package net.soti.mobicontrol.vpn;

import android.content.BroadcastReceiver;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.os.Build;
import android.text.TextUtils;
import com.google.inject.Inject;
import com.lge.mdm.LGMDMManager;
import com.lge.mdm.config.LGMDMVpnProfile;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;
import net.soti.comm.McEvent;
import net.soti.comm.deploymentserver.DsMessages;
import net.soti.mobicontrol.BroadcastReceiver.BroadcastReceiverWrapper;
import net.soti.mobicontrol.admin.Admin;
import net.soti.mobicontrol.cert.CertificateMetadataStorage;
import net.soti.mobicontrol.common.R;
import net.soti.mobicontrol.exchange.BaseEasManager;
import net.soti.mobicontrol.logging.Logger;
import net.soti.mobicontrol.messagebus.MessageBus;
import net.soti.mobicontrol.util.Assert;
import net.soti.mobicontrol.util.StringUtils;

/* loaded from: classes.dex */
public class LgVpnSettingsManager implements VpnSettingsManager {
    private static final Set<String> AUTHENTEC_SUPPORTED_MODELS;
    private static final Pattern PATTERN_EMAIL = Pattern.compile("[\\w\\-\\.]+@[\\w\\-\\.]+\\.[\\w]{2,}");
    private static final Pattern PATTERN_IPV4 = Pattern.compile("(([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.){3}([01]?\\d\\d?|2[0-4]\\d|25[0-5])");
    private static final Pattern PATTERN_IPV6 = Pattern.compile("([0-9a-f]{1,4}:){7}([0-9a-f]){1,4}");
    private static final Set<String> SUPPORTED_VPN_TYPES = new HashSet();
    private static final String TAG = "LG_MDM_VPN";
    public static final String VPN_TYPE_IPSEC_EAP = "IPSEC_EAP";
    public static final String VPN_TYPE_L2TP = "L2TP";
    public static final String VPN_TYPE_L2TP_IPSEC_CRT = "L2TP_IPSEC_CRT";
    public static final String VPN_TYPE_L2TP_IPSEC_PSK = "L2TP_IPSEC_PSK";
    public static final String VPN_TYPE_PPTP = "PPTP";
    private final CertificateMetadataStorage certificateMetadataStorage;
    private final Context context;
    private final ComponentName deviceAdmin;
    private final LGMDMManager lgMdmManager;
    private final Logger logger;
    private final MessageBus messageBus;
    private final BroadcastReceiver vpnConfigResultReceiver = new BroadcastReceiverWrapper() { // from class: net.soti.mobicontrol.vpn.LgVpnSettingsManager.1
        @Override // net.soti.mobicontrol.BroadcastReceiver.BroadcastReceiverWrapper, net.soti.mobicontrol.BroadcastReceiver.BroadcastProcessor
        public void onProcess(Context context, Intent intent) {
            if (intent.getAction().equals("com.lge.mdm.intent.action.VPN_CONFIGURATION_RESULT")) {
                String stringExtra = intent.getStringExtra("configCommand");
                if (!intent.getStringExtra("configResult").equals("fail")) {
                    LgVpnSettingsManager.this.logger.info(String.format("[%s] Command {%s} success", LgVpnSettingsManager.TAG, stringExtra));
                    return;
                }
                String stringExtra2 = intent.getStringExtra("failReason");
                LgVpnSettingsManager.this.sendMessageToDs(context.getString(R.string.error_vpn_config, stringExtra, stringExtra2));
                LgVpnSettingsManager.this.logger.error(String.format("[%s] Command {%s} failed, reason=%s", LgVpnSettingsManager.TAG, stringExtra, stringExtra2), new Object[0]);
            }
        }
    };

    static {
        SUPPORTED_VPN_TYPES.add(VPN_TYPE_PPTP);
        SUPPORTED_VPN_TYPES.add(VPN_TYPE_L2TP);
        SUPPORTED_VPN_TYPES.add(VPN_TYPE_L2TP_IPSEC_PSK);
        SUPPORTED_VPN_TYPES.add(VPN_TYPE_L2TP_IPSEC_CRT);
        SUPPORTED_VPN_TYPES.add(VPN_TYPE_IPSEC_EAP);
        AUTHENTEC_SUPPORTED_MODELS = new HashSet();
        AUTHENTEC_SUPPORTED_MODELS.add("VS930");
        AUTHENTEC_SUPPORTED_MODELS.add("VS930 4G");
        AUTHENTEC_SUPPORTED_MODELS.add("VS950");
        AUTHENTEC_SUPPORTED_MODELS.add("VS950 4G");
    }

    @Inject
    public LgVpnSettingsManager(LGMDMManager lGMDMManager, @Admin ComponentName componentName, Context context, MessageBus messageBus, CertificateMetadataStorage certificateMetadataStorage, Logger logger) {
        Assert.notNull(lGMDMManager, "lgMdmManager parameter can't be null.");
        Assert.notNull(componentName, "deviceAdmin parameter can't be null.");
        Assert.notNull(messageBus, "messageBus parameter can't be null.");
        Assert.notNull(certificateMetadataStorage, "certificateMetadataStorage parameter can't be null.");
        this.certificateMetadataStorage = certificateMetadataStorage;
        this.lgMdmManager = lGMDMManager;
        this.deviceAdmin = componentName;
        this.messageBus = messageBus;
        this.logger = logger;
        this.context = context;
        context.registerReceiver(this.vpnConfigResultReceiver, new IntentFilter("com.lge.mdm.intent.action.VPN_CONFIGURATION_RESULT"));
    }

    private static LGMDMVpnProfile.IPSEC_IKE_ID_TYPES convertIKEToLGType(int i) {
        switch (i) {
            case 0:
                return LGMDMVpnProfile.IPSEC_IKE_ID_TYPES.IPSEC_IKE_ID_TYPE_EMAIL_ADDRESS;
            case 1:
                return LGMDMVpnProfile.IPSEC_IKE_ID_TYPES.IPSEC_IKE_ID_TYPE_DN;
            case 2:
                return LGMDMVpnProfile.IPSEC_IKE_ID_TYPES.IPSEC_IKE_ID_TYPE_DNS;
            case 3:
                return LGMDMVpnProfile.IPSEC_IKE_ID_TYPES.IPSEC_IKE_ID_TYPE_KEY_ID;
            case 4:
                return LGMDMVpnProfile.IPSEC_IKE_ID_TYPES.IPSEC_IKE_ID_TYPE_IP;
            default:
                return LGMDMVpnProfile.IPSEC_IKE_ID_TYPES.IPSEC_IKE_ID_TYPE_EMAIL_ADDRESS;
        }
    }

    private void convertL2TpSettings(BaseVpnSettings baseVpnSettings, LGMDMVpnProfile lGMDMVpnProfile) {
        L2tpVpnSettings l2tpVpnSettings = (L2tpVpnSettings) baseVpnSettings;
        lGMDMVpnProfile.type = 1;
        if (l2tpVpnSettings.getUserCertificateIssuer() != null && l2tpVpnSettings.getUserCertificateSn() != null && l2tpVpnSettings.getCaCertificateIssuer() != null && l2tpVpnSettings.getCaCertificateSn() != null) {
            lGMDMVpnProfile.type = 2;
        } else if (l2tpVpnSettings.getCaCertificateIssuer() != null && l2tpVpnSettings.getCaCertificateSn() != null && l2tpVpnSettings.getIkeIdValue() != null) {
            lGMDMVpnProfile.type = 5;
        }
        boolean isAuthentecVpnSupported = isAuthentecVpnSupported();
        this.logger.info("[%s] VPN profile calculated=%s, Authentec VPN supported=%s", TAG, Integer.valueOf(lGMDMVpnProfile.type), Boolean.valueOf(isAuthentecVpnSupported));
        if ((!isAuthentecVpnSupported || lGMDMVpnProfile.type != 2) && lGMDMVpnProfile.type != 5) {
            lGMDMVpnProfile.ipsecSecret = fixNull(l2tpVpnSettings.getIpsecPsk());
            if (lGMDMVpnProfile.type != 1) {
                lGMDMVpnProfile.type = 1;
            }
            if (isAuthentecVpnSupported) {
                lGMDMVpnProfile.template = LGMDMVpnProfile.TEMPLATES.IPSEC_PSK_TEMPLATE_V1;
                lGMDMVpnProfile.ikeIdType = convertIKEToLGType(l2tpVpnSettings.getIkeIdType().intValue());
                lGMDMVpnProfile.IkeIdValue = l2tpVpnSettings.getIkeIdValue();
                verifyIKEValue(lGMDMVpnProfile);
                return;
            }
            return;
        }
        if (lGMDMVpnProfile.type != 2) {
            lGMDMVpnProfile.ipsecCaCert = this.certificateMetadataStorage.findAlias(l2tpVpnSettings.getCaCertificateIssuer(), l2tpVpnSettings.getCaCertificateSn());
            lGMDMVpnProfile.ikeIdType = convertIKEToLGType(l2tpVpnSettings.getIkeIdType().intValue());
            lGMDMVpnProfile.IkeIdValue = l2tpVpnSettings.getIkeIdValue();
            verifyIKEValue(lGMDMVpnProfile);
            return;
        }
        lGMDMVpnProfile.template = LGMDMVpnProfile.TEMPLATES.IPSEC_CRT_TEMPLATE_V1;
        lGMDMVpnProfile.ipsecUserCert = this.certificateMetadataStorage.findAlias(l2tpVpnSettings.getUserCertificateIssuer(), l2tpVpnSettings.getUserCertificateSn());
        lGMDMVpnProfile.ipsecCaCert = this.certificateMetadataStorage.findAlias(l2tpVpnSettings.getCaCertificateIssuer(), l2tpVpnSettings.getCaCertificateSn());
        this.logger.debug("[LgVpnSettingsManager][convertL2TpSettings] certsInstalled=%s,\nUser cert='%s', \nCA cert='%s'", StringUtils.join(this.lgMdmManager.enumCertificateId(this.deviceAdmin), BaseEasManager.COMPOSITE_ID_SEPARATOR), lGMDMVpnProfile.ipsecUserCert, lGMDMVpnProfile.ipsecCaCert);
    }

    private boolean createVpnProfile(BaseVpnSettings baseVpnSettings) {
        String profileName = baseVpnSettings.getProfileName();
        Assert.isTrue(vpnProfileNameToLGMDMVpnProfile(profileName) == null, "No known matching profile must exist");
        LGMDMVpnProfile fromSotiVpnSettingsToLGMDMVpnProfile = fromSotiVpnSettingsToLGMDMVpnProfile(baseVpnSettings, false);
        if (fromSotiVpnSettingsToLGMDMVpnProfile == null) {
            return false;
        }
        this.lgMdmManager.addVpnProfile(this.deviceAdmin, fromSotiVpnSettingsToLGMDMVpnProfile);
        this.logger.info("[%s] Created VPN profile: %s", TAG, profileName);
        return true;
    }

    private static String fixNull(String str) {
        return str == null ? "" : str;
    }

    private LGMDMVpnProfile fromSotiVpnSettingsToLGMDMVpnProfile(BaseVpnSettings baseVpnSettings, boolean z) {
        LGMDMVpnProfile vpnProfileNameToLGMDMVpnProfile;
        String profileName = baseVpnSettings.getProfileName();
        if (!z && (vpnProfileNameToLGMDMVpnProfile = vpnProfileNameToLGMDMVpnProfile(profileName)) != null) {
            return vpnProfileNameToLGMDMVpnProfile;
        }
        if (!isVpnTypeSupported(baseVpnSettings)) {
            this.logger.error("[%s] Failed deriving LG Vpn profile, as type is not supported", TAG);
            return null;
        }
        LGMDMVpnProfile lGMDMVpnProfile = new LGMDMVpnProfile();
        lGMDMVpnProfile.name = fixNull(profileName);
        lGMDMVpnProfile.server = fixNull(baseVpnSettings.getServerName());
        lGMDMVpnProfile.username = fixNull(getUserName(baseVpnSettings));
        lGMDMVpnProfile.password = fixNull(baseVpnSettings.getUserPassword());
        if (!fixNull(getVpnType(baseVpnSettings)).equals(VPN_TYPE_PPTP)) {
            convertL2TpSettings(baseVpnSettings, lGMDMVpnProfile);
            return lGMDMVpnProfile;
        }
        lGMDMVpnProfile.type = 0;
        lGMDMVpnProfile.mppe = ((PptpVpnSettings) baseVpnSettings).isEncryptionEnabled();
        return lGMDMVpnProfile;
    }

    private static String getUserName(BaseVpnSettings baseVpnSettings) {
        return TextUtils.isEmpty(baseVpnSettings.getUserDomain()) ? baseVpnSettings.getUserName() : String.format("%s\\%s", baseVpnSettings.getUserDomain(), baseVpnSettings.getUserName());
    }

    private static String getVpnType(BaseVpnSettings baseVpnSettings) {
        if (baseVpnSettings instanceof PptpVpnSettings) {
            return VPN_TYPE_PPTP;
        }
        if (!(baseVpnSettings instanceof L2tpVpnSettings)) {
            return null;
        }
        L2tpVpnSettings l2tpVpnSettings = (L2tpVpnSettings) baseVpnSettings;
        return (l2tpVpnSettings.getUserCertificateIssuer() == null || l2tpVpnSettings.getUserCertificateSn() == null) ? TextUtils.isEmpty(l2tpVpnSettings.getIpsecPsk()) ? VPN_TYPE_L2TP : VPN_TYPE_L2TP_IPSEC_PSK : VPN_TYPE_L2TP_IPSEC_CRT;
    }

    private boolean isAuthentecVpnSupported() {
        return AUTHENTEC_SUPPORTED_MODELS.contains(Build.MODEL);
    }

    private static boolean isEmailAddressQualified(String str) {
        return !TextUtils.isEmpty(str) && PATTERN_EMAIL.matcher(str).matches();
    }

    private static boolean isIpAddressQualified(String str) {
        return !TextUtils.isEmpty(str) && (PATTERN_IPV4.matcher(str).matches() || PATTERN_IPV6.matcher(str).matches());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendMessageToDs(String str) {
        this.messageBus.sendMessageSilently(DsMessages.forEventLogMessage(str, McEvent.DEVICE_ERROR));
    }

    private boolean updateVpnProfile(String str, LGMDMVpnProfile lGMDMVpnProfile, LGMDMVpnProfile lGMDMVpnProfile2) {
        this.logger.debug("[%s] Old Profile=%s, New Profile=%s", TAG, lGMDMVpnProfile, lGMDMVpnProfile2);
        Assert.notNull(lGMDMVpnProfile2, "newVpnProfile parameter can't be null.");
        Assert.notNull(lGMDMVpnProfile, "oldVpnProfile parameter can't be null.");
        if (lGMDMVpnProfile2.equals(lGMDMVpnProfile)) {
            return false;
        }
        lGMDMVpnProfile.name = lGMDMVpnProfile2.name;
        lGMDMVpnProfile.type = lGMDMVpnProfile2.type;
        lGMDMVpnProfile.username = lGMDMVpnProfile2.username;
        lGMDMVpnProfile.password = lGMDMVpnProfile2.password;
        lGMDMVpnProfile.server = lGMDMVpnProfile2.server;
        if ((!isAuthentecVpnSupported() && lGMDMVpnProfile2.type != 0 && lGMDMVpnProfile2.type == 2) || lGMDMVpnProfile2.type == 5) {
            lGMDMVpnProfile2.type = 1;
        }
        switch (lGMDMVpnProfile2.type) {
            case 0:
                lGMDMVpnProfile.mppe = lGMDMVpnProfile2.mppe;
                break;
            case 1:
                lGMDMVpnProfile.ipsecSecret = lGMDMVpnProfile2.ipsecSecret;
                if (isAuthentecVpnSupported()) {
                    lGMDMVpnProfile.template = LGMDMVpnProfile.TEMPLATES.IPSEC_PSK_TEMPLATE_V1;
                    lGMDMVpnProfile.ikeIdType = lGMDMVpnProfile2.ikeIdType;
                    lGMDMVpnProfile.IkeIdValue = lGMDMVpnProfile2.IkeIdValue;
                    break;
                }
                break;
            case 2:
                lGMDMVpnProfile.template = LGMDMVpnProfile.TEMPLATES.IPSEC_CRT_TEMPLATE_V1;
                lGMDMVpnProfile.ipsecUserCert = lGMDMVpnProfile2.ipsecUserCert;
                lGMDMVpnProfile.ipsecCaCert = lGMDMVpnProfile2.ipsecCaCert;
                break;
            case 5:
                lGMDMVpnProfile.ipsecCaCert = lGMDMVpnProfile2.ipsecCaCert;
                lGMDMVpnProfile.ikeIdType = lGMDMVpnProfile2.ikeIdType;
                lGMDMVpnProfile.IkeIdValue = lGMDMVpnProfile2.IkeIdValue;
                break;
        }
        this.lgMdmManager.modifyVpnProfile(this.deviceAdmin, lGMDMVpnProfile);
        this.logger.info("[%s] Modified VPN profile [profile=%s]", TAG, str);
        return true;
    }

    private void verifyIKEValue(LGMDMVpnProfile lGMDMVpnProfile) {
        if (lGMDMVpnProfile.ikeIdType == LGMDMVpnProfile.IPSEC_IKE_ID_TYPES.IPSEC_IKE_ID_TYPE_EMAIL_ADDRESS && !isEmailAddressQualified(lGMDMVpnProfile.IkeIdValue)) {
            throw new IllegalArgumentException("Email address for IKE value not qualified");
        }
        if (lGMDMVpnProfile.ikeIdType == LGMDMVpnProfile.IPSEC_IKE_ID_TYPES.IPSEC_IKE_ID_TYPE_IP && !isIpAddressQualified(lGMDMVpnProfile.IkeIdValue)) {
            throw new IllegalArgumentException("IP address for IKE value not qualified");
        }
    }

    private LGMDMVpnProfile vpnProfileNameToLGMDMVpnProfile(String str) {
        List<LGMDMVpnProfile> enumVpnProfile = this.lgMdmManager.enumVpnProfile(this.deviceAdmin);
        if (enumVpnProfile != null && !enumVpnProfile.isEmpty()) {
            for (LGMDMVpnProfile lGMDMVpnProfile : enumVpnProfile) {
                if (lGMDMVpnProfile.name.equals(str)) {
                    return lGMDMVpnProfile;
                }
            }
        }
        return null;
    }

    @Override // net.soti.mobicontrol.vpn.VpnSettingsManager
    public void deleteProfile(String str) {
        LGMDMVpnProfile vpnProfileNameToLGMDMVpnProfile = vpnProfileNameToLGMDMVpnProfile(str);
        if (vpnProfileNameToLGMDMVpnProfile == null) {
            this.logger.error("[%s] Failed deleting VPN profile: %s [not found]", TAG, str);
        } else {
            this.lgMdmManager.deleteVpnProfile(this.deviceAdmin, vpnProfileNameToLGMDMVpnProfile);
            this.logger.info("[%s] Deleted VPN profile: %s", TAG, str);
        }
    }

    @Override // net.soti.mobicontrol.vpn.VpnSettingsManager
    public boolean isVpnTypeSupported(BaseVpnSettings baseVpnSettings) {
        String vpnType = getVpnType(baseVpnSettings);
        if (vpnType == null || Build.VERSION.SDK_INT < 14) {
            return false;
        }
        return SUPPORTED_VPN_TYPES.contains(vpnType);
    }

    @Override // net.soti.mobicontrol.vpn.VpnSettingsManager
    public List<String> listManagedProfiles() {
        LinkedList linkedList = new LinkedList();
        List enumVpnProfile = this.lgMdmManager.enumVpnProfile(this.deviceAdmin);
        if (enumVpnProfile != null && !enumVpnProfile.isEmpty()) {
            Iterator it = enumVpnProfile.iterator();
            while (it.hasNext()) {
                linkedList.add(((LGMDMVpnProfile) it.next()).name);
            }
        }
        return linkedList;
    }

    @Override // net.soti.mobicontrol.vpn.VpnSettingsManager
    public boolean setProfile(BaseVpnSettings baseVpnSettings) {
        boolean z = false;
        z = false;
        z = false;
        z = false;
        Assert.notNull(baseVpnSettings);
        String profileName = baseVpnSettings.getProfileName();
        if (isVpnTypeSupported(baseVpnSettings)) {
            String str = "addProfile";
            try {
                LGMDMVpnProfile vpnProfileNameToLGMDMVpnProfile = vpnProfileNameToLGMDMVpnProfile(profileName);
                if (vpnProfileNameToLGMDMVpnProfile == null) {
                    z = createVpnProfile(baseVpnSettings);
                } else {
                    LGMDMVpnProfile fromSotiVpnSettingsToLGMDMVpnProfile = fromSotiVpnSettingsToLGMDMVpnProfile(baseVpnSettings, true);
                    if (fromSotiVpnSettingsToLGMDMVpnProfile != null) {
                        str = "modifyProfile";
                        if (updateVpnProfile(profileName, vpnProfileNameToLGMDMVpnProfile, fromSotiVpnSettingsToLGMDMVpnProfile)) {
                            z = true;
                        } else {
                            this.logger.warn("[%s] Failed updating Vpn profile %s", TAG, profileName);
                        }
                    } else {
                        this.logger.warn("[%s] Failed setting profile {Unknown error in setting profile}", TAG);
                    }
                }
            } catch (Exception e) {
                MessageBus messageBus = this.messageBus;
                Context context = this.context;
                int i = R.string.error_vpn_config;
                Object[] objArr = new Object[2];
                objArr[z ? 1 : 0] = str;
                objArr[1] = e.getMessage();
                messageBus.sendMessageSilently(DsMessages.forEventLogMessage(context.getString(i, objArr), McEvent.DEVICE_ERROR));
            }
        } else {
            this.logger.warn("[%s] VPN profile %s is not supported on this device", TAG, profileName);
        }
        return z;
    }
}
