package com.android.server;

import android.Manifest;
import android.content.BroadcastReceiver;
import android.content.ContentResolver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.pm.UserInfo;
import android.database.sqlite.SQLiteDatabase;
import android.net.wifi.WifiEnterpriseConfig;
import android.os.Binder;
import android.os.IBinder;
import android.os.RemoteException;
import android.os.ServiceManager;
import android.os.SystemProperties;
import android.os.UserHandle;
import android.os.UserManager;
import android.os.storage.IMountService;
import android.provider.Settings;
import android.security.KeyStore;
import android.text.TextUtils;
import android.util.Slog;
import com.android.internal.widget.ILockSettings;
import com.android.internal.widget.LockPatternUtils;
import com.android.server.LockSettingsStorage;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;

/* loaded from: input_file:com/android/server/LockSettingsService.class */
public class LockSettingsService extends ILockSettings.Stub {
    private static final String PERMISSION = "android.permission.ACCESS_KEYGUARD_SECURE_STORAGE";
    private static final String TAG = "LockSettingsService";
    private final Context mContext;
    private final LockSettingsStorage mStorage;
    private LockPatternUtils mLockPatternUtils;
    private static final String[] VALID_SETTINGS = {LockPatternUtils.LOCKOUT_PERMANENT_KEY, LockPatternUtils.LOCKOUT_ATTEMPT_DEADLINE, LockPatternUtils.PATTERN_EVER_CHOSEN_KEY, LockPatternUtils.PASSWORD_TYPE_KEY, LockPatternUtils.PASSWORD_TYPE_ALTERNATE_KEY, LockPatternUtils.LOCK_PASSWORD_SALT_KEY, "lockscreen.disabled", LockPatternUtils.LOCKSCREEN_OPTIONS, LockPatternUtils.LOCKSCREEN_BIOMETRIC_WEAK_FALLBACK, LockPatternUtils.BIOMETRIC_WEAK_EVER_CHOSEN_KEY, LockPatternUtils.LOCKSCREEN_POWER_BUTTON_INSTANTLY_LOCKS, LockPatternUtils.PASSWORD_HISTORY_KEY, "lock_pattern_autolock", Settings.Secure.LOCK_BIOMETRIC_WEAK_FLAGS, "lock_pattern_visible_pattern", "lock_pattern_tactile_feedback_enabled"};
    private static final String[] READ_PROFILE_PROTECTED_SETTINGS = {Settings.Secure.LOCK_SCREEN_OWNER_INFO_ENABLED, Settings.Secure.LOCK_SCREEN_OWNER_INFO};
    private final BroadcastReceiver mBroadcastReceiver = new BroadcastReceiver() { // from class: com.android.server.LockSettingsService.2
        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            if (!Intent.ACTION_USER_ADDED.equals(intent.getAction())) {
                if (Intent.ACTION_USER_STARTING.equals(intent.getAction())) {
                    LockSettingsService.this.mStorage.prefetchUser(intent.getIntExtra(Intent.EXTRA_USER_HANDLE, 0));
                    return;
                }
                return;
            }
            int intExtra = intent.getIntExtra(Intent.EXTRA_USER_HANDLE, 0);
            int uid = UserHandle.getUid(intExtra, 1000);
            KeyStore keyStore = KeyStore.getInstance();
            keyStore.resetUid(uid);
            UserInfo profileParent = ((UserManager) LockSettingsService.this.mContext.getSystemService("user")).getProfileParent(intExtra);
            if (profileParent != null) {
                keyStore.syncUid(UserHandle.getUid(profileParent.id, 1000), uid);
            }
        }
    };
    private boolean mFirstCallToVold = true;

    public LockSettingsService(Context context) {
        this.mContext = context;
        this.mLockPatternUtils = new LockPatternUtils(context);
        IntentFilter intentFilter = new IntentFilter();
        intentFilter.addAction(Intent.ACTION_USER_ADDED);
        intentFilter.addAction(Intent.ACTION_USER_STARTING);
        this.mContext.registerReceiverAsUser(this.mBroadcastReceiver, UserHandle.ALL, intentFilter, null, null);
        this.mStorage = new LockSettingsStorage(context, new LockSettingsStorage.Callback() { // from class: com.android.server.LockSettingsService.1
            @Override // com.android.server.LockSettingsStorage.Callback
            public void initialize(SQLiteDatabase sQLiteDatabase) {
                if (SystemProperties.getBoolean("ro.lockscreen.disable.default", false)) {
                    LockSettingsService.this.mStorage.writeKeyValue(sQLiteDatabase, "lockscreen.disabled", WifiEnterpriseConfig.ENGINE_ENABLE, 0);
                }
            }
        });
    }

    public void systemReady() {
        migrateOldData();
        this.mStorage.prefetchUser(0);
    }

    private void migrateOldData() {
        try {
            if (getString("migrated", null, 0) == null) {
                ContentResolver contentResolver = this.mContext.getContentResolver();
                for (String str : VALID_SETTINGS) {
                    String string = Settings.Secure.getString(contentResolver, str);
                    if (string != null) {
                        setString(str, string, 0);
                    }
                }
                setString("migrated", "true", 0);
                Slog.i(TAG, "Migrated lock settings to new location");
            }
            if (getString("migrated_user_specific", null, 0) == null) {
                UserManager userManager = (UserManager) this.mContext.getSystemService("user");
                ContentResolver contentResolver2 = this.mContext.getContentResolver();
                List<UserInfo> users = userManager.getUsers();
                for (int i = 0; i < users.size(); i++) {
                    int i2 = users.get(i).id;
                    String stringForUser = Settings.Secure.getStringForUser(contentResolver2, Settings.Secure.LOCK_SCREEN_OWNER_INFO, i2);
                    if (stringForUser != null) {
                        setString(Settings.Secure.LOCK_SCREEN_OWNER_INFO, stringForUser, i2);
                        Settings.Secure.putStringForUser(contentResolver2, stringForUser, "", i2);
                    }
                    try {
                        setLong(Settings.Secure.LOCK_SCREEN_OWNER_INFO_ENABLED, Settings.Secure.getIntForUser(contentResolver2, Settings.Secure.LOCK_SCREEN_OWNER_INFO_ENABLED, i2) != 0 ? 1L : 0L, i2);
                    } catch (Settings.SettingNotFoundException e) {
                        if (!TextUtils.isEmpty(stringForUser)) {
                            setLong(Settings.Secure.LOCK_SCREEN_OWNER_INFO_ENABLED, 1L, i2);
                        }
                    }
                    Settings.Secure.putIntForUser(contentResolver2, Settings.Secure.LOCK_SCREEN_OWNER_INFO_ENABLED, 0, i2);
                }
                setString("migrated_user_specific", "true", 0);
                Slog.i(TAG, "Migrated per-user lock settings to new location");
            }
        } catch (RemoteException e2) {
            Slog.e(TAG, "Unable to migrate old data", e2);
        }
    }

    private final void checkWritePermission(int i) {
        this.mContext.enforceCallingOrSelfPermission("android.permission.ACCESS_KEYGUARD_SECURE_STORAGE", "LockSettingsWrite");
    }

    private final void checkPasswordReadPermission(int i) {
        this.mContext.enforceCallingOrSelfPermission("android.permission.ACCESS_KEYGUARD_SECURE_STORAGE", "LockSettingsRead");
    }

    private final void checkReadPermission(String str, int i) {
        int callingUid = Binder.getCallingUid();
        for (int i2 = 0; i2 < READ_PROFILE_PROTECTED_SETTINGS.length; i2++) {
            if (READ_PROFILE_PROTECTED_SETTINGS[i2].equals(str) && this.mContext.checkCallingOrSelfPermission(Manifest.permission.READ_PROFILE) != 0) {
                throw new SecurityException("uid=" + callingUid + " needs permission " + Manifest.permission.READ_PROFILE + " to read " + str + " for user " + i);
            }
        }
    }

    @Override // com.android.internal.widget.ILockSettings
    public void setBoolean(String str, boolean z, int i) throws RemoteException {
        checkWritePermission(i);
        setStringUnchecked(str, i, z ? WifiEnterpriseConfig.ENGINE_ENABLE : WifiEnterpriseConfig.ENGINE_DISABLE);
    }

    @Override // com.android.internal.widget.ILockSettings
    public void setLong(String str, long j, int i) throws RemoteException {
        checkWritePermission(i);
        setStringUnchecked(str, i, Long.toString(j));
    }

    @Override // com.android.internal.widget.ILockSettings
    public void setString(String str, String str2, int i) throws RemoteException {
        checkWritePermission(i);
        setStringUnchecked(str, i, str2);
    }

    private void setStringUnchecked(String str, int i, String str2) {
        this.mStorage.writeKeyValue(str, str2, i);
    }

    @Override // com.android.internal.widget.ILockSettings
    public boolean getBoolean(String str, boolean z, int i) throws RemoteException {
        checkReadPermission(str, i);
        String readKeyValue = this.mStorage.readKeyValue(str, null, i);
        return TextUtils.isEmpty(readKeyValue) ? z : readKeyValue.equals(WifiEnterpriseConfig.ENGINE_ENABLE) || readKeyValue.equals("true");
    }

    @Override // com.android.internal.widget.ILockSettings
    public long getLong(String str, long j, int i) throws RemoteException {
        checkReadPermission(str, i);
        String readKeyValue = this.mStorage.readKeyValue(str, null, i);
        return TextUtils.isEmpty(readKeyValue) ? j : Long.parseLong(readKeyValue);
    }

    @Override // com.android.internal.widget.ILockSettings
    public String getString(String str, String str2, int i) throws RemoteException {
        checkReadPermission(str, i);
        return this.mStorage.readKeyValue(str, str2, i);
    }

    @Override // com.android.internal.widget.ILockSettings
    public boolean havePassword(int i) throws RemoteException {
        return this.mStorage.hasPassword(i);
    }

    @Override // com.android.internal.widget.ILockSettings
    public boolean havePattern(int i) throws RemoteException {
        return this.mStorage.hasPattern(i);
    }

    private void maybeUpdateKeystore(String str, int i) {
        UserManager userManager = (UserManager) this.mContext.getSystemService("user");
        KeyStore keyStore = KeyStore.getInstance();
        List<UserInfo> profiles = userManager.getProfiles(i);
        boolean isEmpty = TextUtils.isEmpty(str);
        if (i == 0 && profiles.size() == 1 && !keyStore.isEmpty()) {
            isEmpty = false;
        }
        Iterator<UserInfo> it = profiles.iterator();
        while (it.hasNext()) {
            int uid = UserHandle.getUid(it.next().id, 1000);
            if (isEmpty) {
                keyStore.resetUid(uid);
            } else {
                keyStore.passwordUid(str, uid);
            }
        }
    }

    @Override // com.android.internal.widget.ILockSettings
    public void setLockPattern(String str, int i) throws RemoteException {
        checkWritePermission(i);
        maybeUpdateKeystore(str, i);
        this.mStorage.writePatternHash(LockPatternUtils.patternToHash(LockPatternUtils.stringToPattern(str)), i);
    }

    @Override // com.android.internal.widget.ILockSettings
    public void setLockPassword(String str, int i) throws RemoteException {
        checkWritePermission(i);
        maybeUpdateKeystore(str, i);
        this.mStorage.writePasswordHash(this.mLockPatternUtils.passwordToHash(str, i), i);
    }

    @Override // com.android.internal.widget.ILockSettings
    public boolean checkPattern(String str, int i) throws RemoteException {
        checkPasswordReadPermission(i);
        byte[] patternToHash = LockPatternUtils.patternToHash(LockPatternUtils.stringToPattern(str));
        byte[] readPatternHash = this.mStorage.readPatternHash(i);
        if (readPatternHash == null) {
            return true;
        }
        boolean equals = Arrays.equals(patternToHash, readPatternHash);
        if (equals && !TextUtils.isEmpty(str)) {
            maybeUpdateKeystore(str, i);
        }
        return equals;
    }

    @Override // com.android.internal.widget.ILockSettings
    public boolean checkPassword(String str, int i) throws RemoteException {
        checkPasswordReadPermission(i);
        byte[] passwordToHash = this.mLockPatternUtils.passwordToHash(str, i);
        byte[] readPasswordHash = this.mStorage.readPasswordHash(i);
        if (readPasswordHash == null) {
            return true;
        }
        boolean equals = Arrays.equals(passwordToHash, readPasswordHash);
        if (equals && !TextUtils.isEmpty(str)) {
            maybeUpdateKeystore(str, i);
        }
        return equals;
    }

    @Override // com.android.internal.widget.ILockSettings
    public boolean checkVoldPassword(int i) throws RemoteException {
        if (!this.mFirstCallToVold) {
            return false;
        }
        this.mFirstCallToVold = false;
        checkPasswordReadPermission(i);
        IMountService mountService = getMountService();
        String password = mountService.getPassword();
        mountService.clearPassword();
        if (password == null) {
            return false;
        }
        try {
            if (this.mLockPatternUtils.isLockPatternEnabled()) {
                if (checkPattern(password, i)) {
                    return true;
                }
            }
        } catch (Exception e) {
        }
        try {
            if (this.mLockPatternUtils.isLockPasswordEnabled()) {
                return checkPassword(password, i);
            }
            return false;
        } catch (Exception e2) {
            return false;
        }
    }

    @Override // com.android.internal.widget.ILockSettings
    public void removeUser(int i) {
        checkWritePermission(i);
        this.mStorage.removeUser(i);
        KeyStore.getInstance().resetUid(UserHandle.getUid(i, 1000));
    }

    private IMountService getMountService() {
        IBinder service = ServiceManager.getService("mount");
        if (service != null) {
            return IMountService.Stub.asInterface(service);
        }
        return null;
    }
}
