package com.sevenprinciples.mdm.android.client.thirdparty.samsung;

import android.util.Base64;
import com.microsoft.identity.common.java.dto.Credential;
import com.samsung.android.knox.EnterpriseKnoxManager;
import com.samsung.android.knox.net.vpn.VpnAdminProfile;
import com.samsung.android.knox.net.vpn.VpnPolicy;
import com.sevenprinciples.mdm.android.client.base.logger.AppLog;
import com.sevenprinciples.mdm.android.client.base.tools.StringHelper;
import com.sevenprinciples.mdm.android.client.main.MDMErrorCodes;
import com.sevenprinciples.mdm.android.client.thirdparty.generic.Call;
import com.sevenprinciples.mdm.android.client.thirdparty.generic.Payload;
import com.sevenprinciples.mdm.android.client.thirdparty.samsung.core.EnterpriseVpnConnection;
import com.sevenprinciples.mdm.android.client.thirdparty.samsung.core.EnterpriseVpnPolicy;
import com.sevenprinciples.mdm.android.client.thirdparty.samsung.core.KNOX3;
import com.sevenprinciples.mdm.android.client.thirdparty.samsung.knox.KnoxPerAppVpnController;
import com.sevenprinciples.mdm.android.client.ui.DefaultActivity;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class CallVpnPolicy extends Call {
    public CallVpnPolicy(Payload payload, JSONObject jSONObject, String str, JSONObject jSONObject2) {
        super(payload, jSONObject, str, jSONObject2);
    }

    private boolean createAnyconnectConnection(EnterpriseVpnPolicy enterpriseVpnPolicy) {
        EnterpriseVpnConnection enterpriseVpnConnection = new EnterpriseVpnConnection();
        enterpriseVpnConnection.name = getS("profileName");
        enterpriseVpnConnection.host = getS("serverName");
        enterpriseVpnConnection.type = EnterpriseVpnPolicy.VPN_TYPE_ANYCONNECT;
        enterpriseVpnConnection.setCertAuthMode(EnterpriseVpnPolicy.VPN_CERT_TYPE_AUTOMATIC);
        try {
            boolean enterpriseVpnConnection2 = enterpriseVpnPolicy.setEnterpriseVpnConnection(enterpriseVpnConnection, null);
            if (enterpriseVpnConnection2) {
                AppLog.d(TAG, "Set EnterpriseVpnConnection is Success");
            } else {
                AppLog.d(TAG, "Set EnterpriseVpnConnection is Failure");
            }
            return enterpriseVpnConnection2;
        } catch (SecurityException e) {
            AppLog.w(TAG, "SecurityException: " + e);
            return false;
        } catch (UnsupportedOperationException e2) {
            AppLog.w(TAG, "UnsupportedOperationException: " + e2);
            return false;
        }
    }

    private void createAnyconnectVPN() {
        AppLog.d(TAG, "Creating AnyConnect VPN profile");
        try {
            EnterpriseVpnPolicy enterpriseVPNPolicy = KNOX3.getEnterpriseVPNPolicy();
            boolean z = false;
            if (enterpriseVPNPolicy != null) {
                boolean installClientCertificate = enterpriseVPNPolicy.installClientCertificate(EnterpriseVpnPolicy.VPN_TYPE_ANYCONNECT, Base64.decode(getS("CertificateData"), 0), has("CertificatePassword") ? getS("CertificatePassword") : null);
                if (installClientCertificate) {
                    AppLog.d(TAG, "installClientCertificate is Success");
                    installClientCertificate = createAnyconnectConnection(enterpriseVPNPolicy);
                } else {
                    AppLog.d(TAG, "installClientCertificate is Failure");
                }
                z = installClientCertificate;
            } else {
                AppLog.d(TAG, "getEnterpriseVpnPolucy failure");
            }
            mustBeTrue(z);
        } catch (SecurityException e) {
            AppLog.w(TAG, "SecurityException: " + e);
        } catch (UnsupportedOperationException e2) {
            AppLog.w(TAG, "UnsupportedOperationException: " + e2);
        }
    }

    private boolean createJuniperConnection(EnterpriseVpnPolicy enterpriseVpnPolicy) {
        EnterpriseVpnConnection enterpriseVpnConnection = new EnterpriseVpnConnection();
        enterpriseVpnConnection.name = getS("profileName");
        enterpriseVpnConnection.host = getS("serverName");
        enterpriseVpnConnection.type = EnterpriseVpnPolicy.VPN_CERT_TYPE_AUTOMATIC;
        enterpriseVpnConnection.setCertAuthMode(EnterpriseVpnPolicy.VPN_CERT_TYPE_AUTOMATIC);
        try {
            boolean enterpriseVpnConnection2 = enterpriseVpnPolicy.setEnterpriseVpnConnection(enterpriseVpnConnection, null);
            if (enterpriseVpnConnection2) {
                AppLog.d(TAG, "Set EnterpriseVpnConnection is Success");
            } else {
                AppLog.d(TAG, "Set EnterpriseVpnConnection is Failure");
            }
            return enterpriseVpnConnection2;
        } catch (SecurityException e) {
            AppLog.w(TAG, "SecurityException: " + e);
            return false;
        } catch (UnsupportedOperationException e2) {
            AppLog.w(TAG, "UnsupportedOperationException: " + e2);
            return false;
        }
    }

    private void createJuniperVPN() {
        AppLog.d(TAG, "Creating Juniper VPN profile");
        try {
            EnterpriseVpnPolicy enterpriseVPNPolicy = KNOX3.getEnterpriseVPNPolicy();
            boolean z = false;
            if (enterpriseVPNPolicy != null) {
                boolean installClientCertificate = enterpriseVPNPolicy.installClientCertificate(EnterpriseVpnPolicy.VPN_TYPE_ANYCONNECT, Base64.decode(getS("CertificateData"), 0), has("CertificatePassword") ? getS("CertificatePassword") : null);
                if (installClientCertificate) {
                    AppLog.d(TAG, "installClientCertificate is Success");
                    installClientCertificate = createJuniperConnection(enterpriseVPNPolicy);
                } else {
                    AppLog.d(TAG, "installClientCertificate is Failure");
                }
                z = installClientCertificate;
            } else {
                AppLog.d(TAG, "getEnterpriseVpnPolucy failure");
            }
            mustBeTrue(z);
        } catch (SecurityException e) {
            AppLog.w(TAG, "SecurityException: " + e);
        } catch (UnsupportedOperationException e2) {
            AppLog.w(TAG, "UnsupportedOperationException: " + e2);
        }
    }

    private void disableCC() {
        try {
            AppLog.i(TAG, "Disabling CC mode:" + EnterpriseKnoxManager.getInstance(getContext()).getAdvancedRestrictionPolicy().setCCMode(false));
        } catch (Throwable th) {
            AppLog.w(TAG, "Can't disable CC mode:" + th.getMessage());
        }
    }

    public static String test(DefaultActivity defaultActivity) {
        try {
            return EnterpriseKnoxManager.getInstance(defaultActivity).getGenericVpnPolicy("com.cisco.anyconnect.vpn.android.avf", 0) == null ? "Package not found" : "Package found";
        } catch (SecurityException e) {
            AppLog.e(TAG, e.getMessage(), (Exception) e);
            return "ERROR:" + e.getMessage();
        }
    }

    private void unlockStorage() {
        try {
            SecurityPolicy securityPolicy = KNOX3.getSecurityPolicy();
            int credentialStorageStatus = securityPolicy.getCredentialStorageStatus();
            AppLog.i(TAG, "Really unlocking: " + credentialStorageStatus);
            switch (credentialStorageStatus) {
                case 2:
                    if (!securityPolicy.unlockCredentialStorage("")) {
                        setFailure(Call.ErrorTag.UnlockNotPossible);
                        break;
                    } else if (!waitToUnlock(securityPolicy)) {
                        setFailure(Call.ErrorTag.UserDidNotUnlock);
                        break;
                    } else {
                        AppLog.i(TAG, "unlocked");
                        break;
                    }
                case 3:
                case 4:
                case 6:
                case 7:
                case 8:
                case 9:
                case 10:
                    AppLog.w(TAG, "InvalidStatus:" + credentialStorageStatus);
                    break;
            }
        } catch (Throwable th) {
            AppLog.w(TAG, "Exception: " + th.getMessage());
        }
    }

    private boolean waitToUnlock(SecurityPolicy securityPolicy) throws InterruptedException {
        int i = 60;
        while (true) {
            int i2 = i - 1;
            if (i <= 0) {
                return false;
            }
            Thread.sleep(1000L);
            int credentialStorageStatus = securityPolicy.getCredentialStorageStatus();
            AppLog.i(TAG, "Credential storage status = " + credentialStorageStatus);
            if (credentialStorageStatus == 1) {
                return true;
            }
            i = i2;
        }
    }

    @Override // com.sevenprinciples.mdm.android.client.thirdparty.generic.Call
    public Call execute() throws Exception {
        VpnPolicy vpnPolicy = KNOX3.enterprise().getVpnPolicy();
        if (is("createProfile")) {
            vpnPolicy.deleteProfile(getS("profileName"));
            if (StringHelper.equals(getS("vpnType"), VpnAdminProfile.VPN_TYPE_IPSEC_XAUTH_PSK)) {
                disableCC();
                VpnAdminProfile vpnAdminProfile = new VpnAdminProfile();
                vpnAdminProfile.profileName = getS("profileName");
                vpnAdminProfile.serverName = getS("serverName");
                vpnAdminProfile.vpnType = VpnAdminProfile.VPN_TYPE_L2TP_IPSEC_PSK;
                vpnAdminProfile.userName = getS("userName");
                vpnAdminProfile.userPassword = getS("userPassword");
                vpnAdminProfile.l2tpSecret = getS(Credential.SerializedNames.SECRET);
                vpnAdminProfile.ipsecPreSharedKey = getS("IPSecPreSharedKey");
                mustBeTrue(vpnPolicy.createProfile(vpnAdminProfile));
                return this;
            }
            if (!StringHelper.equals(getS("vpnType"), VpnAdminProfile.VPN_TYPE_PPTP)) {
                setFailure(Call.ErrorTag.InvalidPackage);
                return this;
            }
            disableCC();
            VpnAdminProfile vpnAdminProfile2 = new VpnAdminProfile();
            vpnAdminProfile2.profileName = getS("profileName");
            vpnAdminProfile2.serverName = getS("serverName");
            vpnAdminProfile2.vpnType = VpnAdminProfile.VPN_TYPE_PPTP;
            vpnAdminProfile2.userName = getS("userName");
            vpnAdminProfile2.userPassword = getS("userPassword");
            vpnAdminProfile2.enablePPTPEncryption = true;
            mustBeTrue(vpnPolicy.createProfile(vpnAdminProfile2));
            return this;
        }
        if (is("addContainerPackagesToVpn")) {
            KnoxPerAppVpnController.addContainerPackagesToVpn(this);
        } else if (is("removeContainerPackagesFromVpn")) {
            KnoxPerAppVpnController.removeContainerPackagesFromVpn(this);
        } else if (is("removeAllContainerPackagesFromVpn")) {
            KnoxPerAppVpnController.removeAllContainerPackagesFromVpn(this);
        } else if (is("deleteProfile")) {
            vpnPolicy.deleteProfile(getS("profileName"));
            setSuccess(null);
        } else if (is("setUserPassword")) {
            mustBeTrue(vpnPolicy.setUserPassword(getS("profileName"), getS("userPassword")));
        } else if (is("setUserName")) {
            mustBeTrue(vpnPolicy.setUserName(getS("profileName"), getS("userName")));
        } else if (is("setServerName")) {
            vpnPolicy.setServerName(getS("profileName"), getS("serverName"));
            setSuccess(null);
        } else if (is("setProfileName")) {
            vpnPolicy.setProfileName(getS("oldProfileName"), getS("newProfileName"));
            setSuccess(null);
        } else if (is("setPPTPEncryptionEnabled")) {
            vpnPolicy.setPPTPEncryptionEnabled(getS("profileName"), getB("enabled"));
            setSuccess(null);
        } else if (is("setL2TPSecret")) {
            vpnPolicy.setL2TPSecret(getS("profileName"), getB("enabled"), getS(Credential.SerializedNames.SECRET));
            setSuccess(null);
        } else if (is("setIpSecIdentifier")) {
            mustBeTrue(vpnPolicy.setIpSecIdentifier(getS("profileName"), getS("IPSecIdentifier")));
        } else if (is("setId")) {
            vpnPolicy.setId(getS("profileName"), getS("id"));
            setSuccess(null);
        } else if (is("setIPSecUserCertificate")) {
            mustBeTrue(vpnPolicy.setIPSecUserCertificate(getS("profileName"), getS("certificate")));
        } else if (is("setIPSecPreSharedKey")) {
            mustBeTrue(vpnPolicy.setIPSecPreSharedKey(getS("profileName"), getS("psk")));
        } else if (is("setIPSecCaCertificate")) {
            mustBeTrue(vpnPolicy.setIPSecCaCertificate(getS("profileName"), getS("certificate")));
        } else if (is("setForwardRoutes")) {
            mustBeTrue(vpnPolicy.setForwardRoutes(getS("profileName"), getArray(getS("routes"))));
        } else if (is("setDnsServers")) {
            mustBeTrue(vpnPolicy.setDnsServers(getS("profileName"), getArray(getS("dnsServers"))));
        } else if (is("setDnsDomains")) {
            mustBeTrue(vpnPolicy.setDnsDomains(getS("profileName"), getArray(getS("searchDomains"))));
        } else if (is("isPPTPEncryptionEnabled")) {
            returnBoolean(Boolean.valueOf(vpnPolicy.isPPTPEncryptionEnabled(getS("profileName"))));
        } else if (is("isAdminProfile")) {
            returnBoolean(Boolean.valueOf(vpnPolicy.isAdminProfile(getS("profileName"))));
        } else if (is("getVpnList")) {
            setSuccess(concatArray(vpnPolicy.getVpnList()));
        } else if (is("getUserPassword")) {
            setSuccess(vpnPolicy.getUserPassword(getS("profileName")));
        } else if (is("getUserName")) {
            setSuccess(vpnPolicy.getUserName(getS("profileName")));
        } else if (is("getType")) {
            setSuccess(vpnPolicy.getType(getS("profileName")));
        } else if (is("getState")) {
            setSuccess(vpnPolicy.getState(getS("profileName")));
        } else if (is("getServerName")) {
            setSuccess(vpnPolicy.getServerName(getS("profileName")));
        } else if (is("getL2TPSecret")) {
            setSuccess(vpnPolicy.getL2TPSecret(getS("profileName")));
        } else if (is("getIpSecIdentifier")) {
            setSuccess(vpnPolicy.getIpSecIdentifier(getS("profileName")));
        } else if (is("getId")) {
            setSuccess(vpnPolicy.getId(getS("profileName")));
        } else if (is("getIPSecUserCertificate")) {
            setSuccess(vpnPolicy.getIPSecUserCertificate(getS("profileName")));
        } else if (is("getIPSecPreSharedKey")) {
            setSuccess(vpnPolicy.getIPSecPreSharedKey(getS("profileName")));
        } else if (is("getIPSecCaCertificate")) {
            setSuccess(vpnPolicy.getIPSecCaCertificate(getS("profileName")));
        } else if (is("getForwardRoutes")) {
            setSuccess(concatArray(vpnPolicy.getForwardRoutes(getS("profileName"))));
        } else if (is("getDnsServers")) {
            setSuccess(concatArray(vpnPolicy.getDnsServers(getS("profileName"))));
        } else if (is("getDnsDomains")) {
            setSuccess(concatArray(vpnPolicy.getDnsServers(getS("getDnsDomains"))));
        } else if (is("createPPTPProfile")) {
            VpnAdminProfile vpnAdminProfile3 = new VpnAdminProfile();
            vpnAdminProfile3.profileName = getS("profileName");
            vpnAdminProfile3.serverName = getS("serverName");
            vpnAdminProfile3.vpnType = VpnAdminProfile.VPN_TYPE_PPTP;
            vpnAdminProfile3.userName = getS("userName");
            vpnAdminProfile3.userPassword = getS("userPassword");
            vpnAdminProfile3.enablePPTPEncryption = true;
            mustBeTrue(vpnPolicy.createProfile(vpnAdminProfile3));
        } else if (is("createL2TPPSKProfile")) {
            VpnAdminProfile vpnAdminProfile4 = new VpnAdminProfile();
            vpnAdminProfile4.profileName = getS("profileName");
            vpnAdminProfile4.serverName = getS("serverName");
            vpnAdminProfile4.vpnType = VpnAdminProfile.VPN_TYPE_L2TP_IPSEC_PSK;
            vpnAdminProfile4.userName = getS("userName");
            vpnAdminProfile4.userPassword = getS("userPassword");
            vpnAdminProfile4.l2tpSecret = getS(Credential.SerializedNames.SECRET);
            vpnAdminProfile4.ipsecPreSharedKey = getS("IPSecPreSharedKey");
            mustBeTrue(vpnPolicy.createProfile(vpnAdminProfile4));
        } else {
            setFailure(Call.ErrorTag.UnknownFunction);
            getPayload().setErrorCode(MDMErrorCodes.ERROR_CODE_OPERATION_NOT_SUPPORTED);
        }
        return this;
    }

    public List<String> getStringList(String str) {
        if (str == null) {
            return new ArrayList();
        }
        try {
            String[] split = str.split(",");
            ArrayList arrayList = new ArrayList();
            Collections.addAll(arrayList, split);
            return arrayList;
        } catch (Exception unused) {
            return null;
        }
    }
}
