package com.mobileiron.compliance.vpn;

import android.net.Uri;
import android.support.v4.media.session.MediaSessionCompat;
import android.util.Base64;
import com.mobileiron.R;
import com.mobileiron.acom.core.utils.cert.CertificateUtils;
import com.mobileiron.common.a0;
import com.mobileiron.compliance.utils.ConfigurationErrors;
import com.samsung.android.knox.accounts.HostAuth;
import org.apache.commons.lang3.StringUtils;

/* loaded from: classes.dex */
class f extends a {

    /* renamed from: c, reason: collision with root package name */
    protected com.mobileiron.acom.core.utils.i f12731c;

    /* renamed from: d, reason: collision with root package name */
    protected com.mobileiron.acom.core.utils.i f12732d;

    /* renamed from: e, reason: collision with root package name */
    protected com.mobileiron.acom.core.utils.i f12733e;

    /* renamed from: f, reason: collision with root package name */
    protected com.mobileiron.acom.core.utils.i f12734f;

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.mobileiron.compliance.vpn.a
    public void b(com.mobileiron.acom.core.utils.i iVar) {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.mobileiron.compliance.vpn.a
    public boolean c(com.mobileiron.acom.core.utils.i iVar) {
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.mobileiron.compliance.vpn.a
    public boolean d(com.mobileiron.acom.core.utils.i iVar) {
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.mobileiron.compliance.vpn.a
    public boolean e(com.mobileiron.acom.core.utils.i iVar) {
        ConfigurationErrors.ConfigurationType configurationType = ConfigurationErrors.ConfigurationType.VPN;
        if (iVar == null || iVar.E() == 0) {
            a0.e("CommonSslKnoxVPNConfigurator", "VPN config is null - can't configure");
            return false;
        }
        String m = iVar.m("ipsecCertContent");
        String m2 = iVar.m("ipsecPasskey");
        if (StringUtils.isNotBlank(m)) {
            if (StringUtils.isBlank(m2)) {
                a0.C("CommonSslKnoxVPNConfigurator", "User cert password is missing");
                ConfigurationErrors.w().a(configurationType, iVar.m("userDefinedName"), R.string.wrong_user_certificate_error_message);
                return false;
            }
            if (CertificateUtils.d(Base64.decode(m, 0), m2) == null) {
                a0.C("CommonSslKnoxVPNConfigurator", "User cert password in wrong format");
                ConfigurationErrors.w().a(configurationType, iVar.m("userDefinedName"), R.string.wrong_user_certificate_error_message);
                return false;
            }
        }
        if (iVar.t("perAppVpn")) {
            if (!StringUtils.isBlank(iVar.m("vpnUuid"))) {
                return true;
            }
            a0.e("CommonSslKnoxVPNConfigurator", "No UUID for per app VPN");
            return false;
        }
        if (!com.mobileiron.compliance.utils.d.n().j(iVar.m("ipsecOnDemandEnabled"))) {
            return true;
        }
        a0.C("CommonSslKnoxVPNConfigurator", "On demand is not supported for device VPNs");
        ConfigurationErrors.w().a(configurationType, iVar.m("userDefinedName"), R.string.on_demand_not_possible_error_message);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.mobileiron.compliance.vpn.a
    public boolean f(com.mobileiron.acom.core.utils.i iVar) {
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.mobileiron.compliance.vpn.a
    public boolean g(com.mobileiron.acom.core.utils.i iVar) {
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.mobileiron.compliance.vpn.a
    public void h(com.mobileiron.acom.core.utils.i iVar) {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.mobileiron.compliance.vpn.a
    public boolean i(String str, com.mobileiron.acom.core.utils.i iVar, com.mobileiron.acom.core.utils.i iVar2, com.mobileiron.acom.core.utils.i iVar3, boolean z) {
        String l = com.mobileiron.compliance.utils.d.n().l(iVar2, iVar3, (StringUtils.isBlank(iVar3.m("username")) || z) ? new String[]{"authentication_type"} : new String[]{"authentication_type", "username"});
        if (l != null) {
            d.a.a.a.a.P0("Config deviance: ", l, "CommonSslKnoxVPNConfigurator");
            return false;
        }
        if (!MediaSessionCompat.a(Uri.parse(iVar3.m("host")).getSchemeSpecificPart().replaceFirst("//", ""), Uri.parse(iVar2.m("host")).getSchemeSpecificPart().replaceFirst("//", ""))) {
            return false;
        }
        if (StringUtils.isBlank(iVar3.m(HostAuth.PASSWORD))) {
            return true;
        }
        String m = iVar2.m(HostAuth.PASSWORD);
        if (!StringUtils.isBlank(m)) {
            return m.equals(iVar3.m(HostAuth.PASSWORD));
        }
        if (StringUtils.isBlank(str)) {
            return true;
        }
        return str.equals(com.mobileiron.common.utils.m.o(iVar3.m(HostAuth.PASSWORD)));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean m(com.mobileiron.acom.core.utils.i iVar, com.mobileiron.acom.core.utils.i iVar2, String str) {
        String m = iVar.m(str);
        String m2 = iVar2.m(str);
        if (m == null) {
            m = "";
        }
        if (m2 == null) {
            m2 = "";
        }
        boolean equalsIgnoreCase = m.equalsIgnoreCase(m2);
        if (!equalsIgnoreCase) {
            a0.d("CommonSslKnoxVPNConfigurator", "Cert aliases are different: " + m + " != " + m2);
        }
        return equalsIgnoreCase;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void n(com.mobileiron.acom.core.utils.i iVar) {
        this.f12725a = new com.mobileiron.acom.core.utils.i();
        String m = iVar.m("userDefinedName");
        this.f12726b = m;
        if (m.contains(StringUtils.SPACE)) {
            this.f12726b = a.j(this.f12726b);
            StringBuilder l0 = d.a.a.a.a.l0("VPN connection name contains spaces - replacing them with _: ");
            l0.append(this.f12726b);
            a0.C("AbstractKnoxVPNConfigurator", l0.toString());
        }
        this.f12725a.U("host", iVar.m("ipsecRemoteAddress"));
        if (iVar.t("perAppVpn")) {
            this.f12725a.U("vpn_route_type", "1");
        } else {
            this.f12725a.U("vpn_route_type", "0");
        }
        this.f12725a.U("profileName", this.f12726b);
        this.f12725a.U("vpn_type", "ssl");
        this.f12725a.V("isUserAuthEnabled", true);
        this.f12731c = new com.mobileiron.acom.core.utils.i();
        if (StringUtils.isBlank(iVar.m("ipsecCertContent"))) {
            this.f12731c.U("authentication_type", "0");
        } else {
            this.f12731c.U("authentication_type", "1");
        }
        String m2 = iVar.m("pppAuthName");
        com.mobileiron.acom.core.utils.i iVar2 = this.f12731c;
        if (m2 == null) {
            m2 = "";
        }
        iVar2.U("username", m2);
        this.f12731c.U(HostAuth.PASSWORD, iVar.m("pppAuthPassword"));
        this.f12732d = new com.mobileiron.acom.core.utils.i();
        this.f12733e = new com.mobileiron.acom.core.utils.i();
        com.mobileiron.acom.core.utils.i iVar3 = new com.mobileiron.acom.core.utils.i();
        this.f12734f = iVar3;
        iVar3.U("connectionType", com.mobileiron.compliance.utils.d.n().j(iVar.m("ipsecOnDemandEnabled")) ? "ondemand" : "keepon");
        String m3 = iVar.m("vpnChaining");
        this.f12734f.U("chaining_enabled", "INNER".equals(m3) ? "1" : "OUTER".equals(m3) ? "0" : "-1");
        this.f12734f.U("uidpid_search_enabled", "0");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String o() {
        StringBuilder l0 = d.a.a.a.a.l0("{ \"KNOX_VPN_PARAMETERS\" : { \"profile_attribute\" : ");
        l0.append(this.f12725a.Z());
        l0.append(", \"");
        l0.append("vendor");
        l0.append("\" : ");
        d.a.a.a.a.d(l0, p(), ", \"", "knox", "\" : ");
        l0.append(this.f12734f.Z());
        l0.append(", \"");
        l0.append("ssl");
        l0.append("\" : { \"");
        l0.append("basic");
        l0.append("\" : ");
        l0.append(this.f12731c.Z());
        l0.append(", \"");
        l0.append("algorithms");
        l0.append("\" : ");
        l0.append(this.f12733e.Z());
        l0.append(" } } }");
        return l0.toString();
    }

    protected String p() {
        return this.f12732d.Z();
    }
}
