service.WLManifest;
import com.fido.android.utils.Logger;
import defpackage.f;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Signature;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;
import java.util.TimeZone;

/* loaded from: classes.dex */
public class VerifyTrustServerIdentity {
    private static final String a = VerifyTrustServerIdentity.class.getSimpleName();

    private static boolean a(String str) {
        return str == null || str.trim().length() == 0;
    }

    private static boolean a(String str, String str2, String str3) {
        ByteArrayInputStream byteArrayInputStream;
        GeneralSecurityException e;
        boolean z;
        byte[] decode = Base64.decode(str3, 0);
        byte[] decode2 = Base64.decode(str, 0);
        byte[] bytes = str2.getBytes();
        try {
            Signature signature = Signature.getInstance("SHA1withECDSA");
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            byteArrayInputStream = new ByteArrayInputStream(decode);
            try {
                try {
                    signature.initVerify(certificateFactory.generateCertificate(byteArrayInputStream).getPublicKey());
                    signature.update(bytes);
                    z = signature.verify(decode2);
                    try {
                        Logger.i(a, "verifies :" + z);
                        try {
                            byteArrayInputStream.close();
                        } catch (IOException e2) {
                            Logger.e(a, "Cannot close stream.");
                        }
                    } catch (GeneralSecurityException e3) {
                        e = e3;
                        Logger.e(a, "Cannot verify signature of TSI:" + e.getMessage());
                        try {
                            byteArrayInputStream.close();
                        } catch (IOException e4) {
                            Logger.e(a, "Cannot close stream.");
                        }
                        return z;
                    }
                } catch (GeneralSecurityException e5) {
                    e = e5;
                    z = false;
                }
            } catch (Throwable th) {
                th = th;
                try {
                    byteArrayInputStream.close();
                } catch (IOException e6) {
                    Logger.e(a, "Cannot close stream.");
                }
                throw th;
            }
        } catch (GeneralSecurityException e7) {
            byteArrayInputStream = null;
            e = e7;
            z = false;
        } catch (Throwable th2) {
            th = th2;
            byteArrayInputStream = null;
            byteArrayInputStream.close();
            throw th;
        }
        return z;
    }

    private static boolean a(X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        if (x509Certificate2 == null || x509Certificate == null) {
            return false;
        }
        try {
            x509Certificate.checkValidity();
            x509Certificate2.checkValidity();
            x509Certificate.verify(x509Certificate2.getPublicKey());
            return true;
        } catch (GeneralSecurityException e) {
            Logger.e(a, "Cannot verify certificate:" + e.getMessage());
            return false;
        }
    }

    public static boolean isTSIValid(WLManifest.TSIBlock tSIBlock, String str) {
        boolean z;
        if (((tSIBlock == null || a(tSIBlock.AppID) || a(tSIBlock.Cert) || a(tSIBlock.Sig)) ? false : true) && !a(str)) {
            long j = tSIBlock.Exp;
            if (j <= 0) {
                z = true;
            } else {
                Calendar calendar = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
                calendar.clear();
                calendar.setTime(new Date());
                long timeInMillis = calendar.getTimeInMillis() / 1000;
                z = timeInMillis > 0 && timeInMillis > j;
            }
            if (!z) {
                String str2 = tSIBlock.AppID;
                if ((!a(str2) && str2.compareTo(str) == 0) && a(f.a(tSIBlock.Cert), f.a("LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUI5ekNDQVo4Q0NRQ0U3ak44bDhsN1BEQUpCZ2NxaGtqT1BRUUJNSUdFTVFzd0NRWURWUVFHRXdKVlV6RUwKTUFrR0ExVUVDQXdDUTBFeEVqQVFCZ05WQkFjTUNWQmhiRzhnUVd4MGJ6RWJNQmtHQTFVRUNnd1NUbTlySUU1dgpheUJNWVdKekxDQkpibU11TVJRd0VnWURWUVFEREF0VVUwa2dVbTl2ZENCMk1URWhNQjhHQ1NxR1NJYjNEUUVKCkFSWVNjM1Z3Y0c5eWRFQnViMnR1YjJzdVkyOXRNQjRYRFRFME1ESXdOekUyTWpReU5sb1hEVFEwTURFek1URTIKTWpReU5sb3dnWVF4Q3pBSkJnTlZCQVlUQWxWVE1Rc3dDUVlEVlFRSURBSkRRVEVTTUJBR0ExVUVCd3dKVUdGcwpieUJCYkhSdk1Sc3dHUVlEVlFRS0RCSk9iMnNnVG05cklFeGhZbk1zSUVsdVl5NHhGREFTQmdOVkJBTU1DMVJUClNTQlNiMjkwSUhZeE1TRXdId1lKS29aSWh2Y05BUWtCRmhKemRYQndiM0owUUc1dmEyNXZheTVqYjIwd1dUQVQKQmdjcWhrak9QUUlCQmdncWhrak9QUU1CQndOQ0FBU24yODdsQnFFWnNJcFgwcEdYSk1ZclpEWCtGV2JmeWdkbQpmdE50UW1tNXVKN3Z2cGZnY3BaOEQ4emRVV0g3TjAxRGVWeTFlU25uWnVsMUZxcHZySERkTUFrR0J5cUdTTTQ5CkJBRURSd0F3UkFJZ0RrcEwxYWQ0WE5wUXgxRjdrcDBWTDRmcjlvVHE4MW5aZFRlazdxWDFoUThDSUFTbkt4MHYKeEtPTkhKM2tscG9qcGdQVnQvOVRtZTBFbkQwWVYxQnAxTFJwCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"))) {
                    if (a(tSIBlock.Sig, tSIBlock.Exp + ":" + tSIBlock.AppID, tSIBlock.Cert)) {
                        return true;
                    }
                }
            }
        }
        return false;
    }
}
