package org.strongswan.android.logic;

import android.app.PendingIntent;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.content.ServiceConnection;
import android.net.VpnService;
import android.os.Bundle;
import android.os.IBinder;
import android.os.ParcelFileDescriptor;
import android.security.KeyChain;
import android.security.KeyChainException;
import android.util.Log;
import java.io.File;
import java.net.InetAddress;
import java.net.NetworkInterface;
import java.net.SocketException;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import org.strongswan.android.data.VpnProfile;
import org.strongswan.android.data.VpnProfileDataSource;
import org.strongswan.android.logic.VpnStateService;
import org.strongswan.android.ui.MainActivity;

/* loaded from: classes.dex */
public class CharonVpnService extends VpnService implements Runnable {
    public static final String LOG_FILE = "charon.log";
    static final int STATE_AUTH_ERROR = 3;
    static final int STATE_CHILD_SA_DOWN = 2;
    static final int STATE_CHILD_SA_UP = 1;
    static final int STATE_GENERIC_ERROR = 7;
    static final int STATE_LOOKUP_ERROR = 5;
    static final int STATE_PEER_AUTH_ERROR = 4;
    static final int STATE_UNREACHABLE_ERROR = 6;
    private static final String TAG = CharonVpnService.class.getSimpleName();
    private Thread mConnectionHandler;
    private volatile String mCurrentCertificateAlias;
    private VpnProfile mCurrentProfile;
    private volatile String mCurrentUserCertificateAlias;
    private VpnProfileDataSource mDataSource;
    private volatile boolean mIsDisconnecting;
    private String mLogFile;
    private VpnProfile mNextProfile;
    private volatile boolean mProfileUpdated;
    private VpnStateService mService;
    private volatile boolean mTerminate;
    private final Object mServiceLock = new Object();
    private final ServiceConnection mServiceConnection = new ServiceConnection() { // from class: org.strongswan.android.logic.CharonVpnService.1
        @Override // android.content.ServiceConnection
        public void onServiceConnected(ComponentName componentName, IBinder iBinder) {
            synchronized (CharonVpnService.this.mServiceLock) {
                CharonVpnService.this.mService = ((VpnStateService.LocalBinder) iBinder).getService();
            }
            CharonVpnService.this.mConnectionHandler.start();
        }

        @Override // android.content.ServiceConnection
        public void onServiceDisconnected(ComponentName componentName) {
            synchronized (CharonVpnService.this.mServiceLock) {
                CharonVpnService.this.mService = null;
            }
        }
    };

    /* loaded from: classes.dex */
    public class BuilderAdapter {
        private VpnService.Builder mBuilder;
        private final String mName;

        public BuilderAdapter(String str) {
            this.mName = str;
            this.mBuilder = createBuilder(str);
        }

        private VpnService.Builder createBuilder(String str) {
            VpnService.Builder builder = new VpnService.Builder(CharonVpnService.this);
            builder.setSession(this.mName);
            Context applicationContext = CharonVpnService.this.getApplicationContext();
            builder.setConfigureIntent(PendingIntent.getActivity(applicationContext, 0, new Intent(applicationContext, (Class<?>) MainActivity.class), 268435456));
            return builder;
        }

        public synchronized boolean addAddress(String str, int i) {
            boolean z;
            try {
                this.mBuilder.addAddress(str, i);
                z = true;
            } catch (IllegalArgumentException e) {
                z = false;
            }
            return z;
        }

        public synchronized boolean addDnsServer(String str) {
            boolean z;
            try {
                this.mBuilder.addDnsServer(str);
                z = true;
            } catch (IllegalArgumentException e) {
                z = false;
            }
            return z;
        }

        public synchronized boolean addRoute(String str, int i) {
            boolean z;
            try {
                this.mBuilder.addRoute(str, i);
                z = true;
            } catch (IllegalArgumentException e) {
                z = false;
            }
            return z;
        }

        public synchronized boolean addSearchDomain(String str) {
            boolean z;
            try {
                this.mBuilder.addSearchDomain(str);
                z = true;
            } catch (IllegalArgumentException e) {
                z = false;
            }
            return z;
        }

        public synchronized int establish() {
            int i = -1;
            synchronized (this) {
                try {
                    ParcelFileDescriptor establish = this.mBuilder.establish();
                    if (establish != null) {
                        this.mBuilder = createBuilder(this.mName);
                        i = establish.detachFd();
                    }
                } catch (Exception e) {
                    e.printStackTrace();
                }
            }
            return i;
        }

        public synchronized boolean setMtu(int i) {
            boolean z;
            try {
                this.mBuilder.setMtu(i);
                z = true;
            } catch (IllegalArgumentException e) {
                z = false;
            }
            return z;
        }
    }

    static {
        System.loadLibrary("crypto");
        System.loadLibrary("strongswan");
        System.loadLibrary("hydra");
        System.loadLibrary("charon");
        System.loadLibrary("ipsec");
        System.loadLibrary("androidbridge");
    }

    private static String getLocalIPv4Address() {
        try {
            Enumeration<NetworkInterface> networkInterfaces = NetworkInterface.getNetworkInterfaces();
            while (networkInterfaces.hasMoreElements()) {
                Enumeration<InetAddress> inetAddresses = networkInterfaces.nextElement().getInetAddresses();
                while (inetAddresses.hasMoreElements()) {
                    InetAddress nextElement = inetAddresses.nextElement();
                    if (!nextElement.isLoopbackAddress() && nextElement.getAddress().length == STATE_PEER_AUTH_ERROR) {
                        return nextElement.getHostAddress().toString();
                    }
                }
            }
            return null;
        } catch (SocketException e) {
            e.printStackTrace();
            return null;
        }
    }

    private byte[][] getTrustedCertificates(String str) {
        ArrayList arrayList = new ArrayList();
        TrustedCertificateManager trustedCertificateManager = TrustedCertificateManager.getInstance();
        try {
            if (str != null) {
                X509Certificate cACertificateFromAlias = trustedCertificateManager.getCACertificateFromAlias("user:" + str + ".0");
                if (cACertificateFromAlias == null) {
                    cACertificateFromAlias = trustedCertificateManager.getCACertificateFromAlias("system:" + str + ".0");
                }
                if (cACertificateFromAlias == null) {
                    return null;
                }
                arrayList.add(cACertificateFromAlias.getEncoded());
            } else {
                String str2 = this.mCurrentCertificateAlias;
                if (str2 != null) {
                    X509Certificate cACertificateFromAlias2 = trustedCertificateManager.getCACertificateFromAlias(str2);
                    if (cACertificateFromAlias2 == null) {
                        return null;
                    }
                    arrayList.add(cACertificateFromAlias2.getEncoded());
                } else {
                    Iterator<X509Certificate> it = trustedCertificateManager.getAllCACertificates().values().iterator();
                    while (it.hasNext()) {
                        arrayList.add(it.next().getEncoded());
                    }
                }
            }
            return (byte[][]) arrayList.toArray(new byte[arrayList.size()]);
        } catch (CertificateEncodingException e) {
            e.printStackTrace();
            return null;
        }
    }

    private byte[][] getUserCertificate() throws KeyChainException, InterruptedException, CertificateEncodingException {
        ArrayList arrayList = new ArrayList();
        String str = this.mCurrentUserCertificateAlias;
        PrivateKey privateKey = KeyChain.getPrivateKey(getApplicationContext(), str);
        if (privateKey == null) {
            return null;
        }
        arrayList.add(privateKey.getEncoded());
        X509Certificate[] certificateChain = KeyChain.getCertificateChain(getApplicationContext(), str);
        if (certificateChain == null || certificateChain.length == 0) {
            return null;
        }
        int length = certificateChain.length;
        for (int i = 0; i < length; i += STATE_CHILD_SA_UP) {
            arrayList.add(certificateChain[i].getEncoded());
        }
        return (byte[][]) arrayList.toArray(new byte[arrayList.size()]);
    }

    private void setError(VpnStateService.ErrorState errorState) {
        synchronized (this.mServiceLock) {
            if (this.mService != null) {
                this.mService.setError(errorState);
            }
        }
    }

    private void setErrorDisconnect(VpnStateService.ErrorState errorState) {
        synchronized (this.mServiceLock) {
            if (this.mService != null) {
                this.mService.setError(errorState);
                if (!this.mIsDisconnecting) {
                    this.mService.disconnect();
                }
            }
        }
    }

    private void setNextProfile(VpnProfile vpnProfile) {
        synchronized (this) {
            this.mNextProfile = vpnProfile;
            this.mProfileUpdated = true;
            notifyAll();
        }
    }

    private void setProfile(VpnProfile vpnProfile) {
        synchronized (this.mServiceLock) {
            if (this.mService != null) {
                this.mService.setProfile(vpnProfile);
            }
        }
    }

    private void setState(VpnStateService.State state) {
        synchronized (this.mServiceLock) {
            if (this.mService != null) {
                this.mService.setState(state);
            }
        }
    }

    private void stopCurrentConnection() {
        synchronized (this) {
            if (this.mCurrentProfile != null) {
                setState(VpnStateService.State.DISCONNECTING);
                this.mIsDisconnecting = true;
                deinitializeCharon();
                Log.i(TAG, "charon stopped");
                this.mCurrentProfile = null;
            }
        }
    }

    public native void deinitializeCharon();

    public native void initializeCharon(BuilderAdapter builderAdapter, String str);

    public native void initiate(String str, String str2, String str3, String str4, String str5);

    @Override // android.app.Service
    public void onCreate() {
        this.mLogFile = String.valueOf(getFilesDir().getAbsolutePath()) + File.separator + LOG_FILE;
        this.mDataSource = new VpnProfileDataSource(this);
        this.mDataSource.open();
        this.mConnectionHandler = new Thread(this);
        bindService(new Intent(this, (Class<?>) VpnStateService.class), this.mServiceConnection, STATE_CHILD_SA_UP);
    }

    @Override // android.app.Service
    public void onDestroy() {
        this.mTerminate = true;
        setNextProfile(null);
        try {
            this.mConnectionHandler.join();
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
        if (this.mService != null) {
            unbindService(this.mServiceConnection);
        }
        this.mDataSource.close();
    }

    @Override // android.net.VpnService
    public void onRevoke() {
        setNextProfile(null);
    }

    @Override // android.app.Service
    public int onStartCommand(Intent intent, int i, int i2) {
        if (intent == null) {
            return STATE_CHILD_SA_DOWN;
        }
        Bundle extras = intent.getExtras();
        VpnProfile vpnProfile = null;
        if (extras != null && (vpnProfile = this.mDataSource.getVpnProfile(extras.getLong(VpnProfileDataSource.KEY_ID))) != null) {
            vpnProfile.setPassword(extras.getString(VpnProfileDataSource.KEY_PASSWORD));
        }
        setNextProfile(vpnProfile);
        return STATE_CHILD_SA_DOWN;
    }

    @Override // java.lang.Runnable
    public void run() {
        while (true) {
            synchronized (this) {
                while (!this.mProfileUpdated) {
                    try {
                        wait();
                    } catch (InterruptedException e) {
                        stopCurrentConnection();
                        setState(VpnStateService.State.DISABLED);
                    }
                }
                this.mProfileUpdated = false;
                stopCurrentConnection();
                if (this.mNextProfile == null) {
                    setProfile(null);
                    setState(VpnStateService.State.DISABLED);
                    if (this.mTerminate) {
                        return;
                    }
                } else {
                    this.mCurrentProfile = this.mNextProfile;
                    this.mNextProfile = null;
                    this.mCurrentCertificateAlias = this.mCurrentProfile.getCertificateAlias();
                    this.mCurrentUserCertificateAlias = this.mCurrentProfile.getUserCertificateAlias();
                    setProfile(this.mCurrentProfile);
                    setError(VpnStateService.ErrorState.NO_ERROR);
                    setState(VpnStateService.State.CONNECTING);
                    this.mIsDisconnecting = false;
                    initializeCharon(new BuilderAdapter(this.mCurrentProfile.getName()), this.mLogFile);
                    Log.i(TAG, "charon started");
                    String localIPv4Address = getLocalIPv4Address();
                    initiate(this.mCurrentProfile.getVpnType().getIdentifier(), localIPv4Address != null ? localIPv4Address : "0.0.0.0", this.mCurrentProfile.getGateway(), this.mCurrentProfile.getUsername(), this.mCurrentProfile.getPassword());
                }
            }
        }
    }

    public void updateStatus(int i) {
        switch (i) {
            case STATE_CHILD_SA_UP /* 1 */:
                setState(VpnStateService.State.CONNECTED);
                return;
            case STATE_CHILD_SA_DOWN /* 2 */:
                synchronized (this.mServiceLock) {
                    if (this.mService != null && !this.mIsDisconnecting) {
                        this.mService.disconnect();
                    }
                }
                return;
            case STATE_AUTH_ERROR /* 3 */:
                setErrorDisconnect(VpnStateService.ErrorState.AUTH_FAILED);
                return;
            case STATE_PEER_AUTH_ERROR /* 4 */:
                setErrorDisconnect(VpnStateService.ErrorState.PEER_AUTH_FAILED);
                return;
            case STATE_LOOKUP_ERROR /* 5 */:
                setErrorDisconnect(VpnStateService.ErrorState.LOOKUP_FAILED);
                return;
            case STATE_UNREACHABLE_ERROR /* 6 */:
                setErrorDisconnect(VpnStateService.ErrorState.UNREACHABLE);
                return;
            case STATE_GENERIC_ERROR /* 7 */:
                setErrorDisconnect(VpnStateService.ErrorState.GENERIC_ERROR);
                return;
            default:
                Log.e(TAG, "Unknown status code received");
                return;
        }
    }
}
