package com.android.server.security;

import android.annotation.NonNull;
import android.annotation.Nullable;
import android.content.Context;
import android.os.Bundle;
import android.os.IBinder;
import android.os.ParcelDuration;
import android.os.RemoteException;
import android.security.Flags;
import android.security.attestationverification.AttestationProfile;
import android.security.attestationverification.IAttestationVerificationManagerService;
import android.security.attestationverification.IVerificationResult;
import android.security.attestationverification.VerificationToken;
import android.text.TextUtils;
import android.util.ExceptionUtils;
import android.util.IndentingPrintWriter;
import android.util.Slog;
import android.util.TimeUtils;
import com.android.internal.infra.AndroidFuture;
import com.android.internal.util.DumpUtils;
import com.android.server.SystemService;
import java.io.FileDescriptor;
import java.io.PrintWriter;
import java.util.ArrayDeque;

/* loaded from: input_file:com/android/server/security/AttestationVerificationManagerService.class */
public class AttestationVerificationManagerService extends SystemService {
    private static final String TAG = "AVF";
    private static final int DUMP_EVENT_LOG_SIZE = 10;
    private final AttestationVerificationPeerDeviceVerifier mPeerDeviceVerifier;
    private final DumpLogger mDumpLogger;
    private final IBinder mService;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/android/server/security/AttestationVerificationManagerService$DumpData.class */
    public static abstract class DumpData {
        protected int mEventNumber = -1;
        protected long mEventTimeMs = -1;

        abstract void dumpTo(IndentingPrintWriter indentingPrintWriter);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/android/server/security/AttestationVerificationManagerService$DumpLogger.class */
    public static class DumpLogger {
        private final ArrayDeque<DumpData> mData = new ArrayDeque<>(10);
        private int mEventsLogged = 0;

        DumpLogger() {
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public void logAttempt(DumpData dumpData) {
            synchronized (this.mData) {
                if (this.mData.size() == 10) {
                    this.mData.removeFirst();
                }
                this.mEventsLogged++;
                dumpData.mEventNumber = this.mEventsLogged;
                dumpData.mEventTimeMs = System.currentTimeMillis();
                this.mData.add(dumpData);
            }
        }

        void dumpTo(IndentingPrintWriter indentingPrintWriter) {
            synchronized (this.mData) {
                for (DumpData dumpData : this.mData.reversed()) {
                    indentingPrintWriter.println(TextUtils.formatSimple("Verification #%d [%s]", Integer.valueOf(dumpData.mEventNumber), TimeUtils.formatForLogging(dumpData.mEventTimeMs)));
                    indentingPrintWriter.increaseIndent();
                    dumpData.dumpTo(indentingPrintWriter);
                    indentingPrintWriter.decreaseIndent();
                }
            }
        }
    }

    public AttestationVerificationManagerService(Context context) throws Exception {
        super(context);
        this.mDumpLogger = new DumpLogger();
        this.mService = new IAttestationVerificationManagerService.Stub() { // from class: com.android.server.security.AttestationVerificationManagerService.1
            @Override // android.security.attestationverification.IAttestationVerificationManagerService
            public void verifyAttestation(AttestationProfile attestationProfile, int i, Bundle bundle, byte[] bArr, AndroidFuture androidFuture) throws RemoteException {
                enforceUsePermission();
                try {
                    Slog.d(AttestationVerificationManagerService.TAG, "verifyAttestation");
                    AttestationVerificationManagerService.this.verifyAttestationForAllVerifiers(attestationProfile, i, bundle, bArr, androidFuture);
                } catch (Throwable th) {
                    Slog.e(AttestationVerificationManagerService.TAG, "failed to verify attestation", th);
                    throw ExceptionUtils.propagate(th, RemoteException.class);
                }
            }

            @Override // android.security.attestationverification.IAttestationVerificationManagerService
            public void verifyToken(VerificationToken verificationToken, ParcelDuration parcelDuration, AndroidFuture androidFuture) throws RemoteException {
                enforceUsePermission();
                androidFuture.complete(0);
            }

            private void enforceUsePermission() {
                AttestationVerificationManagerService.this.getContext().enforceCallingOrSelfPermission("android.permission.USE_ATTESTATION_VERIFICATION_SERVICE", null);
            }

            /* JADX INFO: Access modifiers changed from: protected */
            @Override // android.os.Binder
            public void dump(@NonNull FileDescriptor fileDescriptor, @NonNull PrintWriter printWriter, @Nullable String[] strArr) {
                if (!Flags.dumpAttestationVerifications()) {
                    super.dump(fileDescriptor, printWriter, strArr);
                    return;
                }
                if (DumpUtils.checkDumpAndUsageStatsPermission(AttestationVerificationManagerService.this.getContext(), AttestationVerificationManagerService.TAG, printWriter)) {
                    IndentingPrintWriter indentingPrintWriter = new IndentingPrintWriter(printWriter, "    ");
                    indentingPrintWriter.print("AttestationVerificationManagerService");
                    indentingPrintWriter.println();
                    indentingPrintWriter.increaseIndent();
                    indentingPrintWriter.println("Event Log:");
                    indentingPrintWriter.increaseIndent();
                    AttestationVerificationManagerService.this.mDumpLogger.dumpTo(indentingPrintWriter);
                    indentingPrintWriter.decreaseIndent();
                }
            }
        };
        this.mPeerDeviceVerifier = new AttestationVerificationPeerDeviceVerifier(context, this.mDumpLogger);
    }

    private void verifyAttestationForAllVerifiers(AttestationProfile attestationProfile, int i, Bundle bundle, byte[] bArr, AndroidFuture<IVerificationResult> androidFuture) {
        IVerificationResult iVerificationResult = new IVerificationResult();
        iVerificationResult.token = null;
        switch (attestationProfile.getAttestationProfileId()) {
            case 2:
                Slog.d(TAG, "Verifying Self Trusted profile.");
                try {
                    iVerificationResult.resultCode = AttestationVerificationSelfTrustedVerifierForTesting.getInstance().verifyAttestation(i, bundle, bArr);
                    break;
                } catch (Throwable th) {
                    iVerificationResult.resultCode = 2;
                    break;
                }
            case 3:
                Slog.d(TAG, "Verifying Peer Device profile.");
                iVerificationResult.resultCode = this.mPeerDeviceVerifier.verifyAttestation(i, bundle, bArr);
                break;
            default:
                Slog.d(TAG, "No profile found, defaulting.");
                iVerificationResult.resultCode = 0;
                break;
        }
        androidFuture.complete(iVerificationResult);
    }

    @Override // com.android.server.SystemService
    public void onStart() {
        Slog.d(TAG, "Started");
        publishBinderService("attestation_verification", this.mService);
    }
}
