package com.cisco.android.nchs.support;

import android.content.Context;
import android.content.Intent;
import android.net.LocalSocket;
import android.os.Build;
import android.os.ParcelFileDescriptor;
import android.provider.Settings;
import com.cisco.android.nchs.Globals;
import com.cisco.android.nchs.NCHSProxyActivity;
import com.cisco.android.nchs.aidl.NCHSReturnCode;
import com.cisco.android.nchs.codes.IOpcode;
import com.cisco.android.nchs.codes.NCHSArgumentTypeCode;
import com.cisco.android.nchs.exception.NCHSClientInteractionFailedException;
import com.cisco.android.nchs.ipc.ArgumentMapping;
import com.cisco.android.nchs.ipc.IIPCServer;
import com.cisco.android.nchs.ipc.IPCReturnMessage;
import com.cisco.android.nchs.ipc.IPCServerBase;
import com.cisco.android.nchs.permissions.Prerequisites;
import com.cisco.anyconnect.vpn.android.ui.EulaActivity;
import com.cisco.anyconnect.vpn.android.util.AppLog;
import com.cisco.anyconnect.vpn.android.util.DnsSetterFactory;
import com.cisco.anyconnect.vpn.android.util.NetUtils;
import com.motorola.vpn.ext.MotVpnError;
import java.io.FileDescriptor;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.KeyStoreException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;

/* loaded from: classes.dex */
public class NCSSIPCServer extends IPCServerBase {
    public static final int ELEMENTS_PER_MANAGED_CERT = 4;
    private static final String ENTITY_NAME = "NCSSIPCServer";
    public static final String KEYSTORE_PREFIX_ANYCONNECT = "AC/";
    public static final String KEYSTORE_PREFIX_KEYCHAIN = "KEYCHAIN/";
    public static final String KEYSTORE_PREFIX_SYSTEM = "SYS/";
    private VpnBuilderWrapper mBuilder;
    private final CertificateManager mCertMgr;
    private final Context mContext;
    private final DeviceInfoManager mDevMgr;

    /* renamed from: com.cisco.android.nchs.support.NCSSIPCServer$1, reason: invalid class name */
    /* loaded from: classes.dex */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode = new int[NCSSOpcode.values().length];

        static {
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.VERIFY_CERT_FOR_HOST.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.IMPORT_TRUSTED_CERT.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.CHANGE_HTTP_PROXY.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.GET_HTTP_PROXY.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.GET_CLIENT_CERTS.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.IMPORT_PKCS12.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.SIGN_HASH.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.MODIFY_FORWARDING_RULE.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.GET_LOCALE.ordinal()] = 9;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.GET_CERTIFICATES.ordinal()] = 10;
            } catch (NoSuchFieldError e10) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.DELETE_CERTIFICATES.ordinal()] = 11;
            } catch (NoSuchFieldError e11) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.SET_DNS.ordinal()] = 12;
            } catch (NoSuchFieldError e12) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.RESTORE_DNS.ordinal()] = 13;
            } catch (NoSuchFieldError e13) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.START_SERVICE.ordinal()] = 14;
            } catch (NoSuchFieldError e14) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.ICS_ADD_ADDRESS.ordinal()] = 15;
            } catch (NoSuchFieldError e15) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.ICS_ADD_DNS_SERVER.ordinal()] = 16;
            } catch (NoSuchFieldError e16) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.ICS_ADD_ROUTE.ordinal()] = 17;
            } catch (NoSuchFieldError e17) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.ICS_ADD_SEARCH_DOMAIN.ordinal()] = 18;
            } catch (NoSuchFieldError e18) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.ICS_ESTABLISH.ordinal()] = 19;
            } catch (NoSuchFieldError e19) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.ICS_PREPARE.ordinal()] = 20;
            } catch (NoSuchFieldError e20) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.ICS_SET_MTU.ordinal()] = 21;
            } catch (NoSuchFieldError e21) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.ICS_SET_SESSION.ordinal()] = 22;
            } catch (NoSuchFieldError e22) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.ICS_PROTECT_SOCKET.ordinal()] = 23;
            } catch (NoSuchFieldError e23) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.ICS_CREATE_STREAM_SOCKET.ordinal()] = 24;
            } catch (NoSuchFieldError e24) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.ICS_CREATE_DATAGRAM_SOCKET.ordinal()] = 25;
            } catch (NoSuchFieldError e25) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.GET_RUNNING_MODE.ordinal()] = 26;
            } catch (NoSuchFieldError e26) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.MODIFY_SYSTEM_PROPERTY.ordinal()] = 27;
            } catch (NoSuchFieldError e27) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.GET_DEVICE_ID.ordinal()] = 28;
            } catch (NoSuchFieldError e28) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.GET_DEVICE_TYPE.ordinal()] = 29;
            } catch (NoSuchFieldError e29) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.GET_PLATFORM_VERSION.ordinal()] = 30;
            } catch (NoSuchFieldError e30) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.GET_CERT_CHAIN.ordinal()] = 31;
            } catch (NoSuchFieldError e31) {
            }
            try {
                $SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[NCSSOpcode.GET_PACKAGE_INFO.ordinal()] = 32;
            } catch (NoSuchFieldError e32) {
            }
        }
    }

    public NCSSIPCServer(String str, CertificateManager certificateManager, DeviceInfoManager deviceInfoManager, Context context, IIPCServer.IIPCServerCB iIPCServerCB) {
        super("NCSS", str, iIPCServerCB);
        this.mCertMgr = certificateManager;
        this.mDevMgr = deviceInfoManager;
        this.mContext = context;
        this.mBuilder = new VpnBuilderWrapper(this.mContext, this);
    }

    private void addAnyConnectClientCerts(IPCReturnMessage iPCReturnMessage) {
        Map<X509Certificate, String> enumerateClientCertificates = this.mCertMgr.enumerateClientCertificates();
        if (enumerateClientCertificates == null || enumerateClientCertificates.isEmpty()) {
            return;
        }
        for (X509Certificate x509Certificate : enumerateClientCertificates.keySet()) {
            addCertToMessage(iPCReturnMessage, x509Certificate, this.mCertMgr.getCertAlias(x509Certificate), "AC/client", 0, 0);
        }
    }

    private void addAnyConnectNonClientCerts(IPCReturnMessage iPCReturnMessage) {
        X509Certificate[] rootCertificates = this.mCertMgr.getRootCertificates();
        if (rootCertificates == null || rootCertificates.length == 0) {
            return;
        }
        Map<X509Certificate, String> enumerateClientCertificates = this.mCertMgr.enumerateClientCertificates();
        for (X509Certificate x509Certificate : rootCertificates) {
            if (enumerateClientCertificates == null || !enumerateClientCertificates.containsKey(x509Certificate)) {
                addCertToMessage(iPCReturnMessage, x509Certificate, this.mCertMgr.getCertAlias(x509Certificate), "AC/root", 2, x509Certificate.getIssuerDN().equals(x509Certificate.getSubjectDN()) ? 2 : 1);
            } else {
                AppLog.logDebugMessage(AppLog.Severity.DBG_INFO, ENTITY_NAME, "addAnyConnectNonClientCerts: got client cert=" + x509Certificate.getSubjectDN());
            }
        }
    }

    private void addCertToMessage(IPCReturnMessage iPCReturnMessage, X509Certificate x509Certificate, String str, String str2, int i, int i2) {
        try {
            iPCReturnMessage.addArgument(NCHSArgumentTypeCode.BYTE_ARRAY, x509Certificate.getEncoded());
            iPCReturnMessage.addArgument(NCHSArgumentTypeCode.STRING, str);
            iPCReturnMessage.addArgument(NCHSArgumentTypeCode.STRING, str2);
            iPCReturnMessage.addArgument(NCHSArgumentTypeCode.INT, Integer.valueOf(i));
            iPCReturnMessage.addArgument(NCHSArgumentTypeCode.INT, Integer.valueOf(i2));
        } catch (CertificateEncodingException e) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "addAnyConnectClientCerts: failed to encode cert: " + e);
        }
    }

    private void addKeyChainClientCerts(IPCReturnMessage iPCReturnMessage) {
        Map<X509Certificate, String> enumerateClientCertsFromSystem = this.mCertMgr.enumerateClientCertsFromSystem();
        if (enumerateClientCertsFromSystem == null || enumerateClientCertsFromSystem.isEmpty()) {
            return;
        }
        for (Map.Entry<X509Certificate, String> entry : enumerateClientCertsFromSystem.entrySet()) {
            addCertToMessage(iPCReturnMessage, entry.getKey(), entry.getValue(), "KEYCHAIN/client", 0, 0);
        }
    }

    private void addSystemCerts(IPCReturnMessage iPCReturnMessage) {
        X509Certificate[] systemCertificates = this.mCertMgr.getSystemCertificates();
        if (systemCertificates == null || systemCertificates.length == 0) {
            return;
        }
        for (X509Certificate x509Certificate : systemCertificates) {
            addCertToMessage(iPCReturnMessage, x509Certificate, "", "SYS/System", 1, x509Certificate.getIssuerDN().equals(x509Certificate.getSubjectDN()) ? 2 : 1);
        }
    }

    private void changeHttpProxy(IPCReturnMessage iPCReturnMessage, String str) {
        try {
            if (str.equals("")) {
                str = null;
            }
            boolean putString = Settings.Secure.putString(this.mContext.getContentResolver(), "http_proxy", str);
            if (putString) {
                this.mContext.sendBroadcast(new Intent("android.intent.action.PROXY_CHANGE"));
            }
            iPCReturnMessage.setCode(putString ? NCHSReturnCode.RESULT_OPERATION_COMPLETED : NCHSReturnCode.RESULT_OPERATION_FAILED);
        } catch (Exception e) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "Exception occurred setting proxy", e);
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_ERROR);
        }
    }

    private void deleteCertificates(IPCReturnMessage iPCReturnMessage, ArrayList<ArgumentMapping> arrayList) throws NCHSClientInteractionFailedException {
        try {
            ArrayList arrayList2 = new ArrayList();
            for (int i = 0; i < arrayList.size(); i++) {
                ArgumentMapping argumentMapping = arrayList.get(i);
                if (NCHSArgumentTypeCode.STRING != argumentMapping.getType()) {
                    AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "Illegal arg type=" + argumentMapping.getType() + " on argument #" + i);
                    throw new IllegalArgumentException();
                }
                arrayList2.add((String) argumentMapping.getObjectData());
            }
            iPCReturnMessage.addArgument(NCHSArgumentTypeCode.BOOLEAN, Boolean.valueOf(this.mCertMgr.deleteCertificates((String[]) arrayList2.toArray(new String[arrayList2.size()]))));
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
        } catch (IllegalArgumentException e) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "deleteCertificates: " + e.getMessage());
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_ERROR);
            throw new NCHSClientInteractionFailedException(iPCReturnMessage, e.getMessage());
        }
    }

    private void enumerateClientCertificates(IPCReturnMessage iPCReturnMessage) {
        HashMap hashMap = new HashMap();
        hashMap.putAll(this.mCertMgr.enumerateClientCertificates());
        hashMap.putAll(this.mCertMgr.enumerateClientCertsFromSystem());
        iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
        if (hashMap == null || hashMap.size() == 0) {
            return;
        }
        for (Map.Entry entry : hashMap.entrySet()) {
            try {
                iPCReturnMessage.addArgument(NCHSArgumentTypeCode.BYTE_ARRAY, ((X509Certificate) entry.getKey()).getEncoded());
                iPCReturnMessage.addArgument(NCHSArgumentTypeCode.STRING, entry.getValue());
            } catch (CertificateEncodingException e) {
                AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "enumerateClientCertificates: got encoding exception: " + e.getMessage());
            }
        }
    }

    private void getCertChain(IPCReturnMessage iPCReturnMessage, String str) {
        String str2;
        int i;
        try {
            X509Certificate[] certChain = this.mCertMgr.getCertChain(str);
            Map<X509Certificate, String> enumerateClientCertificates = this.mCertMgr.enumerateClientCertificates();
            for (X509Certificate x509Certificate : certChain) {
                String certAlias = this.mCertMgr.getCertAlias(x509Certificate);
                if (enumerateClientCertificates.containsKey(x509Certificate)) {
                    str2 = "AC/client";
                    i = 0;
                } else {
                    str2 = "AC/root";
                    i = x509Certificate.getIssuerDN().equals(x509Certificate.getSubjectDN()) ? 2 : 1;
                }
                addCertToMessage(iPCReturnMessage, x509Certificate, certAlias, str2, 0, i);
                iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
            }
        } catch (KeyStoreException e) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "KeyStoreException", e);
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_FAILED);
        }
    }

    private void getCertificates(IPCReturnMessage iPCReturnMessage, int i) {
        switch (i) {
            case 0:
                addAnyConnectClientCerts(iPCReturnMessage);
                addKeyChainClientCerts(iPCReturnMessage);
                addAnyConnectNonClientCerts(iPCReturnMessage);
                break;
            case 1:
                addSystemCerts(iPCReturnMessage);
                break;
            default:
                AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "Unexpected certificate type: " + i);
                break;
        }
        iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
    }

    private void getHttpProxy(IPCReturnMessage iPCReturnMessage) {
        try {
            String string = Settings.Secure.getString(this.mContext.getContentResolver(), "http_proxy");
            if (string == null) {
                string = "";
            }
            iPCReturnMessage.addArgument(new ArgumentMapping(NCHSArgumentTypeCode.STRING, string));
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
        } catch (Exception e) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "Exception occurred getting proxy", e);
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_ERROR);
        }
    }

    private void getLocale(IPCReturnMessage iPCReturnMessage) {
        try {
            String language = Locale.getDefault().getLanguage();
            String country = Locale.getDefault().getCountry();
            String displayName = Charset.defaultCharset().displayName(Locale.getDefault());
            iPCReturnMessage.addArgument(new ArgumentMapping(NCHSArgumentTypeCode.STRING, language));
            iPCReturnMessage.addArgument(new ArgumentMapping(NCHSArgumentTypeCode.STRING, country));
            iPCReturnMessage.addArgument(new ArgumentMapping(NCHSArgumentTypeCode.STRING, displayName));
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
        } catch (Exception e) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "Exception occurred getting proxy", e);
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_ERROR);
        }
    }

    private void importPKCS12(IPCReturnMessage iPCReturnMessage, byte[] bArr, String str, String str2) {
        try {
            X509Certificate[] importPkcs12ClientCert = this.mCertMgr.importPkcs12ClientCert(bArr, str);
            if (importPkcs12ClientCert == null || importPkcs12ClientCert.length == 0) {
                AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "importPKCS12: received a NULL cert from cert manager");
                iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_FAILED);
                return;
            }
            for (X509Certificate x509Certificate : importPkcs12ClientCert) {
                String keyAliasForCertAlias = this.mCertMgr.getKeyAliasForCertAlias(this.mCertMgr.getCertAlias(x509Certificate));
                iPCReturnMessage.addArgument(NCHSArgumentTypeCode.BYTE_ARRAY, x509Certificate.getEncoded());
                iPCReturnMessage.addArgument(NCHSArgumentTypeCode.STRING, keyAliasForCertAlias);
            }
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
        } catch (UnrecoverableKeyException e) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "importPKCS12: UnrecoverableKeyException: " + e.getMessage());
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_PERMISSION_DENIED);
        } catch (CertificateEncodingException e2) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "importPKCS12: failed to encode returned cert: " + e2.getMessage());
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_FAILED);
        }
    }

    private void importTrustedCertificate(IPCReturnMessage iPCReturnMessage, byte[] bArr) throws NCHSClientInteractionFailedException {
        X509Certificate derToX509Certificate = this.mCertMgr.derToX509Certificate(bArr);
        if (derToX509Certificate == null) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "importTrustedCertificate: failed to parse certificate");
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_FAILED);
        } else if (this.mCertMgr.importTrustedCertificate(derToX509Certificate)) {
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
        } else {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "importTrustedCertificate: failed to import certificate");
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_FAILED);
        }
    }

    private void modifyForwardingRule(IPCReturnMessage iPCReturnMessage, String str, String str2, String str3, String str4, Integer num) {
        String str5;
        try {
            Class<?> loadClass = this.mContext.getClassLoader().loadClass("android.net.NetworkUtils");
            if (str.equals("add")) {
                str5 = "addRoutingRule";
            } else {
                if (!str.equals(Globals.ACTION_DELETE)) {
                    AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "invalid forwarding rule operation \"" + str + "\"");
                    iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_ERROR);
                }
                str5 = "delRoutingRule";
            }
            if (!str4.matches("\\w+") || !str2.matches("[\\w\\.]+") || !str3.matches("[\\w\\.]+")) {
                AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "invalid forwarding rule arguments \"" + str2 + "\" \"" + str3 + "\" \"" + str4 + "\"");
                iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_ERROR);
            } else if (-1 == ((Integer) loadClass.getMethod(str5, String.class, String.class, String.class, Integer.TYPE).invoke(loadClass, str2, str3, str4, Integer.valueOf(num.intValue()))).intValue()) {
                AppLog.logDebugMessage(AppLog.Severity.DBG_WARN, ENTITY_NAME, "HTC-private API call failed for operation \"" + str + "\"");
                iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_FAILED);
            } else {
                iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
            }
        } catch (NoSuchMethodException e) {
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_PRECONDITIONS_NOT_MET);
        } catch (Exception e2) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_WARN, ENTITY_NAME, "exception occurred while invoking HTC-private API: " + e2.toString());
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_ERROR);
        }
    }

    private void modifySystemProperty(IPCReturnMessage iPCReturnMessage, String str, String str2) {
        SystemPrivProxy systemPrivProxy = new SystemPrivProxy(this.mContext);
        try {
            if (systemPrivProxy.SetProperty(str, str2)) {
                systemPrivProxy.Destroy();
                iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
            } else {
                AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "SetProperty failed (key = \"" + str + "\" value = \"" + str2 + "\")");
                iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_ERROR);
            }
        } catch (Exception e) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_WARN, ENTITY_NAME, "exception occured setting property (key = \"" + str + "\" value = \"" + str2 + "\")", e);
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_ERROR);
        } finally {
            systemPrivProxy.Destroy();
        }
    }

    private X509Certificate[] parseBlobsIntoCertificates(int[] iArr, byte[] bArr) throws CertificateParsingException, CertificateException, IllegalArgumentException {
        int length = iArr.length;
        if (length == 0) {
            throw new CertificateException("bad arguments: no certificates provided");
        }
        int i = 0;
        X509Certificate[] x509CertificateArr = new X509Certificate[length];
        for (int i2 = 0; i2 < length; i2++) {
            int i3 = iArr[i2];
            if (i3 <= 0) {
                throw new IllegalArgumentException("bad arguments: certificate[" + i2 + "] has bad length=" + i3);
            }
            if (i + i3 > bArr.length) {
                throw new IllegalArgumentException("bad arguments: total (" + i + ") + next (" + i3 + ") is greater than passed length (" + bArr.length + ")");
            }
            byte[] bArr2 = new byte[i3];
            System.arraycopy(bArr, i, bArr2, 0, i3);
            i += i3;
            X509Certificate derToX509Certificate = this.mCertMgr.derToX509Certificate(bArr2);
            if (derToX509Certificate == null) {
                throw new CertificateParsingException("failed to parse certificate #" + i2 + " of " + length);
            }
            x509CertificateArr[i2] = derToX509Certificate;
        }
        if (bArr.length > i) {
            throw new IllegalArgumentException("bad arguments: only read " + i + " of " + bArr.length + " bytes available");
        }
        return x509CertificateArr;
    }

    private void restoreDns(IPCReturnMessage iPCReturnMessage) {
        if (Build.VERSION.SDK_INT < 18) {
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_PRECONDITIONS_NOT_MET);
            return;
        }
        String activeIface = NetUtils.getActiveIface(this.mContext);
        if (activeIface != null) {
            iPCReturnMessage.setCode(DnsSetterFactory.getInstance(Prerequisites.haveRootAccess()).restoreDns(activeIface) ? NCHSReturnCode.RESULT_OPERATION_COMPLETED : NCHSReturnCode.RESULT_OPERATION_FAILED);
        } else {
            AppLog.logDebugMessage(AppLog.Severity.DBG_INFO, ENTITY_NAME, "No public interface; not restoring DNS.");
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
        }
    }

    private void setDns(IPCReturnMessage iPCReturnMessage, ArrayList<ArgumentMapping> arrayList) {
        if (Build.VERSION.SDK_INT < 18) {
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_PRECONDITIONS_NOT_MET);
            return;
        }
        String str = null;
        String str2 = null;
        ArrayList arrayList2 = new ArrayList();
        for (int i = 0; i < arrayList.size(); i++) {
            ArgumentMapping argumentMapping = arrayList.get(i);
            if (NCHSArgumentTypeCode.STRING != argumentMapping.getType()) {
                AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "Illegal arg type=" + argumentMapping.getType() + " on argument #" + i);
                iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_ERROR);
                return;
            }
            String str3 = (String) argumentMapping.getObjectData();
            if (i == 0) {
                str = str3;
            } else if (1 != i) {
                arrayList2.add(str3);
            } else if (!str3.equals("")) {
                str2 = str3;
            }
        }
        if (str != null) {
            iPCReturnMessage.setCode(DnsSetterFactory.getInstance(Prerequisites.haveRootAccess()).setDns(str, str2, arrayList2) ? NCHSReturnCode.RESULT_OPERATION_COMPLETED : NCHSReturnCode.RESULT_OPERATION_FAILED);
        } else {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "No interface provided for setDns");
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_ERROR);
        }
    }

    private void signHashWithClientCert(IPCReturnMessage iPCReturnMessage, String str, String str2, byte[] bArr) {
        try {
            byte[] signWithClientCertificate = this.mCertMgr.signWithClientCertificate(str, bArr);
            if (signWithClientCertificate == null || signWithClientCertificate.length == 0) {
                iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_FAILED);
            } else {
                iPCReturnMessage.addArgument(NCHSArgumentTypeCode.BYTE_ARRAY, signWithClientCertificate);
                iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
            }
        } catch (UnrecoverableKeyException e) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "importPKCS12: UnrecoverableKeyException: " + e.getMessage());
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_PERMISSION_DENIED);
        }
    }

    private boolean startAndPrepareICSVpnService(IPCReturnMessage iPCReturnMessage) {
        NCHSReturnCode startVpnService;
        NCHSReturnCode nCHSReturnCode = NCHSReturnCode.RESULT_OPERATION_COMPLETED;
        if (!this.mBuilder.isVpnServiceStarted() && NCHSReturnCode.RESULT_OPERATION_COMPLETED != (startVpnService = startVpnService())) {
            iPCReturnMessage.setCode(startVpnService);
            return false;
        }
        Intent prepare = this.mBuilder.prepare(this.mContext);
        if (prepare == null) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_INFO, ENTITY_NAME, "do not need to launch system intent, we are already prepared");
            return true;
        }
        AppLog.logDebugMessage(AppLog.Severity.DBG_INFO, ENTITY_NAME, "Need to launch the Android system intent for VPN");
        Intent intent = new Intent(this.mContext, (Class<?>) NCHSProxyActivity.class);
        intent.putExtra(Globals.KEY_EXTERNAL_ACTION, Globals.ACTION_START_ACTIVITY);
        intent.putExtra(Globals.KEY_INTENT, prepare);
        intent.setFlags(268435456);
        intent.putExtra(Globals.KEY_IPC_TARGET_SERVER, Globals.NCSS_SERVER_SOCKET_NAME);
        this.mContext.startActivity(intent);
        NCHSReturnCode waitForRequestedEvent = waitForRequestedEvent();
        if (NCHSReturnCode.RESULT_OPERATION_COMPLETED == waitForRequestedEvent) {
            return true;
        }
        iPCReturnMessage.setCode(waitForRequestedEvent);
        return false;
    }

    private void startService(IPCReturnMessage iPCReturnMessage, String str) {
        if (this.mContext.startService(new Intent(str)) == null) {
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_FAILED);
        } else {
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
        }
    }

    private NCHSReturnCode startVpnService() {
        NCHSReturnCode waitForRequestedEvent;
        NCHSReturnCode nCHSReturnCode = NCHSReturnCode.RESULT_OPERATION_ERROR;
        synchronized (getLockObject()) {
            waitForRequestedEvent = this.mBuilder.startVpnService() ? waitForRequestedEvent() : NCHSReturnCode.RESULT_OPERATION_FAILED;
        }
        return waitForRequestedEvent;
    }

    private void verifyCertForHost(IPCReturnMessage iPCReturnMessage, int[] iArr, byte[] bArr, String str) throws NCHSClientInteractionFailedException {
        try {
            iPCReturnMessage.addArgument(new ArgumentMapping(NCHSArgumentTypeCode.INT, Integer.valueOf(this.mCertMgr.verifyX509ServerCertForHost(this.mCertMgr.getSortedChain(parseBlobsIntoCertificates(iArr, bArr)), str))));
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
        } catch (IllegalArgumentException e) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "verifyCertForHost: " + e.getMessage());
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_ERROR);
            throw new NCHSClientInteractionFailedException(iPCReturnMessage, e.getMessage());
        } catch (CertificateParsingException e2) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "verifyCertForHost: " + e2.getMessage());
            iPCReturnMessage.addArgument(new ArgumentMapping(NCHSArgumentTypeCode.INT, (Object) (-1)));
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
        } catch (CertificateException e3) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "verifyCertForHost: " + e3.getMessage());
            iPCReturnMessage.addArgument(new ArgumentMapping(NCHSArgumentTypeCode.INT, (Object) (-1)));
            iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_FAILED);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.cisco.android.nchs.ipc.IPCServerBase
    public void callServiceMethod(IOpcode iOpcode, ArrayList<ArgumentMapping> arrayList, LocalSocket localSocket, IPCReturnMessage iPCReturnMessage) throws IOException, NCHSClientInteractionFailedException {
        NCSSOpcode byCode = NCSSOpcode.getByCode(iOpcode.getCode());
        if (iPCReturnMessage == null) {
            iPCReturnMessage = new IPCReturnMessage();
        } else {
            iPCReturnMessage.clearArguments();
        }
        NCHSReturnCode nCHSReturnCode = NCHSReturnCode.RESULT_OPERATION_COMPLETED;
        switch (AnonymousClass1.$SwitchMap$com$cisco$android$nchs$support$NCSSOpcode[byCode.ordinal()]) {
            case 1:
                verifyCertForHost(iPCReturnMessage, (int[]) arrayList.get(0).getObjectData(), (byte[]) arrayList.get(1).getObjectData(), (String) arrayList.get(2).getObjectData());
                return;
            case 2:
                importTrustedCertificate(iPCReturnMessage, (byte[]) arrayList.get(0).getObjectData());
                return;
            case MotVpnError.ERROR_PROP_NOT_SUPPORT /* 3 */:
                changeHttpProxy(iPCReturnMessage, (String) arrayList.get(0).getObjectData());
                return;
            case 4:
                getHttpProxy(iPCReturnMessage);
                return;
            case 5:
                enumerateClientCertificates(iPCReturnMessage);
                return;
            case 6:
                importPKCS12(iPCReturnMessage, (byte[]) arrayList.get(0).getObjectData(), (String) arrayList.get(1).getObjectData(), (String) arrayList.get(2).getObjectData());
                return;
            case 7:
                signHashWithClientCert(iPCReturnMessage, (String) arrayList.get(0).getObjectData(), (String) arrayList.get(1).getObjectData(), (byte[]) arrayList.get(2).getObjectData());
                return;
            case 8:
                modifyForwardingRule(iPCReturnMessage, (String) arrayList.get(0).getObjectData(), (String) arrayList.get(1).getObjectData(), (String) arrayList.get(2).getObjectData(), (String) arrayList.get(3).getObjectData(), (Integer) arrayList.get(4).getObjectData());
                return;
            case 9:
                getLocale(iPCReturnMessage);
                return;
            case 10:
                getCertificates(iPCReturnMessage, ((Integer) arrayList.get(0).getObjectData()).intValue());
                return;
            case com.cisco.anyconnect.vpn.android.ui.Globals.HONEYCOMB_VERSION_BUILD_CODE /* 11 */:
                deleteCertificates(iPCReturnMessage, arrayList);
                return;
            case com.cisco.anyconnect.vpn.android.ui.Globals.HONEYCOMB_MR1_VERSION_BUILD_CODE /* 12 */:
                setDns(iPCReturnMessage, arrayList);
                return;
            case com.cisco.anyconnect.vpn.android.ui.Globals.HONEYCOMB_MR2_VERSION_BUILD_CODE /* 13 */:
                restoreDns(iPCReturnMessage);
                return;
            case Prerequisites.ICE_CREAM_SANDWICH_API_LEVEL /* 14 */:
                startService(iPCReturnMessage, (String) arrayList.get(0).getObjectData());
                return;
            case 15:
                iPCReturnMessage.setCode(this.mBuilder.addAddress((String) arrayList.get(0).getObjectData(), ((Integer) arrayList.get(1).getObjectData()).intValue()) ? NCHSReturnCode.RESULT_OPERATION_COMPLETED : NCHSReturnCode.RESULT_OPERATION_FAILED);
                return;
            case 16:
                iPCReturnMessage.setCode(this.mBuilder.addDnsServer((String) arrayList.get(0).getObjectData()) ? NCHSReturnCode.RESULT_OPERATION_COMPLETED : NCHSReturnCode.RESULT_OPERATION_FAILED);
                return;
            case 17:
                iPCReturnMessage.setCode(this.mBuilder.addRoute((String) arrayList.get(0).getObjectData(), ((Integer) arrayList.get(1).getObjectData()).intValue()) ? NCHSReturnCode.RESULT_OPERATION_COMPLETED : NCHSReturnCode.RESULT_OPERATION_FAILED);
                return;
            case Prerequisites.JELLY_BEAN_MR2_API_LEVEL /* 18 */:
                iPCReturnMessage.setCode(this.mBuilder.addSearchDomain((String) arrayList.get(0).getObjectData()) ? NCHSReturnCode.RESULT_OPERATION_COMPLETED : NCHSReturnCode.RESULT_OPERATION_FAILED);
                return;
            case 19:
                ParcelFileDescriptor establish = this.mBuilder.establish();
                if (establish == null) {
                    AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "establish was called when we were not prepared");
                    iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_FAILED);
                    return;
                } else {
                    iPCReturnMessage.setFileDesciptorsForSend(new ParcelFileDescriptor[]{establish});
                    iPCReturnMessage.setCloseFdsAfterSend(true);
                    iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
                    return;
                }
            case EulaActivity.EULA_RESPONSE_ACCEPTED /* 20 */:
                if (startAndPrepareICSVpnService(iPCReturnMessage)) {
                    iPCReturnMessage.setCode(nCHSReturnCode);
                    return;
                } else {
                    iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_FAILED);
                    return;
                }
            case EulaActivity.EULA_RESPONSE_REJECTED /* 21 */:
                iPCReturnMessage.setCode(this.mBuilder.setMtu(((Integer) arrayList.get(0).getObjectData()).intValue()) ? NCHSReturnCode.RESULT_OPERATION_COMPLETED : NCHSReturnCode.RESULT_OPERATION_FAILED);
                return;
            case 22:
                iPCReturnMessage.setCode(this.mBuilder.setSession((String) arrayList.get(0).getObjectData()) ? NCHSReturnCode.RESULT_OPERATION_COMPLETED : NCHSReturnCode.RESULT_OPERATION_FAILED);
                return;
            case 23:
                if (!startAndPrepareICSVpnService(iPCReturnMessage)) {
                    AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "could not start and prepare the VpnService");
                    return;
                }
                FileDescriptor[] ancillaryFileDescriptors = localSocket.getAncillaryFileDescriptors();
                if (1 > ancillaryFileDescriptors.length) {
                    AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "No FDs passed as part of the call to Protect()");
                    iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_FAILED);
                    return;
                }
                for (FileDescriptor fileDescriptor : ancillaryFileDescriptors) {
                    if (!this.mBuilder.protect(fileDescriptor)) {
                    }
                }
                iPCReturnMessage.setCode(1 != 0 ? NCHSReturnCode.RESULT_OPERATION_COMPLETED : NCHSReturnCode.RESULT_OPERATION_FAILED);
                return;
            case 24:
                if (!startAndPrepareICSVpnService(iPCReturnMessage)) {
                    AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "could not start and prepare the VpnService");
                    return;
                }
                ParcelFileDescriptor CreateStreamSocket = this.mBuilder.CreateStreamSocket();
                if (CreateStreamSocket != null) {
                    iPCReturnMessage.setFileDesciptorsForSend(new ParcelFileDescriptor[]{CreateStreamSocket});
                    iPCReturnMessage.setCloseFdsAfterSend(true);
                }
                iPCReturnMessage.setCode(CreateStreamSocket != null ? NCHSReturnCode.RESULT_OPERATION_COMPLETED : NCHSReturnCode.RESULT_OPERATION_FAILED);
                return;
            case 25:
                if (!startAndPrepareICSVpnService(iPCReturnMessage)) {
                    AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "could not start and prepare the VpnService");
                    return;
                }
                ParcelFileDescriptor CreateDatagramSocket = this.mBuilder.CreateDatagramSocket();
                if (CreateDatagramSocket != null) {
                    iPCReturnMessage.setFileDesciptorsForSend(new ParcelFileDescriptor[]{CreateDatagramSocket});
                    iPCReturnMessage.setCloseFdsAfterSend(true);
                }
                iPCReturnMessage.setCode(CreateDatagramSocket != null ? NCHSReturnCode.RESULT_OPERATION_COMPLETED : NCHSReturnCode.RESULT_OPERATION_FAILED);
                return;
            case 26:
                iPCReturnMessage.addArgument(new ArgumentMapping(NCHSArgumentTypeCode.BYTE, Byte.valueOf(Prerequisites.CheckPrerequisites(this.mContext).getCode())));
                iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
                return;
            case 27:
                modifySystemProperty(iPCReturnMessage, (String) arrayList.get(0).getObjectData(), (String) arrayList.get(1).getObjectData());
                return;
            case 28:
                iPCReturnMessage.addArgument(new ArgumentMapping(NCHSArgumentTypeCode.STRING, this.mDevMgr.GetDeviceID()));
                iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
                return;
            case 29:
                iPCReturnMessage.addArgument(new ArgumentMapping(NCHSArgumentTypeCode.STRING, this.mDevMgr.GetDeviceType()));
                iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
                return;
            case 30:
                iPCReturnMessage.addArgument(new ArgumentMapping(NCHSArgumentTypeCode.STRING, this.mDevMgr.GetPlatformVersion()));
                iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_COMPLETED);
                return;
            case 31:
                getCertChain(iPCReturnMessage, (String) arrayList.get(0).getObjectData());
                return;
            case 32:
                new PackageInformation(this.mContext).GetAppOwnerUserId(iPCReturnMessage, (String) arrayList.get(0).getObjectData());
                return;
            default:
                iPCReturnMessage.setCode(NCHSReturnCode.RESULT_OPERATION_ERROR);
                return;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.cisco.android.nchs.ipc.IPCServerThread
    public IOpcode getNewOpCodeInterface(byte b) {
        return NCSSOpcode.getByCode(b);
    }
}
