package android.security;

import android.os.Binder;
import android.os.RemoteException;
import android.os.ServiceManager;
import android.os.ServiceSpecificException;
import android.security.keymaster.KeymasterDefs;
import android.system.keystore2.IKeystoreService;
import android.system.keystore2.KeyDescriptor;
import android.system.keystore2.KeyEntryResponse;
import android.util.Log;
import java.util.Calendar;

/* loaded from: classes3.dex */
public class KeyStore2 {
    private static final String KEYSTORE2_SERVICE_NAME = "android.system.keystore2.IKeystoreService/default";
    private static final String KEYSTORE_ENGINE_GRANT_ALIAS_PREFIX = "ks2_keystore-engine_grant_id:0x";
    static final long KEYSTORE_OPERATION_CREATION_MAY_FAIL = 169897160;
    private static final int RECOVERY_GRACE_PERIOD_MS = 50;
    private static final String TAG = "KeyStore";
    private IKeystoreService mBinder = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    @FunctionalInterface
    /* loaded from: classes3.dex */
    public interface CheckedRemoteRequest<R> {
        R execute(IKeystoreService iKeystoreService) throws RemoteException;
    }

    private KeyStore2() {
    }

    public static KeyStore2 getInstance() {
        return new KeyStore2();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyStoreException getKeyStoreException(int i, String str) {
        if (i <= 0) {
            switch (i) {
                case -16:
                    return new KeyStoreException(i, "Invalid user authentication validity duration", str);
                default:
                    return new KeyStoreException(i, KeymasterDefs.getErrorMessage(i), str);
            }
        }
        switch (i) {
            case 2:
                return new KeyStoreException(i, "User authentication required", str);
            case 3:
                return new KeyStoreException(i, "Keystore not initialized", str);
            case 4:
                return new KeyStoreException(i, "System error", str);
            case 6:
                return new KeyStoreException(i, "Permission denied", str);
            case 7:
                return new KeyStoreException(i, "Key not found", str);
            case 8:
                return new KeyStoreException(i, "Key blob corrupted", str);
            case 17:
                return new KeyStoreException(i, "Key permanently invalidated", str);
            case 22:
                return new KeyStoreException(i, str, 1);
            default:
                return new KeyStoreException(i, String.valueOf(i), str);
        }
    }

    private synchronized IKeystoreService getService(boolean z) {
        if (this.mBinder == null || z) {
            IKeystoreService asInterface = IKeystoreService.Stub.asInterface(ServiceManager.getService(KEYSTORE2_SERVICE_NAME));
            this.mBinder = asInterface;
            Binder.allowBlocking(asInterface.asBinder());
        }
        return this.mBinder;
    }

    private <R> R handleRemoteExceptionWithRetry(CheckedRemoteRequest<R> checkedRemoteRequest) throws KeyStoreException {
        IKeystoreService service = getService(false);
        boolean z = true;
        while (true) {
            try {
                return checkedRemoteRequest.execute(service);
            } catch (RemoteException e) {
                if (!z) {
                    Log.e(TAG, "Cannot connect to Keystore daemon.", e);
                    throw new KeyStoreException(4, "", e.getMessage());
                }
                Log.w(TAG, "Looks like we may have lost connection to the Keystore daemon.");
                Log.w(TAG, "Retrying after giving Keystore 50ms to recover.");
                interruptedPreservingSleep(50L);
                service = getService(true);
                z = false;
            } catch (ServiceSpecificException e2) {
                throw getKeyStoreException(e2.errorCode, e2.getMessage());
            }
        }
    }

    protected static void interruptedPreservingSleep(long j) {
        boolean z = false;
        Calendar calendar = Calendar.getInstance();
        while (true) {
            try {
                Thread.sleep((calendar.getTimeInMillis() + j) - calendar.getTimeInMillis());
                break;
            } catch (IllegalArgumentException e) {
            } catch (InterruptedException e2) {
                z = true;
            }
        }
        if (z) {
            Thread.currentThread().interrupt();
        }
    }

    public static KeyDescriptor keystoreEngineGrantString2KeyDescriptor(String str) {
        KeyDescriptor keyDescriptor = new KeyDescriptor();
        keyDescriptor.domain = 1;
        keyDescriptor.nspace = Long.parseUnsignedLong(str.substring(KEYSTORE_ENGINE_GRANT_ALIAS_PREFIX.length()), 16);
        keyDescriptor.alias = null;
        keyDescriptor.blob = null;
        return keyDescriptor;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ Integer lambda$delete$0(KeyDescriptor keyDescriptor, IKeystoreService iKeystoreService) throws RemoteException {
        iKeystoreService.deleteKey(keyDescriptor);
        return 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ Integer lambda$deleteKey$7(KeyDescriptor keyDescriptor, IKeystoreService iKeystoreService) throws RemoteException {
        iKeystoreService.deleteKey(keyDescriptor);
        return 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ KeyStoreSecurityLevel lambda$getSecurityLevel$5(int i, IKeystoreService iKeystoreService) throws RemoteException {
        return new KeyStoreSecurityLevel(iKeystoreService.getSecurityLevel(i));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ Integer lambda$ungrant$3(KeyDescriptor keyDescriptor, int i, IKeystoreService iKeystoreService) throws RemoteException {
        iKeystoreService.ungrant(keyDescriptor, i);
        return 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ Integer lambda$updateSubcomponents$6(KeyDescriptor keyDescriptor, byte[] bArr, byte[] bArr2, IKeystoreService iKeystoreService) throws RemoteException {
        iKeystoreService.updateSubcomponent(keyDescriptor, bArr, bArr2);
        return 0;
    }

    public static String makeKeystoreEngineGrantString(long j) {
        return String.format("%s%016X", KEYSTORE_ENGINE_GRANT_ALIAS_PREFIX, Long.valueOf(j));
    }

    void delete(final KeyDescriptor keyDescriptor) throws KeyStoreException {
        handleRemoteExceptionWithRetry(new CheckedRemoteRequest() { // from class: android.security.KeyStore2$$ExternalSyntheticLambda6
            @Override // android.security.KeyStore2.CheckedRemoteRequest
            public final Object execute(IKeystoreService iKeystoreService) {
                return KeyStore2.lambda$delete$0(KeyDescriptor.this, iKeystoreService);
            }
        });
    }

    public void deleteKey(final KeyDescriptor keyDescriptor) throws KeyStoreException {
        handleRemoteExceptionWithRetry(new CheckedRemoteRequest() { // from class: android.security.KeyStore2$$ExternalSyntheticLambda0
            @Override // android.security.KeyStore2.CheckedRemoteRequest
            public final Object execute(IKeystoreService iKeystoreService) {
                return KeyStore2.lambda$deleteKey$7(KeyDescriptor.this, iKeystoreService);
            }
        });
    }

    public KeyEntryResponse getKeyEntry(final KeyDescriptor keyDescriptor) throws KeyStoreException {
        return (KeyEntryResponse) handleRemoteExceptionWithRetry(new CheckedRemoteRequest() { // from class: android.security.KeyStore2$$ExternalSyntheticLambda3
            @Override // android.security.KeyStore2.CheckedRemoteRequest
            public final Object execute(IKeystoreService iKeystoreService) {
                KeyEntryResponse keyEntry;
                keyEntry = iKeystoreService.getKeyEntry(KeyDescriptor.this);
                return keyEntry;
            }
        });
    }

    public KeyStoreSecurityLevel getSecurityLevel(final int i) throws KeyStoreException {
        return (KeyStoreSecurityLevel) handleRemoteExceptionWithRetry(new CheckedRemoteRequest() { // from class: android.security.KeyStore2$$ExternalSyntheticLambda1
            @Override // android.security.KeyStore2.CheckedRemoteRequest
            public final Object execute(IKeystoreService iKeystoreService) {
                return KeyStore2.lambda$getSecurityLevel$5(i, iKeystoreService);
            }
        });
    }

    public KeyDescriptor grant(final KeyDescriptor keyDescriptor, final int i, final int i2) throws KeyStoreException {
        return (KeyDescriptor) handleRemoteExceptionWithRetry(new CheckedRemoteRequest() { // from class: android.security.KeyStore2$$ExternalSyntheticLambda5
            @Override // android.security.KeyStore2.CheckedRemoteRequest
            public final Object execute(IKeystoreService iKeystoreService) {
                KeyDescriptor grant;
                grant = iKeystoreService.grant(KeyDescriptor.this, i, i2);
                return grant;
            }
        });
    }

    public KeyDescriptor[] list(final int i, final long j) throws KeyStoreException {
        return (KeyDescriptor[]) handleRemoteExceptionWithRetry(new CheckedRemoteRequest() { // from class: android.security.KeyStore2$$ExternalSyntheticLambda2
            @Override // android.security.KeyStore2.CheckedRemoteRequest
            public final Object execute(IKeystoreService iKeystoreService) {
                KeyDescriptor[] listEntries;
                listEntries = iKeystoreService.listEntries(i, j);
                return listEntries;
            }
        });
    }

    public void ungrant(final KeyDescriptor keyDescriptor, final int i) throws KeyStoreException {
        handleRemoteExceptionWithRetry(new CheckedRemoteRequest() { // from class: android.security.KeyStore2$$ExternalSyntheticLambda4
            @Override // android.security.KeyStore2.CheckedRemoteRequest
            public final Object execute(IKeystoreService iKeystoreService) {
                return KeyStore2.lambda$ungrant$3(KeyDescriptor.this, i, iKeystoreService);
            }
        });
    }

    public void updateSubcomponents(final KeyDescriptor keyDescriptor, final byte[] bArr, final byte[] bArr2) throws KeyStoreException {
        handleRemoteExceptionWithRetry(new CheckedRemoteRequest() { // from class: android.security.KeyStore2$$ExternalSyntheticLambda7
            @Override // android.security.KeyStore2.CheckedRemoteRequest
            public final Object execute(IKeystoreService iKeystoreService) {
                return KeyStore2.lambda$updateSubcomponents$6(KeyDescriptor.this, bArr, bArr2, iKeystoreService);
            }
        });
    }
}
