package org.strongswan.android.logic;

import android.annotation.TargetApi;
import android.app.Notification;
import android.app.NotificationChannel;
import android.app.NotificationManager;
import android.app.PendingIntent;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.content.ServiceConnection;
import android.content.SharedPreferences;
import android.content.pm.PackageManager;
import android.net.VpnService;
import android.os.Build;
import android.os.Bundle;
import android.os.Handler;
import android.os.IBinder;
import android.os.ParcelFileDescriptor;
import android.preference.PreferenceManager;
import android.security.KeyChain;
import android.security.KeyChainException;
import android.system.OsConstants;
import android.text.TextUtils;
import android.util.Log;
import android.util.Xml;
import ch.qos.logback.core.CoreConstants;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.StringReader;
import java.net.Inet4Address;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.nio.ByteBuffer;
import java.nio.channels.ClosedByInterruptException;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Locale;
import java.util.SortedSet;
import java.util.TreeSet;
import java.util.UUID;
import l0.e.a.a.a;
import l0.e.a.a.b;
import l0.e.a.a.c;
import l0.e.a.b.e;
import l0.e.a.b.f;
import l0.e.a.b.g;
import l0.e.a.b.h;
import l0.e.a.b.i;
import l0.e.a.e.b;
import l0.e.a.e.c;
import o.c.a.g.c.d;
import org.strongswan.android.utils.Utils;
import org.xmlpull.v1.XmlPullParser;
import org.xmlpull.v1.XmlPullParserException;

/* loaded from: classes.dex */
public class CharonVpnService extends VpnService implements Runnable, i.f {
    public static final String DISCONNECT_ACTION = "org.strongswan.android.CharonVpnService.DISCONNECT";
    public static final String KEY_IS_RETRY = "retry";
    public static final String LOG_FILE = "charon.log";
    public static final String NOTIFICATION_CHANNEL = "org.strongswan.android.CharonVpnService.VPN_STATE_NOTIFICATION";
    public static final int STATE_AUTH_ERROR = 3;
    public static final int STATE_CERTIFICATE_UNAVAILABLE = 7;
    public static final int STATE_CHILD_SA_DOWN = 2;
    public static final int STATE_CHILD_SA_UP = 1;
    public static final int STATE_GENERIC_ERROR = 8;
    public static final int STATE_LOOKUP_ERROR = 5;
    public static final int STATE_PEER_AUTH_ERROR = 4;
    public static final int STATE_UNREACHABLE_ERROR = 6;
    public static final String TAG = CharonVpnService.class.getSimpleName();
    public static final String VPN_SERVICE_ACTION = "android.net.VpnService";
    public static final int VPN_STATE_NOTIFICATION_ID = 1;
    public String mAppDir;
    public Thread mConnectionHandler;
    public volatile String mCurrentCertificateAlias;
    public a mCurrentProfile;
    public volatile String mCurrentUserCertificateAlias;
    public b mDataSource;
    public Handler mHandler;
    public volatile boolean mIsDisconnecting;
    public String mLogFile;
    public a mNextProfile;
    public volatile boolean mProfileUpdated;
    public i mService;
    public volatile boolean mShowNotification;
    public volatile boolean mTerminate;
    public BuilderAdapter mBuilderAdapter = new BuilderAdapter();
    public final Object mServiceLock = new Object();
    public final ServiceConnection mServiceConnection = new ServiceConnection() { // from class: org.strongswan.android.logic.CharonVpnService.1
        @Override // android.content.ServiceConnection
        public void onServiceConnected(ComponentName componentName, IBinder iBinder) {
            synchronized (CharonVpnService.this.mServiceLock) {
                CharonVpnService.this.mService = i.this;
            }
            CharonVpnService charonVpnService = CharonVpnService.this;
            charonVpnService.mService.m.add(charonVpnService);
            CharonVpnService.this.mConnectionHandler.start();
        }

        @Override // android.content.ServiceConnection
        public void onServiceDisconnected(ComponentName componentName) {
            synchronized (CharonVpnService.this.mServiceLock) {
                CharonVpnService.this.mService = null;
            }
        }
    };

    /* renamed from: org.strongswan.android.logic.CharonVpnService$4, reason: invalid class name */
    /* loaded from: classes.dex */
    public static /* synthetic */ class AnonymousClass4 {
        public static final /* synthetic */ int[] $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling;
        public static final /* synthetic */ int[] $SwitchMap$org$strongswan$android$logic$VpnStateService$State;

        static {
            int[] iArr = new int[a.EnumC0088a.values().length];
            $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling = iArr;
            try {
                a.EnumC0088a enumC0088a = a.EnumC0088a.SELECTED_APPS_DISABLE;
                iArr[0] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                int[] iArr2 = $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling;
                a.EnumC0088a enumC0088a2 = a.EnumC0088a.SELECTED_APPS_EXCLUDE;
                iArr2[1] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                int[] iArr3 = $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling;
                a.EnumC0088a enumC0088a3 = a.EnumC0088a.SELECTED_APPS_ONLY;
                iArr3[2] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            int[] iArr4 = new int[i.e.values().length];
            $SwitchMap$org$strongswan$android$logic$VpnStateService$State = iArr4;
            try {
                iArr4[1] = 1;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                $SwitchMap$org$strongswan$android$logic$VpnStateService$State[2] = 2;
            } catch (NoSuchFieldError unused5) {
            }
            try {
                $SwitchMap$org$strongswan$android$logic$VpnStateService$State[3] = 3;
            } catch (NoSuchFieldError unused6) {
            }
        }
    }

    /* loaded from: classes.dex */
    public class BuilderAdapter {
        public VpnService.Builder mBuilder;
        public BuilderCache mCache;
        public PacketDropper mDropper = new PacketDropper();
        public BuilderCache mEstablishedCache;
        public a mProfile;

        /* loaded from: classes.dex */
        public class PacketDropper implements Runnable {
            public ParcelFileDescriptor mFd;
            public Thread mThread;

            public PacketDropper() {
            }

            @Override // java.lang.Runnable
            public synchronized void run() {
                try {
                    FileInputStream fileInputStream = new FileInputStream(this.mFd.getFileDescriptor());
                    ByteBuffer allocate = ByteBuffer.allocate(BuilderAdapter.this.mCache.mMtu);
                    while (true) {
                        if (Build.VERSION.SDK_INT >= 24) {
                            int read = fileInputStream.getChannel().read(allocate);
                            allocate.clear();
                            if (read < 0) {
                                break;
                            }
                        } else {
                            boolean z2 = true;
                            if (fileInputStream.available() > 0) {
                                int read2 = fileInputStream.read(allocate.array());
                                allocate.clear();
                                if (read2 < 0 || Thread.interrupted()) {
                                    break;
                                } else {
                                    z2 = false;
                                }
                            }
                            if (z2) {
                                Thread.sleep(250L);
                            }
                        }
                    }
                } catch (IOException e) {
                    e.printStackTrace();
                } catch (InterruptedException | ClosedByInterruptException unused) {
                }
            }

            public void start(ParcelFileDescriptor parcelFileDescriptor) {
                this.mFd = parcelFileDescriptor;
                Thread thread = new Thread(this);
                this.mThread = thread;
                thread.start();
            }

            public void stop() {
                if (this.mFd != null) {
                    try {
                        this.mThread.interrupt();
                        this.mThread.join();
                        this.mFd.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    } catch (InterruptedException e2) {
                        e2.printStackTrace();
                    }
                    this.mFd = null;
                }
            }
        }

        public BuilderAdapter() {
        }

        private VpnService.Builder createBuilder(String str) {
            VpnService.Builder builder = new VpnService.Builder(CharonVpnService.this);
            builder.setSession(str);
            Context applicationContext = CharonVpnService.this.getApplicationContext();
            builder.setConfigureIntent(PendingIntent.getActivity(applicationContext, 0, new Intent(applicationContext, (Class<?>) l0.e.a.d.a.class), 134217728));
            return builder;
        }

        private synchronized ParcelFileDescriptor establishIntern() {
            try {
                this.mCache.applyData(this.mBuilder);
                ParcelFileDescriptor establish = this.mBuilder.establish();
                if (establish != null) {
                    closeBlocking();
                }
                if (establish == null) {
                    return null;
                }
                this.mBuilder = createBuilder(this.mProfile.m);
                this.mEstablishedCache = this.mCache;
                this.mCache = new BuilderCache(this.mProfile);
                return establish;
            } catch (Exception e) {
                e.printStackTrace();
                return null;
            }
        }

        public synchronized boolean addAddress(String str, int i) {
            try {
                this.mCache.addAddress(str, i);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized boolean addDnsServer(String str) {
            try {
                this.mCache.addDnsServer(str);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized boolean addRoute(String str, int i) {
            try {
                this.mCache.addRoute(str, i);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized boolean addSearchDomain(String str) {
            try {
                this.mBuilder.addSearchDomain(str);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized void closeBlocking() {
            this.mDropper.stop();
        }

        public synchronized int establish() {
            ParcelFileDescriptor establishIntern;
            establishIntern = establishIntern();
            return establishIntern != null ? establishIntern.detachFd() : -1;
        }

        @TargetApi(21)
        public synchronized void establishBlocking() {
            this.mCache.addAddress("172.16.252.1", 32);
            this.mCache.addAddress("fd00::fd02:1", 128);
            this.mCache.addRoute("0.0.0.0", 0);
            this.mCache.addRoute("::", 0);
            this.mBuilder.addDnsServer("8.8.8.8");
            this.mBuilder.addDnsServer("2001:4860:4860::8888");
            this.mBuilder.setBlocking(true);
            ParcelFileDescriptor establishIntern = establishIntern();
            if (establishIntern != null) {
                this.mDropper.start(establishIntern);
            }
        }

        public synchronized int establishNoDns() {
            if (this.mEstablishedCache == null) {
                return -1;
            }
            try {
                VpnService.Builder createBuilder = createBuilder(this.mProfile.m);
                this.mEstablishedCache.applyData(createBuilder);
                ParcelFileDescriptor establish = createBuilder.establish();
                if (establish == null) {
                    return -1;
                }
                return establish.detachFd();
            } catch (Exception e) {
                e.printStackTrace();
                return -1;
            }
        }

        public synchronized boolean setMtu(int i) {
            try {
                this.mCache.setMtu(i);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized void setProfile(a aVar) {
            this.mProfile = aVar;
            this.mBuilder = createBuilder(aVar.m);
            this.mCache = new BuilderCache(this.mProfile);
        }
    }

    /* loaded from: classes.dex */
    public class BuilderCache {
        public final a.EnumC0088a mAppHandling;
        public boolean mDnsServersConfigured;
        public final c mExcludedSubnets;
        public boolean mIPv4Seen;
        public boolean mIPv6Seen;
        public int mMtu;
        public final SortedSet<String> mSelectedApps;
        public final int mSplitTunneling;
        public final List<l0.e.a.e.a> mAddresses = new ArrayList();
        public final List<l0.e.a.e.a> mRoutesIPv4 = new ArrayList();
        public final List<l0.e.a.e.a> mRoutesIPv6 = new ArrayList();
        public final c mIncludedSubnetsv4 = new c();
        public final c mIncludedSubnetsv6 = new c();
        public final List<InetAddress> mDnsServers = new ArrayList();

        public BuilderCache(a aVar) {
            Iterator<l0.e.a.e.a> it = c.h(aVar.v).iterator();
            while (it.hasNext()) {
                l0.e.a.e.a next = it.next();
                if (next.k() instanceof Inet4Address) {
                    this.mIncludedSubnetsv4.a(next);
                } else if (next.k() instanceof Inet6Address) {
                    this.mIncludedSubnetsv6.a(next);
                }
            }
            this.mExcludedSubnets = c.h(aVar.u);
            Integer num = aVar.C;
            this.mSplitTunneling = num != null ? num.intValue() : 0;
            a.EnumC0088a enumC0088a = aVar.F;
            TreeSet treeSet = new TreeSet();
            if (!TextUtils.isEmpty(aVar.w)) {
                treeSet.addAll(Arrays.asList(aVar.w.split("\\s+")));
            }
            this.mSelectedApps = treeSet;
            int ordinal = enumC0088a.ordinal();
            if (ordinal == 0) {
                enumC0088a = a.EnumC0088a.SELECTED_APPS_EXCLUDE;
                this.mSelectedApps.clear();
            } else if (ordinal != 1 && ordinal == 2) {
                this.mSelectedApps.remove(CharonVpnService.this.getPackageName());
            }
            this.mAppHandling = enumC0088a;
            String str = aVar.f682z;
            if (str != null) {
                for (String str2 : str.split("\\s+")) {
                    try {
                        this.mDnsServers.add(Utils.b(str2));
                        recordAddressFamily(str2);
                        this.mDnsServersConfigured = true;
                    } catch (UnknownHostException e) {
                        e.printStackTrace();
                    }
                }
            }
            Integer num2 = aVar.A;
            this.mMtu = num2 == null ? 1500 : num2.intValue();
        }

        private boolean isIPv6(String str) throws UnknownHostException {
            InetAddress b = Utils.b(str);
            return !(b instanceof Inet4Address) && (b instanceof Inet6Address);
        }

        public void addAddress(String str, int i) {
            try {
                this.mAddresses.add(new l0.e.a.e.a(str, i));
                recordAddressFamily(str);
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }

        public void addDnsServer(String str) {
            if (this.mDnsServersConfigured) {
                return;
            }
            try {
                this.mDnsServers.add(Utils.b(str));
                recordAddressFamily(str);
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }

        public void addRoute(String str, int i) {
            try {
                if (isIPv6(str)) {
                    this.mRoutesIPv6.add(new l0.e.a.e.a(str, i));
                } else {
                    this.mRoutesIPv4.add(new l0.e.a.e.a(str, i));
                }
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }

        @TargetApi(21)
        public void applyData(VpnService.Builder builder) {
            for (l0.e.a.e.a aVar : this.mAddresses) {
                builder.addAddress(aVar.k(), aVar.p.intValue());
            }
            Iterator<InetAddress> it = this.mDnsServers.iterator();
            while (it.hasNext()) {
                builder.addDnsServer(it.next());
            }
            if ((this.mSplitTunneling & 1) == 0) {
                if (this.mIPv4Seen) {
                    c cVar = new c();
                    if (this.mIncludedSubnetsv4.m.size() > 0) {
                        cVar.d(this.mIncludedSubnetsv4);
                    } else {
                        cVar.g(this.mRoutesIPv4);
                    }
                    cVar.j(this.mExcludedSubnets);
                    b.a aVar2 = new b.a();
                    while (aVar2.hasNext()) {
                        l0.e.a.e.a aVar3 = (l0.e.a.e.a) aVar2.next();
                        try {
                            builder.addRoute(aVar3.k(), aVar3.p.intValue());
                        } catch (IllegalArgumentException e) {
                            if (!aVar3.k().isMulticastAddress()) {
                                throw e;
                            }
                        }
                    }
                } else {
                    builder.allowFamily(OsConstants.AF_INET);
                }
            } else if (this.mIPv4Seen) {
                builder.addRoute("0.0.0.0", 0);
            }
            if ((this.mSplitTunneling & 2) == 0) {
                if (this.mIPv6Seen) {
                    c cVar2 = new c();
                    if (this.mIncludedSubnetsv6.m.size() > 0) {
                        cVar2.d(this.mIncludedSubnetsv6);
                    } else {
                        cVar2.g(this.mRoutesIPv6);
                    }
                    cVar2.j(this.mExcludedSubnets);
                    b.a aVar4 = new b.a();
                    while (aVar4.hasNext()) {
                        l0.e.a.e.a aVar5 = (l0.e.a.e.a) aVar4.next();
                        try {
                            builder.addRoute(aVar5.k(), aVar5.p.intValue());
                        } catch (IllegalArgumentException e2) {
                            if (!aVar5.k().isMulticastAddress()) {
                                throw e2;
                            }
                        }
                    }
                }
            } else if (this.mIPv6Seen) {
                builder.addRoute("::", 0);
            }
            if (this.mSelectedApps.size() > 0) {
                int ordinal = this.mAppHandling.ordinal();
                if (ordinal == 1) {
                    Iterator<String> it2 = this.mSelectedApps.iterator();
                    while (it2.hasNext()) {
                        try {
                            builder.addDisallowedApplication(it2.next());
                        } catch (PackageManager.NameNotFoundException unused) {
                        }
                    }
                } else if (ordinal == 2) {
                    Iterator<String> it3 = this.mSelectedApps.iterator();
                    while (it3.hasNext()) {
                        try {
                            builder.addAllowedApplication(it3.next());
                        } catch (PackageManager.NameNotFoundException unused2) {
                        }
                    }
                }
            }
            builder.setMtu(this.mMtu);
        }

        public void recordAddressFamily(String str) {
            try {
                if (isIPv6(str)) {
                    this.mIPv6Seen = true;
                } else {
                    this.mIPv4Seen = true;
                }
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }

        public void setMtu(int i) {
            this.mMtu = i;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Notification buildNotification(boolean z2) {
        boolean z3;
        i.a aVar = i.a.NO_ERROR;
        i iVar = this.mService;
        a aVar2 = iVar.q;
        i.e eVar = iVar.r;
        i.a aVar3 = iVar.s;
        String str = aVar2 != null ? aVar2.m : CoreConstants.EMPTY_STRING;
        z.i.d.i iVar2 = new z.i.d.i(this, NOTIFICATION_CHANNEL);
        iVar2.f1733z.icon = o.c.a.g.c.b.ic_notification;
        iVar2.p = "service";
        iVar2.s = z2 ? 1 : 0;
        int i = d.state_disabled;
        if (aVar3 != aVar) {
            i iVar3 = this.mService;
            int ordinal = iVar3.s.ordinal();
            i = ordinal != 1 ? ordinal != 2 ? ordinal != 3 ? ordinal != 4 ? ordinal != 6 ? ordinal != 7 ? d.error_generic : d.error_certificate_unavailable : d.error_password_missing : d.error_unreachable : d.error_lookup_failed : d.error_peer_auth_failed : iVar3.t == l0.e.a.b.j.a.BLOCK ? d.error_assessment_failed : d.error_auth_failed;
            iVar2.f1733z.icon = o.c.a.g.c.b.ic_notification_warning;
            iVar2.r = z.i.e.a.c(this, o.c.a.g.c.a.error_text);
            if (!z2 && aVar2 != null) {
                int i2 = (int) (this.mService.x / 1000);
                if (i2 > 0) {
                    iVar2.d(getResources().getQuantityString(o.c.a.g.c.c.retry_in, i2, Integer.valueOf(i2)));
                    iVar2.l = (int) (this.mService.w / 1000);
                    iVar2.m = i2;
                    iVar2.n = false;
                }
                Intent intent = new Intent(getApplicationContext(), (Class<?>) l0.e.a.d.b.class);
                intent.addFlags(268435456);
                intent.setAction(CoreConstants.EMPTY_STRING);
                intent.putExtra(CoreConstants.EMPTY_STRING, aVar2.H.toString());
                iVar2.a(o.c.a.g.c.b.ic_notification_connecting, getString(d.retry), PendingIntent.getActivity(getApplicationContext(), 0, intent, 134217728));
                z3 = true;
            }
            z3 = false;
        } else {
            iVar2.l = 0;
            iVar2.m = 0;
            iVar2.n = false;
            int ordinal2 = eVar.ordinal();
            if (ordinal2 == 1) {
                i = d.state_connecting;
                iVar2.f1733z.icon = o.c.a.g.c.b.ic_notification_connecting;
                iVar2.r = z.i.e.a.c(this, o.c.a.g.c.a.warning_text);
            } else if (ordinal2 != 2) {
                if (ordinal2 == 3) {
                    i = d.state_disconnecting;
                }
                z3 = false;
            } else {
                i = d.state_connected;
                iVar2.r = z.i.e.a.c(this, o.c.a.g.c.a.success_text);
                iVar2.j = true;
            }
            z3 = true;
        }
        iVar2.e(getString(i));
        if (!z2) {
            if (z3) {
                Intent intent2 = new Intent(getApplicationContext(), (Class<?>) l0.e.a.d.b.class);
                intent2.setAction(CoreConstants.EMPTY_STRING);
                iVar2.a(o.c.a.g.c.b.ic_notification_disconnect, getString(d.disconnect), PendingIntent.getActivity(getApplicationContext(), 0, intent2, 134217728));
            }
            if (aVar3 == aVar) {
                iVar2.d(str);
            }
            iVar2.t = buildNotification(true);
        }
        iVar2.g = PendingIntent.getActivity(getApplicationContext(), 0, new Intent(getApplicationContext(), (Class<?>) l0.e.a.d.a.class), 134217728);
        return iVar2.b();
    }

    private void createNotificationChannel() {
        if (Build.VERSION.SDK_INT >= 26) {
            NotificationChannel notificationChannel = new NotificationChannel(NOTIFICATION_CHANNEL, getString(d.permanent_notification_name), 2);
            notificationChannel.setDescription(getString(d.permanent_notification_description));
            notificationChannel.setLockscreenVisibility(-1);
            notificationChannel.setShowBadge(false);
            ((NotificationManager) getSystemService(NotificationManager.class)).createNotificationChannel(notificationChannel);
        }
    }

    public static String getAndroidVersion() {
        StringBuilder r = o.d.b.a.a.r("Android ");
        r.append(Build.VERSION.RELEASE);
        r.append(" - ");
        r.append(Build.DISPLAY);
        String sb = r.toString();
        if (Build.VERSION.SDK_INT < 23) {
            return sb;
        }
        StringBuilder t = o.d.b.a.a.t(sb, "/");
        t.append(Build.VERSION.SECURITY_PATCH);
        return t.toString();
    }

    public static String getDeviceString() {
        return Build.MODEL + " - " + Build.BRAND + "/" + Build.PRODUCT + "/" + Build.MANUFACTURER;
    }

    private byte[][] getTrustedCertificates() {
        ArrayList arrayList = new ArrayList();
        l0.e.a.b.b b = l0.e.a.b.b.b();
        b.c();
        try {
            String str = this.mCurrentCertificateAlias;
            if (str != null) {
                X509Certificate a = b.a(str);
                if (a == null) {
                    return null;
                }
                arrayList.add(a.getEncoded());
            } else {
                b.a.readLock().lock();
                Hashtable hashtable = (Hashtable) b.b.clone();
                b.a.readLock().unlock();
                Iterator it = hashtable.values().iterator();
                while (it.hasNext()) {
                    arrayList.add(((X509Certificate) it.next()).getEncoded());
                }
            }
            return (byte[][]) arrayList.toArray(new byte[arrayList.size()]);
        } catch (CertificateEncodingException e) {
            e.printStackTrace();
            return null;
        }
    }

    private byte[][] getUserCertificate() throws KeyChainException, InterruptedException, CertificateEncodingException {
        ArrayList arrayList = new ArrayList();
        X509Certificate[] certificateChain = KeyChain.getCertificateChain(getApplicationContext(), this.mCurrentUserCertificateAlias);
        if (certificateChain == null || certificateChain.length == 0) {
            return null;
        }
        for (X509Certificate x509Certificate : certificateChain) {
            arrayList.add(x509Certificate.getEncoded());
        }
        return (byte[][]) arrayList.toArray(new byte[arrayList.size()]);
    }

    private PrivateKey getUserKey() throws KeyChainException, InterruptedException {
        return KeyChain.getPrivateKey(getApplicationContext(), this.mCurrentUserCertificateAlias);
    }

    private void removeNotification() {
        this.mHandler.post(new Runnable() { // from class: org.strongswan.android.logic.CharonVpnService.3
            @Override // java.lang.Runnable
            public void run() {
                CharonVpnService.this.mShowNotification = false;
                CharonVpnService.this.stopForeground(true);
            }
        });
    }

    private void setError(i.a aVar) {
        synchronized (this.mServiceLock) {
            if (this.mService != null) {
                i iVar = this.mService;
                iVar.p.post(new l0.e.a.b.c(iVar, new f(iVar, aVar)));
            }
        }
    }

    private void setErrorDisconnect(i.a aVar) {
        synchronized (this.mServiceLock) {
            if (this.mService != null && !this.mIsDisconnecting) {
                i iVar = this.mService;
                iVar.p.post(new l0.e.a.b.c(iVar, new f(iVar, aVar)));
            }
        }
    }

    private void setImcState(l0.e.a.b.j.a aVar) {
        synchronized (this.mServiceLock) {
            if (this.mService != null) {
                i iVar = this.mService;
                iVar.p.post(new l0.e.a.b.c(iVar, new g(iVar, aVar)));
            }
        }
    }

    private void setNextProfile(a aVar) {
        synchronized (this) {
            this.mNextProfile = aVar;
            this.mProfileUpdated = true;
            notifyAll();
        }
    }

    private void setState(i.e eVar) {
        synchronized (this.mServiceLock) {
            if (this.mService != null) {
                i iVar = this.mService;
                iVar.p.post(new l0.e.a.b.c(iVar, new e(iVar, eVar)));
            }
        }
    }

    private void startConnection(a aVar) {
        synchronized (this.mServiceLock) {
            if (this.mService != null) {
                i iVar = this.mService;
                iVar.p.post(new l0.e.a.b.c(iVar, new l0.e.a.b.d(iVar, aVar)));
            }
        }
    }

    private void stopCurrentConnection() {
        synchronized (this) {
            if (this.mNextProfile != null) {
                this.mBuilderAdapter.setProfile(this.mNextProfile);
                this.mBuilderAdapter.establishBlocking();
            }
            if (this.mCurrentProfile != null) {
                setState(i.e.DISCONNECTING);
                this.mIsDisconnecting = true;
                SimpleFetcher.disable();
                deinitializeCharon();
                Log.i(TAG, "charon stopped");
                this.mCurrentProfile = null;
                if (this.mNextProfile == null) {
                    removeNotification();
                    this.mBuilderAdapter.closeBlocking();
                }
            }
        }
    }

    public void addNotification() {
        this.mHandler.post(new Runnable() { // from class: org.strongswan.android.logic.CharonVpnService.2
            @Override // java.lang.Runnable
            public void run() {
                CharonVpnService.this.mShowNotification = true;
                CharonVpnService charonVpnService = CharonVpnService.this;
                charonVpnService.startForeground(1, charonVpnService.buildNotification(false));
            }
        });
    }

    public void addRemediationInstruction(String str) {
        LinkedList linkedList = new LinkedList();
        XmlPullParser newPullParser = Xml.newPullParser();
        try {
            newPullParser.setInput(new StringReader(str));
            newPullParser.nextTag();
            l0.e.a.b.j.b.a(newPullParser, linkedList);
        } catch (IOException e) {
            e.printStackTrace();
        } catch (XmlPullParserException e2) {
            e2.printStackTrace();
        }
        Iterator it = linkedList.iterator();
        while (it.hasNext()) {
            l0.e.a.b.j.b bVar = (l0.e.a.b.j.b) it.next();
            synchronized (this.mServiceLock) {
                if (this.mService != null) {
                    i iVar = this.mService;
                    iVar.p.post(new h(iVar, bVar));
                }
            }
        }
    }

    public native void deinitializeCharon();

    public native boolean initializeCharon(BuilderAdapter builderAdapter, String str, String str2, boolean z2);

    public native void initiate(String str);

    @Override // android.app.Service
    public void onCreate() {
        StringBuilder sb = new StringBuilder();
        sb.append(getFilesDir().getAbsolutePath());
        this.mLogFile = o.d.b.a.a.l(sb, File.separator, LOG_FILE);
        this.mAppDir = getFilesDir().getAbsolutePath();
        this.mHandler = new Handler();
        l0.e.a.a.b bVar = new l0.e.a.a.b(this);
        this.mDataSource = bVar;
        bVar.f();
        this.mConnectionHandler = new Thread(this);
        bindService(new Intent(this, (Class<?>) i.class), this.mServiceConnection, 1);
        createNotificationChannel();
    }

    @Override // android.app.Service
    public void onDestroy() {
        this.mTerminate = true;
        setNextProfile(null);
        try {
            this.mConnectionHandler.join();
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
        i iVar = this.mService;
        if (iVar != null) {
            iVar.m.remove(this);
            unbindService(this.mServiceConnection);
        }
        l0.e.a.a.b bVar = this.mDataSource;
        b.a aVar = bVar.a;
        if (aVar != null) {
            aVar.close();
            bVar.a = null;
        }
    }

    @Override // android.net.VpnService
    public void onRevoke() {
        setNextProfile(null);
    }

    @Override // android.app.Service
    public int onStartCommand(Intent intent, int i, int i2) {
        Bundle extras;
        if (intent == null) {
            return 2;
        }
        boolean z2 = false;
        a aVar = null;
        if (VPN_SERVICE_ACTION.equals(intent.getAction())) {
            SharedPreferences defaultSharedPreferences = PreferenceManager.getDefaultSharedPreferences(this);
            String string = defaultSharedPreferences.getString("pref_default_vpn_profile", null);
            if (string == null || string.equals("pref_default_vpn_profile_mru")) {
                string = defaultSharedPreferences.getString("pref_mru_vpn_profile", null);
            }
            l0.e.a.a.b bVar = this.mDataSource;
            if (bVar == null) {
                throw null;
            }
            if (string != null) {
                try {
                    aVar = bVar.e(UUID.fromString(string));
                } catch (IllegalArgumentException e) {
                    e.printStackTrace();
                }
            }
        } else if (!DISCONNECT_ACTION.equals(intent.getAction()) && (extras = intent.getExtras()) != null) {
            l0.e.a.a.b bVar2 = this.mDataSource;
            String string2 = extras.getString("_uuid");
            if (bVar2 == null) {
                throw null;
            }
            if (string2 != null) {
                try {
                    aVar = bVar2.e(UUID.fromString(string2));
                } catch (IllegalArgumentException e2) {
                    e2.printStackTrace();
                }
            }
            if (aVar != null) {
                aVar.p = extras.getString("password");
                z2 = extras.getBoolean(KEY_IS_RETRY, false);
                PreferenceManager.getDefaultSharedPreferences(this).edit().putString("pref_mru_vpn_profile", aVar.H.toString()).apply();
            }
        }
        if (aVar != null && !z2) {
            deleteFile(LOG_FILE);
        }
        setNextProfile(aVar);
        return 2;
    }

    @Override // java.lang.Runnable
    public void run() {
        i.e eVar = i.e.DISABLED;
        while (true) {
            synchronized (this) {
                while (!this.mProfileUpdated) {
                    try {
                        wait();
                    } catch (InterruptedException unused) {
                        stopCurrentConnection();
                        setState(eVar);
                    }
                }
                this.mProfileUpdated = false;
                stopCurrentConnection();
                if (this.mNextProfile == null) {
                    setState(eVar);
                    if (this.mTerminate) {
                        return;
                    }
                } else {
                    a aVar = this.mNextProfile;
                    this.mCurrentProfile = aVar;
                    this.mNextProfile = null;
                    this.mCurrentCertificateAlias = aVar.q;
                    this.mCurrentUserCertificateAlias = this.mCurrentProfile.r;
                    startConnection(this.mCurrentProfile);
                    this.mIsDisconnecting = false;
                    SimpleFetcher.enable();
                    o.c.d.a.f("CharonService(" + this + ") - creating foreground notification, Thread: " + Thread.currentThread(), new Object[0]);
                    addNotification();
                    this.mBuilderAdapter.setProfile(this.mCurrentProfile);
                    if (initializeCharon(this.mBuilderAdapter, this.mLogFile, this.mAppDir, this.mCurrentProfile.G.n.contains(c.a.BYOD))) {
                        Log.i(TAG, "charon started");
                        if (this.mCurrentProfile.G.n.contains(c.a.USER_PASS) && this.mCurrentProfile.p == null) {
                            setError(i.a.PASSWORD_MISSING);
                        } else {
                            l0.e.a.e.d dVar = new l0.e.a.e.d();
                            dVar.d("global.language", Locale.getDefault().getLanguage());
                            dVar.c("global.mtu", this.mCurrentProfile.A);
                            dVar.c("global.nat_keepalive", this.mCurrentProfile.D);
                            dVar.b("global.rsa_pss", Boolean.valueOf((this.mCurrentProfile.a().intValue() & 16) != 0));
                            dVar.b("global.crl", Boolean.valueOf((this.mCurrentProfile.a().intValue() & 2) == 0));
                            dVar.b("global.ocsp", Boolean.valueOf((this.mCurrentProfile.a().intValue() & 4) == 0));
                            dVar.d("connection.type", this.mCurrentProfile.G.m);
                            dVar.d("connection.server", this.mCurrentProfile.n);
                            dVar.c("connection.port", this.mCurrentProfile.B);
                            dVar.d("connection.username", this.mCurrentProfile.f680o);
                            dVar.d("connection.password", this.mCurrentProfile.p);
                            dVar.d("connection.local_id", this.mCurrentProfile.t);
                            dVar.d("connection.remote_id", this.mCurrentProfile.s);
                            dVar.b("connection.certreq", Boolean.valueOf((this.mCurrentProfile.a().intValue() & 1) == 0));
                            dVar.b("connection.strict_revocation", Boolean.valueOf((this.mCurrentProfile.a().intValue() & 8) != 0));
                            dVar.d("connection.ike_proposal", this.mCurrentProfile.x);
                            dVar.d("connection.esp_proposal", this.mCurrentProfile.f681y);
                            StringBuilder sb = new StringBuilder();
                            dVar.a(dVar.a, sb);
                            initiate(sb.toString());
                        }
                    } else {
                        Log.e(TAG, "failed to start charon");
                        setError(i.a.GENERIC_ERROR);
                        setState(eVar);
                        this.mCurrentProfile = null;
                    }
                }
            }
        }
    }

    public void stateChanged() {
        if (this.mShowNotification) {
            ((NotificationManager) getSystemService("notification")).notify(1, buildNotification(false));
        }
    }

    public void updateImcState(int i) {
        l0.e.a.b.j.a aVar;
        l0.e.a.b.j.a[] values = l0.e.a.b.j.a.values();
        int length = values.length;
        int i2 = 0;
        while (true) {
            if (i2 >= length) {
                aVar = null;
                break;
            }
            aVar = values[i2];
            if (aVar.m == i) {
                break;
            } else {
                i2++;
            }
        }
        if (aVar != null) {
            setImcState(aVar);
        }
    }

    public void updateStatus(int i) {
        switch (i) {
            case 1:
                setState(i.e.CONNECTED);
                return;
            case 2:
                if (this.mIsDisconnecting) {
                    return;
                }
                setState(i.e.CONNECTING);
                return;
            case 3:
                setErrorDisconnect(i.a.AUTH_FAILED);
                return;
            case 4:
                setErrorDisconnect(i.a.PEER_AUTH_FAILED);
                return;
            case 5:
                setErrorDisconnect(i.a.LOOKUP_FAILED);
                return;
            case 6:
                setErrorDisconnect(i.a.UNREACHABLE);
                return;
            case 7:
                setErrorDisconnect(i.a.CERTIFICATE_UNAVAILABLE);
                return;
            case 8:
                setErrorDisconnect(i.a.GENERIC_ERROR);
                return;
            default:
                Log.e(TAG, "Unknown status code received");
                return;
        }
    }
}
