package org.strongswan.android.logic;

import De.m;
import De.u;
import On.b;
import android.annotation.TargetApi;
import android.app.PendingIntent;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.content.ServiceConnection;
import android.content.pm.PackageManager;
import android.net.VpnService;
import android.os.Build;
import android.os.Bundle;
import android.os.Handler;
import android.os.IBinder;
import android.os.ParcelFileDescriptor;
import android.security.KeyChain;
import android.security.KeyChainException;
import android.system.OsConstants;
import android.text.TextUtils;
import androidx.lifecycle.B;
import androidx.lifecycle.h0;
import androidx.lifecycle.r;
import com.unity3d.ads.core.data.datasource.AndroidStaticDeviceInfoDataSource;
import com.unity3d.services.UnityAdsConstants;
import eo.C3737a;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.Inet4Address;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.nio.ByteBuffer;
import java.nio.channels.ClosedByInterruptException;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Objects;
import java.util.SortedSet;
import java.util.TreeSet;
import jq.InterfaceC4220k;
import kotlin.jvm.functions.Function0;
import kq.AbstractC4424o;
import l3.AbstractC4453a;
import n3.AbstractC4611c;
import n3.g;
import o3.AbstractC4654a;
import org.strongswan.android.logic.VpnStateService;
import org.strongswan.android.logic.imc.ImcState;
import org.strongswan.android.logic.imc.RemediationInstruction;
import org.strongswan.android.utils.Utils;
import os.a;
import os.b;

/* loaded from: classes4.dex */
public class CharonVpnService extends VpnService implements Runnable, VpnStateService.VpnStateListener, B, Ee.e {
    public static final String DISCONNECT_ACTION = "org.strongswan.android.CharonVpnService.DISCONNECT";
    public static final String KEY_IS_RETRY = "retry";
    public static final String LOG_FILE = "ikev2.log";
    private static final String NOTIFICATION_CHANNEL = "org.strongswan.android.CharonVpnService.VPN_STATE_NOTIFICATION";
    private static final String OPTION_CONNECTION_DPDACTION = "connection.dpdaction";
    private static final String OPTION_CONNECTION_DPDACTION_VALUE = "restart";
    private static final String OPTION_CONNECTION_DPDDELAY = "connection.dpddelay";
    private static final String OPTION_CONNECTION_DPDDELAY_VALUE = "20";
    static final int STATE_AUTH_ERROR = 3;
    static final int STATE_CERTIFICATE_UNAVAILABLE = 7;
    static final int STATE_CHILD_SA_DOWN = 2;
    static final int STATE_CHILD_SA_UP = 1;
    static final int STATE_GENERIC_ERROR = 8;
    static final int STATE_LOOKUP_ERROR = 5;
    static final int STATE_PEER_AUTH_ERROR = 4;
    static final int STATE_UNREACHABLE_ERROR = 6;
    public static final int VPN_STATE_NOTIFICATION_ID = 199;
    private String mAppDir;
    private Thread mConnectionHandler;
    private volatile String mCurrentCertificateAlias;
    private os.a mCurrentProfile;
    private volatile String mCurrentUserCertificateAlias;
    private Handler mHandler;
    private volatile boolean mIsDisconnecting;
    private String mLogFile;
    private os.a mNextProfile;
    private volatile boolean mProfileUpdated;
    private VpnStateService mService;
    private volatile boolean mShowNotification;
    private volatile boolean mTerminate;
    public static final String USERNAME = AbstractC4654a.b("d7956403e3");
    public static final String REMOTE_ID = AbstractC4654a.b("e7f44552e7d0f12794c552a351d106e0d5f22390");
    private BuilderAdapter mBuilderAdapter = new BuilderAdapter();
    private final Object mServiceLock = new Object();
    private final ServiceConnection mServiceConnection = new ServiceConnection() { // from class: org.strongswan.android.logic.CharonVpnService.1
        @Override // android.content.ServiceConnection
        public void onServiceConnected(ComponentName componentName, IBinder iBinder) {
            synchronized (CharonVpnService.this.mServiceLock) {
                CharonVpnService.this.mService = ((VpnStateService.LocalBinder) iBinder).getService();
            }
            CharonVpnService.this.mService.registerListener(CharonVpnService.this);
            CharonVpnService.this.mConnectionHandler.start();
        }

        @Override // android.content.ServiceConnection
        public void onServiceDisconnected(ComponentName componentName) {
            synchronized (CharonVpnService.this.mServiceLock) {
                CharonVpnService.this.mService = null;
            }
        }
    };
    private final h0 dispatcher = new h0(this);
    private final InterfaceC4220k router = is.a.d(u.class, null, new Function0() { // from class: org.strongswan.android.logic.a
        @Override // kotlin.jvm.functions.Function0
        public final Object invoke() {
            cs.a lambda$new$0;
            lambda$new$0 = CharonVpnService.this.lambda$new$0();
            return lambda$new$0;
        }
    });

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.strongswan.android.logic.CharonVpnService$3, reason: invalid class name */
    /* loaded from: classes4.dex */
    public static /* synthetic */ class AnonymousClass3 {
        static final /* synthetic */ int[] $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling;

        static {
            int[] iArr = new int[a.EnumC1856a.values().length];
            $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling = iArr;
            try {
                iArr[a.EnumC1856a.SELECTED_APPS_DISABLE.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling[a.EnumC1856a.SELECTED_APPS_EXCLUDE.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling[a.EnumC1856a.SELECTED_APPS_ONLY.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    /* loaded from: classes4.dex */
    public class BuilderAdapter {
        private VpnService.Builder mBuilder;
        private BuilderCache mCache;
        private PacketDropper mDropper = new PacketDropper();
        private BuilderCache mEstablishedCache;
        private os.a mProfile;

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: classes4.dex */
        public class PacketDropper implements Runnable {
            private ParcelFileDescriptor mFd;
            private Thread mThread;

            private PacketDropper() {
            }

            @Override // java.lang.Runnable
            public synchronized void run() {
                int read;
                try {
                    FileInputStream fileInputStream = new FileInputStream(this.mFd.getFileDescriptor());
                    ByteBuffer allocate = ByteBuffer.allocate(BuilderAdapter.this.mCache.mMtu);
                    do {
                        read = fileInputStream.getChannel().read(allocate);
                        allocate.clear();
                    } while (read >= 0);
                } catch (IOException e10) {
                    e10.printStackTrace();
                } catch (InterruptedException | ClosedByInterruptException unused) {
                }
            }

            public void start(ParcelFileDescriptor parcelFileDescriptor) {
                this.mFd = parcelFileDescriptor;
                Thread thread = new Thread(this);
                this.mThread = thread;
                thread.start();
            }

            public void stop() {
                if (this.mFd != null) {
                    try {
                        this.mThread.interrupt();
                        this.mThread.join();
                        this.mFd.close();
                    } catch (IOException e10) {
                        e10.printStackTrace();
                    } catch (InterruptedException e11) {
                        e11.printStackTrace();
                    }
                    this.mFd = null;
                }
            }
        }

        public BuilderAdapter() {
        }

        private VpnService.Builder createBuilder(String str) {
            VpnService.Builder builder = new VpnService.Builder(CharonVpnService.this);
            builder.setSession(str);
            Context applicationContext = CharonVpnService.this.getApplicationContext();
            Intent intent = new Intent();
            intent.setAction(AbstractC4611c.a(".MAIN"));
            builder.setConfigureIntent(PendingIntent.getActivity(applicationContext, 0, intent, 201326592));
            if (Build.VERSION.SDK_INT >= 29) {
                builder.setMetered(false);
            }
            return builder;
        }

        private synchronized ParcelFileDescriptor establishIntern() {
            try {
                this.mCache.applyData(this.mBuilder);
                ParcelFileDescriptor establish = this.mBuilder.establish();
                if (establish != null) {
                    closeBlocking();
                }
                if (establish == null) {
                    return null;
                }
                this.mBuilder = createBuilder(this.mProfile.q());
                this.mEstablishedCache = this.mCache;
                this.mCache = new BuilderCache(this.mProfile);
                return establish;
            } catch (Exception e10) {
                e10.printStackTrace();
                return null;
            }
        }

        public synchronized boolean addAddress(String str, int i10) {
            try {
                this.mCache.addAddress(str, i10);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized boolean addDnsServer(String str) {
            try {
                this.mCache.addDnsServer(str);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized boolean addRoute(String str, int i10) {
            try {
                this.mCache.addRoute(str, i10);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized boolean addSearchDomain(String str) {
            try {
                this.mBuilder.addSearchDomain(str);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized void closeBlocking() {
            this.mDropper.stop();
        }

        public synchronized int establish() {
            ParcelFileDescriptor establishIntern;
            establishIntern = establishIntern();
            return establishIntern != null ? establishIntern.detachFd() : -1;
        }

        @TargetApi(21)
        public synchronized void establishBlocking() {
            this.mCache.addAddress("172.16.252.1", 32);
            this.mCache.addAddress("fd00::fd02:1", 128);
            this.mCache.addRoute("0.0.0.0", 0);
            this.mCache.addRoute("::", 0);
            this.mBuilder.addDnsServer("8.8.8.8");
            this.mBuilder.addDnsServer("2001:4860:4860::8888");
            this.mBuilder.setBlocking(true);
            ParcelFileDescriptor establishIntern = establishIntern();
            if (establishIntern != null) {
                this.mDropper.start(establishIntern);
            }
        }

        public synchronized int establishNoDns() {
            if (this.mEstablishedCache == null) {
                return -1;
            }
            try {
                VpnService.Builder createBuilder = createBuilder(this.mProfile.q());
                this.mEstablishedCache.applyData(createBuilder);
                ParcelFileDescriptor establish = createBuilder.establish();
                if (establish == null) {
                    return -1;
                }
                return establish.detachFd();
            } catch (Exception e10) {
                e10.printStackTrace();
                return -1;
            }
        }

        public synchronized boolean setMtu(int i10) {
            try {
                this.mCache.setMtu(i10);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized void setProfile(os.a aVar) {
            this.mProfile = aVar;
            this.mBuilder = createBuilder(aVar.q());
            this.mCache = new BuilderCache(this.mProfile);
        }
    }

    /* loaded from: classes4.dex */
    public class BuilderCache {
        private final a.EnumC1856a mAppHandling;
        private boolean mDnsServersConfigured;
        private final qs.c mExcludedSubnets;
        private boolean mIPv4Seen;
        private boolean mIPv6Seen;
        private int mMtu;
        private final SortedSet<String> mSelectedApps;
        private final int mSplitTunneling;
        private final List<qs.b> mAddresses = new ArrayList();
        private final List<qs.b> mRoutesIPv4 = new ArrayList();
        private final List<qs.b> mRoutesIPv6 = new ArrayList();
        private final qs.c mIncludedSubnetsv4 = new qs.c();
        private final qs.c mIncludedSubnetsv6 = new qs.c();
        private final List<InetAddress> mDnsServers = new ArrayList();

        public BuilderCache(os.a aVar) {
            Iterator it = qs.c.e(aVar.m()).iterator();
            while (it.hasNext()) {
                qs.b bVar = (qs.b) it.next();
                if (bVar.h() instanceof Inet4Address) {
                    this.mIncludedSubnetsv4.b(bVar);
                } else if (bVar.h() instanceof Inet6Address) {
                    this.mIncludedSubnetsv6.b(bVar);
                }
            }
            this.mExcludedSubnets = qs.c.e(aVar.g());
            Integer w10 = aVar.w();
            this.mSplitTunneling = w10 != null ? w10.intValue() : 0;
            a.EnumC1856a u10 = aVar.u();
            SortedSet<String> v10 = aVar.v();
            this.mSelectedApps = v10;
            if (AnonymousClass3.$SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling[u10.ordinal()] == 1) {
                u10 = a.EnumC1856a.SELECTED_APPS_EXCLUDE;
                v10.clear();
            }
            this.mAppHandling = u10;
            if (aVar.d() != null) {
                for (String str : aVar.d().split("\\s+")) {
                    try {
                        this.mDnsServers.add(Utils.a(str));
                        recordAddressFamily(str);
                        this.mDnsServersConfigured = true;
                    } catch (UnknownHostException e10) {
                        e10.printStackTrace();
                    }
                }
            }
            Integer o10 = aVar.o();
            this.mMtu = o10 == null ? 1500 : o10.intValue();
        }

        private boolean isIPv6(String str) throws UnknownHostException {
            InetAddress a10 = Utils.a(str);
            return !(a10 instanceof Inet4Address) && (a10 instanceof Inet6Address);
        }

        public void addAddress(String str, int i10) {
            try {
                this.mAddresses.add(new qs.b(str, i10));
                recordAddressFamily(str);
            } catch (UnknownHostException e10) {
                e10.printStackTrace();
            }
        }

        public void addDnsServer(String str) {
            if (this.mDnsServersConfigured) {
                return;
            }
            try {
                this.mDnsServers.add(Utils.a(str));
                recordAddressFamily(str);
            } catch (UnknownHostException e10) {
                e10.printStackTrace();
            }
        }

        public void addRoute(String str, int i10) {
            try {
                if (isIPv6(str)) {
                    this.mRoutesIPv6.add(new qs.b(str, i10));
                } else {
                    this.mRoutesIPv4.add(new qs.b(str, i10));
                }
            } catch (UnknownHostException e10) {
                e10.printStackTrace();
            }
        }

        @TargetApi(21)
        public void applyData(VpnService.Builder builder) {
            for (qs.b bVar : this.mAddresses) {
                builder.addAddress(bVar.h(), bVar.i().intValue());
            }
            Iterator<InetAddress> it = this.mDnsServers.iterator();
            while (it.hasNext()) {
                builder.addDnsServer(it.next());
            }
            if ((this.mSplitTunneling & 1) == 0) {
                if (this.mIPv4Seen) {
                    qs.c cVar = new qs.c();
                    if (this.mIncludedSubnetsv4.size() > 0) {
                        cVar.c(this.mIncludedSubnetsv4);
                    } else {
                        cVar.d(this.mRoutesIPv4);
                    }
                    cVar.g(this.mExcludedSubnets);
                    for (qs.b bVar2 : cVar.h()) {
                        try {
                            builder.addRoute(bVar2.h(), bVar2.i().intValue());
                        } catch (IllegalArgumentException e10) {
                            if (!bVar2.h().isMulticastAddress()) {
                                throw e10;
                            }
                        }
                    }
                } else {
                    builder.allowFamily(OsConstants.AF_INET);
                }
            } else if (this.mIPv4Seen) {
                builder.addRoute("0.0.0.0", 0);
            }
            if ((this.mSplitTunneling & 2) == 0) {
                if (this.mIPv6Seen) {
                    qs.c cVar2 = new qs.c();
                    if (this.mIncludedSubnetsv6.size() > 0) {
                        cVar2.c(this.mIncludedSubnetsv6);
                    } else {
                        cVar2.d(this.mRoutesIPv6);
                    }
                    cVar2.g(this.mExcludedSubnets);
                    for (qs.b bVar3 : cVar2.h()) {
                        try {
                            builder.addRoute(bVar3.h(), bVar3.i().intValue());
                        } catch (IllegalArgumentException e11) {
                            if (!bVar3.h().isMulticastAddress()) {
                                throw e11;
                            }
                        }
                    }
                } else {
                    builder.allowFamily(OsConstants.AF_INET6);
                }
            } else if (this.mIPv6Seen) {
                builder.addRoute("::", 0);
            }
            if (this.mSelectedApps.size() > 0) {
                int i10 = AnonymousClass3.$SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling[this.mAppHandling.ordinal()];
                if (i10 == 2) {
                    Iterator<String> it2 = this.mSelectedApps.iterator();
                    while (it2.hasNext()) {
                        try {
                            builder.addDisallowedApplication(it2.next());
                        } catch (PackageManager.NameNotFoundException unused) {
                        }
                    }
                } else if (i10 == 3) {
                    Iterator<String> it3 = this.mSelectedApps.iterator();
                    while (it3.hasNext()) {
                        try {
                            builder.addAllowedApplication(it3.next());
                        } catch (PackageManager.NameNotFoundException unused2) {
                        }
                    }
                }
            }
            builder.setMtu(this.mMtu);
        }

        public void recordAddressFamily(String str) {
            try {
                if (isIPv6(str)) {
                    this.mIPv6Seen = true;
                } else {
                    this.mIPv4Seen = true;
                }
            } catch (UnknownHostException e10) {
                e10.printStackTrace();
            }
        }

        public void setMtu(int i10) {
            this.mMtu = i10;
        }
    }

    static {
        System.loadLibrary("androidbridge");
    }

    private static String getAndroidVersion() {
        return ("Android " + Build.VERSION.RELEASE + " - " + Build.DISPLAY) + UnityAdsConstants.DefaultUrls.AD_ASSET_PATH + Build.VERSION.SECURITY_PATCH;
    }

    public static X509Certificate getCertificate() {
        try {
            return (X509Certificate) CertificateFactory.getInstance(AndroidStaticDeviceInfoDataSource.CERTIFICATE_TYPE_X509).generateCertificate(new ByteArrayInputStream(AbstractC4654a.a("6AddXRehQLCdi1Qbi6+mYRi8ROgjuQoETzsHTjwCH3AqYKI2RCPcF/XIZo3S3TNbyGqU1V8skScWUAFLk8KnoM16Su/cSbJ7aCw2iM4XlA0QGuev+7eaa2uebgW77cDM2VVcrVY8CP0X/QW0GuyNQe+YEPteaJLVruJREAPDl6QQirGr4yKEUfPwUe1CpcRRkEgwGrfK40oytx9Lk+bNAPePIyd7W3LIgCo00g6yeTTmjuOLLbg1nDyiCsl6MZgTMG559viuN0QADQqbNX1k9REGdXdcjngBJRiFvrdgVXWD5s9cBn2Fkldc9r0Aba6QkUKt/sEVWNkUDJlBZKaBNE4zqqL/1FlWFPpGG522j2ZR6BTxDsK8YyMTL4SUAlnbhvk+qGKA0uabk7+CuRqKQO7yagc1RzVPB6eBTTIF50tuqD1yJ21PeOhBK/XujN/vOI9C9Vu68o/rURkE/rTP8oLUODypTX9sQq7xCkgXphrI0LJMISxKlWN6VInystqEvo6vzWuHXI3hkgKvYVMOTTjyeJNjan0c/lb5K97Pcy6s20iG69Z7D2E5QITgxiFCgAqq80tc9qPnQjCjYroA4SDWj2USOtVZH8DnQLSK+zLGSnpj+GNUTFCUYpIJ3GST+drvmmqPXEgc7VRCy0EUMYuMzpVETi/oNahUSfU230bKWuv+X3Uk4c3rwnqrUdatfWqg41ORYvdgFP4lq7vN2qy+Mql0ljVttoDidcANU+AYaYMfBM+H7JefhIOcDL8marymJlstYnPlXml27dYtLjrLrfHwphKwZi8yeYyB0H8ofkmIdDvdIgx673e7oB7cULsUeudi66Is2NQB2SAAbBg9xvSyLKryhakc1BcddXrbSQIA2B3mKV9Qc9mLuh8fmQnzi3pZeMBIIwZ3VgiPR0IJt91e0z2m6/MWzZWsYPEZPlAlcDLvgvaBNyW5PqMrTCBvhyhUJRUDaHteJRwX2SlAzv7c6x9QU1OXSGP4bkZaL6Ln7mQFM8mb4aBJYaiz/HRCLUy4+C68mgXT8TiuzSINDF17W/WAn66pLRRooY0Nqr/MdzEtHZwm1IxkzQGDx/FdmpdO6MXkioc+VfMPJq1y9mBnK1JKFfBPQLM2M3QSpZOqxPD6JqeHDCExjGhupWngzYNHslkOJogu4jDyZU0pHWn2yuWXm7x2Yau5V2psZfpLQWih32sWQ3a1zWL++Ryp7RpSVISCv8yRcFIbKZ/kfjV1LrFQqYy7JYyBwOSeMQeL+ZzFkE8rpmqK8ULmJFv6cYxv5c/ONHNpCLaScVpx+X1VEVicp1Tvxn9gVcs9cgZ5XsAPmkkuGwnpbgySvhAUrf7uAvSU3aUovTyXQ9yE6jiHKXEPVBKBvvvWUYmCDxj0PvPHLpF1/hCvvt0kLdo5L58NkwpEVK+YrMdWwiRDCeFAVCpZ4uW78NO6YT7+b+fkVVij8CqzfgEqfJ+Mw92uoAzM0XHgEzUu47OhyXfsVLIC4P4PjCW1rkP9vkXoNEtN/FvZF55xMZBaLCrVWEMbe8VnGWWY3+ixJXSNjzRkyIEcPpibEabgP6N6tBZpcTVUwKtdZ4ZmyfAf0B7SgAWn7BUX0t4zFSablsa0sOdXsNJWpTCwOCkCr6xfkcTZmPmDZofEPU5Ix4UD7tRAyOZ1nQZgAUaaSrtY5GS7B2QosHB9Qmy/zRjr+vTYQ3ikkLTqkzHQee8UQ4lcOvE5i/u3tFLuJC1jz9jUURbggrBLjcwl7viWlJSyQwEVtWXHEDCGeHXAkvxsejv5GwYElp453fF55WHFUOcjxkckE6rtGRyzMvujNN3jWl7fWvqC6E7mVifbSoxtmz887+gZ8/ww1OZn8jjzro0CbTJNTaVERY/wIeC90hMgHTak3PPAYhNHoIVkFS/v7afsaXYJSCnhrje0bWzc+UKePXnCBi0Gs74H2iH0zS4NSi/O36uZbJMRrb+GynPE7nWVU6SYOSg2MYnfOc0xUpp7vLb7VfYOkfY0+7m7uYfpwnzeXnbHb7xrPJ81xXoutSpnf4goIJ6fAQaoAf2+64VEWW8buRS+tNzf8x1dOm1f7YtfORsOFZ5fReuZlEeYgJxsKPzv1Y+7KU8i4eHJVOOsBrq597LVXo0ZPvjrMImvxT7/c/IH0VvyUNR5T+YaJsFLVPzYfh66dA59VcammB462+9E94o82rj6kVbQD7KD6Tq1w6DADK0W7n4MMdicWbaxrwECoxSrUc8yzM2npk3zs0pOdKz3XwCRiYJSSxCRRBiffwTLifaBvt2El+L+fidAbkDvSvw7vIOLGhMSNwMv0B1QxwaNR20zqNJNCAMPx1b9xfVLWSK370NyyaqWFlNWK72l").getBytes()));
        } catch (Exception e10) {
            e10.printStackTrace();
            return null;
        }
    }

    private static String getDeviceString() {
        return Build.MODEL + " - " + Build.BRAND + UnityAdsConstants.DefaultUrls.AD_ASSET_PATH + Build.PRODUCT + UnityAdsConstants.DefaultUrls.AD_ASSET_PATH + Build.MANUFACTURER;
    }

    private byte[][] getTrustedCertificates() {
        ArrayList arrayList = new ArrayList();
        TrustedCertificateManager load = TrustedCertificateManager.getInstance().load();
        try {
            String str = this.mCurrentCertificateAlias;
            if (str != null) {
                X509Certificate cACertificateFromAlias = load.getCACertificateFromAlias(str);
                if (cACertificateFromAlias == null) {
                    return null;
                }
                arrayList.add(cACertificateFromAlias.getEncoded());
            } else {
                Iterator<X509Certificate> it = load.getAllCACertificates().values().iterator();
                while (it.hasNext()) {
                    arrayList.add(it.next().getEncoded());
                }
            }
            try {
                arrayList.add(getCertificate().getEncoded());
            } catch (Exception e10) {
                e10.printStackTrace();
            }
            return (byte[][]) arrayList.toArray(new byte[arrayList.size()]);
        } catch (CertificateEncodingException e11) {
            e11.printStackTrace();
            return null;
        }
    }

    private byte[][] getUserCertificate() throws KeyChainException, InterruptedException, CertificateEncodingException {
        ArrayList arrayList = new ArrayList();
        X509Certificate[] certificateChain = KeyChain.getCertificateChain(getApplicationContext(), this.mCurrentUserCertificateAlias);
        if (certificateChain == null || certificateChain.length == 0) {
            return null;
        }
        for (X509Certificate x509Certificate : certificateChain) {
            arrayList.add(x509Certificate.getEncoded());
        }
        return (byte[][]) arrayList.toArray(new byte[arrayList.size()]);
    }

    private PrivateKey getUserKey() throws KeyChainException, InterruptedException {
        return KeyChain.getPrivateKey(getApplicationContext(), this.mCurrentUserCertificateAlias);
    }

    private void handleAlwaysOn() {
        us.a.g("charon is trying to start connection due to Always-on", new Object[0]);
        try {
            getRouter().b(m.b(new b.C0529b(true)));
        } catch (Exception unused) {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ cs.a lambda$new$0() {
        return new cs.a(AbstractC4424o.e(new Ee.d(this, this, new Function0<u>() { // from class: org.strongswan.android.logic.CharonVpnService.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // kotlin.jvm.functions.Function0
            public u invoke() {
                return (u) CharonVpnService.this.router.getValue();
            }
        })), null);
    }

    private void setError(VpnStateService.ErrorState errorState) {
        synchronized (this.mServiceLock) {
            try {
                VpnStateService vpnStateService = this.mService;
                if (vpnStateService != null) {
                    vpnStateService.setError(errorState);
                }
            } catch (Throwable th2) {
                throw th2;
            }
        }
    }

    private void setErrorDisconnect(VpnStateService.ErrorState errorState) {
        us.a.g("setErrorDisconnect error = " + errorState, new Object[0]);
        synchronized (this.mServiceLock) {
            try {
                if (this.mService != null && !this.mIsDisconnecting) {
                    this.mService.setError(errorState);
                }
            } catch (Throwable th2) {
                throw th2;
            }
        }
    }

    private void setImcState(ImcState imcState) {
        synchronized (this.mServiceLock) {
            try {
                VpnStateService vpnStateService = this.mService;
                if (vpnStateService != null) {
                    vpnStateService.setImcState(imcState);
                }
            } catch (Throwable th2) {
                throw th2;
            }
        }
    }

    private void setNextProfile(os.a aVar) {
        synchronized (this) {
            this.mNextProfile = aVar;
            this.mProfileUpdated = true;
            notifyAll();
        }
    }

    private void setState(VpnStateService.State state) {
        synchronized (this.mServiceLock) {
            try {
                VpnStateService vpnStateService = this.mService;
                if (vpnStateService != null) {
                    vpnStateService.setState(state);
                }
            } catch (Throwable th2) {
                throw th2;
            }
        }
    }

    private void startConnection(os.a aVar) {
        synchronized (this.mServiceLock) {
            try {
                VpnStateService vpnStateService = this.mService;
                if (vpnStateService != null) {
                    vpnStateService.startConnection(aVar);
                }
            } catch (Throwable th2) {
                throw th2;
            }
        }
    }

    private void stopCurrentConnection() {
        synchronized (this) {
            try {
                os.a aVar = this.mNextProfile;
                if (aVar != null) {
                    this.mBuilderAdapter.setProfile(aVar);
                    this.mBuilderAdapter.establishBlocking();
                }
                if (this.mCurrentProfile != null) {
                    setState(VpnStateService.State.DISCONNECTING);
                    this.mIsDisconnecting = true;
                    SimpleFetcher.disable();
                    deinitializeCharon();
                    us.a.g("charon stopped", new Object[0]);
                    this.mCurrentProfile = null;
                    if (this.mNextProfile == null) {
                        this.mBuilderAdapter.closeBlocking();
                    }
                }
            } catch (Throwable th2) {
                throw th2;
            }
        }
    }

    public void addRemediationInstruction(String str) {
        for (RemediationInstruction remediationInstruction : RemediationInstruction.fromXml(str)) {
            synchronized (this.mServiceLock) {
                try {
                    VpnStateService vpnStateService = this.mService;
                    if (vpnStateService != null) {
                        vpnStateService.addRemediationInstruction(remediationInstruction);
                    }
                } finally {
                }
            }
        }
    }

    public native void deinitializeCharon();

    @Override // androidx.lifecycle.B
    public r getLifecycle() {
        return this.dispatcher.a();
    }

    @Override // Ee.e
    public u getRouter() {
        return (u) this.router.getValue();
    }

    public native boolean initializeCharon(BuilderAdapter builderAdapter, String str, String str2, boolean z10, boolean z11);

    public native void initiate(String str);

    @Override // android.app.Service
    public void onCreate() {
        this.mLogFile = getFilesDir().getAbsolutePath() + File.separator + LOG_FILE;
        this.mAppDir = getFilesDir().getAbsolutePath();
        this.mHandler = new Handler(getMainLooper());
        this.mConnectionHandler = new Thread(this);
        bindService(new Intent(this, (Class<?>) VpnStateService.class), this.mServiceConnection, 1);
    }

    @Override // android.app.Service
    public void onDestroy() {
        this.mTerminate = true;
        setNextProfile(null);
        try {
            this.mConnectionHandler.join();
        } catch (InterruptedException e10) {
            e10.printStackTrace();
        }
        VpnStateService vpnStateService = this.mService;
        if (vpnStateService != null) {
            vpnStateService.unregisterListener(this);
            unbindService(this.mServiceConnection);
        }
    }

    @Override // android.net.VpnService
    public void onRevoke() {
        setNextProfile(null);
    }

    @Override // android.app.Service
    public int onStartCommand(Intent intent, int i10, int i11) {
        os.a aVar;
        if (intent == null) {
            return 2;
        }
        us.a.g("start charon service... action = %s", intent.getAction());
        if (Objects.equals(intent.getAction(), "android.net.VpnService")) {
            handleAlwaysOn();
            return 1;
        }
        Bundle extras = intent.getExtras();
        boolean z10 = false;
        if (extras == null || TextUtils.equals(intent.getAction(), DISCONNECT_ACTION)) {
            aVar = null;
        } else {
            aVar = new os.a();
            aVar.F(extras.getString("name"));
            aVar.D(extras.getString("gateway"));
            aVar.M(USERNAME);
            aVar.H(Integer.valueOf(extras.getInt("bundle_ikev2_port")));
            aVar.G(extras.getString("obfs"));
            aVar.E(extras.getString("local_id"));
            aVar.I(REMOTE_ID);
            aVar.B(1);
            aVar.N(os.b.f55798d);
            z10 = extras.getBoolean(KEY_IS_RETRY, false);
            boolean d10 = g.d();
            us.a.g("charon allowedAllApps = %s", Boolean.valueOf(d10));
            if (d10) {
                aVar.L(a.EnumC1856a.SELECTED_APPS_EXCLUDE);
                aVar.K(new TreeSet(AbstractC4453a.a()));
            } else {
                aVar.L(a.EnumC1856a.SELECTED_APPS_ONLY);
                aVar.J(g.c());
            }
        }
        if (aVar != null && !z10) {
            deleteFile(LOG_FILE);
        }
        setNextProfile(aVar);
        return 2;
    }

    @Override // java.lang.Runnable
    public void run() {
        while (true) {
            synchronized (this) {
                while (!this.mProfileUpdated) {
                    try {
                        try {
                            wait();
                        } catch (InterruptedException unused) {
                            stopCurrentConnection();
                            setState(VpnStateService.State.DISABLED);
                        }
                    } catch (Throwable th2) {
                        throw th2;
                    }
                }
                this.mProfileUpdated = false;
                stopCurrentConnection();
                os.a aVar = this.mNextProfile;
                if (aVar == null) {
                    setState(VpnStateService.State.DISABLED);
                    if (this.mTerminate) {
                        return;
                    }
                } else {
                    this.mCurrentProfile = aVar;
                    this.mNextProfile = null;
                    this.mCurrentCertificateAlias = aVar.b();
                    this.mCurrentUserCertificateAlias = this.mCurrentProfile.y();
                    startConnection(this.mCurrentProfile);
                    this.mIsDisconnecting = false;
                    SimpleFetcher.enable();
                    this.mBuilderAdapter.setProfile(this.mCurrentProfile);
                    if (initializeCharon(this.mBuilderAdapter, this.mLogFile, this.mAppDir, this.mCurrentProfile.A().h(b.a.BYOD), (this.mCurrentProfile.h().intValue() & 32) != 0)) {
                        us.a.g("charon started", new Object[0]);
                        if (this.mCurrentProfile.A().h(b.a.USER_PASS) && this.mCurrentProfile.r() == null) {
                            setError(VpnStateService.ErrorState.PASSWORD_MISSING);
                        } else {
                            qs.e eVar = new qs.e();
                            eVar.g("global.language", Locale.getDefault().getLanguage());
                            eVar.f("global.mtu", this.mCurrentProfile.o());
                            eVar.f("global.nat_keepalive", this.mCurrentProfile.p());
                            eVar.e("global.rsa_pss", Boolean.valueOf((this.mCurrentProfile.h().intValue() & 16) != 0));
                            eVar.e("global.crl", Boolean.valueOf((this.mCurrentProfile.h().intValue() & 2) == 0));
                            eVar.e("global.ocsp", Boolean.valueOf((this.mCurrentProfile.h().intValue() & 4) == 0));
                            eVar.g("connection.type", this.mCurrentProfile.A().f());
                            eVar.g("connection.server", this.mCurrentProfile.j());
                            eVar.f("connection.port", this.mCurrentProfile.s());
                            eVar.g("connection.username", this.mCurrentProfile.z());
                            eVar.g("connection.password", this.mCurrentProfile.r());
                            eVar.g("connection.local_id", this.mCurrentProfile.n());
                            eVar.g("connection.remote_id", this.mCurrentProfile.t());
                            eVar.e("connection.certreq", Boolean.valueOf((this.mCurrentProfile.h().intValue() & 1) == 0));
                            eVar.e("connection.strict_revocation", Boolean.valueOf((this.mCurrentProfile.h().intValue() & 8) != 0));
                            eVar.g("connection.ike_proposal", this.mCurrentProfile.l());
                            eVar.g("connection.esp_proposal", this.mCurrentProfile.f());
                            eVar.g(OPTION_CONNECTION_DPDACTION, OPTION_CONNECTION_DPDACTION_VALUE);
                            eVar.g(OPTION_CONNECTION_DPDDELAY, OPTION_CONNECTION_DPDDELAY_VALUE);
                            initiate(eVar.c());
                        }
                    } else {
                        us.a.e("failed to start charon", new Object[0]);
                        setError(VpnStateService.ErrorState.GENERIC_ERROR);
                        setState(VpnStateService.State.DISABLED);
                        this.mCurrentProfile = null;
                    }
                }
            }
        }
    }

    @Override // org.strongswan.android.logic.VpnStateService.VpnStateListener
    public void stateChanged(C3737a c3737a) {
    }

    public void updateImcState(int i10) {
        ImcState fromValue = ImcState.fromValue(i10);
        if (fromValue != null) {
            setImcState(fromValue);
        }
    }

    public void updateStatus(int i10) {
        switch (i10) {
            case 1:
                setState(VpnStateService.State.CONNECTED);
                return;
            case 2:
                if (this.mIsDisconnecting) {
                    return;
                }
                setState(VpnStateService.State.CONNECTING);
                return;
            case 3:
                setErrorDisconnect(VpnStateService.ErrorState.AUTH_FAILED);
                return;
            case 4:
                setErrorDisconnect(VpnStateService.ErrorState.PEER_AUTH_FAILED);
                return;
            case 5:
                setErrorDisconnect(VpnStateService.ErrorState.LOOKUP_FAILED);
                return;
            case 6:
                setErrorDisconnect(VpnStateService.ErrorState.UNREACHABLE);
                return;
            case 7:
                setErrorDisconnect(VpnStateService.ErrorState.CERTIFICATE_UNAVAILABLE);
                return;
            case 8:
                setErrorDisconnect(VpnStateService.ErrorState.GENERIC_ERROR);
                return;
            default:
                us.a.e("Unknown status code received", new Object[0]);
                return;
        }
    }
}
