package com.android.server.locksettings;

import android.hardware.rebootescrow.IRebootEscrow;
import android.os.RemoteException;
import android.os.ServiceManager;
import android.os.ServiceSpecificException;
import android.util.Slog;
import com.android.internal.annotations.VisibleForTesting;
import java.util.NoSuchElementException;
import javax.crypto.SecretKey;

/* loaded from: input_file:com/android/server/locksettings/RebootEscrowProviderHalImpl.class */
class RebootEscrowProviderHalImpl implements RebootEscrowProviderInterface {
    private static final String TAG = "RebootEscrowProviderHal";
    private final Injector mInjector;

    /* loaded from: input_file:com/android/server/locksettings/RebootEscrowProviderHalImpl$Injector.class */
    static class Injector {
        Injector() {
        }

        public IRebootEscrow getRebootEscrow() {
            try {
                return IRebootEscrow.Stub.asInterface(ServiceManager.getService("android.hardware.rebootescrow.IRebootEscrow/default"));
            } catch (NoSuchElementException e) {
                Slog.i(RebootEscrowProviderHalImpl.TAG, "Device doesn't implement RebootEscrow HAL");
                return null;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RebootEscrowProviderHalImpl() {
        this.mInjector = new Injector();
    }

    @VisibleForTesting
    RebootEscrowProviderHalImpl(Injector injector) {
        this.mInjector = injector;
    }

    @Override // com.android.server.locksettings.RebootEscrowProviderInterface
    public int getType() {
        return 0;
    }

    @Override // com.android.server.locksettings.RebootEscrowProviderInterface
    public boolean hasRebootEscrowSupport() {
        return this.mInjector.getRebootEscrow() != null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.android.server.locksettings.RebootEscrowProviderInterface
    public RebootEscrowKey getAndClearRebootEscrowKey(SecretKey secretKey) {
        IRebootEscrow rebootEscrow = this.mInjector.getRebootEscrow();
        if (rebootEscrow == null) {
            Slog.w(TAG, "Had reboot escrow data for users, but RebootEscrow HAL is unavailable");
            return null;
        }
        try {
            byte[] retrieveKey = rebootEscrow.retrieveKey();
            if (retrieveKey == null) {
                Slog.w(TAG, "Had reboot escrow data for users, but could not retrieve key");
                return null;
            }
            if (retrieveKey.length != 32) {
                Slog.e(TAG, "IRebootEscrow returned key of incorrect size " + retrieveKey.length);
                return null;
            }
            byte b = 0;
            for (byte b2 : retrieveKey) {
                b = b | b2 ? 1 : 0;
            }
            if (b == 0) {
                Slog.w(TAG, "IRebootEscrow returned an all-zeroes key");
                return null;
            }
            rebootEscrow.storeKey(new byte[32]);
            return RebootEscrowKey.fromKeyBytes(retrieveKey);
        } catch (RemoteException e) {
            Slog.w(TAG, "Could not retrieve escrow data");
            return null;
        } catch (ServiceSpecificException e2) {
            Slog.w(TAG, "Got service-specific exception: " + e2.errorCode);
            return null;
        }
    }

    @Override // com.android.server.locksettings.RebootEscrowProviderInterface
    public void clearRebootEscrowKey() {
        IRebootEscrow rebootEscrow = this.mInjector.getRebootEscrow();
        if (rebootEscrow == null) {
            return;
        }
        try {
            rebootEscrow.storeKey(new byte[32]);
        } catch (RemoteException | ServiceSpecificException e) {
            Slog.w(TAG, "Could not call RebootEscrow HAL to shred key");
        }
    }

    @Override // com.android.server.locksettings.RebootEscrowProviderInterface
    public boolean storeRebootEscrowKey(RebootEscrowKey rebootEscrowKey, SecretKey secretKey) {
        IRebootEscrow rebootEscrow = this.mInjector.getRebootEscrow();
        if (rebootEscrow == null) {
            Slog.w(TAG, "Escrow marked as ready, but RebootEscrow HAL is unavailable");
            return false;
        }
        try {
            rebootEscrow.storeKey(rebootEscrowKey.getKeyBytes());
            Slog.i(TAG, "Reboot escrow key stored with RebootEscrow HAL");
            return true;
        } catch (RemoteException | ServiceSpecificException e) {
            Slog.e(TAG, "Failed escrow secret to RebootEscrow HAL", e);
            return false;
        }
    }
}
