package com.android.role.persistence;

import android.annotation.NonNull;
import android.annotation.Nullable;
import android.content.ApexEnvironment;
import android.os.FileUtils;
import android.os.UserHandle;
import android.util.ArrayMap;
import android.util.ArraySet;
import android.util.AtomicFile;
import android.util.Log;
import android.util.Xml;
import com.android.permission.jarjar.com.android.internal.annotations.VisibleForTesting;
import com.android.permission.jarjar.com.android.modules.utils.build.SdkLevel;
import com.android.permission.jarjar.com.android.permission.flags.Flags;
import com.android.permission.persistence.IoUtils;
import com.android.server.security.FileIntegrity;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Map;
import java.util.Set;
import org.xmlpull.v1.XmlPullParser;
import org.xmlpull.v1.XmlPullParserException;
import org.xmlpull.v1.XmlSerializer;

/* loaded from: input_file:com/android/role/persistence/RolesPersistenceImpl.class */
public class RolesPersistenceImpl implements RolesPersistence {
    private static final String LOG_TAG = RolesPersistenceImpl.class.getSimpleName();
    private static final String APEX_MODULE_NAME = "com.android.permission";
    private static final String ROLES_FILE_NAME = "roles.xml";
    private static final String ROLES_RESERVE_COPY_FILE_NAME = "roles.xml.reservecopy";
    private static final String TAG_ROLES = "roles";
    private static final String TAG_ROLE = "role";
    private static final String TAG_HOLDER = "holder";
    private static final String ATTRIBUTE_VERSION = "version";
    private static final String ATTRIBUTE_NAME = "name";
    private static final String ATTRIBUTE_FALLBACK_ENABLED = "fallbackEnabled";
    private static final String ATTRIBUTE_ACTIVE_USER_ID = "activeUserId";
    private static final String ATTRIBUTE_PACKAGES_HASH = "packagesHash";

    @NonNull
    private final Injector mInjector;

    @VisibleForTesting
    /* loaded from: input_file:com/android/role/persistence/RolesPersistenceImpl$Injector.class */
    interface Injector {
        void enableFsVerity(@NonNull File file) throws IOException;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RolesPersistenceImpl() {
        this(file -> {
            if (SdkLevel.isAtLeastU()) {
                FileIntegrity.setUpFsVerity(file);
            }
        });
    }

    @VisibleForTesting
    RolesPersistenceImpl(@NonNull Injector injector) {
        this.mInjector = injector;
    }

    @Override // com.android.role.persistence.RolesPersistence
    @Nullable
    public RolesState readForUser(@NonNull UserHandle userHandle) {
        File file = getFile(userHandle);
        try {
            FileInputStream openRead = new AtomicFile(file).openRead();
            try {
                XmlPullParser newPullParser = Xml.newPullParser();
                newPullParser.setInput(openRead, null);
                RolesState parseXml = parseXml(newPullParser);
                if (openRead != null) {
                    openRead.close();
                }
                return parseXml;
            } catch (Throwable th) {
                if (openRead != null) {
                    try {
                        openRead.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (FileNotFoundException e) {
            Log.i(LOG_TAG, "roles.xml not found");
            return null;
        } catch (Exception e2) {
            File reserveCopyFile = getReserveCopyFile(userHandle);
            Log.wtf(LOG_TAG, "Reading from reserve copy: " + reserveCopyFile, e2);
            try {
                FileInputStream openRead2 = new AtomicFile(reserveCopyFile).openRead();
                try {
                    XmlPullParser newPullParser2 = Xml.newPullParser();
                    newPullParser2.setInput(openRead2, null);
                    RolesState parseXml2 = parseXml(newPullParser2);
                    if (openRead2 != null) {
                        openRead2.close();
                    }
                    return parseXml2;
                } catch (Throwable th3) {
                    if (openRead2 != null) {
                        try {
                            openRead2.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                    }
                    throw th3;
                }
            } catch (Exception e3) {
                Log.e(LOG_TAG, "Failed to read reserve copy: " + reserveCopyFile, e3);
                throw new IllegalStateException("Failed to read roles.xml: " + file, e2);
            }
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:10:0x004f, code lost:
    
        throw new java.lang.IllegalStateException("Missing <roles> in roles.xml");
     */
    @android.annotation.NonNull
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static com.android.role.persistence.RolesState parseXml(@android.annotation.NonNull org.xmlpull.v1.XmlPullParser r4) throws java.io.IOException, org.xmlpull.v1.XmlPullParserException {
        /*
            r0 = r4
            int r0 = r0.getDepth()
            r1 = 1
            int r0 = r0 + r1
            r7 = r0
        L9:
            r0 = r4
            int r0 = r0.next()
            r1 = r0
            r5 = r1
            r1 = 1
            if (r0 == r1) goto L46
            r0 = r4
            int r0 = r0.getDepth()
            r1 = r0
            r6 = r1
            r1 = r7
            if (r0 >= r1) goto L26
            r0 = r5
            r1 = 3
            if (r0 == r1) goto L46
        L26:
            r0 = r6
            r1 = r7
            if (r0 > r1) goto L9
            r0 = r5
            r1 = 2
            if (r0 == r1) goto L33
            goto L9
        L33:
            r0 = r4
            java.lang.String r0 = r0.getName()
            java.lang.String r1 = "roles"
            boolean r0 = r0.equals(r1)
            if (r0 == 0) goto L9
            r0 = r4
            com.android.role.persistence.RolesState r0 = parseRoles(r0)
            return r0
        L46:
            java.lang.IllegalStateException r0 = new java.lang.IllegalStateException
            r1 = r0
            java.lang.String r2 = "Missing <roles> in roles.xml"
            r1.<init>(r2)
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.android.role.persistence.RolesPersistenceImpl.parseXml(org.xmlpull.v1.XmlPullParser):com.android.role.persistence.RolesState");
    }

    @NonNull
    private static RolesState parseRoles(@NonNull XmlPullParser xmlPullParser) throws IOException, XmlPullParserException {
        int depth;
        String attributeValue;
        int parseInt = Integer.parseInt(xmlPullParser.getAttributeValue(null, ATTRIBUTE_VERSION));
        String attributeValue2 = xmlPullParser.getAttributeValue(null, ATTRIBUTE_PACKAGES_HASH);
        ArrayMap arrayMap = new ArrayMap();
        ArraySet arraySet = new ArraySet();
        ArrayMap arrayMap2 = new ArrayMap();
        int depth2 = xmlPullParser.getDepth() + 1;
        while (true) {
            int next = xmlPullParser.next();
            if (next == 1 || ((depth = xmlPullParser.getDepth()) < depth2 && next == 3)) {
                break;
            }
            if (depth <= depth2 && next == 2 && xmlPullParser.getName().equals(TAG_ROLE)) {
                String attributeValue3 = xmlPullParser.getAttributeValue(null, ATTRIBUTE_NAME);
                if (Boolean.parseBoolean(xmlPullParser.getAttributeValue(null, ATTRIBUTE_FALLBACK_ENABLED))) {
                    arraySet.add(attributeValue3);
                }
                if (Flags.crossUserRoleEnabled() && (attributeValue = xmlPullParser.getAttributeValue(null, ATTRIBUTE_ACTIVE_USER_ID)) != null) {
                    arrayMap2.put(attributeValue3, Integer.valueOf(Integer.parseInt(attributeValue)));
                }
                arrayMap.put(attributeValue3, parseRoleHolders(xmlPullParser));
            }
        }
        return Flags.crossUserRoleEnabled() ? new RolesState(parseInt, attributeValue2, arrayMap, arraySet, arrayMap2) : new RolesState(parseInt, attributeValue2, arrayMap, arraySet);
    }

    @NonNull
    private static Set<String> parseRoleHolders(@NonNull XmlPullParser xmlPullParser) throws IOException, XmlPullParserException {
        int depth;
        ArraySet arraySet = new ArraySet();
        int depth2 = xmlPullParser.getDepth() + 1;
        while (true) {
            int next = xmlPullParser.next();
            if (next == 1 || ((depth = xmlPullParser.getDepth()) < depth2 && next == 3)) {
                break;
            }
            if (depth <= depth2 && next == 2 && xmlPullParser.getName().equals(TAG_HOLDER)) {
                arraySet.add(xmlPullParser.getAttributeValue(null, ATTRIBUTE_NAME));
            }
        }
        return arraySet;
    }

    @Override // com.android.role.persistence.RolesPersistence
    public void writeForUser(@NonNull RolesState rolesState, @NonNull UserHandle userHandle) {
        File file = getFile(userHandle);
        AtomicFile atomicFile = new AtomicFile(file);
        FileOutputStream fileOutputStream = null;
        try {
            try {
                fileOutputStream = atomicFile.startWrite();
                XmlSerializer newSerializer = Xml.newSerializer();
                newSerializer.setOutput(fileOutputStream, StandardCharsets.UTF_8.name());
                newSerializer.setFeature("http://xmlpull.org/v1/doc/features.html#indent-output", true);
                newSerializer.startDocument(null, true);
                serializeRoles(newSerializer, rolesState);
                newSerializer.endDocument();
                atomicFile.finishWrite(fileOutputStream);
                IoUtils.closeQuietly(fileOutputStream);
                File reserveCopyFile = getReserveCopyFile(userHandle);
                reserveCopyFile.delete();
                try {
                    FileInputStream fileInputStream = new FileInputStream(file);
                    try {
                        FileOutputStream fileOutputStream2 = new FileOutputStream(reserveCopyFile);
                        try {
                            FileUtils.copy(fileInputStream, fileOutputStream2);
                            fileOutputStream2.getFD().sync();
                            fileOutputStream2.close();
                            fileInputStream.close();
                        } catch (Throwable th) {
                            try {
                                fileOutputStream2.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                            throw th;
                        }
                    } finally {
                    }
                } catch (Exception e) {
                    Log.e(LOG_TAG, "Failed to write reserve copy: " + reserveCopyFile, e);
                }
                try {
                    this.mInjector.enableFsVerity(file);
                    this.mInjector.enableFsVerity(reserveCopyFile);
                } catch (Exception e2) {
                    Log.e(LOG_TAG, "Failed to verity-protect roles", e2);
                }
            } catch (Exception e3) {
                Log.wtf(LOG_TAG, "Failed to write roles.xml, restoring backup: " + file, e3);
                atomicFile.failWrite(fileOutputStream);
                IoUtils.closeQuietly(fileOutputStream);
            }
        } catch (Throwable th3) {
            IoUtils.closeQuietly(fileOutputStream);
            throw th3;
        }
    }

    private static void serializeRoles(@NonNull XmlSerializer xmlSerializer, @NonNull RolesState rolesState) throws IOException {
        xmlSerializer.startTag(null, TAG_ROLES);
        xmlSerializer.attribute(null, ATTRIBUTE_VERSION, Integer.toString(rolesState.getVersion()));
        String packagesHash = rolesState.getPackagesHash();
        if (packagesHash != null) {
            xmlSerializer.attribute(null, ATTRIBUTE_PACKAGES_HASH, packagesHash);
        }
        Set<String> fallbackEnabledRoles = rolesState.getFallbackEnabledRoles();
        Map<String, Integer> activeUserIds = rolesState.getActiveUserIds();
        for (Map.Entry<String, Set<String>> entry : rolesState.getRoles().entrySet()) {
            String key = entry.getKey();
            Set<String> value = entry.getValue();
            boolean contains = fallbackEnabledRoles.contains(key);
            Integer num = Flags.crossUserRoleEnabled() ? activeUserIds.get(key) : null;
            xmlSerializer.startTag(null, TAG_ROLE);
            xmlSerializer.attribute(null, ATTRIBUTE_NAME, key);
            xmlSerializer.attribute(null, ATTRIBUTE_FALLBACK_ENABLED, Boolean.toString(contains));
            if (num != null) {
                xmlSerializer.attribute(null, ATTRIBUTE_ACTIVE_USER_ID, Integer.toString(num.intValue()));
            }
            serializeRoleHolders(xmlSerializer, value);
            xmlSerializer.endTag(null, TAG_ROLE);
        }
        xmlSerializer.endTag(null, TAG_ROLES);
    }

    private static void serializeRoleHolders(@NonNull XmlSerializer xmlSerializer, @NonNull Set<String> set) throws IOException {
        for (String str : set) {
            xmlSerializer.startTag(null, TAG_HOLDER);
            xmlSerializer.attribute(null, ATTRIBUTE_NAME, str);
            xmlSerializer.endTag(null, TAG_HOLDER);
        }
    }

    @Override // com.android.role.persistence.RolesPersistence
    public void deleteForUser(@NonNull UserHandle userHandle) {
        getFile(userHandle).delete();
        getReserveCopyFile(userHandle).delete();
    }

    @NonNull
    @VisibleForTesting
    static File getFile(@NonNull UserHandle userHandle) {
        return new File(ApexEnvironment.getApexEnvironment(APEX_MODULE_NAME).getDeviceProtectedDataDirForUser(userHandle), ROLES_FILE_NAME);
    }

    @NonNull
    private static File getReserveCopyFile(@NonNull UserHandle userHandle) {
        return new File(ApexEnvironment.getApexEnvironment(APEX_MODULE_NAME).getDeviceProtectedDataDirForUser(userHandle), ROLES_RESERVE_COPY_FILE_NAME);
    }
}
