package com.android.server.pm;

import android.content.pm.PackageParser;
import android.os.Environment;
import android.provider.Telephony;
import android.security.keystore.KeyProperties;
import android.util.Slog;
import com.android.internal.telephony.PhoneConstants;
import com.android.server.pm.Policy;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import libcore.io.IoUtils;
import org.xmlpull.v1.XmlPullParser;
import org.xmlpull.v1.XmlPullParserException;

/* loaded from: input_file:com/android/server/pm/SELinuxMMAC.class */
public final class SELinuxMMAC {
    static final String TAG = "SELinuxMMAC";
    private static final boolean DEBUG_POLICY = false;
    private static final boolean DEBUG_POLICY_INSTALL = false;
    private static final boolean DEBUG_POLICY_ORDER = false;
    private static final String BASE_VERSION_FILE = "/selinux_version";
    private static final String MAC_PERMISSIONS;
    private static final String DATA_SEAPP_CONTEXTS;
    private static final String BASE_SEAPP_CONTEXTS = "/seapp_contexts";
    private static final String SEAPP_CONTEXTS;
    private static final String SEAPP_HASH_FILE;
    private static List<com.android.server.pm.Policy> sPolicies = new ArrayList();
    private static final String DATA_VERSION_FILE = Environment.getDataDirectory() + "/security/current/selinux_version";
    private static final boolean USE_OVERRIDE_POLICY = useOverridePolicy();
    private static final String DATA_MAC_PERMISSIONS = Environment.getDataDirectory() + "/security/current/mac_permissions.xml";
    private static final String BASE_MAC_PERMISSIONS = Environment.getRootDirectory() + "/etc/security/mac_permissions.xml";

    /* loaded from: input_file:com/android/server/pm/SELinuxMMAC$Policy.class */
    static class Policy {
        private String seinfo = null;
        private final HashMap<String, String> pkgMap = new HashMap<>();

        Policy() {
        }

        void putSeinfo(String str) {
            this.seinfo = str;
        }

        void putPkg(String str, String str2) {
            this.pkgMap.put(str, str2);
        }

        boolean isValid() {
            return (this.seinfo == null && this.pkgMap.isEmpty()) ? false : true;
        }

        String checkPolicy(String str) {
            String str2 = this.pkgMap.get(str);
            return str2 != null ? str2 : this.seinfo;
        }
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Code restructure failed: missing block: B:18:0x00a9, code lost:
    
        switch(r9) {
            case 0: goto L19;
            case 1: goto L20;
            default: goto L21;
        };
     */
    /* JADX WARN: Code restructure failed: missing block: B:19:0x00c4, code lost:
    
        r0.add(readSignerOrThrow(r0));
     */
    /* JADX WARN: Code restructure failed: missing block: B:23:0x00d2, code lost:
    
        r0.add(readDefaultOrThrow(r0));
     */
    /* JADX WARN: Code restructure failed: missing block: B:24:0x00e0, code lost:
    
        skip(r0);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static boolean readInstallPolicy() {
        /*
            Method dump skipped, instructions count: 439
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.android.server.pm.SELinuxMMAC.readInstallPolicy():boolean");
    }

    private static com.android.server.pm.Policy readSignerOrThrow(XmlPullParser xmlPullParser) throws IOException, XmlPullParserException {
        xmlPullParser.require(2, null, "signer");
        Policy.PolicyBuilder policyBuilder = new Policy.PolicyBuilder();
        String attributeValue = xmlPullParser.getAttributeValue(null, "signature");
        if (attributeValue != null) {
            policyBuilder.addSignature(attributeValue);
        }
        while (xmlPullParser.next() != 3) {
            if (xmlPullParser.getEventType() == 2) {
                String name = xmlPullParser.getName();
                if ("seinfo".equals(name)) {
                    policyBuilder.setGlobalSeinfoOrThrow(xmlPullParser.getAttributeValue(null, "value"));
                    readSeinfo(xmlPullParser);
                } else if (Telephony.Sms.Intents.EXTRA_PACKAGE_NAME.equals(name)) {
                    readPackageOrThrow(xmlPullParser, policyBuilder);
                } else if ("cert".equals(name)) {
                    policyBuilder.addSignature(xmlPullParser.getAttributeValue(null, "signature"));
                    readCert(xmlPullParser);
                } else {
                    skip(xmlPullParser);
                }
            }
        }
        return policyBuilder.build();
    }

    private static com.android.server.pm.Policy readDefaultOrThrow(XmlPullParser xmlPullParser) throws IOException, XmlPullParserException {
        xmlPullParser.require(2, null, PhoneConstants.APN_TYPE_DEFAULT);
        Policy.PolicyBuilder policyBuilder = new Policy.PolicyBuilder();
        policyBuilder.setAsDefaultPolicy();
        while (xmlPullParser.next() != 3) {
            if (xmlPullParser.getEventType() == 2) {
                if ("seinfo".equals(xmlPullParser.getName())) {
                    policyBuilder.setGlobalSeinfoOrThrow(xmlPullParser.getAttributeValue(null, "value"));
                    readSeinfo(xmlPullParser);
                } else {
                    skip(xmlPullParser);
                }
            }
        }
        return policyBuilder.build();
    }

    private static void readPackageOrThrow(XmlPullParser xmlPullParser, Policy.PolicyBuilder policyBuilder) throws IOException, XmlPullParserException {
        xmlPullParser.require(2, null, Telephony.Sms.Intents.EXTRA_PACKAGE_NAME);
        String attributeValue = xmlPullParser.getAttributeValue(null, "name");
        while (xmlPullParser.next() != 3) {
            if (xmlPullParser.getEventType() == 2) {
                if ("seinfo".equals(xmlPullParser.getName())) {
                    policyBuilder.addInnerPackageMapOrThrow(attributeValue, xmlPullParser.getAttributeValue(null, "value"));
                    readSeinfo(xmlPullParser);
                } else {
                    skip(xmlPullParser);
                }
            }
        }
    }

    private static void readCert(XmlPullParser xmlPullParser) throws IOException, XmlPullParserException {
        xmlPullParser.require(2, null, "cert");
        xmlPullParser.nextTag();
    }

    private static void readSeinfo(XmlPullParser xmlPullParser) throws IOException, XmlPullParserException {
        xmlPullParser.require(2, null, "seinfo");
        xmlPullParser.nextTag();
    }

    private static void skip(XmlPullParser xmlPullParser) throws IOException, XmlPullParserException {
        if (xmlPullParser.getEventType() != 2) {
            throw new IllegalStateException();
        }
        int i = 1;
        while (i != 0) {
            switch (xmlPullParser.next()) {
                case 2:
                    i++;
                    break;
                case 3:
                    i--;
                    break;
            }
        }
    }

    public static boolean assignSeinfoValue(PackageParser.Package r3) {
        synchronized (sPolicies) {
            Iterator<com.android.server.pm.Policy> it = sPolicies.iterator();
            while (it.hasNext()) {
                String matchedSeinfo = it.next().getMatchedSeinfo(r3);
                if (matchedSeinfo != null) {
                    r3.applicationInfo.seinfo = matchedSeinfo;
                    return true;
                }
            }
            return false;
        }
    }

    public static boolean shouldRestorecon() {
        try {
            byte[] returnHash = returnHash(SEAPP_CONTEXTS);
            byte[] bArr = null;
            try {
                bArr = IoUtils.readFileAsByteArray(SEAPP_HASH_FILE);
            } catch (IOException e) {
                Slog.w(TAG, "Error opening " + SEAPP_HASH_FILE + ". Assuming first boot.");
            }
            return bArr == null || !MessageDigest.isEqual(bArr, returnHash);
        } catch (IOException e2) {
            Slog.e(TAG, "Error with hashing seapp_contexts.", e2);
            return false;
        }
    }

    public static void setRestoreconDone() {
        try {
            dumpHash(new File(SEAPP_HASH_FILE), returnHash(SEAPP_CONTEXTS));
        } catch (IOException e) {
            Slog.e(TAG, "Error with saving hash to " + SEAPP_HASH_FILE, e);
        }
    }

    private static void dumpHash(File file, byte[] bArr) throws IOException {
        FileOutputStream fileOutputStream = null;
        File file2 = null;
        try {
            file2 = File.createTempFile("seapp_hash", ".journal", file.getParentFile());
            file2.setReadable(true);
            fileOutputStream = new FileOutputStream(file2);
            fileOutputStream.write(bArr);
            fileOutputStream.getFD().sync();
            if (!file2.renameTo(file)) {
                throw new IOException("Failure renaming " + file.getCanonicalPath());
            }
            if (file2 != null) {
                file2.delete();
            }
            IoUtils.closeQuietly(fileOutputStream);
        } catch (Throwable th) {
            if (file2 != null) {
                file2.delete();
            }
            IoUtils.closeQuietly(fileOutputStream);
            throw th;
        }
    }

    private static byte[] returnHash(String str) throws IOException {
        try {
            return MessageDigest.getInstance(KeyProperties.DIGEST_SHA1).digest(IoUtils.readFileAsByteArray(str));
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    private static boolean useOverridePolicy() {
        try {
            String readFileAsString = IoUtils.readFileAsString(DATA_VERSION_FILE);
            String readFileAsString2 = IoUtils.readFileAsString(BASE_VERSION_FILE);
            if (readFileAsString.equals(readFileAsString2)) {
                return true;
            }
            Slog.e(TAG, "Override policy version '" + readFileAsString + "' doesn't match base version '" + readFileAsString2 + "'. Skipping override policy files.");
            return false;
        } catch (FileNotFoundException e) {
            return false;
        } catch (IOException e2) {
            Slog.w(TAG, "Skipping override policy files.", e2);
            return false;
        }
    }

    static {
        MAC_PERMISSIONS = USE_OVERRIDE_POLICY ? DATA_MAC_PERMISSIONS : BASE_MAC_PERMISSIONS;
        DATA_SEAPP_CONTEXTS = Environment.getDataDirectory() + "/security/current/seapp_contexts";
        SEAPP_CONTEXTS = USE_OVERRIDE_POLICY ? DATA_SEAPP_CONTEXTS : BASE_SEAPP_CONTEXTS;
        SEAPP_HASH_FILE = Environment.getDataDirectory().toString() + "/system/seapp_hash";
    }
}
