package com.android.tools.lint.checks;

import com.android.annotations.NonNull;
import com.android.annotations.Nullable;
import com.android.tools.lint.detector.api.Category;
import com.android.tools.lint.detector.api.ClassContext;
import com.android.tools.lint.detector.api.Detector;
import com.android.tools.lint.detector.api.Implementation;
import com.android.tools.lint.detector.api.Issue;
import com.android.tools.lint.detector.api.LintUtils;
import com.android.tools.lint.detector.api.Scope;
import com.android.tools.lint.detector.api.Severity;
import java.util.Collections;
import java.util.List;
import org.objectweb.asm.Type;
import org.objectweb.asm.tree.ClassNode;
import org.objectweb.asm.tree.MethodInsnNode;
import org.objectweb.asm.tree.MethodNode;
import org.objectweb.asm.tree.analysis.Analyzer;
import org.objectweb.asm.tree.analysis.AnalyzerException;
import org.objectweb.asm.tree.analysis.BasicInterpreter;
import org.objectweb.asm.tree.analysis.BasicValue;
import org.objectweb.asm.tree.analysis.Frame;

/* loaded from: input_file:com/android/tools/lint/checks/SecureRandomDetector.class */
public class SecureRandomDetector extends Detector implements Detector.ClassScanner {
    public static final Issue ISSUE;
    private static final String SET_SEED = "setSeed";
    static final String OWNER_SECURE_RANDOM = "java/security/SecureRandom";
    private static final String OWNER_RANDOM = "java/util/Random";
    private static final String VM_SECURE_RANDOM = "Ljava/security/SecureRandom;";
    private static final String LONG_ARG = "(J)";
    static final /* synthetic */ boolean $assertionsDisabled;

    @Nullable
    public List<String> getApplicableCallNames() {
        return Collections.singletonList(SET_SEED);
    }

    public void checkCall(@NonNull ClassContext classContext, @NonNull ClassNode classNode, @NonNull MethodNode methodNode, @NonNull MethodInsnNode methodInsnNode) {
        String str = methodInsnNode.owner;
        String str2 = methodInsnNode.desc;
        if (str.equals(OWNER_SECURE_RANDOM)) {
            if (str2.startsWith(LONG_ARG)) {
                checkValidSetSeed(classContext, methodInsnNode);
                return;
            } else {
                if (str2.startsWith("([B)")) {
                }
                return;
            }
        }
        if (!str.equals(OWNER_RANDOM) || !str2.startsWith(LONG_ARG)) {
            if (!str.equals(OWNER_RANDOM) || str2.startsWith(LONG_ARG)) {
            }
            return;
        }
        try {
            Frame frame = new Analyzer(new BasicInterpreter() { // from class: com.android.tools.lint.checks.SecureRandomDetector.1
                /* renamed from: newValue, reason: merged with bridge method [inline-methods] */
                public BasicValue m74newValue(Type type) {
                    return (type == null || !type.getDescriptor().equals(SecureRandomDetector.VM_SECURE_RANDOM)) ? super.newValue(type) : new BasicValue(type);
                }
            }).analyze(classNode.name, methodNode)[methodNode.instructions.indexOf(methodInsnNode)];
            int stackSize = frame.getStackSize();
            for (Type type : Type.getArgumentTypes(str2)) {
                stackSize -= type.getSize();
            }
            Type type2 = frame.getStack(stackSize).getType();
            if (type2 != null && type2.getDescriptor().equals(VM_SECURE_RANDOM)) {
                checkValidSetSeed(classContext, methodInsnNode);
            }
        } catch (AnalyzerException e) {
            classContext.log(e, (String) null, new Object[0]);
        }
    }

    private static void checkValidSetSeed(ClassContext classContext, MethodInsnNode methodInsnNode) {
        if (!$assertionsDisabled && !methodInsnNode.name.equals(SET_SEED)) {
            throw new AssertionError();
        }
        MethodInsnNode prevInstruction = LintUtils.getPrevInstruction(methodInsnNode);
        if (prevInstruction == null) {
            return;
        }
        int opcode = prevInstruction.getOpcode();
        if (opcode == 9 || opcode == 10 || opcode == 18) {
            classContext.report(ISSUE, classContext.getLocation(methodInsnNode), "Do not call setSeed() on a SecureRandom with a fixed seed: it is not secure. Use getSeed().", (Object) null);
            return;
        }
        if (opcode == 184) {
            String str = prevInstruction.name;
            if (str.equals("currentTimeMillis") || str.equals("nanoTime")) {
                classContext.report(ISSUE, classContext.getLocation(methodInsnNode), "It is dangerous to seed SecureRandom with the current time because that value is more predictable to an attacker than the default seed.", (Object) null);
            }
        }
    }

    static {
        $assertionsDisabled = !SecureRandomDetector.class.desiredAssertionStatus();
        ISSUE = Issue.create("SecureRandom", "Using a fixed seed with `SecureRandom`", "Looks for suspicious usage of the SecureRandom class", "Specifying a fixed seed will cause the instance to return a predictable sequence of numbers. This may be useful for testing but it is not appropriate for secure use.", Category.PERFORMANCE, 9, Severity.WARNING, new Implementation(SecureRandomDetector.class, Scope.CLASS_FILE_SCOPE)).addMoreInfo("http://developer.android.com/reference/java/security/SecureRandom.html");
    }
}
