package org.strongswan.android.logic;

import android.annotation.TargetApi;
import android.app.Notification;
import android.app.NotificationChannel;
import android.app.NotificationManager;
import android.app.PendingIntent;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.content.ServiceConnection;
import android.content.SharedPreferences;
import android.content.pm.PackageManager;
import android.net.VpnService;
import android.os.Build;
import android.os.Bundle;
import android.os.Handler;
import android.os.IBinder;
import android.os.ParcelFileDescriptor;
import android.preference.PreferenceManager;
import android.security.KeyChain;
import android.security.KeyChainException;
import android.system.OsConstants;
import android.util.Log;
import android.util.Xml;
import com.gentlebreeze.vpn.http.api.GeoInfoKt;
import com.gentlebreeze.vpn.module.strongswan.R;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.StringReader;
import java.net.Inet4Address;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.nio.ByteBuffer;
import java.nio.channels.ClosedByInterruptException;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Locale;
import java.util.Objects;
import java.util.SortedSet;
import java.util.UUID;
import k.h.b.m;
import org.strongswan.android.logic.imc.RemediationInstruction;
import org.strongswan.android.utils.Utils;
import org.xmlpull.v1.XmlPullParser;
import org.xmlpull.v1.XmlPullParserException;
import s.d.a.a.a;
import s.d.a.a.b;
import s.d.a.a.c;
import s.d.a.b.c;
import s.d.a.b.d;
import s.d.a.e.b;
import s.d.a.e.c;

/* loaded from: classes2.dex */
public class CharonVpnService extends VpnService implements Runnable, d.l {
    public static final String DISCONNECT_ACTION = "org.strongswan.android.CharonVpnService.DISCONNECT";
    public static final String KEY_IS_RETRY = "retry";
    public static final String LOG_FILE = "charon.log";
    private static final String NOTIFICATION_CHANNEL = "org.strongswan.android.CharonVpnService.VPN_STATE_NOTIFICATION";
    public static final int STATE_AUTH_ERROR = 3;
    public static final int STATE_CERTIFICATE_UNAVAILABLE = 7;
    public static final int STATE_CHILD_SA_DOWN = 2;
    public static final int STATE_CHILD_SA_UP = 1;
    public static final int STATE_GENERIC_ERROR = 8;
    public static final int STATE_LOOKUP_ERROR = 5;
    public static final int STATE_PEER_AUTH_ERROR = 4;
    public static final int STATE_UNREACHABLE_ERROR = 6;
    private static final String TAG = CharonVpnService.class.getSimpleName();
    private static final String VPN_SERVICE_ACTION = "android.net.VpnService";
    public static final int VPN_STATE_NOTIFICATION_ID = 1;
    public String mAppDir;
    public Thread mConnectionHandler;
    private volatile String mCurrentCertificateAlias;
    private a mCurrentProfile;
    private volatile String mCurrentUserCertificateAlias;
    public b mDataSource;
    public Handler mHandler;
    private volatile boolean mIsDisconnecting;
    public String mLogFile;
    private a mNextProfile;
    private volatile boolean mProfileUpdated;
    public d mService;
    public volatile boolean mShowNotification;
    private volatile boolean mTerminate;
    private BuilderAdapter mBuilderAdapter = new BuilderAdapter();
    private final Object mServiceLock = new Object();
    public final ServiceConnection mServiceConnection = new ServiceConnection() { // from class: org.strongswan.android.logic.CharonVpnService.1
        @Override // android.content.ServiceConnection
        public void onServiceConnected(ComponentName componentName, IBinder iBinder) {
            CharonVpnService charonVpnService;
            d dVar;
            synchronized (CharonVpnService.this.mServiceLock) {
                charonVpnService = CharonVpnService.this;
                dVar = d.this;
                charonVpnService.mService = dVar;
            }
            dVar.registerListener(charonVpnService);
            CharonVpnService.this.mConnectionHandler.start();
        }

        @Override // android.content.ServiceConnection
        public void onServiceDisconnected(ComponentName componentName) {
            synchronized (CharonVpnService.this.mServiceLock) {
                CharonVpnService.this.mService = null;
            }
        }
    };

    /* renamed from: org.strongswan.android.logic.CharonVpnService$4, reason: invalid class name */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class AnonymousClass4 {
        public static final /* synthetic */ int[] $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling;
        public static final /* synthetic */ int[] $SwitchMap$org$strongswan$android$logic$VpnStateService$State;

        static {
            a.EnumC0248a.values();
            int[] iArr = new int[3];
            $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling = iArr;
            try {
                a.EnumC0248a enumC0248a = a.EnumC0248a.SELECTED_APPS_DISABLE;
                iArr[0] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                int[] iArr2 = $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling;
                a.EnumC0248a enumC0248a2 = a.EnumC0248a.SELECTED_APPS_EXCLUDE;
                iArr2[1] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                int[] iArr3 = $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling;
                a.EnumC0248a enumC0248a3 = a.EnumC0248a.SELECTED_APPS_ONLY;
                iArr3[2] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            d.k.values();
            int[] iArr4 = new int[4];
            $SwitchMap$org$strongswan$android$logic$VpnStateService$State = iArr4;
            try {
                iArr4[1] = 1;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                $SwitchMap$org$strongswan$android$logic$VpnStateService$State[2] = 2;
            } catch (NoSuchFieldError unused5) {
            }
            try {
                $SwitchMap$org$strongswan$android$logic$VpnStateService$State[3] = 3;
            } catch (NoSuchFieldError unused6) {
            }
        }
    }

    /* loaded from: classes2.dex */
    public class BuilderAdapter {
        private VpnService.Builder mBuilder;
        private BuilderCache mCache;
        private PacketDropper mDropper = new PacketDropper();
        private BuilderCache mEstablishedCache;
        private a mProfile;

        /* loaded from: classes2.dex */
        public class PacketDropper implements Runnable {
            private ParcelFileDescriptor mFd;
            private Thread mThread;

            private PacketDropper() {
            }

            @Override // java.lang.Runnable
            public synchronized void run() {
                int read;
                try {
                    FileInputStream fileInputStream = new FileInputStream(this.mFd.getFileDescriptor());
                    ByteBuffer allocate = ByteBuffer.allocate(BuilderAdapter.this.mCache.mMtu);
                    do {
                        read = fileInputStream.getChannel().read(allocate);
                        allocate.clear();
                    } while (read >= 0);
                } catch (IOException e) {
                    e.printStackTrace();
                } catch (InterruptedException | ClosedByInterruptException unused) {
                }
            }

            public void start(ParcelFileDescriptor parcelFileDescriptor) {
                this.mFd = parcelFileDescriptor;
                Thread thread = new Thread(this);
                this.mThread = thread;
                thread.start();
            }

            public void stop() {
                if (this.mFd != null) {
                    try {
                        this.mThread.interrupt();
                        this.mThread.join();
                        this.mFd.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    } catch (InterruptedException e2) {
                        e2.printStackTrace();
                    }
                    this.mFd = null;
                }
            }
        }

        public BuilderAdapter() {
        }

        private VpnService.Builder createBuilder(String str) {
            VpnService.Builder builder = new VpnService.Builder(CharonVpnService.this);
            builder.setSession(str);
            Context applicationContext = CharonVpnService.this.getApplicationContext();
            builder.setConfigureIntent(PendingIntent.getActivity(applicationContext, 0, new Intent(applicationContext, (Class<?>) s.d.a.d.a.class), 134217728));
            return builder;
        }

        private synchronized ParcelFileDescriptor establishIntern() {
            try {
                this.mCache.applyData(this.mBuilder);
                ParcelFileDescriptor establish = this.mBuilder.establish();
                if (establish != null) {
                    closeBlocking();
                }
                if (establish == null) {
                    return null;
                }
                this.mBuilder = createBuilder(this.mProfile.d);
                this.mEstablishedCache = this.mCache;
                this.mCache = new BuilderCache(this.mProfile);
                return establish;
            } catch (Exception e) {
                e.printStackTrace();
                return null;
            }
        }

        public synchronized boolean addAddress(String str, int i) {
            try {
                this.mCache.addAddress(str, i);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized boolean addDnsServer(String str) {
            try {
                this.mCache.addDnsServer(str);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized boolean addRoute(String str, int i) {
            try {
                this.mCache.addRoute(str, i);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized boolean addSearchDomain(String str) {
            try {
                this.mBuilder.addSearchDomain(str);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized void closeBlocking() {
            this.mDropper.stop();
        }

        public synchronized int establish() {
            ParcelFileDescriptor establishIntern;
            establishIntern = establishIntern();
            return establishIntern != null ? establishIntern.detachFd() : -1;
        }

        @TargetApi(21)
        public synchronized void establishBlocking() {
            this.mCache.addAddress("172.16.252.1", 32);
            this.mCache.addAddress("fd00::fd02:1", 128);
            this.mCache.addRoute(GeoInfoKt.GEO_IP_FALLBACK, 0);
            this.mCache.addRoute("::", 0);
            this.mBuilder.addDnsServer("8.8.8.8");
            this.mBuilder.addDnsServer("2001:4860:4860::8888");
            this.mBuilder.setBlocking(true);
            ParcelFileDescriptor establishIntern = establishIntern();
            if (establishIntern != null) {
                this.mDropper.start(establishIntern);
            }
        }

        public synchronized int establishNoDns() {
            if (this.mEstablishedCache == null) {
                return -1;
            }
            try {
                VpnService.Builder createBuilder = createBuilder(this.mProfile.d);
                this.mEstablishedCache.applyData(createBuilder);
                ParcelFileDescriptor establish = createBuilder.establish();
                if (establish == null) {
                    return -1;
                }
                return establish.detachFd();
            } catch (Exception e) {
                e.printStackTrace();
                return -1;
            }
        }

        public synchronized boolean setMtu(int i) {
            try {
                this.mCache.setMtu(i);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized void setProfile(a aVar) {
            this.mProfile = aVar;
            this.mBuilder = createBuilder(aVar.d);
            this.mCache = new BuilderCache(this.mProfile);
        }
    }

    /* loaded from: classes2.dex */
    public class BuilderCache {
        private final a.EnumC0248a mAppHandling;
        private boolean mDnsServersConfigured;
        private final c mExcludedSubnets;
        private boolean mIPv4Seen;
        private boolean mIPv6Seen;
        private int mMtu;
        private final SortedSet<String> mSelectedApps;
        private final int mSplitTunneling;
        private final List<s.d.a.e.a> mAddresses = new ArrayList();
        private final List<s.d.a.e.a> mRoutesIPv4 = new ArrayList();
        private final List<s.d.a.e.a> mRoutesIPv6 = new ArrayList();
        private final c mIncludedSubnetsv4 = new c();
        private final c mIncludedSubnetsv6 = new c();
        private final List<InetAddress> mDnsServers = new ArrayList();

        /* JADX WARN: Removed duplicated region for block: B:32:0x00bd  */
        /* JADX WARN: Removed duplicated region for block: B:46:0x00e0  */
        /* JADX WARN: Removed duplicated region for block: B:50:0x00e3  */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public BuilderCache(s.d.a.a.a r9) {
            /*
                r7 = this;
                org.strongswan.android.logic.CharonVpnService.this = r8
                r7.<init>()
                java.util.ArrayList r0 = new java.util.ArrayList
                r0.<init>()
                r7.mAddresses = r0
                java.util.ArrayList r0 = new java.util.ArrayList
                r0.<init>()
                r7.mRoutesIPv4 = r0
                java.util.ArrayList r0 = new java.util.ArrayList
                r0.<init>()
                r7.mRoutesIPv6 = r0
                s.d.a.e.c r0 = new s.d.a.e.c
                r0.<init>()
                r7.mIncludedSubnetsv4 = r0
                s.d.a.e.c r0 = new s.d.a.e.c
                r0.<init>()
                r7.mIncludedSubnetsv6 = r0
                java.util.ArrayList r0 = new java.util.ArrayList
                r0.<init>()
                r7.mDnsServers = r0
                java.lang.String r0 = r9.f7775m
                s.d.a.e.c r0 = s.d.a.e.c.e(r0)
                java.util.Iterator r0 = r0.iterator()
            L39:
                boolean r1 = r0.hasNext()
                if (r1 == 0) goto L61
                java.lang.Object r1 = r0.next()
                s.d.a.e.a r1 = (s.d.a.e.a) r1
                java.net.InetAddress r2 = r1.p()
                boolean r2 = r2 instanceof java.net.Inet4Address
                if (r2 == 0) goto L53
                s.d.a.e.c r2 = r7.mIncludedSubnetsv4
                r2.a(r1)
                goto L39
            L53:
                java.net.InetAddress r2 = r1.p()
                boolean r2 = r2 instanceof java.net.Inet6Address
                if (r2 == 0) goto L39
                s.d.a.e.c r2 = r7.mIncludedSubnetsv6
                r2.a(r1)
                goto L39
            L61:
                java.lang.String r0 = r9.f7774l
                s.d.a.e.c r0 = s.d.a.e.c.e(r0)
                r7.mExcludedSubnets = r0
                java.lang.Integer r0 = r9.f7782t
                r1 = 0
                if (r0 == 0) goto L73
                int r0 = r0.intValue()
                goto L74
            L73:
                r0 = r1
            L74:
                r7.mSplitTunneling = r0
                s.d.a.a.a$a r0 = r9.w
                java.util.TreeSet r2 = new java.util.TreeSet
                r2.<init>()
                java.lang.String r3 = r9.f7776n
                boolean r3 = android.text.TextUtils.isEmpty(r3)
                java.lang.String r4 = "\\s+"
                if (r3 != 0) goto L94
                java.lang.String r3 = r9.f7776n
                java.lang.String[] r3 = r3.split(r4)
                java.util.List r3 = java.util.Arrays.asList(r3)
                r2.addAll(r3)
            L94:
                r7.mSelectedApps = r2
                int r3 = r0.ordinal()
                r5 = 1
                if (r3 == 0) goto Lab
                if (r3 == r5) goto Lb0
                r6 = 2
                if (r3 == r6) goto La3
                goto Lb7
            La3:
                java.lang.String r8 = r8.getPackageName()
                r2.remove(r8)
                goto Lb7
            Lab:
                s.d.a.a.a$a r0 = s.d.a.a.a.EnumC0248a.SELECTED_APPS_EXCLUDE
                r2.clear()
            Lb0:
                java.lang.String r8 = r8.getPackageName()
                r2.add(r8)
            Lb7:
                r7.mAppHandling = r0
                java.lang.String r8 = r9.f7779q
                if (r8 == 0) goto Ldc
                java.lang.String[] r8 = r8.split(r4)
                int r0 = r8.length
            Lc2:
                if (r1 >= r0) goto Ldc
                r2 = r8[r1]
                java.util.List<java.net.InetAddress> r3 = r7.mDnsServers     // Catch: java.net.UnknownHostException -> Ld5
                java.net.InetAddress r4 = org.strongswan.android.utils.Utils.a(r2)     // Catch: java.net.UnknownHostException -> Ld5
                r3.add(r4)     // Catch: java.net.UnknownHostException -> Ld5
                r7.recordAddressFamily(r2)     // Catch: java.net.UnknownHostException -> Ld5
                r7.mDnsServersConfigured = r5     // Catch: java.net.UnknownHostException -> Ld5
                goto Ld9
            Ld5:
                r2 = move-exception
                r2.printStackTrace()
            Ld9:
                int r1 = r1 + 1
                goto Lc2
            Ldc:
                java.lang.Integer r8 = r9.f7780r
                if (r8 != 0) goto Le3
                r8 = 1500(0x5dc, float:2.102E-42)
                goto Le7
            Le3:
                int r8 = r8.intValue()
            Le7:
                r7.mMtu = r8
                return
            */
            throw new UnsupportedOperationException("Method not decompiled: org.strongswan.android.logic.CharonVpnService.BuilderCache.<init>(org.strongswan.android.logic.CharonVpnService, s.d.a.a.a):void");
        }

        private boolean isIPv6(String str) throws UnknownHostException {
            InetAddress a = Utils.a(str);
            return !(a instanceof Inet4Address) && (a instanceof Inet6Address);
        }

        public void addAddress(String str, int i) {
            try {
                this.mAddresses.add(new s.d.a.e.a(str, i));
                recordAddressFamily(str);
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }

        public void addDnsServer(String str) {
            if (this.mDnsServersConfigured) {
                return;
            }
            try {
                this.mDnsServers.add(Utils.a(str));
                recordAddressFamily(str);
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }

        public void addRoute(String str, int i) {
            try {
                if (isIPv6(str)) {
                    this.mRoutesIPv6.add(new s.d.a.e.a(str, i));
                } else {
                    this.mRoutesIPv4.add(new s.d.a.e.a(str, i));
                }
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }

        @TargetApi(21)
        public void applyData(VpnService.Builder builder) {
            for (s.d.a.e.a aVar : this.mAddresses) {
                builder.addAddress(aVar.p(), aVar.g.intValue());
            }
            Iterator<InetAddress> it = this.mDnsServers.iterator();
            while (it.hasNext()) {
                builder.addDnsServer(it.next());
            }
            if ((this.mSplitTunneling & 1) == 0) {
                if (this.mIPv4Seen) {
                    c cVar = new c();
                    if (this.mIncludedSubnetsv4.d.size() > 0) {
                        cVar.c(this.mIncludedSubnetsv4);
                    } else {
                        cVar.d(this.mRoutesIPv4);
                    }
                    cVar.f(this.mExcludedSubnets);
                    b.a aVar2 = new b.a();
                    while (aVar2.hasNext()) {
                        s.d.a.e.a aVar3 = (s.d.a.e.a) aVar2.next();
                        try {
                            builder.addRoute(aVar3.p(), aVar3.g.intValue());
                        } catch (IllegalArgumentException e) {
                            if (!aVar3.p().isMulticastAddress()) {
                                throw e;
                            }
                        }
                    }
                } else {
                    builder.allowFamily(OsConstants.AF_INET);
                }
            } else if (this.mIPv4Seen) {
                builder.addRoute(GeoInfoKt.GEO_IP_FALLBACK, 0);
            }
            if ((this.mSplitTunneling & 2) == 0) {
                if (this.mIPv6Seen) {
                    c cVar2 = new c();
                    if (this.mIncludedSubnetsv6.d.size() > 0) {
                        cVar2.c(this.mIncludedSubnetsv6);
                    } else {
                        cVar2.d(this.mRoutesIPv6);
                    }
                    cVar2.f(this.mExcludedSubnets);
                    b.a aVar4 = new b.a();
                    while (aVar4.hasNext()) {
                        s.d.a.e.a aVar5 = (s.d.a.e.a) aVar4.next();
                        try {
                            builder.addRoute(aVar5.p(), aVar5.g.intValue());
                        } catch (IllegalArgumentException e2) {
                            if (!aVar5.p().isMulticastAddress()) {
                                throw e2;
                            }
                        }
                    }
                } else {
                    builder.allowFamily(OsConstants.AF_INET6);
                }
            } else if (this.mIPv6Seen) {
                builder.addRoute("::", 0);
            }
            if (this.mSelectedApps.size() > 0) {
                int ordinal = this.mAppHandling.ordinal();
                if (ordinal == 1) {
                    Iterator<String> it2 = this.mSelectedApps.iterator();
                    while (it2.hasNext()) {
                        try {
                            builder.addDisallowedApplication(it2.next());
                        } catch (PackageManager.NameNotFoundException unused) {
                        }
                    }
                } else if (ordinal == 2) {
                    Iterator<String> it3 = this.mSelectedApps.iterator();
                    while (it3.hasNext()) {
                        try {
                            builder.addAllowedApplication(it3.next());
                        } catch (PackageManager.NameNotFoundException unused2) {
                        }
                    }
                }
            }
            builder.setMtu(this.mMtu);
        }

        public void recordAddressFamily(String str) {
            try {
                if (isIPv6(str)) {
                    this.mIPv6Seen = true;
                } else {
                    this.mIPv4Seen = true;
                }
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }

        public void setMtu(int i) {
            this.mMtu = i;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Multi-variable type inference failed */
    public Notification buildNotification(boolean z) {
        Object[] objArr;
        a profile = this.mService.getProfile();
        d.k state = this.mService.getState();
        d.g errorState = this.mService.getErrorState();
        String str = profile != null ? profile.d : "";
        m mVar = new m(this, NOTIFICATION_CHANNEL);
        mVar.x.icon = R.drawable.ic_notification;
        mVar.f6857r = "service";
        mVar.f6860u = z ? 1 : 0;
        int i = R.string.state_disabled;
        d.g gVar = d.g.NO_ERROR;
        if (errorState != gVar) {
            i = this.mService.getErrorText();
            mVar.x.icon = R.drawable.ic_notification_warning;
            int i2 = R.color.error_text;
            Object obj = k.h.c.a.a;
            mVar.f6859t = getColor(i2);
            if (!z && profile != null) {
                int retryIn = this.mService.getRetryIn();
                if (retryIn > 0) {
                    mVar.d(getResources().getQuantityString(R.plurals.retry_in, retryIn, Integer.valueOf(retryIn)));
                    mVar.f6853n = this.mService.getRetryTimeout();
                    mVar.f6854o = retryIn;
                    mVar.f6855p = false;
                }
                Intent intent = new Intent(getApplicationContext(), (Class<?>) s.d.a.d.b.class);
                intent.addFlags(268435456);
                intent.setAction("");
                intent.putExtra("", profile.y.toString());
                mVar.a(R.drawable.ic_notification_connecting, getString(R.string.retry), PendingIntent.getActivity(getApplicationContext(), 0, intent, 134217728));
                objArr = true;
            }
            objArr = false;
        } else {
            mVar.f6853n = 0;
            mVar.f6854o = 0;
            mVar.f6855p = false;
            int ordinal = state.ordinal();
            if (ordinal == 1) {
                i = R.string.state_connecting;
                mVar.x.icon = R.drawable.ic_notification_connecting;
                int i3 = R.color.warning_text;
                Object obj2 = k.h.c.a.a;
                mVar.f6859t = getColor(i3);
            } else if (ordinal != 2) {
                if (ordinal == 3) {
                    i = R.string.state_disconnecting;
                }
                objArr = false;
            } else {
                i = R.string.state_connected;
                int i4 = R.color.success_text;
                Object obj3 = k.h.c.a.a;
                mVar.f6859t = getColor(i4);
                mVar.f6850k = true;
            }
            objArr = true;
        }
        mVar.e(getString(i));
        if (!z) {
            if (objArr != false) {
                Intent intent2 = new Intent(getApplicationContext(), (Class<?>) s.d.a.d.b.class);
                intent2.setAction("");
                mVar.a(R.drawable.ic_notification_disconnect, getString(R.string.disconnect), PendingIntent.getActivity(getApplicationContext(), 0, intent2, 134217728));
            }
            if (errorState == gVar) {
                mVar.d(str);
            }
            mVar.f6861v = buildNotification(true);
        }
        mVar.f = PendingIntent.getActivity(getApplicationContext(), 0, new Intent(getApplicationContext(), (Class<?>) s.d.a.d.a.class), 134217728);
        return mVar.b();
    }

    private void createNotificationChannel() {
        if (Build.VERSION.SDK_INT >= 26) {
            NotificationChannel notificationChannel = new NotificationChannel(NOTIFICATION_CHANNEL, getString(R.string.permanent_notification_name), 2);
            notificationChannel.setDescription(getString(R.string.permanent_notification_description));
            notificationChannel.setLockscreenVisibility(-1);
            notificationChannel.setShowBadge(false);
            ((NotificationManager) getSystemService(NotificationManager.class)).createNotificationChannel(notificationChannel);
        }
    }

    private static String getAndroidVersion() {
        StringBuilder G = b.c.b.a.a.G("Android ");
        G.append(Build.VERSION.RELEASE);
        G.append(" - ");
        G.append(Build.DISPLAY);
        StringBuilder K = b.c.b.a.a.K(G.toString(), "/");
        K.append(Build.VERSION.SECURITY_PATCH);
        return K.toString();
    }

    private static String getDeviceString() {
        return Build.MODEL + " - " + Build.BRAND + "/" + Build.PRODUCT + "/" + Build.MANUFACTURER;
    }

    private byte[][] getTrustedCertificates() {
        ArrayList arrayList = new ArrayList();
        String str = s.d.a.b.c.e;
        s.d.a.b.c cVar = c.b.a;
        cVar.b();
        try {
            String str2 = this.mCurrentCertificateAlias;
            if (str2 != null) {
                X509Certificate a = cVar.a(str2);
                if (a == null) {
                    return null;
                }
                arrayList.add(a.getEncoded());
            } else {
                cVar.a.readLock().lock();
                Hashtable hashtable = (Hashtable) cVar.f7791b.clone();
                cVar.a.readLock().unlock();
                Iterator it = hashtable.values().iterator();
                while (it.hasNext()) {
                    arrayList.add(((X509Certificate) it.next()).getEncoded());
                }
            }
            return (byte[][]) arrayList.toArray(new byte[arrayList.size()]);
        } catch (CertificateEncodingException e) {
            e.printStackTrace();
            return null;
        }
    }

    private byte[][] getUserCertificate() throws KeyChainException, InterruptedException, CertificateEncodingException {
        ArrayList arrayList = new ArrayList();
        X509Certificate[] certificateChain = KeyChain.getCertificateChain(getApplicationContext(), this.mCurrentUserCertificateAlias);
        if (certificateChain == null || certificateChain.length == 0) {
            return null;
        }
        for (X509Certificate x509Certificate : certificateChain) {
            arrayList.add(x509Certificate.getEncoded());
        }
        return (byte[][]) arrayList.toArray(new byte[arrayList.size()]);
    }

    private PrivateKey getUserKey() throws KeyChainException, InterruptedException {
        return KeyChain.getPrivateKey(getApplicationContext(), this.mCurrentUserCertificateAlias);
    }

    private void removeNotification() {
        this.mHandler.post(new Runnable() { // from class: org.strongswan.android.logic.CharonVpnService.3
            @Override // java.lang.Runnable
            public void run() {
                CharonVpnService.this.mShowNotification = false;
                CharonVpnService.this.stopForeground(true);
            }
        });
    }

    private void setError(d.g gVar) {
        synchronized (this.mServiceLock) {
            d dVar = this.mService;
            if (dVar != null) {
                dVar.setError(gVar);
            }
        }
    }

    private void setErrorDisconnect(d.g gVar) {
        synchronized (this.mServiceLock) {
            if (this.mService != null && !this.mIsDisconnecting) {
                this.mService.setError(gVar);
            }
        }
    }

    private void setImcState(s.d.a.b.e.a aVar) {
        synchronized (this.mServiceLock) {
            d dVar = this.mService;
            if (dVar != null) {
                dVar.setImcState(aVar);
            }
        }
    }

    private void setNextProfile(a aVar) {
        synchronized (this) {
            this.mNextProfile = aVar;
            this.mProfileUpdated = true;
            notifyAll();
        }
    }

    private void setState(d.k kVar) {
        synchronized (this.mServiceLock) {
            d dVar = this.mService;
            if (dVar != null) {
                dVar.setState(kVar);
            }
        }
    }

    private void startConnection(a aVar) {
        synchronized (this.mServiceLock) {
            d dVar = this.mService;
            if (dVar != null) {
                dVar.startConnection(aVar);
            }
        }
    }

    private void stopCurrentConnection() {
        synchronized (this) {
            a aVar = this.mNextProfile;
            if (aVar != null) {
                this.mBuilderAdapter.setProfile(aVar);
                this.mBuilderAdapter.establishBlocking();
            }
            if (this.mCurrentProfile != null) {
                setState(d.k.DISCONNECTING);
                this.mIsDisconnecting = true;
                SimpleFetcher.disable();
                deinitializeCharon();
                Log.i(TAG, "charon stopped");
                this.mCurrentProfile = null;
                if (this.mNextProfile == null) {
                    removeNotification();
                    this.mBuilderAdapter.closeBlocking();
                }
            }
        }
    }

    public void addNotification() {
        this.mHandler.post(new Runnable() { // from class: org.strongswan.android.logic.CharonVpnService.2
            @Override // java.lang.Runnable
            public void run() {
                CharonVpnService.this.mShowNotification = true;
                CharonVpnService charonVpnService = CharonVpnService.this;
                charonVpnService.startForeground(1, charonVpnService.buildNotification(false));
            }
        });
    }

    public void addRemediationInstruction(String str) {
        LinkedList<RemediationInstruction> linkedList = new LinkedList();
        XmlPullParser newPullParser = Xml.newPullParser();
        try {
            newPullParser.setInput(new StringReader(str));
            newPullParser.nextTag();
            RemediationInstruction.a(newPullParser, linkedList);
        } catch (IOException e) {
            e.printStackTrace();
        } catch (XmlPullParserException e2) {
            e2.printStackTrace();
        }
        for (RemediationInstruction remediationInstruction : linkedList) {
            synchronized (this.mServiceLock) {
                d dVar = this.mService;
                if (dVar != null) {
                    dVar.addRemediationInstruction(remediationInstruction);
                }
            }
        }
    }

    public native void deinitializeCharon();

    public native boolean initializeCharon(BuilderAdapter builderAdapter, String str, String str2, boolean z);

    public native void initiate(String str);

    @Override // android.app.Service
    public void onCreate() {
        StringBuilder sb = new StringBuilder();
        sb.append(getFilesDir().getAbsolutePath());
        this.mLogFile = b.c.b.a.a.C(sb, File.separator, LOG_FILE);
        this.mAppDir = getFilesDir().getAbsolutePath();
        this.mHandler = new Handler();
        s.d.a.a.b bVar = new s.d.a.a.b(this);
        this.mDataSource = bVar;
        bVar.f();
        this.mConnectionHandler = new Thread(this);
        bindService(new Intent(this, (Class<?>) d.class), this.mServiceConnection, 1);
        createNotificationChannel();
    }

    @Override // android.app.Service
    public void onDestroy() {
        this.mTerminate = true;
        setNextProfile(null);
        try {
            this.mConnectionHandler.join();
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
        d dVar = this.mService;
        if (dVar != null) {
            dVar.unregisterListener(this);
            unbindService(this.mServiceConnection);
        }
        s.d.a.a.b bVar = this.mDataSource;
        b.a aVar = bVar.a;
        if (aVar != null) {
            aVar.close();
            bVar.a = null;
        }
    }

    @Override // android.net.VpnService
    public void onRevoke() {
        setNextProfile(null);
    }

    @Override // android.app.Service
    public int onStartCommand(Intent intent, int i, int i2) {
        Bundle extras;
        if (intent == null) {
            return 2;
        }
        boolean z = false;
        a aVar = null;
        if (VPN_SERVICE_ACTION.equals(intent.getAction())) {
            SharedPreferences defaultSharedPreferences = PreferenceManager.getDefaultSharedPreferences(this);
            String string = defaultSharedPreferences.getString("pref_default_vpn_profile", null);
            if (string == null || string.equals("pref_default_vpn_profile_mru")) {
                string = defaultSharedPreferences.getString("pref_mru_vpn_profile", null);
            }
            s.d.a.a.b bVar = this.mDataSource;
            Objects.requireNonNull(bVar);
            if (string != null) {
                try {
                    aVar = bVar.e(UUID.fromString(string));
                } catch (IllegalArgumentException e) {
                    e.printStackTrace();
                }
            }
        } else if (!DISCONNECT_ACTION.equals(intent.getAction()) && (extras = intent.getExtras()) != null) {
            s.d.a.a.b bVar2 = this.mDataSource;
            String string2 = extras.getString("_uuid");
            Objects.requireNonNull(bVar2);
            if (string2 != null) {
                try {
                    aVar = bVar2.e(UUID.fromString(string2));
                } catch (IllegalArgumentException e2) {
                    e2.printStackTrace();
                }
            }
            if (aVar != null) {
                aVar.g = extras.getString("password");
                z = extras.getBoolean(KEY_IS_RETRY, false);
                PreferenceManager.getDefaultSharedPreferences(this).edit().putString("pref_mru_vpn_profile", aVar.y.toString()).apply();
            }
        }
        if (aVar != null && !z) {
            deleteFile(LOG_FILE);
        }
        setNextProfile(aVar);
        return 2;
    }

    @Override // java.lang.Runnable
    public void run() {
        d.k kVar = d.k.DISABLED;
        while (true) {
            synchronized (this) {
                while (!this.mProfileUpdated) {
                    try {
                        wait();
                    } catch (InterruptedException unused) {
                        stopCurrentConnection();
                        setState(kVar);
                    }
                }
                this.mProfileUpdated = false;
                stopCurrentConnection();
                a aVar = this.mNextProfile;
                if (aVar == null) {
                    setState(kVar);
                    if (this.mTerminate) {
                        return;
                    }
                } else {
                    this.mCurrentProfile = aVar;
                    this.mNextProfile = null;
                    this.mCurrentCertificateAlias = aVar.f7771h;
                    this.mCurrentUserCertificateAlias = this.mCurrentProfile.i;
                    startConnection(this.mCurrentProfile);
                    this.mIsDisconnecting = false;
                    SimpleFetcher.enable();
                    addNotification();
                    this.mBuilderAdapter.setProfile(this.mCurrentProfile);
                    if (initializeCharon(this.mBuilderAdapter, this.mLogFile, this.mAppDir, this.mCurrentProfile.x.e.contains(c.a.BYOD))) {
                        Log.i(TAG, "charon started");
                        if (this.mCurrentProfile.x.e.contains(c.a.USER_PASS) && this.mCurrentProfile.g == null) {
                            setError(d.g.PASSWORD_MISSING);
                        } else {
                            s.d.a.e.d dVar = new s.d.a.e.d();
                            dVar.d("global.language", Locale.getDefault().getLanguage());
                            dVar.c("global.mtu", this.mCurrentProfile.f7780r);
                            dVar.c("global.nat_keepalive", this.mCurrentProfile.f7783u);
                            dVar.b("global.rsa_pss", Boolean.valueOf((this.mCurrentProfile.b().intValue() & 16) != 0));
                            dVar.b("global.crl", Boolean.valueOf((this.mCurrentProfile.b().intValue() & 2) == 0));
                            dVar.b("global.ocsp", Boolean.valueOf((this.mCurrentProfile.b().intValue() & 4) == 0));
                            dVar.d("connection.type", this.mCurrentProfile.x.d);
                            dVar.d("connection.server", this.mCurrentProfile.e);
                            dVar.c("connection.port", this.mCurrentProfile.f7781s);
                            dVar.d("connection.username", this.mCurrentProfile.f);
                            dVar.d("connection.password", this.mCurrentProfile.g);
                            dVar.d("connection.local_id", this.mCurrentProfile.f7773k);
                            dVar.d("connection.remote_id", this.mCurrentProfile.f7772j);
                            dVar.b("connection.certreq", Boolean.valueOf((this.mCurrentProfile.b().intValue() & 1) == 0));
                            dVar.b("connection.strict_revocation", Boolean.valueOf((this.mCurrentProfile.b().intValue() & 8) != 0));
                            dVar.d("connection.ike_proposal", this.mCurrentProfile.f7777o);
                            dVar.d("connection.esp_proposal", this.mCurrentProfile.f7778p);
                            StringBuilder sb = new StringBuilder();
                            dVar.a(dVar.a, sb);
                            initiate(sb.toString());
                        }
                    } else {
                        Log.e(TAG, "failed to start charon");
                        setError(d.g.GENERIC_ERROR);
                        setState(kVar);
                        this.mCurrentProfile = null;
                    }
                }
            }
        }
    }

    public void stateChanged() {
        if (this.mShowNotification) {
            ((NotificationManager) getSystemService("notification")).notify(1, buildNotification(false));
        }
    }

    public void updateImcState(int i) {
        s.d.a.b.e.a aVar;
        s.d.a.b.e.a[] values = s.d.a.b.e.a.values();
        int i2 = 0;
        while (true) {
            if (i2 >= 4) {
                aVar = null;
                break;
            }
            aVar = values[i2];
            if (aVar.d == i) {
                break;
            } else {
                i2++;
            }
        }
        if (aVar != null) {
            setImcState(aVar);
        }
    }

    public void updateStatus(int i) {
        switch (i) {
            case 1:
                setState(d.k.CONNECTED);
                return;
            case 2:
                if (this.mIsDisconnecting) {
                    return;
                }
                setState(d.k.CONNECTING);
                return;
            case 3:
                setErrorDisconnect(d.g.AUTH_FAILED);
                return;
            case 4:
                setErrorDisconnect(d.g.PEER_AUTH_FAILED);
                return;
            case 5:
                setErrorDisconnect(d.g.LOOKUP_FAILED);
                return;
            case 6:
                setErrorDisconnect(d.g.UNREACHABLE);
                return;
            case 7:
                setErrorDisconnect(d.g.CERTIFICATE_UNAVAILABLE);
                return;
            case 8:
                setErrorDisconnect(d.g.GENERIC_ERROR);
                return;
            default:
                Log.e(TAG, "Unknown status code received");
                return;
        }
    }
}
