package org.strongswan.android;

import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.content.ServiceConnection;
import android.os.Bundle;
import android.os.IBinder;
import android.support.annotation.NonNull;
import android.support.annotation.Nullable;
import com.android.lib_vpn.IVpnClient;
import com.android.lib_vpn.Protocol;
import com.android.lib_vpn.VpnClient;
import com.android.lib_vpn.VpnState;
import com.android.lib_vpn.error.AuthenticationError;
import com.android.lib_vpn.error.CertificateError;
import com.android.lib_vpn.error.NoConnectionError;
import com.android.lib_vpn.error.NotInitializedError;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import org.strongswan.android.data.VpnProfile;
import org.strongswan.android.data.VpnProfileDataSource;
import org.strongswan.android.data.VpnType;
import org.strongswan.android.logic.CharonVpnService;
import org.strongswan.android.logic.TrustedCertificateManager;
import org.strongswan.android.logic.VpnStateService;
import org.strongswan.android.security.LocalCertificateKeyStoreProvider;

/* loaded from: classes.dex */
public final class StrongswanVpnClient extends VpnClient implements IStrongswanVpnClient, ServiceConnection, VpnStateService.VpnStateListener {
    private static Context context;
    private VpnProfileDataSource dataSource;
    private VpnProfile profile;
    private Intent startIntent;
    private VpnStateService stateService;
    private boolean unreachable;

    static {
        Security.addProvider(new LocalCertificateKeyStoreProvider());
    }

    public StrongswanVpnClient(@NonNull Context context2) {
        super(context2);
        context = context2;
        this.dataSource = new VpnProfileDataSource(context2);
        this.dataSource.open();
        this.profile = this.dataSource.getVpnProfile(1L);
        if (this.profile == null) {
            this.profile = new VpnProfile();
            this.profile.setName(context2.getString(context2.getApplicationInfo().labelRes));
            this.profile.setVpnType(VpnType.IKEV2_EAP);
            this.profile.setGateway("");
            this.profile = this.dataSource.insertProfile(this.profile);
        }
        this.dataSource.close();
    }

    public static Context getContext() {
        return context;
    }

    private void saveProfile(@NonNull VpnProfile vpnProfile) {
        if (vpnProfile.getId() > 0) {
            this.dataSource.open();
            this.dataSource.updateVpnProfile(vpnProfile);
            this.dataSource.close();
        }
    }

    @Override // com.android.lib_vpn.VpnClient
    @Nullable
    protected String getPassword() {
        if (this.profile != null) {
            return this.profile.getPassword();
        }
        return null;
    }

    @Override // com.android.lib_vpn.VpnClient
    @Nullable
    protected String getUsername() {
        if (this.profile != null) {
            return this.profile.getUsername();
        }
        return null;
    }

    @Override // com.android.lib_vpn.VpnClient
    protected void onConnect() {
        if (this.profile == null) {
            return;
        }
        this.startIntent = new Intent(context, (Class<?>) CharonVpnService.class);
        Bundle bundle = new Bundle();
        bundle.putLong(VpnProfileDataSource.KEY_ID, this.profile.getId());
        bundle.putString(VpnProfileDataSource.KEY_USERNAME, this.profile.getUsername());
        bundle.putString(VpnProfileDataSource.KEY_PASSWORD, this.profile.getPassword());
        this.startIntent.putExtras(bundle);
        context.startService(this.startIntent);
    }

    @Override // com.android.lib_vpn.VpnClient
    protected void onDisconnect() {
        if (this.startIntent == null) {
            onStateChanged(new VpnState.Disconnected());
        } else {
            this.startIntent = null;
            context.startService(new Intent(context, (Class<?>) CharonVpnService.class));
        }
    }

    @Override // android.content.ServiceConnection
    public void onServiceConnected(ComponentName componentName, IBinder iBinder) {
        this.stateService = ((VpnStateService.LocalBinder) iBinder).getService();
        this.stateService.registerListener(this);
    }

    @Override // android.content.ServiceConnection
    public void onServiceDisconnected(ComponentName componentName) {
        this.stateService.unregisterListener(this);
        this.stateService = null;
    }

    @Override // com.android.lib_vpn.VpnClient
    protected void setIpAddress(@NonNull String str) {
        if (this.profile != null) {
            this.profile.setGateway(str);
            saveProfile(this.profile);
        }
    }

    @Override // com.android.lib_vpn.VpnClient, com.android.lib_vpn.IVpnClient
    public void setListener(@Nullable IVpnClient.Listener listener) {
        super.setListener(listener);
        if (listener != null) {
            context.bindService(new Intent(context, (Class<?>) VpnStateService.class), this, 1);
            return;
        }
        try {
            context.unbindService(this);
        } catch (IllegalArgumentException e) {
            e.printStackTrace();
        }
    }

    @Override // com.android.lib_vpn.IVpnClient
    public void setPassword(@Nullable String str) {
        if (this.profile != null) {
            this.profile.setPassword(str);
            saveProfile(this.profile);
        }
    }

    @Override // com.android.lib_vpn.IVpnClient
    public void setPort(@Nullable String str) {
    }

    @Override // com.android.lib_vpn.IVpnClient
    public void setProfile(@NonNull InputStream inputStream) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("LocalCertificateStore");
        keyStore.load(null, null);
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            keyStore.deleteEntry(aliases.nextElement());
        }
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
        keyStore.setCertificateEntry(null, x509Certificate);
        this.profile.setCertificateAlias(keyStore.getCertificateAlias(x509Certificate));
        saveProfile(this.profile);
        TrustedCertificateManager.getInstance().load();
    }

    @Override // com.android.lib_vpn.IVpnClient
    public void setProtocol(@NonNull Protocol protocol) {
    }

    @Override // org.strongswan.android.IStrongswanVpnClient
    public void setRemoteId(@NonNull String str) {
        if (this.profile != null) {
            this.profile.setRemoteId(str);
            saveProfile(this.profile);
        }
    }

    @Override // com.android.lib_vpn.IVpnClient
    public void setSplitTunneling(boolean z) {
        this.profile.setSplitTunneling(Integer.valueOf(z ? 3 : 0));
    }

    @Override // com.android.lib_vpn.IVpnClient
    public void setUsername(@Nullable String str) {
        if (this.profile != null) {
            this.profile.setUsername(str);
            saveProfile(this.profile);
        }
    }

    @Override // org.strongswan.android.logic.VpnStateService.VpnStateListener
    public void stateChanged() {
        if (VpnStateService.ErrorState.NO_ERROR == this.stateService.getErrorState()) {
            switch (this.stateService.getState()) {
                case CONNECTED:
                    onStateChanged(new VpnState.Connected(this.profile.getGateway()));
                    return;
                case DISABLED:
                case DISCONNECTING:
                    onStateChanged(new VpnState.Disconnected());
                    return;
                case CONNECTING:
                    this.unreachable = false;
                    onStateChanged(new VpnState.Connecting("Connecting"));
                    return;
                default:
                    return;
            }
        }
        switch (this.stateService.getErrorState()) {
            case UNREACHABLE:
                this.unreachable = true;
                return;
            case AUTH_FAILED:
                if (this.unreachable) {
                    onStateChanged(new NoConnectionError());
                    return;
                } else {
                    onStateChanged(new AuthenticationError());
                    return;
                }
            case PEER_AUTH_FAILED:
                onStateChanged(new CertificateError());
                return;
            case NOT_INITIALIZED:
                onStateChanged(new NotInitializedError());
                return;
            default:
                onStateChanged(new VpnState.Error());
                return;
        }
    }
}
