package com.centrify.directcontrol.vpn.samsung;

import android.content.ContentValues;
import android.database.Cursor;
import android.os.RemoteException;
import android.text.TextUtils;
import com.centrify.agent.samsung.KnoxVersionUtil;
import com.centrify.agent.samsung.aidl.IKnoxAgentService;
import com.centrify.agent.samsung.knox.vpn.EnterpriseVpnKnox;
import com.centrify.agent.samsung.utils.LogUtil;
import com.centrify.android.centrifypreference.CentrifyPreferenceUtils;
import com.centrify.android.cipher.CipherController;
import com.centrify.directcontrol.CentrifyApplication;
import com.centrify.directcontrol.SamsungAgentManager;
import com.centrify.directcontrol.db.DBAdapter;
import com.centrify.directcontrol.knox.KLMSUtil;
import com.centrify.directcontrol.knox.vpn.AbstractKnoxVpnManager;
import com.centrify.directcontrol.knox.vpn.KnoxPerDeviceAppVpnManager;
import com.centrify.directcontrol.utilities.CertUtilility;
import com.centrify.directcontrol.utilities.FileUltility;
import com.centrify.directcontrol.utilities.PolicyKeyConstants;
import com.dd.plist.ASCIIPropertyListParser;
import com.dd.plist.NSArray;
import com.dd.plist.NSDictionary;
import com.dd.plist.NSNumber;
import com.dd.plist.NSObject;
import com.dd.plist.NSString;
import com.dd.plist.PListUtils;
import java.io.File;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public final class KnoxEnterpriseVpnManager extends AbstractKnoxVpnManager<List<EnterpriseVpnKnox>> {
    public static final int AUTH_MODE_CERTIFICATE = 1;
    public static final int AUTH_MODE_EAP_MD5 = 4;
    public static final int AUTH_MODE_EAP_MSCHAPV2 = 5;
    public static final int AUTH_MODE_HYBRID_RSA = 3;
    public static final int AUTH_MODE_PSK = 2;
    public static final String CERTIFICATE_CA_FILE_NAME = "centrify_cert_knox_vpn_ca.pfx";
    public static final String CERTIFICATE_USER_FILE_NAME = "centrify_cert_knox_vpn_user.pfx";
    public static final String CLOUD_TYPE_ANYCONNECT = "AnyConnect";
    public static final String CLOUD_TYPE_KEYVPN = "KeyVPN";
    public static final int ENTERPRISE_VPN_IS_DEFAULT_ROUTE_DISABLED = 0;
    public static final int ENTERPRISE_VPN_IS_DEFAULT_ROUTE_ENABLED = 1;
    public static final String KNOX_TYPE_ANYCONNECT = "anyconnect";
    public static final String KNOX_TYPE_KEYVPN = "key_vpn";
    public static final String MOCANA_VPN_CLIENT_PACKAGENAME = "com.mocana.vpn.android";
    public static final String ROOT_CERT_VPN_PREFIX = "ca_cert_knox_vpn_";
    public static final int STATUS_COMPLETED = 1;
    public static final int STATUS_DELETED = 2;
    public static final int STATUS_NEW = 0;
    private static final String TAG = "KnoxEnterpriseVpnManager";
    public static final int TARGET_KNOX = 1;
    public static final String USER_CERT_VPN_PREFIX = "user_cert_knox_vpn_";
    private static KnoxEnterpriseVpnManager sInstance;
    private String mCACertPassword;
    private String mCACertPath;
    private String mClientCertPassword;
    private String mClientCertPath;
    private boolean mDoesPolicyExist;
    private int mNonCompliantPolicyNumber;
    private String mProfileName;

    /* JADX WARN: Type inference failed for: r0v0, types: [T, java.util.ArrayList] */
    private KnoxEnterpriseVpnManager() {
        this.mPoliciesInCache = new ArrayList();
    }

    private void addVpnProfile(String str, String str2, NSDictionary nSDictionary, List<NSDictionary> list, List<NSDictionary> list2, NSDictionary nSDictionary2) {
        if (existInDB(str)) {
            boolean isSameVPN = isSameVPN(str, str2, nSDictionary, list, list2, nSDictionary2);
            if (isSameVPN) {
                LogUtil.debug(TAG, "Same profile exist in DB:" + isSameVPN);
                return;
            } else {
                LogUtil.debug(TAG, "delete profile from db.");
                deleteFromDB(str);
            }
        }
        LogUtil.debug(TAG, "save vpn profile to DB");
        saveProfile(str, str2, nSDictionary, list, list2, nSDictionary2);
        updateCache();
    }

    private boolean compareCACert(List<NSDictionary> list, List<NSDictionary> list2, String str, String str2) {
        boolean z = true;
        if (KnoxVersionUtil.isKnox20Less()) {
            NSDictionary selectCACertificate = selectCACertificate(list);
            if (selectCACertificate != null) {
                NSString nSString = (NSString) selectCACertificate.objectForKey("Password");
                String nSString2 = nSString != null ? nSString.toString() : null;
                String nSString3 = ((NSString) selectCACertificate.objectForKey("content")).toString();
                File file = new File(str);
                if (!TextUtils.equals(nSString2, str2) || !CertUtilility.compareCertWithCertFile(nSString3, file.getName())) {
                    z = false;
                }
            }
        } else {
            NSDictionary selectCACertificate2 = selectCACertificate(list2);
            if (selectCACertificate2 != null && !CertUtilility.compareCertWithCertFile(((NSString) selectCACertificate2.objectForKey("content")).toString(), new File(str).getName())) {
                z = false;
            }
        }
        LogUtil.debug(TAG, "compareCACert-->result:" + z);
        return z;
    }

    private boolean compareString(String str, String str2) {
        return (StringUtils.isEmpty(str) && StringUtils.isEmpty(str2)) || !(str == null || str2 == null || !StringUtils.equals(str, str2));
    }

    private boolean compareUserCert(NSDictionary nSDictionary, String str, String str2) {
        boolean z = true;
        NSString nSString = (NSString) nSDictionary.objectForKey("Password");
        String nSString2 = nSString != null ? nSString.toString() : null;
        String nSString3 = ((NSString) nSDictionary.objectForKey("content")).toString();
        File file = new File(str);
        if (!TextUtils.equals(str2, nSString2) || !CertUtilility.compareCertWithCertFile(nSString3, file.getName())) {
            LogUtil.debug(TAG, "cert is not the same");
            z = false;
        }
        LogUtil.debug(TAG, "compareUserCert-->result:" + z);
        return z;
    }

    private void deleteFromDB(String str) {
        LogUtil.debug(TAG, "delete result : " + this.mDbAdapter.delete("enterprise_vpn", "name=?", new String[]{str}));
    }

    private boolean existInDB(String str) {
        Cursor query = this.mDbAdapter.query("enterprise_vpn", (String[]) null, "name=?", new String[]{str}, (String) null);
        if (query != null) {
            r7 = query.getCount() > 0;
            query.close();
        }
        return r7;
    }

    private List<String> getForwardRoutesList(String str) {
        if (str != null) {
            return Arrays.asList(str.split(",| |\n"));
        }
        return null;
    }

    private String getForwardRoutesString(List<String> list) {
        return list != null ? StringUtils.join(list, ASCIIPropertyListParser.ARRAY_ITEM_DELIMITER_TOKEN) : "";
    }

    public static KnoxEnterpriseVpnManager getInstance() {
        if (sInstance == null) {
            sInstance = new KnoxEnterpriseVpnManager();
        }
        return sInstance;
    }

    private String getProfileName(NSObject[] nSObjectArr) {
        for (NSObject nSObject : nSObjectArr) {
            if (nSObject instanceof NSDictionary) {
                NSDictionary nSDictionary = (NSDictionary) nSObject;
                if (StringUtils.equalsIgnoreCase(PListUtils.getString(nSDictionary, "id"), "com.centrify.profile.vpn.knox.payload")) {
                    return PListUtils.getString(nSDictionary, "UserDefinedName");
                }
            }
        }
        return null;
    }

    private String getVpnType(String str) {
        return str.equals(CLOUD_TYPE_ANYCONNECT) ? "anyconnect" : str.equals(CLOUD_TYPE_KEYVPN) ? "key_vpn" : str;
    }

    private void handleCACertificate(NSDictionary nSDictionary) {
        LogUtil.debug(TAG, "handleCACertificate-begin");
        NSString nSString = (NSString) nSDictionary.objectForKey("Password");
        if (nSString != null) {
            this.mCACertPassword = nSString.toString();
        }
        String str = "ca_cert_knox_vpn_" + this.mProfileName + CertUtilility.ROOT_CERT_SUFFIX;
        if (str.contains(File.separator)) {
            str = str.replaceAll(File.separator, "");
        }
        if (FileUltility.isFileExisting(str)) {
            FileUltility.deleteFile(str);
        }
        LogUtil.debug(TAG, "FileUltility.saveFile: " + FileUltility.saveFile(((NSString) nSDictionary.objectForKey("content")).toString(), str));
        this.mCACertPath = CentrifyApplication.getAppInstance().getFilesDir().getAbsolutePath() + "/" + str;
        LogUtil.debug(TAG, "handleCACertificate-end");
    }

    private void handleClientCertificate(NSDictionary nSDictionary) {
        LogUtil.debug(TAG, "handleClientCertificate-begin");
        NSString nSString = (NSString) nSDictionary.objectForKey("Password");
        if (nSString != null) {
            this.mClientCertPassword = nSString.toString();
        }
        String str = "user_cert_knox_vpn_" + this.mProfileName + CertUtilility.USER_CERT_SUFFIX;
        String nSString2 = ((NSString) nSDictionary.objectForKey("content")).toString();
        if (str.contains(File.separator)) {
            str = str.replaceAll(File.separator, "");
        }
        LogUtil.debug(TAG, "FileUltility.saveFile: " + FileUltility.saveFile(nSString2, str));
        this.mClientCertPath = CentrifyApplication.getAppInstance().getFilesDir().getAbsolutePath() + "/" + str;
        LogUtil.debug(TAG, "handleClientCertificate-end");
    }

    private boolean isSame(NSObject nSObject, int i) {
        return (nSObject != null ? ((NSNumber) nSObject).intValue() : 0) == i;
    }

    private boolean isSame(NSObject nSObject, String str) {
        return compareString(nSObject != null ? nSObject.toString() : null, str);
    }

    private boolean isSame(NSObject nSObject, boolean z) {
        return (nSObject != null ? ((NSNumber) nSObject).boolValue() : false) == z;
    }

    private boolean isSame(String str, String str2) {
        return compareString(str, str2);
    }

    private boolean isSame(List<String> list, String[] strArr) {
        if (list == null || strArr == null) {
            return list == null && strArr == null;
        }
        if (list.size() != strArr.length) {
            return false;
        }
        HashSet hashSet = new HashSet(list);
        for (String str : strArr) {
            if (!hashSet.contains(str)) {
                return false;
            }
        }
        return true;
    }

    private boolean isSameVPN(String str, String str2, NSDictionary nSDictionary, List<NSDictionary> list, List<NSDictionary> list2, NSDictionary nSDictionary2) {
        int intValue;
        Cursor cursor = null;
        try {
            try {
                Cursor query = this.mDbAdapter.query("enterprise_vpn", (String[]) null, "name=?", new String[]{str}, (String) null);
                if (query == null || query.getCount() <= 0) {
                    LogUtil.debug(TAG, "no data in db, return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!query.moveToFirst()) {
                    LogUtil.debug(TAG, "cursor move to first fail, return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(str, query.getString(query.getColumnIndex("name")))) {
                    LogUtil.debug(TAG, "name is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(getVpnType(str2), query.getString(query.getColumnIndex("type")))) {
                    LogUtil.debug(TAG, "type is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("Host"), query.getString(query.getColumnIndex("host")))) {
                    LogUtil.debug(TAG, "Host is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                NSNumber nSNumber = (NSNumber) nSDictionary.objectForKey("AuthMethod");
                boolean z = false;
                if (nSNumber != null && (intValue = nSNumber.intValue()) == query.getInt(query.getColumnIndex("auth_method"))) {
                    z = true;
                    if (intValue != 2) {
                        z = compareCACert(list, list2, query.getString(query.getColumnIndex("ca_cert_path")), CipherController.getInstance().decrypt(query.getString(query.getColumnIndex("ca_cert_pwd"))));
                        if (z && intValue == 1) {
                            z = compareUserCert(nSDictionary2, query.getString(query.getColumnIndex("user_cert_path")), CipherController.getInstance().decrypt(query.getString(query.getColumnIndex("user_cert_pwd"))));
                        }
                        LogUtil.debug(TAG, "compare cert result : " + z);
                    }
                }
                if (!z) {
                    LogUtil.debug(TAG, "authMethod or cert is not same return false;");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("BackupServerEnabled"), query.getInt(query.getColumnIndex("backup_server_enabled")) != 0)) {
                    LogUtil.debug(TAG, "BackupServerEnabled is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("BackupVPNServer"), query.getString(query.getColumnIndex("backup_vpn_server")))) {
                    LogUtil.debug(TAG, "BackupVPNServer is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("DeadPeerDetect"), query.getInt(query.getColumnIndex("dead_peer_detect")) != 0)) {
                    LogUtil.debug(TAG, "DeadPeerDetect is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                NSObject objectForKey = nSDictionary.objectForKey("ForwardRoutes");
                String string = query.getString(query.getColumnIndex("forward_routes"));
                if (objectForKey == null || string == null) {
                    if (objectForKey != null || string != null) {
                        LogUtil.debug(TAG, "forwardRoutes2 is not same return false");
                        if (query == null) {
                            return false;
                        }
                        query.close();
                        return false;
                    }
                } else if (!isSame(getForwardRoutesList(objectForKey.toString()), string.split(","))) {
                    LogUtil.debug(TAG, "forwardRoutes is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("GroupName"), query.getString(query.getColumnIndex("group_name")))) {
                    LogUtil.debug(TAG, "GroupName is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("IPSecIDType"), query.getInt(query.getColumnIndex("ipsec_id_type")))) {
                    LogUtil.debug(TAG, "IPSecIDType is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("IKEVersion"), query.getInt(query.getColumnIndex("ike_version")))) {
                    LogUtil.debug(TAG, "IKEVersion is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("IsDefaultRouteEnabled"), query.getInt(query.getColumnIndex("is_default_troute_enabled")) != 0)) {
                    LogUtil.debug(TAG, "IsDefaultRouteEnabled is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("IsSmartcardEnabled"), query.getInt(query.getColumnIndex("is_smartcard_enabled")) != 0)) {
                    LogUtil.debug(TAG, "IsSmartcardEnabled is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("IsUserAuthEnabled"), query.getInt(query.getColumnIndex("is_user_auth_enabled")) != 0)) {
                    LogUtil.debug(TAG, "IsUserAuthEnabled is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("MobikeEnabled"), query.getInt(query.getColumnIndex("mobike_enabled")) != 0)) {
                    LogUtil.debug(TAG, "MobikeEnabled is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("P1DHGroup"), query.getInt(query.getColumnIndex("p1dh_group")))) {
                    LogUtil.debug(TAG, "P1DHGroup is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("P1Mode"), query.getInt(query.getColumnIndex("p1mode")))) {
                    LogUtil.debug(TAG, "P1Mode is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                String decrypt = CipherController.getInstance().decrypt(query.getString(query.getColumnIndex("password")));
                LogUtil.info("SAM_TEST", "direct control enterprisePassword [" + decrypt + "]");
                if (!isSame(nSDictionary.objectForKey("Password"), decrypt)) {
                    LogUtil.debug(TAG, "Password is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("PFS"), query.getInt(query.getColumnIndex("pfs")) != 0)) {
                    LogUtil.debug(TAG, "PFS is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("PSK"), CipherController.getInstance().decrypt(query.getString(query.getColumnIndex("psk"))))) {
                    LogUtil.debug(TAG, "PSK is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("SplitTunnelType"), query.getInt(query.getColumnIndex("split_tunnel_type")))) {
                    LogUtil.debug(TAG, "SplitTunnelType is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (!isSame(nSDictionary.objectForKey("SuiteBType"), query.getInt(query.getColumnIndex("suite_b_type")))) {
                    LogUtil.debug(TAG, "SuiteBType is not same return false");
                    if (query == null) {
                        return false;
                    }
                    query.close();
                    return false;
                }
                if (isSame(nSDictionary.objectForKey("Username"), query.getString(query.getColumnIndex("user_name")))) {
                    if (query != null) {
                        query.close();
                    }
                    return true;
                }
                LogUtil.debug(TAG, "Username is not same return false");
                if (query == null) {
                    return false;
                }
                query.close();
                return false;
            } catch (Exception e) {
                LogUtil.error(TAG, e);
                e.printStackTrace();
                if (0 == 0) {
                    return false;
                }
                cursor.close();
                return false;
            }
        } catch (Throwable th) {
            if (0 != 0) {
                cursor.close();
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final /* synthetic */ boolean lambda$removeAllKnoxVpnCert$0$KnoxEnterpriseVpnManager(File file, String str) {
        return str.startsWith("user_cert_knox_vpn_") || str.startsWith("ca_cert_knox_vpn_");
    }

    private void removeAllKnoxVpnCert() {
        String[] list = new File(CentrifyApplication.getAppInstance().getApplicationContext().getFilesDir().getAbsolutePath()).list(KnoxEnterpriseVpnManager$$Lambda$0.$instance);
        if (list != null) {
            for (String str : list) {
                LogUtil.debug(TAG, "remove cert file :" + str);
                FileUltility.deleteFile(str);
            }
        }
    }

    private NSDictionary selectCACertificate(List<NSDictionary> list) {
        if (list == null || list.size() <= 0) {
            return null;
        }
        return list.get(list.size() - 1);
    }

    @Override // com.centrify.directcontrol.knox.BaseKnoxPolicyController, com.centrify.directcontrol.policy.AbstractPolicyController
    public void checkPolicyCompliance() {
        LogUtil.info(TAG, "checkExchangeAccountNonCompliance-begin");
        this.mDoesPolicyExist = false;
        this.mNonCompliantPolicyNumber = 0;
        if (((List) this.mPoliciesInCache).size() > 0) {
            for (EnterpriseVpnKnox enterpriseVpnKnox : (List) this.mPoliciesInCache) {
                if (2 != enterpriseVpnKnox.status) {
                    this.mDoesPolicyExist = true;
                    if (1 != enterpriseVpnKnox.status) {
                        this.mNonCompliantPolicyNumber++;
                    }
                }
            }
        }
        LogUtil.info(TAG, "mDoesPolicyExist: " + this.mDoesPolicyExist + " mNonCompliantPolicyNumber: " + this.mNonCompliantPolicyNumber);
    }

    public void clearKnoxVpn() {
        LogUtil.debug(TAG, "clear all vpn and app mapping to the vpn");
        ContentValues contentValues = new ContentValues();
        contentValues.put("status", (Integer) 2);
        this.mDbAdapter.update("enterprise_vpn", contentValues, null, null);
        CentrifyPreferenceUtils.putBoolean("KNOX_VPN_POLICY_CHANGED", true);
        KnoxPerDeviceAppVpnManager.getInstance().markProfileAsDeleted("per_device_app_vpn");
        CentrifyPreferenceUtils.putBoolean("KNOX_PERDEVICEAPPVPN_POLICY_CHANGED", true);
        DBAdapter.getDBInstance().delete("per_app_vpn", null, null);
        CentrifyPreferenceUtils.putBoolean("KNOX_PERAPPVPN_POLICY_CHANGED", true);
        removeAllKnoxVpnCert();
        IKnoxAgentService knoxAgentService = SamsungAgentManager.getInstance().getKnoxAgentService();
        if (knoxAgentService != null) {
            try {
                knoxAgentService.clearKnoxVpn();
            } catch (RemoteException e) {
                LogUtil.warning(TAG, e);
            }
        }
    }

    public void deleteProfile(String str) {
        LogUtil.debug(TAG, "Delete enterprise vpn entry: " + this.mDbAdapter.delete("enterprise_vpn", "name=?", new String[]{str}));
    }

    @Override // com.centrify.directcontrol.knox.BaseKnoxPolicyController, com.centrify.directcontrol.policy.AbstractPolicyController
    public boolean doesPolicyExist() {
        return this.mDoesPolicyExist;
    }

    @Override // com.centrify.directcontrol.knox.BaseKnoxPolicyController, com.centrify.directcontrol.policy.AbstractPolicyController
    public int getNonCompliantPolicyNumber() {
        return 0;
    }

    @Override // com.centrify.directcontrol.knox.vpn.AbstractKnoxVpnManager
    protected String getRootCertFileName(String str) {
        return "ca_cert_knox_vpn_" + str + CertUtilility.ROOT_CERT_SUFFIX;
    }

    @Override // com.centrify.directcontrol.knox.vpn.AbstractKnoxVpnManager
    protected Set<String> getRootCertPayLoadID() {
        HashSet hashSet = new HashSet();
        hashSet.add("com.centrify.profile.vpn.knox.cacertder0");
        hashSet.add("com.centrify.profile.vpn.knox.cacert0");
        return hashSet;
    }

    @Override // com.centrify.directcontrol.knox.vpn.AbstractKnoxVpnManager
    protected String getVPNProfilePayLodID() {
        return "com.centrify.profile.vpn.knox.payload";
    }

    @Override // com.centrify.directcontrol.knox.vpn.AbstractKnoxVpnManager
    protected JSONObject getVpnProfilePayLoad(String str, String str2) throws JSONException {
        Integer num = getVpnStatusMap().get(str2);
        return num == null ? getFailedJson("NotValid", str, "The payLoad is not valid") : !isContainerOwned() ? getFailedJson("Pending", str, "waiting for container created.") : num.intValue() != 1 ? getFailedJson("Failure", str, "Failed to apply policy.") : getJson("Success", str);
    }

    /* JADX WARN: Code restructure failed: missing block: B:10:0x004d, code lost:
    
        if (r6.isClosed() != false) goto L11;
     */
    /* JADX WARN: Code restructure failed: missing block: B:11:0x004f, code lost:
    
        r6.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:4:0x0024, code lost:
    
        if (r6.moveToFirst() != false) goto L6;
     */
    /* JADX WARN: Code restructure failed: missing block: B:5:0x0026, code lost:
    
        r7.put(r6.getString(r6.getColumnIndex("name")), java.lang.Integer.valueOf(r6.getInt(r6.getColumnIndex("status"))));
     */
    /* JADX WARN: Code restructure failed: missing block: B:6:0x0047, code lost:
    
        if (r6.moveToNext() != false) goto L13;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    java.util.Map<java.lang.String, java.lang.Integer> getVpnStatusMap() {
        /*
            r8 = this;
            r2 = 0
            java.util.HashMap r7 = new java.util.HashMap
            r7.<init>()
            java.lang.String r3 = "status<>? "
            r0 = 1
            java.lang.String[] r4 = new java.lang.String[r0]
            r0 = 0
            r1 = 2
            java.lang.String r1 = java.lang.Integer.toString(r1)
            r4[r0] = r1
            com.centrify.directcontrol.db.DBAdapter r0 = r8.mDbAdapter
            java.lang.String r1 = "enterprise_vpn"
            r5 = r2
            android.database.Cursor r6 = r0.query(r1, r2, r3, r4, r5)
            if (r6 == 0) goto L52
            boolean r0 = r6.moveToFirst()
            if (r0 == 0) goto L49
        L26:
            java.lang.String r0 = "name"
            int r0 = r6.getColumnIndex(r0)
            java.lang.String r0 = r6.getString(r0)
            java.lang.String r1 = "status"
            int r1 = r6.getColumnIndex(r1)
            int r1 = r6.getInt(r1)
            java.lang.Integer r1 = java.lang.Integer.valueOf(r1)
            r7.put(r0, r1)
            boolean r0 = r6.moveToNext()
            if (r0 != 0) goto L26
        L49:
            boolean r0 = r6.isClosed()
            if (r0 != 0) goto L52
            r6.close()
        L52:
            return r7
        */
        throw new UnsupportedOperationException("Method not decompiled: com.centrify.directcontrol.vpn.samsung.KnoxEnterpriseVpnManager.getVpnStatusMap():java.util.Map");
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public void initialize(File file) {
        updateCache();
    }

    @Override // com.centrify.directcontrol.knox.BaseKnoxPolicyController, com.centrify.directcontrol.policy.AbstractPolicyController
    public void loadPolicy() {
        if (KLMSUtil.isKLMSModeActivated()) {
            try {
                LogUtil.info(TAG, "Knox profile received.");
                IKnoxAgentService knoxAgentService = SamsungAgentManager.getInstance().getKnoxAgentService();
                if (knoxAgentService != null) {
                    knoxAgentService.applyPendingPolicies();
                }
            } catch (RemoteException e) {
                LogUtil.warning(TAG, e);
            }
        }
    }

    @Override // com.centrify.directcontrol.knox.BaseKnoxPolicyController, com.centrify.directcontrol.policy.AbstractPolicyController
    public void resetPolicy(String str) {
        String[] strArr = {str.substring(PolicyKeyConstants.KNOX_VPN_SETTINGS_MOCANA_PROFILE_IDENTIFIER_PREFIX.length())};
        ContentValues contentValues = new ContentValues();
        contentValues.put("status", (Integer) 2);
        long update = this.mDbAdapter.update("enterprise_vpn", contentValues, "name=?", strArr);
        updateCache();
        CentrifyPreferenceUtils.putBoolean("KNOX_VPN_POLICY_CHANGED", true);
        LogUtil.debug(TAG, "Mark vpn profile as deleted: " + update);
    }

    @Override // com.centrify.directcontrol.knox.BaseKnoxPolicyController, com.centrify.directcontrol.policy.AbstractPolicyController
    public boolean savePolicy(NSDictionary nSDictionary) {
        String str = null;
        String str2 = null;
        NSDictionary nSDictionary2 = null;
        ArrayList arrayList = null;
        ArrayList arrayList2 = null;
        NSDictionary nSDictionary3 = null;
        for (NSObject nSObject : ((NSArray) nSDictionary.objectForKey("content")).getArray()) {
            NSDictionary nSDictionary4 = (NSDictionary) nSObject;
            NSString nSString = (NSString) nSDictionary4.objectForKey("type");
            LogUtil.debug(TAG, "payloadID: " + nSString.toString());
            if (nSString.toString().equals("com.centrify.security.root")) {
                if (arrayList == null) {
                    arrayList = new ArrayList();
                }
                arrayList.add(nSDictionary4);
            } else if (nSString.toString().equals("com.centrify.security.der")) {
                if (arrayList2 == null) {
                    arrayList2 = new ArrayList();
                }
                arrayList2.add(nSDictionary4);
            } else if (nSString.toString().equals("com.centrify.security.pkcs12")) {
                nSDictionary3 = nSDictionary4;
            } else if (nSString.toString().equals("com.centrify.vpn.managed.knox")) {
                str = nSDictionary4.objectForKey("VPNType").toString();
                str2 = nSDictionary4.objectForKey("UserDefinedName").toString();
                nSDictionary2 = (NSDictionary) nSDictionary4.objectForKey("VPN");
            }
        }
        if (nSDictionary2 == null) {
            return false;
        }
        addVpnProfile(str2, str, nSDictionary2, arrayList, arrayList2, nSDictionary3);
        CentrifyPreferenceUtils.putBoolean("KNOX_VPN_POLICY_CHANGED", true);
        return true;
    }

    public void saveProfile(String str, String str2, NSDictionary nSDictionary, List<NSDictionary> list, List<NSDictionary> list2, NSDictionary nSDictionary2) {
        this.mProfileName = str;
        ContentValues contentValues = new ContentValues();
        contentValues.put("name", str);
        contentValues.put("type", getVpnType(str2));
        NSObject objectForKey = nSDictionary.objectForKey("Host");
        if (objectForKey != null) {
            contentValues.put("host", objectForKey.toString());
        }
        NSObject objectForKey2 = nSDictionary.objectForKey("AuthMethod");
        if (objectForKey2 != null) {
            contentValues.put("auth_method", Integer.valueOf(((NSNumber) objectForKey2).intValue()));
        }
        NSObject objectForKey3 = nSDictionary.objectForKey("BackupServerEnabled");
        if (objectForKey3 != null) {
            contentValues.put("backup_server_enabled", Boolean.valueOf(((NSNumber) objectForKey3).boolValue()));
        }
        NSObject objectForKey4 = nSDictionary.objectForKey("BackupVPNServer");
        if (objectForKey4 != null) {
            contentValues.put("backup_vpn_server", objectForKey4.toString());
        }
        NSObject objectForKey5 = nSDictionary.objectForKey("DeadPeerDetect");
        if (objectForKey5 != null) {
            contentValues.put("dead_peer_detect", Boolean.valueOf(((NSNumber) objectForKey5).boolValue()));
        }
        NSObject objectForKey6 = nSDictionary.objectForKey("ForwardRoutes");
        if (objectForKey6 != null) {
            contentValues.put("forward_routes", getForwardRoutesString(getForwardRoutesList(objectForKey6.toString())));
        }
        NSObject objectForKey7 = nSDictionary.objectForKey("GroupName");
        if (objectForKey7 != null) {
            contentValues.put("group_name", objectForKey7.toString());
        }
        NSObject objectForKey8 = nSDictionary.objectForKey("IPSecIDType");
        if (objectForKey8 != null) {
            contentValues.put("ipsec_id_type", Integer.valueOf(((NSNumber) objectForKey8).intValue()));
        }
        contentValues.put("id", "");
        NSObject objectForKey9 = nSDictionary.objectForKey("IKEVersion");
        if (objectForKey9 != null) {
            contentValues.put("ike_version", Integer.valueOf(((NSNumber) objectForKey9).intValue()));
        }
        NSObject objectForKey10 = nSDictionary.objectForKey("IsDefaultRouteEnabled");
        if (objectForKey10 != null) {
            contentValues.put("is_default_troute_enabled", Boolean.valueOf(((NSNumber) objectForKey10).boolValue()));
        }
        NSObject objectForKey11 = nSDictionary.objectForKey("IsSmartcardEnabled");
        contentValues.put("is_smartcard_enabled", Boolean.valueOf(objectForKey11 != null ? ((NSNumber) objectForKey11).boolValue() : false));
        NSObject objectForKey12 = nSDictionary.objectForKey("IsUserAuthEnabled");
        if (objectForKey12 != null) {
            contentValues.put("is_user_auth_enabled", Boolean.valueOf(((NSNumber) objectForKey12).boolValue()));
        }
        NSObject objectForKey13 = nSDictionary.objectForKey("MobikeEnabled");
        if (objectForKey13 != null) {
            contentValues.put("mobike_enabled", Boolean.valueOf(((NSNumber) objectForKey13).boolValue()));
        }
        NSObject objectForKey14 = nSDictionary.objectForKey("P1DHGroup");
        if (objectForKey14 != null) {
            contentValues.put("p1dh_group", Integer.valueOf(((NSNumber) objectForKey14).intValue()));
        }
        NSObject objectForKey15 = nSDictionary.objectForKey("P1Mode");
        if (objectForKey15 != null) {
            contentValues.put("p1mode", Integer.valueOf(((NSNumber) objectForKey15).intValue()));
        }
        NSObject objectForKey16 = nSDictionary.objectForKey("Password");
        contentValues.put("password", CipherController.getInstance().encrypt(objectForKey16 == null ? "" : objectForKey16.toString()));
        NSObject objectForKey17 = nSDictionary.objectForKey("PFS");
        if (objectForKey17 != null) {
            contentValues.put("pfs", Boolean.valueOf(((NSNumber) objectForKey17).boolValue()));
        }
        NSObject objectForKey18 = nSDictionary.objectForKey("PSK");
        if (objectForKey18 != null) {
            contentValues.put("psk", CipherController.getInstance().encrypt(objectForKey18.toString()));
        } else {
            contentValues.put("psk", "");
        }
        NSObject objectForKey19 = nSDictionary.objectForKey("SplitTunnelType");
        if (objectForKey19 != null) {
            contentValues.put("split_tunnel_type", Integer.valueOf(((NSNumber) objectForKey19).intValue()));
        }
        NSObject objectForKey20 = nSDictionary.objectForKey("SuiteBType");
        if (objectForKey20 != null) {
            contentValues.put("suite_b_type", Integer.valueOf(((NSNumber) objectForKey20).intValue()));
        }
        NSObject objectForKey21 = nSDictionary.objectForKey("Username");
        if (objectForKey21 != null) {
            contentValues.put("user_name", objectForKey21.toString());
        } else {
            contentValues.put("user_name", "");
        }
        if (nSDictionary2 != null) {
            handleClientCertificate(nSDictionary2);
            if (this.mClientCertPath != null) {
                contentValues.put("user_cert_path", this.mClientCertPath);
            }
            if (this.mClientCertPassword != null) {
                contentValues.put("user_cert_pwd", CipherController.getInstance().encrypt(this.mClientCertPassword));
            }
        }
        if (KnoxVersionUtil.isKnox20Less()) {
            LogUtil.debug(TAG, "KNOX1 device, handle CA certificate with P12 format");
            NSDictionary selectCACertificate = selectCACertificate(list);
            if (selectCACertificate != null) {
                handleCACertificate(selectCACertificate);
                if (this.mCACertPath != null) {
                    contentValues.put("ca_cert_path", this.mCACertPath);
                }
                if (this.mCACertPassword != null) {
                    contentValues.put("ca_cert_pwd", CipherController.getInstance().encrypt(this.mCACertPassword));
                }
            }
        } else {
            LogUtil.debug(TAG, "KNOX2 device, handle CA certificate with DER format");
            NSDictionary selectCACertificate2 = selectCACertificate(list2);
            if (selectCACertificate2 != null) {
                handleCACertificate(selectCACertificate2);
                if (this.mCACertPath != null) {
                    contentValues.put("ca_cert_path", this.mCACertPath);
                }
                if (this.mCACertPassword != null) {
                    contentValues.put("ca_cert_pwd", CipherController.getInstance().encrypt(this.mCACertPassword));
                }
            }
        }
        contentValues.put("target", (Integer) 1);
        contentValues.put("status", (Integer) 0);
        LogUtil.debug(TAG, "New enterprise vpn entry added: " + DBAdapter.getDBInstance().insert("enterprise_vpn", contentValues));
    }

    /* JADX WARN: Code restructure failed: missing block: B:10:0x0034, code lost:
    
        if (r9.isClosed() != false) goto L15;
     */
    /* JADX WARN: Code restructure failed: missing block: B:11:0x0036, code lost:
    
        r9.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:12:0x0039, code lost:
    
        return;
     */
    /* JADX WARN: Code restructure failed: missing block: B:14:?, code lost:
    
        return;
     */
    /* JADX WARN: Code restructure failed: missing block: B:4:0x001c, code lost:
    
        if (r9.moveToFirst() != false) goto L6;
     */
    /* JADX WARN: Code restructure failed: missing block: B:5:0x001e, code lost:
    
        ((java.util.List) r10.mPoliciesInCache).add(new com.centrify.agent.samsung.knox.vpn.EnterpriseVpnKnox(r9));
     */
    /* JADX WARN: Code restructure failed: missing block: B:6:0x002e, code lost:
    
        if (r9.moveToNext() != false) goto L13;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void updateCache() {
        /*
            r10 = this;
            r2 = 0
            T r0 = r10.mPoliciesInCache
            java.util.List r0 = (java.util.List) r0
            r0.clear()
            com.centrify.directcontrol.db.DBAdapter r0 = r10.mDbAdapter
            java.lang.String r1 = "enterprise_vpn"
            r3 = r2
            r4 = r2
            r5 = r2
            r6 = r2
            r7 = r2
            android.database.Cursor r9 = r0.query(r1, r2, r3, r4, r5, r6, r7)
            if (r9 == 0) goto L39
            boolean r0 = r9.moveToFirst()
            if (r0 == 0) goto L30
        L1e:
            com.centrify.agent.samsung.knox.vpn.EnterpriseVpnKnox r8 = new com.centrify.agent.samsung.knox.vpn.EnterpriseVpnKnox
            r8.<init>(r9)
            T r0 = r10.mPoliciesInCache
            java.util.List r0 = (java.util.List) r0
            r0.add(r8)
            boolean r0 = r9.moveToNext()
            if (r0 != 0) goto L1e
        L30:
            boolean r0 = r9.isClosed()
            if (r0 != 0) goto L39
            r9.close()
        L39:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.centrify.directcontrol.vpn.samsung.KnoxEnterpriseVpnManager.updateCache():void");
    }
}
