package gurux.dlms.objects;

import gurux.dlms.GXByteBuffer;
import gurux.dlms.GXDLMSClient;
import gurux.dlms.GXDLMSSettings;
import gurux.dlms.GXDLMSTranslator;
import gurux.dlms.GXSimpleEntry;
import gurux.dlms.ValueEventArgs;
import gurux.dlms.asn.GXAsn1BitString;
import gurux.dlms.asn.GXAsn1Converter;
import gurux.dlms.asn.GXAsn1Sequence;
import gurux.dlms.asn.GXPkcs10;
import gurux.dlms.asn.GXx509Certificate;
import gurux.dlms.asn.enums.KeyUsage;
import gurux.dlms.enums.BerType;
import gurux.dlms.enums.DataType;
import gurux.dlms.enums.ErrorCode;
import gurux.dlms.enums.ObjectType;
import gurux.dlms.enums.Security;
import gurux.dlms.internal.GXCommon;
import gurux.dlms.objects.enums.CertificateEntity;
import gurux.dlms.objects.enums.CertificateType;
import gurux.dlms.objects.enums.GlobalKeyType;
import gurux.dlms.objects.enums.SecurityPolicy;
import gurux.dlms.objects.enums.SecurityPolicy0;
import gurux.dlms.objects.enums.SecuritySuite;
import gurux.dlms.secure.GXDLMSSecureClient;
import gurux.dlms.secure.GXSecure;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SignatureException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyAgreement;
import javax.crypto.NoSuchPaddingException;
import javax.xml.stream.XMLStreamException;

/* loaded from: input_file:gurux/dlms/objects/GXDLMSSecuritySetup.class */
public class GXDLMSSecuritySetup extends GXDLMSObject implements IGXDLMSBase {
    private Set<SecurityPolicy> securityPolicy;
    private SecurityPolicy0 securityPolicy0;
    private SecuritySuite securitySuite;
    private byte[] serverSystemTitle;
    private byte[] clientSystemTitle;
    private List<GXDLMSCertificateInfo> certificates;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: gurux.dlms.objects.GXDLMSSecuritySetup$1, reason: invalid class name */
    /* loaded from: input_file:gurux/dlms/objects/GXDLMSSecuritySetup$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$gurux$dlms$objects$enums$SecurityPolicy0;
        static final /* synthetic */ int[] $SwitchMap$gurux$dlms$objects$enums$GlobalKeyType;

        static {
            try {
                $SwitchMap$gurux$dlms$objects$enums$CertificateType[CertificateType.DIGITAL_SIGNATURE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$gurux$dlms$objects$enums$CertificateType[CertificateType.KEY_AGREEMENT.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$gurux$dlms$objects$enums$CertificateType[CertificateType.TLS.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$gurux$dlms$objects$enums$CertificateType[CertificateType.OTHER.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            $SwitchMap$gurux$dlms$objects$enums$GlobalKeyType = new int[GlobalKeyType.values().length];
            try {
                $SwitchMap$gurux$dlms$objects$enums$GlobalKeyType[GlobalKeyType.BROADCAST_ENCRYPTION.ordinal()] = 1;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$gurux$dlms$objects$enums$GlobalKeyType[GlobalKeyType.UNICAST_ENCRYPTION.ordinal()] = 2;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$gurux$dlms$objects$enums$GlobalKeyType[GlobalKeyType.AUTHENTICATION.ordinal()] = 3;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$gurux$dlms$objects$enums$GlobalKeyType[GlobalKeyType.KEK.ordinal()] = 4;
            } catch (NoSuchFieldError e8) {
            }
            $SwitchMap$gurux$dlms$objects$enums$SecurityPolicy0 = new int[SecurityPolicy0.values().length];
            try {
                $SwitchMap$gurux$dlms$objects$enums$SecurityPolicy0[SecurityPolicy0.NOTHING.ordinal()] = 1;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$gurux$dlms$objects$enums$SecurityPolicy0[SecurityPolicy0.AUTHENTICATED.ordinal()] = 2;
            } catch (NoSuchFieldError e10) {
            }
            try {
                $SwitchMap$gurux$dlms$objects$enums$SecurityPolicy0[SecurityPolicy0.ENCRYPTED.ordinal()] = 3;
            } catch (NoSuchFieldError e11) {
            }
            try {
                $SwitchMap$gurux$dlms$objects$enums$SecurityPolicy0[SecurityPolicy0.AUTHENTICATED_ENCRYPTED.ordinal()] = 4;
            } catch (NoSuchFieldError e12) {
            }
        }
    }

    public GXDLMSSecuritySetup() {
        this("0.0.43.0.0.255");
    }

    public GXDLMSSecuritySetup(String str) {
        this(str, 0);
    }

    public GXDLMSSecuritySetup(String str, int i) {
        super(ObjectType.SECURITY_SETUP, str, i);
        this.securityPolicy = new HashSet();
        this.securityPolicy0 = SecurityPolicy0.NOTHING;
        this.securitySuite = SecuritySuite.AES_GCM_128;
        this.certificates = new ArrayList();
    }

    public final Set<SecurityPolicy> getSecurityPolicy() {
        return this.securityPolicy;
    }

    public final void setSecurityPolicy(Set<SecurityPolicy> set) {
        this.securityPolicy = set;
    }

    public final SecurityPolicy0 getSecurityPolicy0() {
        return this.securityPolicy0;
    }

    public final void setSecurityPolicy0(SecurityPolicy0 securityPolicy0) {
        switch (AnonymousClass1.$SwitchMap$gurux$dlms$objects$enums$SecurityPolicy0[securityPolicy0.ordinal()]) {
            case 1:
            case 2:
            case 3:
            case BerType.OCTET_STRING /* 4 */:
                this.securityPolicy0 = securityPolicy0;
                return;
            default:
                throw new IllegalArgumentException();
        }
    }

    public final SecuritySuite getSecuritySuite() {
        return this.securitySuite;
    }

    public final void setSecuritySuite(SecuritySuite securitySuite) {
        this.securitySuite = securitySuite;
    }

    public final byte[] getClientSystemTitle() {
        return this.clientSystemTitle;
    }

    public final void setClientSystemTitle(byte[] bArr) {
        this.clientSystemTitle = bArr;
    }

    public final byte[] getServerSystemTitle() {
        return this.serverSystemTitle;
    }

    public final void setServerSystemTitle(byte[] bArr) {
        this.serverSystemTitle = bArr;
    }

    public final List<GXDLMSCertificateInfo> getCertificates() {
        return this.certificates;
    }

    @Override // gurux.dlms.objects.GXDLMSObject
    public final Object[] getValues() {
        return new Object[]{getLogicalName(), this.securityPolicy, this.securitySuite, this.clientSystemTitle, this.serverSystemTitle, this.certificates};
    }

    public final byte[][] activate(GXDLMSClient gXDLMSClient, SecurityPolicy0 securityPolicy0) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        return gXDLMSClient.method(this, 1, Integer.valueOf(securityPolicy0.ordinal()), DataType.ENUM);
    }

    public final byte[][] activate(GXDLMSClient gXDLMSClient, Set<SecurityPolicy> set) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        return gXDLMSClient.method(this, 1, Integer.valueOf(SecurityPolicy.toInteger(set)), DataType.ENUM);
    }

    public final byte[][] globalKeyTransfer(GXDLMSClient gXDLMSClient, byte[] bArr, List<GXSimpleEntry<GlobalKeyType, byte[]>> list) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        if (list == null || list.isEmpty()) {
            throw new IllegalArgumentException("Invalid list. It is empty.");
        }
        GXByteBuffer gXByteBuffer = new GXByteBuffer();
        gXByteBuffer.setUInt8(DataType.ARRAY.getValue());
        gXByteBuffer.setUInt8((byte) list.size());
        for (GXSimpleEntry<GlobalKeyType, byte[]> gXSimpleEntry : list) {
            gXByteBuffer.setUInt8(DataType.STRUCTURE.getValue());
            gXByteBuffer.setUInt8(2);
            GXCommon.setData(null, gXByteBuffer, DataType.ENUM, Integer.valueOf(gXSimpleEntry.getKey().ordinal()));
            GXCommon.setData(null, gXByteBuffer, DataType.OCTET_STRING, GXDLMSSecureClient.encrypt(bArr, gXSimpleEntry.getValue()));
        }
        return gXDLMSClient.method(this, 2, gXByteBuffer.array(), DataType.ARRAY);
    }

    public final byte[][] keyAgreement(GXDLMSClient gXDLMSClient, List<GXSimpleEntry<GlobalKeyType, byte[]>> list) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        if (list == null || list.isEmpty()) {
            throw new IllegalArgumentException("Invalid list. It is empty.");
        }
        GXByteBuffer gXByteBuffer = new GXByteBuffer();
        gXByteBuffer.setUInt8(DataType.ARRAY.getValue());
        gXByteBuffer.setUInt8((byte) list.size());
        for (GXSimpleEntry<GlobalKeyType, byte[]> gXSimpleEntry : list) {
            gXByteBuffer.setUInt8(DataType.STRUCTURE.getValue());
            gXByteBuffer.setUInt8(2);
            GXCommon.setData(null, gXByteBuffer, DataType.ENUM, Integer.valueOf(gXSimpleEntry.getKey().ordinal()));
            GXCommon.setData(null, gXByteBuffer, DataType.OCTET_STRING, gXSimpleEntry.getValue());
        }
        return gXDLMSClient.method(this, 3, gXByteBuffer.array(), DataType.ARRAY);
    }

    public final byte[][] keyAgreement(GXDLMSSecureClient gXDLMSSecureClient, GlobalKeyType globalKeyType) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        GXByteBuffer gXByteBuffer = new GXByteBuffer();
        byte[] ephemeralPublicKeyData = getEphemeralPublicKeyData(globalKeyType.ordinal(), gXDLMSSecureClient.getCiphering().getEphemeralKeyPair().getPublic());
        gXByteBuffer.set(ephemeralPublicKeyData, 1, 64);
        System.out.println("Signin public key: " + gXDLMSSecureClient.getCiphering().getSigningKeyPair().getPublic().toString());
        byte[] ephemeralPublicKeySignature = GXSecure.getEphemeralPublicKeySignature(globalKeyType.ordinal(), gXDLMSSecureClient.getCiphering().getEphemeralKeyPair().getPublic(), gXDLMSSecureClient.getCiphering().getSigningKeyPair().getPrivate());
        gXByteBuffer.set(ephemeralPublicKeySignature);
        System.out.println("Data: " + GXCommon.toHex(ephemeralPublicKeyData));
        System.out.println("Sign: " + GXCommon.toHex(ephemeralPublicKeySignature));
        ArrayList arrayList = new ArrayList();
        arrayList.add(new GXSimpleEntry<>(globalKeyType, gXByteBuffer.array()));
        return keyAgreement(gXDLMSSecureClient, arrayList);
    }

    public final byte[][] generateKeyPair(GXDLMSClient gXDLMSClient, CertificateType certificateType) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        return gXDLMSClient.method(this, 4, Integer.valueOf(certificateType.getValue()), DataType.ENUM);
    }

    public final byte[][] generateCertificate(GXDLMSClient gXDLMSClient, CertificateType certificateType) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        return gXDLMSClient.method(this, 5, Integer.valueOf(certificateType.getValue()), DataType.ENUM);
    }

    public final byte[][] importCertificate(GXDLMSClient gXDLMSClient, GXx509Certificate gXx509Certificate) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        return importCertificate(gXDLMSClient, gXx509Certificate.getEncoded());
    }

    public final byte[][] importCertificate(GXDLMSClient gXDLMSClient, byte[] bArr) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        return gXDLMSClient.method(this, 6, bArr, DataType.OCTET_STRING);
    }

    public final byte[][] exportCertificateByEntity(GXDLMSSecureClient gXDLMSSecureClient, CertificateEntity certificateEntity, CertificateType certificateType, byte[] bArr) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        if (bArr == null || bArr.length == 0) {
            throw new IllegalArgumentException("Invalid system title.");
        }
        GXByteBuffer gXByteBuffer = new GXByteBuffer();
        gXByteBuffer.setUInt8(DataType.STRUCTURE.getValue());
        gXByteBuffer.setUInt8(2);
        gXByteBuffer.setUInt8(DataType.ENUM.getValue());
        gXByteBuffer.setUInt8(0);
        gXByteBuffer.setUInt8(DataType.STRUCTURE.getValue());
        gXByteBuffer.setUInt8(3);
        gXByteBuffer.setUInt8(DataType.ENUM.getValue());
        gXByteBuffer.setUInt8(certificateEntity.getValue());
        gXByteBuffer.setUInt8(DataType.ENUM.getValue());
        gXByteBuffer.setUInt8(certificateType.getValue());
        GXCommon.setData(null, gXByteBuffer, DataType.OCTET_STRING, bArr);
        return gXDLMSSecureClient.method(this, 7, gXByteBuffer.array(), DataType.STRUCTURE);
    }

    public final byte[][] exportCertificateBySerial(GXDLMSSecureClient gXDLMSSecureClient, String str, String str2) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        GXByteBuffer gXByteBuffer = new GXByteBuffer();
        gXByteBuffer.setUInt8(DataType.STRUCTURE.getValue());
        gXByteBuffer.setUInt8(2);
        gXByteBuffer.setUInt8(DataType.ENUM.getValue());
        gXByteBuffer.setUInt8(1);
        gXByteBuffer.setUInt8(DataType.STRUCTURE.getValue());
        gXByteBuffer.setUInt8(2);
        GXCommon.setData(null, gXByteBuffer, DataType.OCTET_STRING, str.getBytes());
        GXCommon.setData(null, gXByteBuffer, DataType.OCTET_STRING, str2.getBytes());
        return gXDLMSSecureClient.method(this, 7, gXByteBuffer.array(), DataType.STRUCTURE);
    }

    public final byte[][] removeCertificateByEntity(GXDLMSSecureClient gXDLMSSecureClient, CertificateEntity certificateEntity, CertificateType certificateType, byte[] bArr) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        GXByteBuffer gXByteBuffer = new GXByteBuffer();
        gXByteBuffer.setUInt8(DataType.STRUCTURE.getValue());
        gXByteBuffer.setUInt8(2);
        gXByteBuffer.setUInt8(DataType.ENUM.getValue());
        gXByteBuffer.setUInt8(0);
        gXByteBuffer.setUInt8(DataType.STRUCTURE.getValue());
        gXByteBuffer.setUInt8(3);
        gXByteBuffer.setUInt8(DataType.ENUM.getValue());
        gXByteBuffer.setUInt8(certificateEntity.getValue());
        gXByteBuffer.setUInt8(DataType.ENUM.getValue());
        gXByteBuffer.setUInt8(certificateType.getValue());
        GXCommon.setData(null, gXByteBuffer, DataType.OCTET_STRING, bArr);
        return gXDLMSSecureClient.method(this, 8, gXByteBuffer.array(), DataType.STRUCTURE);
    }

    public final byte[][] removeCertificateBySerial(GXDLMSSecureClient gXDLMSSecureClient, String str, String str2) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        GXByteBuffer gXByteBuffer = new GXByteBuffer();
        gXByteBuffer.setUInt8(DataType.STRUCTURE.getValue());
        gXByteBuffer.setUInt8(2);
        gXByteBuffer.setUInt8(DataType.ENUM.getValue());
        gXByteBuffer.setUInt8(1);
        gXByteBuffer.setUInt8(DataType.STRUCTURE.getValue());
        gXByteBuffer.setUInt8(2);
        GXCommon.setData(null, gXByteBuffer, DataType.OCTET_STRING, str.getBytes());
        GXCommon.setData(null, gXByteBuffer, DataType.OCTET_STRING, str2.getBytes());
        return gXDLMSSecureClient.method(this, 8, gXByteBuffer.array(), DataType.STRUCTURE);
    }

    public static String systemTitleToSubject(byte[] bArr) {
        GXByteBuffer gXByteBuffer = new GXByteBuffer(bArr);
        gXByteBuffer.getData()[0] = 0;
        gXByteBuffer.getData()[1] = 0;
        gXByteBuffer.getData()[2] = 0;
        return ("CN=" + new String(bArr, 0, 3)) + String.valueOf(gXByteBuffer.getUInt64());
    }

    @Override // gurux.dlms.objects.GXDLMSObject, gurux.dlms.objects.IGXDLMSBase
    public final byte[] invoke(GXDLMSSettings gXDLMSSettings, ValueEventArgs valueEventArgs) {
        if (valueEventArgs.getIndex() == 1) {
            Security security = gXDLMSSettings.getCipher().getSecurity();
            if (getVersion() == 0) {
                SecurityPolicy0 securityPolicy0 = SecurityPolicy0.values()[((Number) valueEventArgs.getParameters()).byteValue()];
                setSecurityPolicy0(securityPolicy0);
                if (securityPolicy0 == SecurityPolicy0.AUTHENTICATED) {
                    gXDLMSSettings.getCipher().setSecurity(Security.AUTHENTICATION);
                    return null;
                }
                if (securityPolicy0 == SecurityPolicy0.ENCRYPTED) {
                    gXDLMSSettings.getCipher().setSecurity(Security.ENCRYPTION);
                    return null;
                }
                if (securityPolicy0 != SecurityPolicy0.AUTHENTICATED_ENCRYPTED) {
                    return null;
                }
                gXDLMSSettings.getCipher().setSecurity(Security.AUTHENTICATION_ENCRYPTION);
                return null;
            }
            if (getVersion() != 1) {
                return null;
            }
            Set<SecurityPolicy> forValue = SecurityPolicy.forValue(((Number) valueEventArgs.getParameters()).byteValue());
            setSecurityPolicy(forValue);
            if (forValue.contains(SecurityPolicy.AUTHENTICATED_RESPONSE)) {
                security = Security.forValue(security.getValue() | Security.AUTHENTICATION.getValue());
                gXDLMSSettings.getCipher().setSecurity(security);
            }
            if (!forValue.contains(SecurityPolicy.ENCRYPTED_RESPONSE)) {
                return null;
            }
            gXDLMSSettings.getCipher().setSecurity(Security.forValue(security.getValue() | Security.ENCRYPTION.getValue()));
            return null;
        }
        if (valueEventArgs.getIndex() == 2) {
            try {
                for (List list : (List) valueEventArgs.getParameters()) {
                    GlobalKeyType globalKeyType = GlobalKeyType.values()[((Number) list.get(0)).intValue()];
                    byte[] bArr = (byte[]) list.get(1);
                    switch (AnonymousClass1.$SwitchMap$gurux$dlms$objects$enums$GlobalKeyType[globalKeyType.ordinal()]) {
                        case 1:
                            valueEventArgs.setError(ErrorCode.READ_WRITE_DENIED);
                            break;
                        case 2:
                        case 3:
                        case BerType.OCTET_STRING /* 4 */:
                            GXDLMSSecureClient.decrypt(gXDLMSSettings.getKek(), bArr);
                            break;
                        default:
                            valueEventArgs.setError(ErrorCode.READ_WRITE_DENIED);
                            break;
                    }
                }
                return null;
            } catch (Exception e) {
                valueEventArgs.setError(ErrorCode.READ_WRITE_DENIED);
                return null;
            }
        }
        if (valueEventArgs.getIndex() == 3) {
            try {
                List list2 = (List) ((List) valueEventArgs.getParameters()).get(0);
                short shortValue = ((Short) list2.get(0)).shortValue();
                if (shortValue != 0) {
                    valueEventArgs.setError(ErrorCode.READ_WRITE_DENIED);
                    return null;
                }
                byte[] bArr2 = (byte[]) list2.get(1);
                GXByteBuffer gXByteBuffer = new GXByteBuffer(65);
                gXByteBuffer.setUInt8(shortValue);
                gXByteBuffer.set(bArr2, 0, 64);
                GXByteBuffer gXByteBuffer2 = new GXByteBuffer();
                gXByteBuffer2.set(bArr2, 64, 64);
                PublicKey publicKey = null;
                String systemTitleToSubject = systemTitleToSubject(gXDLMSSettings.getSourceSystemTitle());
                Iterator<GXx509Certificate> it = gXDLMSSettings.getCipher().getCertificates().iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    GXx509Certificate next = it.next();
                    if (next.getKeyUsage().contains(KeyUsage.DIGITAL_SIGNATURE) && next.getSubject().equals(systemTitleToSubject)) {
                        publicKey = next.getPublicKey();
                        break;
                    }
                }
                if (publicKey == null || !GXSecure.validateEphemeralPublicKeySignature(gXByteBuffer.array(), gXByteBuffer2.array(), publicKey)) {
                    valueEventArgs.setError(ErrorCode.READ_WRITE_DENIED);
                    gXDLMSSettings.setTargetEphemeralKey(null);
                    return null;
                }
                gXDLMSSettings.setTargetEphemeralKey(GXAsn1Converter.getPublicKey(gXByteBuffer.subArray(1, 64)));
                KeyPair ephemeralKeyPair = gXDLMSSettings.getCipher().getEphemeralKeyPair();
                if (ephemeralKeyPair == null) {
                    ephemeralKeyPair = GXAsn1Converter.generateKeyPair();
                    gXDLMSSettings.getCipher().setEphemeralKeyPair(ephemeralKeyPair);
                }
                KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH");
                keyAgreement.init(ephemeralKeyPair.getPrivate());
                keyAgreement.doPhase(gXDLMSSettings.getTargetEphemeralKey(), true);
                byte[] generateSecret = keyAgreement.generateSecret();
                gXDLMSSettings.getCipher().setSharedSecret(generateSecret);
                System.out.println("Server's shared secret: " + GXCommon.toHex(generateSecret));
                GXByteBuffer gXByteBuffer3 = new GXByteBuffer();
                byte[] ephemeralPublicKeyData = getEphemeralPublicKeyData(shortValue, ephemeralKeyPair.getPublic());
                gXByteBuffer3.set(ephemeralPublicKeyData, 1, 64);
                byte[] ephemeralPublicKeySignature = GXSecure.getEphemeralPublicKeySignature(shortValue, ephemeralKeyPair.getPublic(), gXDLMSSettings.getCipher().getSigningKeyPair().getPrivate());
                gXByteBuffer3.set(ephemeralPublicKeySignature);
                System.out.println("Data: " + GXCommon.toHex(ephemeralPublicKeyData));
                System.out.println("Sign: " + GXCommon.toHex(ephemeralPublicKeySignature));
                return gXByteBuffer3.array();
            } catch (Exception e2) {
                valueEventArgs.setError(ErrorCode.HARDWARE_FAULT);
                return null;
            }
        }
        if (valueEventArgs.getIndex() == 4) {
            CertificateType forValue2 = CertificateType.forValue(((Number) valueEventArgs.getParameters()).intValue());
            try {
                KeyPair generateKeyPair = GXAsn1Converter.generateKeyPair();
                switch (forValue2) {
                    case DIGITAL_SIGNATURE:
                        gXDLMSSettings.getCipher().setSigningKeyPair(generateKeyPair);
                        break;
                    case KEY_AGREEMENT:
                        gXDLMSSettings.getCipher().setKeyAgreementKeyPair(generateKeyPair);
                        break;
                    default:
                        valueEventArgs.setError(ErrorCode.READ_WRITE_DENIED);
                        break;
                }
                return null;
            } catch (Exception e3) {
                valueEventArgs.setError(ErrorCode.HARDWARE_FAULT);
                return null;
            }
        }
        if (valueEventArgs.getIndex() == 5) {
            try {
                KeyPair keyPair = null;
                switch (CertificateType.forValue(((Number) valueEventArgs.getParameters()).intValue())) {
                    case DIGITAL_SIGNATURE:
                        keyPair = gXDLMSSettings.getCipher().getSigningKeyPair();
                        break;
                    case KEY_AGREEMENT:
                        keyPair = gXDLMSSettings.getCipher().getKeyAgreementKeyPair();
                        break;
                }
                if (keyPair != null) {
                    return GXPkcs10.createCertificateSigningRequest(keyPair, systemTitleToSubject(gXDLMSSettings.getCipher().getSystemTitle())).getEncoded();
                }
                valueEventArgs.setError(ErrorCode.READ_WRITE_DENIED);
                return null;
            } catch (Exception e4) {
                valueEventArgs.setError(ErrorCode.HARDWARE_FAULT);
                return null;
            }
        }
        if (valueEventArgs.getIndex() == 6) {
            GXx509Certificate gXx509Certificate = new GXx509Certificate((byte[]) valueEventArgs.getParameters());
            if (gXx509Certificate.getKeyUsage().isEmpty()) {
                valueEventArgs.setError(ErrorCode.READ_WRITE_DENIED);
                return null;
            }
            gXDLMSSettings.getCipher().getCertificates().add(gXx509Certificate);
            return null;
        }
        if (valueEventArgs.getIndex() == 7) {
            List list3 = (List) valueEventArgs.getParameters();
            short shortValue2 = ((Short) list3.get(0)).shortValue();
            GXx509Certificate gXx509Certificate2 = null;
            synchronized (gXDLMSSettings.getCipher().getCertificates()) {
                if (shortValue2 == 0) {
                    List list4 = (List) list3.get(1);
                    gXx509Certificate2 = findCertificateByEntity(gXDLMSSettings, CertificateEntity.forValue(((Short) list4.get(0)).shortValue()), CertificateType.forValue(((Short) list4.get(1)).shortValue()), (byte[]) list4.get(2));
                } else if (shortValue2 == 1) {
                    List list5 = (List) list3.get(1);
                    gXx509Certificate2 = findCertificateBySerial(gXDLMSSettings, (byte[]) list5.get(1), new String((byte[]) list5.get(2)));
                }
                if (gXx509Certificate2 == null) {
                    valueEventArgs.setError(ErrorCode.HARDWARE_FAULT);
                    return null;
                }
                return gXx509Certificate2.getEncoded();
            }
        }
        if (valueEventArgs.getIndex() != 8) {
            valueEventArgs.setError(ErrorCode.READ_WRITE_DENIED);
            return null;
        }
        List list6 = (List) ((List) valueEventArgs.getParameters()).get(0);
        short shortValue3 = ((Short) list6.get(0)).shortValue();
        GXx509Certificate gXx509Certificate3 = null;
        synchronized (gXDLMSSettings.getCipher().getCertificates()) {
            if (shortValue3 == 0) {
                gXx509Certificate3 = findCertificateByEntity(gXDLMSSettings, CertificateEntity.forValue(((Integer) list6.get(1)).intValue()), CertificateType.forValue(((Integer) list6.get(2)).intValue()), (byte[]) list6.get(3));
            } else if (shortValue3 == 1) {
                gXx509Certificate3 = findCertificateBySerial(gXDLMSSettings, (byte[]) list6.get(1), new String((byte[]) list6.get(2)));
            }
            if (gXx509Certificate3 == null) {
                valueEventArgs.setError(ErrorCode.HARDWARE_FAULT);
            } else {
                gXDLMSSettings.getCipher().getCertificates().remove(gXx509Certificate3);
            }
        }
        return null;
    }

    public final void applyKeys(GXDLMSSettings gXDLMSSettings, ValueEventArgs valueEventArgs) {
        try {
            for (List list : (List) valueEventArgs.getParameters()) {
                GlobalKeyType globalKeyType = GlobalKeyType.values()[((Number) list.get(0)).intValue()];
                byte[] decrypt = GXDLMSSecureClient.decrypt(gXDLMSSettings.getKek(), (byte[]) list.get(1));
                switch (AnonymousClass1.$SwitchMap$gurux$dlms$objects$enums$GlobalKeyType[globalKeyType.ordinal()]) {
                    case 1:
                        valueEventArgs.setError(ErrorCode.READ_WRITE_DENIED);
                        break;
                    case 2:
                        gXDLMSSettings.getCipher().setBlockCipherKey(decrypt);
                        break;
                    case 3:
                        gXDLMSSettings.getCipher().setAuthenticationKey(decrypt);
                        break;
                    case BerType.OCTET_STRING /* 4 */:
                        gXDLMSSettings.setKek(decrypt);
                        break;
                    default:
                        valueEventArgs.setError(ErrorCode.READ_WRITE_DENIED);
                        break;
                }
            }
        } catch (Exception e) {
            valueEventArgs.setError(ErrorCode.READ_WRITE_DENIED);
        }
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:2:0x000c. Please report as an issue. */
    private static KeyUsage certificateTypeToKeyUsage(CertificateType certificateType) {
        KeyUsage keyUsage;
        KeyUsage keyUsage2 = KeyUsage.NONE;
        switch (AnonymousClass1.$SwitchMap$gurux$dlms$objects$enums$CertificateType[certificateType.ordinal()]) {
            case 1:
                keyUsage = KeyUsage.DIGITAL_SIGNATURE;
                return keyUsage;
            case 2:
                keyUsage = KeyUsage.KEY_AGREEMENT;
                return keyUsage;
            case 3:
                keyUsage = KeyUsage.KEY_CERT_SIGN;
                return keyUsage;
            case BerType.OCTET_STRING /* 4 */:
                keyUsage = KeyUsage.CRL_SIGN;
                return keyUsage;
            default:
                return null;
        }
    }

    private static GXx509Certificate findCertificateByEntity(GXDLMSSettings gXDLMSSettings, CertificateEntity certificateEntity, CertificateType certificateType, byte[] bArr) {
        String systemTitleToSubject = systemTitleToSubject(bArr);
        KeyUsage certificateTypeToKeyUsage = certificateTypeToKeyUsage(certificateType);
        for (GXx509Certificate gXx509Certificate : gXDLMSSettings.getCipher().getCertificates()) {
            if (gXx509Certificate.getKeyUsage().contains(certificateTypeToKeyUsage) && gXx509Certificate.getSubject().equalsIgnoreCase(systemTitleToSubject)) {
                return gXx509Certificate;
            }
        }
        return null;
    }

    private static GXx509Certificate findCertificateBySerial(GXDLMSSettings gXDLMSSettings, byte[] bArr, String str) {
        for (GXx509Certificate gXx509Certificate : gXDLMSSettings.getCipher().getCertificates()) {
            if (Arrays.equals(gXx509Certificate.getSerialNumber().getByteArray(), bArr) && gXx509Certificate.getIssuer().equalsIgnoreCase(str)) {
                return gXx509Certificate;
            }
        }
        return null;
    }

    @Override // gurux.dlms.objects.IGXDLMSBase
    public final int[] getAttributeIndexToRead(boolean z) {
        ArrayList arrayList = new ArrayList();
        if (z || getLogicalName() == null || getLogicalName().compareTo("") == 0) {
            arrayList.add(1);
        }
        if (z || canRead(2)) {
            arrayList.add(2);
        }
        if (z || canRead(3)) {
            arrayList.add(3);
        }
        if (z || canRead(4)) {
            arrayList.add(4);
        }
        if (z || canRead(5)) {
            arrayList.add(5);
        }
        if (getVersion() != 0 && (z || canRead(6))) {
            arrayList.add(6);
        }
        return GXDLMSObjectHelpers.toIntArray(arrayList);
    }

    @Override // gurux.dlms.objects.GXDLMSObject, gurux.dlms.objects.IGXDLMSBase
    public final int getAttributeCount() {
        return getVersion() == 0 ? 5 : 6;
    }

    @Override // gurux.dlms.objects.GXDLMSObject, gurux.dlms.objects.IGXDLMSBase
    public final int getMethodCount() {
        return getVersion() == 0 ? 2 : 8;
    }

    @Override // gurux.dlms.objects.GXDLMSObject
    public final DataType getDataType(int i) {
        if (i == 1) {
            return DataType.OCTET_STRING;
        }
        if (i != 2 && i != 3) {
            if (i != 4 && i != 5) {
                if (getVersion() <= 0) {
                    throw new IllegalArgumentException("getDataType failed. Invalid attribute index.");
                }
                if (i == 6) {
                    return DataType.ARRAY;
                }
                throw new IllegalArgumentException("getDataType failed. Invalid attribute index.");
            }
            return DataType.OCTET_STRING;
        }
        return DataType.ENUM;
    }

    private byte[] getCertificatesByteArray(GXDLMSSettings gXDLMSSettings) {
        GXByteBuffer gXByteBuffer = new GXByteBuffer();
        gXByteBuffer.setUInt8((byte) DataType.ARRAY.getValue());
        GXCommon.setObjectCount(gXDLMSSettings.getCipher().getCertificates().size(), gXByteBuffer);
        for (GXx509Certificate gXx509Certificate : gXDLMSSettings.getCipher().getCertificates()) {
            gXByteBuffer.setUInt8((byte) DataType.STRUCTURE.getValue());
            GXCommon.setObjectCount(6, gXByteBuffer);
            gXByteBuffer.setUInt8((byte) DataType.ENUM.getValue());
            gXByteBuffer.setUInt8((byte) CertificateEntity.SERVER.getValue());
            gXByteBuffer.setUInt8((byte) DataType.ENUM.getValue());
            gXByteBuffer.setUInt8((byte) CertificateType.DIGITAL_SIGNATURE.getValue());
            GXCommon.addString(gXx509Certificate.getSerialNumber().toString(), gXByteBuffer);
            GXCommon.addString(gXx509Certificate.getIssuer(), gXByteBuffer);
            GXCommon.addString(gXx509Certificate.getSubject(), gXByteBuffer);
            GXCommon.addString("", gXByteBuffer);
        }
        return gXByteBuffer.array();
    }

    @Override // gurux.dlms.objects.GXDLMSObject, gurux.dlms.objects.IGXDLMSBase
    public final Object getValue(GXDLMSSettings gXDLMSSettings, ValueEventArgs valueEventArgs) {
        if (valueEventArgs.getIndex() == 1) {
            return GXCommon.logicalNameToBytes(getLogicalName());
        }
        if (valueEventArgs.getIndex() == 2) {
            return getVersion() == 0 ? Integer.valueOf(this.securityPolicy0.ordinal()) : Integer.valueOf(SecurityPolicy.toInteger(this.securityPolicy));
        }
        if (valueEventArgs.getIndex() == 3) {
            return Integer.valueOf(getSecuritySuite().getValue());
        }
        if (valueEventArgs.getIndex() == 4) {
            return getClientSystemTitle();
        }
        if (valueEventArgs.getIndex() == 5) {
            return getServerSystemTitle();
        }
        if (valueEventArgs.getIndex() == 6) {
            return getCertificatesByteArray(gXDLMSSettings);
        }
        valueEventArgs.setError(ErrorCode.READ_WRITE_DENIED);
        return null;
    }

    private void updateSertificates(List<?> list) {
        this.certificates.clear();
        if (list != null) {
            Iterator<?> it = list.iterator();
            while (it.hasNext()) {
                List list2 = (List) it.next();
                GXDLMSCertificateInfo gXDLMSCertificateInfo = new GXDLMSCertificateInfo();
                gXDLMSCertificateInfo.setEntity(CertificateEntity.forValue(((Number) list2.get(0)).intValue()));
                gXDLMSCertificateInfo.setType(CertificateType.forValue(((Number) list2.get(1)).intValue()));
                gXDLMSCertificateInfo.setSerialNumber(new String((byte[]) list2.get(2)));
                gXDLMSCertificateInfo.setIssuer(new String((byte[]) list2.get(3)));
                gXDLMSCertificateInfo.setSubject(new String((byte[]) list2.get(4)));
                gXDLMSCertificateInfo.setSubjectAltName(new String((byte[]) list2.get(5)));
                this.certificates.add(gXDLMSCertificateInfo);
            }
        }
    }

    @Override // gurux.dlms.objects.GXDLMSObject, gurux.dlms.objects.IGXDLMSBase
    public final void setValue(GXDLMSSettings gXDLMSSettings, ValueEventArgs valueEventArgs) {
        if (valueEventArgs.getIndex() == 1) {
            setLogicalName(GXCommon.toLogicalName(valueEventArgs.getValue()));
            return;
        }
        if (valueEventArgs.getIndex() == 2) {
            if (gXDLMSSettings.isServer()) {
                valueEventArgs.setError(ErrorCode.READ_WRITE_DENIED);
                return;
            } else if (getVersion() == 0) {
                this.securityPolicy0 = SecurityPolicy0.values()[((Short) valueEventArgs.getValue()).shortValue()];
                return;
            } else {
                this.securityPolicy = SecurityPolicy.forValue(((Short) valueEventArgs.getValue()).shortValue());
                return;
            }
        }
        if (valueEventArgs.getIndex() == 3) {
            setSecuritySuite(SecuritySuite.forValue(((Number) valueEventArgs.getValue()).byteValue()));
            return;
        }
        if (valueEventArgs.getIndex() == 4) {
            setClientSystemTitle((byte[]) valueEventArgs.getValue());
            return;
        }
        if (valueEventArgs.getIndex() == 5) {
            setServerSystemTitle((byte[]) valueEventArgs.getValue());
        } else if (valueEventArgs.getIndex() == 6) {
            updateSertificates((List) valueEventArgs.getValue());
        } else {
            valueEventArgs.setError(ErrorCode.READ_WRITE_DENIED);
        }
    }

    public static byte[] getEphemeralPublicKeyData(int i, PublicKey publicKey) {
        GXByteBuffer gXByteBuffer = new GXByteBuffer(((GXAsn1BitString) ((GXAsn1Sequence) GXAsn1Converter.fromByteArray(publicKey.getEncoded())).get(1)).getValue());
        gXByteBuffer.getData()[0] = (byte) i;
        return gXByteBuffer.array();
    }

    @Override // gurux.dlms.objects.IGXDLMSBase
    public final void load(GXXmlReader gXXmlReader) throws XMLStreamException {
        this.securityPolicy = SecurityPolicy.forValue(gXXmlReader.readElementContentAsInt("SecurityPolicy"));
        this.securityPolicy0 = SecurityPolicy0.values()[gXXmlReader.readElementContentAsInt("SecurityPolicy0")];
        this.securitySuite = SecuritySuite.values()[gXXmlReader.readElementContentAsInt("SecuritySuite")];
        String readElementContentAsString = gXXmlReader.readElementContentAsString("ClientSystemTitle");
        if (readElementContentAsString == null) {
            this.clientSystemTitle = null;
        } else {
            this.clientSystemTitle = GXDLMSTranslator.hexToBytes(readElementContentAsString);
        }
        String readElementContentAsString2 = gXXmlReader.readElementContentAsString("ServerSystemTitle");
        if (readElementContentAsString2 == null) {
            this.serverSystemTitle = null;
        } else {
            this.serverSystemTitle = GXDLMSTranslator.hexToBytes(readElementContentAsString2);
        }
        this.certificates.clear();
        if (gXXmlReader.isStartElement("Certificates", true)) {
            while (gXXmlReader.isStartElement("Item", true)) {
                GXDLMSCertificateInfo gXDLMSCertificateInfo = new GXDLMSCertificateInfo();
                this.certificates.add(gXDLMSCertificateInfo);
                gXDLMSCertificateInfo.setEntity(CertificateEntity.forValue(gXXmlReader.readElementContentAsInt("Entity")));
                gXDLMSCertificateInfo.setType(CertificateType.forValue(gXXmlReader.readElementContentAsInt("Type")));
                gXDLMSCertificateInfo.setSerialNumber(gXXmlReader.readElementContentAsString("SerialNumber"));
                gXDLMSCertificateInfo.setIssuer(gXXmlReader.readElementContentAsString("Issuer"));
                gXDLMSCertificateInfo.setSubject(gXXmlReader.readElementContentAsString("Subject"));
                gXDLMSCertificateInfo.setSubjectAltName(gXXmlReader.readElementContentAsString("SubjectAltName"));
            }
            gXXmlReader.readEndElement("Certificates");
        }
    }

    @Override // gurux.dlms.objects.IGXDLMSBase
    public final void save(GXXmlWriter gXXmlWriter) throws XMLStreamException {
        gXXmlWriter.writeElementString("SecurityPolicy", SecurityPolicy.toInteger(this.securityPolicy));
        gXXmlWriter.writeElementString("SecurityPolicy0", this.securityPolicy0.ordinal());
        gXXmlWriter.writeElementString("SecuritySuite", this.securitySuite.ordinal());
        gXXmlWriter.writeElementString("ClientSystemTitle", GXDLMSTranslator.toHex(this.clientSystemTitle));
        gXXmlWriter.writeElementString("ServerSystemTitle", GXDLMSTranslator.toHex(this.serverSystemTitle));
        if (this.certificates != null) {
            gXXmlWriter.writeStartElement("Certificates");
            for (GXDLMSCertificateInfo gXDLMSCertificateInfo : this.certificates) {
                gXXmlWriter.writeStartElement("Item");
                gXXmlWriter.writeElementString("Entity", gXDLMSCertificateInfo.getEntity().getValue());
                gXXmlWriter.writeElementString("Type", gXDLMSCertificateInfo.getType().getValue());
                gXXmlWriter.writeElementString("SerialNumber", gXDLMSCertificateInfo.getSerialNumber());
                gXXmlWriter.writeElementString("Issuer", gXDLMSCertificateInfo.getIssuer());
                gXXmlWriter.writeElementString("Subject", gXDLMSCertificateInfo.getSubject());
                gXXmlWriter.writeElementString("SubjectAltName", gXDLMSCertificateInfo.getSubjectAltName());
                gXXmlWriter.writeEndElement();
            }
            gXXmlWriter.writeEndElement();
        }
    }

    @Override // gurux.dlms.objects.IGXDLMSBase
    public final void postLoad(GXXmlReader gXXmlReader) {
    }
}
