package net.tirasa.adsddl.ntsd.utils;

import java.util.Arrays;
import java.util.List;
import net.tirasa.adsddl.ntsd.ACE;
import net.tirasa.adsddl.ntsd.SDDL;
import net.tirasa.adsddl.ntsd.SID;
import net.tirasa.adsddl.ntsd.data.AceObjectFlags;
import net.tirasa.adsddl.ntsd.data.AceRights;
import net.tirasa.adsddl.ntsd.data.AceType;

/* loaded from: input_file:net/tirasa/adsddl/ntsd/utils/SDDLHelper.class */
public class SDDLHelper {
    public static final String UCP_OBJECT_GUID = "ab721a53-1e2f-11d0-9819-00aa0040529b";

    public static boolean isUserCannotChangePassword(SDDL sddl) {
        boolean z = false;
        List<ACE> aces = sddl.getDacl().getAces();
        for (int i = 0; !z && i < aces.size(); i++) {
            ACE ace = aces.get(i);
            if (ace.getType() == AceType.ACCESS_DENIED_OBJECT_ACE_TYPE && ace.getObjectFlags().getFlags().contains(AceObjectFlags.Flag.ACE_OBJECT_TYPE_PRESENT) && GUID.getGuidAsString(ace.getObjectType()).equals(UCP_OBJECT_GUID)) {
                SID sid = ace.getSid();
                if (sid.getSubAuthorities().size() == 1 && ((Arrays.equals(sid.getIdentifierAuthority(), new byte[]{0, 0, 0, 0, 0, 1}) && Arrays.equals(sid.getSubAuthorities().get(0), new byte[]{0, 0, 0, 0})) || (Arrays.equals(sid.getIdentifierAuthority(), new byte[]{0, 0, 0, 0, 0, 5}) && Arrays.equals(sid.getSubAuthorities().get(0), new byte[]{0, 0, 0, 10})))) {
                    z = true;
                }
            }
        }
        return z;
    }

    public static SDDL userCannotChangePassword(SDDL sddl, Boolean bool) {
        AceType aceType = bool.booleanValue() ? AceType.ACCESS_DENIED_OBJECT_ACE_TYPE : AceType.ACCESS_ALLOWED_OBJECT_ACE_TYPE;
        ACE ace = null;
        ACE ace2 = null;
        List<ACE> aces = sddl.getDacl().getAces();
        int i = 0;
        while (true) {
            if ((ace2 == null || ace == null) && i < aces.size()) {
                ACE ace3 = aces.get(i);
                if ((ace3.getType() == AceType.ACCESS_ALLOWED_OBJECT_ACE_TYPE || ace3.getType() == AceType.ACCESS_DENIED_OBJECT_ACE_TYPE) && ace3.getObjectFlags().getFlags().contains(AceObjectFlags.Flag.ACE_OBJECT_TYPE_PRESENT) && GUID.getGuidAsString(ace3.getObjectType()).equals(UCP_OBJECT_GUID)) {
                    SID sid = ace3.getSid();
                    if (sid.getSubAuthorities().size() == 1) {
                        if (ace == null && Arrays.equals(sid.getIdentifierAuthority(), new byte[]{0, 0, 0, 0, 0, 1}) && Arrays.equals(sid.getSubAuthorities().get(0), new byte[]{0, 0, 0, 0})) {
                            ace = ace3;
                            ace.setType(aceType);
                        } else if (ace2 == null && Arrays.equals(sid.getIdentifierAuthority(), new byte[]{0, 0, 0, 0, 0, 5}) && Arrays.equals(sid.getSubAuthorities().get(0), new byte[]{0, 0, 0, 10})) {
                            ace2 = ace3;
                            ace2.setType(aceType);
                        }
                    }
                }
                i++;
            }
        }
        if (ace == null) {
            ACE newInstance = ACE.newInstance(aceType);
            newInstance.setObjectFlags(new AceObjectFlags(AceObjectFlags.Flag.ACE_OBJECT_TYPE_PRESENT));
            newInstance.setObjectType(GUID.getGuidAsByteArray(UCP_OBJECT_GUID));
            newInstance.setRights(new AceRights().addOjectRight(AceRights.ObjectRight.CR));
            SID newInstance2 = SID.newInstance(NumberFacility.getBytes(1, 6));
            newInstance2.addSubAuthority(NumberFacility.getBytes(0));
            newInstance.setSid(newInstance2);
            sddl.getDacl().getAces().add(newInstance);
        }
        if (ace2 == null) {
            ACE newInstance3 = ACE.newInstance(aceType);
            newInstance3.setObjectFlags(new AceObjectFlags(AceObjectFlags.Flag.ACE_OBJECT_TYPE_PRESENT));
            newInstance3.setObjectType(GUID.getGuidAsByteArray(UCP_OBJECT_GUID));
            newInstance3.setRights(new AceRights().addOjectRight(AceRights.ObjectRight.CR));
            SID newInstance4 = SID.newInstance(NumberFacility.getBytes(5, 6));
            newInstance4.addSubAuthority(NumberFacility.getBytes(10));
            newInstance3.setSid(newInstance4);
            sddl.getDacl().getAces().add(newInstance3);
        }
        return sddl;
    }
}
