package com.android.tools.lint.checks;

import com.android.tools.lint.client.api.JavaEvaluator;
import com.android.tools.lint.detector.api.Category;
import com.android.tools.lint.detector.api.ConstantEvaluator;
import com.android.tools.lint.detector.api.Detector;
import com.android.tools.lint.detector.api.Implementation;
import com.android.tools.lint.detector.api.Issue;
import com.android.tools.lint.detector.api.JavaContext;
import com.android.tools.lint.detector.api.Scope;
import com.android.tools.lint.detector.api.Severity;
import com.android.tools.lint.detector.api.TypeEvaluator;
import com.intellij.psi.JavaElementVisitor;
import com.intellij.psi.PsiElement;
import com.intellij.psi.PsiMethod;
import com.intellij.psi.PsiMethodCallExpression;
import com.intellij.psi.PsiType;
import java.util.Collections;
import java.util.List;

/* loaded from: input_file:com/android/tools/lint/checks/SecureRandomDetector.class */
public class SecureRandomDetector extends Detector implements Detector.JavaPsiScanner {
    public static final Issue ISSUE = Issue.create("SecureRandom", "Using a fixed seed with `SecureRandom`", "Specifying a fixed seed will cause the instance to return a predictable sequence of numbers. This may be useful for testing but it is not appropriate for secure use.", Category.SECURITY, 9, Severity.WARNING, new Implementation(SecureRandomDetector.class, Scope.JAVA_FILE_SCOPE)).addMoreInfo("http://developer.android.com/reference/java/security/SecureRandom.html");
    private static final String SET_SEED = "setSeed";
    public static final String JAVA_SECURITY_SECURE_RANDOM = "java.security.SecureRandom";
    public static final String JAVA_UTIL_RANDOM = "java.util.Random";

    public List<String> getApplicableMethodNames() {
        return Collections.singletonList(SET_SEED);
    }

    public void visitMethod(JavaContext javaContext, JavaElementVisitor javaElementVisitor, PsiMethodCallExpression psiMethodCallExpression, PsiMethod psiMethod) {
        PsiElement[] expressions = psiMethodCallExpression.getArgumentList().getExpressions();
        if (expressions.length == 0) {
            return;
        }
        PsiElement psiElement = expressions[0];
        JavaEvaluator evaluator = javaContext.getEvaluator();
        if (evaluator.isMemberInClass(psiMethod, JAVA_SECURITY_SECURE_RANDOM) || (evaluator.isMemberInSubClassOf(psiMethod, JAVA_UTIL_RANDOM, false) && isSecureRandomReceiver(javaContext, psiMethodCallExpression))) {
            if (ConstantEvaluator.evaluate(javaContext, psiElement) != null) {
                javaContext.report(ISSUE, psiMethodCallExpression, javaContext.getLocation(psiMethodCallExpression), "Do not call `setSeed()` on a `SecureRandom` with a fixed seed: it is not secure. Use `getSeed()`.");
                return;
            }
            PsiMethod resolve = evaluator.resolve(psiElement);
            if (resolve instanceof PsiMethod) {
                String name = resolve.getName();
                if (name.equals("currentTimeMillis") || name.equals("nanoTime")) {
                    javaContext.report(ISSUE, psiMethodCallExpression, javaContext.getLocation(psiMethodCallExpression), "It is dangerous to seed `SecureRandom` with the current time because that value is more predictable to an attacker than the default seed.");
                }
            }
        }
    }

    private static boolean isSecureRandomReceiver(JavaContext javaContext, PsiMethodCallExpression psiMethodCallExpression) {
        PsiElement qualifier = psiMethodCallExpression.getMethodExpression().getQualifier();
        return qualifier != null && isSecureRandomType(javaContext, qualifier);
    }

    private static boolean isSecureRandomType(JavaContext javaContext, PsiElement psiElement) {
        PsiType evaluate = TypeEvaluator.evaluate(javaContext, psiElement);
        return evaluate != null && JAVA_SECURITY_SECURE_RANDOM.equals(evaluate.getCanonicalText());
    }
}
