package com.android.server;

import android.content.Context;
import android.net.ConnectivityManager;
import android.net.NetworkCapabilities;
import android.net.NetworkInfo;
import android.os.Binder;
import android.os.Build;
import android.os.SystemProperties;
import android.util.Slog;
import com.samsung.android.service.SamsungKeyProvisioningManagerService.ISamsungKeyProvisioningManagerService;
import java.util.HashMap;

/* loaded from: classes5.dex */
public final class SamsungKeyProvisioningManagerService extends ISamsungKeyProvisioningManagerService.Stub {
    private static final int ERROR_EXCEPTION = -90;
    private static final int ERROR_NETWORK_NOT_AVAILABLE = -41;
    private static final int ERROR_NOT_SUPPORTED = -3;
    private static final int ERROR_NO_PERMISSION = -91;
    private static final byte FLAG_SUPPORT_GRDM = 16;
    private static final int NO_ERROR = 0;
    private static final String TAG = "SamsungKeyProvisioningManagerService";
    private static final Object mLock = new Object();
    private boolean isGuardianM;
    private boolean isSepLite;
    private Context mContext;
    private AllowList mJavaPkgAllowList;
    private String mRequestedProcess;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes5.dex */
    public static final class AllowList {
        private HashMap<String, Integer> allowMap = new HashMap<>();

        public void add(String str, int i10) {
            this.allowMap.put(str, Integer.valueOf(i10));
        }

        public boolean match(String str, int i10) {
            return this.allowMap.get(str).intValue() == i10;
        }
    }

    static {
        System.loadLibrary("sec_skpm");
    }

    public SamsungKeyProvisioningManagerService(Context context) {
        this.isSepLite = false;
        this.isGuardianM = false;
        this.mContext = context;
        AllowList allowList = new AllowList();
        this.mJavaPkgAllowList = allowList;
        allowList.add("system", 1000);
        this.mJavaPkgAllowList.add("com.skms.android.agent:remote", 1000);
        this.mJavaPkgAllowList.add("com.sec.keyverifier", 1000);
        if ("eng".equals(Build.TYPE)) {
            this.mJavaPkgAllowList.add("security.sec.com.skpmtest", 1000);
        }
        if (this.mContext.getPackageManager().hasSystemFeature("com.samsung.feature.samsung_experience_mobile_lite")) {
            this.isSepLite = true;
            if (Build.MODEL != null && (Build.MODEL.contains("SM-M105") || Build.MODEL.contains("SM-M205") || Build.MODEL.contains("SM-M305") || Build.MODEL.equals("SM-M3070"))) {
                this.isSepLite = false;
            }
            if ("in_house".equals("in_house")) {
                int i10 = SystemProperties.getInt("ro.product.first_api_level", 0);
                Slog.d(TAG, "In house models, first api level : " + i10);
                if (i10 >= 29) {
                    this.isSepLite = false;
                }
            } else {
                if (!"v4".equals("")) {
                    Slog.d(TAG, "Support on JDM devices for fido service");
                    this.isSepLite = false;
                }
                if (!"0".equals("0") && !"0".equals("")) {
                    Slog.d(TAG, "Support on JDM devices for ifaa service");
                    this.isSepLite = false;
                }
            }
        }
        if ("".equals("")) {
            return;
        }
        Slog.i(TAG, "Use GRDM mode");
        this.isSepLite = false;
        this.isGuardianM = true;
    }

    private native int changeOtaServer(String str, String str2);

    private native int createGetSessionKey(byte b10, String str, byte[] bArr, byte b11);

    private native int generateServiceKey();

    /* JADX WARN: Code restructure failed: missing block: B:12:0x002e, code lost:
    
        r1 = r4.processName;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private boolean hasAccessPermission(int r8, int r9) {
        /*
            r7 = this;
            java.lang.String r0 = "SamsungKeyProvisioningManagerService"
            java.lang.String r1 = ""
            android.content.Context r2 = r7.mContext     // Catch: java.lang.Exception -> L32
            java.lang.String r3 = "activity"
            java.lang.Object r2 = r2.getSystemService(r3)     // Catch: java.lang.Exception -> L32
            android.app.ActivityManager r2 = (android.app.ActivityManager) r2     // Catch: java.lang.Exception -> L32
            java.util.List r3 = r2.getRunningAppProcesses()     // Catch: java.lang.Exception -> L32
            if (r3 == 0) goto L31
            java.util.List r3 = r2.getRunningAppProcesses()     // Catch: java.lang.Exception -> L32
            java.util.Iterator r3 = r3.iterator()     // Catch: java.lang.Exception -> L32
        L1c:
            boolean r4 = r3.hasNext()     // Catch: java.lang.Exception -> L32
            if (r4 == 0) goto L31
            java.lang.Object r4 = r3.next()     // Catch: java.lang.Exception -> L32
            android.app.ActivityManager$RunningAppProcessInfo r4 = (android.app.ActivityManager.RunningAppProcessInfo) r4     // Catch: java.lang.Exception -> L32
            int r5 = r4.pid     // Catch: java.lang.Exception -> L32
            if (r5 != r8) goto L30
            java.lang.String r3 = r4.processName     // Catch: java.lang.Exception -> L32
            r1 = r3
            goto L31
        L30:
            goto L1c
        L31:
            goto L3d
        L32:
            r2 = move-exception
            java.lang.String r3 = "Error occurs on checking package name."
            android.util.Slog.e(r0, r3)
            r2.printStackTrace()
            java.lang.String r1 = ""
        L3d:
            com.android.server.SamsungKeyProvisioningManagerService$AllowList r2 = r7.mJavaPkgAllowList
            boolean r2 = r2.match(r1, r9)
            java.lang.String r3 = "]"
            java.lang.String r4 = "Requested package name = ["
            if (r2 == 0) goto L61
            java.lang.StringBuilder r5 = new java.lang.StringBuilder
            r5.<init>()
            r5.append(r4)
            r5.append(r1)
            r5.append(r3)
            java.lang.String r3 = r5.toString()
            android.util.Slog.i(r0, r3)
            r7.mRequestedProcess = r1
            goto Lab
        L61:
            com.android.server.SamsungKeyProvisioningManagerService$AllowList r5 = r7.mJavaPkgAllowList
            r6 = 100000(0x186a0, float:1.4013E-40)
            int r6 = r9 % r6
            boolean r2 = r5.match(r1, r6)
            if (r2 == 0) goto L88
            java.lang.StringBuilder r3 = new java.lang.StringBuilder
            r3.<init>()
            r3.append(r4)
            r3.append(r1)
            java.lang.String r4 = "], called from secure container"
            r3.append(r4)
            java.lang.String r3 = r3.toString()
            android.util.Slog.i(r0, r3)
            r7.mRequestedProcess = r1
            goto Lab
        L88:
            java.lang.StringBuilder r4 = new java.lang.StringBuilder
            r4.<init>()
            java.lang.String r5 = "Permission denied. Package name = ["
            r4.append(r5)
            r4.append(r1)
            java.lang.String r5 = "], UID = ["
            r4.append(r5)
            r4.append(r9)
            r4.append(r3)
            java.lang.String r3 = r4.toString()
            android.util.Slog.e(r0, r3)
            java.lang.String r0 = ""
            r7.mRequestedProcess = r0
        Lab:
            return r2
        */
        throw new UnsupportedOperationException("Method not decompiled: com.android.server.SamsungKeyProvisioningManagerService.hasAccessPermission(int, int):boolean");
    }

    private native int injectKey(byte b10, byte b11, String str, byte[] bArr, byte b12);

    private boolean isNetworkAvailable() {
        ConnectivityManager connectivityManager = (ConnectivityManager) this.mContext.getSystemService("connectivity");
        if (connectivityManager == null) {
            Slog.e(TAG, "Couldn't get connectivity manager");
            return false;
        }
        NetworkInfo activeNetworkInfo = connectivityManager.getActiveNetworkInfo();
        if (activeNetworkInfo == null) {
            Slog.e(TAG, "There is not active network");
            return false;
        }
        if (activeNetworkInfo.isConnected()) {
            NetworkCapabilities networkCapabilities = connectivityManager.getNetworkCapabilities(connectivityManager.getActiveNetwork());
            return networkCapabilities != null && networkCapabilities.hasCapability(12) && networkCapabilities.hasCapability(16);
        }
        Slog.e(TAG, "Network is not connected");
        return false;
    }

    private native int readKeyUID(byte b10, byte b11, String str, byte[] bArr);

    private native int releaseGetSessionKey();

    private native int verifyKey(byte b10, byte b11, String str);

    @Override // com.samsung.android.service.SamsungKeyProvisioningManagerService.ISamsungKeyProvisioningManagerService
    public int create_keySession(byte b10, String str, byte[] bArr, byte b11) {
        int createGetSessionKey;
        if (!hasAccessPermission(Binder.getCallingPid(), Binder.getCallingUid())) {
            return -91;
        }
        if (this.isSepLite) {
            return -3;
        }
        try {
            synchronized (mLock) {
                createGetSessionKey = createGetSessionKey(b10, str, bArr, b11);
            }
            return createGetSessionKey;
        } catch (Exception e10) {
            Slog.e(TAG, "Failed to create_keySession. keyType : " + ((int) b10) + ", Name : " + str + ", encodingType : " + ((int) b11) + ", Ret : " + e10.toString());
            return -90;
        }
    }

    @Override // com.samsung.android.service.SamsungKeyProvisioningManagerService.ISamsungKeyProvisioningManagerService
    public int get_keyUid(byte b10, byte b11, String str, byte[] bArr) {
        int readKeyUID;
        if (!hasAccessPermission(Binder.getCallingPid(), Binder.getCallingUid())) {
            return -91;
        }
        if (this.isSepLite) {
            return -3;
        }
        try {
            synchronized (mLock) {
                readKeyUID = readKeyUID(b10, b11, str, bArr);
            }
            return readKeyUID;
        } catch (Exception e10) {
            Slog.e(TAG, "Failed to get_keyUid. injectionType : " + ((int) b10) + ", keyType : " + ((int) b11) + ", keyName : " + str + ", Ret : " + e10.toString());
            return -90;
        }
    }

    @Override // com.samsung.android.service.SamsungKeyProvisioningManagerService.ISamsungKeyProvisioningManagerService
    public int release_keySession() {
        int releaseGetSessionKey;
        if (!hasAccessPermission(Binder.getCallingPid(), Binder.getCallingUid())) {
            return -91;
        }
        if (this.isSepLite) {
            return -3;
        }
        synchronized (mLock) {
            releaseGetSessionKey = releaseGetSessionKey();
        }
        return releaseGetSessionKey;
    }

    @Override // com.samsung.android.service.SamsungKeyProvisioningManagerService.ISamsungKeyProvisioningManagerService
    public int set_otaServer(String str, String str2) {
        int changeOtaServer;
        if (!hasAccessPermission(Binder.getCallingPid(), Binder.getCallingUid())) {
            return -91;
        }
        if (this.isSepLite) {
            return -3;
        }
        try {
            synchronized (mLock) {
                changeOtaServer = changeOtaServer(str, str2);
            }
            return changeOtaServer;
        } catch (Exception e10) {
            Slog.e(TAG, "Failed to set_otaServer. serverAddress : " + str + ", serverPort : " + str2 + ", Ret : " + e10.toString());
            return -90;
        }
    }

    @Override // com.samsung.android.service.SamsungKeyProvisioningManagerService.ISamsungKeyProvisioningManagerService
    public int verify_key(byte b10, byte b11, String str) {
        int verifyKey;
        if (!hasAccessPermission(Binder.getCallingPid(), Binder.getCallingUid())) {
            return -91;
        }
        if (this.isSepLite) {
            return -3;
        }
        try {
            synchronized (mLock) {
                verifyKey = verifyKey(b10, b11, str);
            }
            return verifyKey;
        } catch (Exception e10) {
            Slog.e(TAG, "Failed to verify_key. injectionType : " + ((int) b10) + ", keyType : " + ((int) b11) + ", keyName : " + str + ", Ret : " + e10.toString());
            return -90;
        }
    }

    @Override // com.samsung.android.service.SamsungKeyProvisioningManagerService.ISamsungKeyProvisioningManagerService
    public int write_key(byte b10, byte b11, String str, byte[] bArr, byte b12) {
        int injectKey;
        if (!hasAccessPermission(Binder.getCallingPid(), Binder.getCallingUid())) {
            return -91;
        }
        if (this.isSepLite) {
            return -3;
        }
        if (b10 == 2 || b10 == 4) {
            try {
                if (!isNetworkAvailable()) {
                    Slog.e(TAG, "Network is not available");
                    return -41;
                }
            } catch (Exception e10) {
                Slog.e(TAG, "Failed to write_key. injectionType : " + ((int) b10) + ", keyType : " + ((int) b11) + ", keyName : " + str + ", encodingType : " + ((int) b12) + ", Ret : " + e10.toString());
                return -90;
            }
        }
        if (this.isGuardianM) {
            b10 = (byte) (b10 | 16);
        }
        synchronized (mLock) {
            injectKey = injectKey(b10, b11, str, bArr, b12);
        }
        return injectKey;
    }
}
