package com.google.android.libraries.privacy.ppn.krypton;

import android.content.Context;
import android.net.IpSecAlgorithm;
import android.net.IpSecManager;
import android.net.IpSecTransform;
import android.os.ParcelFileDescriptor;
import android.util.Log;
import defpackage.ixs;
import defpackage.ixw;
import defpackage.msd;
import java.io.IOException;
import java.net.DatagramSocket;
import java.net.InetAddress;
import java.util.Arrays;

/* compiled from: PG */
/* loaded from: classes.dex */
public final class KryptonIpSecHelperImpl implements KryptonIpSecHelper {
    private static final String TAG = "KryptonIpSecHelperImpl";
    private final Context context;
    private final IpSecManager ipSecManager;
    private final ixw xenon;
    private IpSecManager.SecurityParameterIndex uplinkSpi = null;
    private IpSecManager.SecurityParameterIndex downlinkSpi = null;
    private IpSecTransform inTransform = null;
    private IpSecTransform outTransform = null;
    private IpSecManager.UdpEncapsulationSocket encapsulationSocket = null;
    private final Object lock = new Object();

    public KryptonIpSecHelperImpl(Context context, ixw ixwVar) {
        this.context = context;
        this.ipSecManager = (IpSecManager) context.getSystemService("ipsec");
        this.xenon = ixwVar;
    }

    private IpSecTransform buildTransform(InetAddress inetAddress, IpSecManager.SecurityParameterIndex securityParameterIndex, byte[] bArr, int i) {
        IpSecTransform.Builder authenticatedEncryption = new IpSecTransform.Builder(this.context).setAuthenticatedEncryption(new IpSecAlgorithm("rfc4106(gcm(aes))", bArr, 128));
        IpSecManager.UdpEncapsulationSocket udpEncapsulationSocket = this.encapsulationSocket;
        if (udpEncapsulationSocket != null) {
            authenticatedEncryption = authenticatedEncryption.setIpv4Encapsulation(udpEncapsulationSocket, i);
        }
        return authenticatedEncryption.buildTransportModeTransform(inetAddress, securityParameterIndex);
    }

    private void close() {
        synchronized (this.lock) {
            IpSecManager.SecurityParameterIndex securityParameterIndex = this.uplinkSpi;
            if (securityParameterIndex != null) {
                securityParameterIndex.close();
                this.uplinkSpi = null;
            }
            IpSecManager.SecurityParameterIndex securityParameterIndex2 = this.downlinkSpi;
            if (securityParameterIndex2 != null) {
                securityParameterIndex2.close();
                this.downlinkSpi = null;
            }
            IpSecTransform ipSecTransform = this.inTransform;
            if (ipSecTransform != null) {
                ipSecTransform.close();
                this.inTransform = null;
            }
            IpSecTransform ipSecTransform2 = this.outTransform;
            if (ipSecTransform2 != null) {
                ipSecTransform2.close();
                this.outTransform = null;
            }
            IpSecManager.UdpEncapsulationSocket udpEncapsulationSocket = this.encapsulationSocket;
            if (udpEncapsulationSocket != null) {
                try {
                    udpEncapsulationSocket.close();
                    this.encapsulationSocket = null;
                } catch (IOException e) {
                    Log.w(TAG, "Exception while closing encapsulation socket.", e);
                }
            }
        }
    }

    private static InetAddress getDestinationAddress(ixs ixsVar, String str) {
        return ixsVar.b.getByName(str);
    }

    private static byte[] getKeyingMaterial(msd msdVar, msd msdVar2) {
        byte[] B = msdVar.B();
        byte[] B2 = msdVar2.B();
        int length = B.length;
        int length2 = B2.length;
        byte[] copyOf = Arrays.copyOf(B, length + length2);
        System.arraycopy(B2, 0, copyOf, length, length2);
        return copyOf;
    }

    private InetAddress getLocalAddress(ixs ixsVar, InetAddress inetAddress) {
        DatagramSocket datagramSocket = new DatagramSocket();
        try {
            ixsVar.b.bindSocket(datagramSocket);
            datagramSocket.connect(inetAddress, 443);
            if (datagramSocket.getLocalAddress().isAnyLocalAddress()) {
                throw new KryptonException("Local address is wildcard address. This usually means the network does not support the same protocol (IPv4 vs IPv6) as the remote address.");
            }
            return datagramSocket.getLocalAddress();
        } finally {
            datagramSocket.close();
        }
    }

    @Override // com.google.android.libraries.privacy.ppn.krypton.KryptonIpSecHelper
    public void removeTransformFromFd(int i) {
        try {
            Log.w(TAG, "Removing transforms.");
            this.ipSecManager.removeTransportModeTransforms(ParcelFileDescriptor.fromFd(i).getFileDescriptor());
            close();
        } catch (IOException e) {
            throw new KryptonException("Error encountered when removing transform from fd.", e);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:28:0x005a, code lost:
    
        if (r4 == 1) goto L17;
     */
    @Override // com.google.android.libraries.privacy.ppn.krypton.KryptonIpSecHelper
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void transformFd(defpackage.iwk r9) {
        /*
            Method dump skipped, instructions count: 268
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.google.android.libraries.privacy.ppn.krypton.KryptonIpSecHelperImpl.transformFd(iwk):void");
    }
}
