package net.juniper.junos.pulse.android.vpnservice;

import android.app.Service;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.SharedPreferences;
import android.net.ConnectivityManager;
import android.net.DhcpInfo;
import android.net.NetworkInfo;
import android.net.wifi.WifiManager;
import android.os.Build;
import android.os.Handler;
import android.os.IBinder;
import android.os.RemoteException;
import android.security.KeyChain;
import android.text.TextUtils;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Iterator;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import net.juniper.junos.pulse.android.JunosApplication;
import net.juniper.junos.pulse.android.R;
import net.juniper.junos.pulse.android.b;
import net.juniper.junos.pulse.android.util.aa;
import net.juniper.junos.pulse.android.util.af;
import net.juniper.junos.pulse.android.util.al;
import net.juniper.junos.pulse.android.util.at;
import net.juniper.junos.pulse.android.vpnservice.IVpnInterface;
import org.htmlcleaner.CleanerProperties;

/* loaded from: classes.dex */
public class VpnService {
    private static final int CERT_ENCODING_ERR = -1;
    private static final int CERT_EXPIRED_ERR = -2;
    private static final int CERT_KEY_STORE_ERR = -8;
    private static final int CERT_NOTYETVALID_ERR = -4;
    private static final int CERT_PARSING_ERR = -3;
    private static final int CERT_SHA1HASH_ERR = -6;
    private static final int CERT_UNTRUSTED_ERR = -5;
    private static final int CERT_VERIFY_FAIL = -7;
    public static final int NCUI_STATUS_CONNECTED = 3;
    public static final int NCUI_STATUS_CONNECTED_NCSVC = 1;
    public static final int NCUI_STATUS_CONNECTING_IVE = 2;
    public static final int NCUI_STATUS_CONNECTING_NCSVC = 0;
    public static final int NCUI_STATUS_DISCONNECTED = 7;
    public static final int NCUI_STATUS_DISCONNECTING_IVE = 5;
    public static final int NCUI_STATUS_DISCONNECTING_NVSVC = 6;
    public static final int NCUI_STATUS_ERROR = 8;
    public static final int NCUI_STATUS_EXIT = 9;
    public static final int NCUI_STATUS_RECONNECTING = 4;
    private static final int NC_RET_DISCONNECT = 0;
    private static final int NC_RET_RECONNECT = 1;
    private static final int NC_RET_VPNDISABLED = 2;
    private static final int SCREEN_TIMEOUT = 3000;
    private static final String VPN_DISCONNECT_REASON_ID = "vpn_disconnect_reason_id";
    private static final String VPN_DISCONNECT_REASON_TEXT = "vpn_disconnect_reason_text";
    private static final String VPN_SESSION_DISCONNECTED = "net.juniper.junos.pulse.android.vpn.SESSION_DISCONNECTED";
    private static volatile int m_threadRunning;
    private static volatile boolean sIsPerAppVpn;
    private static volatile String sProfileName;
    private int mAccelMode;
    private int mAccelValue;
    private AccelStats mStats;
    private boolean m_FipsEnabled;
    int m_VendorId;
    private Context m_ctx;
    private Service m_svc;
    public final int JUNOS_PLUGIN_API = 1;
    public final int SAMSUNG_API = 2;
    public final int LENOVO_API = 3;
    public final int ICS_API = 4;
    private volatile boolean m_active = true;
    private final String TAG = getClass().getName();
    NetworkStateReceiver bReceiver = null;
    protected int m_RetryNumber = 0;
    private int m_RetryTimeout = 2000;
    private final int MAX_RETRY_NUMBER = 8;
    private final IVpnInterface.Stub mBinder = new AnonymousClass1();
    private final String PREFS_NAME = "VpnServicePrefs";
    private final String DSID = "DSID";
    private final String HOST = "HOST";
    private final String CERT = "CERT";
    private int m_tstate = 7;
    private int m_tx = 0;
    private int m_rx = 0;
    private int m_ipAddr = 0;
    private int m_iveIpAddr = 0;
    private volatile String m_host = null;
    private volatile String m_cookies = null;
    private volatile String m_cert_hash = null;
    private long m_StartTime = 0;

    /* renamed from: net.juniper.junos.pulse.android.vpnservice.VpnService$1, reason: invalid class name */
    /* loaded from: classes.dex */
    class AnonymousClass1 extends IVpnInterface.Stub {
        private Handler mStatsHandler = new Handler();
        private Runnable mStatsUpdateTimeTask = new Runnable() { // from class: net.juniper.junos.pulse.android.vpnservice.VpnService.1.2
            @Override // java.lang.Runnable
            public void run() {
                VpnService.this.m_tx = VpnService.this.getNcsvcTx();
                VpnService.this.m_rx = VpnService.this.getNcsvcRx();
                VpnService.this.m_ipAddr = VpnService.this.getNcsvcIp();
                int ncsvcState = VpnService.this.getNcsvcState();
                if (ncsvcState != 0) {
                    VpnService.this.setState(ncsvcState);
                }
                AnonymousClass1.this.mStatsHandler.postDelayed(this, 1000L);
            }
        };
        private Handler reconnectHandler = new Handler();
        private Runnable mReconnectTask = new Runnable() { // from class: net.juniper.junos.pulse.android.vpnservice.VpnService.1.3
            @Override // java.lang.Runnable
            public void run() {
                String unused = VpnService.this.TAG;
                aa.a("Received reconnect timer");
                if (!VpnService.this.m_active) {
                    String unused2 = VpnService.this.TAG;
                    aa.a("vpnService is inactive");
                    return;
                }
                NetworkInfo activeNetworkInfo = ((ConnectivityManager) VpnService.this.getApplicationContext().getSystemService("connectivity")).getActiveNetworkInfo();
                if (activeNetworkInfo == null) {
                    String unused3 = VpnService.this.TAG;
                    aa.a("No network info available");
                    return;
                }
                String unused4 = VpnService.this.TAG;
                aa.a("Network " + activeNetworkInfo.getTypeName() + " connected " + activeNetworkInfo.isConnected());
                if (activeNetworkInfo.isConnected()) {
                    AnonymousClass1.this.connect(VpnService.sProfileName, VpnService.sIsPerAppVpn);
                }
            }
        };
        private Runnable mDisconnectTask = new Runnable() { // from class: net.juniper.junos.pulse.android.vpnservice.VpnService.1.4
            @Override // java.lang.Runnable
            public void run() {
                String unused = VpnService.this.TAG;
                aa.a("Received disconnect timer");
                try {
                    AnonymousClass1.this.tearDownTunnel();
                } catch (RemoteException e) {
                    aa.a((Exception) e);
                }
            }
        };
        private int m_vpn_ret_code = 0;
        IVpnInterfaceCallback m_callback = null;

        AnonymousClass1() {
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void cleanUpConn() {
            String unused = VpnService.this.TAG;
            aa.a("cleanUpConn called");
            this.reconnectHandler.removeCallbacks(this.mReconnectTask);
            this.m_vpn_ret_code = 0;
            String unused2 = VpnService.sProfileName = null;
            boolean unused3 = VpnService.sIsPerAppVpn = false;
            VpnService.this.m_host = VpnService.this.m_cookies = VpnService.this.m_cert_hash = null;
            VpnService.this.m_RetryNumber = 8;
            VpnService.this.m_RetryTimeout = 2000;
            VpnService.this.saveConnectionParams(null, null, null);
            VpnService.this.stopReceiver();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public synchronized int connect(final String str, final boolean z) {
            synchronized (this) {
                String unused = VpnService.this.TAG;
                aa.a("m_threadRunning " + VpnService.m_threadRunning + " m_cookies=" + (VpnService.this.m_cookies != null) + " m_host=" + VpnService.this.m_host + " m_cert_hash=" + (VpnService.this.m_cert_hash != null) + " m_FipsEnabled=" + VpnService.this.m_FipsEnabled + " isPerAppVpn=" + z);
                if (VpnService.m_threadRunning == 0 && VpnService.this.m_cookies != null && VpnService.this.m_host != null && VpnService.this.m_cert_hash != null) {
                    int unused2 = VpnService.m_threadRunning = 1;
                    String unused3 = VpnService.this.TAG;
                    aa.a("Entering connect");
                    if (VpnService.this.isSignedIn()) {
                        new Thread(new Runnable() { // from class: net.juniper.junos.pulse.android.vpnservice.VpnService.1.1
                            @Override // java.lang.Runnable
                            public void run() {
                                DhcpInfo dhcpInfo;
                                VpnService.this.m_tx = 0;
                                VpnService.this.m_rx = 0;
                                VpnService.this.m_StartTime = 0L;
                                VpnService.this.m_ipAddr = 0;
                                String str2 = new String(VpnService.this.getApplicationContext().getFilesDir().getAbsolutePath() + "/dnscache");
                                if (VpnService.this.m_tstate != 4) {
                                    VpnService.this.m_tstate = 2;
                                }
                                String a2 = al.a(VpnService.this.m_host);
                                if (a2 == null) {
                                    a2 = "";
                                }
                                AnonymousClass1.this.startStatsUpdate();
                                if (VpnService.this.m_VendorId == 4 && VpnService.this.getApplicationContext().getResources().getBoolean(R.bool.start_foreground_for_vpn)) {
                                    if (al.b()) {
                                        ((VpnServiceKnox) VpnService.this.m_svc).startForeground();
                                    } else {
                                        ((VpnServiceIcs) VpnService.this.m_svc).startForeground();
                                    }
                                }
                                if (al.b()) {
                                    if (((VpnServiceKnox) VpnService.this.m_svc).prepareToStart(str, z) != null) {
                                        String unused4 = VpnService.this.TAG;
                                        aa.d("prepareToStart returned a non-null intent");
                                    }
                                    ((VpnServiceKnox) VpnService.this.m_svc).setPerAppVpn(z);
                                }
                                VpnSamsungKnoxService.setVpnStatus(5);
                                AnonymousClass1.this.m_vpn_ret_code = VpnService.this.startNcsvc(VpnService.this.m_host, VpnService.this.m_cookies, str2, VpnService.this.m_cert_hash, a2, VpnService.this.m_FipsEnabled ? 1 : 0);
                                VpnSamsungKnoxService.setVpnStatus(6);
                                if (VpnService.this.mAccelMode == 1) {
                                    String unused5 = VpnService.this.TAG;
                                    aa.a("VPN tunnel is down. Shutting down acceleration. vpn return code = " + AnonymousClass1.this.m_vpn_ret_code);
                                    VpnService.this.accelShutdown();
                                }
                                if (VpnService.this.m_VendorId == 4 && VpnService.this.getApplicationContext().getResources().getBoolean(R.bool.start_foreground_for_vpn)) {
                                    if (al.b()) {
                                        ((VpnServiceKnox) VpnService.this.m_svc).stopForeground(true);
                                    } else {
                                        ((VpnServiceIcs) VpnService.this.m_svc).stopForeground(true);
                                    }
                                }
                                if (al.b()) {
                                    ((VpnServiceKnox) VpnService.this.m_svc).prepareToStop(str);
                                }
                                VpnService.this.sendDisconnectReason(VpnService.this.getDisconnectReason());
                                if (VpnService.this.m_VendorId != 4) {
                                    af.a(VpnService.this.getApplicationContext(), af.n);
                                }
                                AnonymousClass1.this.stopStatsUpdate();
                                NetworkInfo activeNetworkInfo = ((ConnectivityManager) VpnService.this.getApplicationContext().getSystemService("connectivity")).getActiveNetworkInfo();
                                int type = activeNetworkInfo != null ? activeNetworkInfo.getType() : 0;
                                if (type == 1) {
                                    Context applicationContext = VpnService.this.getApplicationContext();
                                    VpnService.this.getApplicationContext();
                                    WifiManager wifiManager = (WifiManager) applicationContext.getSystemService("wifi");
                                    if (wifiManager != null && (dhcpInfo = wifiManager.getDhcpInfo()) != null) {
                                        String unused6 = VpnService.this.TAG;
                                        aa.a(Integer.toString(dhcpInfo.dns1));
                                        VpnService.this.setDns(1, dhcpInfo.dns1);
                                        String unused7 = VpnService.this.TAG;
                                        aa.a(Integer.toString(dhcpInfo.dns2));
                                        VpnService.this.setDns(2, dhcpInfo.dns2);
                                    }
                                }
                                String unused8 = VpnService.this.TAG;
                                aa.a("Network type " + Integer.toString(type));
                                VpnService.this.m_StartTime = 0L;
                                String unused9 = VpnService.this.TAG;
                                aa.a("ncsvc return code " + AnonymousClass1.this.m_vpn_ret_code);
                                switch (AnonymousClass1.this.m_vpn_ret_code) {
                                    case 1:
                                        if (VpnService.this.isSignedIn()) {
                                            Intent intent = null;
                                            if (Build.VERSION.SDK_INT >= 14 && !al.b()) {
                                                intent = android.net.VpnService.prepare(VpnService.this.getApplicationContext());
                                                String unused10 = VpnService.this.TAG;
                                                aa.a("startNcsvc: prepare says VPN disconnected by user: " + (intent != null));
                                            }
                                            if (intent == null) {
                                                VpnService.this.m_tstate = 4;
                                                VpnService.this.sendStateChangeEVent(VpnService.this.getApplicationContext().getString(R.string.vpn_action_connecting));
                                                AnonymousClass1.this.startReconnect(VpnService.this.m_RetryTimeout, false);
                                                break;
                                            }
                                        }
                                        break;
                                    case 0:
                                        VpnService.this.sendStateChangeEVent(VpnService.this.getApplicationContext().getString(R.string.vpn_action_disconnected));
                                        AnonymousClass1.this.cleanUpConn();
                                        VpnService.this.m_tstate = 7;
                                        try {
                                            AnonymousClass1.this.m_callback.vpnSessionEnded(AnonymousClass1.this.m_vpn_ret_code);
                                            break;
                                        } catch (RemoteException e) {
                                            String unused11 = VpnService.this.TAG;
                                            aa.a("VpnDisconnect: unable to notify UI");
                                            break;
                                        }
                                    case 2:
                                        VpnService.this.sendStateChangeEVent(VpnService.this.getApplicationContext().getString(R.string.vpn_action_disconnected));
                                        VpnService.this.m_tstate = 7;
                                        break;
                                }
                                int unused12 = VpnService.m_threadRunning = 0;
                            }
                        }).start();
                    } else {
                        cleanUpConn();
                        String unused4 = VpnService.this.TAG;
                        aa.a("Client not signed in, exiting");
                        int unused5 = VpnService.m_threadRunning = 0;
                    }
                }
            }
            return 0;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void startStatsUpdate() {
            this.mStatsHandler.postDelayed(this.mStatsUpdateTimeTask, 500L);
        }

        private int startVpnImpl(String str, String str2, String str3, String str4, boolean z, boolean z2) {
            String unused = VpnService.this.TAG;
            aa.a("startVpn called profileName=" + str4 + " perAppVpn=" + z2);
            String unused2 = VpnService.sProfileName = str4;
            boolean unused3 = VpnService.sIsPerAppVpn = z2;
            if (VpnService.this.checkSetVpnCapable() <= 0) {
                String unused4 = VpnService.this.TAG;
                aa.a("vpn capability is off");
                return 0;
            }
            String unused5 = VpnService.this.TAG;
            aa.a("vpn capability is ON");
            VpnService.this.m_host = str;
            VpnService.this.m_cookies = str2;
            VpnService.this.m_cert_hash = str3;
            VpnService.this.m_RetryNumber = 8;
            VpnService.this.m_RetryTimeout = 2000;
            VpnService.this.m_FipsEnabled = z;
            VpnService.this.clearRouteList();
            if (TextUtils.isEmpty(VpnService.this.m_host)) {
                aa.a("startVpnImpl IVE hostname is empty");
            } else {
                try {
                    byte[] address = InetAddress.getByName(VpnService.this.m_host).getAddress();
                    if (address.length == 4) {
                        VpnService.this.m_iveIpAddr = (address[3] & 255) + ((address[0] & 255) << 24) + ((address[1] & 255) << 16) + ((address[2] & 255) << 8);
                    } else {
                        aa.a("startVpnImpl ipBytes.length=" + address.length);
                    }
                } catch (UnknownHostException e) {
                    aa.a("startVpnImpl failed to resolve host " + VpnService.this.m_host);
                }
            }
            VpnService.this.saveConnectionParams(VpnService.this.m_host, VpnService.this.m_cookies, null);
            VpnService.this.startReceiver();
            return connect(VpnService.sProfileName, z2);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void stopStatsUpdate() {
            this.mStatsHandler.removeCallbacks(this.mStatsUpdateTimeTask);
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public Intent callKnoxPrepare(String str, boolean z) {
            if (al.b()) {
                return ((VpnServiceKnox) VpnService.this.m_svc).prepareToStart(str, z);
            }
            return null;
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public void delayedDisconnect(int i) {
            String unused = VpnService.this.TAG;
            aa.a("delayedDisconnect w delay " + i);
            this.reconnectHandler.removeCallbacks(this.mReconnectTask);
            this.reconnectHandler.removeCallbacks(this.mDisconnectTask);
            this.reconnectHandler.postDelayed(this.mDisconnectTask, i);
            if (i != 0 || Build.VERSION.SDK_INT < 14) {
                return;
            }
            int i2 = 2000;
            while (i2 > 0 && VpnService.m_threadRunning != 0) {
                try {
                    Thread.sleep(10L);
                } catch (Exception e) {
                }
                i2 -= 10;
            }
            String unused2 = VpnService.this.TAG;
            aa.a("delayedDisconnect called delay=0 maxMilliSecs=" + i2 + " m_threadRunning=" + VpnService.m_threadRunning);
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public void enableAccel(boolean z, int i) {
            aa.c("enableAccel: " + z);
            VpnService.this.mAccelMode = i;
            if (!z) {
                if (i != 2) {
                    VpnService.this.accelDisable(i);
                    return;
                } else {
                    VpnService.this.stopReceiver();
                    VpnService.this.stopPuma();
                    return;
                }
            }
            if (i == 1) {
                VpnService.this.accelEnable(i);
                return;
            }
            if (VpnService.this.bReceiver == null) {
                VpnService.this.startReceiver();
            }
            VpnService.this.startPuma();
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public AccelStats getAccelStats() {
            if (VpnService.this.mStats == null) {
                aa.c("Creating new instance of AccelStats");
                VpnService.this.mStats = new AccelStats();
            }
            VpnService.this.accelGetStats(VpnService.this.mStats);
            return VpnService.this.mStats;
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public int getIpAddr() {
            return VpnService.this.m_ipAddr;
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public int getRx() {
            return VpnService.this.m_rx;
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public long getStartTime() {
            return VpnService.this.m_StartTime;
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public int getState() {
            return VpnService.this.m_tstate;
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public int getTx() {
            return VpnService.this.m_tx;
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public boolean isVpnCapable() {
            return VpnService.this.checkSetVpnCapable() > 0;
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public void protect(int i) {
            if (al.b()) {
                ((VpnServiceKnox) VpnService.this.m_svc).protectSocket(i);
            } else {
                ((VpnServiceIcs) VpnService.this.m_svc).protectSocket(i);
            }
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public void registerCallback(IVpnInterfaceCallback iVpnInterfaceCallback) {
            this.m_callback = iVpnInterfaceCallback;
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public void setAccelEnable(int i) {
            aa.c("Set accel enable: " + i);
            if (i != 3) {
                VpnService.this.mAccelMode = 1;
            } else {
                VpnService.this.mAccelMode = 0;
            }
            VpnService.this.mAccelValue = i;
            VpnService.this.accelSetEnable(i);
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public void setHasPerAppVpn() {
            at.a("hasPerAppVpn", CleanerProperties.BOOL_ATT_TRUE);
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public void setSmcUrl(String str) {
            aa.c("Set smc url: " + str);
            VpnService.this.accelSetHost(str);
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public void startReconnect(int i, boolean z) {
            if (!VpnService.this.m_active) {
                String unused = VpnService.this.TAG;
                aa.a("startReconnect: vpnService is inactive");
                return;
            }
            if (z) {
                String unused2 = VpnService.this.TAG;
                aa.a("Reseted retry counter");
                VpnService.this.m_RetryNumber = 8;
                VpnService.this.m_RetryTimeout = 2000;
            }
            if (VpnService.this.m_RetryNumber <= 0) {
                VpnService.this.sendStateChangeEVent(VpnService.this.getApplicationContext().getString(R.string.vpn_action_disconnected));
                VpnService.this.m_tstate = 7;
                String unused3 = VpnService.this.TAG;
                aa.a("Reached number of reconnect retries " + VpnService.this.m_RetryNumber);
                return;
            }
            String unused4 = VpnService.this.TAG;
            aa.a("Retry attempts left " + VpnService.this.m_RetryNumber);
            VpnService.this.m_RetryNumber--;
            if (VpnService.this.m_RetryTimeout < 60000) {
                VpnService.this.m_RetryTimeout *= 2;
                if (VpnService.this.m_RetryTimeout > 60000) {
                    VpnService.this.m_RetryTimeout = 60000;
                }
            }
            String unused5 = VpnService.this.TAG;
            aa.a("startReconnect w delay " + i);
            this.reconnectHandler.removeCallbacks(this.mReconnectTask);
            this.reconnectHandler.removeCallbacks(this.mDisconnectTask);
            this.reconnectHandler.postDelayed(this.mReconnectTask, i);
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public int startVpn(String str, String str2, String str3) {
            return startVpnImpl(str, str2, str3, null, false, false);
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public int startVpnEx(String str, String str2, String str3, String str4, boolean z, boolean z2) {
            return startVpnImpl(str, str2, str3, str4, z, z2);
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public int startVpnFIPS(String str, String str2, String str3) {
            return startVpnImpl(str, str2, str3, null, true, false);
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public int stopVpn() {
            int i = 2000;
            cleanUpConn();
            int stopNcsvc = VpnService.this.stopNcsvc(0);
            while (i > 0 && VpnService.m_threadRunning != 0) {
                try {
                    Thread.sleep(10L);
                } catch (Exception e) {
                }
                i -= 10;
            }
            String unused = VpnService.this.TAG;
            aa.a("stopVpn called maxMilliSecs=" + i + " m_threadRunning=" + VpnService.m_threadRunning);
            return stopNcsvc;
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public int tearDownTunnel() {
            aa.c("tearDownTunnel called");
            return VpnService.this.stopNcsvc(1);
        }

        @Override // net.juniper.junos.pulse.android.vpnservice.IVpnInterface
        public void unregisterCallback(IVpnInterfaceCallback iVpnInterfaceCallback) {
            this.m_callback = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class NetworkStateReceiver extends BroadcastReceiver {
        NetworkStateReceiver() {
        }

        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            if (VpnService.this.checkSetVpnCapable() < 0) {
                String unused = VpnService.this.TAG;
                aa.a("vpn capability is off");
                return;
            }
            String unused2 = VpnService.this.TAG;
            aa.a("action: " + intent.getAction());
            if (intent.getAction().equals("android.intent.action.SCREEN_OFF")) {
                String unused3 = VpnService.this.TAG;
                aa.d("Received ACTION_SCREEN_OFF, this is not expected!");
                return;
            }
            if (intent.getAction().equals("android.intent.action.SCREEN_ON")) {
                VpnService.this.m_active = true;
                try {
                    VpnService.this.mBinder.startReconnect(5000, true);
                    return;
                } catch (RemoteException e) {
                    String unused4 = VpnService.this.TAG;
                    aa.a("Unable to start reconnect");
                    return;
                }
            }
            if (intent.getAction().equals("android.intent.action.USER_PRESENT")) {
                VpnService.this.m_active = true;
                try {
                    VpnService.this.mBinder.startReconnect(0, true);
                    return;
                } catch (RemoteException e2) {
                    String unused5 = VpnService.this.TAG;
                    aa.a("Unable to start reconnect");
                    return;
                }
            }
            NetworkInfo networkInfo = (NetworkInfo) intent.getParcelableExtra("networkInfo");
            if (networkInfo != null) {
                NetworkInfo.State state = networkInfo.getState();
                if (networkInfo.getType() == 0 || networkInfo.getType() == 1) {
                    if (!state.equals(NetworkInfo.State.CONNECTED)) {
                        if (state.equals(NetworkInfo.State.DISCONNECTED) && VpnService.this.mAccelMode == 2) {
                            String unused6 = VpnService.this.TAG;
                            aa.a("network disconnected. call accelDisable");
                            VpnService.this.accelDisable(1);
                            return;
                        }
                        return;
                    }
                    try {
                        String unused7 = VpnService.this.TAG;
                        aa.a("Starting reconnect Network State Change, mode = " + VpnService.this.mAccelMode);
                        if (VpnService.this.mAccelMode == 2) {
                            String unused8 = VpnService.this.TAG;
                            aa.a("network connected. call accelEnable");
                            VpnService.this.accelEnable(1);
                        } else {
                            VpnService.this.mBinder.startReconnect(2000, true);
                        }
                    } catch (RemoteException e3) {
                        String unused9 = VpnService.this.TAG;
                        aa.a("Unable to start reconnect");
                    }
                }
            }
        }
    }

    static {
        System.loadLibrary("ruby");
        System.loadLibrary("ccmcrypto");
        System.loadLibrary("ccmssl");
        System.loadLibrary("SslVpnEngine");
        sProfileName = null;
        sIsPerAppVpn = false;
        m_threadRunning = 0;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public int checkSetVpnCapable() {
        if (Build.VERSION.SDK_INT >= 14) {
            this.m_VendorId = 4;
        } else if (this.m_VendorId <= 0) {
            setTunCtlName(getApplicationContext().getString(R.string.vpntools_socket_name));
            this.m_VendorId = checkVpnCapable();
            String str = this.TAG;
            aa.a("VPN vendor ID " + this.m_VendorId);
        }
        return this.m_VendorId;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Context getApplicationContext() {
        return this.m_ctx;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isSignedIn() {
        boolean z = getApplicationContext().getSharedPreferences(b.f126a, 0).getBoolean(b.b, false);
        String str = this.TAG;
        aa.a("Signed " + z);
        return z;
    }

    private void restoreConnectionParams() {
        SharedPreferences sharedPreferences = getApplicationContext().getSharedPreferences("VpnServicePrefs", 0);
        this.m_cookies = sharedPreferences.getString("DSID", this.m_cookies);
        this.m_host = sharedPreferences.getString("HOST", this.m_host);
        if (this.m_cookies == null || this.m_host == null) {
            return;
        }
        try {
            startReceiver();
            this.mBinder.startReconnect(0, true);
        } catch (RemoteException e) {
            aa.a((Exception) e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void saveConnectionParams(String str, String str2, String str3) {
        SharedPreferences.Editor edit = getApplicationContext().getSharedPreferences("VpnServicePrefs", 0).edit();
        edit.putString("DSID", str2);
        edit.putString("HOST", str);
        edit.putString("CERT", str3);
        edit.commit();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendDisconnectReason(int i) {
        String[] stringArray = getApplicationContext().getResources().getStringArray(R.array.vpn_disconnect_reasons);
        if (i < 0 || i >= stringArray.length) {
            String str = this.TAG;
            aa.d("sendDisconnectReason id out of range: " + i);
            return;
        }
        Intent intent = new Intent(VPN_SESSION_DISCONNECTED);
        intent.putExtra(VPN_DISCONNECT_REASON_ID, i);
        intent.putExtra(VPN_DISCONNECT_REASON_TEXT, stringArray[i]);
        getApplicationContext().sendBroadcast(intent);
        String str2 = this.TAG;
        aa.a("sendDisconnectReason id=" + i + " text=" + stringArray[i]);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendStateChangeEVent(String str) {
        if (this.m_VendorId != 4) {
            if (str.equals(getApplicationContext().getString(R.string.vpn_action_connected))) {
                af.a(getApplicationContext(), af.n, this.m_FipsEnabled ? 1 : 0);
            } else if (str.equals(getApplicationContext().getString(R.string.vpn_action_disconnected))) {
                af.a(getApplicationContext(), af.n);
            } else if (str.equals(getApplicationContext().getString(R.string.vpn_action_connecting))) {
                af.a(getApplicationContext(), af.n);
            }
        }
        Intent intent = new Intent();
        intent.setAction(getApplicationContext().getString(R.string.vpn_action_name));
        intent.putExtra("HOST", this.m_host);
        intent.putExtra("STATE", str);
        getApplicationContext().sendBroadcast(intent);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void startPuma() {
        String str = this.TAG;
        aa.a("startPuma called");
        new Thread(new Runnable() { // from class: net.juniper.junos.pulse.android.vpnservice.VpnService.2
            @Override // java.lang.Runnable
            public void run() {
                aa.c("Calling accelEnable");
                aa.c("accelEnable returned status = " + VpnService.this.accelEnable(2));
            }
        }).start();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void startReceiver() {
        IntentFilter intentFilter = new IntentFilter("android.net.conn.CONNECTIVITY_CHANGE");
        intentFilter.addAction("android.intent.action.SCREEN_ON");
        intentFilter.addAction("android.intent.action.USER_PRESENT");
        if (this.bReceiver == null) {
            this.bReceiver = new NetworkStateReceiver();
        }
        String str = this.TAG;
        aa.a("Registering broadcast receivers");
        this.m_active = true;
        this.m_svc.registerReceiver(this.bReceiver, intentFilter);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void stopPuma() {
        String str = this.TAG;
        aa.a("stopPuma called");
        new Thread(new Runnable() { // from class: net.juniper.junos.pulse.android.vpnservice.VpnService.3
            @Override // java.lang.Runnable
            public void run() {
                aa.c("Calling accelDisable");
                aa.c("accelDisable returned status = " + VpnService.this.accelDisable(2));
            }
        }).start();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void stopReceiver() {
        if (this.bReceiver != null) {
            String str = this.TAG;
            aa.a("Unregistering broadcast receivers");
            this.m_svc.unregisterReceiver(this.bReceiver);
            this.bReceiver = null;
        }
    }

    public native int accelDisable(int i);

    public native int accelDisableOnSystemEvent();

    public native int accelEnable(int i);

    public native int accelGetStats(AccelStats accelStats);

    public native int accelSetEnable(int i);

    public native int accelSetHost(String str);

    public native int accelShutdown();

    public int addVpnDns(int i) {
        if (this.m_VendorId < 4) {
            return 0;
        }
        return al.b() ? ((VpnServiceKnox) this.m_svc).addVpnDns(i) : ((VpnServiceIcs) this.m_svc).addVpnDns(i);
    }

    public int addVpnIveDns(int i) {
        if (this.m_VendorId < 4) {
            return 0;
        }
        return al.b() ? ((VpnServiceKnox) this.m_svc).addVpnIveDns(i) : ((VpnServiceIcs) this.m_svc).addVpnIveDns(i);
    }

    public int addVpnRoute(int i, int i2) {
        if (this.m_VendorId < 4) {
            return 0;
        }
        return al.b() ? ((VpnServiceKnox) this.m_svc).addVpnRoute(i, i2) : ((VpnServiceIcs) this.m_svc).addVpnRoute(i, i2);
    }

    public native int checkVpnCapable();

    public void clearRouteList() {
        if (this.m_VendorId >= 4) {
            if (al.b()) {
                ((VpnServiceKnox) this.m_svc).clearRouteList();
            } else {
                ((VpnServiceIcs) this.m_svc).clearRouteList();
            }
        }
    }

    public int establishVpn() {
        if (this.m_VendorId < 4) {
            return 0;
        }
        return al.b() ? ((VpnServiceKnox) this.m_svc).establishVpn() : ((VpnServiceIcs) this.m_svc).establishVpn();
    }

    public int getAccelMode() {
        return this.mAccelMode;
    }

    public native int getDisconnectReason();

    public String getHost() {
        return this.m_host;
    }

    public int getIVEHostIP() {
        return this.m_iveIpAddr;
    }

    public native int getNcsvcIp();

    public native int getNcsvcRx();

    public native int getNcsvcState();

    public native int getNcsvcTransport();

    public native int getNcsvcTx();

    public native int initVpnLog(String str);

    public int installCaCert(String str) {
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(fileInputStream);
            fileInputStream.close();
            byte[] encoded = x509Certificate.getEncoded();
            Intent createInstallIntent = KeyChain.createInstallIntent();
            createInstallIntent.putExtra("CERT", encoded);
            createInstallIntent.putExtra(JunosApplication.r, "SMCCert");
            createInstallIntent.addFlags(268435456);
            getApplicationContext().startActivity(createInstallIntent);
            return 0;
        } catch (Exception e) {
            String str2 = this.TAG;
            aa.d("Install certificate: " + e);
            return 0;
        }
    }

    public IBinder onBind(Intent intent) {
        String str = this.TAG;
        aa.a("client Bound");
        return this.mBinder;
    }

    public void onCreate(Context context, Service service) {
        String str = this.TAG;
        aa.a("onCreate");
        this.m_ctx = context;
        this.m_svc = service;
        initVpnLog(this.m_ctx.getFilesDir().getAbsolutePath());
        checkSetVpnCapable();
        if (this.m_VendorId != 4) {
            af.a(getApplicationContext(), af.n);
        }
        restoreConnectionParams();
        m_threadRunning = 0;
    }

    public void onDestroy() {
        String str = this.TAG;
        aa.a("onDestroy(), disabling acceleration");
        int accelDisableOnSystemEvent = accelDisableOnSystemEvent();
        String str2 = this.TAG;
        aa.a("return code = " + accelDisableOnSystemEvent);
    }

    public void onLowMemory() {
        String str = this.TAG;
        aa.a("onLowMemory(), disabling acceleration");
        int accelDisableOnSystemEvent = accelDisableOnSystemEvent();
        String str2 = this.TAG;
        aa.a("return code = " + accelDisableOnSystemEvent);
    }

    public int onStartCommand(Intent intent, int i, int i2) {
        String str = this.TAG;
        aa.a("onStartCommand " + i + i2 + intent);
        return 0;
    }

    public boolean protectSocket(int i) {
        return al.b() ? ((VpnServiceKnox) this.m_svc).protectSocket(i) : ((VpnServiceIcs) this.m_svc).protectSocket(i);
    }

    public native int setDns(int i, int i2);

    public int setSearchDomain(String str) {
        if (this.m_VendorId < 4) {
            return -1;
        }
        return al.b() ? ((VpnServiceKnox) this.m_svc).setSearchDomain(str) : ((VpnServiceIcs) this.m_svc).setSearchDomain(str);
    }

    public void setState(int i) {
        if (this.m_tstate != i) {
            this.m_tstate = i;
            String str = this.TAG;
            aa.a("Tunnel State " + this.m_tstate);
            if (this.m_tstate == 3) {
                this.m_StartTime = System.currentTimeMillis();
                sendStateChangeEVent(getApplicationContext().getString(R.string.vpn_action_connected));
            }
        }
    }

    public void setStats(int i, int i2) {
        this.m_rx = i2;
        this.m_tx = i;
    }

    public native int setTunCtlName(String str);

    public int setVpnIp(int i, int i2) {
        if (this.m_VendorId < 4) {
            return 0;
        }
        return al.b() ? ((VpnServiceKnox) this.m_svc).setVpnIp(i, i2) : ((VpnServiceIcs) this.m_svc).setVpnIp(i, i2);
    }

    public int setVpnMtu(int i) {
        if (this.m_VendorId < 4) {
            return 0;
        }
        return al.b() ? ((VpnServiceKnox) this.m_svc).setVpnMtu(i) : ((VpnServiceIcs) this.m_svc).setVpnMtu(i);
    }

    public native int startNcsvc(String str, String str2, String str3, String str4, String str5, int i);

    public native int stopNcsvc(int i);

    public int stopVpnImpl() {
        try {
            if (this.mAccelMode == 2) {
                this.mBinder.enableAccel(false, this.mAccelMode);
            } else {
                this.mBinder.stopVpn();
            }
        } catch (RemoteException e) {
            e.printStackTrace();
        }
        return 0;
    }

    public int verifyCert(String str) {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            X509TrustManager x509TrustManager = (X509TrustManager) trustManagerFactory.getTrustManagers()[0];
            Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X.509").generateCertificates(new ByteArrayInputStream(str.getBytes()));
            Iterator<? extends Certificate> it = generateCertificates.iterator();
            X509Certificate[] x509CertificateArr = new X509Certificate[generateCertificates.size()];
            int i = 0;
            while (it.hasNext()) {
                x509CertificateArr[i] = (X509Certificate) it.next();
                aa.c(x509CertificateArr[i].getSubjectDN().getName());
                i++;
            }
            x509TrustManager.checkServerTrusted(x509CertificateArr, "RSA");
            return 1;
        } catch (KeyStoreException e) {
            aa.c("KeyStoreException: " + e.getMessage());
            return -8;
        } catch (NoSuchAlgorithmException e2) {
            aa.c("NoSuchAlgorithmException: " + e2.getMessage());
            return -6;
        } catch (CertificateEncodingException e3) {
            aa.c("CertificateEncodingException" + e3.getMessage());
            return -1;
        } catch (CertificateExpiredException e4) {
            aa.c("CertificateExpiredException" + e4.getMessage());
            return -2;
        } catch (CertificateNotYetValidException e5) {
            aa.c("CertificateNotYetValidException" + e5.getMessage());
            return -4;
        } catch (CertificateParsingException e6) {
            aa.c("CertificateParsingException" + e6.getMessage());
            return -3;
        } catch (CertificateException e7) {
            aa.c("CertificateException: " + e7.getMessage());
            return -5;
        }
    }
}
