package android.os;

import android.Manifest;
import android.app.backup.FullBackup;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.util.Log;
import gov.nist.core.Separators;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.RandomAccessFile;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.zip.ZipEntry;
import java.util.zip.ZipFile;
import org.apache.harmony.security.asn1.BerInputStream;
import org.apache.harmony.security.pkcs7.ContentInfo;
import org.apache.harmony.security.pkcs7.SignedData;
import org.apache.harmony.security.pkcs7.SignerInfo;
import org.apache.harmony.security.provider.cert.X509CertImpl;

/* loaded from: input_file:android/os/RecoverySystem.class */
public class RecoverySystem {
    private static final String TAG = "RecoverySystem";
    private static final long PUBLISH_PROGRESS_INTERVAL_MS = 500;
    private static final File DEFAULT_KEYSTORE = new File("/system/etc/security/otacerts.zip");
    private static File RECOVERY_DIR = new File("/cache/recovery");
    private static File COMMAND_FILE = new File(RECOVERY_DIR, "command");
    private static File LOG_FILE = new File(RECOVERY_DIR, "log");
    private static String LAST_PREFIX = "last_";
    private static int LOG_FILE_MAX_LENGTH = 65536;

    /* loaded from: input_file:android/os/RecoverySystem$ProgressListener.class */
    public interface ProgressListener {
        void onProgress(int i);
    }

    private static HashSet<Certificate> getTrustedCerts(File file) throws IOException, GeneralSecurityException {
        HashSet<Certificate> hashSet = new HashSet<>();
        if (file == null) {
            file = DEFAULT_KEYSTORE;
        }
        ZipFile zipFile = new ZipFile(file);
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            Enumeration<? extends ZipEntry> entries = zipFile.entries();
            while (entries.hasMoreElements()) {
                InputStream inputStream = zipFile.getInputStream(entries.nextElement());
                try {
                    hashSet.add(certificateFactory.generateCertificate(inputStream));
                    inputStream.close();
                } finally {
                }
            }
            return hashSet;
        } finally {
            zipFile.close();
        }
    }

    public static void verifyPackage(File file, ProgressListener progressListener, File file2) throws IOException, GeneralSecurityException {
        long length = file.length();
        RandomAccessFile randomAccessFile = new RandomAccessFile(file, FullBackup.ROOT_TREE_TOKEN);
        try {
            int i = 0;
            long currentTimeMillis = System.currentTimeMillis();
            if (progressListener != null) {
                progressListener.onProgress(0);
            }
            randomAccessFile.seek(length - 6);
            byte[] bArr = new byte[6];
            randomAccessFile.readFully(bArr);
            if (bArr[2] != -1 || bArr[3] != -1) {
                throw new SignatureException("no signature in file (no footer)");
            }
            int i2 = (bArr[4] & 255) | ((bArr[5] & 255) << 8);
            int i3 = (bArr[0] & 255) | ((bArr[1] & 255) << 8);
            byte[] bArr2 = new byte[i2 + 22];
            randomAccessFile.seek(length - (i2 + 22));
            randomAccessFile.readFully(bArr2);
            if (bArr2[0] != 80 || bArr2[1] != 75 || bArr2[2] != 5 || bArr2[3] != 6) {
                throw new SignatureException("no signature in file (bad footer)");
            }
            for (int i4 = 4; i4 < bArr2.length - 3; i4++) {
                if (bArr2[i4] == 80 && bArr2[i4 + 1] == 75 && bArr2[i4 + 2] == 5 && bArr2[i4 + 3] == 6) {
                    throw new SignatureException("EOCD marker found after start of EOCD");
                }
            }
            SignedData signedData = ((ContentInfo) ContentInfo.ASN1.decode(new BerInputStream(new ByteArrayInputStream(bArr2, (i2 + 22) - i3, i3)))).getSignedData();
            if (signedData == null) {
                throw new IOException("signedData is null");
            }
            List<org.apache.harmony.security.x509.Certificate> certificates = signedData.getCertificates();
            if (certificates.isEmpty()) {
                throw new IOException("encCerts is empty");
            }
            Iterator<org.apache.harmony.security.x509.Certificate> it = certificates.iterator();
            if (!it.hasNext()) {
                throw new SignatureException("signature contains no certificates");
            }
            X509CertImpl x509CertImpl = new X509CertImpl(it.next());
            List<SignerInfo> signerInfos = signedData.getSignerInfos();
            if (signerInfos.isEmpty()) {
                throw new IOException("no signer infos!");
            }
            SignerInfo signerInfo = signerInfos.get(0);
            HashSet<Certificate> trustedCerts = getTrustedCerts(file2 == null ? DEFAULT_KEYSTORE : file2);
            PublicKey publicKey = x509CertImpl.getPublicKey();
            boolean z = false;
            Iterator<Certificate> it2 = trustedCerts.iterator();
            while (true) {
                if (it2.hasNext()) {
                    if (it2.next().getPublicKey().equals(publicKey)) {
                        z = true;
                        break;
                    }
                } else {
                    break;
                }
            }
            if (!z) {
                throw new SignatureException("signature doesn't match any trusted key");
            }
            String digestAlgorithm = signerInfo.getDigestAlgorithm();
            String digestEncryptionAlgorithm = signerInfo.getDigestEncryptionAlgorithm();
            Signature signature = Signature.getInstance((digestAlgorithm == null || digestEncryptionAlgorithm == null) ? x509CertImpl.getSigAlgName() : digestAlgorithm + "with" + digestEncryptionAlgorithm);
            signature.initVerify(x509CertImpl);
            long j = (length - i2) - 2;
            long j2 = 0;
            randomAccessFile.seek(0L);
            byte[] bArr3 = new byte[4096];
            boolean z2 = false;
            while (j2 < j) {
                z2 = Thread.interrupted();
                if (z2) {
                    break;
                }
                int length2 = bArr3.length;
                if (j2 + length2 > j) {
                    length2 = (int) (j - j2);
                }
                int read = randomAccessFile.read(bArr3, 0, length2);
                signature.update(bArr3, 0, read);
                j2 += read;
                if (progressListener != null) {
                    long currentTimeMillis2 = System.currentTimeMillis();
                    int i5 = (int) ((j2 * 100) / j);
                    if (i5 > i && currentTimeMillis2 - currentTimeMillis > PUBLISH_PROGRESS_INTERVAL_MS) {
                        i = i5;
                        currentTimeMillis = currentTimeMillis2;
                        progressListener.onProgress(i);
                    }
                }
            }
            if (progressListener != null) {
                progressListener.onProgress(100);
            }
            if (z2) {
                throw new SignatureException("verification was interrupted");
            }
            if (!signature.verify(signerInfo.getEncryptedDigest())) {
                throw new SignatureException("signature digest verification failed");
            }
        } finally {
            randomAccessFile.close();
        }
    }

    public static void installPackage(Context context, File file) throws IOException {
        String canonicalPath = file.getCanonicalPath();
        Log.w(TAG, "!!! REBOOTING TO INSTALL " + canonicalPath + " !!!");
        bootCommand(context, "--update_package=" + canonicalPath);
    }

    public static void rebootWipeUserData(Context context) throws IOException {
        final ConditionVariable conditionVariable = new ConditionVariable();
        context.sendOrderedBroadcast(new Intent("android.intent.action.MASTER_CLEAR_NOTIFICATION"), Manifest.permission.MASTER_CLEAR, new BroadcastReceiver() { // from class: android.os.RecoverySystem.1
            @Override // android.content.BroadcastReceiver
            public void onReceive(Context context2, Intent intent) {
                ConditionVariable.this.open();
            }
        }, null, 0, null, null);
        conditionVariable.block();
        bootCommand(context, "--wipe_data");
    }

    public static void rebootWipeCache(Context context) throws IOException {
        bootCommand(context, "--wipe_cache");
    }

    private static void bootCommand(Context context, String str) throws IOException {
        RECOVERY_DIR.mkdirs();
        COMMAND_FILE.delete();
        LOG_FILE.delete();
        FileWriter fileWriter = new FileWriter(COMMAND_FILE);
        try {
            fileWriter.write(str);
            fileWriter.write(Separators.RETURN);
            fileWriter.close();
            ((PowerManager) context.getSystemService(Context.POWER_SERVICE)).reboot("recovery");
            throw new IOException("Reboot failed (no permissions?)");
        } catch (Throwable th) {
            fileWriter.close();
            throw th;
        }
    }

    public static String handleAftermath() {
        String str = null;
        try {
            str = FileUtils.readTextFile(LOG_FILE, -LOG_FILE_MAX_LENGTH, "...\n");
        } catch (FileNotFoundException e) {
            Log.i(TAG, "No recovery log file");
        } catch (IOException e2) {
            Log.e(TAG, "Error reading recovery log", e2);
        }
        String[] list = RECOVERY_DIR.list();
        for (int i = 0; list != null && i < list.length; i++) {
            if (!list[i].startsWith(LAST_PREFIX)) {
                File file = new File(RECOVERY_DIR, list[i]);
                if (file.delete()) {
                    Log.i(TAG, "Deleted: " + file);
                } else {
                    Log.e(TAG, "Can't delete: " + file);
                }
            }
        }
        return str;
    }

    private void RecoverySystem() {
    }
}
