package com.google.android.gms.common.security;

import android.content.Context;
import android.content.pm.ApplicationInfo;
import android.os.Build;
import android.os.Process;
import android.util.Log;
import androidx.webkit.Profile;
import com.google.android.gms.org.conscrypt.Conscrypt;
import com.google.android.gms.org.conscrypt.NativeCrypto;
import com.google.android.gms.security.ProviderInstaller;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.security.Provider;
import java.security.Security;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Set;
import java.util.zip.ZipEntry;
import java.util.zip.ZipFile;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import org.microg.gms.common.PackageUtils;

/* loaded from: classes.dex */
public class ProviderInstallerImpl {
    private static final String TAG = "GmsProviderInstaller";
    private static Provider provider;
    private static final List<String> DISABLED = Collections.unmodifiableList(Arrays.asList("com.bankid.bus"));
    private static final Object lock = new Object();

    private static final void copyInputStream(InputStream inputStream, OutputStream outputStream) throws IOException {
        byte[] bArr = new byte[1024];
        while (true) {
            int read = inputStream.read(bArr);
            if (read < 0) {
                inputStream.close();
                outputStream.close();
                return;
            }
            outputStream.write(bArr, 0, read);
        }
    }

    private static String getRealSelfPackageName(Context context) {
        String opPackageName;
        String packageFromProcessId = PackageUtils.packageFromProcessId(context, Process.myPid());
        if (packageFromProcessId != null && packageFromProcessId.contains(".")) {
            return packageFromProcessId;
        }
        try {
            String str = (String) Context.class.getDeclaredMethod("getBasePackageName", new Class[0]).invoke(context, new Object[0]);
            if (str != null) {
                return str;
            }
        } catch (Exception unused) {
        }
        if (Build.VERSION.SDK_INT >= 29) {
            opPackageName = context.getOpPackageName();
            return opPackageName;
        }
        Context applicationContext = context.getApplicationContext();
        return applicationContext != null ? applicationContext.getPackageName() : context.getPackageName();
    }

    private static void initProvider(Context context, String str) {
        Log.d(TAG, "Initializing provider for " + str);
        try {
            provider = Conscrypt.newProviderBuilder().setName(ProviderInstaller.PROVIDER_NAME).defaultTlsProtocol("TLSv1.2").build();
        } catch (UnsatisfiedLinkError unused) {
            Log.w(TAG, "Could not link conscrypt via default loader, trying manual loading");
            try {
                loadConscryptDirect(context, str);
                provider = Conscrypt.newProviderBuilder().setName(ProviderInstaller.PROVIDER_NAME).defaultTlsProtocol("TLSv1.2").build();
            } catch (Exception e) {
                Log.w(TAG, e);
            }
        }
    }

    public static void insertProvider(Context context) {
        String realSelfPackageName = getRealSelfPackageName(context);
        try {
            if (DISABLED.contains(realSelfPackageName)) {
                Log.d(TAG, "Package " + realSelfPackageName + " is excluded from usage of provider installer");
                return;
            }
            if (Security.getProvider(ProviderInstaller.PROVIDER_NAME) != null) {
                Log.d(TAG, "Provider already inserted in " + realSelfPackageName);
                return;
            }
            synchronized (lock) {
                initProvider(context, realSelfPackageName);
                Provider provider2 = provider;
                if (provider2 == null) {
                    Log.w(TAG, "Failed to initialize Conscrypt");
                    return;
                }
                int insertProviderAt = Security.insertProviderAt(provider2, 1);
                if (insertProviderAt != 1) {
                    throw new SecurityException("Failed to install security provider GmsCore_OpenSSL, result: " + insertProviderAt);
                }
                Security.setProperty("ssl.SocketFactory.provider", "com.google.android.gms.org.conscrypt.OpenSSLSocketFactoryImpl");
                Security.setProperty("ssl.ServerSocketFactory.provider", "com.google.android.gms.org.conscrypt.OpenSSLServerSocketFactoryImpl");
                SSLContext sSLContext = SSLContext.getInstance(Profile.DEFAULT_PROFILE_NAME);
                SSLContext.setDefault(sSLContext);
                HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
                Log.d(TAG, "Installed default security provider GmsCore_OpenSSL");
            }
        } catch (Throwable th) {
            Log.w(TAG, th);
        }
    }

    private static void loadConscryptDirect(Context context, String str) throws Exception {
        String str2 = (String) ApplicationInfo.class.getField("primaryCpuAbi").get(context.getPackageManager().getApplicationInfo(str, 0));
        if (str2 != null) {
            String str3 = "lib/" + str2 + "/libconscrypt_gmscore_jni.so";
            File file = new File(context.createPackageContext(str, 0).getCacheDir().getAbsolutePath() + "/.gmscore/" + str3);
            file.getParentFile().mkdirs();
            File file2 = new File(context.getPackageCodePath());
            if (!file.exists() || file.lastModified() < file2.lastModified()) {
                ZipFile zipFile = new ZipFile(file2);
                ZipEntry entry = zipFile.getEntry(str3);
                if (entry != null) {
                    copyInputStream(zipFile.getInputStream(entry), new FileOutputStream(file));
                } else {
                    Log.d(TAG, "Can't load native library: " + str3 + " does not exist in " + file2);
                }
            }
            Log.d(TAG, "Loading conscrypt_gmscore_jni from " + file.getPath());
            System.load(file.getAbsolutePath());
            Field declaredField = NativeCrypto.class.getDeclaredField("loadError");
            declaredField.setAccessible(true);
            declaredField.set(null, null);
            Method declaredMethod = NativeCrypto.class.getDeclaredMethod("clinit", new Class[0]);
            declaredMethod.setAccessible(true);
            Method declaredMethod2 = NativeCrypto.class.getDeclaredMethod("get_cipher_names", String.class);
            declaredMethod2.setAccessible(true);
            Method declaredMethod3 = NativeCrypto.class.getDeclaredMethod("cipherSuiteToJava", String.class);
            declaredMethod3.setAccessible(true);
            Method declaredMethod4 = NativeCrypto.class.getDeclaredMethod("EVP_has_aes_hardware", new Class[0]);
            declaredMethod4.setAccessible(true);
            Field declaredField2 = NativeCrypto.class.getDeclaredField("SUPPORTED_TLS_1_2_CIPHER_SUITES_SET");
            declaredField2.setAccessible(true);
            Set set = (Set) declaredField2.get(null);
            Field declaredField3 = NativeCrypto.class.getDeclaredField("SUPPORTED_LEGACY_CIPHER_SUITES_SET");
            declaredField3.setAccessible(true);
            Set set2 = (Set) declaredField3.get(null);
            Field declaredField4 = NativeCrypto.class.getDeclaredField("SUPPORTED_TLS_1_2_CIPHER_SUITES");
            declaredField4.setAccessible(true);
            try {
                declaredMethod.invoke(null, new Object[0]);
                String[] strArr = (String[]) declaredMethod2.invoke(null, "ALL:!DHE");
                int length = strArr.length;
                String[] strArr2 = new String[(length / 2) + 2];
                for (int i = 0; i < length; i += 2) {
                    String str4 = (String) declaredMethod3.invoke(null, strArr[i]);
                    strArr2[i / 2] = str4;
                    set.add(str4);
                    set2.add(strArr[i + 1]);
                }
                strArr2[length / 2] = "TLS_EMPTY_RENEGOTIATION_INFO_SCSV";
                strArr2[(length / 2) + 1] = "TLS_FALLBACK_SCSV";
                declaredField4.set(null, strArr2);
                Field declaredField5 = NativeCrypto.class.getDeclaredField("HAS_AES_HARDWARE");
                declaredField5.setAccessible(true);
                declaredField5.set(null, Boolean.valueOf(((Integer) declaredMethod4.invoke(null, new Object[0])).intValue() == 1));
            } catch (InvocationTargetException e) {
                if (e.getTargetException() instanceof UnsatisfiedLinkError) {
                    declaredField.set(null, e.getTargetException());
                }
            }
        }
    }

    public void reportRequestStats(Context context, long j, long j2) {
    }
}
