package org.openmuc.jdlms.internal.systemclasses;

import java.util.Iterator;
import java.util.List;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.openmuc.jdlms.AttributeAccessMode;
import org.openmuc.jdlms.CosemAttribute;
import org.openmuc.jdlms.CosemClass;
import org.openmuc.jdlms.CosemMethod;
import org.openmuc.jdlms.CosemSnInterfaceObject;
import org.openmuc.jdlms.IllegalAttributeAccessException;
import org.openmuc.jdlms.IllegalMethodAccessException;
import org.openmuc.jdlms.LogicalDevice;
import org.openmuc.jdlms.MethodAccessMode;
import org.openmuc.jdlms.MethodResultCode;
import org.openmuc.jdlms.SecurityUtils;
import org.openmuc.jdlms.datatypes.DataObject;
import org.openmuc.jdlms.internal.DataDirectoryImpl;
import org.openmuc.jdlms.internal.DlmsEnumFunctions;
import org.openmuc.jdlms.internal.SecSuiteAccessor;
import org.openmuc.jdlms.internal.ServerConnectionData;
import org.openmuc.jdlms.internal.WellKnownInstanceIds;

@CosemClass(id = 64, version = 0)
/* loaded from: input_file:org/openmuc/jdlms/internal/systemclasses/SecuritySetup.class */
public class SecuritySetup extends CosemSnInterfaceObject {

    @CosemAttribute(id = 2, accessMode = AttributeAccessMode.AUTHENTICATED_READ_ONLY)
    private DataObject securityPolicy;

    @CosemAttribute(id = 3, accessMode = AttributeAccessMode.AUTHENTICATED_READ_ONLY)
    private DataObject securitySuite;

    @CosemAttribute(id = 4, accessMode = AttributeAccessMode.AUTHENTICATED_READ_ONLY)
    private DataObject clientSystemTitle;

    @CosemAttribute(id = 5, accessMode = AttributeAccessMode.AUTHENTICATED_READ_ONLY)
    private final DataObject serverSystemTitle;

    @CosemDataDirectory
    private DataDirectoryImpl dataDirectory;
    private final byte[] masterKey;
    private final LogicalDevice logicalDevice;

    public SecuritySetup(LogicalDevice logicalDevice) {
        super(0, WellKnownInstanceIds.SECURITY_SETUP_ID);
        this.logicalDevice = logicalDevice;
        this.masterKey = logicalDevice.getMasterKey();
        this.serverSystemTitle = DataObject.newOctetStringData(logicalDevice.getSystemTitle());
    }

    public DataObject getSecurityPolicy(Long l) {
        return DataObject.newEnumerateData(connectionDataFor(l).securitySuite.getSecurityPolicy().getId());
    }

    public DataObject getSecuritySuite(Long l) throws IllegalAttributeAccessException {
        return DataObject.newEnumerateData(connectionDataFor(l).securitySuite.getSecurityPolicy().getId());
    }

    private ServerConnectionData connectionDataFor(Long l) {
        return this.dataDirectory.getConnectionData(l);
    }

    public DataObject getClientSystemTitle(Long l) {
        return DataObject.newOctetStringData(connectionDataFor(l).clientSystemTitle);
    }

    public DataObject getServerSystemTitle() {
        return this.serverSystemTitle;
    }

    @CosemMethod(id = 2, consumes = DataObject.Type.ARRAY, accessMode = MethodAccessMode.AUTHENTICATED_ACCESS)
    public void globalKeyTransfer(DataObject dataObject, Long l) throws IllegalMethodAccessException {
        List list = (List) dataObject.getValue();
        if (((DataObject) list.get(0)).getType() != DataObject.Type.STRUCTURE) {
            throw new IllegalMethodAccessException(MethodResultCode.TYPE_UNMATCHED);
        }
        int i = this.dataDirectory.getConnectionData(l).clientId;
        Iterator it = list.iterator();
        while (it.hasNext()) {
            updateKey((DataObject) it.next(), i);
        }
    }

    private void updateKey(DataObject dataObject, int i) throws IllegalMethodAccessException {
        List list = (List) dataObject.getValue();
        if (list.size() != 2) {
            throw new IllegalMethodAccessException(MethodResultCode.TYPE_UNMATCHED);
        }
        DataObject dataObject2 = (DataObject) list.get(0);
        DataObject dataObject3 = (DataObject) list.get(1);
        if (dataObject2.getType() != DataObject.Type.ENUMERATE || dataObject3.getType() != DataObject.Type.OCTET_STRING) {
            throw new IllegalMethodAccessException(MethodResultCode.TYPE_UNMATCHED);
        }
        SecurityUtils.KeyId keyId = (SecurityUtils.KeyId) DlmsEnumFunctions.enumValueFrom(((Number) dataObject2.getValue()).intValue(), SecurityUtils.KeyId.class);
        if (keyId == SecurityUtils.KeyId.GLOBAL_BROADCAST_ENCRYPTION_KEY) {
            throw new IllegalMethodAccessException(MethodResultCode.OTHER_REASON);
        }
        try {
            byte[] unwrapAesRFC3394Key = SecurityUtils.unwrapAesRFC3394Key(this.masterKey, (byte[]) dataObject3.getValue());
            SecSuiteAccessor secSuiteAccessor = (SecSuiteAccessor) this.logicalDevice.getRestrictions().get(Integer.valueOf(i));
            switch (keyId) {
                case AUTHENTICATION_KEY:
                    secSuiteAccessor.updateAuthentciationKey(unwrapAesRFC3394Key);
                    return;
                case GLOBAL_UNICAST_ENCRYPTION_KEY:
                    secSuiteAccessor.updateGlobalUnicastEncryptionKey(unwrapAesRFC3394Key);
                    return;
                case GLOBAL_BROADCAST_ENCRYPTION_KEY:
                default:
                    throw new IllegalMethodAccessException(MethodResultCode.OTHER_REASON);
            }
        } catch (InvalidCipherTextException e) {
            throw new IllegalMethodAccessException(MethodResultCode.OTHER_REASON);
        }
    }
}
