package com.xiaomi.trustservice.remoteservice.eventhandle;

import android.content.ComponentName;
import android.content.Intent;
import android.content.ServiceConnection;
import android.os.IBinder;
import android.os.RemoteException;
import android.os.SystemProperties;
import android.util.ArrayMap;
import android.util.Slog;
import com.android.keyguard.crossendsunlock.ISystemUIRemoteAuth;
import com.android.keyguard.crossendsunlock.ISystemUIRemoteAuthCheckCallback;
import com.xiaomi.trustservice.IMiRemoteAuthCallback;
import com.xiaomi.trustservice.IMiRemoteAuthUICallback;
import com.xiaomi.trustservice.common.CommHandle;
import com.xiaomi.trustservice.remoteservice.locksettings.LockSettingsUtils;
import com.xiaomi.trustservice.toolclass.dataFormat;
import com.xiaomi.trustservice.toolclass.toolClass;
import com.xiaomi.xms.authconnect.Constants;
import java.lang.reflect.InvocationTargetException;
import java.util.Map;
import java.util.Timer;
import java.util.TimerTask;
import org.json.JSONException;
import org.json.JSONObject;
import vendor.xiaomi.hardware.mrm.IMrmRemoteAuth;

/* loaded from: classes.dex */
public class authEventHandle {
    private static final String TAG = "MiTrustService/authEventHandle";
    private static final int UITimeout = 20000;
    private static final int authTimeout = 5000;
    private static final int commTimeout = 3000;
    private static authEventHandle instance;
    private static int stage;
    private int complexity;
    private int credentialType;
    private JSONObject metrics;
    private IMiRemoteAuthCallback miRemoteAuthCallback;
    private String packageName;
    private String paraB;
    private long timeStamp = 0;
    private IMrmRemoteAuth AuthService = null;
    private ISystemUIRemoteAuth systemUIService = null;
    private final Object remoteAuthLock = new Object();
    private String remoteDevice = null;
    private int mode = 0;
    private Map<String, IMiRemoteAuthUICallback> UICallbackMap = new ArrayMap();
    private ServiceConnection conn = new ServiceConnection() { // from class: com.xiaomi.trustservice.remoteservice.eventhandle.authEventHandle.1
        @Override // android.content.ServiceConnection
        public void onServiceConnected(ComponentName componentName, IBinder iBinder) {
            Slog.d(authEventHandle.TAG, "connect to system UI service");
            authEventHandle.this.systemUIService = ISystemUIRemoteAuth.Stub.asInterface(iBinder);
        }

        @Override // android.content.ServiceConnection
        public void onServiceDisconnected(ComponentName componentName) {
            Slog.d(authEventHandle.TAG, "system UI service disconnect");
            authEventHandle.this.systemUIService = null;
        }
    };
    private ISystemUIRemoteAuthCheckCallback systemUICallback = new ISystemUIRemoteAuthCheckCallback.Stub() { // from class: com.xiaomi.trustservice.remoteservice.eventhandle.authEventHandle.2
        @Override // com.android.keyguard.crossendsunlock.ISystemUIRemoteAuthCheckCallback
        public void onCheckResult(int i) throws RemoteException {
            authEventHandle.this.miRemoteAuthCallback.onCheckResult(i);
            try {
                authEventHandle.this.returnResultMessage((byte) i);
                synchronized (authEventHandle.this.remoteAuthLock) {
                    try {
                        if (i == 0) {
                            authEventHandle.this.setStageState(0, 0L, null);
                        } else if (i == 1 && authEventHandle.this.remoteDevice != null) {
                            authEventHandle.this.setStageState(3, System.currentTimeMillis(), authEventHandle.this.remoteDevice);
                        }
                    } catch (Throwable th) {
                        throw th;
                    }
                }
            } catch (JSONException unused) {
                Slog.d(authEventHandle.TAG, "JSON error");
            }
        }
    };

    private void exchangePubkeyA(CommHandle commHandle, String str) throws JSONException {
        dataFormat dataformat;
        if (initAuthService()) {
            try {
                dataformat = toolClass.separateErrorCode(this.AuthService.generate_remotepassword_para_as_a(toolClass.toBytes(str)));
            } catch (RemoteException unused) {
                Slog.d(TAG, "call generate_remotepassword_para_as_a failed");
                this.AuthService = null;
                dataformat = null;
            }
            if (dataformat == null || dataformat.errorCode != 0) {
                Slog.d(TAG, "generate paraA failed");
                sendAuthError(this.remoteDevice, commHandle, 15);
                setStageState(0, 0L, null);
            } else {
                JSONObject jSONObject = new JSONObject();
                jSONObject.put("event_name", 2);
                jSONObject.put("paraA", toolClass.toHexString(dataformat.data));
                commHandle.send(this.remoteDevice, jSONObject.toString());
            }
        }
    }

    private void exchangePubkeyB(CommHandle commHandle, String str) throws RemoteException, JSONException {
        dataFormat dataformat;
        if (initAuthService()) {
            try {
                dataformat = toolClass.separateErrorCode(this.AuthService.generate_remotepassword_para_as_b(toolClass.toBytes(str)));
            } catch (RemoteException unused) {
                Slog.d(TAG, "call generate_remotepassword_para_as_b failed");
                this.AuthService = null;
                dataformat = null;
            }
            if (dataformat == null || dataformat.errorCode != 0) {
                Slog.d(TAG, "generate para B failed");
                sendAuthError(this.remoteDevice, commHandle, 15);
                setStageState(0, 0L, null);
                this.miRemoteAuthCallback.onCancel(14);
                return;
            }
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("event_name", 3);
            jSONObject.put("paraB", toolClass.toHexString(dataformat.data));
            commHandle.send(this.remoteDevice, jSONObject.toString());
        }
    }

    private byte finishRemoteAuth(CommHandle commHandle, String str) throws RemoteException {
        if (!initAuthService()) {
            return (byte) 3;
        }
        byte b = this.AuthService.get_auth_result(toolClass.toBytes(str));
        Slog.d(TAG, toolClass.toHexString(new byte[]{b}));
        if (b < 10) {
            return b;
        }
        return (byte) 3;
    }

    public static authEventHandle getInstance() {
        if (instance == null) {
            instance = new authEventHandle();
        }
        return instance;
    }

    private boolean initAuthService() {
        if (this.AuthService == null) {
            Slog.d(TAG, "try init ImrmRemoteAuth Service");
            try {
                Class<?> cls = Class.forName("android.os.ServiceManager");
                this.AuthService = IMrmRemoteAuth.Stub.asInterface((IBinder) cls.getDeclaredMethod("waitForService", String.class).invoke(cls, "vendor.xiaomi.hardware.mrm.IMrmRemoteAuth/default"));
            } catch (ClassNotFoundException | IllegalAccessException | NoSuchMethodException | InvocationTargetException e) {
                Slog.e(TAG, "initService error" + e);
            }
        }
        if (this.AuthService != null) {
            return true;
        }
        Slog.d(TAG, "failed to get mrmd service");
        return false;
    }

    private void initSystemUIService() {
        if (this.systemUIService == null) {
            Slog.d(TAG, "try init SystemUI Service");
            Intent intent = new Intent("miui.intent.action.CROSS_ENDS_UNLOCK");
            intent.setPackage("com.android.systemui");
            CommHandle.instance.getContext().bindService(intent, this.conn, 1);
        }
    }

    private boolean resetStageState(long j) {
        int i = stage;
        return i != 1 ? (i == 2 || i == 3) ? j - this.timeStamp > 20000 : !(i == 4 || i == 5) || j - this.timeStamp > 5000 : j - this.timeStamp > 3000;
    }

    private byte returnResult(String str, CommHandle commHandle) throws RemoteException, JSONException, InterruptedException {
        if (!initAuthService()) {
            return (byte) 3;
        }
        dataFormat separateErrorCode = toolClass.separateErrorCode(this.AuthService.get_user_password(toolClass.toBytes(str)));
        if (separateErrorCode == null || separateErrorCode.errorCode != 0) {
            Slog.d(TAG, "get_user_password failed");
            sendAuthError(this.remoteDevice, commHandle, 15);
            setStageState(0, 0L, null);
            return (byte) 3;
        }
        LockSettingsUtils lockSettingsUtils = new LockSettingsUtils(commHandle.getContext());
        if (this.mode != 1 || this.systemUIService == null) {
            byte doVerify = lockSettingsUtils.doVerify(lockSettingsUtils.StringtoCredential(lockSettingsUtils.getLockSettingsType(), new String(separateErrorCode.data)));
            this.miRemoteAuthCallback.onCheckResult(doVerify);
            return returnResultMessage(doVerify);
        }
        Slog.d(TAG, "try call system UI");
        this.systemUIService.checkRemotePassword(separateErrorCode.data, lockSettingsUtils.getLockSettingsType(), this.systemUICallback);
        return (byte) 4;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public byte returnResultMessage(byte b) throws JSONException {
        dataFormat dataformat;
        try {
            dataformat = toolClass.separateErrorCode(this.AuthService.generate_rsp_blob(b));
        } catch (RemoteException unused) {
            Slog.d(TAG, "call generate_rsp_blob failed");
            this.AuthService = null;
            dataformat = null;
        }
        if (dataformat == null || dataformat.errorCode != 0) {
            Slog.d(TAG, "generate rsp_blob failed");
            sendAuthError(this.remoteDevice, CommHandle.instance, 15);
            setStageState(0, 0L, null);
            return (byte) 3;
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("event_name", 5);
        jSONObject.put("rspBlob", toolClass.toHexString(dataformat.data));
        jSONObject.put(Constants.PARAM_PACKAGE_NAME, this.packageName);
        if (isLocked()) {
            jSONObject.put("islocked", "true");
        } else {
            jSONObject.put("islocked", "false");
        }
        CommHandle.instance.send(this.remoteDevice, jSONObject.toString());
        if (isLocked()) {
            setStageState(0, 0L, null);
        }
        return b;
    }

    private boolean samePackageAndDevice(String str, String str2) {
        String str3;
        String str4 = this.packageName;
        return str4 != null && str4.equals(str) && (str3 = this.remoteDevice) != null && str3.equals(str2);
    }

    private void sendAuthError(String str, CommHandle commHandle, int i) {
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("event_name", stage);
            jSONObject.put("error_code", i);
        } catch (JSONException unused) {
            Slog.d(TAG, "sendAuthError JSON error");
        }
        commHandle.send(str, jSONObject.toString());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setStageState(int i, long j, String str) {
        stage = i;
        this.timeStamp = j;
        this.remoteDevice = str;
    }

    public void cancel(String str, CommHandle commHandle) {
        synchronized (this.remoteAuthLock) {
            if (str != null) {
                sendAuthError(str, commHandle, 11);
            }
            setStageState(0, 0L, null);
        }
    }

    public void checkPassword(byte[] bArr, CommHandle commHandle, String str) throws RemoteException {
        dataFormat dataformat;
        if (initAuthService()) {
            if (this.paraB == null || this.remoteDevice == null) {
                Slog.d(TAG, "paraB or remoteDevice is null");
                if (this.UICallbackMap.containsKey(str)) {
                    this.UICallbackMap.get(str).onResult(3);
                    return;
                }
                return;
            }
            LockSettingsUtils lockSettingsUtils = new LockSettingsUtils(commHandle.getContext());
            if (!lockSettingsUtils.checkInvalid(lockSettingsUtils.StringtoCredential(this.credentialType, new String(bArr)), this.metrics, this.complexity)) {
                Slog.d(TAG, "password is invalid");
                if (this.UICallbackMap.containsKey(str)) {
                    this.UICallbackMap.get(str).onResult(1);
                    return;
                }
                return;
            }
            try {
                dataformat = toolClass.separateErrorCode(this.AuthService.generate_auth_blob(toolClass.toBytes(this.paraB), bArr));
            } catch (RemoteException unused) {
                Slog.d(TAG, "call generate_auth_blob failed");
                this.AuthService = null;
                dataformat = null;
            }
            if (dataformat == null || dataformat.errorCode != 0) {
                Slog.d(TAG, "generate generate_auth_blob failed");
                sendAuthError(this.remoteDevice, commHandle, 15);
                setStageState(0, 0L, null);
            } else {
                JSONObject jSONObject = new JSONObject();
                try {
                    jSONObject.put("event_name", 4);
                    jSONObject.put("authBlob", toolClass.toHexString(dataformat.data));
                } catch (JSONException unused2) {
                    Slog.d(TAG, "checkPassword JSON error");
                }
                commHandle.send(this.remoteDevice, jSONObject.toString());
            }
        }
    }

    public void handleRemoteAuth(JSONObject jSONObject, String str, CommHandle commHandle) throws JSONException, RemoteException {
        int i;
        Slog.d(TAG, "handleRemoteAuth");
        synchronized (this.remoteAuthLock) {
            if (jSONObject.has("error_code")) {
                Slog.d(TAG, "remote device error:" + jSONObject.getInt("error_code"));
                IMiRemoteAuthCallback iMiRemoteAuthCallback = this.miRemoteAuthCallback;
                if (iMiRemoteAuthCallback != null && ((i = stage) == 1 || i == 3)) {
                    iMiRemoteAuthCallback.onCancel(jSONObject.getInt("error_code"));
                }
                setStageState(0, 0L, null);
                return;
            }
            long currentTimeMillis = System.currentTimeMillis();
            int i2 = jSONObject.getInt("event_name");
            if (i2 != 1) {
                String str2 = this.remoteDevice;
                if (str2 != null) {
                    if (!str2.equals(str)) {
                    }
                }
                sendAuthError(str, commHandle, 15);
                return;
            }
            if (!resetStageState(currentTimeMillis) && !samePackageAndDevice(jSONObject.getString(Constants.PARAM_PACKAGE_NAME), str)) {
                sendAuthError(str, commHandle, 15);
                return;
            }
            setStageState(0, currentTimeMillis, str);
            int i3 = stage;
            if (i3 == 0) {
                Slog.d(TAG, "eventName.INITIAL_STATE");
                if (i2 == 1) {
                    setStageState(2, currentTimeMillis, str);
                    this.packageName = jSONObject.getString(Constants.PARAM_PACKAGE_NAME);
                    this.complexity = jSONObject.getInt("complexity");
                    this.metrics = jSONObject.getJSONObject("metrics");
                    this.credentialType = jSONObject.getInt("credential_type");
                    if (!this.UICallbackMap.containsKey(this.packageName)) {
                        Slog.d(TAG, this.packageName + " has not register UI");
                        setStageState(0, 0L, null);
                        sendAuthError(str, commHandle, 15);
                        return;
                    }
                    try {
                        if (jSONObject.getString("islocked").equals("true") && this.credentialType >= 0) {
                            Slog.d(TAG, "remote devcie is locked");
                            this.UICallbackMap.get(this.packageName).onResult(2);
                            setStageState(0, 0L, null);
                            return;
                        }
                        this.UICallbackMap.get(this.packageName).onShowAuthInputUI(jSONObject.getInt("credential_type"), jSONObject.getInt("credential_lenth"));
                        exchangePubkeyA(commHandle, jSONObject.getString("challenge"));
                    } catch (RemoteException unused) {
                        Slog.d(TAG, "show ui failed");
                        setStageState(0, 0L, null);
                        sendAuthError(str, commHandle, 15);
                        return;
                    }
                }
                return;
            }
            if (i3 == 1) {
                Slog.d(TAG, "eventName.START_REMOTE_AUTH");
                if (i2 == 2) {
                    setStageState(3, currentTimeMillis, str);
                    exchangePubkeyB(commHandle, jSONObject.getString("paraA"));
                }
            } else if (i3 == 2) {
                Slog.d(TAG, "eventName.EXCHANGE_PUBKEY_A");
                if (i2 == 3) {
                    setStageState(4, currentTimeMillis, str);
                    this.paraB = jSONObject.getString("paraB");
                }
            } else if (i3 == 3) {
                Slog.d(TAG, "eventName.EXCHANGE_PUBKEY_B");
                if (i2 == 4) {
                    setStageState(5, currentTimeMillis, str);
                    try {
                        byte returnResult = returnResult(jSONObject.getString("authBlob"), commHandle);
                        if (returnResult == 0) {
                            setStageState(0, 0L, null);
                        } else if (returnResult == 1) {
                            setStageState(3, currentTimeMillis, str);
                        }
                    } catch (InterruptedException e) {
                        Slog.d(TAG, e.toString());
                    }
                }
            } else if (i3 != 4) {
                Slog.e(TAG, "invalid event name");
            } else {
                Slog.d(TAG, "eventName.CHECK_PASSWORD");
                if (i2 == 5) {
                    if (jSONObject.getString("islocked").equals("true")) {
                        Slog.d(TAG, "remote device is locked");
                        if (this.UICallbackMap.containsKey(this.packageName)) {
                            this.UICallbackMap.get(this.packageName).onResult(2);
                        }
                        setStageState(0, 0L, null);
                        return;
                    }
                    byte finishRemoteAuth = finishRemoteAuth(commHandle, jSONObject.getString("rspBlob"));
                    if (this.UICallbackMap.containsKey(this.packageName)) {
                        this.UICallbackMap.get(this.packageName).onResult(finishRemoteAuth);
                    }
                    if (finishRemoteAuth == 0) {
                        setStageState(0, 0L, null);
                    } else if (finishRemoteAuth == 1) {
                        setStageState(4, currentTimeMillis, str);
                    }
                }
            }
            return;
        }
    }

    public boolean isLocked() {
        String str = SystemProperties.get("sys.locksettings.remoteauth.enable", "false");
        Slog.d(TAG, str);
        return !str.equals("true");
    }

    public void registerUICallback(String str, IMiRemoteAuthUICallback iMiRemoteAuthUICallback) {
        this.UICallbackMap.put(str, iMiRemoteAuthUICallback);
    }

    public void startRemoteAuth(String str, String str2, CommHandle commHandle, IMiRemoteAuthCallback iMiRemoteAuthCallback, int i) throws RemoteException {
        dataFormat dataformat;
        synchronized (this.remoteAuthLock) {
            if (this.systemUIService == null) {
                initSystemUIService();
            }
            long currentTimeMillis = System.currentTimeMillis();
            if (!resetStageState(currentTimeMillis) && !samePackageAndDevice(str, str2)) {
                iMiRemoteAuthCallback.onCancel(12);
                return;
            }
            this.mode = i;
            setStageState(1, currentTimeMillis, str2);
            this.miRemoteAuthCallback = iMiRemoteAuthCallback;
            this.packageName = str;
            this.remoteDevice = str2;
            if (!initAuthService()) {
                Slog.d(TAG, "init auth ca failed");
                setStageState(0, 0L, null);
                this.miRemoteAuthCallback.onCancel(14);
                return;
            }
            try {
                dataformat = toolClass.separateErrorCode(this.AuthService.generate_challenge_as_b());
            } catch (RemoteException unused) {
                Slog.d(TAG, "call generate_challenge_as_b failed");
                this.AuthService = null;
                dataformat = null;
            }
            if (dataformat == null || dataformat.errorCode != 0) {
                Slog.d(TAG, "generate challenge B failed");
                setStageState(0, 0L, null);
                this.miRemoteAuthCallback.onCancel(14);
                return;
            }
            LockSettingsUtils lockSettingsUtils = new LockSettingsUtils(commHandle.getContext());
            boolean isLocked = isLocked();
            JSONObject jSONObject = new JSONObject();
            try {
                jSONObject.put("event_name", 1);
                jSONObject.put("challenge", toolClass.toHexString(dataformat.data));
                jSONObject.put(Constants.PARAM_PACKAGE_NAME, str);
                jSONObject.put("credential_type", lockSettingsUtils.getLockSettingsType());
                jSONObject.put("credential_lenth", lockSettingsUtils.getPinLength());
                if (isLocked) {
                    jSONObject.put("islocked", "true");
                } else {
                    jSONObject.put("islocked", "false");
                }
                jSONObject.put("complexity", lockSettingsUtils.GetrequiredComplexity());
                jSONObject.put("metrics", lockSettingsUtils.GetrequiredMetrics());
            } catch (JSONException unused2) {
                Slog.d(TAG, "startRemoteAuth JSON error");
            }
            commHandle.send(str2, jSONObject.toString());
            if (!isLocked) {
                new Timer().schedule(new TimerTask() { // from class: com.xiaomi.trustservice.remoteservice.eventhandle.authEventHandle.3
                    @Override // java.util.TimerTask, java.lang.Runnable
                    public void run() {
                        synchronized (authEventHandle.this.remoteAuthLock) {
                            if (authEventHandle.stage == 1) {
                                Slog.d(authEventHandle.TAG, "remote device timeout");
                                authEventHandle.this.setStageState(0, 0L, null);
                                try {
                                    authEventHandle.this.miRemoteAuthCallback.onCancel(15);
                                } catch (RemoteException unused3) {
                                    Slog.d(authEventHandle.TAG, "callback error");
                                }
                            }
                        }
                    }
                }, 5000L);
            } else {
                iMiRemoteAuthCallback.onCheckResult(2);
                setStageState(0, 0L, null);
            }
        }
    }

    public void unBindSystemUIService() {
        if (this.systemUIService != null) {
            CommHandle.instance.getContext().unbindService(this.conn);
        }
        instance = null;
    }
}
