package com.google.android.libraries.privacy.ppn.neon;

import android.accounts.Account;
import android.app.Notification;
import android.content.Context;
import android.net.Ikev2VpnProfile;
import android.net.VpnManager;
import android.net.VpnService;
import android.net.ipsec.ike.ChildSaProposal;
import android.net.ipsec.ike.IkeKeyIdIdentification;
import android.net.ipsec.ike.IkeSaProposal;
import android.net.ipsec.ike.IkeSessionParams;
import android.net.ipsec.ike.IkeTunnelConnectionParams;
import android.net.ipsec.ike.TunnelModeChildSessionParams;
import android.system.OsConstants;
import android.util.Log;
import com.google.android.libraries.privacy.ppn.internal.http.HttpFetcher;
import com.google.android.libraries.privacy.ppn.krypton.OAuthTokenProvider;
import com.google.android.libraries.privacy.ppn.neon.Provision;
import defpackage.kfz;
import defpackage.kga;
import defpackage.kgb;
import defpackage.kgc;
import defpackage.kgi;
import defpackage.kgj;
import defpackage.kgm;
import defpackage.kgr;
import defpackage.kgt;
import defpackage.kgv;
import defpackage.kgx;
import defpackage.khg;
import defpackage.kiu;
import defpackage.nxc;
import defpackage.nxg;
import defpackage.nyl;
import j$.time.Duration;
import java.util.concurrent.ExecutorService;
import java.util.function.Supplier;
import org.json.JSONObject;

/* compiled from: PG */
/* loaded from: classes.dex */
public class IkePpnImpl implements Provision.Listener, kgb {
    private static final String TAG = "IkePpnImpl";
    private final kgv accountCache;
    private final kgc accountManager;
    private final ExecutorService backgroundExecutor;
    private final Context context;
    private final HttpFetcher httpFetcher;
    private final kgm options;
    private final Provision provision;
    private final OAuthTokenProvider tokenProvider;
    private final VpnManager vpnManager;

    public IkePpnImpl(Context context, kgm kgmVar) {
        this.context = context.getApplicationContext();
        this.options = kgmVar;
        HttpFetcher httpFetcher = new HttpFetcher(new ProvisionSocketFactoryFactory(null));
        this.httpFetcher = httpFetcher;
        ExecutorService executorService = kgmVar.l;
        this.backgroundExecutor = executorService;
        this.vpnManager = (VpnManager) context.getSystemService("vpn_management");
        kgc kgcVar = (kgc) kgmVar.m.orElseGet(new Supplier() { // from class: com.google.android.libraries.privacy.ppn.neon.IkePpnImpl$$ExternalSyntheticLambda0
            @Override // java.util.function.Supplier
            public final Object get() {
                return new khg();
            }
        });
        this.accountManager = kgcVar;
        this.accountCache = new kgv(context, executorService, kgcVar);
        if (kgmVar.n) {
            final kgx kgxVar = new kgx(context, kgmVar);
            this.tokenProvider = new OAuthTokenProvider(this) { // from class: com.google.android.libraries.privacy.ppn.neon.IkePpnImpl.1
                final /* synthetic */ IkePpnImpl this$0;

                {
                    this.this$0 = this;
                }

                @Override // com.google.android.libraries.privacy.ppn.krypton.OAuthTokenProvider
                public void clearOAuthToken(String str) {
                    this.this$0.clearOAuthToken(str);
                }

                @Override // com.google.android.libraries.privacy.ppn.krypton.OAuthTokenProvider
                public byte[] getAttestationData(String str) {
                    return kgxVar.a(str, null);
                }

                @Override // com.google.android.libraries.privacy.ppn.krypton.OAuthTokenProvider
                public String getOAuthToken() {
                    try {
                        return this.this$0.getOAuthToken();
                    } catch (kgi e) {
                        Log.e(IkePpnImpl.TAG, "Unable to get account.", e);
                        return "";
                    }
                }
            };
        } else {
            this.tokenProvider = new OAuthTokenProvider() { // from class: com.google.android.libraries.privacy.ppn.neon.IkePpnImpl.2
                @Override // com.google.android.libraries.privacy.ppn.krypton.OAuthTokenProvider
                public void clearOAuthToken(String str) {
                    IkePpnImpl.this.clearOAuthToken(str);
                }

                @Override // com.google.android.libraries.privacy.ppn.krypton.OAuthTokenProvider
                public byte[] getAttestationData(String str) {
                    return null;
                }

                @Override // com.google.android.libraries.privacy.ppn.krypton.OAuthTokenProvider
                public String getOAuthToken() {
                    try {
                        return IkePpnImpl.this.getOAuthToken();
                    } catch (kgi e) {
                        Log.e(IkePpnImpl.TAG, "Unable to get account.", e);
                        return "";
                    }
                }
            };
        }
        this.provision = new Provision(kgmVar, httpFetcher, this.tokenProvider, this);
    }

    private Ikev2VpnProfile buildVpnProfile(kiu kiuVar) {
        byte[] A = kiuVar.a.A();
        return new Ikev2VpnProfile.Builder(new IkeTunnelConnectionParams(new IkeSessionParams.Builder().setServerHostname(kiuVar.c).setLocalIdentification(new IkeKeyIdIdentification(A)).setRemoteIdentification(new IkeKeyIdIdentification("wormhole-server".getBytes())).setAuthPsk(kiuVar.b.A()).addIkeSaProposal(new IkeSaProposal.Builder().addEncryptionAlgorithm(20, 256).addDhGroup(16).addPseudorandomFunction(4).build()).addIkeOption(2).addIkeOption(3).build(), new TunnelModeChildSessionParams.Builder().addChildSaProposal(new ChildSaProposal.Builder().addEncryptionAlgorithm(20, 256).build()).addInternalAddressRequest(OsConstants.AF_INET).addInternalAddressRequest(OsConstants.AF_INET6).addInternalDnsServerRequest(OsConstants.AF_INET).addInternalDnsServerRequest(OsConstants.AF_INET6).build())).setMaxMtu(1280).setMetered(false).setBypassable(true).setLocalRoutesExcluded(true).setRequiresInternetValidation(true).build();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void clearOAuthToken(String str) {
        this.accountManager.c(this.context, str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String getOAuthToken() {
        kgv kgvVar = this.accountCache;
        return this.accountManager.b(this.context, kgvVar.a(), this.options.b, null);
    }

    private void setUpIke(kiu kiuVar) {
        if (this.vpnManager.provisionVpnProfile(buildVpnProfile(kiuVar)) != null) {
            Log.e(TAG, "provisionVpnProfile returned a non-null Intent.");
        }
        this.vpnManager.startProvisionedVpnProfileSession();
    }

    @Override // defpackage.kgb
    public kgt collectTelemetry() {
        return kgt.a().a();
    }

    @Override // defpackage.kgb
    public nxg extendSnooze(Duration duration) {
        String.valueOf(duration);
        return nyl.o(new IllegalStateException("not implemented"));
    }

    @Override // defpackage.kgb
    public JSONObject getDebugJson() {
        return new JSONObject();
    }

    @Override // defpackage.kgb
    public boolean isRunning() {
        return false;
    }

    public boolean isSafeDisconnectEnabled() {
        return false;
    }

    @Override // com.google.android.libraries.privacy.ppn.neon.Provision.Listener
    public void onProvisioned(kiu kiuVar) {
        IkePpnStateTracker.getInstance().setProvisioned();
        setUpIke(kiuVar);
    }

    @Override // com.google.android.libraries.privacy.ppn.neon.Provision.Listener
    public void onProvisioningFailure(kgr kgrVar, boolean z) {
        Log.e(TAG, "Provisioning failed: " + String.valueOf(kgrVar.b) + ": " + kgrVar.c);
        IkePpnStateTracker.getInstance().setProvisionFailed(kgrVar, z);
    }

    public /* synthetic */ void onServiceStarted(VpnService vpnService) {
    }

    public /* synthetic */ void onServiceStopped() {
    }

    @Override // defpackage.kgb
    public nxg restart() {
        return nxc.a;
    }

    @Override // defpackage.kgb
    public nxg resume() {
        return nyl.o(new IllegalStateException("not implemented"));
    }

    public void setAccount(Account account) {
        this.accountCache.b(account);
    }

    public void setBypassOptions(kfz kfzVar) {
        throw new UnsupportedOperationException("setBypassOptions is not implemented");
    }

    @Override // defpackage.kgb
    public void setDisallowedApplications(Iterable iterable) {
    }

    @Override // defpackage.kgb
    public nxg setIpGeoLevel(kga kgaVar) {
        String.valueOf(kgaVar);
        return nyl.o(new IllegalStateException("not implemented"));
    }

    @Override // defpackage.kgb
    public void setNotification(int i, Notification notification) {
    }

    @Override // defpackage.kgb
    public void setPpnListener(kgj kgjVar) {
        IkePpnStateTracker.getInstance().setListener(kgjVar);
    }

    @Override // defpackage.kgb
    public nxg setSafeDisconnectEnabled(boolean z) {
        return nyl.o(new IllegalStateException("not implemented"));
    }

    public nxg setSimulatedNetworkFailure(boolean z) {
        return nyl.o(new IllegalStateException("not implemented"));
    }

    @Override // defpackage.kgb
    public nxg snooze(Duration duration) {
        String.valueOf(duration);
        return nyl.o(new IllegalStateException("not implemented"));
    }

    @Override // defpackage.kgb
    public void start(Account account) {
        this.accountCache.b(account);
        IkePpnStateTracker.getInstance().setStarted(account);
        this.provision.start();
    }

    @Override // defpackage.kgb
    public void stop() {
        IkePpnStateTracker.getInstance().setStopped(kgr.a);
        this.vpnManager.stopProvisionedVpnProfile();
    }
}
