package com.centrify.agent.samsung.knox.vpn19;

import com.centrify.agent.samsung.knox.KnoxNotificationUtils;
import com.centrify.agent.samsung.knox.KnoxProviderUtils;
import com.centrify.agent.samsung.knox.agent.AbstractKnoxManager;
import com.centrify.agent.samsung.knox.agent.AbstractNewKnoxManager;
import com.centrify.agent.samsung.utils.IOUtils;
import com.centrify.agent.samsung.utils.LogUtil;
import java.util.HashMap;
import java.util.List;

/* loaded from: classes.dex */
public abstract class AbstractKnoxGenericVpnPolicyManager<M extends AbstractKnoxManager> extends AbstractGenericVpnPolicyManager<M, GenericVpnProfile> {
    private static final String CONTAINER_VPN_NAME_POSTFIX = "_";
    private static final int MAX_LENGHT_OF_VPN_NAME = 15;

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractKnoxGenericVpnPolicyManager(M m, boolean z) {
        super(m, z);
    }

    private boolean addNewVpnProfile(IGenericVpnPolicy iGenericVpnPolicy, GenericVpnProfile genericVpnProfile, boolean z) {
        String str = genericVpnProfile.profileAttribute.profileName;
        int createVpnProfile = iGenericVpnPolicy.createVpnProfile(genericVpnProfile.toJsonProfileText());
        boolean z2 = createVpnProfile == 0;
        LogUtil.debug(this.TAG, "Create vpn profile [" + str + "]: " + createVpnProfile);
        LogUtil.debug(this.TAG, "call setAutoRetryOnConnectionError: " + iGenericVpnPolicy.setAutoRetryOnConnectionError(str, genericVpnProfile.autoRetry));
        LogUtil.debug(this.TAG, "call setVpnModeOfOperation: " + iGenericVpnPolicy.setVpnModeOfOperation(str, genericVpnProfile.vpnModeOfOperation));
        LogUtil.debug(this.TAG, "call setServerCertValidationUserAcceptanceCriteria: " + iGenericVpnPolicy.setServerCertValidationUserAcceptanceCriteria(str, genericVpnProfile.serverCertValidation, genericVpnProfile.serverCertValidationCondition, genericVpnProfile.serverCertValidationFrequency));
        if (genericVpnProfile.needCACertificate()) {
            LogUtil.debug(this.TAG, "call setCACertificate: " + iGenericVpnPolicy.setCACertificate(str, IOUtils.readBytes(genericVpnProfile.caCertPath)));
        }
        if (genericVpnProfile.needUserCertificate()) {
            byte[] readBytes = IOUtils.readBytes(genericVpnProfile.userCertPath);
            if (genericVpnProfile.vendorPackage.equals(GenericVpnProfile.VENDOR_PKG_JUNIPER)) {
                iGenericVpnPolicy.installCertificate(z, readBytes, genericVpnProfile.vendorProfile.getJuniperCertAlias(), genericVpnProfile.userCertPassword);
            } else {
                LogUtil.debug(this.TAG, "call setUserCertificate: " + iGenericVpnPolicy.setUserCertificate(str, readBytes, genericVpnProfile.userCertPassword));
            }
        }
        return z2;
    }

    private void removeCertFile(GenericVpnProfile genericVpnProfile) {
        if (genericVpnProfile.needCACertificate()) {
            IOUtils.removeFile(genericVpnProfile.caCertPath);
        }
        if (genericVpnProfile.needUserCertificate()) {
            IOUtils.removeFile(genericVpnProfile.userCertPath);
        }
    }

    /* JADX WARN: Type inference failed for: r4v2, types: [com.centrify.agent.samsung.knox.agent.AbstractKnoxManager] */
    private void removeVpnProfileFromVPNClient(IGenericVpnPolicy iGenericVpnPolicy, GenericVpnProfile genericVpnProfile, boolean z) {
        String[] allContainerPackagesInVpnProfile;
        if (iGenericVpnPolicy.getVpnProfile(genericVpnProfile.profileName) != null) {
            int containerId = getKnoxManger().getContainerId();
            String str = genericVpnProfile.profileName;
            if (genericVpnProfile.profileAttribute.vpnRouteType == 1) {
                String[] allPackagesInVpnProfile = iGenericVpnPolicy.getAllPackagesInVpnProfile(str);
                if (allPackagesInVpnProfile != null) {
                    LogUtil.debug(this.TAG, "Try to remove previous Per-Device-APP-VPN policy for profile: " + str + ", result=" + iGenericVpnPolicy.removePackagesFromVpn(allPackagesInVpnProfile, str));
                    if (getKnoxManger() instanceof AbstractNewKnoxManager) {
                        LogUtil.debug(this.TAG, "Try to remove previous All-Device-APP-VPN policy for profile: " + str + ", result=" + iGenericVpnPolicy.removeAllPackagesFromVpn(str));
                    }
                }
                if (isContainerPolicyAllowed() && (allContainerPackagesInVpnProfile = iGenericVpnPolicy.getAllContainerPackagesInVpnProfile(containerId, str)) != null) {
                    LogUtil.debug(this.TAG, "Try to remove previous Per-Container-APP-VPN policy for profile: " + str + ", result=" + iGenericVpnPolicy.removeContainerPackagesFromVpn(containerId, allContainerPackagesInVpnProfile, str));
                    LogUtil.debug(this.TAG, "Try to remove previous All-Container-APP-VPN policy for profile: " + str + ", result=" + iGenericVpnPolicy.removeAllContainerPackagesFromVpn(containerId, str));
                }
                iGenericVpnPolicy.activateVpnProfile(str, false);
            }
            LogUtil.debug(this.TAG, "Try to remove previous vpn profile: " + str + ", result=" + iGenericVpnPolicy.removeVpnProfile(str));
            if (genericVpnProfile.needUserCertificate() && genericVpnProfile.vendorPackage.equals(GenericVpnProfile.VENDOR_PKG_JUNIPER)) {
                iGenericVpnPolicy.removeCertificate(z, genericVpnProfile.userCertPath, genericVpnProfile.userCertPassword, genericVpnProfile.vendorProfile.getJuniperCertAlias());
            }
        }
    }

    @Override // com.centrify.agent.samsung.knox.vpn19.AbstractGenericVpnPolicyManager
    protected boolean doApplyPolicy(List<GenericVpnProfile> list, boolean z) {
        boolean z2;
        boolean z3 = false;
        int i = 0;
        int i2 = 0;
        HashMap hashMap = new HashMap();
        try {
            for (GenericVpnProfile genericVpnProfile : list) {
                i++;
                IGenericVpnPolicy bindVpnVendor = bindVpnVendor(genericVpnProfile.vendorPackage);
                String str = genericVpnProfile.profileName;
                boolean z4 = getKnoxManger() instanceof AbstractNewKnoxManager;
                IGenericVpnPolicy iGenericVpnPolicy = null;
                String str2 = null;
                if (z4 && isContainerPolicyAllowed()) {
                    iGenericVpnPolicy = bindContainerVpnVendor(genericVpnProfile.vendorPackage);
                    String str3 = str;
                    if (str != null && str.length() >= 15) {
                        str3 = str.substring(0, 14);
                    }
                    str2 = str3 + "_";
                }
                if (genericVpnProfile.status == 0) {
                    boolean z5 = true;
                    if (bindVpnVendor != null) {
                        removeVpnProfileFromVPNClient(bindVpnVendor, genericVpnProfile, false);
                        z2 = addNewVpnProfile(bindVpnVendor, genericVpnProfile, false);
                    } else {
                        z2 = false;
                    }
                    if (z4 && genericVpnProfile.profileAttribute.vpnRouteType == 0 && isContainerPolicyAllowed()) {
                        if (iGenericVpnPolicy != null) {
                            genericVpnProfile.profileName = str2;
                            genericVpnProfile.profileAttribute.profileName = str2;
                            removeVpnProfileFromVPNClient(iGenericVpnPolicy, genericVpnProfile, true);
                            z5 = addNewVpnProfile(iGenericVpnPolicy, genericVpnProfile, true);
                        } else {
                            z5 = false;
                        }
                    }
                    z3 = z2 & z5;
                    if (z3) {
                        i2++;
                    }
                    int i3 = z3 ? 1 : (!z2 || z5) ? (z2 || !z5) ? 0 : 3 : 3;
                    hashMap.put("knox_vpn_account_name" + str, Boolean.valueOf(z3));
                    if (z) {
                        KnoxProviderUtils.updateVpnProfile(str, i3);
                    } else {
                        KnoxProviderUtils.updateGenericVpnProfile(str, i3);
                    }
                } else if (genericVpnProfile.status == 3 || genericVpnProfile.status == 1) {
                    boolean z6 = true;
                    boolean z7 = true;
                    if (bindVpnVendor == null) {
                        z6 = false;
                    } else if (bindVpnVendor.getVpnProfile(genericVpnProfile.profileName) == null) {
                        z6 = addNewVpnProfile(bindVpnVendor, genericVpnProfile, false);
                    }
                    if (z4 && genericVpnProfile.profileAttribute.vpnRouteType == 0 && isContainerPolicyAllowed()) {
                        if (iGenericVpnPolicy != null) {
                            genericVpnProfile.profileName = str2;
                            genericVpnProfile.profileAttribute.profileName = str2;
                            if (iGenericVpnPolicy.getVpnProfile(genericVpnProfile.profileName) == null) {
                                z7 = addNewVpnProfile(iGenericVpnPolicy, genericVpnProfile, true);
                            }
                        } else {
                            z7 = false;
                        }
                    }
                    z3 = z6 & z7;
                    if (z3) {
                        i2++;
                    }
                    int i4 = z3 ? 1 : (!z6 || z7) ? (z6 || !z7) ? 0 : 3 : 3;
                    hashMap.put("knox_vpn_account_name" + str, Boolean.valueOf(z3));
                    if (z) {
                        KnoxProviderUtils.updateVpnProfile(str, i4);
                    } else {
                        KnoxProviderUtils.updateGenericVpnProfile(str, i4);
                    }
                } else if (genericVpnProfile.status == 2) {
                    if (bindVpnVendor != null) {
                        removeVpnProfileFromVPNClient(bindVpnVendor, genericVpnProfile, false);
                    }
                    if (z4 && iGenericVpnPolicy != null && genericVpnProfile.profileAttribute.vpnRouteType == 0 && isContainerPolicyAllowed()) {
                        genericVpnProfile.profileName = str2;
                        genericVpnProfile.profileAttribute.profileName = str2;
                        removeVpnProfileFromVPNClient(iGenericVpnPolicy, genericVpnProfile, true);
                    }
                    i2++;
                    removeCertFile(genericVpnProfile);
                    if (z) {
                        KnoxProviderUtils.deleteVpnProfile(str);
                    } else {
                        KnoxProviderUtils.deleteGenericVpnProfile(str);
                    }
                }
            }
            reapplyPerAppVpnPolicy(z);
        } catch (IllegalArgumentException e) {
            LogUtil.warning(this.TAG, "Failed to apply generic knox vpn policy. \n" + e);
        } catch (IllegalStateException e2) {
            LogUtil.error(this.TAG, "IllegalStateException: " + e2);
        } catch (SecurityException e3) {
            LogUtil.warning(this.TAG, "Failed to apply generic knox vpn policy. \n" + e3);
        } catch (UnsupportedOperationException e4) {
            LogUtil.error(this.TAG, "UnsupportedOperationException: " + e4);
        }
        KnoxNotificationUtils.notify("knox_vpn_account", i, i2, hashMap);
        return z3;
    }

    @Override // com.centrify.agent.samsung.knox.AbstractKnoxPolicyManager
    protected boolean isContainerPolicy() {
        return false;
    }

    /* JADX WARN: Type inference failed for: r0v0, types: [com.centrify.agent.samsung.knox.agent.AbstractKnoxManager] */
    protected boolean isContainerPolicyAllowed() {
        return getKnoxManger().isContainerReady();
    }

    /* JADX WARN: Type inference failed for: r0v0, types: [com.centrify.agent.samsung.knox.agent.AbstractKnoxManager] */
    /* JADX WARN: Type inference failed for: r0v1, types: [com.centrify.agent.samsung.knox.agent.AbstractKnoxManager] */
    protected void reapplyPerAppVpnPolicy(boolean z) {
        if (z) {
            LogUtil.debug(this.TAG, "Knox ipsec generic vpn policy applied, try to re-apply Per-App-VPN/Per-Device-App-VPN settings");
            ?? knoxManger = getKnoxManger();
            knoxManger.applyPerDeviceAppVpnPolicy(true);
            if (isContainerPolicyAllowed()) {
                knoxManger.applyPerAppVpnPolicy(true);
                return;
            }
            return;
        }
        LogUtil.debug(this.TAG, "Knox generic vpn policy applied, try to re-apply Per-App-VPN/Per-Device-App-VPN settings");
        ?? knoxManger2 = getKnoxManger();
        knoxManger2.applyGenericPerDeviceAppVpnPolicy(true);
        if (isContainerPolicyAllowed()) {
            knoxManger2.applyGenericPerAppVpnPolicy(true);
        }
    }
}
