package e2;

import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.NoSuchElementException;

/* loaded from: classes2.dex */
public class f implements i {

    /* renamed from: b, reason: collision with root package name */
    public static final r5.a f12819b = r5.b.i(f.class);

    /* renamed from: a, reason: collision with root package name */
    public final HashMap<BigInteger, X509Certificate> f12820a;

    public f(List<X509Certificate> list) {
        this.f12820a = new HashMap<>();
        for (X509Certificate x509Certificate : list) {
            this.f12820a.put(x509Certificate.getSerialNumber(), x509Certificate);
        }
    }

    public f(Map<BigInteger, X509Certificate> map) {
        HashMap<BigInteger, X509Certificate> hashMap = new HashMap<>();
        this.f12820a = hashMap;
        hashMap.putAll(map);
    }

    @Override // e2.i
    public boolean a(String str, byte[] bArr, String str2) {
        X509Certificate x509Certificate = this.f12820a.get(new BigInteger(str, 16));
        if (x509Certificate != null) {
            return d(x509Certificate, bArr, str2);
        }
        f12819b.E("找不到证书序列号对应的证书，序列号：{}", str);
        return false;
    }

    @Override // e2.i
    public X509Certificate b() {
        X509Certificate x509Certificate = null;
        for (X509Certificate x509Certificate2 : this.f12820a.values()) {
            if (x509Certificate == null || x509Certificate2.getNotBefore().after(x509Certificate.getNotBefore())) {
                x509Certificate = x509Certificate2;
            }
        }
        try {
            x509Certificate.checkValidity();
            return x509Certificate;
        } catch (CertificateExpiredException | CertificateNotYetValidException unused) {
            throw new NoSuchElementException("没有有效的微信支付平台证书");
        }
    }

    public void c(Map<BigInteger, X509Certificate> map) {
        this.f12820a.clear();
        this.f12820a.putAll(map);
    }

    public boolean d(X509Certificate x509Certificate, byte[] bArr, String str) {
        Base64.Decoder decoder;
        byte[] decode;
        try {
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initVerify(x509Certificate);
            signature.update(bArr);
            decoder = Base64.getDecoder();
            decode = decoder.decode(str);
            return signature.verify(decode);
        } catch (InvalidKeyException e6) {
            throw new RuntimeException("无效的证书", e6);
        } catch (NoSuchAlgorithmException e7) {
            throw new RuntimeException("当前Java环境不支持SHA256withRSA", e7);
        } catch (SignatureException e8) {
            throw new RuntimeException("签名验证过程发生了错误", e8);
        }
    }
}
