package com.cisco.anyconnect.vpn.android.work;

import android.os.Bundle;
import android.os.Parcelable;
import com.cisco.anyconnect.vpn.android.service.ConnectionType;
import com.cisco.anyconnect.vpn.android.service.VpnConnection;
import com.cisco.anyconnect.vpn.android.util.AppLog;
import com.cisco.anyconnect.vpn.jni.ConnectProtocolType;
import com.cisco.anyconnect.vpn.jni.IPsecAuthMode;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;

/* loaded from: classes.dex */
public class ManagedConfigParser {
    public static final String VPN_CONNECTION_PROFILE = "vpn_connection_profile";
    public static final String VPN_SETTING_ALLOW_SAVED_CREDENTIALS = "vpn_setting_allow_saved_credentials";
    public static final String VPN_SETTING_CERTIFICATE_REVOCATION = "vpn_setting_certificate_revocation";
    public static final String VPN_SETTING_FIPS_MODE = "vpn_setting_fips_mode";
    public static final String VPN_SETTING_STRICT_MODE = "vpn_setting_strict_mode";
    private Bundle mBundle;
    private List<ManagedConnection> mConns = new ArrayList();

    /* loaded from: classes.dex */
    public static class ManagedConnection {
        public boolean isActive;
        public String keychainAlias;
        public VpnConnection vpnConnection;

        String getDescription() {
            return ((("isActive=" + this.isActive) + "\nkeychainAlias=" + this.keychainAlias) + "\nVpnConnection:\n") + this.vpnConnection.GetDescription();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class ManagedConnectionBuilder {
        private VpnConnection mConn = new VpnConnection();
        public boolean mIsActive;
        private boolean mIsValid;
        public String mKeychainAlias;

        ManagedConnectionBuilder(String str, String str2) {
            this.mIsValid = true;
            this.mConn.SetType(ConnectionType.Profile_Android_Work);
            if (str2 != null && str2.length() > 0) {
                this.mConn.SetName(generateName((str == null || str.isEmpty()) ? str2 : str));
                this.mConn.SetHost(str2);
            } else {
                AppLog.info(this, "dd2 invalid");
                this.mIsValid = false;
            }
        }

        private String generateName(String str) {
            return str + " (Managed)";
        }

        ManagedConnection build() {
            if (!this.mIsValid) {
                return null;
            }
            ManagedConnection managedConnection = new ManagedConnection();
            managedConnection.isActive = this.mIsActive;
            managedConnection.keychainAlias = this.mKeychainAlias;
            managedConnection.vpnConnection = this.mConn;
            return managedConnection;
        }

        ManagedConnectionBuilder setActive(boolean z) {
            this.mIsActive = z;
            return this;
        }

        ManagedConnectionBuilder setAllowBypass(boolean z) {
            this.mConn.setIsBypassAllowed(z);
            return this;
        }

        ManagedConnectionBuilder setCert(String str) {
            if (str != null && str.length() > 0) {
                this.mKeychainAlias = str;
            }
            return this;
        }

        ManagedConnectionBuilder setPerApp(String str, String str2) {
            if (str == null || str.length() == 0) {
                this.mConn.setTunnelApplications(null);
            } else {
                this.mConn.setTunnelApplications(new ArrayList(Arrays.asList(str.split("\\s*,\\s*"))));
            }
            if (str2 == null || str2.length() == 0) {
                this.mConn.setDisallowedApplications(null);
            } else {
                this.mConn.setDisallowedApplications(new ArrayList(Arrays.asList(str2.split("\\s*,\\s*"))));
            }
            return this;
        }

        ManagedConnectionBuilder setProtocol(String str, String str2, String str3) {
            if (str == null) {
                this.mConn.SetConnectProtocolType(ConnectProtocolType.Ssl);
            } else {
                this.mConn.SetConnectProtocolType(ConnectProtocolType.fromString(str));
            }
            if (str2 == null) {
                this.mConn.SetIPsecAuthMode(IPsecAuthMode.USER_AUTH_IKE_EAP_ANYCONNECT);
            } else {
                this.mConn.SetIPsecAuthMode(IPsecAuthMode.fromString(str2));
            }
            this.mConn.SetIKEIdentity(str3);
            return this;
        }
    }

    public ManagedConfigParser(Bundle bundle) {
        this.mBundle = bundle;
    }

    private ManagedConnection parseLegacyVpnConfig() {
        ManagedConnectionBuilder managedConnectionBuilder = new ManagedConnectionBuilder(this.mBundle.getString("vpn_connection_name"), this.mBundle.getString("vpn_connection_host"));
        managedConnectionBuilder.setProtocol(this.mBundle.getString("vpn_connection_protocol"), this.mBundle.getString("vpn_connection_ipsec_auth_mode"), this.mBundle.getString("vpn_connection_ipsec_ike_identity"));
        String string = this.mBundle.getString("vpn_connection_allowed_apps");
        if (string == null || string.length() == 0) {
            string = this.mBundle.getString("vpn_connection_perapp");
        }
        managedConnectionBuilder.setPerApp(string, this.mBundle.getString("vpn_connection_disallowed_apps"));
        managedConnectionBuilder.setAllowBypass(this.mBundle.getBoolean("vpn_connection_allow_bypass"));
        managedConnectionBuilder.setCert(this.mBundle.getString("vpn_connection_keychain_cert_alias"));
        managedConnectionBuilder.setActive(this.mBundle.getBoolean("vpn_connection_set_active", true));
        return managedConnectionBuilder.build();
    }

    private ManagedConnection parseVpnConfig(Bundle bundle) {
        ManagedConnectionBuilder managedConnectionBuilder = new ManagedConnectionBuilder(bundle.getString("vpn_name"), bundle.getString("vpn_host"));
        managedConnectionBuilder.setProtocol(bundle.getString("vpn_protocol"), bundle.getString("vpn_ipsec_auth_mode"), bundle.getString("vpn_ipsec_ike_identity"));
        managedConnectionBuilder.setPerApp(bundle.getString("vpn_allowed_apps"), this.mBundle.getString("vpn_disallowed_apps"));
        managedConnectionBuilder.setAllowBypass(bundle.getBoolean("vpn_allow_bypass"));
        managedConnectionBuilder.setCert(bundle.getString("vpn_keychain_cert_alias"));
        managedConnectionBuilder.setActive(bundle.getBoolean("vpn_set_active", false));
        return managedConnectionBuilder.build();
    }

    public boolean getCertRevocation() {
        return this.mBundle.getBoolean(VPN_SETTING_CERTIFICATE_REVOCATION, false);
    }

    public List<ManagedConnection> getConnections() {
        return new ArrayList(this.mConns);
    }

    public String getDescription() {
        String str = "MANAGED CONFIGURATION\n--------------------------------------------";
        String str2 = isFipsSet() ? str + "\nfips = " + getFips() : str + "\nfips is not set";
        String str3 = isStrictCertSet() ? str2 + "\nstrictCert = " + getStrictCert() : str2 + "\nstrictCert is not set";
        String str4 = isCertRevocationSet() ? str3 + "\ncertRevocation = " + getCertRevocation() : str3 + "\ncertRevocation is not set";
        String str5 = (isSavePasswordSet() ? str4 + "\nsavePass = " + getSavePassword() : str4 + "\nsavePass is not set") + "\n--------------------------------------------\n";
        Iterator<ManagedConnection> it = this.mConns.iterator();
        while (it.hasNext()) {
            str5 = (str5 + it.next().getDescription()) + "\n--------------------------------------------\n";
        }
        return str5;
    }

    public boolean getFips() {
        return this.mBundle.getBoolean(VPN_SETTING_FIPS_MODE, false);
    }

    public Set<String> getKeychainAliases() {
        HashSet hashSet = new HashSet();
        Iterator<ManagedConnection> it = this.mConns.iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().keychainAlias);
        }
        return hashSet;
    }

    public String getProfile() {
        return this.mBundle.getString(VPN_CONNECTION_PROFILE);
    }

    public boolean getSavePassword() {
        return this.mBundle.getBoolean(VPN_SETTING_ALLOW_SAVED_CREDENTIALS, false);
    }

    public boolean getStrictCert() {
        return this.mBundle.getBoolean(VPN_SETTING_STRICT_MODE, false);
    }

    public boolean hasProfile() {
        return this.mBundle.getString(VPN_CONNECTION_PROFILE) != null && this.mBundle.getString(VPN_CONNECTION_PROFILE).length() > 0;
    }

    public boolean isCertRevocationSet() {
        return this.mBundle.containsKey(VPN_SETTING_CERTIFICATE_REVOCATION);
    }

    public boolean isFipsSet() {
        return this.mBundle.containsKey(VPN_SETTING_FIPS_MODE);
    }

    public boolean isSavePasswordSet() {
        return this.mBundle.containsKey(VPN_SETTING_ALLOW_SAVED_CREDENTIALS);
    }

    public boolean isStrictCertSet() {
        return this.mBundle.containsKey(VPN_SETTING_STRICT_MODE);
    }

    public void parse() {
        this.mConns = new ArrayList();
        ManagedConnection parseLegacyVpnConfig = parseLegacyVpnConfig();
        if (parseLegacyVpnConfig != null) {
            this.mConns.add(parseLegacyVpnConfig);
        }
        Parcelable[] parcelableArray = this.mBundle.getParcelableArray("vpn_configuration_list");
        if (parcelableArray != null) {
            for (Parcelable parcelable : parcelableArray) {
                ManagedConnection parseVpnConfig = parseVpnConfig((Bundle) parcelable);
                if (parseVpnConfig != null) {
                    this.mConns.add(parseVpnConfig);
                }
            }
        }
    }

    public boolean shouldDeleteProfile() {
        return this.mBundle.containsKey(VPN_CONNECTION_PROFILE) && this.mBundle.getString(VPN_CONNECTION_PROFILE) != null && this.mBundle.getString(VPN_CONNECTION_PROFILE).isEmpty();
    }
}
