package com.nmwco.mobility.client;

import android.app.Service;
import android.content.Intent;
import android.os.Bundle;
import android.os.IBinder;
import android.os.RemoteException;
import com.nmwco.mobility.client.configuration.LocalKeyStore;
import com.nmwco.mobility.client.gen.NmStatus;
import com.nmwco.mobility.client.nativecode.Rpc;
import com.nmwco.mobility.client.profile.InvalidProfileException;
import com.nmwco.mobility.client.profile.Profile;
import com.nmwco.mobility.client.profile.ProfileManager;
import com.nmwco.mobility.client.profile.ProfileStore;
import com.nmwco.mobility.client.profile.ProfileType;
import com.nmwco.mobility.client.profile.managed.ManagedProfile;
import com.nmwco.mobility.client.sdk.profile.ManagedCertificateInfo;
import com.nmwco.mobility.client.sdk.service.IMobilityVpnService;
import com.nmwco.mobility.client.sdk.service.MobilityStatus;
import com.nmwco.mobility.client.sdk.service.MobilityUUID;
import com.nmwco.mobility.client.sdk.state.MobilityState;
import com.nmwco.mobility.client.sdk.state.MobilityStateUpdateReceiver;
import com.nmwco.mobility.client.ui.DeviceConnectState;
import com.nmwco.mobility.client.ui.status.StatusResult;
import com.nmwco.mobility.client.ui.status.StatusResultReceiver;
import com.nmwco.mobility.client.util.CertificateAlias;
import com.nmwco.mobility.client.util.CertificateHelper;
import com.nmwco.mobility.client.util.CertificateStoreEntry;
import com.nmwco.mobility.client.util.TrustedCertificateStore;
import com.nmwco.mobility.client.util.UserCertificateStore;
import com.nmwco.mobility.client.vnic.NmVpnServiceStandard;
import java.io.ByteArrayInputStream;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes.dex */
public class MobilityVpnService extends Service {
    private StatusResultReceiver mReceiver;
    private HashSet<String> mStatusReceivers;
    private DeviceConnectState mPreviousState = Rpc.getConnectionState();
    private final IMobilityVpnService.Stub mBinder = new IMobilityVpnService.Stub() { // from class: com.nmwco.mobility.client.MobilityVpnService.2
        private boolean isCallerAuthorized() throws SecurityException {
            return TrustedApplications.isCallerTrusted(getCallingUid());
        }

        @Override // com.nmwco.mobility.client.sdk.service.IMobilityVpnService
        public MobilityStatus createConfiguration(Bundle bundle, MobilityUUID mobilityUUID) throws RemoteException {
            MobilityStatus mobilityStatus = MobilityStatus.ERROR;
            try {
                if (!isCallerAuthorized()) {
                    return MobilityStatus.ERROR_PERMISSION_DENIED;
                }
                ManagedProfile managedProfile = new ManagedProfile(bundle);
                if (!NmStatus.NM_SUCCEEDED(ProfileManager.getInstance().updateProfile(managedProfile))) {
                    return mobilityStatus;
                }
                if (mobilityUUID != null) {
                    mobilityUUID.setUuid(managedProfile.getUUID());
                }
                return MobilityStatus.SUCCESS;
            } catch (InvalidProfileException unused) {
                return mobilityStatus;
            } catch (Exception e) {
                throw new RemoteException(e.getMessage());
            }
        }

        @Override // com.nmwco.mobility.client.sdk.service.IMobilityVpnService
        public List<MobilityUUID> getAllConfigurations() throws RemoteException {
            ArrayList arrayList = new ArrayList();
            try {
                if (isCallerAuthorized()) {
                    for (Profile profile : ProfileManager.getInstance().getAllProfiles()) {
                        if (profile.getProfileType() != ProfileType.KNOX) {
                            arrayList.add(new MobilityUUID(profile.getUUID()));
                        }
                    }
                }
                return arrayList;
            } catch (Exception e) {
                throw new RemoteException(e.getMessage());
            }
        }

        @Override // com.nmwco.mobility.client.sdk.service.IMobilityVpnService
        public MobilityStatus getCACertificate(MobilityUUID mobilityUUID, ManagedCertificateInfo managedCertificateInfo) throws RemoteException {
            MobilityStatus mobilityStatus;
            MobilityStatus mobilityStatus2 = MobilityStatus.ERROR;
            try {
                if (!isCallerAuthorized()) {
                    return mobilityStatus2;
                }
                if (managedCertificateInfo == null) {
                    return MobilityStatus.ERROR_INVALID_ARGUMENT;
                }
                Profile profile = ProfileManager.getInstance().getProfile(mobilityUUID.getUuid());
                if (profile == null || profile.getProfileType() == ProfileType.KNOX) {
                    return mobilityStatus2;
                }
                CertificateAlias trustedCertificate = profile.getTrustedCertificate();
                if (trustedCertificate == null || !trustedCertificate.isValid()) {
                    mobilityStatus = MobilityStatus.ERROR_NO_SUCH_ENTRY;
                } else {
                    X509Certificate certificate = TrustedCertificateStore.getCertificate(trustedCertificate);
                    if (certificate != null) {
                        CertificateStoreEntry certificateStoreEntry = new CertificateStoreEntry(certificate);
                        managedCertificateInfo.setCertificateInfo(certificate, certificateStoreEntry.getKey().getAlias(), certificateStoreEntry.getUsername(), certificateStoreEntry.getSubjectName(), Boolean.FALSE.booleanValue());
                        mobilityStatus = MobilityStatus.SUCCESS;
                    } else {
                        mobilityStatus = MobilityStatus.ERROR_NO_SUCH_ENTRY;
                    }
                }
                return mobilityStatus;
            } catch (Exception e) {
                throw new RemoteException(e.getMessage());
            }
        }

        @Override // com.nmwco.mobility.client.sdk.service.IMobilityVpnService
        public Bundle getConfiguration(MobilityUUID mobilityUUID) throws RemoteException {
            Profile profile;
            try {
                if (!isCallerAuthorized() || mobilityUUID == null || (profile = ProfileManager.getInstance().getProfile(mobilityUUID.getUuid())) == null || profile.getProfileType() == ProfileType.KNOX) {
                    return null;
                }
                return ManagedProfile.getPropertyBundle(profile);
            } catch (Exception e) {
                throw new RemoteException(e.getMessage());
            }
        }

        @Override // com.nmwco.mobility.client.sdk.service.IMobilityVpnService
        public Bundle getState(Bundle bundle) throws RemoteException {
            Profile activeProfile;
            try {
                if (!isCallerAuthorized() || (activeProfile = ProfileManager.getInstance().getActiveProfile()) == null) {
                    return null;
                }
                Bundle bundle2 = new Bundle();
                MobilityState.ConnectionState fromState = MobilityState.ConnectionState.fromState(MobilityVpnService.this.mPreviousState.getState());
                bundle2.putString(MobilityState.PROFILE_NAME, activeProfile.getName());
                bundle2.putSerializable(MobilityState.PROFILE_UUID, activeProfile.getUUID());
                bundle2.putSerializable("State", fromState);
                return bundle2;
            } catch (Exception e) {
                throw new RemoteException(e.getMessage());
            }
        }

        @Override // com.nmwco.mobility.client.sdk.service.IMobilityVpnService
        public MobilityStatus getUserCertificate(MobilityUUID mobilityUUID, ManagedCertificateInfo managedCertificateInfo) throws RemoteException {
            try {
                if (!isCallerAuthorized()) {
                    return MobilityStatus.ERROR_PERMISSION_DENIED;
                }
                if (managedCertificateInfo == null) {
                    return MobilityStatus.ERROR_INVALID_ARGUMENT;
                }
                Profile profile = ProfileManager.getInstance().getProfile(mobilityUUID.getUuid());
                if (profile == null || profile.getProfileType() == ProfileType.KNOX) {
                    return MobilityStatus.ERROR_INVALID_ARGUMENT;
                }
                CertificateAlias certificateKey = profile.getCertificateKey();
                if (certificateKey == null || !certificateKey.isValid()) {
                    return MobilityStatus.ERROR_NO_SUCH_ENTRY;
                }
                X509Certificate certificate = UserCertificateStore.getCertificate(new CertificateStoreEntry(certificateKey.getAlias(), CertificateStoreEntry.KeyType.LOCAL_KEY));
                if (certificate == null) {
                    return MobilityStatus.ERROR_NO_SUCH_ENTRY;
                }
                managedCertificateInfo.setCertificateInfo(certificate, certificateKey.getAlias(), CertificateHelper.getUsername(certificate), CertificateHelper.getSubjectName(certificate), Boolean.TRUE.booleanValue());
                return MobilityStatus.SUCCESS;
            } catch (Exception e) {
                throw new RemoteException(e.getMessage());
            }
        }

        @Override // com.nmwco.mobility.client.sdk.service.IMobilityVpnService
        public MobilityStatus removeConfiguration(MobilityUUID mobilityUUID) throws RemoteException {
            Profile profile;
            MobilityStatus mobilityStatus = MobilityStatus.ERROR;
            try {
                return (!isCallerAuthorized() || (profile = ProfileManager.getInstance().getProfile(mobilityUUID.getUuid())) == null || profile.getProfileType() == ProfileType.KNOX || !NmStatus.NM_SUCCEEDED(ProfileManager.getInstance().deleteProfile(profile))) ? mobilityStatus : MobilityStatus.SUCCESS;
            } catch (Exception e) {
                throw new RemoteException(e.getMessage());
            }
        }

        @Override // com.nmwco.mobility.client.sdk.service.IMobilityVpnService
        public MobilityStatus setCACertificate(MobilityUUID mobilityUUID, byte[] bArr) throws RemoteException {
            MobilityStatus mobilityStatus = MobilityStatus.ERROR;
            try {
                if (!isCallerAuthorized()) {
                    return MobilityStatus.ERROR_PERMISSION_DENIED;
                }
                Profile profile = ProfileManager.getInstance().getProfile(mobilityUUID.getUuid());
                if (profile == null || profile.getProfileType() == ProfileType.KNOX) {
                    return mobilityStatus;
                }
                if (bArr != null && bArr.length > 0) {
                    CertificateStoreEntry installCertificate = TrustedCertificateStore.installCertificate(new ByteArrayInputStream(bArr), CertificateStoreEntry.READONLY.booleanValue());
                    if (installCertificate != null) {
                        profile.setTrustedCertificate(installCertificate.getKey());
                        mobilityStatus = MobilityStatus.SUCCESS;
                    }
                } else if (LocalKeyStore.deleteCertificateEntry(profile.getTrustedCertificate()).booleanValue()) {
                    profile.setTrustedCertificate(null);
                    mobilityStatus = MobilityStatus.SUCCESS;
                }
                if (mobilityStatus != MobilityStatus.SUCCESS) {
                    return mobilityStatus;
                }
                ProfileManager.getInstance().saveProfile(profile);
                return mobilityStatus;
            } catch (KeyStoreException e) {
                return e.getCause() instanceof NoSuchAlgorithmException ? MobilityStatus.ERROR_NOT_SUPPORTED : mobilityStatus;
            } catch (Exception e2) {
                throw new RemoteException(e2.getMessage());
            }
        }

        @Override // com.nmwco.mobility.client.sdk.service.IMobilityVpnService
        public MobilityStatus setStateChangeNotifierEnabled(boolean z, String str) throws RemoteException {
            try {
                if (!isCallerAuthorized()) {
                    return MobilityStatus.ERROR_PERMISSION_DENIED;
                }
                synchronized (MobilityVpnService.this) {
                    if (z) {
                        MobilityVpnService.this.mStatusReceivers.add(str);
                    } else {
                        MobilityVpnService.this.mStatusReceivers.remove(str);
                    }
                }
                return MobilityStatus.SUCCESS;
            } catch (Exception e) {
                throw new RemoteException(e.getMessage());
            }
        }

        @Override // com.nmwco.mobility.client.sdk.service.IMobilityVpnService
        public MobilityStatus setUserCertificate(MobilityUUID mobilityUUID, byte[] bArr, String str) throws RemoteException {
            MobilityStatus mobilityStatus = MobilityStatus.ERROR;
            try {
                if (!isCallerAuthorized()) {
                    return mobilityStatus;
                }
                Profile profile = ProfileManager.getInstance().getProfile(mobilityUUID.getUuid());
                if (profile == null || profile.getProfileType() == ProfileType.KNOX) {
                    return MobilityStatus.ERROR_PERMISSION_DENIED;
                }
                if (bArr == null || bArr.length <= 0) {
                    CertificateAlias certificateKey = profile.getCertificateKey();
                    if (certificateKey.isValid() && UserCertificateStore.deleteCertificate(new CertificateStoreEntry(certificateKey.getAlias()))) {
                        mobilityStatus = MobilityStatus.SUCCESS;
                    }
                    profile.setCertificateKey(null);
                } else {
                    CertificateStoreEntry installCertificate = UserCertificateStore.installCertificate(new ByteArrayInputStream(bArr), str, CertificateStoreEntry.READONLY.booleanValue());
                    if (installCertificate != null) {
                        mobilityStatus = MobilityStatus.SUCCESS;
                    }
                    profile.setCertificateKey(installCertificate != null ? installCertificate.getKey() : null);
                }
                ProfileManager.getInstance().saveProfile(profile);
                ProfileStore profileStoreForUUID = ProfileStore.getProfileStoreForUUID(mobilityUUID.getUuid());
                if (profileStoreForUUID == null) {
                    return mobilityStatus;
                }
                profileStoreForUUID.setCredTypeToCertificate(profile);
                return mobilityStatus;
            } catch (KeyStoreException e) {
                return e.getCause() instanceof NoSuchAlgorithmException ? MobilityStatus.ERROR_NOT_SUPPORTED : mobilityStatus;
            } catch (Exception e2) {
                throw new RemoteException(e2.getMessage());
            }
        }

        @Override // com.nmwco.mobility.client.sdk.service.IMobilityVpnService
        public MobilityStatus startConnection(MobilityUUID mobilityUUID) throws RemoteException {
            Profile profile;
            MobilityStatus mobilityStatus = MobilityStatus.ERROR;
            try {
                if (!isCallerAuthorized()) {
                    return MobilityStatus.ERROR_PERMISSION_DENIED;
                }
                ProfileManager profileManager = ProfileManager.getInstance();
                if (profileManager == null || (profile = profileManager.getProfile(mobilityUUID.getUuid())) == null || profile.getProfileType() == ProfileType.KNOX || NmVpn.isVpnStarted()) {
                    return mobilityStatus;
                }
                profileManager.setActiveProfile(profile);
                profileManager.profileChanged(profile);
                return NmStatus.NM_SUCCEEDED(NmVpnServiceStandard.connect(MobilityVpnService.this)) ? MobilityStatus.ERROR_IN_PROGRESS : mobilityStatus;
            } catch (Exception e) {
                throw new RemoteException(e.getMessage());
            }
        }

        @Override // com.nmwco.mobility.client.sdk.service.IMobilityVpnService
        public MobilityStatus stopConnection(MobilityUUID mobilityUUID) throws RemoteException {
            Profile profile;
            MobilityStatus mobilityStatus = MobilityStatus.ERROR;
            try {
                if (!isCallerAuthorized()) {
                    return MobilityStatus.ERROR_PERMISSION_DENIED;
                }
                ProfileManager profileManager = ProfileManager.getInstance();
                if (profileManager == null || (profile = profileManager.getProfile(mobilityUUID.getUuid())) == null || profile.getProfileType() == ProfileType.KNOX || !profileManager.getActiveProfile().equals(profile)) {
                    return mobilityStatus;
                }
                if (NmVpn.isVpnStarted()) {
                    NmVpnServiceStandard.disconnect(50);
                }
                return MobilityStatus.ERROR_IN_PROGRESS;
            } catch (Exception e) {
                throw new RemoteException(e.getMessage());
            }
        }
    };

    @Override // android.app.Service
    public IBinder onBind(Intent intent) {
        return this.mBinder;
    }

    @Override // android.app.Service
    public void onCreate() {
        super.onCreate();
        this.mStatusReceivers = new HashSet<>();
        this.mReceiver = new StatusResultReceiver(SharedApplication.getSharedApplicationContext(), new StatusResultReceiver.StatusResultAdapter() { // from class: com.nmwco.mobility.client.MobilityVpnService.1
            @Override // com.nmwco.mobility.client.ui.status.StatusResultReceiver.StatusResultAdapter, com.nmwco.mobility.client.ui.status.StatusResultReceiver.StatusResultListener
            public void onStateChange(StatusResult statusResult) {
                DeviceConnectState deviceConnectedState = statusResult.getDeviceConnectedState();
                Bundle bundle = new Bundle();
                Profile activeProfile = ProfileManager.getInstance().getActiveProfile();
                if (activeProfile != null) {
                    bundle.putString(MobilityState.PROFILE_NAME, activeProfile.getName());
                    bundle.putSerializable(MobilityState.PROFILE_UUID, activeProfile.getUUID());
                    bundle.putSerializable("State", MobilityState.ConnectionState.fromState(deviceConnectedState.getState()));
                    bundle.putSerializable(MobilityState.OLD_STATE, MobilityState.ConnectionState.fromState(MobilityVpnService.this.mPreviousState.getState()));
                    synchronized (MobilityVpnService.this) {
                        Iterator it = MobilityVpnService.this.mStatusReceivers.iterator();
                        while (it.hasNext()) {
                            String str = (String) it.next();
                            Intent intent = new Intent();
                            intent.setAction(MobilityStateUpdateReceiver.MOBILITY_INTENT_FILTER);
                            intent.setPackage(str);
                            intent.putExtras(bundle);
                            MobilityVpnService.this.sendBroadcast(intent);
                        }
                    }
                }
                MobilityVpnService.this.mPreviousState = deviceConnectedState;
            }
        });
    }

    @Override // android.app.Service
    public void onDestroy() {
        StatusResultReceiver statusResultReceiver = this.mReceiver;
        if (statusResultReceiver != null) {
            statusResultReceiver.unregisterReceiver();
        }
        super.onDestroy();
    }
}
