package com.heytap.shield;

import android.app.Application;
import android.content.Context;
import android.os.Binder;
import android.text.TextUtils;
import com.heytap.shield.authcode.AuthCache;
import com.heytap.shield.authcode.Authentication;
import com.heytap.shield.authcode.CommonStatusCodes;
import com.heytap.shield.authcode.info.AuthResult;
import com.heytap.shield.servicemaps.ServiceMap;
import com.heytap.shield.utils.CertUtils;
import com.heytap.shield.utils.DebugUtils;
import com.heytap.shield.utils.PLog;
import com.heytap.shield.utils.PackageUtils;
import java.util.Arrays;

/* loaded from: classes4.dex */
public class PermissionCheck {
    private static PermissionCheck sInstance;
    private volatile boolean initialized = false;
    private AuthCache mAuthCache;
    private Context mContext;

    private PermissionCheck() {
    }

    public static PermissionCheck getInstance() {
        if (sInstance == null) {
            synchronized (PermissionCheck.class) {
                if (sInstance == null) {
                    sInstance = new PermissionCheck();
                }
            }
        }
        return sInstance;
    }

    public synchronized void init(Context context) {
        if (this.initialized) {
            return;
        }
        this.initialized = true;
        this.mContext = context instanceof Application ? context : context.getApplicationContext();
        this.mAuthCache = new AuthCache(context);
        ServiceMap.initServiceMap();
        Context context2 = this.mContext;
        if (context2 != null && TextUtils.equals(context2.getPackageName(), "com.heytap.appplatform")) {
            PLog.init(this.mContext);
            DebugUtils.getInstance().init(this.mContext);
        }
    }

    public boolean isValid() {
        return !DebugUtils.getInstance().isDebugMode();
    }

    public boolean verityEpona(String str, String str2, String str3) {
        if (Binder.getCallingUid() == 1000) {
            return true;
        }
        String callingPackageName = PackageUtils.getCallingPackageName(this.mContext, Binder.getCallingUid(), Binder.getCallingPid());
        if (TextUtils.isEmpty(str)) {
            PLog.e("Epona Authentication Failed Cause Component Empty : " + callingPackageName);
            return false;
        }
        if (TextUtils.isEmpty(str)) {
            PLog.e("Epona Authentication Failed Cause ActionName Empty : " + callingPackageName);
            return false;
        }
        if (TextUtils.isEmpty(str3)) {
            PLog.e("Epona Authentication Failed Cause Register Package Empty : " + callingPackageName);
            return false;
        }
        PLog.d("Start epona verify Component : [" + str + "] action : [" + str2 + "] register pacage : [" + str3 + "] caller pacakge : [" + callingPackageName + "]");
        if (this.mAuthCache.isPlatformSignature(Constants.LOCAL_PLATFORM_SIGNATURE)) {
            PLog.d("Epona verity SUCCESS cause local version, Caller Package [" + callingPackageName + "]");
            return true;
        }
        if (TextUtils.isEmpty(callingPackageName)) {
            PLog.e("Get caller package is null");
            String[] packagesForUid = this.mContext.getPackageManager().getPackagesForUid(Binder.getCallingUid());
            if (packagesForUid == null || packagesForUid.length <= 0) {
                PLog.e("Get packages Error : Calling pid [" + Binder.getCallingPid() + "] Calling uid [" + Binder.getCallingUid() + "]");
                return false;
            }
            PLog.e("Get UID [" + Binder.getCallingUid() + "] PID [" + Binder.getCallingPid() + "] Packages [" + Arrays.toString(packagesForUid) + "]");
            callingPackageName = packagesForUid[0];
        }
        String certificateSHA256 = CertUtils.getCertificateSHA256(this.mContext, callingPackageName);
        if (this.mAuthCache.isPlatformSignature(certificateSHA256)) {
            PLog.d("Epona verity SUCCESS Caller Package [" + callingPackageName + "] is platform signature");
            return true;
        }
        if (!TextUtils.equals("com.heytap.appplatform", str3)) {
            boolean equals = TextUtils.equals(CertUtils.getCertificateSHA1(this.mContext, str3), CertUtils.getCertificateSHA1(this.mContext, callingPackageName));
            PLog.d("Epona verity " + (equals ? "SUCCESS" : "FAILED") + " Caller : [" + callingPackageName + "] Component : [" + str + "] ActionName : [" + str2 + "]");
            return equals;
        }
        if (TextUtils.equals("com.heytap.appplatform", callingPackageName)) {
            return true;
        }
        if (this.mAuthCache.hasCache(callingPackageName, certificateSHA256)) {
            boolean verifyEponaPermission = this.mAuthCache.verifyEponaPermission(callingPackageName, str, str2);
            PLog.d("Epona verity " + (verifyEponaPermission ? "SUCCESS" : "FAILED") + " Caller : [" + callingPackageName + "] Component : [" + str + "] ActionName : [" + str2 + "]");
            return verifyEponaPermission;
        }
        AuthResult checkAuthCode = Authentication.checkAuthCode(this.mContext, callingPackageName);
        int errrorCode = checkAuthCode.getErrrorCode();
        if (errrorCode != 1001) {
            PLog.e("Epona Authentication Failed " + CommonStatusCodes.getStatusCodeString(errrorCode) + " Package : " + callingPackageName);
            return false;
        }
        this.mAuthCache.putCache(callingPackageName, checkAuthCode, certificateSHA256);
        boolean verifyEponaPermission2 = this.mAuthCache.verifyEponaPermission(callingPackageName, str, str2);
        PLog.d("Epona verity " + (verifyEponaPermission2 ? "SUCCESS" : "FAILED") + " Caller : [" + callingPackageName + "] Component : [" + str + "] ActionName : [" + str2 + "]");
        return verifyEponaPermission2;
    }

    public boolean verityNavi(String str, String str2) {
        if (TextUtils.isEmpty(str2)) {
            PLog.e("Navi Authentication Failed Cause Plugin Signature Empty");
            return false;
        }
        if (!TextUtils.isEmpty(str)) {
            return TextUtils.equals(CertUtils.getCertificateSHA256(this.mContext, str), str2);
        }
        PLog.e("Navi Authentication Failed Cause Caller Package Empty");
        return false;
    }

    public boolean verityTingle(String str, int i) {
        if (Binder.getCallingUid() == 1000) {
            return true;
        }
        String callingPackageName = PackageUtils.getCallingPackageName(this.mContext, Binder.getCallingUid(), Binder.getCallingPid());
        if (TextUtils.isEmpty(str)) {
            PLog.e("Tingle Authentication Failed Cause Descriptor Empty : " + callingPackageName);
            return false;
        }
        PLog.d("Start tingle verity descriptor : [" + str + "] method : [" + ServiceMap.convertTransactCode(str, i) + "] caller package : [" + callingPackageName + "]");
        if (this.mAuthCache.isPlatformSignature(Constants.LOCAL_PLATFORM_SIGNATURE)) {
            PLog.d("Tingle verity SUCCESS cause local version, Caller Package [" + callingPackageName + "]");
            return true;
        }
        String certificateSHA256 = CertUtils.getCertificateSHA256(this.mContext, callingPackageName);
        if (this.mAuthCache.isPlatformSignature(certificateSHA256)) {
            PLog.d("Tingle verity SUCCESS Caller Package [" + callingPackageName + "] is platform signature");
            return true;
        }
        if (this.mAuthCache.hasCache(callingPackageName, certificateSHA256)) {
            boolean verifyTinglePermission = this.mAuthCache.verifyTinglePermission(ServiceMap.convertTransactCode(str, i), callingPackageName);
            PLog.d("Tingle verity " + (verifyTinglePermission ? "SUCCESS" : "FAILED") + " Caller : [" + callingPackageName + "] Descriptor : [" + str + "] Method : [" + ServiceMap.convertTransactCode(str, i) + "]");
            return verifyTinglePermission;
        }
        AuthResult checkAuthCode = Authentication.checkAuthCode(this.mContext, callingPackageName);
        int errrorCode = checkAuthCode.getErrrorCode();
        if (errrorCode != 1001) {
            PLog.e("Tingle Authentication Failed " + CommonStatusCodes.getStatusCodeString(errrorCode) + " Package : " + callingPackageName);
            return false;
        }
        this.mAuthCache.putCache(callingPackageName, checkAuthCode, certificateSHA256);
        boolean verifyTinglePermission2 = this.mAuthCache.verifyTinglePermission(ServiceMap.convertTransactCode(str, i), callingPackageName);
        PLog.d("Tingle verity " + (verifyTinglePermission2 ? "SUCCESS" : "FAILED") + " Caller : [" + callingPackageName + "] Descriptor : [" + str + "] Method : [" + ServiceMap.convertTransactCode(str, i) + "]");
        return verifyTinglePermission2;
    }
}
