package com.nmwco.mobility.client.vnic.knox;

import android.app.enterprise.CertificateInfo;
import android.content.Intent;
import android.os.IBinder;
import com.nmwco.mobility.client.NmVpn;
import com.nmwco.mobility.client.R;
import com.nmwco.mobility.client.gen.EventCategories;
import com.nmwco.mobility.client.gen.Messages;
import com.nmwco.mobility.client.gen.NmStatus;
import com.nmwco.mobility.client.logging.Log;
import com.nmwco.mobility.client.nativecode.Rpc;
import com.nmwco.mobility.client.profile.InvalidProfileException;
import com.nmwco.mobility.client.profile.Profile;
import com.nmwco.mobility.client.profile.ProfileManager;
import com.nmwco.mobility.client.profile.ProfileSetting;
import com.nmwco.mobility.client.profile.ProfileState;
import com.nmwco.mobility.client.profile.ProfileStore;
import com.nmwco.mobility.client.profile.ProfileStoreFactory;
import com.nmwco.mobility.client.profile.ProfileType;
import com.nmwco.mobility.client.profile.knox.KnoxProfile;
import com.nmwco.mobility.client.util.CertificateAlias;
import com.nmwco.mobility.client.util.CertificateStoreEntry;
import com.nmwco.mobility.client.util.StringUtil;
import com.nmwco.mobility.client.util.TrustedCertificateStore;
import com.nmwco.mobility.client.util.UserCertificateStore;
import com.nmwco.mobility.client.vnic.NmVpnServiceStandard;
import com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService;
import java.io.ByteArrayInputStream;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.UUID;

/* loaded from: classes.dex */
public class NmVpnServiceKnox extends NmVpnServiceStandard {
    private final Object mStartStopLock = new Object();
    private final IKnoxVpnService.Stub mBinder = new IKnoxVpnService.Stub() { // from class: com.nmwco.mobility.client.vnic.knox.NmVpnServiceKnox.1
        private final int KNOX_STAT_SUCCESS = 0;
        private final int KNOX_STAT_INVALID = 1;
        private final int KNOX_STAT_ERROR = -1;

        private boolean isCallPermitted() {
            return getCallingUid() == 1000;
        }

        private void setServiceInvocationError(String str, Messages messages, Object... objArr) {
            KnoxProfile knoxProfile = (KnoxProfile) ProfileManager.getInstance().getProfile(ProfileType.KNOX, str);
            if (knoxProfile != null) {
                knoxProfile.setState(ProfileState.ERROR_MSG, messages.get(objArr));
                Log.w(EventCategories.EV_SRC_NOMAD_NMVNIC, messages, objArr);
            }
        }

        private void setUnsupportedMethodError(String str, String str2) {
            KnoxProfile knoxProfile = (KnoxProfile) ProfileManager.getInstance().getProfile(ProfileType.KNOX, str);
            if (knoxProfile != null) {
                knoxProfile.setState(ProfileState.ERROR_MSG, StringUtil.getResourceString(R.string.knox_error_interface_unsupported, str2));
            }
            Log.w(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_ERROR_UNSUPPORTED_METHOD, str2, str);
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public int createConnection(String str) {
            int i = Integer.MIN_VALUE;
            if (isCallPermitted()) {
                try {
                    KnoxProfile knoxProfile = new KnoxProfile(UUID.randomUUID(), str);
                    if (knoxProfile.isValid()) {
                        i = ProfileManager.getInstance().saveProfile(knoxProfile);
                    } else {
                        Log.w(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_ERROR_CREATE_PROFILE, knoxProfile.getName(), StringUtil.getResourceString(R.string.knox_reason_server_not_specified, new Object[0]));
                    }
                } catch (InvalidProfileException e) {
                    Log.d(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_ERROR_CREATE_PROFILE, "<unknown>", e.getMessage());
                }
            }
            int i2 = NmStatus.NM_SUCCEEDED(i) ? 0 : -1;
            Log.d(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_CREATE_CONNECTION, Integer.valueOf(i2), KnoxProfile.obscurePasswordInJsonString(str));
            return i2;
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public List<String> getAllConnections() {
            if (!isCallPermitted()) {
                return null;
            }
            ArrayList arrayList = new ArrayList();
            Set<Profile> profiles = ProfileManager.getInstance().getProfiles(ProfileType.KNOX);
            Log.d(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_GET_ALL_CONNECTIONS, Integer.valueOf(profiles.size()));
            Iterator<Profile> it = profiles.iterator();
            int i = 0;
            while (it.hasNext()) {
                String str = (String) it.next().getProperty(ProfileSetting.JSON);
                arrayList.add(str);
                i++;
                Log.d(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_GET_ALL_CONNECTIONS_INSTANCE, Integer.valueOf(i), str);
            }
            return arrayList;
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public CertificateInfo getCACertificate(String str) {
            X509Certificate certificate;
            try {
                KnoxProfile knoxProfile = (KnoxProfile) ProfileManager.getInstance().getProfile(ProfileType.KNOX, str);
                if (knoxProfile == null) {
                    setServiceInvocationError(str, Messages.EV_KNOX_ERROR_CALL_GET_CERTIFICATE, StringUtil.getResourceString(R.string.knox_reason_does_not_exist, new Object[0]));
                    return null;
                }
                if (!isCallPermitted()) {
                    setServiceInvocationError(str, Messages.EV_KNOX_ERROR_CALL_GET_CERTIFICATE, StringUtil.getResourceString(R.string.knox_reason_not_permitted, new Object[0]));
                    return null;
                }
                knoxProfile.clearState(ProfileState.ERROR_MSG);
                CertificateAlias trustedCertificate = knoxProfile.getTrustedCertificate();
                if (trustedCertificate.isValid() && (certificate = TrustedCertificateStore.getCertificate(trustedCertificate)) != null) {
                    return new CertificateInfo(certificate);
                }
                setServiceInvocationError(str, Messages.EV_KNOX_ERROR_CALL_GET_CERTIFICATE, StringUtil.getResourceString(R.string.knox_reason_unknown_reason, new Object[0]));
                return null;
            } catch (Exception e) {
                setServiceInvocationError(str, Messages.EV_KNOX_ERROR_CALL_GET_CERTIFICATE, e.getMessage());
                return null;
            }
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public String getConnection(String str) {
            KnoxProfile knoxProfile;
            String str2 = (!isCallPermitted() || (knoxProfile = (KnoxProfile) ProfileManager.getInstance().getProfile(ProfileType.KNOX, str)) == null) ? null : (String) knoxProfile.getProperty(ProfileSetting.JSON);
            Log.d(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_GET_CONNECTION, str, str2);
            return str2;
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public String getErrorString(String str) {
            String str2;
            KnoxProfile knoxProfile;
            if (!isCallPermitted() || (knoxProfile = (KnoxProfile) ProfileManager.getInstance().getProfile(ProfileType.KNOX, str)) == null) {
                str2 = null;
            } else {
                str2 = knoxProfile.getState(ProfileState.ERROR_MSG);
                if (str2 == null || str2.isEmpty()) {
                    str2 = StringUtil.getResourceString(R.string.knox_error_not_set, new Object[0]);
                }
            }
            Log.d(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_GET_ERROR_STRING, str, str2);
            return str2;
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public int getState(String str) {
            KnoxState knoxState = KnoxState.KNOX_DELETED;
            if (isCallPermitted()) {
                Profile profile = ProfileManager.getInstance().getProfile(ProfileType.KNOX, str);
                if (profile == null) {
                    knoxState = KnoxState.KNOX_DELETED;
                } else {
                    KnoxState knoxState2 = KnoxState.KNOX_IDLE;
                    if (ProfileManager.getInstance().isActiveProfile(profile)) {
                        knoxState = !NmVpn.isVpnStopped() ? KnoxState.fromDeviceConnectedState(Rpc.getConnectionState()) : knoxState2;
                        if (knoxState == KnoxState.KNOX_IDLE && Framework.isKnoxVpnStarted()) {
                            knoxState = KnoxState.KNOX_CONNECTING;
                        }
                    } else {
                        knoxState = knoxState2;
                    }
                }
            }
            Log.d(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_GET_STATE, str, Integer.valueOf(knoxState.getState()));
            return knoxState.getState();
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public CertificateInfo getUserCertificate(String str) {
            X509Certificate certificate;
            try {
                KnoxProfile knoxProfile = (KnoxProfile) ProfileManager.getInstance().getProfile(ProfileType.KNOX, str);
                if (knoxProfile == null) {
                    return null;
                }
                knoxProfile.clearState(ProfileState.ERROR_MSG);
                if (!isCallPermitted()) {
                    setServiceInvocationError(str, Messages.EV_KNOX_ERROR_CALL_GET_CERTIFICATE, StringUtil.getResourceString(R.string.knox_reason_not_permitted, new Object[0]));
                    return null;
                }
                CertificateAlias certificateKey = knoxProfile.getCertificateKey();
                if (certificateKey.isValid() && (certificate = UserCertificateStore.getCertificate(new CertificateStoreEntry(certificateKey.getAlias()))) != null) {
                    return new CertificateInfo(certificate);
                }
                setServiceInvocationError(str, Messages.EV_KNOX_ERROR_CALL_GET_CERTIFICATE, StringUtil.getResourceString(R.string.knox_reason_unknown_reason, new Object[0]));
                return null;
            } catch (Exception e) {
                setServiceInvocationError(str, Messages.EV_KNOX_ERROR_CALL_GET_CERTIFICATE, e.getMessage());
                return null;
            }
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public int getVpnModeOfOperation(String str) {
            if (!isCallPermitted()) {
                return -1;
            }
            setUnsupportedMethodError(str, "getVpnModeOfOperation()");
            return -1;
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public int removeConnection(String str) {
            Profile profile;
            int i = -1;
            if (isCallPermitted() && ((profile = ProfileManager.getInstance().getProfile(ProfileType.KNOX, str)) == null || NmStatus.NM_SUCCEEDED(ProfileManager.getInstance().deleteProfile(profile)))) {
                i = 0;
            }
            Log.d(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_REMOVE_CONNECTION, str, Integer.valueOf(i));
            return i;
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public boolean setAutoRetryOnConnectionError(String str, boolean z) {
            if (!isCallPermitted()) {
                return false;
            }
            setUnsupportedMethodError(str, "setAutoRetryOnConnectionError()");
            return false;
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public boolean setCACertificate(String str, byte[] bArr) {
            try {
                KnoxProfile knoxProfile = (KnoxProfile) ProfileManager.getInstance().getProfile(ProfileType.KNOX, str);
                if (knoxProfile != null) {
                    knoxProfile.clearState(ProfileState.ERROR_MSG);
                    if (isCallPermitted()) {
                        CertificateStoreEntry installCertificate = TrustedCertificateStore.installCertificate(new ByteArrayInputStream(bArr), CertificateStoreEntry.READONLY.booleanValue());
                        if (installCertificate != null) {
                            knoxProfile.setTrustedCertificate(installCertificate.getKey());
                            ProfileManager.getInstance().saveProfile(knoxProfile);
                            return true;
                        }
                        setServiceInvocationError(str, Messages.EV_KNOX_ERROR_CALL_SET_CERTIFICATE, StringUtil.getResourceString(R.string.knox_reason_unknown_reason, new Object[0]));
                    } else {
                        setServiceInvocationError(str, Messages.EV_KNOX_ERROR_CALL_SET_CERTIFICATE, StringUtil.getResourceString(R.string.knox_reason_not_permitted, new Object[0]));
                    }
                } else {
                    setServiceInvocationError(str, Messages.EV_KNOX_ERROR_CALL_SET_CERTIFICATE, StringUtil.getResourceString(R.string.knox_reason_does_not_exist, new Object[0]));
                }
            } catch (Exception e) {
                setServiceInvocationError(str, Messages.EV_KNOX_ERROR_CALL_SET_CERTIFICATE, e.getMessage());
            }
            return false;
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public boolean setServerCertValidationUserAcceptanceCriteria(String str, boolean z, List<String> list, int i) {
            if (!isCallPermitted()) {
                return false;
            }
            setUnsupportedMethodError(str, "setServerCertValidationUserAcceptanceCriteria()");
            return false;
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public boolean setUserCertificate(String str, byte[] bArr, String str2) {
            try {
                KnoxProfile knoxProfile = (KnoxProfile) ProfileManager.getInstance().getProfile(ProfileType.KNOX, str);
                if (knoxProfile != null) {
                    knoxProfile.clearState(ProfileState.ERROR_MSG);
                    if (isCallPermitted()) {
                        CertificateStoreEntry installCertificate = UserCertificateStore.installCertificate(new ByteArrayInputStream(bArr), str2, CertificateStoreEntry.READONLY.booleanValue());
                        if (installCertificate != null) {
                            ProfileStore profileStore = ProfileStoreFactory.getProfileStore(ProfileType.KNOX);
                            if (profileStore != null) {
                                knoxProfile.setCertificateKey(installCertificate.getKey());
                                ProfileManager.getInstance().saveProfile(knoxProfile);
                                profileStore.setCredTypeToCertificate(knoxProfile);
                            }
                            return true;
                        }
                        setServiceInvocationError(str, Messages.EV_KNOX_ERROR_CALL_SET_CERTIFICATE, StringUtil.getResourceString(R.string.knox_reason_unknown_reason, new Object[0]));
                    } else {
                        setServiceInvocationError(str, Messages.EV_KNOX_ERROR_CALL_SET_CERTIFICATE, StringUtil.getResourceString(R.string.knox_reason_not_permitted, new Object[0]));
                    }
                }
            } catch (Exception e) {
                setServiceInvocationError(str, Messages.EV_KNOX_ERROR_CALL_SET_CERTIFICATE, e.getMessage());
            }
            return false;
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public int setVpnModeOfOperation(String str, int i) {
            if (!isCallPermitted()) {
                return -1;
            }
            setUnsupportedMethodError(str, "setVpnModeOfOperation()");
            return -1;
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public int startConnection(String str) {
            int i = -1;
            if (isCallPermitted()) {
                synchronized (NmVpnServiceKnox.this.mStartStopLock) {
                    KnoxProfile knoxProfile = (KnoxProfile) ProfileManager.getInstance().getProfile(ProfileType.KNOX, str);
                    if (knoxProfile == null) {
                        Log.w(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_ERROR_START_PROFILE, str, StringUtil.getResourceString(R.string.knox_reason_does_not_exist, new Object[0]));
                        i = 1;
                    } else if (NmVpn.isVpnStarted()) {
                        if (!ProfileManager.getInstance().isActiveProfile(knoxProfile)) {
                            knoxProfile.setState(ProfileState.ERROR_MSG, StringUtil.getResourceString(R.string.knox_error_profile_already_active, knoxProfile.getName(), ProfileManager.getInstance().getActiveProfile().getName()));
                            Log.w(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_ERROR_START_PROFILE, str, StringUtil.getResourceString(R.string.knox_reason_active_vpn, new Object[0]));
                        }
                        i = 0;
                    } else {
                        ProfileManager.getInstance().setActiveProfile(knoxProfile);
                        if (knoxProfile.setBooleanState(ProfileState.STARTED, Boolean.TRUE)) {
                            ProfileManager.getInstance().profileChanged(knoxProfile);
                        }
                        int connect = NmVpnServiceStandard.connect(NmVpnServiceKnox.this);
                        if (!NmStatus.NM_SUCCEEDED(connect) && knoxProfile.setBooleanState(ProfileState.STARTED, Boolean.FALSE)) {
                            ProfileManager.getInstance().profileChanged(knoxProfile);
                        }
                        if (NmStatus.NM_SUCCEEDED(connect)) {
                            i = 0;
                        }
                    }
                }
            }
            Log.d(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_START_CONNECTION, str, Integer.valueOf(i));
            return i;
        }

        @Override // com.sec.enterprise.mdm.services.vpn.knoxvpn.IKnoxVpnService
        public int stopConnection(String str) {
            int i;
            if (isCallPermitted()) {
                synchronized (NmVpnServiceKnox.this.mStartStopLock) {
                    KnoxProfile knoxProfile = (KnoxProfile) ProfileManager.getInstance().getProfile(ProfileType.KNOX, str);
                    if (knoxProfile == null) {
                        Log.w(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_ERROR_STOP_PROFILE, str, StringUtil.getResourceString(R.string.knox_reason_does_not_exist, new Object[0]));
                        i = 1;
                    } else {
                        if (!NmVpn.isVpnStarted()) {
                            Log.d(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_DEBUG_STOP_PROFILE, str, StringUtil.getResourceString(R.string.knox_reason_no_active_vpn, new Object[0]));
                            if (ProfileManager.getInstance().isActiveProfile(knoxProfile) && knoxProfile.setBooleanState(ProfileState.STARTED, Boolean.FALSE)) {
                                ProfileManager.getInstance().profileChanged(knoxProfile);
                            }
                        } else if (ProfileManager.getInstance().isActiveProfile(knoxProfile)) {
                            if (knoxProfile.setBooleanState(ProfileState.STARTED, Boolean.FALSE)) {
                                ProfileManager.getInstance().profileChanged(knoxProfile);
                            }
                            NmVpnServiceStandard.disconnect(50);
                        } else {
                            Log.d(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_DEBUG_STOP_PROFILE, str, StringUtil.getResourceString(R.string.knox_reason_not_the_active_profile, new Object[0]));
                        }
                        i = 0;
                    }
                }
            } else {
                i = -1;
            }
            Log.d(EventCategories.EV_SRC_NOMAD_NMVNIC, Messages.EV_KNOX_STOP_CONNECTION, str, Integer.valueOf(i));
            return i;
        }
    };

    public static KnoxProfile getActiveKnoxProfile() {
        Profile activeProfile = ProfileManager.getInstance().getActiveProfile();
        if (activeProfile instanceof KnoxProfile) {
            return (KnoxProfile) activeProfile;
        }
        return null;
    }

    @Override // android.net.VpnService, android.app.Service
    public IBinder onBind(Intent intent) {
        return this.mBinder;
    }
}
