package tuwien.auto.calimero.device;

import java.util.Map;
import java.util.Set;
import tuwien.auto.calimero.KNXIllegalArgumentException;
import tuwien.auto.calimero.device.ios.InterfaceObject;
import tuwien.auto.calimero.mgmt.ManagementClient;
import tuwien.auto.calimero.mgmt.PropertyClient;
import tuwien.auto.calimero.secure.SecurityControl;

/* loaded from: input_file:tuwien/auto/calimero/device/AccessPolicies.class */
public final class AccessPolicies {
    static Map<PropertyClient.PropertyKey, PropertyClient.Property> definitions;
    static final int Unlisted = 0;
    static final int RoleX = 1;
    static final int Tool = 2;
    static final int None = 0;
    static final int AuthOnly = 1;
    static final int AuthConf = 2;
    private static final int Read = 1;
    private static final int Write = 2;
    private static final int ReadWrite = 3;
    private static final int DoASerialNumberRead = 1004;
    private static final int DoASerialNumberWrite = 1006;
    private static final int UnlistedBits = 2;
    private static final int RoleXBits = 4;
    private static final int ToolBits = 4;
    private static final int unsecuredModeOffset = 10;
    private static final int AuthorizeRequest = 977;
    private static final int DeviceDescriptorRead = 768;
    private static final int DomainAddressRead = 993;
    private static final int DomainAddressWrite = 992;
    private static final int DomainAddressSelectiveRead = 995;
    private static final int IndividualAddressRead = 256;
    private static final int IndividualAddressSerialNumberRead = 988;
    private static final int IndividualAddressSerialNumberWrite = 990;
    private static final int IndividualAddressWrite = 192;
    private static final int KeyWrite = 979;
    private static final int PropertyDescriptionRead = 984;
    private static final int PropertyExtDescriptionRead = 466;
    private static final Map<Integer, Integer> serviceLevelAccessPolicies = Map.ofEntries(Map.entry(Integer.valueOf(AuthorizeRequest), Integer.valueOf(accessPolicy("2AA/2AA"))), Map.entry(Integer.valueOf(DeviceDescriptorRead), Integer.valueOf(accessPolicy("155/155"))), Map.entry(Integer.valueOf(DomainAddressRead), Integer.valueOf(accessPolicy("155/155"))), Map.entry(Integer.valueOf(DomainAddressWrite), Integer.valueOf(accessPolicy("2AA/008"))), Map.entry(Integer.valueOf(DomainAddressSelectiveRead), Integer.valueOf(accessPolicy("155/155"))), Map.entry(Integer.valueOf(IndividualAddressRead), Integer.valueOf(accessPolicy("155/155"))), Map.entry(Integer.valueOf(IndividualAddressSerialNumberRead), Integer.valueOf(accessPolicy("155/155"))), Map.entry(Integer.valueOf(IndividualAddressSerialNumberWrite), Integer.valueOf(accessPolicy("2AA/008"))), Map.entry(Integer.valueOf(IndividualAddressWrite), Integer.valueOf(accessPolicy("2AA/008"))), Map.entry(Integer.valueOf(KeyWrite), Integer.valueOf(accessPolicy("2AA/008"))), Map.entry(Integer.valueOf(PropertyDescriptionRead), Integer.valueOf(accessPolicy("155/155"))), Map.entry(Integer.valueOf(PropertyExtDescriptionRead), Integer.valueOf(accessPolicy("155/155"))));
    private static final Set<Integer> writeServices = Set.of(Integer.valueOf(AuthorizeRequest), Integer.valueOf(DomainAddressWrite), Integer.valueOf(IndividualAddressSerialNumberWrite), Integer.valueOf(IndividualAddressWrite), Integer.valueOf(KeyWrite));
    private static final int allAllowed = accessPolicy("3ff/3ff");
    private static final int[] roleOffset = {8, 4, 0};
    private static final int[] securityOffset = {0, 0, 2};

    private static int accessPolicy(String str) {
        int indexOf = str.indexOf(47);
        int parseInt = Integer.parseInt(str.substring(0, indexOf), 16);
        int parseInt2 = Integer.parseInt(str.substring(indexOf + 1), 16);
        if (parseInt > 1023 || parseInt2 > 1023) {
            throw new IllegalArgumentException("invalid access policy " + str);
        }
        return (parseInt << 10) | parseInt2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean checkServiceAccess(int i, boolean z, SecurityControl securityControl) {
        return writeServices.contains(Integer.valueOf(i)) ? hasWriteAccess(i, z, securityControl) : hasReadAccess(i, z, securityControl);
    }

    private static boolean hasWriteAccess(int i, boolean z, SecurityControl securityControl) {
        return (accessLevel(i, z, securityControl) & 2) == 2;
    }

    private static boolean hasReadAccess(int i, boolean z, SecurityControl securityControl) {
        return (accessLevel(i, z, securityControl) & 1) == 1;
    }

    private static int accessLevel(int i, boolean z, SecurityControl securityControl) {
        return readWrite(serviceLevelAccessPolicies.getOrDefault(Integer.valueOf(i), Integer.valueOf(allAllowed)).intValue(), z, securityControl);
    }

    public static boolean checkPropertyAccess(int i, int i2, boolean z, boolean z2, SecurityControl securityControl) {
        PropertyClient.Property property = definitions.get(i2 <= 50 ? new PropertyClient.PropertyKey(i2) : new PropertyClient.PropertyKey(i, i2));
        if (property == null) {
            return i != 17;
        }
        int accessPolicy = (i == 17 && i2 == 5) ? accessPolicy("00C/00C") : property.accessPolicy();
        if (accessPolicy == 0 && i == 17) {
            return false;
        }
        if (accessPolicy == 0) {
            return true;
        }
        int i3 = z ? 1 : 2;
        return (readWrite(accessPolicy, z2, securityControl) & i3) == i3;
    }

    boolean readDomainAddressSerial(int i, int i2, boolean z, SecurityControl securityControl) {
        return (doASerialAccessLevel(i, i2, z, securityControl) & 1) == 1;
    }

    boolean writeDomainAddressSerial(int i, int i2, boolean z, SecurityControl securityControl) {
        return (doASerialAccessLevel(i, i2, z, securityControl) & 2) == 2;
    }

    private static int doASerialAccessLevel(int i, int i2, boolean z, SecurityControl securityControl) {
        return readWrite(doASerialPolicy(i, i2), z, securityControl);
    }

    private static int doASerialPolicy(int i, int i2) {
        if (i != DoASerialNumberRead && i != DoASerialNumberWrite) {
            throw new KNXIllegalArgumentException("unknown DoA S/N service " + Integer.toHexString(i));
        }
        boolean z = i == DoASerialNumberRead;
        switch (i2) {
            case 2:
                return z ? 1397077 : 2793480;
            case 4:
                return z ? 4 : 2793480;
            case InterfaceObject.ROUTER_OBJECT /* 6 */:
                return z ? 1397077 : 2793480;
            case 21:
                return z ? 16388 : 32776;
            default:
                throw new KNXIllegalArgumentException("unsupported DoA size " + i2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean checkRestartAccess(boolean z, ManagementClient.EraseCode eraseCode, boolean z2, SecurityControl securityControl) {
        return (restartAccess(z, eraseCode, z2, securityControl) & 2) == 2;
    }

    private static int restartAccess(boolean z, ManagementClient.EraseCode eraseCode, boolean z2, SecurityControl securityControl) {
        if (!z || (z && eraseCode == ManagementClient.EraseCode.ConfirmedRestart)) {
            return accessPolicy("2AA/0AA");
        }
        if (z2 && (eraseCode == ManagementClient.EraseCode.ResetIndividualAddress || eraseCode == ManagementClient.EraseCode.ResetApplicationProgram)) {
            throw new KNXIllegalArgumentException("unsupported restart service erase code " + eraseCode);
        }
        return readWrite(accessPolicy("2AA/008"), z2, securityControl);
    }

    private static int readWrite(int i, boolean z, SecurityControl securityControl) {
        SecurityControl.DataSecurity security = securityControl.security();
        return (i >> (((z ? 0 : 10) + roleOffset[security == SecurityControl.DataSecurity.None ? (char) 0 : securityControl.toolAccess() ? (char) 2 : (char) 1]) + securityOffset[security.ordinal()])) & 3;
    }
}
