package defpackage;

import android.content.Context;
import android.os.Bundle;
import android.os.Looper;
import android.os.RemoteException;
import com.cisco.anyconnect.vpn.android.service.ConnectProgressState;
import com.cisco.anyconnect.vpn.android.service.IInfoListener;
import com.cisco.anyconnect.vpn.android.service.IVpnConnectionList;
import com.cisco.anyconnect.vpn.android.service.IVpnService;
import com.cisco.anyconnect.vpn.android.service.ManagedCertificate;
import com.cisco.anyconnect.vpn.android.service.NoticeInfo;
import com.cisco.anyconnect.vpn.android.service.ServiceConnectionCB;
import com.cisco.anyconnect.vpn.android.service.ServiceConnectionManager;
import com.cisco.anyconnect.vpn.android.service.StateInfo;
import com.cisco.anyconnect.vpn.android.service.VpnCertificate;
import com.cisco.anyconnect.vpn.android.service.VpnConnection;
import com.cisco.anyconnect.vpn.android.service.VpnConnectionValidationError;
import com.cisco.anyconnect.vpn.android.service.VpnServiceResult;
import com.cisco.anyconnect.vpn.jni.b;
import com.cisco.anyconnect.vpn.jni.m;
import com.fiberlink.maas360.android.control.ControlApplication;
import com.fiberlink.maas360.android.utilities.i;
import com.mdm.android.aidl.ServiceResponse;
import defpackage.bey;
import defpackage.bld;
import java.io.ByteArrayInputStream;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.ConcurrentLinkedQueue;

/* loaded from: classes2.dex */
public class bsj {
    private static bsj j;

    /* renamed from: a, reason: collision with root package name */
    bey f3564a;
    private ServiceConnectionManager g;
    private IVpnService h;

    /* renamed from: b, reason: collision with root package name */
    private final String f3565b = bsj.class.getSimpleName();

    /* renamed from: c, reason: collision with root package name */
    private final String f3566c = "Automatic";
    private final String d = "Manual";
    private final String e = "Disabled";
    private ConcurrentLinkedQueue<bey> i = new ConcurrentLinkedQueue<>();
    private IInfoListener k = new IInfoListener.Stub() { // from class: bsj.2
        @Override // com.cisco.anyconnect.vpn.android.service.IInfoListener
        public void ConnectInProgressCB(ConnectProgressState connectProgressState) {
            ckq.b(bsj.this.f3565b, "ProgressCB entry: " + connectProgressState.toString());
            if (AnonymousClass3.f3570b[connectProgressState.ordinal()] == 3 && bsj.this.i.peek() != null) {
                bsj.this.b();
            }
        }

        @Override // com.cisco.anyconnect.vpn.android.service.IInfoListener
        public void NoticeCB(NoticeInfo noticeInfo) {
            if (m.MsgType_Error == noticeInfo.getMessageType()) {
                ckq.c(bsj.this.f3565b, "Error: " + noticeInfo.getNotice());
                return;
            }
            ckq.a(bsj.this.f3565b, "Info: " + noticeInfo.getNotice());
        }

        @Override // com.cisco.anyconnect.vpn.android.service.IInfoListener
        public void StateCB(StateInfo stateInfo) {
            ckq.b(bsj.this.f3565b, "StateCB entry: " + stateInfo.getState().name() + " String: " + stateInfo.getString());
        }
    };
    private ControlApplication f = ControlApplication.e();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: bsj$3, reason: invalid class name */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class AnonymousClass3 {

        /* renamed from: a, reason: collision with root package name */
        static final /* synthetic */ int[] f3569a;

        /* renamed from: b, reason: collision with root package name */
        static final /* synthetic */ int[] f3570b;

        static {
            int[] iArr = new int[ConnectProgressState.values().length];
            f3570b = iArr;
            try {
                iArr[ConnectProgressState.Connecting.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f3570b[ConnectProgressState.Disconnecting.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                f3570b[ConnectProgressState.NoAction.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            int[] iArr2 = new int[bey.a.values().length];
            f3569a = iArr2;
            try {
                iArr2[bey.a.CONFIGURE_VPN.ordinal()] = 1;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                f3569a[bey.a.DELETE_VPN.ordinal()] = 2;
            } catch (NoSuchFieldError unused5) {
            }
        }
    }

    /* loaded from: classes2.dex */
    private class a extends ServiceConnectionCB {
        public a(Context context) {
            super(context);
        }

        @Override // com.cisco.anyconnect.vpn.android.service.ServiceConnectionCB
        public void OnServiceConnected(IVpnService iVpnService) {
            ckq.b(bsj.this.f3565b, "CiscoAnyConnect service connection state: connected");
            bsj.this.h = iVpnService;
            try {
                if (bsj.this.h.RegisterInfoListener(bsj.this.k)) {
                    return;
                }
                ckq.c(bsj.this.f3565b, "RegisterInfoListener failed");
            } catch (RemoteException e) {
                ckq.d(bsj.this.f3565b, e, "RegisterInfoListener failed");
            }
        }

        @Override // com.cisco.anyconnect.vpn.android.service.ServiceConnectionCB
        public void OnServiceDisconnected() {
            super.OnServiceDisconnected();
            ckq.b(bsj.this.f3565b, "CiscoAnyConnect service connection state: disconnected");
            bsj.this.h = null;
            bsj.this.g.Deactivate();
        }

        @Override // com.cisco.anyconnect.vpn.android.service.ServiceConnectionCB
        public void OnServiceWillDisconnect(IVpnService iVpnService, boolean z, String str) {
            super.OnServiceWillDisconnect(iVpnService, z, str);
            try {
                if (!iVpnService.UnregisterInfoListener(bsj.this.k)) {
                    ckq.c(bsj.this.f3565b, "UnregisterInfoListener failed");
                }
            } catch (RemoteException e) {
                ckq.d(bsj.this.f3565b, e, "RegisterInfoListener failed");
            }
            ckq.d(bsj.this.f3565b, "CiscoAnyConnect service connection state: disconnecting");
        }
    }

    private bsj() {
    }

    public static bsj a() {
        if (j == null) {
            j = new bsj();
        }
        return j;
    }

    private b a(String str) {
        b bVar = b.Automatic;
        return bqb.h(str) ? str.equalsIgnoreCase("Automatic") ? b.Automatic : str.equalsIgnoreCase("Manual") ? b.Manual : str.equalsIgnoreCase("Disabled") ? b.Disabled : bVar : bVar;
    }

    private void a(Bundle bundle) {
        a((bor) bundle.getParcelable("VPN_CONFIG"));
    }

    private void a(bor borVar) {
        ControlApplication e = ControlApplication.e();
        try {
            try {
                IVpnConnectionList GetConnectionList = this.h.GetConnectionList();
                VpnConnection vpnConnection = new VpnConnection();
                vpnConnection.SetName(borVar.g);
                vpnConnection.SetProfileName(borVar.g);
                vpnConnection.SetHost(borVar.i);
                vpnConnection.SetCertAuthMode(a(borVar.r));
                if (bqb.h(borVar.t) && bqb.h(borVar.u)) {
                    VpnServiceResult ImportPKCS12WithPassword = this.h.ImportPKCS12WithPassword(jy.a(borVar.u), borVar.v);
                    if (ImportPKCS12WithPassword == VpnServiceResult.SUCCESS) {
                        ckq.b(this.f3565b, "Import is Successful: " + ImportPKCS12WithPassword.toString());
                        VpnCertificate b2 = b(borVar);
                        vpnConnection.SetManualCertAuthMode(b2.getCommonName(), b2.GetHash());
                    } else {
                        ckq.b(this.f3565b, "Import cert failed with error : " + ImportPKCS12WithPassword.toString());
                    }
                }
                int Save = GetConnectionList.Save(vpnConnection);
                ckq.b(this.f3565b, "Configure Vpn for " + borVar.g + " returned: " + Save);
                if (Save == VpnConnectionValidationError.None.GetBitmask()) {
                    a(borVar.h, bey.a.CONFIGURE_VPN, true);
                    bqb.p(String.format(e.getString(bld.l.cisco_config_success), borVar.g));
                } else if ((VpnConnectionValidationError.DuplicateName.GetBitmask() & Save) != 0) {
                    ckq.b(this.f3565b, "Vpn config for " + borVar.g + " already exists. Trying to delete and create again.");
                    c(borVar);
                    if (bqb.h(borVar.t) && bqb.h(borVar.u)) {
                        VpnServiceResult ImportPKCS12WithPassword2 = this.h.ImportPKCS12WithPassword(jy.a(borVar.u), borVar.v);
                        if (ImportPKCS12WithPassword2 == VpnServiceResult.SUCCESS) {
                            ckq.b(this.f3565b, "Import is Successful: " + ImportPKCS12WithPassword2.toString());
                            VpnCertificate b3 = b(borVar);
                            vpnConnection.SetManualCertAuthMode(b3.getCommonName(), b3.GetHash());
                        } else {
                            ckq.b(this.f3565b, "Import cert failed with error : " + ImportPKCS12WithPassword2.toString());
                        }
                    }
                    if (GetConnectionList.Save(vpnConnection) == VpnConnectionValidationError.None.GetBitmask()) {
                        a(borVar.h, bey.a.CONFIGURE_VPN, true);
                        ckq.b(this.f3565b, "Configure Vpn for " + borVar.g + " succeeded after deleting");
                        bqb.p(String.format(e.getString(bld.l.cisco_config_success), borVar.g));
                    }
                }
                if ((VpnConnectionValidationError.InvalidCertificate.GetBitmask() & Save) != 0) {
                    ckq.b(this.f3565b, "Vpn config for " + borVar.g + " failed with cert error,trying again.");
                    if (GetConnectionList.Save(vpnConnection) == VpnConnectionValidationError.None.GetBitmask()) {
                        a(borVar.h, bey.a.CONFIGURE_VPN, true);
                        bqb.p(String.format(e.getString(bld.l.cisco_config_success), borVar.g));
                    }
                }
            } catch (Exception e2) {
                a(borVar.h, bey.a.CONFIGURE_VPN, false);
                ckq.d(this.f3565b, e2, "Error in configuring vpn:" + borVar.g);
                bqb.p(String.format(e.getString(bld.l.cisco_config_failed), borVar.g));
            }
        } finally {
            c();
        }
    }

    private void a(String str, bey.a aVar, boolean z) {
        Bundle bundle = new Bundle();
        bundle.putString("Command", aVar.toString());
        bundle.putString("CorrelationId", str);
        bundle.putBoolean("CommandStatus", z);
        bundle.putParcelable("ServiceResponse", z ? ServiceResponse.getResponseObject(0) : ServiceResponse.getResponseObject(38));
        i.a("ACTION_MDM_FEATURE_COMMAND_COMPLETE", bin.class.getSimpleName(), bundle);
    }

    private VpnCertificate b(bor borVar) {
        VpnCertificate vpnCertificate;
        VpnCertificate vpnCertificate2 = null;
        try {
            List<ManagedCertificate> EnumerateCertificates = this.h.EnumerateCertificates(0);
            X509Certificate a2 = bpy.a(new ByteArrayInputStream(jy.a(borVar.u)), borVar.v);
            ManagedCertificate managedCertificate = null;
            for (ManagedCertificate managedCertificate2 : EnumerateCertificates) {
                X509Certificate GetX509 = managedCertificate2.GetX509();
                if (GetX509 != null && a2 != null && js.a(GetX509.getEncoded(), a2.getEncoded())) {
                    managedCertificate = managedCertificate2;
                }
            }
            vpnCertificate = new VpnCertificate(managedCertificate.derBlob);
        } catch (Exception e) {
            e = e;
        }
        try {
            ckq.b(this.f3565b, "VPN cert has been set in the format required by Cisco VPN");
            return vpnCertificate;
        } catch (Exception e2) {
            e = e2;
            vpnCertificate2 = vpnCertificate;
            ckq.d(this.f3565b, e, "Error in setting cert in VPN profile with profileId:" + borVar.h);
            return vpnCertificate2;
        }
    }

    private void b(Bundle bundle) {
        c((bor) bundle.getParcelable("VPN_CONFIG"));
    }

    private void c() {
        this.f3564a = null;
        b();
    }

    private void c(bor borVar) {
        boolean z;
        try {
            try {
                IVpnConnectionList GetConnectionList = this.h.GetConnectionList();
                VpnConnection GetConnection = GetConnectionList.GetConnection(borVar.h);
                if (GetConnection != null) {
                    z = GetConnectionList.Delete(GetConnection);
                    ckq.b(this.f3565b, "Delete Vpn for ", borVar.h, " returned: " + z);
                } else {
                    ckq.b(this.f3565b, "Vpn connection - ", borVar.h, " not found to delete");
                    z = false;
                }
                if (bqb.h(borVar.t) && bqb.h(borVar.u)) {
                    List<ManagedCertificate> EnumerateCertificates = this.h.EnumerateCertificates(0);
                    X509Certificate a2 = bpy.a(new ByteArrayInputStream(jy.a(borVar.u)), borVar.v);
                    Iterator<ManagedCertificate> it = EnumerateCertificates.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        ManagedCertificate next = it.next();
                        X509Certificate GetX509 = next.GetX509();
                        if (a2 == null || GetX509 == null || !js.a(a2.getEncoded(), GetX509.getEncoded())) {
                            ckq.a(this.f3565b, "CertShortName : " + next.getSubjectShortName());
                        } else {
                            ArrayList arrayList = new ArrayList();
                            arrayList.add(next.id);
                            if (this.h.DeleteCertificates(0, arrayList)) {
                                ckq.a(this.f3565b, "Successfully removed the cert : " + next.getSubjectShortName());
                            } else {
                                ckq.a(this.f3565b, "Failed to removed the cert : " + next.getSubjectShortName());
                            }
                        }
                    }
                }
                a(borVar.h, bey.a.DELETE_VPN, z);
            } catch (Exception e) {
                ckq.d(this.f3565b, e, "Error in deleting vpn with profileId:" + borVar.h);
            }
        } finally {
            c();
        }
    }

    private void d() {
        if (this.h == null) {
            new Thread(new Runnable() { // from class: bsj.1
                @Override // java.lang.Runnable
                public void run() {
                    Looper.prepare();
                    ckq.b(bsj.this.f3565b, "Connecting to CiscoAC Service");
                    bsj bsjVar = bsj.this;
                    bsj bsjVar2 = bsj.this;
                    bsjVar.g = new ServiceConnectionManager(new a(bsjVar2.f));
                    bsj.this.g.Activate();
                    Looper.loop();
                }
            }).start();
        }
    }

    public boolean a(bey beyVar) {
        boolean z;
        try {
            ckq.b(this.f3565b, "Added op to queue " + beyVar.f2759a);
            this.i.add(beyVar);
        } catch (Exception e) {
            e = e;
            z = false;
        }
        try {
            d();
            b();
            return true;
        } catch (Exception e2) {
            e = e2;
            z = true;
            ckq.d(this.f3565b, e, "Error in executing operation:" + beyVar.f2759a);
            return z;
        }
    }

    public synchronized void b() {
        bey poll;
        if (this.h != null && this.f3564a == null && (poll = this.i.poll()) != null) {
            ckq.b(this.f3565b, "Removed op from queue " + poll.f2759a);
            this.f3564a = poll;
            synchronized (poll) {
                ckq.b(this.f3565b, "Executing " + poll.f2759a);
                int i = AnonymousClass3.f3569a[poll.f2759a.ordinal()];
                if (i == 1) {
                    a((Bundle) poll.f2760b);
                } else if (i != 2) {
                    this.f3564a = null;
                } else {
                    b((Bundle) poll.f2760b);
                }
            }
        }
    }
}
