package com.android.permission.persistence;

import android.content.ApexEnvironment;
import android.os.FileUtils;
import android.os.UserHandle;
import android.util.ArrayMap;
import android.util.AtomicFile;
import android.util.Log;
import android.util.Xml;
import com.android.permission.jarjar.com.android.modules.utils.build.SdkLevel;
import com.android.permission.persistence.RuntimePermissionsState;
import com.android.server.security.FileIntegrity;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.xmlpull.v1.XmlPullParser;
import org.xmlpull.v1.XmlSerializer;

/* loaded from: classes.dex */
public class RuntimePermissionsPersistenceImpl implements RuntimePermissionsPersistence {
    private static final String LOG_TAG = RuntimePermissionsPersistenceImpl.class.getSimpleName();
    private final Injector mInjector;

    /* loaded from: classes.dex */
    interface Injector {
        void enableFsVerity(File file);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RuntimePermissionsPersistenceImpl() {
        this(new Injector() { // from class: com.android.permission.persistence.RuntimePermissionsPersistenceImpl$$ExternalSyntheticLambda0
            @Override // com.android.permission.persistence.RuntimePermissionsPersistenceImpl.Injector
            public final void enableFsVerity(File file) {
                RuntimePermissionsPersistenceImpl.lambda$new$0(file);
            }
        });
    }

    RuntimePermissionsPersistenceImpl(Injector injector) {
        this.mInjector = injector;
    }

    static File getFile(UserHandle userHandle) {
        return new File(ApexEnvironment.getApexEnvironment("com.android.permission").getDeviceProtectedDataDirForUser(userHandle), "runtime-permissions.xml");
    }

    private static File getReserveCopyFile(UserHandle userHandle) {
        return new File(ApexEnvironment.getApexEnvironment("com.android.permission").getDeviceProtectedDataDirForUser(userHandle), "runtime-permissions.xml.reservecopy");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ void lambda$new$0(File file) {
        if (SdkLevel.isAtLeastU()) {
            FileIntegrity.setUpFsVerity(file);
        }
    }

    private static List parsePermissions(XmlPullParser xmlPullParser) {
        int depth;
        ArrayList arrayList = new ArrayList();
        int depth2 = xmlPullParser.getDepth() + 1;
        while (true) {
            int next = xmlPullParser.next();
            if (next == 1 || ((depth = xmlPullParser.getDepth()) < depth2 && next == 3)) {
                break;
            }
            if (depth <= depth2 && next == 2 && xmlPullParser.getName().equals("permission")) {
                arrayList.add(new RuntimePermissionsState.PermissionState(xmlPullParser.getAttributeValue(null, "name"), Boolean.parseBoolean(xmlPullParser.getAttributeValue(null, "granted")), Integer.parseInt(xmlPullParser.getAttributeValue(null, "flags"), 16)));
            }
        }
        return arrayList;
    }

    private static RuntimePermissionsState parseRuntimePermissions(XmlPullParser xmlPullParser) {
        int depth;
        boolean z;
        String attributeValue = xmlPullParser.getAttributeValue(null, "version");
        int parseInt = attributeValue != null ? Integer.parseInt(attributeValue) : -1;
        String attributeValue2 = xmlPullParser.getAttributeValue(null, "fingerprint");
        ArrayMap arrayMap = new ArrayMap();
        ArrayMap arrayMap2 = new ArrayMap();
        int depth2 = xmlPullParser.getDepth() + 1;
        while (true) {
            int next = xmlPullParser.next();
            if (next != 1 && ((depth = xmlPullParser.getDepth()) >= depth2 || next != 3)) {
                if (depth <= depth2 && next == 2) {
                    String name = xmlPullParser.getName();
                    switch (name.hashCode()) {
                        case -807062458:
                            if (name.equals("package")) {
                                z = false;
                                break;
                            }
                            break;
                        case 485578803:
                            if (name.equals("shared-user")) {
                                z = true;
                                break;
                            }
                            break;
                    }
                    z = -1;
                    switch (z) {
                        case false:
                            arrayMap.put(xmlPullParser.getAttributeValue(null, "name"), parsePermissions(xmlPullParser));
                            break;
                        case true:
                            arrayMap2.put(xmlPullParser.getAttributeValue(null, "name"), parsePermissions(xmlPullParser));
                            break;
                    }
                }
            }
        }
        return new RuntimePermissionsState(parseInt, attributeValue2, arrayMap, arrayMap2);
    }

    private static RuntimePermissionsState parseXml(XmlPullParser xmlPullParser) {
        int depth;
        int depth2 = xmlPullParser.getDepth() + 1;
        while (true) {
            int next = xmlPullParser.next();
            if (next == 1 || ((depth = xmlPullParser.getDepth()) < depth2 && next == 3)) {
                break;
            }
            if (depth <= depth2 && next == 2 && xmlPullParser.getName().equals("runtime-permissions")) {
                return parseRuntimePermissions(xmlPullParser);
            }
        }
        throw new IllegalStateException("Missing <runtime-permissions> in runtime-permissions.xml");
    }

    private static void serializePermissions(XmlSerializer xmlSerializer, List list) {
        int size = list.size();
        for (int i = 0; i < size; i++) {
            RuntimePermissionsState.PermissionState permissionState = (RuntimePermissionsState.PermissionState) list.get(i);
            xmlSerializer.startTag(null, "permission");
            xmlSerializer.attribute(null, "name", permissionState.getName());
            xmlSerializer.attribute(null, "granted", Boolean.toString(permissionState.isGranted() && (permissionState.getFlags() & 65536) == 0));
            xmlSerializer.attribute(null, "flags", Integer.toHexString(permissionState.getFlags()));
            xmlSerializer.endTag(null, "permission");
        }
    }

    private static void serializeRuntimePermissions(XmlSerializer xmlSerializer, RuntimePermissionsState runtimePermissionsState) {
        xmlSerializer.startTag(null, "runtime-permissions");
        xmlSerializer.attribute(null, "version", Integer.toString(runtimePermissionsState.getVersion()));
        String fingerprint = runtimePermissionsState.getFingerprint();
        if (fingerprint != null) {
            xmlSerializer.attribute(null, "fingerprint", fingerprint);
        }
        for (Map.Entry entry : runtimePermissionsState.getPackagePermissions().entrySet()) {
            String str = (String) entry.getKey();
            List list = (List) entry.getValue();
            xmlSerializer.startTag(null, "package");
            xmlSerializer.attribute(null, "name", str);
            serializePermissions(xmlSerializer, list);
            xmlSerializer.endTag(null, "package");
        }
        for (Map.Entry entry2 : runtimePermissionsState.getSharedUserPermissions().entrySet()) {
            String str2 = (String) entry2.getKey();
            List list2 = (List) entry2.getValue();
            xmlSerializer.startTag(null, "shared-user");
            xmlSerializer.attribute(null, "name", str2);
            serializePermissions(xmlSerializer, list2);
            xmlSerializer.endTag(null, "shared-user");
        }
        xmlSerializer.endTag(null, "runtime-permissions");
    }

    @Override // com.android.permission.persistence.RuntimePermissionsPersistence
    public void deleteForUser(UserHandle userHandle) {
        getFile(userHandle).delete();
        getReserveCopyFile(userHandle).delete();
    }

    @Override // com.android.permission.persistence.RuntimePermissionsPersistence
    public RuntimePermissionsState readForUser(UserHandle userHandle) {
        File file = getFile(userHandle);
        try {
            FileInputStream openRead = new AtomicFile(file).openRead();
            try {
                XmlPullParser newPullParser = Xml.newPullParser();
                newPullParser.setInput(openRead, null);
                RuntimePermissionsState parseXml = parseXml(newPullParser);
                if (openRead != null) {
                    openRead.close();
                }
                return parseXml;
            } catch (Throwable th) {
                if (openRead != null) {
                    try {
                        openRead.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (FileNotFoundException e) {
            Log.i(LOG_TAG, "runtime-permissions.xml not found");
            return null;
        } catch (Exception e2) {
            File reserveCopyFile = getReserveCopyFile(userHandle);
            Log.wtf(LOG_TAG, "Reading from reserve copy: " + reserveCopyFile, e2);
            try {
                FileInputStream openRead2 = new AtomicFile(reserveCopyFile).openRead();
                try {
                    XmlPullParser newPullParser2 = Xml.newPullParser();
                    newPullParser2.setInput(openRead2, null);
                    RuntimePermissionsState parseXml2 = parseXml(newPullParser2);
                    if (openRead2 != null) {
                        openRead2.close();
                    }
                    return parseXml2;
                } finally {
                }
            } catch (Exception e3) {
                Log.e(LOG_TAG, "Failed to read reserve copy: " + reserveCopyFile, e3);
                throw new IllegalStateException("Failed to read runtime-permissions.xml: " + file, e2);
            }
        }
    }

    @Override // com.android.permission.persistence.RuntimePermissionsPersistence
    public void writeForUser(RuntimePermissionsState runtimePermissionsState, UserHandle userHandle) {
        File file = getFile(userHandle);
        AtomicFile atomicFile = new AtomicFile(file);
        FileOutputStream fileOutputStream = null;
        try {
            try {
                fileOutputStream = atomicFile.startWrite();
                XmlSerializer newSerializer = Xml.newSerializer();
                newSerializer.setOutput(fileOutputStream, StandardCharsets.UTF_8.name());
                newSerializer.startDocument(null, true);
                serializeRuntimePermissions(newSerializer, runtimePermissionsState);
                newSerializer.endDocument();
                atomicFile.finishWrite(fileOutputStream);
                IoUtils.closeQuietly(fileOutputStream);
                File reserveCopyFile = getReserveCopyFile(userHandle);
                reserveCopyFile.delete();
                try {
                    FileInputStream fileInputStream = new FileInputStream(file);
                    try {
                        FileOutputStream fileOutputStream2 = new FileOutputStream(reserveCopyFile);
                        try {
                            FileUtils.copy(fileInputStream, fileOutputStream2);
                            fileOutputStream2.getFD().sync();
                            fileOutputStream2.close();
                            fileInputStream.close();
                        } finally {
                        }
                    } catch (Throwable th) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                        throw th;
                    }
                } catch (Exception e) {
                    Log.e(LOG_TAG, "Failed to write reserve copy: " + reserveCopyFile, e);
                }
                try {
                    this.mInjector.enableFsVerity(file);
                    this.mInjector.enableFsVerity(reserveCopyFile);
                } catch (Exception e2) {
                    Log.e(LOG_TAG, "Failed to verity-protect runtime-permissions", e2);
                }
            } catch (Throwable th3) {
                IoUtils.closeQuietly(fileOutputStream);
                throw th3;
            }
        } catch (Exception e3) {
            Log.wtf(LOG_TAG, "Failed to write runtime-permissions.xml, restoring backup: " + file, e3);
            atomicFile.failWrite(fileOutputStream);
            IoUtils.closeQuietly(fileOutputStream);
        }
    }
}
