package com.amazon.venezia.command.security;

import android.app.ActivityManager;
import android.content.pm.PackageManager;
import android.content.pm.Signature;
import android.os.Binder;
import android.os.RemoteException;
import com.amazon.logging.Logger;
import com.amazon.mas.client.common.app.ApplicationHelper;
import com.amazon.venezia.command.action.CommandAction;
import com.amazon.venezia.command.action.CommandActionChain;
import com.amazon.venezia.command.action.CommandActionContext;
import com.amazon.venezia.command.shared.AuthTokenHelper;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;

/* loaded from: classes13.dex */
public class CheckSecurityAction extends CommandActionChain {
    private static final Logger LOG = Logger.getLogger(CheckSecurityAction.class);

    public CheckSecurityAction() {
        this(null);
    }

    public CheckSecurityAction(CommandAction commandAction) {
        super(commandAction);
    }

    private boolean isSignatureValid(PackageManager packageManager, String str, String str2) {
        try {
            SignatureChecker signatureChecker = new SignatureChecker(str2);
            try {
                for (Signature signature : packageManager.getPackageInfo(str, 64).signatures) {
                    if (signatureChecker.matches(signature)) {
                        return true;
                    }
                }
                return false;
            } catch (PackageManager.NameNotFoundException e) {
                LOG.v("Could not get package info with signatures.", e);
                return false;
            }
        } catch (IOException e2) {
            LOG.v("Could not create signature checker.", e2);
            return false;
        }
    }

    private int retrieveCallingIdentifiers(CommandActionContext commandActionContext) {
        Binder.restoreCallingIdentity(commandActionContext.getIdToken());
        int callingUid = Binder.getCallingUid();
        int callingPid = Binder.getCallingPid();
        commandActionContext.setIdToken(Binder.clearCallingIdentity());
        commandActionContext.setProcessId(callingPid);
        trySetProcessImportance(commandActionContext, callingPid);
        return callingUid;
    }

    private void trySetProcessImportance(CommandActionContext commandActionContext, int i) {
        List<ActivityManager.RunningAppProcessInfo> runningAppProcesses;
        ActivityManager activityManager = (ActivityManager) commandActionContext.getContext().getSystemService("activity");
        if (activityManager == null || (runningAppProcesses = activityManager.getRunningAppProcesses()) == null) {
            return;
        }
        for (ActivityManager.RunningAppProcessInfo runningAppProcessInfo : runningAppProcesses) {
            if (runningAppProcessInfo.pid == i) {
                commandActionContext.setProcessImportance(runningAppProcessInfo.importance);
                return;
            }
        }
    }

    @Override // com.amazon.venezia.command.action.CommandActionChain
    public boolean executeAction(CommandActionContext commandActionContext) throws RemoteException {
        LOG.v("Executing command action: " + CheckSecurityAction.class);
        String packageName = commandActionContext.getCommand().getPackageName();
        if (packageName == null) {
            LOG.v("Package name expected.");
            commandActionContext.getCallback().onException(new IllegalArgumentExceptionResult("packageName"));
            return false;
        }
        PackageManager packageManager = commandActionContext.getContext().getPackageManager();
        int retrieveCallingIdentifiers = retrieveCallingIdentifiers(commandActionContext);
        if (!Arrays.asList(packageManager.getPackagesForUid(retrieveCallingIdentifiers)).contains(packageName)) {
            LOG.v("Package name (%s) is not associated with calling uid (%d).", packageName, Integer.valueOf(retrieveCallingIdentifiers));
            commandActionContext.getCallback().onException(new UnauthorizedExceptionResult());
            return false;
        }
        String amazonContentId = ApplicationHelper.getAmazonContentId(commandActionContext.getContext(), packageName);
        if (amazonContentId == null) {
            LOG.v("App (%s) does not contain a content id.", packageName);
            commandActionContext.getCallback().onException(new BadContentExceptionResult());
            return false;
        }
        commandActionContext.setValue("com.amazon.venezia.command.security.contentId", amazonContentId);
        String authToken = new AuthTokenHelper().getAuthToken(commandActionContext.getContext(), amazonContentId);
        if (authToken == null) {
            LOG.v("Auth token not available for content id (%s).", amazonContentId);
            commandActionContext.getCallback().onException(new BadContentExceptionResult());
            return false;
        }
        commandActionContext.setValue("com.amazon.venezia.command.security.authToken", authToken);
        ContentMetadata contentMetadata = new ContentMetadataProvider().getContentMetadata(amazonContentId);
        if (contentMetadata == null) {
            LOG.v("Content metadata not available for content id (%s).", amazonContentId);
            commandActionContext.getCallback().onFailure(new BadContentFailureResult(authToken));
            return false;
        }
        if (!packageName.equals(contentMetadata.getPackageName())) {
            LOG.v("Package name (%s) does not match content metadata (%s)", packageName, contentMetadata.getPackageName());
            commandActionContext.getCallback().onFailure(new BadContentFailureResult(authToken));
            return false;
        }
        if (isSignatureValid(packageManager, packageName, contentMetadata.getSignature())) {
            return true;
        }
        LOG.e("Could not verify signature: " + contentMetadata.getSignature());
        commandActionContext.getCallback().onFailure(new UnauthorizedFailureResult(authToken));
        return false;
    }
}
