package org.strongswan.android.logic;

import COm8.LPT9;
import android.annotation.TargetApi;
import android.app.NotificationManager;
import android.app.PendingIntent;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.ServiceConnection;
import android.content.pm.PackageManager;
import android.net.VpnService;
import android.os.Build;
import android.os.Handler;
import android.os.ParcelFileDescriptor;
import android.security.KeyChainException;
import android.support.v4.COm8.lPT4;
import android.system.OsConstants;
import android.util.Log;
import com.LPT8.COm8.COm8.COm8.lPt6;
import com.browsec.vpn.LPT7.COm7.COm2;
import com.browsec.vpn.Lpt7.lPt5;
import com.browsec.vpn.MainActivity;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.nio.ByteBuffer;
import java.nio.channels.ClosedByInterruptException;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.SortedSet;
import org.strongswan.android.data.VpnProfile;
import org.strongswan.android.data.VpnType;
import org.strongswan.android.interfaces.IKeyChainProvider;
import org.strongswan.android.logic.VpnStateService;
import org.strongswan.android.logic.imc.ImcState;
import org.strongswan.android.logic.imc.RemediationInstruction;
import org.strongswan.android.utils.IPRange;
import org.strongswan.android.utils.IPRangeSet;
import org.strongswan.android.utils.SettingsWriter;
import org.strongswan.android.utils.Utils;

/* loaded from: classes.dex */
public class CharonVpnService extends VpnService implements Runnable, VpnStateService.VpnStateListener {
    public static final String DISCONNECT_ACTION = "com.browsec.vpn.DISCONNECT";
    public static final String EXTRA_STATE = "STATE";
    public static final String KEY_RETRY = "retry_n";
    public static final String LOG_FILE = "native.log";
    static final int STATE_AUTH_ERROR = 3;
    static final int STATE_CERTIFICATE_UNAVAILABLE = 7;
    static final int STATE_CHILD_SA_DOWN = 2;
    static final int STATE_CHILD_SA_UP = 1;
    static final int STATE_GENERIC_ERROR = 8;
    static final int STATE_LOOKUP_ERROR = 5;
    static final int STATE_PEER_AUTH_ERROR = 4;
    static final int STATE_UNREACHABLE_ERROR = 6;
    private static final String TAG = "VpnService";
    public static final int VPN_STATE_NOTIFICATION_ID = 7493721;
    LPT9<lPt5> charonExtensionLazy;
    LPT9<IKeyChainProvider> keyChainProviderLazy;
    private String mAppDir;
    private Thread mConnectionHandler;
    private volatile String mCurrentCertificateAlias;
    private VpnProfile mCurrentProfile;
    private volatile String mCurrentUserCertificateAlias;
    private Handler mHandler;
    private volatile boolean mIsDisconnecting;
    private String mLogFile;
    private VpnProfile mNextProfile;
    private volatile boolean mProfileUpdated;
    private VpnStateService mService;
    private VpnStateService.ErrorState mServiceErrorState;
    private VpnStateService.State mServiceState;
    private volatile boolean mShowNotification;
    private volatile boolean mTerminate;
    LPT9<TrustedCertificateManager> trustedCertificateManagerLazy;
    private BuilderAdapter mBuilderAdapter = new BuilderAdapter();
    private final Object mServiceLock = new Object();
    private final ServiceConnection mServiceConnection = new com.browsec.vpn.LPT7.COm7.lPt5() { // from class: org.strongswan.android.logic.CharonVpnService.1
        @Override // com.browsec.vpn.LPT7.COm7.lPt5
        public void onVpnStateServiceConnected(VpnStateService vpnStateService) {
            synchronized (CharonVpnService.this.mServiceLock) {
                CharonVpnService.this.mService = vpnStateService;
            }
            CharonVpnService.this.mServiceState = vpnStateService.getState();
            CharonVpnService.this.mServiceErrorState = vpnStateService.getErrorState();
            vpnStateService.registerListener(CharonVpnService.this);
            CharonVpnService.this.mConnectionHandler.start();
        }

        @Override // com.browsec.vpn.LPT7.COm7.lPt5
        public void onVpnStateServiceDisconnected() {
            synchronized (CharonVpnService.this.mServiceLock) {
                CharonVpnService.this.mService = null;
            }
        }
    };
    private final BroadcastReceiver mVpnOffReceiver = new BroadcastReceiver() { // from class: org.strongswan.android.logic.CharonVpnService.2
        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            boolean z;
            VpnStateService vpnStateService = CharonVpnService.this.mService;
            if (vpnStateService != null) {
                z = COm2.LPT9(vpnStateService);
                vpnStateService.resetServiceState();
            } else {
                z = true;
            }
            if (z) {
                Intent intent2 = new Intent(CharonVpnService.this.getApplicationContext(), (Class<?>) CharonVpnService.class);
                intent2.setAction(CharonVpnService.DISCONNECT_ACTION);
                CharonVpnService.this.onStartCommand(intent2, 0, 0);
            }
        }
    };

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.strongswan.android.logic.CharonVpnService$5, reason: invalid class name */
    /* loaded from: classes.dex */
    public static /* synthetic */ class AnonymousClass5 {
        static final /* synthetic */ int[] $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling = new int[VpnProfile.SelectedAppsHandling.values().length];
        static final /* synthetic */ int[] $SwitchMap$org$strongswan$android$logic$VpnStateService$State;

        static {
            try {
                $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling[VpnProfile.SelectedAppsHandling.SELECTED_APPS_DISABLE.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling[VpnProfile.SelectedAppsHandling.SELECTED_APPS_EXCLUDE.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling[VpnProfile.SelectedAppsHandling.SELECTED_APPS_ONLY.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            $SwitchMap$org$strongswan$android$logic$VpnStateService$State = new int[VpnStateService.State.values().length];
            try {
                $SwitchMap$org$strongswan$android$logic$VpnStateService$State[VpnStateService.State.CONNECTING.ordinal()] = 1;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                $SwitchMap$org$strongswan$android$logic$VpnStateService$State[VpnStateService.State.CONNECTED.ordinal()] = 2;
            } catch (NoSuchFieldError unused5) {
            }
            try {
                $SwitchMap$org$strongswan$android$logic$VpnStateService$State[VpnStateService.State.DISCONNECTING.ordinal()] = 3;
            } catch (NoSuchFieldError unused6) {
            }
        }
    }

    /* loaded from: classes.dex */
    public class BuilderAdapter {
        private VpnService.Builder mBuilder;
        private BuilderCache mCache;
        private PacketDropper mDropper = new PacketDropper();
        private BuilderCache mEstablishedCache;
        private VpnProfile mProfile;

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: classes.dex */
        public class PacketDropper implements Runnable {
            private ParcelFileDescriptor mFd;
            private Thread mThread;

            private PacketDropper() {
            }

            @Override // java.lang.Runnable
            public synchronized void run() {
                try {
                    try {
                        FileInputStream fileInputStream = new FileInputStream(this.mFd.getFileDescriptor());
                        ByteBuffer allocate = ByteBuffer.allocate(BuilderAdapter.this.mCache.mMtu);
                        while (true) {
                            if (Build.VERSION.SDK_INT >= 24) {
                                int read = fileInputStream.getChannel().read(allocate);
                                allocate.clear();
                                if (read < 0) {
                                    break;
                                }
                            } else {
                                boolean z = true;
                                if (fileInputStream.available() > 0) {
                                    int read2 = fileInputStream.read(allocate.array());
                                    allocate.clear();
                                    if (read2 < 0 || Thread.interrupted()) {
                                        break;
                                    } else {
                                        z = false;
                                    }
                                }
                                if (z) {
                                    Thread.sleep(250L);
                                }
                            }
                        }
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                } catch (InterruptedException | ClosedByInterruptException unused) {
                }
            }

            public void start(ParcelFileDescriptor parcelFileDescriptor) {
                this.mFd = parcelFileDescriptor;
                this.mThread = new Thread(this);
                this.mThread.start();
            }

            public void stop() {
                if (this.mFd != null) {
                    try {
                        this.mThread.interrupt();
                        this.mThread.join();
                        this.mFd.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    } catch (InterruptedException e2) {
                        e2.printStackTrace();
                    }
                    this.mFd = null;
                }
            }
        }

        public BuilderAdapter() {
        }

        private VpnService.Builder createBuilder(String str) {
            VpnService.Builder builder = new VpnService.Builder(CharonVpnService.this);
            builder.setSession(str);
            Context applicationContext = CharonVpnService.this.getApplicationContext();
            builder.setConfigureIntent(PendingIntent.getActivity(applicationContext, 0, new Intent(applicationContext, (Class<?>) MainActivity.class), 134217728));
            return builder;
        }

        private synchronized ParcelFileDescriptor establishIntern() {
            try {
                this.mCache.applyData(this.mBuilder);
                ParcelFileDescriptor establish = this.mBuilder.establish();
                if (establish != null) {
                    closeBlocking();
                }
                if (establish == null) {
                    return null;
                }
                this.mBuilder = createBuilder(this.mProfile.getName());
                this.mEstablishedCache = this.mCache;
                this.mCache = new BuilderCache(this.mProfile);
                return establish;
            } catch (Exception e) {
                e.printStackTrace();
                return null;
            }
        }

        public synchronized boolean addAddress(String str, int i) {
            try {
                this.mCache.addAddress(str, i);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized boolean addDnsServer(String str) {
            try {
                this.mCache.addDnsServer(str);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized boolean addRoute(String str, int i) {
            try {
                this.mCache.addRoute(str, i);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized boolean addSearchDomain(String str) {
            try {
                this.mBuilder.addSearchDomain(str);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized void closeBlocking() {
            this.mDropper.stop();
        }

        public synchronized int establish() {
            ParcelFileDescriptor establishIntern = establishIntern();
            if (establishIntern == null) {
                return -1;
            }
            return establishIntern.detachFd();
        }

        @TargetApi(21)
        public synchronized void establishBlocking() {
            this.mCache.addAddress("172.16.252.1", 32);
            this.mCache.addAddress("fd00::fd02:1", 128);
            this.mCache.addRoute("0.0.0.0", 0);
            this.mCache.addRoute("::", 0);
            this.mBuilder.addDnsServer("8.8.8.8");
            this.mBuilder.addDnsServer("2001:4860:4860::8888");
            this.mBuilder.setBlocking(true);
            ParcelFileDescriptor establishIntern = establishIntern();
            if (establishIntern != null) {
                this.mDropper.start(establishIntern);
            }
        }

        public synchronized int establishNoDns() {
            if (this.mEstablishedCache == null) {
                return -1;
            }
            try {
                VpnService.Builder createBuilder = createBuilder(this.mProfile.getName());
                this.mEstablishedCache.applyData(createBuilder);
                ParcelFileDescriptor establish = createBuilder.establish();
                if (establish == null) {
                    return -1;
                }
                return establish.detachFd();
            } catch (Exception e) {
                e.printStackTrace();
                return -1;
            }
        }

        public synchronized boolean setMtu(int i) {
            try {
                this.mCache.setMtu(i);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized void setProfile(VpnProfile vpnProfile) {
            this.mProfile = vpnProfile;
            this.mBuilder = createBuilder(this.mProfile.getName());
            this.mCache = new BuilderCache(this.mProfile);
        }
    }

    /* loaded from: classes.dex */
    public class BuilderCache {
        private final VpnProfile.SelectedAppsHandling mAppHandling;
        private boolean mDnsServersConfigured;
        private final IPRangeSet mExcludedSubnets;
        private boolean mIPv4Seen;
        private boolean mIPv6Seen;
        private int mMtu;
        private final SortedSet<String> mSelectedApps;
        private final int mSplitTunneling;
        private final List<IPRange> mAddresses = new ArrayList();
        private final List<IPRange> mRoutesIPv4 = new ArrayList();
        private final List<IPRange> mRoutesIPv6 = new ArrayList();
        private final IPRangeSet mIncludedSubnetsv4 = new IPRangeSet();
        private final IPRangeSet mIncludedSubnetsv6 = new IPRangeSet();
        private final List<InetAddress> mDnsServers = new ArrayList();

        /* JADX WARN: Removed duplicated region for block: B:30:0x00ba  */
        /* JADX WARN: Removed duplicated region for block: B:44:0x00e5  */
        /* JADX WARN: Removed duplicated region for block: B:48:0x00e8  */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public BuilderCache(org.strongswan.android.data.VpnProfile r8) {
            /*
                r6 = this;
                org.strongswan.android.logic.CharonVpnService.this = r7
                r6.<init>()
                java.util.ArrayList r0 = new java.util.ArrayList
                r0.<init>()
                r6.mAddresses = r0
                java.util.ArrayList r0 = new java.util.ArrayList
                r0.<init>()
                r6.mRoutesIPv4 = r0
                java.util.ArrayList r0 = new java.util.ArrayList
                r0.<init>()
                r6.mRoutesIPv6 = r0
                org.strongswan.android.utils.IPRangeSet r0 = new org.strongswan.android.utils.IPRangeSet
                r0.<init>()
                r6.mIncludedSubnetsv4 = r0
                org.strongswan.android.utils.IPRangeSet r0 = new org.strongswan.android.utils.IPRangeSet
                r0.<init>()
                r6.mIncludedSubnetsv6 = r0
                java.util.ArrayList r0 = new java.util.ArrayList
                r0.<init>()
                r6.mDnsServers = r0
                java.lang.String r0 = r8.getIncludedSubnets()
                org.strongswan.android.utils.IPRangeSet r0 = org.strongswan.android.utils.IPRangeSet.fromString(r0)
                java.util.Iterator r0 = r0.iterator()
            L3b:
                boolean r1 = r0.hasNext()
                if (r1 == 0) goto L63
                java.lang.Object r1 = r0.next()
                org.strongswan.android.utils.IPRange r1 = (org.strongswan.android.utils.IPRange) r1
                java.net.InetAddress r2 = r1.getFrom()
                boolean r2 = r2 instanceof java.net.Inet4Address
                if (r2 == 0) goto L55
                org.strongswan.android.utils.IPRangeSet r2 = r6.mIncludedSubnetsv4
                r2.add(r1)
                goto L3b
            L55:
                java.net.InetAddress r2 = r1.getFrom()
                boolean r2 = r2 instanceof java.net.Inet6Address
                if (r2 == 0) goto L3b
                org.strongswan.android.utils.IPRangeSet r2 = r6.mIncludedSubnetsv6
                r2.add(r1)
                goto L3b
            L63:
                java.lang.String r0 = r8.getExcludedSubnets()
                org.strongswan.android.utils.IPRangeSet r0 = org.strongswan.android.utils.IPRangeSet.fromString(r0)
                r6.mExcludedSubnets = r0
                java.lang.Integer r0 = r8.getSplitTunneling()
                r1 = 0
                if (r0 == 0) goto L79
                int r0 = r0.intValue()
                goto L7a
            L79:
                r0 = 0
            L7a:
                r6.mSplitTunneling = r0
                org.strongswan.android.data.VpnProfile$SelectedAppsHandling r0 = r8.getSelectedAppsHandling()
                java.util.SortedSet r2 = r8.getSelectedAppsSet()
                r6.mSelectedApps = r2
                int[] r2 = org.strongswan.android.logic.CharonVpnService.AnonymousClass5.$SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling
                int r3 = r0.ordinal()
                r2 = r2[r3]
                r3 = 1
                if (r2 == r3) goto La2
                r4 = 2
                if (r2 == r4) goto La9
                r4 = 3
                if (r2 == r4) goto L98
                goto Lb2
            L98:
                java.util.SortedSet<java.lang.String> r2 = r6.mSelectedApps
                java.lang.String r7 = r7.getPackageName()
                r2.remove(r7)
                goto Lb2
            La2:
                org.strongswan.android.data.VpnProfile$SelectedAppsHandling r0 = org.strongswan.android.data.VpnProfile.SelectedAppsHandling.SELECTED_APPS_EXCLUDE
                java.util.SortedSet<java.lang.String> r2 = r6.mSelectedApps
                r2.clear()
            La9:
                java.util.SortedSet<java.lang.String> r2 = r6.mSelectedApps
                java.lang.String r7 = r7.getPackageName()
                r2.add(r7)
            Lb2:
                r6.mAppHandling = r0
                java.lang.String r7 = r8.getDnsServers()
                if (r7 == 0) goto Ldf
                java.lang.String r7 = r8.getDnsServers()
                java.lang.String r0 = "\\s+"
                java.lang.String[] r7 = r7.split(r0)
                int r0 = r7.length
            Lc5:
                if (r1 >= r0) goto Ldf
                r2 = r7[r1]
                java.util.List<java.net.InetAddress> r4 = r6.mDnsServers     // Catch: java.net.UnknownHostException -> Ld8
                java.net.InetAddress r5 = org.strongswan.android.utils.Utils.parseInetAddress(r2)     // Catch: java.net.UnknownHostException -> Ld8
                r4.add(r5)     // Catch: java.net.UnknownHostException -> Ld8
                r6.recordAddressFamily(r2)     // Catch: java.net.UnknownHostException -> Ld8
                r6.mDnsServersConfigured = r3     // Catch: java.net.UnknownHostException -> Ld8
                goto Ldc
            Ld8:
                r2 = move-exception
                r2.printStackTrace()
            Ldc:
                int r1 = r1 + 1
                goto Lc5
            Ldf:
                java.lang.Integer r7 = r8.getMTU()
                if (r7 != 0) goto Le8
                r7 = 1500(0x5dc, float:2.102E-42)
                goto Lec
            Le8:
                int r7 = r7.intValue()
            Lec:
                r6.mMtu = r7
                return
            */
            throw new UnsupportedOperationException("Method not decompiled: org.strongswan.android.logic.CharonVpnService.BuilderCache.<init>(org.strongswan.android.logic.CharonVpnService, org.strongswan.android.data.VpnProfile):void");
        }

        private boolean isIPv6(String str) throws UnknownHostException {
            return Utils.parseInetAddress(str) instanceof Inet6Address;
        }

        public void addAddress(String str, int i) {
            try {
                this.mAddresses.add(new IPRange(str, i));
                recordAddressFamily(str);
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }

        public void addDnsServer(String str) {
            if (this.mDnsServersConfigured) {
                return;
            }
            try {
                this.mDnsServers.add(Utils.parseInetAddress(str));
                recordAddressFamily(str);
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }

        public void addRoute(String str, int i) {
            try {
                if (isIPv6(str)) {
                    this.mRoutesIPv6.add(new IPRange(str, i));
                } else {
                    this.mRoutesIPv4.add(new IPRange(str, i));
                }
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }

        @TargetApi(21)
        public void applyData(VpnService.Builder builder) {
            lPt6.cOm2(CharonVpnService.TAG, "BuilderCache applyData");
            for (IPRange iPRange : this.mAddresses) {
                builder.addAddress(iPRange.getFrom(), iPRange.getPrefix().intValue());
            }
            Iterator<InetAddress> it = this.mDnsServers.iterator();
            while (it.hasNext()) {
                builder.addDnsServer(it.next());
            }
            if ((this.mSplitTunneling & 1) == 0) {
                if (this.mIPv4Seen) {
                    IPRangeSet iPRangeSet = new IPRangeSet();
                    if (this.mIncludedSubnetsv4.size() > 0) {
                        iPRangeSet.add(this.mIncludedSubnetsv4);
                    } else {
                        iPRangeSet.addAll(this.mRoutesIPv4);
                    }
                    iPRangeSet.remove(this.mExcludedSubnets);
                    for (IPRange iPRange2 : iPRangeSet.subnets()) {
                        CharonVpnService.this.getApplicationContext();
                        COm2.LPT9(builder, iPRange2);
                    }
                } else if (Build.VERSION.SDK_INT >= 21) {
                    try {
                        builder.allowFamily(OsConstants.AF_INET);
                    } catch (Throwable th) {
                        lPt6.LPT9("LogHelper", th, "While adding allowFamily ipv4");
                    }
                }
            } else if (this.mIPv4Seen) {
                builder.addRoute("0.0.0.0", 0);
            }
            if ((this.mSplitTunneling & 2) == 0) {
                if (this.mIPv6Seen) {
                    IPRangeSet iPRangeSet2 = new IPRangeSet();
                    if (this.mIncludedSubnetsv6.size() > 0) {
                        iPRangeSet2.add(this.mIncludedSubnetsv6);
                    } else {
                        iPRangeSet2.addAll(this.mRoutesIPv6);
                    }
                    iPRangeSet2.remove(this.mExcludedSubnets);
                    for (IPRange iPRange3 : iPRangeSet2.subnets()) {
                        CharonVpnService.this.getApplicationContext();
                        COm2.LPT9(builder, iPRange3);
                    }
                } else if (Build.VERSION.SDK_INT >= 21) {
                    try {
                        builder.allowFamily(OsConstants.AF_INET6);
                    } catch (Throwable th2) {
                        lPt6.LPT9("LogHelper", th2, "While adding allowFamily ipv6");
                    }
                }
            } else if (this.mIPv6Seen) {
                builder.addRoute("::", 0);
            }
            if (this.mSelectedApps.size() > 0 && Build.VERSION.SDK_INT >= 21) {
                int i = AnonymousClass5.$SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling[this.mAppHandling.ordinal()];
                if (i == 2) {
                    Iterator<String> it2 = this.mSelectedApps.iterator();
                    while (it2.hasNext()) {
                        try {
                            builder.addDisallowedApplication(it2.next());
                        } catch (PackageManager.NameNotFoundException unused) {
                        } catch (Throwable th3) {
                            lPt6.LPT9("LogHelper", th3, "While excluding application from VPN");
                        }
                    }
                } else if (i == 3) {
                    Iterator<String> it3 = this.mSelectedApps.iterator();
                    while (it3.hasNext()) {
                        try {
                            builder.addAllowedApplication(it3.next());
                        } catch (PackageManager.NameNotFoundException unused2) {
                        } catch (Throwable th4) {
                            lPt6.LPT9("LogHelper", th4, "While including application to VPN");
                        }
                    }
                }
            }
            builder.setMtu(this.mMtu);
        }

        public void recordAddressFamily(String str) {
            try {
                if (isIPv6(str)) {
                    this.mIPv6Seen = true;
                } else {
                    this.mIPv4Seen = true;
                }
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }

        public void setMtu(int i) {
            this.mMtu = i;
        }
    }

    private void addNotification() {
        this.mHandler.post(new Runnable() { // from class: org.strongswan.android.logic.CharonVpnService.3
            @Override // java.lang.Runnable
            public void run() {
                CharonVpnService.this.mShowNotification = true;
                CharonVpnService charonVpnService = CharonVpnService.this;
                charonVpnService.startForeground(CharonVpnService.VPN_STATE_NOTIFICATION_ID, charonVpnService.buildNotification(false));
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Removed duplicated region for block: B:19:0x01c4  */
    /* JADX WARN: Removed duplicated region for block: B:23:0x01cf  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public android.app.Notification buildNotification(boolean r15) {
        /*
            Method dump skipped, instructions count: 570
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.strongswan.android.logic.CharonVpnService.buildNotification(boolean):android.app.Notification");
    }

    private static String getAndroidVersion() {
        String str = "Android " + Build.VERSION.RELEASE + " - " + Build.DISPLAY;
        if (Build.VERSION.SDK_INT < 23) {
            return str;
        }
        return str + "/" + Build.VERSION.SECURITY_PATCH;
    }

    private static String getDeviceString() {
        return Build.MODEL + " - " + Build.BRAND + "/" + Build.PRODUCT + "/" + Build.MANUFACTURER;
    }

    private byte[][] getTrustedCertificates() {
        ArrayList arrayList = new ArrayList();
        TrustedCertificateManager LPT9 = this.trustedCertificateManagerLazy.LPT9();
        try {
            String str = this.mCurrentCertificateAlias;
            if (str != null) {
                X509Certificate cACertificateFromAlias = LPT9.getCACertificateFromAlias(str);
                if (cACertificateFromAlias == null) {
                    return null;
                }
                arrayList.add(cACertificateFromAlias.getEncoded());
            } else {
                Iterator<X509Certificate> it = LPT9.getAllCACertificates().values().iterator();
                while (it.hasNext()) {
                    arrayList.add(it.next().getEncoded());
                }
            }
            return (byte[][]) arrayList.toArray(new byte[arrayList.size()]);
        } catch (CertificateEncodingException e) {
            e.printStackTrace();
            return null;
        }
    }

    private byte[][] getUserCertificate() throws KeyChainException, InterruptedException, CertificateEncodingException {
        ArrayList arrayList = new ArrayList();
        X509Certificate[] certificateChain = this.keyChainProviderLazy.LPT9().getCertificateChain(getApplicationContext(), this.mCurrentUserCertificateAlias);
        if (certificateChain == null || certificateChain.length == 0) {
            return null;
        }
        for (X509Certificate x509Certificate : certificateChain) {
            if (x509Certificate != null) {
                arrayList.add(x509Certificate.getEncoded());
            }
        }
        return (byte[][]) arrayList.toArray(new byte[arrayList.size()]);
    }

    private PrivateKey getUserKey() throws KeyChainException, InterruptedException {
        return this.keyChainProviderLazy.LPT9().getPrivateKey(getApplicationContext(), this.mCurrentUserCertificateAlias);
    }

    private void removeNotification() {
        this.mHandler.post(new Runnable() { // from class: org.strongswan.android.logic.CharonVpnService.4
            @Override // java.lang.Runnable
            public void run() {
                CharonVpnService.this.mShowNotification = false;
                CharonVpnService.this.stopForeground(true);
            }
        });
    }

    private void setError(VpnStateService.ErrorState errorState) {
        synchronized (this.mServiceLock) {
            if (this.mService != null) {
                this.mService.setError(errorState);
            }
        }
    }

    private void setErrorDisconnect(VpnStateService.ErrorState errorState) {
        synchronized (this.mServiceLock) {
            if (this.mService != null && !this.mIsDisconnecting) {
                this.mService.setError(errorState);
            }
            this.mServiceErrorState = errorState;
            lPT4.LPT9(getApplicationContext()).LPT9(new Intent("com.browsec.vpn.vpn.c").putExtra(EXTRA_STATE, "ERROR"));
        }
    }

    private void setImcState(ImcState imcState) {
        synchronized (this.mServiceLock) {
            if (this.mService != null) {
                this.mService.setImcState(imcState);
            }
        }
    }

    private void setNextProfile(VpnProfile vpnProfile) {
        synchronized (this) {
            this.mNextProfile = vpnProfile;
            this.mProfileUpdated = true;
            notifyAll();
        }
    }

    private void setState(VpnStateService.State state) {
        synchronized (this.mServiceLock) {
            if (this.mService != null) {
                this.mService.setState(state);
            }
            this.mServiceState = state;
            new StringBuilder("Sending broadcast for state ").append(state);
            lPT4.LPT9(getApplicationContext()).LPT9(new Intent("com.browsec.vpn.vpn.c").putExtra(EXTRA_STATE, state.toString()));
        }
    }

    private void startConnection(VpnProfile vpnProfile) {
        synchronized (this.mServiceLock) {
            if (this.mService != null) {
                this.mService.startConnection(vpnProfile);
            }
        }
    }

    /* JADX WARN: Finally extract failed */
    private void stopCurrentConnection() {
        lPt6.cOm2(TAG, "stopCurrentConnection");
        synchronized (this) {
            if (this.mNextProfile != null && Build.VERSION.SDK_INT >= 21) {
                this.mBuilderAdapter.setProfile(this.mNextProfile);
                this.mBuilderAdapter.establishBlocking();
            }
            if (this.mCurrentProfile != null) {
                setState(VpnStateService.State.DISCONNECTING);
                this.mIsDisconnecting = true;
                try {
                    SimpleFetcher.disable();
                    deinitializeCharon();
                    lPt6.cOm2(TAG, "charon stopped");
                    this.mCurrentProfile = null;
                    if (this.mNextProfile == null) {
                        removeNotification();
                        this.mBuilderAdapter.closeBlocking();
                    }
                } catch (Throwable th) {
                    lPt6.cOm2(TAG, "charon stopped");
                    this.mCurrentProfile = null;
                    if (this.mNextProfile == null) {
                        removeNotification();
                        this.mBuilderAdapter.closeBlocking();
                    }
                    throw th;
                }
            }
        }
    }

    public void addRemediationInstruction(String str) {
        for (RemediationInstruction remediationInstruction : RemediationInstruction.fromXml(str)) {
            synchronized (this.mServiceLock) {
                if (this.mService != null) {
                    this.mService.addRemediationInstruction(remediationInstruction);
                }
            }
        }
    }

    public native void deinitializeCharon();

    public native boolean initializeCharon(BuilderAdapter builderAdapter, String str, String str2, boolean z);

    public native void initiate(String str);

    @Override // android.app.Service
    public void onCreate() {
        try {
            com.browsec.vpn.COm7.COm2.LPT9.LPT9().LPT9(this);
            this.mLogFile = getFilesDir().getAbsolutePath() + File.separator + LOG_FILE;
            this.mAppDir = getFilesDir().getAbsolutePath();
            this.mHandler = new Handler();
            this.mConnectionHandler = new Thread(this);
            bindService(new Intent(this, (Class<?>) VpnStateService.class), this.mServiceConnection, 1);
            lPT4.LPT9(this).LPT9(this.mVpnOffReceiver, new IntentFilter("com.browsec.vpn.off"));
        } catch (IllegalArgumentException unused) {
            this.mTerminate = true;
            lPt6.cOm2(TAG, "onCreate() no app context, terminating");
        }
    }

    @Override // android.app.Service
    public void onDestroy() {
        this.mTerminate = true;
        setNextProfile(null);
        Thread thread = this.mConnectionHandler;
        if (thread != null) {
            try {
                thread.join();
            } catch (InterruptedException e) {
                e.printStackTrace();
            }
        }
        VpnStateService vpnStateService = this.mService;
        if (vpnStateService != null) {
            vpnStateService.unregisterListener(this);
        }
        try {
            unbindService(this.mServiceConnection);
            this.mService = null;
        } catch (Throwable unused) {
        }
        lPT4.LPT9(this).LPT9(this.mVpnOffReceiver);
    }

    @Override // android.net.VpnService
    public void onRevoke() {
        setNextProfile(null);
    }

    /* JADX WARN: Removed duplicated region for block: B:24:0x0090  */
    /* JADX WARN: Removed duplicated region for block: B:32:0x0092  */
    @Override // android.app.Service
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public int onStartCommand(android.content.Intent r6, int r7, int r8) {
        /*
            r5 = this;
            java.lang.StringBuilder r0 = new java.lang.StringBuilder
            java.lang.String r1 = "onStartCommand "
            r0.<init>(r1)
            if (r6 == 0) goto L15
            java.lang.String r1 = r6.getAction()
            if (r1 != 0) goto L10
            goto L15
        L10:
            java.lang.String r1 = r6.getAction()
            goto L17
        L15:
            java.lang.String r1 = "NULL"
        L17:
            r0.append(r1)
            java.lang.String r1 = " "
            r0.append(r1)
            r0.append(r7)
            r0.append(r1)
            r0.append(r8)
            if (r6 == 0) goto Lb2
            COm8.LPT9<com.browsec.vpn.Lpt7.lPt5> r7 = r5.charonExtensionLazy
            java.lang.Object r7 = r7.LPT9()
            com.browsec.vpn.Lpt7.lPt5 r7 = (com.browsec.vpn.Lpt7.lPt5) r7
            r8 = 0
            if (r6 == 0) goto L3a
            java.lang.String r0 = r6.getAction()
            goto L3b
        L3a:
            r0 = r8
        L3b:
            java.lang.String r1 = "VpnServiceExt"
            java.lang.String r2 = "processStartCommand action:%s"
            com.LPT8.COm8.COm8.COm8.lPt6.LPT9(r1, r2, r0)
            java.lang.String r2 = "com.browsec.vpn.DISCONNECT"
            boolean r2 = r2.equals(r0)
            r3 = 0
            if (r2 != 0) goto L89
            COm8.LPT9<com.browsec.vpn.Lpt7.cOm5> r2 = r7.cOM1
            java.lang.Object r2 = r2.LPT9()
            com.browsec.vpn.Lpt7.cOm5 r2 = (com.browsec.vpn.Lpt7.cOm5) r2
            COm8.LPT9<com.browsec.vpn.LPT8.lPT4> r7 = r7.Lpt6
            java.lang.Object r7 = r7.LPT9()
            com.browsec.vpn.LPT8.lPT4 r7 = (com.browsec.vpn.LPT8.lPT4) r7
            com.browsec.vpn.LPT8.COm2$PRn r2 = r2.lpt2()
            if (r2 == 0) goto L69
            java.lang.String r8 = r2.LPT9
            org.strongswan.android.data.VpnProfile r7 = r7.LPT9(r8)
            r8 = r7
        L69:
            java.lang.String r7 = "com.browsec.vpn.CONNECT"
            boolean r7 = r7.equals(r0)
            if (r7 == 0) goto L89
            android.os.Bundle r6 = r6.getExtras()
            if (r6 == 0) goto L89
            if (r8 == 0) goto L89
            java.lang.String r7 = "retry_n"
            long r6 = r6.getLong(r7, r3)
            java.lang.Long r0 = java.lang.Long.valueOf(r6)
            java.lang.String r2 = "retry : %d"
            com.LPT8.COm8.COm8.COm8.lPt6.LPT9(r1, r2, r0)
            goto L8a
        L89:
            r6 = r3
        L8a:
            android.util.Pair r0 = new android.util.Pair
            int r1 = (r6 > r3 ? 1 : (r6 == r3 ? 0 : -1))
            if (r1 <= 0) goto L92
            r6 = 1
            goto L93
        L92:
            r6 = 0
        L93:
            java.lang.Boolean r6 = java.lang.Boolean.valueOf(r6)
            r0.<init>(r8, r6)
            java.lang.Object r6 = r0.first
            org.strongswan.android.data.VpnProfile r6 = (org.strongswan.android.data.VpnProfile) r6
            java.lang.Object r7 = r0.second
            java.lang.Boolean r7 = (java.lang.Boolean) r7
            boolean r7 = r7.booleanValue()
            if (r6 == 0) goto Laf
            if (r7 != 0) goto Laf
            java.lang.String r7 = "native.log"
            r5.deleteFile(r7)
        Laf:
            r5.setNextProfile(r6)
        Lb2:
            r6 = 2
            return r6
        */
        throw new UnsupportedOperationException("Method not decompiled: org.strongswan.android.logic.CharonVpnService.onStartCommand(android.content.Intent, int, int):int");
    }

    @Override // java.lang.Runnable
    public void run() {
        while (true) {
            synchronized (this) {
                while (!this.mProfileUpdated) {
                    try {
                        wait();
                    } catch (InterruptedException unused) {
                        stopCurrentConnection();
                        setState(VpnStateService.State.DISABLED);
                    }
                }
                this.mProfileUpdated = false;
                stopCurrentConnection();
                if (this.mNextProfile == null) {
                    setState(VpnStateService.State.DISABLED);
                    if (this.mTerminate) {
                        return;
                    }
                } else {
                    this.mCurrentProfile = this.mNextProfile;
                    this.mNextProfile = null;
                    this.mCurrentCertificateAlias = this.mCurrentProfile.getCertificateAlias();
                    this.mCurrentUserCertificateAlias = this.mCurrentProfile.getUserCertificateAlias();
                    startConnection(this.mCurrentProfile);
                    this.mIsDisconnecting = false;
                    SimpleFetcher.enable();
                    addNotification();
                    long currentTimeMillis = System.currentTimeMillis();
                    TrustedCertificateManager LPT9 = this.trustedCertificateManagerLazy.LPT9();
                    while (!LPT9.isLoaded() && System.currentTimeMillis() < 60000 + currentTimeMillis) {
                        try {
                            Thread.sleep(500L);
                        } catch (InterruptedException e) {
                            e.printStackTrace();
                        }
                    }
                    this.mBuilderAdapter.setProfile(this.mCurrentProfile);
                    if (!initializeCharon(this.mBuilderAdapter, this.mLogFile, this.mAppDir, this.mCurrentProfile.getVpnType().has(VpnType.VpnTypeFeature.BYOD))) {
                        setError(VpnStateService.ErrorState.GENERIC_ERROR);
                        setState(VpnStateService.State.DISABLED);
                        this.mCurrentProfile = null;
                    } else if (this.mCurrentProfile.getVpnType().has(VpnType.VpnTypeFeature.USER_PASS) && this.mCurrentProfile.getPassword() == null) {
                        setError(VpnStateService.ErrorState.PASSWORD_MISSING);
                    } else {
                        SettingsWriter settingsWriter = new SettingsWriter();
                        settingsWriter.setValue("global.language", Locale.getDefault().getLanguage());
                        settingsWriter.setValue("global.mtu", this.mCurrentProfile.getMTU());
                        settingsWriter.setValue("global.nat_keepalive", this.mCurrentProfile.getNATKeepAlive());
                        settingsWriter.setValue("global.rsa_pss", Boolean.valueOf((this.mCurrentProfile.getFlags().intValue() & 16) != 0));
                        settingsWriter.setValue("global.crl", Boolean.valueOf((this.mCurrentProfile.getFlags().intValue() & 2) == 0));
                        settingsWriter.setValue("global.ocsp", Boolean.valueOf((this.mCurrentProfile.getFlags().intValue() & 4) == 0));
                        settingsWriter.setValue("connection.type", this.mCurrentProfile.getVpnType().getIdentifier());
                        String gateway = this.mCurrentProfile.getGateway();
                        lPt6.LPT9(TAG, "connecting to %s %s", this.mCurrentProfile.getName(), gateway);
                        settingsWriter.setValue("connection.server", gateway);
                        settingsWriter.setValue("connection.port", this.mCurrentProfile.getPort());
                        settingsWriter.setValue("connection.username", this.mCurrentProfile.getUsername());
                        settingsWriter.setValue("connection.password", this.mCurrentProfile.getPassword());
                        settingsWriter.setValue("connection.local_id", this.mCurrentProfile.getLocalId());
                        settingsWriter.setValue("connection.remote_id", this.mCurrentProfile.getRemoteId());
                        settingsWriter.setValue("connection.certreq", Boolean.valueOf((this.mCurrentProfile.getFlags().intValue() & 1) == 0));
                        settingsWriter.setValue("connection.strict_revocation", Boolean.valueOf((this.mCurrentProfile.getFlags().intValue() & 8) != 0));
                        settingsWriter.setValue("connection.ike_proposal", this.mCurrentProfile.getIkeProposal());
                        settingsWriter.setValue("connection.esp_proposal", this.mCurrentProfile.getEspProposal());
                        initiate(settingsWriter.serialize());
                    }
                }
            }
        }
    }

    @Override // org.strongswan.android.logic.VpnStateService.VpnStateListener
    public void stateChanged() {
        if (this.mShowNotification) {
            ((NotificationManager) getSystemService("notification")).notify(VPN_STATE_NOTIFICATION_ID, buildNotification(false));
        }
    }

    public void updateImcState(int i) {
        ImcState fromValue = ImcState.fromValue(i);
        if (fromValue != null) {
            setImcState(fromValue);
        }
    }

    public void updateStatus(int i) {
        switch (i) {
            case 1:
                setState(VpnStateService.State.CONNECTED);
                return;
            case 2:
                if (this.mIsDisconnecting) {
                    return;
                }
                setState(VpnStateService.State.CONNECTING);
                return;
            case 3:
                setErrorDisconnect(VpnStateService.ErrorState.AUTH_FAILED);
                return;
            case 4:
                setErrorDisconnect(VpnStateService.ErrorState.PEER_AUTH_FAILED);
                return;
            case 5:
                setErrorDisconnect(VpnStateService.ErrorState.LOOKUP_FAILED);
                return;
            case 6:
                setErrorDisconnect(VpnStateService.ErrorState.UNREACHABLE);
                return;
            case 7:
                setErrorDisconnect(VpnStateService.ErrorState.CERTIFICATE_UNAVAILABLE);
                return;
            case 8:
                setErrorDisconnect(VpnStateService.ErrorState.GENERIC_ERROR);
                return;
            default:
                Log.e(TAG, "Unknown status code received");
                return;
        }
    }
}
