package com.checkpoint.vpnsdk;

import android.content.Context;
import android.content.Intent;
import android.os.ParcelFileDescriptor;
import android.util.Log;
import com.checkpoint.urlrsdk.UrlReputationSdk;
import com.checkpoint.urlrsdk.model.ActionResolver;
import com.checkpoint.vpnsdk.core.EventWrapper;
import com.checkpoint.vpnsdk.core.VpnCoreManager;
import com.checkpoint.vpnsdk.demuxer.TunnelSplitterManager;
import com.checkpoint.vpnsdk.dns.TrafficInterceptorManager;
import com.checkpoint.vpnsdk.interfaces.LogListener;
import com.checkpoint.vpnsdk.interfaces.c;
import com.checkpoint.vpnsdk.interfaces.e;
import com.checkpoint.vpnsdk.interfaces.f;
import com.checkpoint.vpnsdk.log.LogController;
import com.checkpoint.vpnsdk.model.LoginLogDetails;
import com.checkpoint.vpnsdk.model.LoginParameters;
import com.checkpoint.vpnsdk.model.RouteDestination;
import com.checkpoint.vpnsdk.model.SetupResult;
import com.checkpoint.vpnsdk.model.TunnelConfiguration;
import com.checkpoint.vpnsdk.model.TunnelType;
import com.checkpoint.vpnsdk.model.VpnConfiguration;
import com.checkpoint.vpnsdk.model.VpnGwConfiguration;
import com.checkpoint.vpnsdk.model.VpnStatus;
import com.checkpoint.vpnsdk.utils.CrashLogUtils;
import com.checkpoint.vpnsdk.utils.b;
import com.checkpoint.vpnsdk.utils.h;
import com.checkpoint.vpnsdk.utils.i;
import java.util.EnumSet;
import java.util.Locale;
import java.util.UUID;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.TimeUnit;

/* loaded from: classes.dex */
public class VpnSdkManager implements LogListener, com.checkpoint.vpnsdk.interfaces.a, c {
    private static final String TAG = "VpnSdkManager";
    private final ActionResolver mActionResolver;
    private final Context mContext;
    private TunnelConfiguration mCurrentTunnelConf;
    private LoginParameters mLogParam;
    private final EnumSet<b> mModes;
    private int[] mPipe;
    private ScheduledFuture<?> mReauthFuture;
    private i mSecret;
    private TrafficInterceptorManager mTrafficIntMngr;
    private TunnelSplitterManager mTunnelSplitterManager;
    private final e mVpnCallbacks;
    private final VpnConfiguration mVpnConfiguration;
    private UUID mVpnId;
    private VpnCoreManager mVpnManager;
    private Runnable reuath;

    /* loaded from: classes.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        private final Context f4662a;

        /* renamed from: b, reason: collision with root package name */
        private EnumSet<b> f4663b;

        /* renamed from: c, reason: collision with root package name */
        private VpnConfiguration f4664c;

        /* renamed from: d, reason: collision with root package name */
        private e f4665d;

        /* renamed from: e, reason: collision with root package name */
        private ActionResolver f4666e;

        /* renamed from: f, reason: collision with root package name */
        private UUID f4667f;

        /* renamed from: g, reason: collision with root package name */
        private LogListener f4668g;

        public a(Context context) {
            this.f4662a = context;
        }

        public a a(ActionResolver actionResolver) {
            this.f4666e = actionResolver;
            return this;
        }

        public a a(EnumSet<b> enumSet) {
            this.f4663b = enumSet;
            return this;
        }

        public VpnSdkManager a() {
            if (this.f4663b == null) {
                throw new IllegalStateException("modes must be set");
            }
            if (this.f4663b.contains(b.TUNNEL)) {
                if (this.f4664c == null && this.f4667f != null) {
                    throw new IllegalStateException("VPN configuration must be set for TUNNEL mode");
                }
                if (this.f4665d == null) {
                    throw new IllegalStateException("VPN callbacks must be set for TUNNEL mode");
                }
                if (this.f4667f == null && this.f4664c != null) {
                    throw new IllegalStateException("VPN configuration id must be set for TUNNEL mode");
                }
            }
            if (this.f4663b.contains(b.URLR) && this.f4666e == null) {
                throw new IllegalStateException("action resolver must be set for URLR mode");
            }
            return new VpnSdkManager(this.f4662a, this.f4663b, this.f4664c, this.f4665d, this.f4667f, this.f4666e, this.f4668g);
        }
    }

    /* loaded from: classes.dex */
    public enum b {
        TUNNEL,
        URLR
    }

    private VpnSdkManager(Context context, EnumSet<b> enumSet, VpnConfiguration vpnConfiguration, e eVar, UUID uuid, ActionResolver actionResolver, LogListener logListener) {
        this.mPipe = null;
        this.reuath = new Runnable() { // from class: com.checkpoint.vpnsdk.VpnSdkManager.1
            @Override // java.lang.Runnable
            public void run() {
                if (VpnSdkManager.this.mVpnManager == null) {
                    UrlReputationSdk.LogE(VpnSdkManager.TAG, "In reauth, but no VpnCoreManager");
                    return;
                }
                if (VpnSdkManager.this.mVpnManager.getStatus(false).getStatus() == VpnStatus.Status.CONNECTED) {
                    UrlReputationSdk.LogW(VpnSdkManager.TAG, "can't re-auth while under MITM attack");
                    return;
                }
                TunnelConfiguration reAuth = VpnSdkManager.this.mVpnManager.reAuth(VpnSdkManager.this.mSecret.b(), VpnSdkManager.this.mLogParam);
                if (reAuth == null || reAuth.getStatus() != TunnelConfiguration.Status.SUCCESS) {
                    return;
                }
                VpnSdkManager.this.mCurrentTunnelConf = reAuth;
                VpnSdkManager.this.scheduleReAuth();
            }
        };
        UrlReputationSdk.LogV(TAG, "created");
        this.mContext = context;
        this.mModes = enumSet;
        this.mVpnConfiguration = vpnConfiguration;
        this.mVpnCallbacks = eVar;
        this.mVpnId = uuid;
        this.mActionResolver = actionResolver;
        LogController.Init(context);
        if (logListener != null) {
            LogController.setLogListener(logListener);
        } else {
            LogController.setLogListener(this);
        }
        CrashLogUtils.initGoogleBreakpad(context.getDir("crash_dump", 0).getAbsolutePath());
        h.a(new b.a(context), 2000L);
    }

    private boolean ensureVpn() {
        if (this.mVpnManager != null) {
            return true;
        }
        this.mVpnManager = new VpnCoreManager();
        boolean init = this.mVpnManager.init();
        if (init) {
            com.checkpoint.vpnsdk.log.a.a(this.mVpnManager.getLogStream());
        }
        return init;
    }

    private boolean restoreUrlr() {
        ParcelFileDescriptor restoreTun = this.mTrafficIntMngr.restoreTun();
        boolean b2 = this.mTunnelSplitterManager.b();
        this.mTunnelSplitterManager.a(restoreTun);
        return b2;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void scheduleReAuth() {
        long j2;
        if (this.mCurrentTunnelConf == null || this.mCurrentTunnelConf.getStatus() != TunnelConfiguration.Status.SUCCESS) {
            return;
        }
        long expiration = ((this.mCurrentTunnelConf.getExpiration() * 1000) - System.currentTimeMillis()) / 1000;
        if (expiration > TimeUnit.MINUTES.toSeconds(5L)) {
            j2 = expiration - TimeUnit.MINUTES.toSeconds(5L);
        } else {
            j2 = expiration - 5;
            if (j2 < 0) {
                j2 = 1;
            }
        }
        UrlReputationSdk.LogV(TAG, String.format(Locale.US, "scheduling re-authentication in %d seconds", Long.valueOf(j2)));
        this.mReauthFuture = h.a(this.reuath, j2 * 1000);
    }

    private boolean stopAll() {
        if (this.mReauthFuture != null) {
            this.mReauthFuture.cancel(true);
            this.mReauthFuture = null;
        }
        return stopTunnelSplitter() && stopVpn() && stopUrlr();
    }

    private boolean stopTunnelSplitter() {
        if (this.mTunnelSplitterManager == null) {
            return true;
        }
        return this.mTunnelSplitterManager.f();
    }

    private boolean stopUrlr() {
        return TrafficInterceptorManager.stopService(this.mContext);
    }

    private boolean stopVpn() {
        if (this.mVpnManager == null) {
            return true;
        }
        return this.mVpnManager.stop();
    }

    public void addDnsChangeListener(com.checkpoint.vpnsdk.interfaces.b bVar) {
        this.mTrafficIntMngr.addDnsChangeListener(bVar);
    }

    public int getLogLevel() {
        return LogController.getLogLevel();
    }

    public com.checkpoint.urlrsdk.model.a getMitmMitigationStatus() {
        if (this.mVpnManager == null) {
            return com.checkpoint.urlrsdk.model.a.NOT_CONFIGURED;
        }
        switch (this.mVpnManager.getStatus(false).getStatus()) {
            case NOT_INITIALIZED:
                return com.checkpoint.urlrsdk.model.a.NOT_CONFIGURED;
            case NOT_CONFIGURED:
                return com.checkpoint.urlrsdk.model.a.NOT_CONFIGURED;
            case DISCONNECTED:
                return com.checkpoint.urlrsdk.model.a.NOT_STARTED;
            case CONNECTED:
                return com.checkpoint.urlrsdk.model.a.STARTED;
            case RECONNECTING:
                return com.checkpoint.urlrsdk.model.a.RECONNECTING;
            default:
                return com.checkpoint.urlrsdk.model.a.NOT_CONFIGURED;
        }
    }

    @Override // com.checkpoint.vpnsdk.interfaces.a
    public boolean onConnected(TunnelConfiguration tunnelConfiguration) {
        UrlReputationSdk.LogV(TAG, "onConnected()");
        this.mCurrentTunnelConf = tunnelConfiguration;
        if (!this.mModes.contains(b.URLR)) {
            return false;
        }
        if (this.mTunnelSplitterManager == null) {
            this.mTunnelSplitterManager = new TunnelSplitterManager(this.mContext, this.mTrafficIntMngr);
        }
        if (tunnelConfiguration == null || tunnelConfiguration.getStatus() != TunnelConfiguration.Status.SUCCESS) {
            UrlReputationSdk.LogE(TAG, "failed to initialize TunnelSplitter");
            return true;
        }
        scheduleReAuth();
        return true;
    }

    @Override // com.checkpoint.vpnsdk.interfaces.c
    public void onError() {
        UrlReputationSdk.LogD(TAG, "onError()");
        UUID connectedId = this.mVpnManager != null ? this.mVpnManager.getConnectedId() : null;
        stopAll();
        boolean z = true;
        if (this.mCurrentTunnelConf != null && this.mCurrentTunnelConf.getExpiration() * 1000 > System.currentTimeMillis()) {
            if (connectedId != null) {
                startMitmMitigation();
            }
            z = false;
        }
        if (z) {
            TrafficInterceptorManager.startService(this.mContext);
        }
    }

    @Override // com.checkpoint.vpnsdk.interfaces.LogListener
    public void onLog(int i2, String str) {
        switch (i2) {
            case 1:
                Log.e("onLog", str);
                return;
            case 2:
                Log.w("onLog", str);
                return;
            case 3:
                Log.i("onLog", str);
                return;
            case 4:
                Log.d("onLog", str);
                return;
            case 5:
                Log.v("onLog", str);
                return;
            default:
                return;
        }
    }

    @Override // com.checkpoint.vpnsdk.interfaces.c
    public void onRevoke() {
        UrlReputationSdk.LogD(TAG, "onRevoke()");
        stopAll();
        UrlReputationSdk.getContext().sendBroadcast(new Intent(UrlReputationSdk.getACTION_REVOKED(UrlReputationSdk.getContext())));
    }

    public boolean removeDnsChangeListener(com.checkpoint.vpnsdk.interfaces.b bVar) {
        return this.mTrafficIntMngr.removeDnsChangeListener(bVar);
    }

    public void setLogLevel(int i2) {
        LogController.setLogLevel(i2);
    }

    public void setTrafficIntMngr(TrafficInterceptorManager trafficInterceptorManager) {
        this.mTrafficIntMngr = trafficInterceptorManager;
    }

    public synchronized SetupResult setupMitmMitigation(VpnGwConfiguration vpnGwConfiguration, LoginLogDetails loginLogDetails, f fVar, char[] cArr) {
        if (!ensureVpn()) {
            UrlReputationSdk.LogE(TAG, "failed to initialize VPN");
            return SetupResult.INTERNAL_ERROR;
        }
        VpnStatus.Status status = this.mVpnManager.getStatus(false).getStatus();
        if (status != VpnStatus.Status.CONNECTED && status != VpnStatus.Status.RECONNECTING) {
            if (!this.mVpnManager.registerCallbacks(new EventWrapper(fVar), this.mTrafficIntMngr)) {
                UrlReputationSdk.LogE(TAG, "failed to register VPN callbacks");
                return SetupResult.INTERNAL_ERROR;
            }
            UUID id = this.mVpnManager.getId(vpnGwConfiguration.GW, vpnGwConfiguration.port, vpnGwConfiguration.fingerprint, vpnGwConfiguration.CN);
            if (id == null) {
                try {
                    VpnConfiguration a2 = this.mVpnManager.getConfigurationBuilder().a(vpnGwConfiguration.GW).a(vpnGwConfiguration.port).a(TunnelType.IPSEC).b(vpnGwConfiguration.fingerprint).c(vpnGwConfiguration.CN).a(VpnConfiguration.LegacyAuthMethod.UserPassword).d(vpnGwConfiguration.user).a();
                    if (a2 == null) {
                        UrlReputationSdk.LogE(TAG, "failed to add configuration");
                        return SetupResult.SAVE_CONF_FAILED;
                    }
                    id = this.mVpnManager.addConfiguration(a2);
                } catch (Exception e2) {
                    e2.printStackTrace();
                    UrlReputationSdk.LogE(TAG, "failed to create configuration");
                    return SetupResult.CONFIGURATION_FAILED;
                }
            }
            this.mLogParam = com.checkpoint.vpnsdk.utils.f.a(this.mContext, loginLogDetails.client_name, loginLogDetails.client_version, loginLogDetails.client_build, loginLogDetails.device_id);
            this.mSecret = new i(cArr);
            if (this.mVpnManager.halfStart(id, this.mLogParam, cArr, this)) {
                return SetupResult.SUCCESS;
            }
            UrlReputationSdk.LogE(TAG, "halfStart() failed");
            return SetupResult.NEGOTIATION_FAILED;
        }
        UrlReputationSdk.LogW(TAG, "setupMitmMitigation(): already started");
        return SetupResult.INTERNAL_ERROR;
    }

    public synchronized boolean startMitmMitigation() {
        if (this.mCurrentTunnelConf == null) {
            UrlReputationSdk.LogW(TAG, "startMitmMitigation() called but we don't have tunnel configuration");
            return false;
        }
        if (System.currentTimeMillis() >= this.mCurrentTunnelConf.getExpiration() * 1000) {
            UrlReputationSdk.LogE(TAG, "startMitmMitigation() called, but tunnel expired");
            return false;
        }
        if (this.mTunnelSplitterManager.a() && this.mTunnelSplitterManager.d()) {
            this.mTunnelSplitterManager.e();
            ParcelFileDescriptor establishWithVpn = this.mTrafficIntMngr.establishWithVpn(this.mCurrentTunnelConf, this);
            boolean c2 = this.mTunnelSplitterManager.c();
            if (this.mVpnManager.startTunnel(this.mPipe, this.mContext) == 0) {
                this.mTunnelSplitterManager.a(establishWithVpn);
                return c2;
            }
            UrlReputationSdk.LogE(TAG, "startTunnel() failed");
            restoreUrlr();
            return false;
        }
        if (this.mTrafficIntMngr.isStarted()) {
            this.mTrafficIntMngr.stop(this.mContext);
        }
        this.mPipe = this.mTunnelSplitterManager.a(this.mCurrentTunnelConf, this);
        if (this.mPipe != null && this.mPipe.length == 2) {
            if (this.mVpnManager.startTunnel(this.mPipe, this.mContext) != 0) {
                UrlReputationSdk.LogE(TAG, "startTunnel() failed");
                return false;
            }
            return this.mTunnelSplitterManager.a((RouteDestination[]) this.mCurrentTunnelConf.getRoutes().toArray(), this.mCurrentTunnelConf.isFullTunnel());
        }
        UrlReputationSdk.LogE(TAG, "TunnelSplitter initialization failed");
        return false;
    }

    public boolean stop() {
        return this.mModes.size() == 1 ? this.mModes.contains(b.TUNNEL) ? stopVpn() : stopUrlr() : stopAll();
    }

    public synchronized boolean stopMitmMitigation() {
        UrlReputationSdk.LogD(TAG, "stopMitmMitigation()");
        if (this.mPipe == null) {
            UrlReputationSdk.LogW(TAG, "stopMitmMitigation: no pipe");
            return false;
        }
        if (!this.mTunnelSplitterManager.a()) {
            UrlReputationSdk.LogW(TAG, "stopMitmMitigation: not started");
            return false;
        }
        this.mTunnelSplitterManager.e();
        boolean restoreUrlr = restoreUrlr();
        this.mVpnManager.disconnect();
        this.mCurrentTunnelConf = this.mVpnManager.reAuth(this.mSecret.b(), this.mLogParam);
        return restoreUrlr;
    }
}
