package com.mobileiron.compliance.vpn;

import android.util.Base64;
import com.mobileiron.R;
import com.mobileiron.common.o;
import com.mobileiron.compliance.utils.ConfigurationErrors;
import com.mobileiron.signal.SignalName;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;

/* loaded from: classes.dex */
public final class VPNManager extends com.mobileiron.compliance.a implements com.mobileiron.signal.c {
    private static final Set<String> b = new HashSet();
    private static final Set<String> c = new HashSet();
    private b[] d;
    private com.mobileiron.acom.core.utils.k[] e;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public enum VpnProviderType {
        CISCO_ANYCONNECT,
        PULSE_SECURE,
        F5,
        KNOX,
        PALOALTONETWORKS_GLOBALPROTECT
    }

    static {
        b.add("VPN");
        c.add("com.f5.F5-Edge-Client.vpnplugin");
        c.add("net.juniper.sslvpn");
        c.add("net.pulsesecure.PulseSecure.vpnplugin");
        c.add("com.cisco.anyconnect.applevpn.plugin");
        c.add("net.openvpn.plugin");
        c.add("com.paloaltonetworks.GlobalProtect.vpnplugin");
        c.add("com.mitunnel.samsung.knox");
    }

    public VPNManager(String str) {
        super(str);
        this.e = new com.mobileiron.acom.core.utils.k[0];
        this.d = new b[VpnProviderType.values().length];
        this.d[VpnProviderType.CISCO_ANYCONNECT.ordinal()] = new e();
        this.d[VpnProviderType.PULSE_SECURE.ordinal()] = new n();
        this.d[VpnProviderType.F5.ordinal()] = new h();
        this.d[VpnProviderType.KNOX.ordinal()] = new KnoxVPNProvider();
        this.d[VpnProviderType.PALOALTONETWORKS_GLOBALPROTECT.ordinal()] = new m();
        com.mobileiron.signal.b.a().a((com.mobileiron.signal.c) this);
    }

    public static VPNManager a() {
        return (VPNManager) com.mobileiron.compliance.b.a().e("VPNManager");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean c(String str) {
        return com.mobileiron.acom.core.utils.d.a(str, "net.juniper.sslvpn") || com.mobileiron.acom.core.utils.d.a(str, "net.pulsesecure.PulseSecure.vpnplugin");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String e(com.mobileiron.acom.core.utils.k kVar) {
        String h = kVar.h("ipsecCertContent");
        if (StringUtils.isBlank(h)) {
            return null;
        }
        return com.mobileiron.acom.core.utils.a.c.b(Base64.decode(h, 0), kVar.h("ipsecPasskey"));
    }

    public final String K() {
        com.mobileiron.acom.core.utils.k[] b2 = this.d[VpnProviderType.KNOX.ordinal()].b();
        if (b2 == null || b2.length <= 0) {
            return null;
        }
        switch (KnoxVPNProvider.h(b2[0])) {
            case KNOX_VPN_SSL_CISCO:
                return "com.cisco.anyconnect.vpn.android.avf";
            case KNOX_VPN_SSL_F5:
                return "com.f5.edge.client_ics";
            case KNOX_VPN_SSL_JUNIPER:
                return "net.pulsesecure.pulsesecure";
            case KNOX_VPN_SSL_OPENVPN:
                return "net.openvpn.knox.connect";
            case KNOX_VPN_SSL_MITUNNEL:
                return "com.mobileiron.tunnel.android.release";
            default:
                return null;
        }
    }

    public final com.mobileiron.acom.core.utils.k L() {
        com.mobileiron.acom.core.utils.k[] b2 = this.d[VpnProviderType.KNOX.ordinal()].b();
        if (b2 == null || b2.length <= 0) {
            return null;
        }
        return b2[0];
    }

    @Override // com.mobileiron.compliance.a
    public final void a(int i, int i2) {
    }

    @Override // com.mobileiron.compliance.a
    public final void a(com.mobileiron.acom.core.utils.k kVar) {
        StringBuilder sb = new StringBuilder();
        for (b bVar : this.d) {
            for (com.mobileiron.acom.core.utils.k kVar2 : bVar.f()) {
                String h = kVar2.h("ipsecRemoteAddress");
                if (h != null) {
                    if (sb.length() > 0) {
                        sb.append(";");
                    }
                    sb.append(h);
                }
            }
        }
        String sb2 = sb.toString();
        if (StringUtils.isBlank(sb2)) {
            sb2 = "CLOSELOOP_BLANK";
        }
        kVar.b("prv_vpn_servers", sb2);
    }

    @Override // com.mobileiron.compliance.a
    public final void a(String str, String str2) {
        for (b bVar : this.d) {
            bVar.a(str);
        }
    }

    public final boolean a(String str) {
        for (com.mobileiron.acom.core.utils.k kVar : this.e) {
            if (kVar.i("perAppVpn") && str.equals(com.mobileiron.compliance.utils.b.a(kVar))) {
                return false;
            }
        }
        return true;
    }

    public final String b() {
        com.mobileiron.acom.core.utils.k[] b2 = this.d[VpnProviderType.CISCO_ANYCONNECT.ordinal()].b();
        if (b2 != null && b2.length > 0) {
            return "com.cisco.anyconnect.vpn.android.avf";
        }
        com.mobileiron.acom.core.utils.k[] b3 = this.d[VpnProviderType.PULSE_SECURE.ordinal()].b();
        if (b3 != null && b3.length > 0) {
            return "net.pulsesecure.pulsesecure";
        }
        com.mobileiron.acom.core.utils.k[] b4 = this.d[VpnProviderType.F5.ordinal()].b();
        if (b4 != null && b4.length > 0) {
            return "com.f5.edge.client_ics";
        }
        com.mobileiron.acom.core.utils.k[] b5 = this.d[VpnProviderType.PALOALTONETWORKS_GLOBALPROTECT.ordinal()].b();
        if (b5 == null || b5.length <= 0) {
            return null;
        }
        return "com.paloaltonetworks.globalprotect";
    }

    public final boolean b(String str) {
        for (com.mobileiron.acom.core.utils.k kVar : this.e) {
            if (kVar.i("perAppVpn") && str.equals(com.mobileiron.compliance.utils.b.a(kVar)) && com.mobileiron.compliance.utils.b.a(kVar.h("ipsecOnDemandEnabled"))) {
                return true;
            }
        }
        return false;
    }

    @Override // com.mobileiron.compliance.a
    public final boolean b(String str, String str2) {
        for (b bVar : this.d) {
            bVar.a(str, str2);
        }
        return false;
    }

    @Override // com.mobileiron.compliance.a
    public final String c() {
        return "VPNManager_internal";
    }

    @Override // com.mobileiron.compliance.a
    public final void c(com.mobileiron.acom.core.utils.k kVar) {
        this.e = new com.mobileiron.acom.core.utils.k[0];
        ConfigurationErrors a2 = ConfigurationErrors.a();
        a2.a(ConfigurationErrors.ConfigurationType.VPN);
        if (kVar == null) {
            super.c((com.mobileiron.acom.core.utils.k) null);
            return;
        }
        C();
        int k = kVar.k("AppSetting");
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < k; i++) {
            com.mobileiron.acom.core.utils.k b2 = kVar.b("AppSetting", i);
            if (b2 == null) {
                o.b("VPNManager", "VPN config malformed. Rejecting.");
            } else {
                com.mobileiron.acom.core.utils.k b3 = b2.b("vpnSettings", "vpnSetting");
                if (b3 == null) {
                    o.b("VPNManager", "VPN config malformed. Rejecting.");
                } else {
                    String h = b3.h("userDefinedName");
                    if (StringUtils.isBlank(h)) {
                        o.b("VPNManager", "VPN Config missing name. Rejecting.");
                    } else {
                        a2.a(ConfigurationErrors.ConfigurationType.VPN, h);
                        String h2 = b3.h("connectionType");
                        if (StringUtils.isBlank(h2) || !b.contains(h2)) {
                            o.d("VPNManager", "VPN connection type is not supported - rejecting: " + h2);
                            a2.a(ConfigurationErrors.ConfigurationType.VPN, h, R.string.unsupported_vpn_type_error_message, h2);
                        } else {
                            String h3 = b3.h("vpnSubtype");
                            if (StringUtils.isBlank(h3) || c.contains(h3)) {
                                if (!a(b3, (String) null, "caCertFileId", "caCertContent", (String) null)) {
                                    return;
                                }
                                String h4 = b3.h("fileFetchError");
                                if (StringUtils.isNotBlank(h4)) {
                                    ConfigurationErrors.a().a(ConfigurationErrors.ConfigurationType.VPN, h, R.string.file_fetching_failed, h4);
                                } else {
                                    if (!a(b3, "ipsecCertFileProxy", "ipsecCertFileId", "ipsecCertContent", "ipsecPasskey")) {
                                        return;
                                    }
                                    String h5 = b3.h("fileFetchError");
                                    if (StringUtils.isNotBlank(h5)) {
                                        ConfigurationErrors.a().a(ConfigurationErrors.ConfigurationType.VPN, h, R.string.file_fetching_failed, h5);
                                    } else {
                                        if (!a(b3, "sentryCertTag", (String) null, "sentryCert", "sentryCertPassword")) {
                                            return;
                                        }
                                        String h6 = b3.h("fileFetchError");
                                        if (StringUtils.isNotBlank(h6)) {
                                            ConfigurationErrors.a().a(ConfigurationErrors.ConfigurationType.VPN, h, R.string.file_fetching_failed, h6);
                                        } else {
                                            b3.b("ipsecOnDemandEnabled", b3.h("vpnOnDemand"));
                                            arrayList.add(b3);
                                        }
                                    }
                                }
                            } else {
                                o.d("VPNManager", "VPN connection subtype is not supported - rejecting: " + h3);
                                a2.a(ConfigurationErrors.ConfigurationType.VPN, h, R.string.unsupported_vpn_type_error_message, h3);
                            }
                        }
                    }
                }
            }
        }
        D();
        this.e = (com.mobileiron.acom.core.utils.k[]) arrayList.toArray(new com.mobileiron.acom.core.utils.k[0]);
        super.c(kVar);
    }

    @Override // com.mobileiron.compliance.a
    public final int f() {
        if (com.mobileiron.compliance.c.a.a().a(this)) {
            return 6;
        }
        for (b bVar : this.d) {
            ArrayList arrayList = new ArrayList();
            for (com.mobileiron.acom.core.utils.k kVar : this.e) {
                if (bVar.a(kVar)) {
                    ConfigurationErrors.a().b(ConfigurationErrors.ConfigurationType.VPN, b.e(kVar));
                    arrayList.add(new com.mobileiron.acom.core.utils.k(kVar));
                } else {
                    com.mobileiron.acom.core.utils.k c2 = bVar.b.c(kVar);
                    if (c2 != null) {
                        bVar.d(c2);
                        bVar.b.b(c2);
                    }
                }
            }
            bVar.a((com.mobileiron.acom.core.utils.k[]) arrayList.toArray(new com.mobileiron.acom.core.utils.k[0]));
        }
        for (b bVar2 : this.d) {
            if (!bVar2.c()) {
                o.g("VPNManager", "at least one provider is not compliant. Returning COMPLIANCE_WANT_SYNC");
                return 2;
            }
        }
        o.g("VPNManager", "All providers compliant. Returning COMPLIANCE_COMPLIANT");
        return 0;
    }

    @Override // com.mobileiron.compliance.a
    public final int g() {
        boolean z = true;
        for (b bVar : this.d) {
            z = z && bVar.d();
        }
        return z ? 0 : 1;
    }

    @Override // com.mobileiron.signal.c
    public final SignalName[] getSlots() {
        return new SignalName[]{SignalName.AFW_PROFILE_PROVISIONING_STARTED};
    }

    @Override // com.mobileiron.compliance.a
    public final void h() {
        throw new IllegalStateException("Unexpected call to applyAsynch");
    }

    @Override // com.mobileiron.compliance.a
    public final void i() {
        throw new IllegalStateException("Unexpected call to cancelAsynch");
    }

    @Override // com.mobileiron.compliance.a
    public final void j() {
        o.g("VPNManager", "onRetire");
        for (b bVar : this.d) {
            bVar.e();
        }
        e();
    }

    @Override // com.mobileiron.compliance.a
    public final int k() {
        return R.drawable.vpn_icon;
    }

    @Override // com.mobileiron.compliance.a
    public final int l() {
        return R.drawable.vpn;
    }

    @Override // com.mobileiron.compliance.a
    public final int m() {
        return R.string.prompt_vpn;
    }

    @Override // com.mobileiron.compliance.a
    public final String n() {
        return this.f2652a.getString(R.string.compliance_vpn_manager);
    }

    @Override // com.mobileiron.signal.c
    public final boolean slot(SignalName signalName, Object[] objArr) {
        if (signalName.equals(SignalName.AFW_PROFILE_PROVISIONING_STARTED)) {
            x();
            return true;
        }
        throw new RuntimeException("Unexpected signal: " + signalName);
    }
}
