package com.diehl.metering.izar.f.b;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.UncheckedIOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.jar.JarEntry;
import java.util.jar.JarFile;
import thirdparty.izar.slf4j.Logger;
import thirdparty.izar.slf4j.LoggerFactory;

/* compiled from: SignedJarLoader.java */
/* loaded from: classes3.dex */
public final class i implements d<File, File> {

    /* renamed from: a, reason: collision with root package name */
    private static final Logger f427a = LoggerFactory.getLogger((Class<?>) i.class);

    /* renamed from: b, reason: collision with root package name */
    private final Path f428b;
    private final char[] c;
    private final Certificate d = a();

    public i(Path path, String str) {
        this.f428b = path;
        this.c = str.toCharArray();
    }

    /* JADX INFO: Access modifiers changed from: private */
    @Override // com.diehl.metering.izar.f.b.d
    /* renamed from: a, reason: merged with bridge method [inline-methods] */
    public File load(File file) {
        try {
            a(new JarFile(file), this.d);
            return file;
        } catch (IOException e) {
            throw new UncheckedIOException(e);
        } catch (SecurityException e2) {
            throw new IllegalArgumentException(e2);
        }
    }

    private Certificate a() {
        try {
            InputStream newInputStream = Files.newInputStream(this.f428b, StandardOpenOption.READ);
            try {
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(newInputStream, this.c);
                Certificate certificate = keyStore.getCertificate("izarnet");
                if (newInputStream != null) {
                    newInputStream.close();
                }
                return certificate;
            } catch (Throwable th) {
                try {
                    throw th;
                } catch (Throwable th2) {
                    if (newInputStream != null) {
                        try {
                            newInputStream.close();
                        } catch (Throwable th3) {
                            th.addSuppressed(th3);
                        }
                    }
                    throw th2;
                }
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            f427a.error("Error while loading certs.", e);
            throw new SecurityException("Error while loading certs.", e);
        }
    }

    private static void a(JarFile jarFile, Certificate certificate) throws IOException {
        if (certificate == null) {
            throw new SecurityException("Provider certificate is invalid");
        }
        if (jarFile.getManifest() == null) {
            throw new SecurityException("The provider is not signed");
        }
        byte[] bArr = new byte[8192];
        Enumeration<JarEntry> entries = jarFile.entries();
        ArrayList<JarEntry> arrayList = new ArrayList();
        while (entries.hasMoreElements()) {
            JarEntry nextElement = entries.nextElement();
            if (!nextElement.isDirectory()) {
                arrayList.add(nextElement);
                InputStream inputStream = jarFile.getInputStream(nextElement);
                do {
                } while (inputStream.read(bArr, 0, 8192) != -1);
                inputStream.close();
            }
        }
        for (JarEntry jarEntry : arrayList) {
            Certificate[] certificates = jarEntry.getCertificates();
            if (certificates == null || certificates.length == 0) {
                if (!jarEntry.getName().startsWith("META-INF")) {
                    throw new SecurityException("The provider has unsigned class files.");
                }
            } else {
                int i = 0;
                while (true) {
                    X509Certificate[] a2 = a(certificates, i);
                    if (a2 == null) {
                        throw new SecurityException("The provider is not signed by a trusted signer");
                    }
                    if (a2[0].equals(certificate)) {
                        break;
                    } else {
                        i += a2.length;
                    }
                }
            }
        }
    }

    private static X509Certificate[] a(Certificate[] certificateArr, int i) {
        if (i > certificateArr.length - 1) {
            return null;
        }
        int i2 = i;
        while (i2 < certificateArr.length - 1) {
            int i3 = i2 + 1;
            if (!((X509Certificate) certificateArr[i3]).getSubjectDN().equals(((X509Certificate) certificateArr[i2]).getIssuerDN())) {
                break;
            }
            i2 = i3;
        }
        int i4 = (i2 - i) + 1;
        X509Certificate[] x509CertificateArr = new X509Certificate[i4];
        for (int i5 = 0; i5 < i4; i5++) {
            x509CertificateArr[i5] = (X509Certificate) certificateArr[i + i5];
        }
        return x509CertificateArr;
    }
}
