package com.android.server.security;

import android.content.Context;
import android.os.Bundle;
import android.os.IBinder;
import android.os.ParcelDuration;
import android.os.RemoteException;
import android.security.attestationverification.AttestationProfile;
import android.security.attestationverification.IAttestationVerificationManagerService;
import android.security.attestationverification.IVerificationResult;
import android.security.attestationverification.VerificationToken;
import android.text.TextUtils;
import android.util.ExceptionUtils;
import android.util.IndentingPrintWriter;
import android.util.Slog;
import android.util.TimeUtils;
import com.android.internal.infra.AndroidFuture;
import com.android.internal.util.DumpUtils;
import com.android.server.SystemService;
import java.io.FileDescriptor;
import java.io.PrintWriter;
import java.util.ArrayDeque;

/* loaded from: classes2.dex */
public class AttestationVerificationManagerService extends SystemService {
    public final DumpLogger mDumpLogger;
    public final AttestationVerificationPeerDeviceVerifier mPeerDeviceVerifier;
    public final IBinder mService;

    /* loaded from: classes2.dex */
    public abstract class DumpData {
        public int mEventNumber = -1;
        public long mEventTimeMs = -1;

        public abstract void dumpTo(IndentingPrintWriter indentingPrintWriter);
    }

    /* loaded from: classes2.dex */
    public class DumpLogger {
        public final ArrayDeque mData = new ArrayDeque(10);
        public int mEventsLogged = 0;

        public void dumpTo(IndentingPrintWriter indentingPrintWriter) {
            synchronized (this.mData) {
                try {
                    for (DumpData dumpData : this.mData.reversed()) {
                        indentingPrintWriter.println(TextUtils.formatSimple("Verification #%d [%s]", new Object[]{Integer.valueOf(dumpData.mEventNumber), TimeUtils.formatForLogging(dumpData.mEventTimeMs)}));
                        indentingPrintWriter.increaseIndent();
                        dumpData.dumpTo(indentingPrintWriter);
                        indentingPrintWriter.decreaseIndent();
                    }
                } catch (Throwable th) {
                    throw th;
                }
            }
        }

        public void logAttempt(DumpData dumpData) {
            synchronized (this.mData) {
                try {
                    if (this.mData.size() == 10) {
                        this.mData.removeFirst();
                    }
                    this.mEventsLogged++;
                    dumpData.mEventNumber = this.mEventsLogged;
                    dumpData.mEventTimeMs = System.currentTimeMillis();
                    this.mData.add(dumpData);
                } catch (Throwable th) {
                    throw th;
                }
            }
        }
    }

    public AttestationVerificationManagerService(Context context) throws Exception {
        super(context);
        this.mDumpLogger = new DumpLogger();
        this.mService = new IAttestationVerificationManagerService.Stub() { // from class: com.android.server.security.AttestationVerificationManagerService.1
            public void dump(FileDescriptor fileDescriptor, PrintWriter printWriter, String[] strArr) {
                if (DumpUtils.checkDumpAndUsageStatsPermission(AttestationVerificationManagerService.this.getContext(), "AVF", printWriter)) {
                    IndentingPrintWriter indentingPrintWriter = new IndentingPrintWriter(printWriter, "    ");
                    indentingPrintWriter.print("AttestationVerificationManagerService");
                    indentingPrintWriter.println();
                    indentingPrintWriter.increaseIndent();
                    indentingPrintWriter.println("Event Log:");
                    indentingPrintWriter.increaseIndent();
                    AttestationVerificationManagerService.this.mDumpLogger.dumpTo(indentingPrintWriter);
                    indentingPrintWriter.decreaseIndent();
                }
            }

            public final void enforceUsePermission() {
                AttestationVerificationManagerService.this.getContext().enforceCallingOrSelfPermission("android.permission.USE_ATTESTATION_VERIFICATION_SERVICE", null);
            }

            public void verifyAttestation(AttestationProfile attestationProfile, int i, Bundle bundle, byte[] bArr, AndroidFuture androidFuture) {
                enforceUsePermission();
                try {
                    Slog.d("AVF", "verifyAttestation");
                    try {
                        AttestationVerificationManagerService.this.verifyAttestationForAllVerifiers(attestationProfile, i, bundle, bArr, androidFuture);
                    } catch (Throwable th) {
                        th = th;
                        Throwable th2 = th;
                        Slog.e("AVF", "failed to verify attestation", th2);
                        throw ExceptionUtils.propagate(th2, RemoteException.class);
                    }
                } catch (Throwable th3) {
                    th = th3;
                }
            }

            public void verifyToken(VerificationToken verificationToken, ParcelDuration parcelDuration, AndroidFuture androidFuture) {
                enforceUsePermission();
                throw new UnsupportedOperationException();
            }
        };
        this.mPeerDeviceVerifier = new AttestationVerificationPeerDeviceVerifier(context, this.mDumpLogger);
    }

    @Override // com.android.server.SystemService
    public void onStart() {
        Slog.d("AVF", "Started");
        publishBinderService("attestation_verification", this.mService);
    }

    public final void verifyAttestationForAllVerifiers(AttestationProfile attestationProfile, int i, Bundle bundle, byte[] bArr, AndroidFuture androidFuture) {
        IVerificationResult iVerificationResult = new IVerificationResult();
        iVerificationResult.token = null;
        int attestationProfileId = attestationProfile.getAttestationProfileId();
        switch (attestationProfileId) {
            case 2:
                Slog.d("AVF", "Verifying Self Trusted profile.");
                try {
                    iVerificationResult.resultCode = AttestationVerificationSelfTrustedVerifierForTesting.getInstance().verifyAttestation(i, bundle, bArr);
                    break;
                } catch (Throwable th) {
                    iVerificationResult.resultCode = 4;
                    break;
                }
            case 3:
                Slog.d("AVF", "Verifying Peer Device profile.");
                iVerificationResult.resultCode = this.mPeerDeviceVerifier.verifyAttestation(i, bundle, bArr);
                break;
            default:
                Slog.e("AVF", "Profile [" + attestationProfileId + "] is not supported.");
                iVerificationResult.resultCode = 2;
                break;
        }
        androidFuture.complete(iVerificationResult);
    }
}
