package com.cisco.anyconnect.vpn.android.apptunnel;

import com.cisco.anyconnect.vpn.android.util.AppLog;
import com.cisco.anyconnect.vpn.jni.CertAuthMode;
import com.cisco.anyconnect.vpn.jni.ConnectProtocolType;
import com.cisco.anyconnect.vpn.jni.HostEntry;
import com.cisco.anyconnect.vpn.jni.IPsecAuthMode;
import java.text.ParseException;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class KnoxJsonConnectionProfile {
    public static final String AnyConnectVPNConnection = "AnyConnectVPNConnection";
    public static final String Authentication = "authentication";
    public static final String CCMCERTALIAS = "ccmcertalias";
    public static final String CERTALIAS = "certalias";
    public static final String CertCommonName = "certcommonname";
    private static final String ENTITY_NAME = "KnoxJsonConnectionProfile";
    public static final String Host = "host";
    public static final String Ike_Identity = "ike-identity";
    public static final String KNOX_META_ATTRIBUTE = "uidpid_search_enabled";
    public static final int KNOX_META_ENABLED = 1;
    public static final String KNOX_SECTION = "knox";
    public static final String KNOX_VPN_PARAMETERS = "KNOX_VPN_PARAMETERS";
    public static final int KNOX_VPN_ROUTE_TYPE_APP_TUNNEL = 1;
    public static final int KNOX_VPN_ROUTE_TYPE_SYSTEM = 0;
    public static final String PROFILE_ATTRIBUTE = "profile_attribute";
    public static final String PROFILE_NAME = "profileName";
    public static final String UseCert = "usecert";
    public static final String UserGroup = "usergroup";
    public static final String VENDOR = "vendor";
    public static final String VPN_ROUTE_TYPE = "vpn_route_type";
    public static final int VPN_ROUTE_TYPE_PERAPP = 1;
    public static final int VPN_ROUTE_TYPE_SYSTEM = 0;
    public static final String VPN_TYPE = "vpn_type";
    public static final String VPN_TYPE_IPSEC = "ipsec";
    public static final String VPN_TYPE_SSL = "ssl";
    private HostEntry mEntry;
    private boolean mKnoxMetaEnabled;

    /* loaded from: classes.dex */
    public static class KnoxJsonParser {
        private String mCcmCertAlias;
        private String mCertAlias;
        private HostEntry mEntry = new HostEntry();
        private boolean mIsAppTunnel;
        private boolean mKnoxMetaEnabled;
        private String mKnoxProfileName;

        public KnoxJsonParser(String str) throws ParseException {
            boolean z = true;
            this.mIsAppTunnel = true;
            try {
                JSONObject jSONObject = new JSONObject(str).getJSONObject(KnoxJsonConnectionProfile.KNOX_VPN_PARAMETERS);
                JSONObject jSONObject2 = jSONObject.getJSONObject(KnoxJsonConnectionProfile.PROFILE_ATTRIBUTE);
                this.mKnoxProfileName = jSONObject2.getString(KnoxJsonConnectionProfile.PROFILE_NAME);
                this.mEntry.name = this.mKnoxProfileName + " (knox)";
                if (jSONObject2.getString(KnoxJsonConnectionProfile.VPN_TYPE).equals(KnoxJsonConnectionProfile.VPN_TYPE_IPSEC)) {
                    this.mEntry.protocol = ConnectProtocolType.Ipsec;
                } else {
                    this.mEntry.protocol = ConnectProtocolType.Ssl;
                }
                this.mIsAppTunnel = 1 == jSONObject2.getInt(KnoxJsonConnectionProfile.VPN_ROUTE_TYPE);
                try {
                    parseVendorJson(jSONObject.getJSONObject(KnoxJsonConnectionProfile.VENDOR).getJSONObject(KnoxJsonConnectionProfile.AnyConnectVPNConnection));
                } catch (JSONException unused) {
                    this.mEntry.host = jSONObject2.getString("host");
                }
                try {
                    JSONObject jSONObject3 = jSONObject.getJSONObject(KnoxJsonConnectionProfile.KNOX_SECTION);
                    jSONObject3.getInt(KnoxJsonConnectionProfile.KNOX_META_ATTRIBUTE);
                    if (jSONObject3.getInt(KnoxJsonConnectionProfile.KNOX_META_ATTRIBUTE) != 1) {
                        z = false;
                    }
                    this.mKnoxMetaEnabled = z;
                } catch (JSONException unused2) {
                }
            } catch (Exception e) {
                AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, KnoxJsonConnectionProfile.ENTITY_NAME, "Parsing JSON Profile failed", e);
                throw new ParseException("JSON Parsing failure " + e, 0);
            }
        }

        public HostEntry GetHostEntry() {
            return this.mEntry;
        }

        public String GetKnoxProfileName() {
            return this.mKnoxProfileName;
        }

        public boolean IsKnoxMetaEnabled() {
            return this.mKnoxMetaEnabled;
        }

        public String getCcmCertAlias() {
            return this.mCcmCertAlias;
        }

        public String getCertAlias() {
            return this.mCertAlias;
        }

        public boolean isAppTunnel() {
            return this.mIsAppTunnel;
        }

        void parseVendorJson(JSONObject jSONObject) throws ParseException {
            try {
                this.mEntry.host = jSONObject.getString("host");
                if (jSONObject.has(KnoxJsonConnectionProfile.UserGroup)) {
                    this.mEntry.userGroup = jSONObject.getString(KnoxJsonConnectionProfile.UserGroup);
                }
                if (jSONObject.has(KnoxJsonConnectionProfile.CERTALIAS)) {
                    this.mCertAlias = jSONObject.getString(KnoxJsonConnectionProfile.CERTALIAS);
                }
                if (jSONObject.has(KnoxJsonConnectionProfile.CCMCERTALIAS)) {
                    this.mCcmCertAlias = jSONObject.getString(KnoxJsonConnectionProfile.CCMCERTALIAS);
                }
                if (this.mEntry.protocol == ConnectProtocolType.Ipsec) {
                    if (jSONObject.has(KnoxJsonConnectionProfile.Authentication)) {
                        IPsecAuthMode fromString = IPsecAuthMode.fromString(jSONObject.getString(KnoxJsonConnectionProfile.Authentication));
                        if (IPsecAuthMode.USER_AUTH_UNKNOWN == fromString) {
                            AppLog.logDebugMessage(AppLog.Severity.DBG_WARN, KnoxJsonConnectionProfile.ENTITY_NAME, "JSON Parsing failure unknown IPsec authentication type defaulting to Ssl");
                            this.mEntry.protocol = ConnectProtocolType.Ssl;
                        } else {
                            this.mEntry.IPsecureAuthMode = fromString;
                        }
                        if (this.mEntry.IPsecureAuthMode == IPsecAuthMode.USER_AUTH_IKE_EAP_GTC || this.mEntry.IPsecureAuthMode == IPsecAuthMode.USER_AUTH_IKE_EAP_MD5 || this.mEntry.IPsecureAuthMode == IPsecAuthMode.USER_AUTH_IKE_EAP_MSCHAPv2) {
                            this.mEntry.ikeIdentity = jSONObject.getString(KnoxJsonConnectionProfile.Ike_Identity);
                        }
                    } else {
                        this.mEntry.IPsecureAuthMode = IPsecAuthMode.USER_AUTH_IKE_EAP_ANYCONNECT;
                    }
                }
                if (jSONObject.has(KnoxJsonConnectionProfile.UseCert)) {
                    AppLog.logDebugMessage(AppLog.Severity.DBG_WARN, KnoxJsonConnectionProfile.ENTITY_NAME, "setting cert auth to automatic");
                    this.mEntry.certificateAuthMode = CertAuthMode.Automatic;
                }
            } catch (Exception e) {
                AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, KnoxJsonConnectionProfile.ENTITY_NAME, "JSON parsing failure", e);
                throw new ParseException("JSON parsing failure " + e, 0);
            }
        }
    }

    public KnoxJsonConnectionProfile(HostEntry hostEntry, boolean z) {
        this.mEntry = hostEntry;
        this.mKnoxMetaEnabled = z;
    }

    public String GetJsonProfile(int i) {
        JSONObject jSONObject = new JSONObject();
        JSONObject jSONObject2 = new JSONObject();
        JSONObject jSONObject3 = new JSONObject();
        try {
            if (this.mEntry.name.contains(" (knox)")) {
                jSONObject2.put(PROFILE_NAME, this.mEntry.name.substring(0, this.mEntry.name.lastIndexOf(" (knox)")));
            } else {
                jSONObject2.put(PROFILE_NAME, this.mEntry.name);
            }
            jSONObject2.put(VPN_TYPE, this.mEntry.protocol == ConnectProtocolType.Ipsec ? VPN_TYPE_IPSEC : VPN_TYPE_SSL);
            jSONObject2.put(VPN_ROUTE_TYPE, 1);
            jSONObject3.put(PROFILE_ATTRIBUTE, jSONObject2);
            if (i == 11) {
                jSONObject2.put("host", this.mEntry.host);
                jSONObject3.put(KNOX_SECTION, new JSONObject());
            } else {
                jSONObject3.put(VENDOR, getVendorJson(this.mEntry));
                jSONObject3.put(KNOX_SECTION, getKnoxJson());
            }
            jSONObject.put(KNOX_VPN_PARAMETERS, jSONObject3);
        } catch (Exception e) {
            AppLog.error(this, "Exception", e);
        }
        return jSONObject.toString();
    }

    JSONObject getKnoxJson() {
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put(KNOX_META_ATTRIBUTE, this.mKnoxMetaEnabled ? 1 : 0);
        } catch (Exception e) {
            AppLog.error(this, "Exception", e);
        }
        return jSONObject;
    }

    JSONObject getVendorJson(HostEntry hostEntry) {
        JSONObject jSONObject = new JSONObject();
        JSONObject jSONObject2 = new JSONObject();
        try {
            jSONObject2.put("host", hostEntry.host);
            if (hostEntry.userGroup != null) {
                jSONObject2.put(UserGroup, hostEntry.userGroup);
            }
            if (hostEntry.protocol == ConnectProtocolType.Ipsec) {
                String str = hostEntry.IPsecureAuthMode == IPsecAuthMode.USER_AUTH_IKE_EAP_ANYCONNECT ? "EAP-AnyConnect" : hostEntry.IPsecureAuthMode == IPsecAuthMode.USER_AUTH_IKE_EAP_GTC ? "EAP-GTC" : hostEntry.IPsecureAuthMode == IPsecAuthMode.USER_AUTH_IKE_EAP_MD5 ? "EAP-MD5" : hostEntry.IPsecureAuthMode == IPsecAuthMode.USER_AUTH_IKE_EAP_MSCHAPv2 ? "EAP-MSCHAPv2" : hostEntry.IPsecureAuthMode == IPsecAuthMode.USER_AUTH_IKE_RSA ? "IKE-RSA" : null;
                if (str != null) {
                    jSONObject2.put(Authentication, str);
                    if ((hostEntry.IPsecureAuthMode == IPsecAuthMode.USER_AUTH_IKE_EAP_GTC || hostEntry.IPsecureAuthMode == IPsecAuthMode.USER_AUTH_IKE_EAP_MD5 || hostEntry.IPsecureAuthMode == IPsecAuthMode.USER_AUTH_IKE_EAP_MSCHAPv2) && hostEntry.ikeIdentity != null) {
                        jSONObject2.put(Ike_Identity, hostEntry.ikeIdentity);
                    }
                }
            }
            if (hostEntry.certificateAuthMode == CertAuthMode.Manual) {
                jSONObject2.put(UseCert, true);
                if (hostEntry.certCommonName != null) {
                    jSONObject2.put(CertCommonName, hostEntry.certCommonName);
                }
            }
            jSONObject.put(AnyConnectVPNConnection, jSONObject2);
        } catch (Exception e) {
            AppLog.error(this, "Exception", e);
        }
        return jSONObject;
    }
}
