package com.checkpoint.urlrsdk;

import android.app.ActivityManager;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.pm.PackageManager;
import android.net.VpnService;
import android.os.Build;
import android.os.Handler;
import android.os.Looper;
import android.os.Process;
import android.security.KeyChain;
import android.support.annotation.Keep;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import android.util.Pair;
import android.util.SparseArray;
import com.checkpoint.urlrsdk.manager.URLFInfo;
import com.checkpoint.urlrsdk.model.ActionResolver;
import com.checkpoint.urlrsdk.model.Policy;
import com.checkpoint.urlrsdk.model.UrlrInspections;
import com.checkpoint.urlrsdk.model.UrlrStatistics;
import com.checkpoint.urlrsdk.model.d;
import com.checkpoint.urlrsdk.model.i;
import com.checkpoint.urlrsdk.utils.EnterpriseVPNDisconnectWatcher;
import com.checkpoint.urlrsdk.utils.ServerLogger;
import com.checkpoint.vpnsdk.core.NemoFacade;
import com.checkpoint.vpnsdk.dns.DnsResponder;
import com.checkpoint.vpnsdk.dns.TrafficInterceptorManager;
import com.checkpoint.vpnsdk.interfaces.LogListener;
import com.checkpoint.vpnsdk.log.LogController;
import com.checkpoint.vpnsdk.model.LoginLogDetails;
import com.checkpoint.vpnsdk.model.VpnGwConfiguration;
import com.checkpoint.vpnsdk.service.NotificationListener;
import com.checkpoint.vpnsdk.utils.Utils;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;
import org.json.JSONObject;

@Keep
/* loaded from: classes.dex */
public class UrlReputationSdk {
    public static final String ACTION_BLOCK_EVENT = "com.checkpoint.urlrsdk.ACTION_BLOCK_EVENT";
    public static final String ACTION_BLOCK_EVENT_DOMAIN = "com.checkpoint.urlrsdk.ACTION_BLOCK_EVENT_DOMAIN";
    public static final String ACTION_BLOCK_EVENT_ID = "com.checkpoint.urlrsdk.ACTION_BLOCK_EVENT_ID";
    public static final String ACTION_DISCONNECTED = "com.checkpoint.urlrsdk.ACTION_DISCONNECTED";
    public static final String ACTION_ENTERPRISE_VPN_DISCONNECTED = "com.checkpoint.urlrsdk.ACTION_ENTERPRISE_VPN_DISCONNECTED";
    public static final String ACTION_LOOPBACK_EVENT = "com.checkpoint.urlrsdk.ACTION_LOOPBACK_EVENT";
    public static final String ACTION_MITMM_START_RESULT = "com.checkpoint.urlrsdk.ACTION_MITMM_START_RESULT";
    public static final String ACTION_MITMM_STATUS_RESULT = "com.checkpoint.urlrsdk.ACTION_MITMM_STATUS_RESULT";
    public static final String ACTION_NATIVE_LOAD_FAILED = "com.checkpoint.urlrsdk.ACTION_NATIVE_LOAD_FAILED";
    public static final String ACTION_REVOKED = "com.checkpoint.urlrsdk.ACTION_REVOKED";
    public static final String ACTION_SET_MITMM_RESULT = "com.checkpoint.urlrsdk.ACTION_SET_MITMM_RESULT";
    public static final String ACTION_START = "com.checkpoint.urlrsdk.ACTION_START";
    public static final String ACTION_TRUST_FAILED = "com.checkpoint.urlrsdk.ACTION_TRUST_FAILED";
    public static final String ACTION_ZP_CLEAR = "com.checkpoint.urlrsdk.ACTION_ZP_CLEAR";
    public static final String ACTION_ZP_CREATE = "com.checkpoint.urlrsdk.ACTION_ZP_CREATE";
    public static final String ACTION_ZP_CREATE_ID = "com.checkpoint.urlrsdk.ACTION_ZP_CREATE_ID";
    public static final String ACTION_ZP_CREATE_MESSAGE = "com.checkpoint.urlrsdk.ACTION_ZP_CREATE_MESSAGE";
    public static final String ACTION_ZP_CREATE_TITLE = "com.checkpoint.urlrsdk.ACTION_ZP_CREATE_TITLE";
    private static final String ENTERPRISE_VPN_APPS_ENABLED_KEY = "ENTERPRISE_VPN_APPS_ENABLED_KEY";
    private static final String ENTERPRISE_VPN_APPS_KEY = "ENTERPRISE_VPN_APPS_KEY";
    private static final String TAG = "UrlReputationSdk";
    private static final String X509_PEM_BEGIN = "-----BEGIN CERTIFICATE-----\n";
    private static final String X509_PEM_END = "-----END CERTIFICATE-----";
    private static volatile boolean bindStarted = false;
    private static long bindTime = 0;
    private static volatile IUrlReputationSdkEvents clientHandler = null;
    private static final int default_num_of_failed_requests = 10;
    private static final int default_time_to_wait_for_response = 8;
    private static LogListener externalLogger;
    private static Context mContext;
    private static com.checkpoint.vpnsdk.dns.c mIRemoteService;
    private static com.checkpoint.vpnsdk.interfaces.g mitmEventListener;
    private static volatile long suppressionTime = TimeUnit.MINUTES.toMillis(1);
    private static String deviceConfigutationJson = null;
    private static String certificateCommonName = "";
    private static String reputationKey = null;
    private static String customerID = null;
    private static Policy policy = null;
    private static boolean serviceProcess = false;
    private static DomainActionResolver actionResolver = null;
    private static volatile com.checkpoint.urlrsdk.model.i currentStatus = new com.checkpoint.urlrsdk.model.i(i.a.Not_Initialized);
    private static final Object currentStatusCS = new Object();
    private static final Handler UIHandler = new Handler(Looper.getMainLooper());
    private static final String[] defaultEnterpriseVPNApps = {"com.cisco.anyconnect.vpn.android.avf", "com.blackberry.enterprise.bscp", "com.checkpoint.VPN", "com.airwatch.tunnel", "com.mobileiron.tunnel.android.release", "com.fiberlink.maas360.android.maas360vpn", "com.f5.edge.client_ics", "net.pulsesecure.pulsesecure", "com.paloaltonetworks.globalprotect", "com.fortinet.forticlient", "org.strongswan.android", "net.openvpn.openvpn", "com.ipsec.vpnclient"};
    private static final EnterpriseVPNDisconnectWatcher enterpriseVPNDisconnectWatcher = new EnterpriseVPNDisconnectWatcher();
    private static final BroadcastReceiver ServiceToClientEvents = new u();
    public static final SparseArray<Integer> categoriesLocalizationMap = new w();
    private static ScheduledExecutorService execService = null;
    private static volatile long reputationCacheMaxAge = TimeUnit.DAYS.toMillis(2);
    private static volatile int logLevel = 5;
    private static final BroadcastReceiver sTrustStorageListener = new y();
    private static int time_to_wait_for_response = 8;
    private static final int default_interval = 120;
    private static int interval = default_interval;
    private static int num_of_failed_requests = 10;
    private static boolean stuck_detection_on = false;

    public static void LogD(String str, String str2) {
        LogListener logListener;
        if (logLevel < 5 || (logListener = externalLogger) == null) {
            Log.d(str, str2);
        } else {
            logListener.onLog(4, str + " " + str2);
        }
        if (!serviceProcess) {
            com.checkpoint.urlrsdk.utils.c.a(str, str2);
            return;
        }
        LogController.logToFile(4, str + ": " + str2);
    }

    public static void LogE(String str, String str2) {
        LogListener logListener;
        if (logLevel < 5 || (logListener = externalLogger) == null) {
            Log.e(str, str2);
        } else {
            logListener.onLog(1, str + " " + str2);
        }
        if (!serviceProcess) {
            com.checkpoint.urlrsdk.utils.c.b(str, str2);
            return;
        }
        LogController.logToFile(1, str + ": " + str2);
    }

    public static void LogV(String str, String str2) {
        LogListener logListener;
        if (logLevel < 5 || (logListener = externalLogger) == null) {
            Log.v(str, str2);
        } else {
            logListener.onLog(5, str + " " + str2);
        }
        if (!serviceProcess) {
            com.checkpoint.urlrsdk.utils.c.c(str, str2);
            return;
        }
        LogController.logToFile(5, str + ": " + str2);
    }

    public static void LogW(String str, String str2) {
        LogListener logListener;
        if (logLevel < 5 || (logListener = externalLogger) == null) {
            Log.w(str, str2);
        } else {
            logListener.onLog(2, str + " " + str2);
        }
        if (!serviceProcess) {
            com.checkpoint.urlrsdk.utils.c.d(str, str2);
            return;
        }
        LogController.logToFile(2, str + ": " + str2);
    }

    public static void askUserForNotificationAccess(Context context) {
        Utils.askUserForNotificationAccess(context);
    }

    public static void cleanCertificatesCache() {
        synchronized (UrlReputationSdk.class) {
            if (serviceProcess) {
                DnsResponder.cleanCertificatesCache();
            } else {
                ensureBinder(false);
                try {
                    mIRemoteService.c();
                } catch (Throwable unused) {
                }
            }
        }
    }

    public static void clearActionHistoryBefore(long j2) {
        LogD(TAG, "clearActionHistoryBefore called");
        synchronized (UrlReputationSdk.class) {
            if (serviceProcess) {
                UrlrStatistics.a(j2);
                UrlrInspections.a(j2);
            } else {
                ensureBinder(false);
                try {
                    mIRemoteService.h(j2);
                    mIRemoteService.g(j2);
                } catch (Throwable unused) {
                }
            }
        }
    }

    public static void clearActionHistoryList() {
        LogD(TAG, "clearActionHistoryList called");
        clearActionHistoryBefore(0L);
    }

    public static void clearReputationCache() {
        LogD(TAG, "clearReputationCache called");
        clearReputationCacheBefore(0L);
    }

    public static void clearReputationCacheBefore(long j2) {
        LogD(TAG, "clearReputationCacheBefore called");
        synchronized (UrlReputationSdk.class) {
            if (serviceProcess) {
                URLFInfo.a(j2);
            } else {
                ensureBinder(false);
                try {
                    mIRemoteService.b(j2);
                } catch (Throwable unused) {
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void dumpStatus(String str) {
        if (currentStatus.a() != i.a.Not_Ready) {
            LogD(TAG, str + ": new status <" + currentStatus.toString() + ">");
            return;
        }
        StringBuilder sb = new StringBuilder();
        sb.append(str);
        sb.append(": new status <");
        sb.append(currentStatus.toString());
        sb.append(">");
        if (getPolicy() == null) {
            sb.append(" policy <null>");
        }
        if (getCustomerID() == null) {
            sb.append(" customerID <null>");
        }
        if (getProductKey() == null) {
            sb.append(" productKey <null>");
        }
        if (!serviceProcess && mIRemoteService == null) {
            sb.append(" mIRemoteService <null>");
        }
        LogD(TAG, sb.toString());
    }

    private static void enableSSLInspection(boolean z) {
        LogD(TAG, "enableSSLInspection: " + z);
        TrafficInterceptorManager.enableSSLInspection(getContext(), z);
    }

    private static void ensureBinder(boolean z) {
        synchronized (currentStatusCS) {
            if (currentStatus.a() == i.a.Not_Initialized) {
                return;
            }
            synchronized (UrlReputationSdk.class) {
                if (mIRemoteService != null) {
                    return;
                }
                if (bindStarted) {
                    return;
                }
                bindStarted = true;
                Looper myLooper = Looper.myLooper();
                if (myLooper == null || myLooper != getContext().getMainLooper()) {
                    com.checkpoint.vpnsdk.utils.l.c(new g(z));
                } else {
                    performBind(z, false);
                }
            }
        }
    }

    public static List<UrlrStatistics> getActionHistoryAfter(long j2) {
        List<UrlrStatistics> a2;
        LogW(TAG, "getActionHistoryAfter called");
        synchronized (UrlReputationSdk.class) {
            ensureBinder(false);
            try {
                a2 = UrlrStatistics.a(mIRemoteService.a(j2));
            } catch (Throwable unused) {
                return new ArrayList();
            }
        }
        return a2;
    }

    public static UrlrStatistics getActionHistoryByID(long j2) {
        LogD(TAG, "getActionHistoryByID called");
        synchronized (UrlReputationSdk.class) {
            if (serviceProcess) {
                return UrlrStatistics.c(j2);
            }
            ensureBinder(false);
            try {
                return UrlrStatistics.a(new JSONObject(mIRemoteService.c(j2)));
            } catch (Throwable unused) {
                return null;
            }
        }
    }

    public static long getActionHistoryCountAfter(long j2) {
        long e2;
        LogW(TAG, "getActionHistoryCountAfter called");
        synchronized (UrlReputationSdk.class) {
            ensureBinder(false);
            try {
                e2 = mIRemoteService.e(j2);
            } catch (Throwable unused) {
                return 0L;
            }
        }
        return e2;
    }

    public static List<UrlrStatistics> getActionHistoryList() {
        LogW(TAG, "UrlrStatistics called");
        return getActionHistoryAfter(0L);
    }

    public static ActionResolver getActionResolver() {
        return actionResolver;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static Intent getCertificateInstallIntent(Context context) {
        synchronized (UrlReputationSdk.class) {
            if (!serviceProcess) {
                if (currentStatus.a() == i.a.Not_Initialized) {
                    throw new IllegalStateException("init not called? currentStatus = " + currentStatus.toString());
                }
                if (!serviceProcess && mIRemoteService == null) {
                    LogE(TAG, "getCertificateInstallIntent: bind not finished");
                    return null;
                }
            }
            Pair<X509Certificate, Boolean> rootCAAndUpdateInstalledStatus = getRootCAAndUpdateInstalledStatus();
            if (rootCAAndUpdateInstalledStatus != null && !((Boolean) rootCAAndUpdateInstalledStatus.second).booleanValue()) {
                String str = "CP Root Certificate";
                for (String str2 : ((X509Certificate) rootCAAndUpdateInstalledStatus.first).getSubjectDN().toString().split(",")) {
                    if (str2.contains("CN=")) {
                        str = str2.trim().substring(3);
                        break;
                    }
                }
                try {
                    return KeyChain.createInstallIntent().putExtra("name", str).putExtra("CERT", ((X509Certificate) rootCAAndUpdateInstalledStatus.first).getEncoded());
                } catch (Throwable th) {
                    LogE(TAG, "getCertificateInstallIntent: " + th.toString());
                    return null;
                }
            }
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static IUrlReputationSdkEvents getClientHandler() {
        IUrlReputationSdkEvents iUrlReputationSdkEvents;
        synchronized (UrlReputationSdk.class) {
            iUrlReputationSdkEvents = clientHandler;
        }
        return iUrlReputationSdkEvents;
    }

    public static Context getContext() {
        Context context;
        synchronized (UrlReputationSdk.class) {
            context = mContext;
        }
        return context;
    }

    public static String getCustomerID() {
        String str;
        synchronized (UrlReputationSdk.class) {
            str = customerID;
        }
        return str;
    }

    public static String getDataPath() {
        return getContext().getFilesDir().getAbsolutePath();
    }

    public static String[] getDeviceCertificates() {
        ArrayList arrayList = new ArrayList();
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
            if (keyStore != null) {
                keyStore.load(null, null);
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    arrayList.add(X509_PEM_BEGIN + Base64.encodeToString(((X509Certificate) keyStore.getCertificate(aliases.nextElement())).getEncoded(), 0) + X509_PEM_END);
                }
            }
        } catch (Throwable th) {
            LogE(TAG, "getDeviceCertificates: " + th.toString());
        }
        return (String[]) arrayList.toArray(new String[0]);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static Set<String> getEnterpriseVPNApps() {
        HashSet hashSet = new HashSet();
        synchronized (defaultEnterpriseVPNApps) {
            ArrayList<String> a2 = com.checkpoint.urlrsdk.utils.f.a(ENTERPRISE_VPN_APPS_KEY);
            if (a2 != null && !a2.isEmpty()) {
                hashSet.addAll(a2);
            }
            hashSet.addAll(Arrays.asList(defaultEnterpriseVPNApps));
        }
        return hashSet;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean getEnterpriseVPNAppsEnabled() {
        return com.checkpoint.urlrsdk.utils.f.a(ENTERPRISE_VPN_APPS_ENABLED_KEY, true);
    }

    public static long getInspectionsCount() {
        return getInspectionsCountAfter(0L);
    }

    public static long getInspectionsCountAfter(long j2) {
        long d2;
        LogW(TAG, "getInspectionsCountAfter called");
        synchronized (UrlReputationSdk.class) {
            ensureBinder(false);
            try {
                d2 = mIRemoteService.d(j2);
            } catch (Throwable unused) {
                return 0L;
            }
        }
        return d2;
    }

    public static String getLogDir(Context context) {
        return context.getDir("urlr_sdk_log", 0).getAbsolutePath();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static com.checkpoint.vpnsdk.interfaces.g getMitmEventListener() {
        com.checkpoint.vpnsdk.interfaces.g gVar;
        synchronized (UrlReputationSdk.class) {
            gVar = mitmEventListener;
        }
        return gVar;
    }

    public static void getMitmStatus() {
        if (getMitmEventListener() == null) {
            LogW(TAG, "failed to get MitmM listener");
        } else {
            TrafficInterceptorManager.getMitmMitigationStatus(getContext());
        }
    }

    public static Policy getPolicy() {
        synchronized (UrlReputationSdk.class) {
            if (policy == null) {
                return null;
            }
            return policy.a();
        }
    }

    public static String getProcessName() {
        try {
            return new BufferedReader(new FileReader(new File("/proc/" + Process.myPid() + "/cmdline"))).readLine().replace((char) 0, ' ').trim();
        } catch (IOException unused) {
            return "";
        }
    }

    public static String getProductKey() {
        String str;
        synchronized (UrlReputationSdk.class) {
            str = reputationKey;
        }
        return str;
    }

    public static long getReputationCacheMaxAge() {
        return reputationCacheMaxAge;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static Pair<X509Certificate, Boolean> getRootCAAndUpdateInstalledStatus() {
        X509Certificate x509Certificate;
        try {
            if (serviceProcess) {
                x509Certificate = parseCertificate(DnsResponder.getRootCA(certificateCommonName));
            } else {
                ensureBinder(false);
                x509Certificate = parseCertificate(mIRemoteService.a(certificateCommonName));
            }
        } catch (Throwable th) {
            LogE(TAG, "getRootCAAndUpdateInstalledStatus: " + th.toString());
            x509Certificate = null;
        }
        if (x509Certificate == null) {
            LogW(TAG, "getRootCAAndUpdateInstalledStatus: cert == null, serviceProcess=<" + serviceProcess + ">");
            enableSSLInspection(false);
            return null;
        }
        boolean isCertificateInstalled = isCertificateInstalled(x509Certificate);
        LogV(TAG, "getRootCAAndUpdateInstalledStatus: rootCAInstalled = " + isCertificateInstalled);
        enableSSLInspection(isCertificateInstalled);
        return new Pair<>(x509Certificate, Boolean.valueOf(isCertificateInstalled));
    }

    public static com.checkpoint.urlrsdk.model.i getStatus() {
        return currentStatus;
    }

    public static boolean hasNotificationAccess() {
        return Utils.hasAccessGranted(getContext());
    }

    public static boolean init(Context context, int i2, int i3, int i4) {
        if (Build.VERSION.SDK_INT >= 21) {
            return init(context, i2 == 0 ? null : context.getString(i2), i3 == 0 ? null : context.getString(i3), i4 != 0 ? context.getString(i4) : null);
        }
        context.sendBroadcast(new Intent(ACTION_NATIVE_LOAD_FAILED));
        return false;
    }

    public static boolean init(Context context, String str, String str2, IUrlReputationSdkEvents iUrlReputationSdkEvents, LogListener logListener, String str3, long j2) {
        com.checkpoint.vpnsdk.utils.b.a(context.getApplicationContext());
        synchronized (UrlReputationSdk.class) {
            setContext(context);
            if (currentStatus.a() != i.a.Not_Initialized) {
                LogW(TAG, "init: Already initialized");
                return true;
            }
            String processName = getProcessName();
            if (processName.endsWith(":externalONPProcess")) {
                return init(context, (String) null, (String) null, (String) null);
            }
            serviceProcess = false;
            externalLogger = logListener;
            synchronized (currentStatusCS) {
                currentStatus = new com.checkpoint.urlrsdk.model.i(i.a.Not_Ready);
            }
            com.checkpoint.urlrsdk.utils.c.a(getLogDir(context));
            setClientHandler(iUrlReputationSdkEvents);
            ensureBinder(true);
            if (!TextUtils.isEmpty(str)) {
                setCustomerID(str);
            }
            if (!TextUtils.isEmpty(str2)) {
                setProductKey(str2);
            }
            if (!TextUtils.isEmpty(str3)) {
                setCertificateCommonName(str3.replace(',', (char) 65292));
            }
            setLocalizedCategories(context);
            suppressionTime = TimeUnit.MINUTES.toMillis(j2);
            IntentFilter intentFilter = new IntentFilter();
            intentFilter.addAction(ACTION_LOOPBACK_EVENT);
            intentFilter.addAction(ACTION_BLOCK_EVENT);
            intentFilter.addAction(ACTION_REVOKED);
            intentFilter.addAction(ACTION_ENTERPRISE_VPN_DISCONNECTED);
            intentFilter.addAction(ACTION_NATIVE_LOAD_FAILED);
            intentFilter.addAction(ACTION_START);
            intentFilter.addAction(ACTION_ZP_CREATE);
            intentFilter.addAction(ACTION_ZP_CLEAR);
            intentFilter.addAction(ACTION_SET_MITMM_RESULT);
            intentFilter.addAction(ACTION_MITMM_START_RESULT);
            intentFilter.addAction(ACTION_MITMM_STATUS_RESULT);
            intentFilter.addAction(ACTION_DISCONNECTED);
            intentFilter.addAction(ACTION_TRUST_FAILED);
            context.registerReceiver(ServiceToClientEvents, intentFilter);
            updateReadyStatus(true);
            LogD(TAG, "init finished: app <" + ServerLogger.getVersion(context) + "> urlfLib <3.4.72.0-SNAPSHOT> process <" + processName + ">");
            synchronized (UrlReputationSdk.class) {
                return bindStarted || mIRemoteService != null;
            }
        }
    }

    public static boolean init(Context context, String str, String str2, String str3) {
        com.checkpoint.vpnsdk.utils.b.a(context.getApplicationContext());
        synchronized (UrlReputationSdk.class) {
            setContext(context);
            if (currentStatus.a() != i.a.Not_Initialized) {
                LogW(TAG, "init: Already initialized");
                return true;
            }
            String processName = getProcessName();
            Log.d(TAG, "init started: app <" + ServerLogger.getVersion(context) + "> urlfLib <3.4.72.0-SNAPSHOT> process <" + processName + ">");
            if (!processName.endsWith(":externalONPProcess")) {
                LogW(TAG, "init: wrong process");
                return false;
            }
            serviceProcess = true;
            Log.d(TAG, "loadNative");
            if (!TrafficInterceptorManager.loadNative()) {
                getContext().sendBroadcast(new Intent(ACTION_NATIVE_LOAD_FAILED));
                return false;
            }
            LogController.Init(context);
            if (actionResolver == null) {
                actionResolver = new DomainActionResolver();
            }
            String dataPath = getDataPath();
            DnsResponder.setDataPath(dataPath);
            if (Build.VERSION.SDK_INT >= 16) {
                context.registerReceiver(sTrustStorageListener, new IntentFilter("android.security.STORAGE_CHANGED"));
            }
            currentStatus = new com.checkpoint.urlrsdk.model.i(i.a.Not_Ready);
            new v(context, str, str2, str3, dataPath).start();
            LogD(TAG, "init finished: app <" + ServerLogger.getVersion(context) + "> urlfLib <3.4.72.0-SNAPSHOT> nemo <" + NemoFacade.getNemoVersion() + "> process <" + processName + ">");
            return true;
        }
    }

    private static boolean isCertificateInstalled(X509Certificate x509Certificate) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
            if (keyStore != null) {
                keyStore.load(null, null);
                String certificateAlias = keyStore.getCertificateAlias(x509Certificate);
                if (!TextUtils.isEmpty(certificateAlias)) {
                    LogD(TAG, "Our certificate already installed: " + certificateAlias);
                    return true;
                }
                if (x509Certificate.getSubjectX500Principal().equals(x509Certificate.getIssuerX500Principal())) {
                    LogW(TAG, "Our certificate self signed, not looking for signers");
                    return false;
                }
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    X509Certificate x509Certificate2 = (X509Certificate) keyStore.getCertificate(aliases.nextElement());
                    try {
                        x509Certificate.verify(x509Certificate2.getPublicKey());
                        LogD(TAG, "Our certificate signed by: " + x509Certificate2.getSubjectX500Principal());
                        return true;
                    } catch (Throwable unused) {
                    }
                }
            }
        } catch (Throwable th) {
            LogE(TAG, "isCertificateInstalled: " + th.toString());
        }
        return false;
    }

    public static boolean isEnterpriseVPNConnected(Context context) {
        if (!com.checkpoint.urlrsdk.utils.e.e(context)) {
            return false;
        }
        List<Pair<Integer, String>> c2 = com.checkpoint.urlrsdk.utils.e.c(getContext());
        if (c2.isEmpty()) {
            return true;
        }
        Set<String> enterpriseVPNApps = getEnterpriseVPNApps();
        Iterator<Pair<Integer, String>> it = c2.iterator();
        while (it.hasNext()) {
            if (enterpriseVPNApps.contains(it.next().second)) {
                return true;
            }
        }
        return false;
    }

    public static boolean isServiceProcess() {
        return getProcessName().endsWith(":externalONPProcess");
    }

    /* JADX WARN: Removed duplicated region for block: B:35:0x007f A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.lang.String loadAssetTextAsString(android.content.Context r7, java.lang.String r8) {
        /*
            java.lang.String r0 = "Error closing asset "
            java.lang.String r1 = "UrlReputationSdk"
            r2 = 0
            java.lang.StringBuilder r3 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L4b java.io.IOException -> L4e
            r3.<init>()     // Catch: java.lang.Throwable -> L4b java.io.IOException -> L4e
            android.content.res.AssetManager r7 = r7.getAssets()     // Catch: java.lang.Throwable -> L4b java.io.IOException -> L4e
            java.io.InputStream r7 = r7.open(r8)     // Catch: java.lang.Throwable -> L4b java.io.IOException -> L4e
            java.io.BufferedReader r4 = new java.io.BufferedReader     // Catch: java.lang.Throwable -> L4b java.io.IOException -> L4e
            java.io.InputStreamReader r5 = new java.io.InputStreamReader     // Catch: java.lang.Throwable -> L4b java.io.IOException -> L4e
            r5.<init>(r7)     // Catch: java.lang.Throwable -> L4b java.io.IOException -> L4e
            r4.<init>(r5)     // Catch: java.lang.Throwable -> L4b java.io.IOException -> L4e
            r7 = 1
        L1d:
            java.lang.String r5 = r4.readLine()     // Catch: java.io.IOException -> L4f java.lang.Throwable -> L7c
            if (r5 == 0) goto L30
            if (r7 == 0) goto L27
            r7 = 0
            goto L2c
        L27:
            r6 = 10
            r3.append(r6)     // Catch: java.io.IOException -> L4f java.lang.Throwable -> L7c
        L2c:
            r3.append(r5)     // Catch: java.io.IOException -> L4f java.lang.Throwable -> L7c
            goto L1d
        L30:
            java.lang.String r7 = r3.toString()     // Catch: java.io.IOException -> L4f java.lang.Throwable -> L7c
            r4.close()     // Catch: java.io.IOException -> L38
            goto L4a
        L38:
            java.lang.StringBuilder r2 = new java.lang.StringBuilder
            r2.<init>()
            r2.append(r0)
            r2.append(r8)
            java.lang.String r8 = r2.toString()
            android.util.Log.e(r1, r8)
        L4a:
            return r7
        L4b:
            r7 = move-exception
            r4 = r2
            goto L7d
        L4e:
            r4 = r2
        L4f:
            java.lang.StringBuilder r7 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L7c
            r7.<init>()     // Catch: java.lang.Throwable -> L7c
            java.lang.String r3 = "Error opening asset "
            r7.append(r3)     // Catch: java.lang.Throwable -> L7c
            r7.append(r8)     // Catch: java.lang.Throwable -> L7c
            java.lang.String r7 = r7.toString()     // Catch: java.lang.Throwable -> L7c
            android.util.Log.e(r1, r7)     // Catch: java.lang.Throwable -> L7c
            if (r4 == 0) goto L7b
            r4.close()     // Catch: java.io.IOException -> L69
            goto L7b
        L69:
            java.lang.StringBuilder r7 = new java.lang.StringBuilder
            r7.<init>()
            r7.append(r0)
            r7.append(r8)
            java.lang.String r7 = r7.toString()
            android.util.Log.e(r1, r7)
        L7b:
            return r2
        L7c:
            r7 = move-exception
        L7d:
            if (r4 == 0) goto L95
            r4.close()     // Catch: java.io.IOException -> L83
            goto L95
        L83:
            java.lang.StringBuilder r2 = new java.lang.StringBuilder
            r2.<init>()
            r2.append(r0)
            r2.append(r8)
            java.lang.String r8 = r2.toString()
            android.util.Log.e(r1, r8)
        L95:
            throw r7
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.checkpoint.urlrsdk.UrlReputationSdk.loadAssetTextAsString(android.content.Context, java.lang.String):java.lang.String");
    }

    private static X509Certificate parseCertificate(String str) {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(str.replace(X509_PEM_BEGIN, "").replace(X509_PEM_END, ""), 0)));
        } catch (Throwable unused) {
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void performBind(boolean z, boolean z2) {
        LogV(TAG, "performBind: start, notifyApp = <" + z + "> startAfterBind = <" + z2 + ">");
        if (TrafficInterceptorManager.bindService(getContext(), new f(System.currentTimeMillis(), z, z2))) {
            return;
        }
        bindStarted = false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void reconnect(String str, boolean z) {
        if (bindTime == 0) {
            LogE(TAG, str + ", bindTime == 0. Never started?");
            return;
        }
        long currentTimeMillis = System.currentTimeMillis() - bindTime;
        if (currentTimeMillis < TimeUnit.MINUTES.toMillis(1L)) {
            LogE(TAG, str + ", uptime < 1 min. Crash loop?");
            return;
        }
        LogE(TAG, str + ", uptime " + TimeUnit.MILLISECONDS.toMinutes(currentTimeMillis) + " min");
        updateReadyStatus(true);
        UIHandler.postDelayed(new c(z), 500L);
    }

    public static void setAppName(String str) {
        synchronized (NotificationListener.class) {
            NotificationListener.a(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void setBinder(com.checkpoint.vpnsdk.dns.c cVar) {
        mIRemoteService = cVar;
        if (policy == null) {
            policy = new Policy();
        }
        setNativePolicy(policy);
        if (!TextUtils.isEmpty(deviceConfigutationJson)) {
            setDeviceConfiguration(deviceConfigutationJson);
            deviceConfigutationJson = null;
        }
        if (!TextUtils.isEmpty(customerID)) {
            setNativeCustomerID();
        }
        if (!TextUtils.isEmpty(reputationKey)) {
            setNativeProductKey();
        }
        if (!TextUtils.isEmpty(certificateCommonName)) {
            setServiceCertificateCommonName();
        }
        try {
            mIRemoteService.f(suppressionTime);
        } catch (Throwable unused) {
        }
        getRootCAAndUpdateInstalledStatus();
        updateReadyStatus(false);
    }

    public static void setCertificateCommonName(String str) {
        synchronized (UrlReputationSdk.class) {
            certificateCommonName = str;
            setServiceCertificateCommonName();
        }
    }

    private static void setClientHandler(IUrlReputationSdkEvents iUrlReputationSdkEvents) {
        synchronized (UrlReputationSdk.class) {
            clientHandler = iUrlReputationSdkEvents;
        }
    }

    public static void setContext(Context context) {
        synchronized (UrlReputationSdk.class) {
            mContext = context;
        }
    }

    public static void setCountryInfo(String str, String str2) {
        if (serviceProcess) {
            DnsResponder.setCountryInfo(str, str2);
            return;
        }
        ensureBinder(false);
        try {
            mIRemoteService.a(str, str2);
        } catch (Throwable unused) {
        }
    }

    public static void setCustomMetricsJSONString(String str) {
        JSONObject jSONObject;
        LogD(TAG, "setCustomMetricsJSONString called");
        stuck_detection_on = false;
        time_to_wait_for_response = 8;
        interval = default_interval;
        num_of_failed_requests = 10;
        try {
            JSONObject jSONObject2 = new JSONObject(str);
            if (jSONObject2.has("stuck_detection") && (jSONObject = jSONObject2.getJSONObject("stuck_detection")) != null) {
                stuck_detection_on = true;
                time_to_wait_for_response = jSONObject.optInt("time_to_wait_for_response", 8);
                interval = jSONObject.optInt("interval", default_interval);
                num_of_failed_requests = jSONObject.optInt("num_of_failed_requests", 10);
                try {
                    mIRemoteService.a(stuck_detection_on, interval, num_of_failed_requests, time_to_wait_for_response);
                } catch (Throwable unused) {
                }
            }
            if (jSONObject2.has("urlr_loglevel")) {
                setLogLevel(jSONObject2.optInt("urlr_loglevel", 3));
            }
            if (jSONObject2.has("clear_from_date_unix_epoch")) {
                long optLong = jSONObject2.optLong("clear_from_date_unix_epoch", 0L);
                LogD(TAG, "setCustomMetricsJSONString: clear_from_date_unix_epoch=" + optLong);
                clearReputationCacheBefore(optLong * 1000);
            }
        } catch (Throwable th) {
            LogE(TAG, "setCustomMetricsJSONString: " + th.toString());
        }
    }

    public static void setCustomerID(String str) {
        synchronized (UrlReputationSdk.class) {
            customerID = str;
            if (currentStatus.a() == i.a.Not_Ready) {
                updateReadyStatus(false);
            }
            setNativeCustomerID();
        }
        dumpStatus("setCustomerID");
    }

    private static void setDeviceConfiguration(String str) {
        synchronized (UrlReputationSdk.class) {
            if (mIRemoteService == null) {
                deviceConfigutationJson = str;
                return;
            }
            d.a a2 = com.checkpoint.urlrsdk.model.d.a(str);
            if (a2 == null) {
                return;
            }
            LogD(TAG, "setDeviceConfiguration: " + a2.toString());
            if (-1 != a2.f4085d) {
                setDownloadMaxRisk(a2.f4085d);
            }
            setEnterpriseVPNApps(a2.f4084c);
            setExcluded(a2.f4082a, a2.f4083b);
        }
    }

    public static void setDomainWhiteList(List<String> list) {
    }

    private static void setDownloadMaxRisk(int i2) {
        synchronized (UrlReputationSdk.class) {
            ensureBinder(false);
            try {
                mIRemoteService.a(i2);
            } catch (Throwable unused) {
            }
        }
    }

    private static void setEnterpriseVPNApps(List<String> list) {
        synchronized (defaultEnterpriseVPNApps) {
            com.checkpoint.urlrsdk.utils.f.a(ENTERPRISE_VPN_APPS_KEY, list);
        }
    }

    public static void setEnterpriseVPNAppsEnabled(boolean z) {
        com.checkpoint.urlrsdk.utils.f.b(ENTERPRISE_VPN_APPS_ENABLED_KEY, z);
    }

    private static void setExcluded(List<String> list, List<String> list2) {
        synchronized (UrlReputationSdk.class) {
            ensureBinder(false);
            try {
                mIRemoteService.a(list, list2);
            } catch (Throwable unused) {
            }
        }
    }

    public static void setFileLoggerEnable(boolean z) {
        com.checkpoint.urlrsdk.utils.c.a(z);
        synchronized (UrlReputationSdk.class) {
            if (serviceProcess) {
                LogController.setFileLoggerEnable(z);
            } else {
                ensureBinder(false);
                try {
                    mIRemoteService.a(z);
                } catch (Throwable unused) {
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void setLocalizedCategories(Context context) {
        int size = categoriesLocalizationMap.size();
        int[] iArr = new int[size];
        String[] strArr = new String[size];
        URLFInfo.f4027a.clear();
        for (int i2 = 0; i2 < size; i2++) {
            int keyAt = categoriesLocalizationMap.keyAt(i2);
            String string = context.getString(categoriesLocalizationMap.valueAt(i2).intValue());
            URLFInfo.f4027a.append(keyAt, string);
            iArr[i2] = keyAt;
            strArr[i2] = string;
        }
        if (isServiceProcess()) {
            DnsResponder.setLocalizedCategories(iArr, strArr);
        }
    }

    public static void setLogLevel(int i2) {
        logLevel = i2;
        if (serviceProcess) {
            LogController.setLogLevel(i2);
        }
    }

    private static void setMitmEventListener(com.checkpoint.vpnsdk.interfaces.g gVar) {
        synchronized (UrlReputationSdk.class) {
            mitmEventListener = gVar;
        }
    }

    private static void setNativeCustomerID() {
        if (serviceProcess) {
            DnsResponder.setCustomerID(customerID);
            return;
        }
        ensureBinder(false);
        try {
            mIRemoteService.b(customerID);
        } catch (Throwable unused) {
        }
    }

    private static void setNativePolicy(Policy policy2) {
        Pair<int[], String[]> b2 = Policy.b(policy2.j());
        String[] e2 = policy2.e();
        int[] g2 = policy2.g();
        String[] m2 = policy2.m();
        String[] d2 = policy2.d();
        try {
            mIRemoteService.a(TrafficInterceptorManager.toList((int[]) b2.first), TrafficInterceptorManager.toList((String[]) b2.second), TrafficInterceptorManager.toList(e2), TrafficInterceptorManager.toList(g2), TrafficInterceptorManager.toList(m2), TrafficInterceptorManager.toList(d2), policy2.k(), policy2.o(), policy2.n(), TrafficInterceptorManager.toList(policy2.h()), TrafficInterceptorManager.toList(policy2.i()));
        } catch (Throwable unused) {
        }
        Policy.c c2 = policy2.c();
        try {
            mIRemoteService.a(c2.c(), TrafficInterceptorManager.toList(c2.d()), TrafficInterceptorManager.toList(c2.b()));
        } catch (Throwable unused2) {
        }
        Policy.e l2 = policy2.l();
        Pair<int[], String[]> b3 = Policy.b(l2.h());
        try {
            mIRemoteService.a(l2.k(), l2.d(), l2.a(), l2.c(), l2.b(), TrafficInterceptorManager.toList((int[]) b3.first), TrafficInterceptorManager.toList((String[]) b3.second), TrafficInterceptorManager.toList(l2.g()), TrafficInterceptorManager.toList(l2.f()), TrafficInterceptorManager.toList(l2.i()), TrafficInterceptorManager.toList(l2.m()), TrafficInterceptorManager.toList(l2.l()), l2.e(), l2.j(), l2.n());
        } catch (Throwable unused3) {
        }
        try {
            mIRemoteService.b(policy2.b());
        } catch (Throwable unused4) {
        }
    }

    private static void setNativeProductKey() {
        if (serviceProcess) {
            URLFInfo.setReputationKey(reputationKey);
            return;
        }
        ensureBinder(false);
        try {
            mIRemoteService.c(reputationKey);
        } catch (Throwable unused) {
        }
    }

    public static void setPolicy(Policy policy2, String str) {
        if (TextUtils.isEmpty(str)) {
            LogW(TAG, "setPolicy: policyAdditionalJSON empty");
        } else {
            LogD(TAG, "setPolicy: policyAdditionalJSON = <" + str + ">");
            setDeviceConfiguration(str);
        }
        synchronized (UrlReputationSdk.class) {
            if (setPolicyInternal(policy2)) {
                setNativePolicy(policy2);
            }
        }
        if (currentStatus.a() == i.a.Not_Ready) {
            synchronized (currentStatusCS) {
                updateReadyStatus(false);
            }
        }
        dumpStatus("setPolicy");
    }

    private static boolean setPolicyInternal(Policy policy2) {
        Policy policy3 = policy;
        if (policy3 != null && policy3.equals(policy2)) {
            LogD(TAG, "setPolicy: same policy <" + policy.toString() + ">");
            return false;
        }
        policy = policy2.a();
        LogD(TAG, "setPolicy: <" + policy.toString() + ">");
        return true;
    }

    public static void setProductKey(String str) {
        synchronized (UrlReputationSdk.class) {
            reputationKey = str;
            if (currentStatus.a() == i.a.Not_Ready) {
                updateReadyStatus(false);
            }
            setNativeProductKey();
        }
        dumpStatus("setProductKey");
    }

    public static void setReputationCacheMaxAge(long j2) {
        reputationCacheMaxAge = j2;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void setSSLInspectionApps(Context context, Collection<String> collection) {
        LogD(TAG, "setSSLInspectionApps call");
        ActivityManager activityManager = (ActivityManager) context.getSystemService("activity");
        if (activityManager == null) {
            return;
        }
        PackageManager packageManager = context.getPackageManager();
        ArrayList arrayList = new ArrayList();
        for (String str : collection) {
            try {
                arrayList.add("" + packageManager.getApplicationInfo(str, 0).uid);
                LogD(TAG, "Added to SSL inspection " + str);
                activityManager.killBackgroundProcesses(str);
            } catch (Throwable unused) {
            }
        }
        DnsResponder.setSSLInspectionApplications(TrafficInterceptorManager.toIntArray(arrayList));
    }

    private static void setServiceCertificateCommonName() {
        if (serviceProcess) {
            getRootCAAndUpdateInstalledStatus();
            return;
        }
        ensureBinder(false);
        try {
            mIRemoteService.d(certificateCommonName);
        } catch (Throwable unused) {
        }
    }

    public static void setupMitmMitigation(Context context, VpnGwConfiguration vpnGwConfiguration, LoginLogDetails loginLogDetails, com.checkpoint.vpnsdk.interfaces.g gVar, char[] cArr) {
        setMitmEventListener(gVar);
        ensureBinder(false);
        TrafficInterceptorManager.setMitmMitigation(context, vpnGwConfiguration, loginLogDetails, cArr);
    }

    public static boolean start(Context context) {
        setContext(context);
        try {
            getContext().unregisterReceiver(enterpriseVPNDisconnectWatcher);
        } catch (Throwable unused) {
        }
        try {
            if (VpnService.prepare(context) != null) {
                LogE(TAG, "start: VpnService.prepare WAS NOT CALLED");
                return false;
            }
            synchronized (UrlReputationSdk.class) {
                LogD(TAG, "start");
                if (currentStatus.a() == i.a.Filtering) {
                    LogW(TAG, "already started");
                    return true;
                }
                if (getCustomerID() == null) {
                    LogE(TAG, "getCustomerID() == null, status : " + currentStatus.toString());
                    return false;
                }
                if (getProductKey() == null) {
                    LogE(TAG, "getProductKey() == null, status : " + currentStatus.toString());
                    return false;
                }
                boolean startService = TrafficInterceptorManager.startService(mContext);
                if (startService) {
                    synchronized (currentStatusCS) {
                        currentStatus = new com.checkpoint.urlrsdk.model.i(i.a.Filtering);
                    }
                }
                dumpStatus("start");
                return startService;
            }
        } catch (Throwable th) {
            LogE(TAG, "start: VpnService.prepare <" + th.toString() + ">");
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void startCleanerService() {
        int seconds = (int) TimeUnit.HOURS.toSeconds(12L);
        synchronized (UrlReputationSdk.class) {
            if (execService == null) {
                execService = Executors.newScheduledThreadPool(1);
            }
            try {
                long j2 = seconds;
                execService.scheduleAtFixedRate(new x(), j2, j2, TimeUnit.SECONDS);
                LogV(TAG, "startCleanerService: dispatched");
            } catch (Throwable th) {
                LogE(TAG, "startCleanerService: " + th.toString());
            }
        }
    }

    public static void startMitmMitigation() {
        if (getMitmEventListener() == null) {
            LogW(TAG, "failed to get MitmM listener");
        } else {
            TrafficInterceptorManager.startMitmMitigation(getContext());
        }
    }

    public static boolean stop() {
        synchronized (UrlReputationSdk.class) {
            LogD(TAG, "stop");
            if (currentStatus.a() != i.a.Filtering) {
                LogW(TAG, "stop: Not started, can't stop");
                return false;
            }
            boolean stopService = TrafficInterceptorManager.stopService(mContext);
            if (stopService) {
                updateReadyStatus(true);
            }
            dumpStatus("stop");
            return stopService;
        }
    }

    public static void stopMitmMitigation() {
        if (getMitmEventListener() == null) {
            LogW(TAG, "failed to get MitmM listener");
        } else {
            TrafficInterceptorManager.stopMitmMitigation(getContext());
        }
    }

    private static X509Certificate toCertificate(byte[] bArr) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
        } catch (Throwable th) {
            Log.e(TAG, "toCertificate: " + th.toString());
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void updateReadyStatus(boolean z) {
        synchronized (currentStatusCS) {
            if (!z) {
                if (currentStatus.a() == i.a.Filtering) {
                    return;
                }
            }
            if (getPolicy() != null && getCustomerID() != null && getProductKey() != null) {
                if (serviceProcess || mIRemoteService != null) {
                    currentStatus = new com.checkpoint.urlrsdk.model.i(i.a.Ready);
                    return;
                } else {
                    currentStatus = new com.checkpoint.urlrsdk.model.i(i.a.Not_Ready);
                    return;
                }
            }
            currentStatus = new com.checkpoint.urlrsdk.model.i(i.a.Not_Ready);
        }
    }
}
