package jarify;

import anon.crypto.JAPCertificate;
import anon.crypto.PKCS7SignedData;
import jap.JAPConstants;
import java.io.File;
import java.io.IOException;
import java.security.SignatureException;
import java.util.Hashtable;
import java.util.Vector;
import java.util.zip.ZipException;
import logging.LogHolder;
import logging.LogType;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: input_file:jarify/JarVerifier.class */
public final class JarVerifier {
    private JarFile m_jarFile;
    private JarManifest m_Manifest;
    private Hashtable digestCache = new Hashtable();
    private Hashtable aliasSBF = new Hashtable();
    private JAPCertificate m_certRoot = null;

    private JarVerifier(File file) throws ZipException, IOException, SecurityException {
        this.m_jarFile = new JarFile(file);
        this.m_Manifest = this.m_jarFile.getManifest();
    }

    private void close() {
        this.m_jarFile.close();
    }

    private Vector InitAliases(Vector vector) {
        Vector vector2 = new Vector();
        for (int i = 0; i < vector.size(); i++) {
            String str = (String) vector.elementAt(i);
            JarFileEntry signatureBlockFile = this.m_jarFile.getSignatureBlockFile(str);
            if (signatureBlockFile != null) {
                LogHolder.log(7, LogType.MISC, new StringBuffer().append("Checking certificate chain for alias: ").append(str).toString());
                try {
                    PKCS7SignedData pKCS7SignedData = new PKCS7SignedData(signatureBlockFile.getContent());
                    if (pKCS7SignedData == null) {
                        LogHolder.log(7, LogType.MISC, "Could not get PKCS#7 data object!");
                    } else {
                        this.aliasSBF.put(str, pKCS7SignedData);
                        JAPCertificate[] certificates = pKCS7SignedData.getCertificates();
                        if (certificates != null) {
                            try {
                                certificates[certificates.length - 1].verify(this.m_certRoot.getPublicKey());
                                for (int i2 = 0; i2 < certificates.length - 1; i2++) {
                                    try {
                                        LogHolder.log(7, LogType.MISC, new StringBuffer().append("Checking certificate No. : ").append(i2).append(1).toString());
                                        certificates[i2].verify(certificates[i2 + 1].getPublicKey());
                                        LogHolder.log(7, LogType.MISC, new StringBuffer().append("Certificate No. ").append(i2).append(1).append(" verified OK.").toString());
                                    } catch (Exception e) {
                                        LogHolder.log(7, LogType.MISC, e.getMessage());
                                    }
                                }
                                vector2.addElement(str);
                            } catch (Exception e2) {
                                LogHolder.log(7, LogType.MISC, e2.getMessage());
                            }
                        }
                    }
                } catch (Exception e3) {
                    LogHolder.log(7, LogType.MISC, e3.getMessage());
                }
            }
        }
        return vector2;
    }

    public static boolean verify(File file, JAPCertificate jAPCertificate) {
        try {
            JarVerifier jarVerifier = new JarVerifier(file);
            boolean verify = jarVerifier.verify(jAPCertificate);
            jarVerifier.close();
            return verify;
        } catch (Throwable th) {
            return false;
        }
    }

    private boolean verify(JAPCertificate jAPCertificate) {
        this.m_certRoot = jAPCertificate;
        if (this.m_certRoot == null) {
            return false;
        }
        LogHolder.log(7, LogType.MISC, "Searching for Signatures...");
        if (!isSignedJar()) {
            return false;
        }
        LogHolder.log(7, LogType.MISC, "This is a signed Jarfile.\n");
        LogHolder.log(7, LogType.MISC, "Verifying Manifest entries...");
        if (!verifyManifestDigests()) {
            return false;
        }
        LogHolder.log(7, LogType.MISC, "Manifest entries verified OK.\n");
        Vector InitAliases = InitAliases(this.m_jarFile.getAliasList());
        if (InitAliases.size() < 1) {
            LogHolder.log(7, LogType.MISC, "\nNo Aliases present that can be validated with the given root certificate!\n");
            return false;
        }
        for (int i = 0; i < InitAliases.size(); i++) {
            String str = (String) InitAliases.elementAt(i);
            if (str == null || str == JAPConstants.DEFAULT_MIXMINION_EMAIL) {
                LogHolder.log(7, LogType.MISC, "\nAlias error");
                return false;
            }
            LogHolder.log(7, LogType.MISC, new StringBuffer().append("Verifying Signature File entries for alias \"").append(str).append("\"...").toString());
            if (!verifySFDigests(str)) {
                return false;
            }
            LogHolder.log(7, LogType.MISC, "Entries verified OK.");
            LogHolder.log(7, LogType.MISC, new StringBuffer().append("Verifying Signature for alias \"").append(str).append("\"...").toString());
            if (!verifySignature(str)) {
                return false;
            }
            LogHolder.log(7, LogType.MISC, new StringBuffer().append("Signature from \"").append(str).append("\" is genuine.\n").toString());
        }
        return true;
    }

    private boolean verifySignature(String str) {
        JarFileEntry signatureBlockFile;
        byte[] content;
        boolean z = false;
        JarSignatureFile signatureFile = this.m_jarFile.getSignatureFile(str);
        if (signatureFile == null || (signatureBlockFile = this.m_jarFile.getSignatureBlockFile(str)) == null || (content = signatureFile.getContent()) == null) {
            return false;
        }
        String name = signatureBlockFile.getName();
        if (name.endsWith(".DSA") || name.endsWith(".RSA")) {
            LogHolder.log(7, LogType.MISC, new StringBuffer().append("Found ").append(name.substring(name.lastIndexOf(".") + 1)).append(" signature in : ").append(name).toString());
            try {
                z = ((PKCS7SignedData) this.aliasSBF.get(str)).verify(content);
                if (!z) {
                    LogHolder.log(7, LogType.MISC, new StringBuffer().append("Wrong Signature in ").append(name).toString());
                    return false;
                }
                LogHolder.log(7, LogType.MISC, new StringBuffer().append("Signature in ").append(name).append(" verified OK.").toString());
            } catch (SignatureException e) {
                return false;
            }
        }
        return z;
    }

    private boolean isSignedJar() {
        if (this.m_jarFile == null) {
            return false;
        }
        Vector aliasList = this.m_jarFile.getAliasList();
        String[] strArr = {".DSA", ".RSA"};
        if (aliasList.size() < 1 || !this.m_jarFile.fileExists(JarConstants.MANIFEST_FILE)) {
            return false;
        }
        for (int i = 0; i < aliasList.size(); i++) {
            boolean z = false;
            String upperCase = new StringBuffer().append("META-INF/").append(aliasList.elementAt(i)).toString().toUpperCase();
            int i2 = 0;
            while (true) {
                if (i2 >= strArr.length) {
                    break;
                }
                if (this.m_jarFile.fileExists(new StringBuffer().append(upperCase).append(strArr[i2]).toString())) {
                    z = true;
                    break;
                }
                i2++;
            }
            if (!z) {
                return false;
            }
        }
        return true;
    }

    private boolean verifySFDigests(String str) {
        JarSignatureFile signatureFile = this.m_jarFile.getSignatureFile(str);
        if (signatureFile == null) {
            return false;
        }
        Vector manifestDigestList = signatureFile.getManifestDigestList();
        for (int i = 0; i < manifestDigestList.size(); i++) {
            String str2 = (String) manifestDigestList.elementAt(i);
            String manifestDigest = signatureFile.getManifestDigest(str2);
            Digest digestClass = getDigestClass(str2);
            byte[] bArr = new byte[digestClass.getDigestSize()];
            try {
                byte[] content = this.m_Manifest.getContent();
                if (content == null) {
                    LogHolder.log(7, LogType.MISC, "Manifest file null.");
                    return false;
                }
                digestClass.update(content, 0, content.length);
                digestClass.doFinal(bArr, 0);
                if (!manifestDigest.equals(new String(Base64.encode(bArr)))) {
                    LogHolder.log(7, LogType.MISC, "Digest verify failed for manifest file.");
                    return false;
                }
            } catch (Exception e) {
                return false;
            }
        }
        Vector fileNames = signatureFile.getFileNames();
        for (int i2 = 0; i2 < fileNames.size(); i2++) {
            String str3 = (String) fileNames.elementAt(i2);
            Vector digestList = this.m_Manifest.getDigestList(str3);
            for (int i3 = 0; i3 < digestList.size(); i3++) {
                String str4 = (String) digestList.elementAt(i3);
                String digest = signatureFile.getDigest(str3, str4);
                byte[] entry = this.m_Manifest.getEntry(str3);
                Digest digestClass2 = getDigestClass(str4);
                byte[] bArr2 = new byte[digestClass2.getDigestSize()];
                try {
                    digestClass2.update(entry, 0, entry.length);
                    digestClass2.doFinal(bArr2, 0);
                    if (!digest.equals(new String(Base64.encode(bArr2)))) {
                        LogHolder.log(7, LogType.MISC, new StringBuffer().append("Digest verify failed for ").append(str3).toString());
                        LogHolder.log(7, LogType.MISC, str4);
                        LogHolder.log(7, LogType.MISC, digest);
                        return false;
                    }
                } catch (Exception e2) {
                    return false;
                }
            }
        }
        return true;
    }

    private boolean verifyManifestDigests() {
        Vector fileNames = this.m_Manifest.getFileNames();
        for (int i = 0; i < fileNames.size(); i++) {
            String str = (String) fileNames.elementAt(i);
            JarFileEntry fileByName = this.m_jarFile.getFileByName(str);
            if (fileByName == null) {
                return false;
            }
            Vector digestList = this.m_Manifest.getDigestList(str);
            for (int i2 = 0; i2 < digestList.size(); i2++) {
                String str2 = (String) digestList.elementAt(i2);
                String digest = this.m_Manifest.getDigest(fileByName, str2);
                Digest digestClass = getDigestClass(str2);
                byte[] bArr = new byte[digestClass.getDigestSize()];
                try {
                    byte[] content = fileByName.getContent();
                    if (content == null) {
                        return false;
                    }
                    digestClass.update(content, 0, content.length);
                    digestClass.doFinal(bArr, 0);
                    if (!digest.equals(new String(Base64.encode(bArr)))) {
                        return false;
                    }
                } catch (Exception e) {
                    return false;
                }
            }
        }
        return true;
    }

    private Digest getDigestClass(String str) {
        int indexOf = str.indexOf("-");
        if (indexOf != -1) {
            str = new StringBuffer().append(str.substring(0, indexOf)).append(str.substring(indexOf + 1)).toString();
        }
        if (this.digestCache.contains(str)) {
            Digest digest = (Digest) this.digestCache.get(str);
            digest.reset();
            return digest;
        }
        try {
            Digest digest2 = (Digest) Class.forName(new StringBuffer().append("org.bouncycastle.crypto.digests.").append(str).toString()).newInstance();
            this.digestCache.put(str, digest2);
            return digest2;
        } catch (ClassNotFoundException e) {
            return null;
        } catch (IllegalAccessException e2) {
            return null;
        } catch (InstantiationException e3) {
            return null;
        }
    }
}
