package org.openmuc.jdlms;

import java.util.Map;
import org.openmuc.jdlms.datatypes.DlmsEnumeration;
import org.openmuc.jdlms.internal.DlmsEnumFunctions;
import org.openmuc.jdlms.sessionlayer.hdlc.HdlcParameters;

/* loaded from: input_file:org/openmuc/jdlms/SecuritySuite.class */
public class SecuritySuite {
    byte[] globalUnicastEncryptionKey;
    byte[] authenticationKey;
    byte[] password;
    private final EncryptionMechanism encryptionMechanism;
    private final AuthenticationMechanism authenticationMechanism;
    private final SecurityPolicy securityPolicy;

    /* loaded from: input_file:org/openmuc/jdlms/SecuritySuite$EncryptionMechanism.class */
    public enum EncryptionMechanism implements DlmsEnumeration {
        NONE(-1, -1),
        AES_GCM_128(0, HdlcParameters.MIN_INFORMATION_LENGTH),
        AES_GCM_256(1, 256);

        private final int id;
        private final int keyLength;
        private static final Map<Long, EncryptionMechanism> idMap = DlmsEnumFunctions.generateEnumMap(EncryptionMechanism.class);

        EncryptionMechanism(int i, int i2) {
            this.id = i;
            this.keyLength = i2;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void checkKeyLength(byte[] bArr, byte[] bArr2) {
            if (this == NONE) {
                return;
            }
            if (bArr == null) {
                throw new IllegalArgumentException("The key is not allowed to be null.");
            }
            if (bArr2 != null && bArr2.length != bArr.length) {
                throw new IllegalArgumentException("Authentication key length does not match encryption key length.");
            }
            if (bArr.length * 8 != this.keyLength) {
                throw new IllegalArgumentException("The key has an invalid length.");
            }
        }

        @Override // org.openmuc.jdlms.datatypes.DlmsEnumeration
        public long getCode() {
            return this.id;
        }

        public static EncryptionMechanism getInstance(long j) {
            EncryptionMechanism encryptionMechanism = idMap.get(Long.valueOf(j));
            if (encryptionMechanism == null) {
                throw new IllegalArgumentException("invalid ID: " + j);
            }
            return encryptionMechanism;
        }
    }

    /* loaded from: input_file:org/openmuc/jdlms/SecuritySuite$SecurityPolicy.class */
    public enum SecurityPolicy {
        NOTHING(0),
        AUTHENTICATED(1),
        ENCRYPTED(2),
        AUTHENTICATED_AND_ENCRYPTED(3);

        private final int id;

        SecurityPolicy(int i) {
            this.id = i;
        }

        public String keyName() {
            return name();
        }

        public boolean isAuthenticated() {
            return this == AUTHENTICATED || this == AUTHENTICATED_AND_ENCRYPTED;
        }

        public boolean isEncrypted() {
            return this == ENCRYPTED || this == AUTHENTICATED_AND_ENCRYPTED;
        }

        public int getId() {
            return this.id;
        }
    }

    /* loaded from: input_file:org/openmuc/jdlms/SecuritySuite$SecuritySuiteBuilder.class */
    public static class SecuritySuiteBuilder {
        private AuthenticationMechanism authenticationMechanism;
        private EncryptionMechanism encryptionMechanism;
        private byte[] globalUnicastEncryptionKey;
        private byte[] authenticationKey;
        private byte[] password;
        private SecurityPolicy securityPolicy;

        private SecuritySuiteBuilder() {
            this.authenticationKey = null;
            this.globalUnicastEncryptionKey = null;
            this.password = null;
            this.authenticationMechanism = AuthenticationMechanism.NONE;
            this.encryptionMechanism = EncryptionMechanism.NONE;
        }

        public SecuritySuiteBuilder setSecurityPolicy(SecurityPolicy securityPolicy) {
            this.securityPolicy = securityPolicy;
            return this;
        }

        public SecuritySuiteBuilder setEncryptionMechanism(EncryptionMechanism encryptionMechanism) {
            if (encryptionMechanism == null) {
                throw new IllegalArgumentException("The cryptographic algorithm is not allowed to be null!");
            }
            this.encryptionMechanism = encryptionMechanism;
            return this;
        }

        public SecuritySuiteBuilder setAuthenticationMechanism(AuthenticationMechanism authenticationMechanism) {
            if (authenticationMechanism == null) {
                throw new IllegalArgumentException("The authentication mechanism is not allowed to be null!");
            }
            this.authenticationMechanism = authenticationMechanism;
            return this;
        }

        public SecuritySuiteBuilder setGlobalUnicastEncryptionKey(byte[] bArr) {
            this.globalUnicastEncryptionKey = bArr;
            return this;
        }

        public SecuritySuiteBuilder setPassword(byte[] bArr) {
            this.password = bArr;
            return this;
        }

        public SecuritySuiteBuilder setAuthenticationKey(byte[] bArr) {
            this.authenticationKey = bArr;
            return this;
        }

        public SecuritySuite build() {
            if (this.securityPolicy == null) {
                if (this.authenticationMechanism.isHlsMechanism()) {
                    if (this.encryptionMechanism != EncryptionMechanism.NONE) {
                        this.securityPolicy = SecurityPolicy.AUTHENTICATED_AND_ENCRYPTED;
                    } else {
                        this.securityPolicy = SecurityPolicy.AUTHENTICATED;
                    }
                } else if (this.encryptionMechanism != EncryptionMechanism.NONE) {
                    this.securityPolicy = SecurityPolicy.ENCRYPTED;
                } else {
                    this.securityPolicy = SecurityPolicy.NOTHING;
                }
            }
            validateFields();
            return new SecuritySuiteImpl(SecuritySuite.saveArrayClone(this.globalUnicastEncryptionKey), SecuritySuite.saveArrayClone(this.authenticationKey), SecuritySuite.saveArrayClone(this.password), this.encryptionMechanism, this.authenticationMechanism, this.securityPolicy);
        }

        private void validateFields() {
            validateSecurityPolicy();
            this.encryptionMechanism.checkKeyLength(this.globalUnicastEncryptionKey, this.authenticationKey);
            switch (this.authenticationMechanism) {
                case HLS5_GMAC:
                    if (this.authenticationKey == null || this.globalUnicastEncryptionKey == null || this.globalUnicastEncryptionKey.length != this.authenticationKey.length) {
                        throw new IllegalArgumentException("Authentication/Encryption key either not supplied or don't match in length.");
                    }
                    return;
                case LOW:
                    if (this.password == null) {
                        throw new IllegalArgumentException("Password is not set for the security level low.");
                    }
                    return;
                case NONE:
                default:
                    return;
            }
        }

        private void validateSecurityPolicy() {
            if ((this.securityPolicy == SecurityPolicy.ENCRYPTED || this.securityPolicy == SecurityPolicy.AUTHENTICATED_AND_ENCRYPTED) && this.encryptionMechanism == EncryptionMechanism.NONE) {
                throw new IllegalArgumentException("Select a cryptographical algorithm to encrypt messages.");
            }
            if ((this.securityPolicy == SecurityPolicy.AUTHENTICATED || this.securityPolicy == SecurityPolicy.AUTHENTICATED_AND_ENCRYPTED) && !this.authenticationMechanism.isHlsMechanism()) {
                throw new IllegalArgumentException("Select a HLS authentication, to authenticate messages.");
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecuritySuite(byte[] bArr, byte[] bArr2, byte[] bArr3, EncryptionMechanism encryptionMechanism, AuthenticationMechanism authenticationMechanism, SecurityPolicy securityPolicy) {
        this.globalUnicastEncryptionKey = bArr;
        this.authenticationKey = bArr2;
        this.password = bArr3;
        this.encryptionMechanism = encryptionMechanism;
        this.authenticationMechanism = authenticationMechanism;
        this.securityPolicy = securityPolicy;
    }

    public byte[] getGlobalUnicastEncryptionKey() {
        return this.globalUnicastEncryptionKey;
    }

    public byte[] getAuthenticationKey() {
        return this.authenticationKey;
    }

    public byte[] getPassword() {
        return this.password;
    }

    public EncryptionMechanism getEncryptionMechanism() {
        return this.encryptionMechanism;
    }

    public AuthenticationMechanism getAuthenticationMechanism() {
        return this.authenticationMechanism;
    }

    public SecurityPolicy getSecurityPolicy() {
        return this.securityPolicy;
    }

    public static SecuritySuiteBuilder builder() {
        return new SecuritySuiteBuilder();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static byte[] saveArrayClone(byte[] bArr) {
        if (bArr != null) {
            return (byte[]) bArr.clone();
        }
        return null;
    }

    public static SecuritySuite newSecuritySuiteFrom(SecuritySuite securitySuite) {
        return new SecuritySuiteImpl(saveArrayClone(securitySuite.globalUnicastEncryptionKey), saveArrayClone(securitySuite.authenticationKey), saveArrayClone(securitySuite.password), securitySuite.encryptionMechanism, securitySuite.authenticationMechanism, securitySuite.securityPolicy);
    }
}
