package net.juniper.junos.pulse.android.vpnservice;

import android.app.ActivityManager;
import android.app.Service;
import android.content.Intent;
import android.content.pm.PackageInfo;
import android.content.pm.Signature;
import android.database.SQLException;
import android.os.Binder;
import android.os.IBinder;
import android.security.KeyChain;
import android.text.TextUtils;
import com.sec.a.a.a.a.a.b;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import net.juniper.junos.pulse.android.JunosApplication;
import net.juniper.junos.pulse.android.R;
import net.juniper.junos.pulse.android.m.a;
import net.juniper.junos.pulse.android.m.d;
import net.juniper.junos.pulse.android.ui.SignInActivity;
import net.juniper.junos.pulse.android.util.aa;
import net.juniper.junos.pulse.android.util.af;
import net.juniper.junos.pulse.android.util.an;
import net.juniper.junos.pulse.android.util.at;
import org.htmlcleaner.CleanerProperties;

/* loaded from: classes.dex */
public class VpnSamsungKnoxService extends Service {
    public static final String AUTH_FAIL_ACCESS_DENIED = "Access Denied";
    public static final String AUTH_FAIL_ACCOUNT_DISABLED = "Account Disabled";
    public static final String AUTH_FAIL_ACCOUNT_EXPIRED = "Account Expired";
    public static final String AUTH_FAIL_ADDRESS_BLOCKED = "Address Blocked";
    public static final String AUTH_FAIL_ADDRESS_DENIED = "Address Denied";
    public static final String AUTH_FAIL_ADMIN_DISABLED = "Disabled by Admin";
    public static final String AUTH_FAIL_AUTH_DENIED = "Authentication Denied";
    public static final String AUTH_FAIL_AUTH_REQUIRED = "Authentication Required";
    public static final String AUTH_FAIL_AUTH_SERVER = "Not Authenticated";
    public static final String AUTH_FAIL_BROWSER_DENIED = "Browser Denied";
    public static final String AUTH_FAIL_CCFAIL = "Install Failed";
    public static final String AUTH_FAIL_CERT_STORE = "Failulre Accessing Android's Credential Storage";
    public static final String AUTH_FAIL_CHANGE_PASSWORD = "Password Change Required";
    public static final String AUTH_FAIL_CREDENTIALS = "Authentication Failed";
    public static final String AUTH_FAIL_HOSTNAME = "Hostname Denied";
    public static final String AUTH_FAIL_INTERNAL_ERROR = "Internal Error";
    public static final String AUTH_FAIL_INVALID_CERT = "Certificate Not From A Trusted Authority";
    public static final String AUTH_FAIL_MAX_SESSIONS_EXCEEDED = "Too Many Sessions";
    public static final String AUTH_FAIL_MISSING_OR_INVALID_CERT = "Certificate Missing or Invalid";
    public static final String AUTH_FAIL_NOT_VPN_CAPABLE = "Device Not VPN Capable";
    public static final String AUTH_FAIL_NO_ROLE = "No Role";
    public static final String AUTH_FAIL_PASSWORDEXPIRATION = "Password Expired";
    public static final String AUTH_FAIL_POST_AUTH = "Post Authentication Error";
    public static final String AUTH_FAIL_REVOKED_CERT = "Certificate Revoked";
    public static final String AUTH_FAIL_SHORT_PASSWORD = "Password Too Short";
    public static final String AUTH_FAIL_SIGNED_OUT = "User Signed Out";
    public static final String AUTH_FAIL_SSL_STRONG_REQUIRED = "SSL Stronger Ciphers Required";
    public static final String AUTH_FAIL_SSL_V3_REQUIRED = "SSL v3 Required";
    public static final String AUTH_FAIL_START_NCSVC_FAILED = "Failed to Start VPN Tunnel";
    public static final String AUTH_FAIL_TOO_MANY = "Too Many Sessions";
    public static final String AUTH_FAIL_UNLICENSED = "Feature Not Licensed";
    public static final String AUTH_FAIL_USER_DECLINED_CERT = "User Rejected Untrusted Server Certificate";
    public static final String AUTH_FAIL_USER_PERMISSION = "VPN Permission Not Granted By User";
    public static final String AUTH_FAIL_VPN_NOT_ENABLED = "VPN Not Enabled";
    public static final String AUTH_FAIL_WRONG_CERT = "Wrong Certificate";
    public static final String CALLER_CANNOT_BE_VERIFIED = "Calling app access to the API cannot be verified";
    public static final String ERR_ACTIVE_PROFILE_CANNOT_BE_REMOVED = "VPN profile is active; it cannot be removed";
    public static final String ERR_ADD_PROFILE_FAILED = "Failed to add the profile to DB";
    public static final String ERR_ALIAS_NAME_NOT_PROVIDED = "Alias name is expected when authentication_type=1";
    public static final String ERR_AUTHENTICATION_TYPE_NOT_SUPPORTED = "The specified authentication_type value is not supported";
    public static final String ERR_CERT_ALIAS_NOT_FOUND_IN_KEYSTORE = "Certificate alias not found in Android keystore";
    public static final String ERR_CERT_ALIAS_NOT_SUPPORTED = "Certificate alias not supported by the OS";
    public static final String ERR_CERT_AND_CERTALIAS_COEXIST = "Certificate and certificate alias cannot coexist";
    public static final String ERR_DATABASE_EXCEPTION = "Exception accessing profile DB";
    public static final String ERR_DELETE_PROFILE_FAILED = "Failed to delete the profile from DB";
    public static final String ERR_EULA_NOT_ACCEPTED = "The user has not yet accepted EULA";
    public static final String ERR_EXCEPTION_PARSING_JSON_STRING = "Exception parsing JSON profile";
    public static final String ERR_JSON_PROFILE_BAD_ROUTE_TYPE = "\"vpn_route_type\" value unexpected";
    public static final String ERR_JSON_PROFILE_EMPTY = "Empty JSON profile";
    public static final String ERR_JSON_PROFILE_NO_HOST = "\"host\" missing in JSON profile";
    public static final String ERR_JSON_PROFILE_NO_NAME = "\"profileName\" missing in JSON profile";
    public static final String ERR_JSON_PROFILE_NO_ROUTE_TYPE = "\"vpn_route_type\" missing in JSON profile";
    public static final String ERR_JSON_PROFILE_UNEXPECTED_VPN_TYPE = "\"vpn_type\" unexpected (expecting \"ssl\") in JSON profile";
    public static final String ERR_NO_ACTIVE_VPN_SESSION = "An active VPN session with the profile name does not exist";
    public static final String ERR_NO_ERROR = "No Error";
    public static final String ERR_NO_NETWORK = "There is no network connectivity to perform the requested action";
    public static final String ERR_OPTION_NOT_SUPPORTED = "The requested action is not supported";
    public static final String ERR_OTHER_PROFILE_HAS_ACTIVE_VPN_SESSION = "An active VPN session already exists for another profile";
    public static final String ERR_PROFILE_ALREADY_EXISTS = "VPN profile already exists";
    public static final String ERR_PROFILE_NAME_EMPTY = "Profile name is empty";
    public static final String ERR_PROFILE_NOT_FOUND = "VPN profile not found";
    public static final String ERR_THIS_PROFILE_HAS_ACTIVE_VPN_SESSION = "An active VPN session already exists for this profile";
    public static final String ERR_TOKEN_NOT_PROVIDED = "SafeNetSoftToken or RSASoftToken is expected when authentication_type=6";
    public static final String ERR_USERNAME_PASSWORD_NOT_EXPECTED = "Username or password is not expected when isUserAuthEnabled is false";
    public static final String ERR_VPN_SERVICE_NOT_STARTED = "Service is being started, please try again after a few seconds";
    private static final String KNOX_FRAMEWORK = "KnoxFramework";
    private static final String KNOX_TEST_APP = "net.juniper.dao.mdmtestclient";
    private static final int STATE_CONNECTED = 4;
    private static final int STATE_CONNECTING = 2;
    private static final int STATE_DELETED = 6;
    private static final int STATE_DISCONNECTING = 3;
    private static final int STATE_FAILED = 5;
    private static final int STATE_IDLE = 1;
    private static final String TAG = "KNOX";
    private static final String VPN_NOT_ESTABLISHED = "VPN Not Established: ";
    public static final int VPN_STATUS_AUTH_FAILED = 3;
    public static final int VPN_STATUS_NOT_IN_AUTH = 8;
    public static final int VPN_STATUS_SIGNED_OUT = 7;
    public static final int VPN_STATUS_START_AUTH = 1;
    public static final int VPN_STATUS_START_NCSVC_CALLED = 5;
    public static final int VPN_STATUS_START_NCSVC_RETURNED = 6;
    public static final int VPN_STATUS_START_RESTORE = 2;
    public static final int VPN_STATUS_UNKNOWN = 0;
    public static final int VPN_STATUS_VPN_NOT_AVAILABLE = 4;
    protected JunosApplication mApplication;
    protected a mDbAdapter;
    private static volatile int sVpnStatus = 0;
    private static volatile String sAuthFailedString = "";
    private static volatile long sStartConnectionCallTime = 0;
    private static List sAllowedMD5 = new Vector();
    private String mErrorString = ERR_NO_ERROR;
    protected String mCallerPkgName = "";
    private final b mBinder = new b() { // from class: net.juniper.junos.pulse.android.vpnservice.VpnSamsungKnoxService.1
        @Override // com.sec.a.a.a.a.a.a
        public int createConnection(String str) {
            return VpnSamsungKnoxService.this.createConnectionImpl(str);
        }

        @Override // com.sec.a.a.a.a.a.a
        public List getAllConnections() {
            if (!VpnSamsungKnoxService.this.verifyCaller()) {
                return null;
            }
            Vector vector = new Vector();
            List n = VpnSamsungKnoxService.this.mApplication.n();
            if (n != null) {
                int i = 0;
                while (true) {
                    int i2 = i;
                    if (i2 >= n.size()) {
                        break;
                    }
                    d dVar = (d) n.get(i2);
                    if (dVar.p()) {
                        String V = at.V(an.b(VpnSamsungKnoxService.this.mCallerPkgName + ":" + dVar.b()) + ":prof");
                        if (!TextUtils.isEmpty(V)) {
                            vector.add(V);
                        }
                    }
                    i = i2 + 1;
                }
            }
            aa.a("getAllConnections: size=" + vector.size());
            return vector;
        }

        @Override // com.sec.a.a.a.a.a.a
        public android.a.a.a getCACertificate(String str) {
            if (VpnSamsungKnoxService.this.verifyCaller()) {
                String checkProfileName = VpnSamsungKnoxService.this.checkProfileName(str);
                if (checkProfileName == null) {
                    aa.a("getCACertificate: " + VpnSamsungKnoxService.this.mErrorString);
                } else {
                    if (VpnSamsungKnoxService.this.getProfileId(checkProfileName) >= 0) {
                        VpnSamsungKnoxService.this.mErrorString = VpnSamsungKnoxService.ERR_OPTION_NOT_SUPPORTED;
                    }
                    aa.a("getCACertificate: " + VpnSamsungKnoxService.this.mErrorString);
                }
            }
            return null;
        }

        @Override // com.sec.a.a.a.a.a.a
        public String getConnection(String str) {
            return VpnSamsungKnoxService.this.getConnectionImpl(str);
        }

        @Override // com.sec.a.a.a.a.a.a
        public String getErrorString(String str) {
            return VpnSamsungKnoxService.this.getErrorStringImpl(str);
        }

        @Override // com.sec.a.a.a.a.a.a
        public int getState(String str) {
            return VpnSamsungKnoxService.this.getStateImpl(str);
        }

        @Override // com.sec.a.a.a.a.a.a
        public android.a.a.a getUserCertificate(String str) {
            if (VpnSamsungKnoxService.this.verifyCaller()) {
                String checkProfileName = VpnSamsungKnoxService.this.checkProfileName(str);
                if (checkProfileName == null) {
                    aa.a("getUserCertificate: " + VpnSamsungKnoxService.this.mErrorString);
                } else {
                    if (VpnSamsungKnoxService.this.getProfileId(checkProfileName) >= 0) {
                        VpnSamsungKnoxService.this.mErrorString = VpnSamsungKnoxService.ERR_OPTION_NOT_SUPPORTED;
                    }
                    aa.a("getUserCertificate: " + VpnSamsungKnoxService.this.mErrorString);
                }
            }
            return null;
        }

        @Override // com.sec.a.a.a.a.a.a
        public int getVpnModeOfOperation(String str) {
            if (!VpnSamsungKnoxService.this.verifyCaller()) {
                return -1;
            }
            String checkProfileName = VpnSamsungKnoxService.this.checkProfileName(str);
            if (checkProfileName != null) {
                return VpnSamsungKnoxService.this.getFipsMode(checkProfileName);
            }
            aa.a("getVpnModeOfOperation: " + VpnSamsungKnoxService.this.mErrorString);
            return -1;
        }

        @Override // com.sec.a.a.a.a.a.a
        public int removeConnection(String str) {
            return VpnSamsungKnoxService.this.removeConnectionImpl(str);
        }

        @Override // com.sec.a.a.a.a.a.a
        public boolean setAutoRetryOnConnectionError(String str, boolean z) {
            if (!VpnSamsungKnoxService.this.verifyCaller()) {
                return false;
            }
            String checkProfileName = VpnSamsungKnoxService.this.checkProfileName(str);
            if (checkProfileName == null) {
                aa.a("setAutoRetryOnConnectionError: " + VpnSamsungKnoxService.this.mErrorString);
                return false;
            }
            if (VpnSamsungKnoxService.this.getProfileId(checkProfileName) < 0) {
                aa.a("setAutoRetryOnConnectionError: " + VpnSamsungKnoxService.this.mErrorString);
                return false;
            }
            if (z) {
                return true;
            }
            VpnSamsungKnoxService.this.mErrorString = VpnSamsungKnoxService.ERR_OPTION_NOT_SUPPORTED;
            aa.a("setAutoRetryOnConnectionError: " + VpnSamsungKnoxService.this.mErrorString);
            return false;
        }

        @Override // com.sec.a.a.a.a.a.a
        public boolean setCACertificate(String str, byte[] bArr) {
            if (VpnSamsungKnoxService.this.verifyCaller()) {
                String checkProfileName = VpnSamsungKnoxService.this.checkProfileName(str);
                if (checkProfileName == null) {
                    aa.a("setCACertificate: " + VpnSamsungKnoxService.this.mErrorString);
                } else {
                    if (VpnSamsungKnoxService.this.getProfileId(checkProfileName) >= 0) {
                        VpnSamsungKnoxService.this.mErrorString = VpnSamsungKnoxService.ERR_OPTION_NOT_SUPPORTED;
                    }
                    aa.a("setCACertificate: " + VpnSamsungKnoxService.this.mErrorString);
                }
            }
            return false;
        }

        @Override // com.sec.a.a.a.a.a.a
        public boolean setServerCertValidationUserAcceptanceCriteria(String str, boolean z, List list, int i) {
            if (VpnSamsungKnoxService.this.verifyCaller()) {
                String checkProfileName = VpnSamsungKnoxService.this.checkProfileName(str);
                if (checkProfileName == null) {
                    aa.a("setServerCertValidationUserAcceptanceCriteria: " + VpnSamsungKnoxService.this.mErrorString);
                } else {
                    if (VpnSamsungKnoxService.this.getProfileId(checkProfileName) >= 0) {
                        VpnSamsungKnoxService.this.mErrorString = VpnSamsungKnoxService.ERR_OPTION_NOT_SUPPORTED;
                    }
                    aa.a("setServerCertValidationUserAcceptanceCriteria: " + VpnSamsungKnoxService.this.mErrorString);
                }
            }
            return false;
        }

        @Override // com.sec.a.a.a.a.a.a
        public boolean setUserCertificate(String str, byte[] bArr, String str2) {
            if (VpnSamsungKnoxService.this.verifyCaller()) {
                String checkProfileName = VpnSamsungKnoxService.this.checkProfileName(str);
                if (checkProfileName == null) {
                    aa.a("setUserCertificate: " + VpnSamsungKnoxService.this.mErrorString);
                } else {
                    if (VpnSamsungKnoxService.this.getProfileId(checkProfileName) >= 0) {
                        VpnSamsungKnoxService.this.mErrorString = VpnSamsungKnoxService.ERR_OPTION_NOT_SUPPORTED;
                    }
                    aa.a("setUserCertificate: " + VpnSamsungKnoxService.this.mErrorString);
                }
            }
            return false;
        }

        @Override // com.sec.a.a.a.a.a.a
        public int setVpnModeOfOperation(String str, int i) {
            if (!VpnSamsungKnoxService.this.verifyCaller()) {
                return -1;
            }
            String checkProfileName = VpnSamsungKnoxService.this.checkProfileName(str);
            if (checkProfileName == null) {
                aa.a("setVpnModeOfOperation: " + VpnSamsungKnoxService.this.mErrorString);
                return -1;
            }
            if (VpnSamsungKnoxService.this.getProfileId(checkProfileName) >= 0) {
                return !VpnSamsungKnoxService.this.updateProfile(checkProfileName, i > 0) ? 1 : 0;
            }
            VpnSamsungKnoxService.this.mErrorString = VpnSamsungKnoxService.ERR_PROFILE_NOT_FOUND;
            aa.a("setVpnModeOfOperation: " + VpnSamsungKnoxService.this.mErrorString);
            return -1;
        }

        @Override // com.sec.a.a.a.a.a.a
        public int startConnection(String str) {
            return VpnSamsungKnoxService.this.startConnectionImpl(str);
        }

        @Override // com.sec.a.a.a.a.a.a
        public int stopConnection(String str) {
            return VpnSamsungKnoxService.this.stopConnectionImpl(str);
        }
    };

    static {
        for (String str : JunosApplication.R().getResources().getStringArray(R.array.vpn_profile_allowed_package_md5)) {
            sAllowedMD5.add(str);
        }
    }

    private boolean aliasExists(String str, String str2) {
        try {
            X509Certificate[] certificateChain = KeyChain.getCertificateChain(this.mApplication, str2);
            PrivateKey privateKey = KeyChain.getPrivateKey(this.mApplication, str2);
            if (certificateChain != null) {
                if (certificateChain.length > 0 && privateKey != null) {
                    return true;
                }
            }
            aa.a("Alias does not exist: " + str2);
            return false;
        } catch (Exception e) {
            aa.a("aliasExists Exception: " + e);
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String checkProfileName(String str) {
        if (str != null && !TextUtils.isEmpty(str.trim())) {
            return str;
        }
        this.mErrorString = ERR_PROFILE_NAME_EMPTY;
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public int getFipsMode(String str) {
        int i;
        synchronized (a.f236a) {
            try {
                this.mDbAdapter.a();
                try {
                    long a2 = this.mDbAdapter.a(str, this.mCallerPkgName);
                    if (a2 < 0) {
                        this.mErrorString = ERR_PROFILE_NOT_FOUND;
                        aa.a("getFipsMode: " + this.mErrorString);
                        i = -1;
                    } else {
                        d a3 = this.mApplication.a(a2);
                        if (a3 == null) {
                            this.mErrorString = ERR_PROFILE_NOT_FOUND;
                            aa.a("getFipsMode: " + this.mErrorString);
                            i = -1;
                        } else {
                            int l = a3.l();
                            aa.a("getFipsMode: flags=" + l);
                            i = (l & 64) != 0 ? 1 : 0;
                        }
                    }
                } catch (SQLException e) {
                    this.mErrorString = ERR_DATABASE_EXCEPTION;
                    aa.a("getFipsMode SQL Exception: " + e);
                    this.mDbAdapter.b();
                    i = -1;
                }
            } finally {
                this.mDbAdapter.b();
            }
        }
        return i;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public long getProfileId(String str) {
        long j = -1;
        synchronized (a.f236a) {
            this.mDbAdapter.a();
            try {
                try {
                    j = this.mDbAdapter.a(str, this.mCallerPkgName);
                    if (j < 0) {
                        this.mErrorString = ERR_PROFILE_NOT_FOUND;
                    }
                } catch (SQLException e) {
                    aa.a("stopConnection SQL exception " + e);
                    this.mErrorString = ERR_DATABASE_EXCEPTION;
                    this.mDbAdapter.b();
                }
            } finally {
                this.mDbAdapter.b();
            }
        }
        return j;
    }

    private boolean restoreExistingVpnSession(String str) {
        return false;
    }

    private String sanitizeJSONProfile(String str) {
        int indexOf;
        StringBuffer stringBuffer = new StringBuffer(str);
        int i = 0;
        while (i < stringBuffer.length() && (indexOf = stringBuffer.indexOf("password", i)) >= 0) {
            int i2 = indexOf + 8;
            while (i2 < stringBuffer.length() && stringBuffer.charAt(i2) != ':') {
                i2++;
            }
            while (i2 < stringBuffer.length() && stringBuffer.charAt(i2) != '\"') {
                i2++;
            }
            i = i2 + 1;
            int i3 = i;
            while (i3 < stringBuffer.length() && stringBuffer.charAt(i3) != '\"') {
                i3++;
            }
            if (i3 > i) {
                stringBuffer.delete(i, i3);
            }
        }
        return stringBuffer.toString();
    }

    public static void setAuthFailedString(String str) {
        if (TextUtils.isEmpty(sAuthFailedString)) {
            sAuthFailedString = str;
        } else {
            aa.a("Not replacing " + sAuthFailedString + " by " + str);
        }
    }

    public static void setVpnStatus(int i) {
        aa.a("setVpnStatus status=" + i + " curr status=" + sVpnStatus);
        if (i != 8 || sVpnStatus == 1) {
            sVpnStatus = i;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean updateProfile(String str, boolean z) {
        boolean z2;
        synchronized (a.f236a) {
            try {
                this.mDbAdapter.a();
                try {
                    long a2 = this.mDbAdapter.a(str, this.mCallerPkgName);
                    if (a2 < 0) {
                        this.mErrorString = ERR_PROFILE_NOT_FOUND;
                        aa.a("updateProfile: " + this.mErrorString);
                        z2 = false;
                    } else {
                        d a3 = this.mApplication.a(a2);
                        if (a3 == null) {
                            this.mErrorString = ERR_PROFILE_NOT_FOUND;
                            aa.a("updateProfile: " + this.mErrorString);
                            z2 = false;
                        } else {
                            int l = a3.l();
                            int i = z ? l | 64 : l & (-65);
                            if (this.mDbAdapter.a(a2, a3.b(), a3.c(), a3.i(), a3.j(), a3.k(), a3.d(), a3.f(), i, (String) null, a3.u(), a3.e())) {
                                this.mApplication.a(a2, a3.b(), a3.c(), a3.i(), a3.j(), a3.k(), a3.d(), a3.f(), i, null, a3.u(), a3.e());
                                z2 = true;
                            } else {
                                this.mErrorString = ERR_DATABASE_EXCEPTION;
                                aa.a("updateProfile: " + this.mErrorString);
                                z2 = false;
                            }
                        }
                    }
                } catch (SQLException e) {
                    this.mErrorString = ERR_DATABASE_EXCEPTION;
                    aa.a("updateProfile SQL exception: " + e);
                    this.mDbAdapter.b();
                    z2 = false;
                }
            } finally {
                this.mDbAdapter.b();
            }
        }
        return z2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Removed duplicated region for block: B:113:0x0357 A[Catch: JSONException -> 0x03d9, Exception -> 0x0403, TryCatch #6 {JSONException -> 0x03d9, Exception -> 0x0403, blocks: (B:11:0x003c, B:13:0x0058, B:15:0x0060, B:17:0x0088, B:19:0x0090, B:20:0x0098, B:24:0x00a9, B:29:0x00cf, B:31:0x0138, B:33:0x0140, B:35:0x014e, B:37:0x0177, B:39:0x017f, B:40:0x0186, B:42:0x018f, B:44:0x0197, B:45:0x019b, B:47:0x01a1, B:49:0x01c0, B:51:0x01d3, B:53:0x01e2, B:54:0x01fc, B:56:0x020c, B:58:0x021a, B:60:0x0228, B:61:0x0232, B:63:0x023a, B:64:0x0240, B:66:0x0248, B:67:0x024e, B:69:0x0256, B:70:0x025c, B:72:0x0264, B:73:0x026a, B:75:0x0272, B:76:0x0284, B:78:0x028c, B:80:0x029a, B:81:0x02a4, B:83:0x02ac, B:84:0x02b6, B:86:0x02be, B:87:0x02c4, B:89:0x02cc, B:90:0x02d2, B:92:0x02da, B:93:0x02e4, B:95:0x02ec, B:97:0x02f8, B:98:0x0302, B:100:0x030a, B:102:0x0316, B:105:0x0325, B:107:0x032f, B:109:0x0335, B:113:0x0357, B:115:0x0361, B:202:0x0383, B:204:0x038d, B:206:0x0399, B:209:0x03ba, B:216:0x0101, B:218:0x010d, B:221:0x006a), top: B:10:0x003c }] */
    /* JADX WARN: Removed duplicated region for block: B:119:0x0436  */
    /* JADX WARN: Removed duplicated region for block: B:121:0x043a  */
    /* JADX WARN: Removed duplicated region for block: B:133:0x0474 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:151:0x04bf  */
    /* JADX WARN: Removed duplicated region for block: B:152:0x06de  */
    /* JADX WARN: Removed duplicated region for block: B:198:0x054e  */
    /* JADX WARN: Removed duplicated region for block: B:199:0x06ed  */
    /* JADX WARN: Removed duplicated region for block: B:200:0x0380  */
    /* JADX WARN: Removed duplicated region for block: B:78:0x028c A[Catch: JSONException -> 0x03d9, Exception -> 0x0403, TryCatch #6 {JSONException -> 0x03d9, Exception -> 0x0403, blocks: (B:11:0x003c, B:13:0x0058, B:15:0x0060, B:17:0x0088, B:19:0x0090, B:20:0x0098, B:24:0x00a9, B:29:0x00cf, B:31:0x0138, B:33:0x0140, B:35:0x014e, B:37:0x0177, B:39:0x017f, B:40:0x0186, B:42:0x018f, B:44:0x0197, B:45:0x019b, B:47:0x01a1, B:49:0x01c0, B:51:0x01d3, B:53:0x01e2, B:54:0x01fc, B:56:0x020c, B:58:0x021a, B:60:0x0228, B:61:0x0232, B:63:0x023a, B:64:0x0240, B:66:0x0248, B:67:0x024e, B:69:0x0256, B:70:0x025c, B:72:0x0264, B:73:0x026a, B:75:0x0272, B:76:0x0284, B:78:0x028c, B:80:0x029a, B:81:0x02a4, B:83:0x02ac, B:84:0x02b6, B:86:0x02be, B:87:0x02c4, B:89:0x02cc, B:90:0x02d2, B:92:0x02da, B:93:0x02e4, B:95:0x02ec, B:97:0x02f8, B:98:0x0302, B:100:0x030a, B:102:0x0316, B:105:0x0325, B:107:0x032f, B:109:0x0335, B:113:0x0357, B:115:0x0361, B:202:0x0383, B:204:0x038d, B:206:0x0399, B:209:0x03ba, B:216:0x0101, B:218:0x010d, B:221:0x006a), top: B:10:0x003c }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public int createConnectionImpl(java.lang.String r24) {
        /*
            Method dump skipped, instructions count: 1797
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: net.juniper.junos.pulse.android.vpnservice.VpnSamsungKnoxService.createConnectionImpl(java.lang.String):int");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getConnectionImpl(String str) {
        String str2 = null;
        if (verifyCaller()) {
            String checkProfileName = checkProfileName(str);
            if (checkProfileName == null) {
                aa.a("getConnection: " + this.mErrorString);
            } else {
                if (getProfileId(checkProfileName) >= 0) {
                    str2 = at.V(an.b(this.mCallerPkgName + ":" + checkProfileName) + ":prof");
                    this.mErrorString = ERR_NO_ERROR;
                }
                aa.a("getConnection: profileName=" + checkProfileName + " Error=" + this.mErrorString);
            }
        }
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getErrorStringImpl(String str) {
        if (str == null || TextUtils.isEmpty(str.trim())) {
            aa.a("getErrorString: Profile name is empty");
            return ERR_PROFILE_NAME_EMPTY;
        }
        if (this.mErrorString.equals(ERR_NO_ERROR)) {
            if (sVpnStatus == 4) {
                return TextUtils.isEmpty(sAuthFailedString) ? "VPN Not Established: Device Not VPN Capable" : VPN_NOT_ESTABLISHED + sAuthFailedString;
            }
            if (sVpnStatus == 6) {
                return "VPN Not Established: Failed to Start VPN Tunnel";
            }
            if (sVpnStatus == 7) {
                return TextUtils.isEmpty(sAuthFailedString) ? "VPN Not Established: User Signed Out" : VPN_NOT_ESTABLISHED + sAuthFailedString;
            }
            if (sVpnStatus == 3) {
                return !TextUtils.isEmpty(sAuthFailedString) ? VPN_NOT_ESTABLISHED + sAuthFailedString : "VPN Not Established: Internal Error";
            }
        }
        aa.a("getErrorString: " + this.mErrorString);
        return this.mErrorString;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Code restructure failed: missing block: B:58:0x0128, code lost:
    
        if (java.lang.System.currentTimeMillis() < (net.juniper.junos.pulse.android.vpnservice.VpnSamsungKnoxService.sStartConnectionCallTime + 5000)) goto L28;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public int getStateImpl(java.lang.String r12) {
        /*
            Method dump skipped, instructions count: 304
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: net.juniper.junos.pulse.android.vpnservice.VpnSamsungKnoxService.getStateImpl(java.lang.String):int");
    }

    @Override // android.app.Service
    public IBinder onBind(Intent intent) {
        aa.a("onBind");
        return this.mBinder;
    }

    @Override // android.app.Service
    public void onCreate() {
        aa.a("onCreate");
        super.onCreate();
        this.mApplication = JunosApplication.R();
        this.mDbAdapter = new a(this.mApplication);
        if (at.c()) {
            af.a(getApplicationContext(), af.q, 0);
        }
        synchronized (a.f236a) {
            if (this.mApplication.a()) {
                this.mDbAdapter.a();
                try {
                    this.mDbAdapter.g();
                } catch (SQLException e) {
                    aa.a("onCreate: SQL exception: " + e);
                } finally {
                    this.mDbAdapter.b();
                }
            }
            this.mApplication.b();
        }
        if (this.mApplication.y().l()) {
            return;
        }
        aa.a("VpnSamsungKnoxService: startVpnService");
        this.mApplication.y().a((net.juniper.junos.pulse.android.vpn.d) null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int removeConnectionImpl(String str) {
        int i = -1;
        if (verifyCaller()) {
            String checkProfileName = checkProfileName(str);
            if (checkProfileName == null) {
                aa.a("removeConnection: " + this.mErrorString);
            } else {
                if (this.mApplication.d().a()) {
                    String q = this.mApplication.q();
                    if (!TextUtils.isEmpty(q) && q.equals(checkProfileName)) {
                        this.mErrorString = ERR_ACTIVE_PROFILE_CANNOT_BE_REMOVED;
                        aa.a("removeConnection: " + this.mErrorString);
                    }
                }
                synchronized (a.f236a) {
                    this.mDbAdapter.a();
                    try {
                        try {
                            long a2 = this.mDbAdapter.a(checkProfileName, this.mCallerPkgName);
                            if (a2 < 0) {
                                i = 1;
                            } else {
                                String b = an.b(this.mCallerPkgName + ":" + checkProfileName);
                                if (this.mDbAdapter.a(a2)) {
                                    this.mApplication.b(a2);
                                    at.W(b + ":prof");
                                    at.W(b + ":cert");
                                    at.W(b + ":key");
                                    at.W(b + ":pass");
                                    at.W(b + ":user2");
                                    at.W(b + ":pass2");
                                    at.W(b + ":cmd");
                                    this.mErrorString = ERR_NO_ERROR;
                                    i = 0;
                                } else {
                                    this.mErrorString = ERR_DELETE_PROFILE_FAILED;
                                }
                            }
                        } finally {
                            this.mDbAdapter.b();
                        }
                    } catch (SQLException e) {
                        aa.a("removeConnection SQL exception " + e);
                        this.mErrorString = ERR_DATABASE_EXCEPTION;
                        this.mDbAdapter.b();
                    }
                }
                aa.a("removeConnection: profileName=" + checkProfileName + " retval=" + i + " Error=" + this.mErrorString);
            }
        }
        return i;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int startConnectionImpl(String str) {
        int i;
        if (!verifyCaller()) {
            return -1;
        }
        String checkProfileName = checkProfileName(str);
        if (checkProfileName == null) {
            aa.a("removeConnection: " + this.mErrorString);
            return -1;
        }
        long profileId = getProfileId(checkProfileName);
        d dVar = null;
        if (profileId >= 0 && (dVar = this.mApplication.a(profileId)) == null) {
            this.mErrorString = ERR_PROFILE_NOT_FOUND;
        }
        if (profileId < 0 || dVar == null) {
            i = 1;
        } else {
            String str2 = null;
            String str3 = null;
            String str4 = null;
            String b = an.b(this.mCallerPkgName + ":" + checkProfileName);
            if (!TextUtils.isEmpty(at.V(b + ":prof"))) {
                String V = at.V(b + ":pass");
                if (TextUtils.isEmpty(V)) {
                    V = null;
                }
                str3 = at.V(b + ":user2");
                if (TextUtils.isEmpty(str3)) {
                    str3 = null;
                }
                String V2 = at.V(b + ":pass2");
                if (TextUtils.isEmpty(V2)) {
                    str2 = V;
                    str4 = null;
                } else {
                    str2 = V;
                    str4 = V2;
                }
            }
            if (this.mApplication.d().a()) {
                String q = this.mApplication.q();
                if (TextUtils.isEmpty(q) || !q.equals(checkProfileName)) {
                    this.mErrorString = ERR_OTHER_PROFILE_HAS_ACTIVE_VPN_SESSION;
                    i = -1;
                } else {
                    this.mErrorString = ERR_THIS_PROFILE_HAS_ACTIVE_VPN_SESSION;
                    i = -1;
                }
            } else {
                String V3 = at.V("needToRestartVpnService");
                if (!TextUtils.isEmpty(V3) && V3.equals(CleanerProperties.BOOL_ATT_TRUE)) {
                    this.mApplication.y().a();
                }
                if (!this.mApplication.y().l()) {
                    int i2 = 0;
                    while (true) {
                        if (i2 >= 20) {
                            break;
                        }
                        try {
                            Thread.sleep(100L);
                        } catch (InterruptedException e) {
                            aa.a("sleep InterruptedException: " + e);
                        }
                        if (this.mApplication.y().l()) {
                            aa.a("startConnection: Vpn service connected i=" + i2);
                            break;
                        }
                        i2++;
                    }
                }
                if (!this.mApplication.y().l()) {
                    aa.a("startConnection: startVpnService");
                    this.mApplication.y().a((net.juniper.junos.pulse.android.vpn.d) null);
                    this.mErrorString = ERR_VPN_SERVICE_NOT_STARTED;
                    i = -1;
                } else if (restoreExistingVpnSession(checkProfileName)) {
                    aa.a("startConnection: VPN session restored");
                    this.mErrorString = ERR_NO_ERROR;
                    i = 0;
                    setVpnStatus(2);
                } else {
                    long currentTimeMillis = System.currentTimeMillis();
                    if (sVpnStatus != 1 || currentTimeMillis > sStartConnectionCallTime + 5000) {
                        sAuthFailedString = "";
                        sStartConnectionCallTime = currentTimeMillis;
                        this.mApplication.c(profileId);
                        Intent intent = new Intent(this, (Class<?>) SignInActivity.class);
                        intent.setFlags(268435456);
                        intent.putExtra(TAG, true);
                        intent.putExtra("callerProfileMD5", b);
                        intent.putExtra("profileName", checkProfileName);
                        intent.putExtra("Password", str2);
                        intent.putExtra("Username2", str3);
                        intent.putExtra("Password2", str4);
                        this.mApplication.startActivity(intent);
                        setVpnStatus(1);
                        at.a(b + ":cmd", "start");
                    } else {
                        aa.a("startConnection: ignored as it was just called");
                    }
                    this.mErrorString = ERR_NO_ERROR;
                    i = 0;
                }
            }
        }
        aa.a("startConnection: profileName=" + checkProfileName + " Error=" + this.mErrorString);
        return i;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int stopConnectionImpl(String str) {
        int i = 0;
        int i2 = -1;
        if (!verifyCaller()) {
            return -1;
        }
        String checkProfileName = checkProfileName(str);
        if (checkProfileName == null) {
            aa.a("stopConnection: " + this.mErrorString);
            return -1;
        }
        if (getProfileId(checkProfileName) < 0) {
            i = 1;
        } else if (this.mApplication.d().a()) {
            String q = this.mApplication.q();
            if (TextUtils.isEmpty(q) || !q.equals(checkProfileName)) {
                this.mErrorString = ERR_NO_ACTIVE_VPN_SESSION;
                i = -1;
            } else {
                net.juniper.junos.pulse.android.k.b A = this.mApplication.A();
                if (A != null) {
                    if (an.v(this.mApplication)) {
                        at.a(an.b(this.mCallerPkgName + ":" + checkProfileName) + ":cmd", "stop");
                        this.mApplication.C();
                        A.f();
                        i2 = 0;
                        while (i2 < 3000) {
                            try {
                                Thread.sleep(1L);
                            } catch (InterruptedException e) {
                                aa.a("InterruptedException: " + e);
                            }
                            if (sVpnStatus == 7) {
                                break;
                            }
                            i2++;
                        }
                        this.mErrorString = ERR_NO_ERROR;
                    } else {
                        this.mErrorString = ERR_NO_NETWORK;
                    }
                }
                i = -1;
            }
        } else {
            this.mErrorString = ERR_NO_ACTIVE_VPN_SESSION;
            i = -1;
        }
        aa.a("stopConnection: profileName=" + checkProfileName + " delay=" + i2 + " Error=" + this.mErrorString);
        return i;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean verifyCaller() {
        boolean z;
        this.mCallerPkgName = "";
        this.mErrorString = CALLER_CANNOT_BE_VERIFIED;
        int callingUid = Binder.getCallingUid();
        aa.a("verifyCaller callerUid=" + callingUid);
        if (callingUid == 1000 || callingUid == 0) {
            this.mErrorString = ERR_NO_ERROR;
            this.mCallerPkgName = KNOX_FRAMEWORK;
            z = true;
        } else if (callingUid < 0) {
            aa.a("verifyCaller callerUid = " + callingUid);
            z = false;
        } else {
            String[] packagesForUid = getPackageManager().getPackagesForUid(callingUid);
            if (packagesForUid == null) {
                aa.a("verifyCaller pkgList is null");
                z = false;
            } else {
                if (packagesForUid.length == 1) {
                    this.mCallerPkgName = packagesForUid[0];
                }
                if (TextUtils.isEmpty(this.mCallerPkgName)) {
                    int callingPid = Binder.getCallingPid();
                    if (callingPid > 0) {
                        List<ActivityManager.RunningAppProcessInfo> runningAppProcesses = ((ActivityManager) getSystemService("activity")).getRunningAppProcesses();
                        if (runningAppProcesses != null) {
                            Iterator<ActivityManager.RunningAppProcessInfo> it = runningAppProcesses.iterator();
                            while (true) {
                                if (!it.hasNext()) {
                                    break;
                                }
                                ActivityManager.RunningAppProcessInfo next = it.next();
                                if (next.pid == callingPid) {
                                    this.mCallerPkgName = next.processName;
                                    break;
                                }
                            }
                        } else {
                            aa.a("verifyCaller processList is null");
                            z = false;
                        }
                    } else {
                        aa.a("verifyCaller callerPid = " + callingPid);
                        z = false;
                    }
                }
                if (TextUtils.isEmpty(this.mCallerPkgName)) {
                    aa.a("verifyCaller failed to get caller's package name");
                    z = false;
                } else {
                    try {
                        PackageInfo packageInfo = getPackageManager().getPackageInfo(this.mCallerPkgName, 64);
                        if (packageInfo != null) {
                            Signature[] signatureArr = packageInfo.signatures;
                            if (signatureArr != null && signatureArr.length > 0) {
                                int length = signatureArr.length;
                                int i = 0;
                                while (true) {
                                    if (i >= length) {
                                        z = false;
                                        break;
                                    }
                                    Signature signature = signatureArr[i];
                                    String b = an.b(this.mCallerPkgName + ":" + signature.toCharsString());
                                    if (sAllowedMD5.contains(b)) {
                                        this.mErrorString = ERR_NO_ERROR;
                                        z = true;
                                        break;
                                    }
                                    aa.a("verifyCaller failed for " + this.mCallerPkgName + ":" + signature.toCharsString() + " md5=" + b);
                                    i++;
                                }
                            } else {
                                aa.a("verifyCaller sigs is null or length <= 0");
                                z = false;
                            }
                        } else {
                            aa.a("verifyCaller pkgInfo is null");
                            z = false;
                        }
                    } catch (Exception e) {
                        aa.a("verifyCaller exception: " + e);
                        z = false;
                    }
                }
            }
        }
        if (!z || !at.c()) {
            return z;
        }
        this.mErrorString = ERR_EULA_NOT_ACCEPTED;
        aa.a("verifyCaller error: " + this.mErrorString);
        return false;
    }
}
