package com.mobileiron.acom.mdm.vpn.cisco;

import android.annotation.SuppressLint;
import android.content.Context;
import android.os.Handler;
import android.os.Looper;
import android.os.Message;
import android.os.RemoteException;
import android.util.Base64;
import com.cisco.anyconnect.vpn.android.service.ICertificateListener;
import com.cisco.anyconnect.vpn.android.service.IVpnCertificateList;
import com.cisco.anyconnect.vpn.android.service.IVpnConnectionList;
import com.cisco.anyconnect.vpn.android.service.IVpnService;
import com.cisco.anyconnect.vpn.android.service.ServiceConnectionCB;
import com.cisco.anyconnect.vpn.android.service.ServiceConnectionManager;
import com.cisco.anyconnect.vpn.android.service.VpnCertificate;
import com.cisco.anyconnect.vpn.android.service.VpnConnection;
import com.cisco.anyconnect.vpn.android.service.VpnConnectionValidationError;
import com.cisco.anyconnect.vpn.android.service.VpnServiceResult;
import com.cisco.anyconnect.vpn.jni.CertAuthMode;
import com.mobileiron.acom.core.android.AppsUtils;
import com.mobileiron.acom.core.utils.d;
import com.mobileiron.acom.core.utils.k;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;

/* loaded from: classes.dex */
public class CiscoConfigurator {

    /* renamed from: i, reason: collision with root package name */
    private static final Logger f11569i = k.a("CiscoConfigurator");
    private static final long j = TimeUnit.SECONDS.toMillis(10);
    private static final long k = TimeUnit.SECONDS.toMillis(10);
    private static final String[] l = {"com.cisco.anyconnect.vpn.android.avf", "com.cisco.anyconnect.vpn.android.samsung", "com.cisco.anyconnect.vpn.android.htc", "com.cisco.anyconnect.vpn.android.samsung43"};

    /* renamed from: a, reason: collision with root package name */
    private final b f11570a;

    /* renamed from: c, reason: collision with root package name */
    private ServiceConnectionManager f11572c;

    /* renamed from: e, reason: collision with root package name */
    private volatile IVpnCertificateList f11574e;

    /* renamed from: f, reason: collision with root package name */
    private volatile boolean f11575f;

    /* renamed from: g, reason: collision with root package name */
    private final d f11576g = new d();

    /* renamed from: h, reason: collision with root package name */
    private final d f11577h = new d();

    /* renamed from: b, reason: collision with root package name */
    private final a f11571b = new a();

    /* renamed from: d, reason: collision with root package name */
    private final c f11573d = new c();

    /* loaded from: classes.dex */
    public enum CiscoResultCode {
        SUCCESSFUL,
        TRANSIENT_ERROR,
        INVALID_CONFIG,
        FAILED
    }

    /* loaded from: classes.dex */
    public enum VpnAuthMethod {
        BASIC,
        CERTIFICATE
    }

    /* loaded from: classes.dex */
    private class a extends ICertificateListener.Stub {
        a() {
        }

        @Override // com.cisco.anyconnect.vpn.android.service.ICertificateListener
        public void e2(byte[] bArr, String str) throws RemoteException {
            CiscoConfigurator.f11569i.debug("ImportPKCS12CompleteCB: error = {}", str);
            CiscoConfigurator.this.f11574e = null;
            CiscoConfigurator.this.f11577h.a();
        }

        @Override // com.cisco.anyconnect.vpn.android.service.ICertificateListener
        public void e5(IVpnCertificateList iVpnCertificateList) throws RemoteException {
            if (iVpnCertificateList == null) {
                CiscoConfigurator.f11569i.debug("ClientCertificateCB: cList is null");
            } else {
                CiscoConfigurator.f11569i.debug("ClientCertificateCB: cList size = {}", Integer.valueOf(iVpnCertificateList.D5().size()));
            }
            CiscoConfigurator.this.f11574e = iVpnCertificateList;
            CiscoConfigurator.this.f11577h.a();
        }

        @Override // com.cisco.anyconnect.vpn.android.service.ICertificateListener
        public void j0() throws RemoteException {
        }

        @Override // com.cisco.anyconnect.vpn.android.service.ICertificateListener
        public void q1() throws RemoteException {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class b extends ServiceConnectionCB {
        b(Context context) {
            super(context);
        }

        @Override // com.cisco.anyconnect.vpn.android.service.ServiceConnectionCB
        public void c(IVpnService iVpnService) {
            CiscoConfigurator.f11569i.debug("CiscoConnectionCallbacks.OnServiceConnected called");
            try {
                if (iVpnService.u5(CiscoConfigurator.this.f11571b)) {
                    CiscoConfigurator.f11569i.info("OnServiceConnected: RegisterCertificateListener ok");
                } else {
                    CiscoConfigurator.f11569i.error("OnServiceConnected: RegisterCertificateListener failed");
                }
            } catch (RemoteException e2) {
                CiscoConfigurator.f11569i.error("OnServiceConnected: RegisterCertificateListener failed: {}", e2.toString());
            }
            CiscoConfigurator.this.f11575f = true;
            CiscoConfigurator.this.f11576g.a();
        }

        @Override // com.cisco.anyconnect.vpn.android.service.ServiceConnectionCB
        public void d() {
            CiscoConfigurator.f11569i.debug("CiscoConnectionCallbacks.OnServiceDisconnected called");
            CiscoConfigurator.this.f11575f = false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    @SuppressLint({"HandlerLeak"})
    /* loaded from: classes.dex */
    public class c extends Handler {
        c() {
            super(Looper.getMainLooper());
        }

        @Override // android.os.Handler
        public void handleMessage(Message message) {
            if (message.what == 0) {
                CiscoConfigurator.g(CiscoConfigurator.this);
            } else {
                CiscoConfigurator.f11569i.error("Unknown message sent to ConnectHandler");
            }
        }
    }

    public CiscoConfigurator(Context context) {
        this.f11570a = new b(context);
    }

    static void g(CiscoConfigurator ciscoConfigurator) {
        boolean z;
        if (ciscoConfigurator == null) {
            throw null;
        }
        try {
            ServiceConnectionManager serviceConnectionManager = new ServiceConnectionManager(ciscoConfigurator.f11570a);
            ciscoConfigurator.f11572c = serviceConnectionManager;
            synchronized (serviceConnectionManager) {
                z = serviceConnectionManager.a(false);
            }
        } catch (Exception e2) {
            f11569i.error("Cisco activation threw exception: {}", e2.toString());
            z = false;
        }
        if (z) {
            f11569i.debug("Cisco activation succeeded");
            return;
        }
        f11569i.debug("Cisco activation failed");
        ciscoConfigurator.f11575f = false;
        ciscoConfigurator.f11576g.a();
    }

    private VpnCertificate i(com.mobileiron.acom.mdm.vpn.cisco.a aVar) {
        try {
            IVpnService n = n();
            if (n == null) {
                f11569i.error("Could not get service to import cert");
                return null;
            }
            this.f11574e = null;
            this.f11577h.b();
            n.K();
            if (!this.f11577h.c(j)) {
                f11569i.debug("Timed out waiting for cert list");
            }
            IVpnCertificateList iVpnCertificateList = this.f11574e;
            if (iVpnCertificateList == null) {
                f11569i.error("installed certs list is null");
                return null;
            }
            for (VpnCertificate vpnCertificate : iVpnCertificateList.D5()) {
                if (Arrays.equals(vpnCertificate.a(), aVar.a())) {
                    f11569i.info("VPN cert is already installed");
                    return vpnCertificate;
                }
            }
            this.f11574e = null;
            this.f11577h.b();
            VpnServiceResult D0 = n.D0(aVar.b(), aVar.c());
            if (D0 != VpnServiceResult.SUCCESS) {
                f11569i.error("Error importing cert: " + D0);
                return null;
            }
            f11569i.debug("Waiting for cert import result...");
            if (!this.f11577h.c(j)) {
                f11569i.debug("Timed out waiting for cert install result");
                return null;
            }
            if (this.f11574e == null) {
                f11569i.debug("cert install failed");
                return null;
            }
            f11569i.debug("cert install successful");
            for (VpnCertificate vpnCertificate2 : iVpnCertificateList.D5()) {
                if (Arrays.equals(vpnCertificate2.a(), aVar.a())) {
                    return vpnCertificate2;
                }
            }
            f11569i.error("Successfully installed cert is not present in cert list");
            return null;
        } catch (RemoteException e2) {
            Logger logger = f11569i;
            StringBuilder l0 = d.a.a.a.a.l0("Exception while ensuring cert: ");
            l0.append(e2.toString());
            logger.error(l0.toString());
            return null;
        }
    }

    private IVpnConnectionList l() throws RemoteException {
        IVpnService n = n();
        if (n == null) {
            return null;
        }
        return n.E1();
    }

    private String m(com.mobileiron.acom.mdm.vpn.cisco.a aVar) {
        String e2 = aVar.e();
        String d2 = aVar.d();
        return !StringUtils.isEmpty(d2) ? d2.startsWith("/") ? d.a.a.a.a.O(e2, d2) : d.a.a.a.a.P(e2, "/", d2) : e2;
    }

    private IVpnService n() {
        boolean z = true;
        if (!this.f11575f) {
            int i2 = 0;
            while (true) {
                if (i2 >= 3) {
                    f11569i.error("Failed to connect to Cisco too many times. Giving up.");
                    z = false;
                    break;
                }
                i2++;
                f11569i.debug("Connecting to Cisco. Attempt #{}", Integer.valueOf(i2));
                this.f11576g.b();
                this.f11573d.sendEmptyMessage(0);
                f11569i.debug("Waiting for service connect result...");
                if (this.f11576g.c(k)) {
                    f11569i.debug("Connect result: {}", Boolean.valueOf(this.f11575f));
                    if (this.f11575f) {
                        break;
                    }
                } else {
                    f11569i.error("Timed out waiting for connection to Cisco");
                }
            }
        }
        if (!z) {
            f11569i.debug("Unable to establish connection to Cisco");
            return null;
        }
        try {
            IVpnService b2 = this.f11572c.b();
            if (b2 != null) {
                return b2;
            }
            f11569i.debug("Unable to get cisco service.");
            this.f11575f = false;
            return null;
        } catch (Exception e2) {
            f11569i.debug("Exception while attempting to get service: {}", e2.toString());
            this.f11575f = false;
            return null;
        }
    }

    public CiscoResultCode h(com.mobileiron.acom.mdm.vpn.cisco.a aVar) {
        CiscoResultCode ciscoResultCode = CiscoResultCode.INVALID_CONFIG;
        CiscoResultCode ciscoResultCode2 = CiscoResultCode.TRANSIENT_ERROR;
        String f2 = aVar.f();
        try {
            IVpnConnectionList l2 = l();
            if (l2 == null) {
                f11569i.debug("addVpn: connection list is null.");
                return ciscoResultCode2;
            }
            f11569i.debug("Got vpn connection list");
            VpnConnection vpnConnection = new VpnConnection();
            vpnConnection.s(f2);
            vpnConnection.t(f2);
            vpnConnection.p(m(aVar));
            if (aVar.g() != null && VpnAuthMethod.CERTIFICATE.equals(aVar.g())) {
                VpnCertificate i2 = i(aVar);
                if (i2 == null) {
                    f11569i.error("Failed to install/find vpn cert.");
                    return ciscoResultCode2;
                }
                String a2 = new com.cisco.anyconnect.common.b(i2.b().getSubjectDN()).a();
                if (a2 == null) {
                    f11569i.debug("Failed to find common name in installed vpn cert. Invalid config.");
                    return ciscoResultCode;
                }
                CertAuthMode certAuthMode = CertAuthMode.Manual;
                vpnConnection.l(CertAuthMode.Manual);
                vpnConnection.n(aVar.a());
                vpnConnection.m(a2);
            }
            int S5 = l2.S5(vpnConnection);
            if (S5 == VpnConnectionValidationError.None.a()) {
                f11569i.debug("added config '{}'", f2);
                return CiscoResultCode.SUCCESSFUL;
            }
            String str = "Undefined";
            if (S5 == VpnConnectionValidationError.DuplicateName.a()) {
                str = "DuplicateName";
            } else if (S5 == VpnConnectionValidationError.InvalidCertificate.a()) {
                str = "InvalidCertificate";
            } else if (S5 == VpnConnectionValidationError.InvalidHost.a()) {
                str = "InvalidHost";
            } else if (S5 == VpnConnectionValidationError.InvalidName.a()) {
                str = "InvalidName";
            } else if (S5 == VpnConnectionValidationError.InvalidState.a()) {
                str = "InvalidState";
            } else if (S5 == VpnConnectionValidationError.Unpopulated.a()) {
                str = "Unpopulated";
            } else if (S5 == VpnConnectionValidationError.Unknown.a()) {
                str = "Unknown";
            }
            f11569i.debug("addVpn error: {} ({})", str, Integer.valueOf(S5));
            return ciscoResultCode;
        } catch (RemoteException e2) {
            f11569i.debug("addVpn exception: {}", e2.toString());
            return CiscoResultCode.FAILED;
        }
    }

    public Set<String> j() {
        HashSet hashSet = new HashSet();
        for (String str : l) {
            hashSet.add(str);
        }
        return hashSet;
    }

    public String k() {
        for (String str : l) {
            if (AppsUtils.N(str)) {
                return str;
            }
        }
        return null;
    }

    public boolean o() {
        for (String str : l) {
            if (AppsUtils.N(str)) {
                return true;
            }
        }
        return false;
    }

    public boolean p(String str, Set<String> set) {
        try {
            IVpnConnectionList l2 = l();
            if (l2 == null) {
                f11569i.debug("removeVpn: connection list is null.");
                return false;
            }
            VpnConnection U2 = l2.U2(str);
            if (U2 == null) {
                f11569i.debug("removeVpn: config '{}' not found. Ignoring.", str);
                return true;
            }
            byte[] b2 = U2.b();
            if (b2 != null && !set.contains(Base64.encodeToString(b2, 2))) {
                IVpnService n = n();
                if (n != null) {
                    ArrayList arrayList = new ArrayList();
                    arrayList.add(com.mobileiron.acom.core.utils.b.a(b2));
                    if (n.t(0, arrayList)) {
                        f11569i.debug("removed cert for config '{}'", str);
                    } else {
                        f11569i.error("failed to remove cert for config '{}'", str);
                    }
                } else {
                    f11569i.error("Service is null; failed to remove cert for config '{}'", str);
                }
            }
            if (l2.z1(U2)) {
                f11569i.debug("removed config '{}'", str);
                return true;
            }
            f11569i.error("failed to remove config '{}'", str);
            return false;
        } catch (RemoteException e2) {
            f11569i.debug("removeVpn exception: {}", e2.toString());
            return false;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:12:0x002f  */
    /* JADX WARN: Removed duplicated region for block: B:9:0x0027  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public boolean q(com.mobileiron.acom.mdm.vpn.cisco.a r6) {
        /*
            r5 = this;
            java.lang.String r0 = r6.f()
            com.cisco.anyconnect.vpn.android.service.IVpnConnectionList r1 = r5.l()     // Catch: android.os.RemoteException -> L17
            if (r1 != 0) goto L12
            org.slf4j.Logger r0 = com.mobileiron.acom.mdm.vpn.cisco.CiscoConfigurator.f11569i     // Catch: android.os.RemoteException -> L17
            java.lang.String r1 = "getVpnConnectionForConfig: connection list is null."
            r0.info(r1)     // Catch: android.os.RemoteException -> L17
            goto L23
        L12:
            com.cisco.anyconnect.vpn.android.service.VpnConnection r0 = r1.U2(r0)     // Catch: android.os.RemoteException -> L17
            goto L24
        L17:
            r0 = move-exception
            org.slf4j.Logger r1 = com.mobileiron.acom.mdm.vpn.cisco.CiscoConfigurator.f11569i
            java.lang.String r0 = r0.toString()
            java.lang.String r2 = "getVpnConnectionForConfig: exception: {}"
            r1.error(r2, r0)
        L23:
            r0 = 0
        L24:
            r1 = 0
            if (r0 != 0) goto L2f
            org.slf4j.Logger r6 = com.mobileiron.acom.mdm.vpn.cisco.CiscoConfigurator.f11569i
            java.lang.String r0 = "isCompliant?  no - name not found"
            r6.info(r0)
            return r1
        L2f:
            java.lang.String r2 = r0.d()
            java.lang.String r3 = r5.m(r6)
            boolean r4 = android.support.v4.media.session.MediaSessionCompat.a(r2, r3)
            if (r4 != 0) goto L45
            org.slf4j.Logger r6 = com.mobileiron.acom.mdm.vpn.cisco.CiscoConfigurator.f11569i
            java.lang.String r0 = "isCompliant?  no - server changed: haveServer: {}, wantServer: {}"
            r6.info(r0, r2, r3)
            return r1
        L45:
            byte[] r0 = r0.b()
            byte[] r6 = r6.a()
            r2 = 1
            if (r6 != 0) goto L5b
            if (r0 != 0) goto L53
            return r2
        L53:
            org.slf4j.Logger r6 = com.mobileiron.acom.mdm.vpn.cisco.CiscoConfigurator.f11569i
            java.lang.String r0 = "isCompliant?  no - cert has been removed"
            r6.info(r0)
            return r1
        L5b:
            if (r0 == 0) goto L70
            int r3 = r0.length
            if (r3 != 0) goto L61
            goto L70
        L61:
            boolean r6 = java.util.Arrays.equals(r0, r6)
            if (r6 == 0) goto L68
            return r2
        L68:
            org.slf4j.Logger r6 = com.mobileiron.acom.mdm.vpn.cisco.CiscoConfigurator.f11569i
            java.lang.String r0 = "isCompliant?  no - cert has been changed"
            r6.info(r0)
            return r1
        L70:
            org.slf4j.Logger r6 = com.mobileiron.acom.mdm.vpn.cisco.CiscoConfigurator.f11569i
            java.lang.String r0 = "isCompliant?  no - cert has been added"
            r6.info(r0)
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: com.mobileiron.acom.mdm.vpn.cisco.CiscoConfigurator.q(com.mobileiron.acom.mdm.vpn.cisco.a):boolean");
    }
}
