package com.huawei.common.components.security;

import android.os.Build;
import android.os.Process;
import com.huawei.common.components.log.Logger;
import com.huawei.common.utils.ArrayUtils;
import com.huawei.common.utils.CloseUtils;
import com.huawei.common.utils.ReflectionUtils;
import java.io.ByteArrayOutputStream;
import java.io.Closeable;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.SecureRandomSpi;
import java.security.Security;

/* loaded from: classes.dex */
public final class PRNGFixes {
    private static final int RAND_NUM_1024 = 1024;
    private static final String TAG = "PRNGFixes";
    private static final int VERSION_CODE_JELLY_BEAN_MR2 = 18;
    private static final byte[] BUILD_FINGERPRINT_AND_DEVICE_SERIAL = getBuildFingerprintAndDeviceSerial();
    private static boolean supportPRNGFix = true;

    /* loaded from: classes.dex */
    public static class LinuxPRNGSecureRandom extends SecureRandomSpi {
        private static DataInputStream sUrandomIn = null;
        private static OutputStream sUrandomOut = null;
        private static final long serialVersionUID = 7944799535730275601L;
        private boolean mSeeded;
        private static final File URANDOM_FILE = new File("/dev/urandom");
        private static final Object S_LOCK = new Object();

        private DataInputStream getUrandomInputStream() {
            DataInputStream dataInputStream;
            synchronized (S_LOCK) {
                if (sUrandomIn == null) {
                    try {
                        sUrandomIn = new DataInputStream(new FileInputStream(URANDOM_FILE));
                    } catch (IOException e) {
                        Logger.e(PRNGFixes.TAG, "Failed to open " + URANDOM_FILE + " for reading", e);
                        PRNGFixes.removeUnSupportProvider();
                    }
                }
                dataInputStream = sUrandomIn;
            }
            return dataInputStream;
        }

        private OutputStream getUrandomOutputStream() throws IOException {
            OutputStream outputStream;
            synchronized (S_LOCK) {
                if (sUrandomOut == null) {
                    sUrandomOut = new FileOutputStream(URANDOM_FILE);
                }
                outputStream = sUrandomOut;
            }
            return outputStream;
        }

        @Override // java.security.SecureRandomSpi
        protected byte[] engineGenerateSeed(int i) {
            byte[] bArr = new byte[i];
            engineNextBytes(bArr);
            return bArr;
        }

        @Override // java.security.SecureRandomSpi
        protected void engineNextBytes(byte[] bArr) {
            DataInputStream urandomInputStream;
            if (!this.mSeeded) {
                engineSetSeed(PRNGFixes.access$000());
            }
            try {
                try {
                    synchronized (S_LOCK) {
                        urandomInputStream = getUrandomInputStream();
                    }
                    synchronized (urandomInputStream) {
                        urandomInputStream.readFully(bArr);
                    }
                    CloseUtils.close(urandomInputStream);
                } catch (IOException e) {
                    Logger.e(PRNGFixes.TAG, "Failed to read from " + URANDOM_FILE, e);
                    Logger.e(PRNGFixes.TAG, "Failed to read from provider, begin to remove unsupported provider");
                    PRNGFixes.removeUnSupportProvider();
                    CloseUtils.close((Closeable) null);
                }
            } catch (Throwable th) {
                CloseUtils.close((Closeable) null);
                throw th;
            }
        }

        @Override // java.security.SecureRandomSpi
        protected void engineSetSeed(byte[] bArr) {
            OutputStream urandomOutputStream;
            try {
                try {
                    synchronized (S_LOCK) {
                        urandomOutputStream = getUrandomOutputStream();
                    }
                    urandomOutputStream.write(bArr);
                    urandomOutputStream.flush();
                    this.mSeeded = true;
                    CloseUtils.close(urandomOutputStream);
                    synchronized (S_LOCK) {
                        sUrandomOut = null;
                    }
                } catch (IOException e) {
                    Logger.w(PRNGFixes.TAG, "Failed to mix seed into " + URANDOM_FILE);
                    this.mSeeded = true;
                    CloseUtils.close((Closeable) null);
                    synchronized (S_LOCK) {
                        sUrandomOut = null;
                    }
                }
            } catch (Throwable th) {
                this.mSeeded = true;
                CloseUtils.close((Closeable) null);
                synchronized (S_LOCK) {
                    sUrandomOut = null;
                    throw th;
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class LinuxPRNGSecureRandomProvider extends Provider {
        private static final long serialVersionUID = 4002651812548279891L;

        LinuxPRNGSecureRandomProvider() {
            super("LinuxPRNG", 1.0d, "A Linux-specific random number provider that uses /dev/urandom");
            put("SecureRandom.SHA1PRNG", LinuxPRNGSecureRandom.class.getName());
            put("SecureRandom.SHA1PRNG ImplementedIn", "Software");
        }
    }

    private PRNGFixes() {
    }

    static /* synthetic */ byte[] access$000() {
        return generateSeed();
    }

    public static void apply() {
        try {
            Logger.i(TAG, "support to apply fix: " + supportPRNGFix);
            if (supportPRNGFix) {
                applyOpenSSLFix();
                installLinuxPRNGSecureRandom();
            }
        } catch (SecurityException e) {
            Logger.e(TAG, "apply error.", e);
        }
    }

    private static void applyOpenSSLFix() {
        int intValue;
        if (Build.VERSION.SDK_INT > 18) {
            return;
        }
        try {
            ReflectionUtils.invoke(ReflectionUtils.getMethod("org.apache.harmony.xnet.provider.jsse.NativeCrypto", "RAND_seed", (Class<?>[]) new Class[]{byte[].class}), null, generateSeed());
            Object invoke = ReflectionUtils.invoke(ReflectionUtils.getMethod("org.apache.harmony.xnet.provider.jsse.NativeCrypto", "RAND_load_file", (Class<?>[]) new Class[]{String.class, Long.TYPE}), null, "/dev/urandom", 1024);
            if (!(invoke instanceof Integer) || (intValue = ((Integer) invoke).intValue()) == 1024) {
            } else {
                throw new IOException("Unexpected number of bytes read from Linux PRNG: " + intValue);
            }
        } catch (IOException e) {
            throw new SecurityException("Failed to seed OpenSSL PRNG IOException", e);
        }
    }

    private static byte[] generateSeed() {
        DataOutputStream dataOutputStream;
        ByteArrayOutputStream byteArrayOutputStream;
        byte[] buildFingerprintAndDeviceSerial;
        ByteArrayOutputStream byteArrayOutputStream2 = null;
        try {
            byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                dataOutputStream = new DataOutputStream(byteArrayOutputStream);
                try {
                    dataOutputStream.writeLong(System.currentTimeMillis());
                    dataOutputStream.writeLong(System.nanoTime());
                    dataOutputStream.writeInt(Process.myPid());
                    dataOutputStream.writeInt(Process.myUid());
                    dataOutputStream.write(BUILD_FINGERPRINT_AND_DEVICE_SERIAL);
                    dataOutputStream.close();
                    buildFingerprintAndDeviceSerial = byteArrayOutputStream.toByteArray();
                    CloseUtils.close(byteArrayOutputStream);
                    CloseUtils.close(dataOutputStream);
                } catch (IOException e) {
                    e = e;
                    byteArrayOutputStream2 = byteArrayOutputStream;
                    try {
                        Logger.e(TAG, "Failed to generate seed", e);
                        removeUnSupportProvider();
                        buildFingerprintAndDeviceSerial = getBuildFingerprintAndDeviceSerial();
                        CloseUtils.close(byteArrayOutputStream2);
                        CloseUtils.close(dataOutputStream);
                        return buildFingerprintAndDeviceSerial;
                    } catch (Throwable th) {
                        th = th;
                        byteArrayOutputStream = byteArrayOutputStream2;
                        CloseUtils.close(byteArrayOutputStream);
                        CloseUtils.close(dataOutputStream);
                        throw th;
                    }
                } catch (Throwable th2) {
                    th = th2;
                    CloseUtils.close(byteArrayOutputStream);
                    CloseUtils.close(dataOutputStream);
                    throw th;
                }
            } catch (IOException e2) {
                e = e2;
                dataOutputStream = null;
                byteArrayOutputStream2 = byteArrayOutputStream;
            } catch (Throwable th3) {
                th = th3;
                dataOutputStream = null;
            }
        } catch (IOException e3) {
            e = e3;
            dataOutputStream = null;
        } catch (Throwable th4) {
            th = th4;
            dataOutputStream = null;
            byteArrayOutputStream = null;
        }
        return buildFingerprintAndDeviceSerial;
    }

    private static byte[] getBuildFingerprintAndDeviceSerial() {
        StringBuilder sb = new StringBuilder();
        String str = Build.FINGERPRINT;
        if (str != null) {
            sb.append(str);
        }
        String deviceSerialNumber = getDeviceSerialNumber();
        if (deviceSerialNumber != null) {
            sb.append(deviceSerialNumber);
        }
        try {
            return sb.toString().getBytes("UTF-8");
        } catch (UnsupportedEncodingException e) {
            Logger.e(TAG, "stringAsBytes:", e);
            return new byte[0];
        }
    }

    private static String getDeviceSerialNumber() {
        return (String) ReflectionUtils.getFieldValue(Build.class, "SERIAL", null);
    }

    private static void installLinuxPRNGSecureRandom() {
        SecureRandom secureRandom;
        if (Build.VERSION.SDK_INT > 18) {
            return;
        }
        Provider[] providers = Security.getProviders("SecureRandom.SHA1PRNG");
        if (ArrayUtils.isEmpty(providers) || !(providers[0] instanceof LinuxPRNGSecureRandomProvider)) {
            Security.insertProviderAt(new LinuxPRNGSecureRandomProvider(), 1);
        }
        SecureRandom secureRandom2 = new SecureRandom();
        if (!(secureRandom2.getProvider() instanceof LinuxPRNGSecureRandomProvider)) {
            Logger.e(TAG, "new SecureRandom() backed by wrong Provider: " + secureRandom2.getProvider().getClass());
            removeUnSupportProvider();
        }
        try {
            secureRandom = SecureRandom.getInstance("SHA1PRNG");
        } catch (NoSuchAlgorithmException e) {
            Logger.e(TAG, "SHA1PRNG not available", e);
            secureRandom = null;
            removeUnSupportProvider();
        }
        if (secureRandom == null || (secureRandom.getProvider() instanceof LinuxPRNGSecureRandomProvider)) {
            return;
        }
        Logger.e(TAG, "SecureRandom.getInstance(\"SHA1PRNG\") backed by wrong Provider: " + secureRandom.getProvider().getClass());
        removeUnSupportProvider();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void removeUnSupportProvider() {
        supportPRNGFix = false;
        Security.removeProvider(LinuxPRNGSecureRandom.class.getName());
        Security.removeProvider("LinuxPRNG");
    }
}
