package org.apache.poi.poifs.crypt.dsig.facets;

import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.TimeZone;
import java.util.function.BiConsumer;
import javax.security.auth.x500.X500Principal;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLObject;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.namespace.QName;
import org.apache.logging.log4j.Logger;
import org.apache.poi.logging.PoiLogManager;
import org.apache.poi.openxml4j.opc.PackageRelationship;
import org.apache.poi.poifs.crypt.CryptoFunctions;
import org.apache.poi.poifs.crypt.HashAlgorithm;
import org.apache.poi.poifs.crypt.dsig.SignatureConfig;
import org.apache.poi.poifs.crypt.dsig.SignatureInfo;
import org.apache.poi.poifs.crypt.dsig.services.SignaturePolicyService;
import org.apache.xmlbeans.XmlCursor;
import org.apache.xmlbeans.XmlObject;
import org.apache.xmlbeans.XmlString;
import org.apache.xmlbeans.impl.common.Sax2Dom;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import qb.l;
import ya.InterfaceC12737C;
import ya.InterfaceC12740F;
import ya.InterfaceC12741G;
import ya.InterfaceC12742H;
import ya.InterfaceC12746a;
import ya.InterfaceC12752g;
import ya.InterfaceC12755j;
import ya.InterfaceC12759n;
import ya.InterfaceC12760o;
import ya.InterfaceC12768w;
import ya.InterfaceC12769x;
import ya.InterfaceC12770y;

/* loaded from: classes7.dex */
public class XAdESSignatureFacet implements SignatureFacet {
    private static final Logger LOG = PoiLogManager.getLogger((Class<?>) XAdESSignatureFacet.class);
    private static final String XADES_TYPE = "http://uri.etsi.org/01903#SignedProperties";
    private final Map<String, String> dataObjectFormatMimeTypes = new HashMap();

    public static /* synthetic */ void a(List list, String str, String str2) {
        InterfaceC12759n newInstance = InterfaceC12759n.Z41.newInstance();
        newInstance.DN2("#" + str);
        newInstance.Xk0(str2);
        list.add(newInstance);
    }

    private static Element importNode(Document document, XmlObject xmlObject) {
        XmlCursor newCursor = xmlObject.newCursor();
        try {
            QName name = newCursor.getName();
            Element createElementNS = document.createElementNS(name.b(), name.a());
            while (newCursor.hasNextToken()) {
                switch (newCursor.toNextToken().intValue()) {
                    case 3:
                        QName name2 = newCursor.getName();
                        createElementNS = (Element) createElementNS.appendChild(document.createElementNS(name2.b(), name2.a()));
                        break;
                    case 4:
                        Element element = (Element) createElementNS.getParentNode();
                        if (element == null) {
                            break;
                        } else {
                            createElementNS = element;
                            break;
                        }
                    case 5:
                        createElementNS.appendChild(document.createTextNode(newCursor.getTextValue()));
                        break;
                    case 6:
                        QName name3 = newCursor.getName();
                        createElementNS.setAttributeNS(name3.b(), name3.a(), newCursor.getTextValue());
                        if (!PackageRelationship.ID_ATTRIBUTE_NAME.equals(name3.a())) {
                            break;
                        } else {
                            createElementNS.setIdAttribute(PackageRelationship.ID_ATTRIBUTE_NAME, true);
                            break;
                        }
                    case 7:
                        QName name4 = newCursor.getName();
                        createElementNS.setAttributeNS("http://www.w3.org/2000/xmlns/", Sax2Dom.XMLNS_STRING + name4.c(), name4.b());
                        break;
                    case 8:
                        createElementNS.appendChild(document.createComment(newCursor.getTextValue()));
                        break;
                }
            }
            newCursor.close();
            return createElementNS;
        } catch (Throwable th) {
            try {
                throw th;
            } catch (Throwable th2) {
                if (newCursor != null) {
                    try {
                        newCursor.close();
                    } catch (Throwable th3) {
                        th.addSuppressed(th3);
                    }
                }
                throw th2;
            }
        }
    }

    public static void insertXChild(XmlObject xmlObject, XmlObject xmlObject2) {
        XmlCursor newCursor = xmlObject.newCursor();
        try {
            newCursor.toEndToken();
            XmlCursor newCursor2 = xmlObject2.newCursor();
            try {
                newCursor2.toNextToken();
                newCursor2.moveXml(newCursor);
                newCursor2.close();
                newCursor.close();
            } finally {
            }
        } catch (Throwable th) {
            try {
                throw th;
            } catch (Throwable th2) {
                if (newCursor != null) {
                    try {
                        newCursor.close();
                    } catch (Throwable th3) {
                        th.addSuppressed(th3);
                    }
                }
                throw th2;
            }
        }
    }

    public static void setCertID(InterfaceC12752g interfaceC12752g, SignatureConfig signatureConfig, boolean z10, X509Certificate x509Certificate) {
        l rg2 = interfaceC12752g.rg2();
        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
        rg2.Pp4(z10 ? issuerX500Principal.getName().replace(",", ob.c.f64480e) : issuerX500Principal.toString());
        rg2.lu2(x509Certificate.getSerialNumber());
        try {
            setDigestAlgAndValue(interfaceC12752g.Fk2(), x509Certificate.getEncoded(), signatureConfig.getXadesDigestAlgo());
        } catch (CertificateEncodingException e10) {
            throw new IllegalStateException("certificate encoding error: " + e10.getMessage(), e10);
        }
    }

    public static void setDigestAlgAndValue(InterfaceC12760o interfaceC12760o, byte[] bArr, HashAlgorithm hashAlgorithm) {
        interfaceC12760o.fw0().sN(SignatureConfig.getDigestMethodUri(hashAlgorithm));
        interfaceC12760o.cq0(CryptoFunctions.getMessageDigest(hashAlgorithm).digest(bArr));
    }

    public void addCertificate(SignatureInfo signatureInfo, InterfaceC12741G interfaceC12741G) {
        SignatureConfig signatureConfig = signatureInfo.getSignatureConfig();
        List<X509Certificate> signingCertificateChain = signatureConfig.getSigningCertificateChain();
        if (signingCertificateChain == null || signingCertificateChain.isEmpty()) {
            throw new IllegalStateException("no signing certificate chain available");
        }
        setCertID(interfaceC12741G.h04().Oj4(), signatureConfig, signatureConfig.isXadesIssuerNameNoReverseOrder(), signingCertificateChain.get(0));
    }

    public void addCommitmentType(SignatureInfo signatureInfo, InterfaceC12740F interfaceC12740F) {
        SignatureConfig signatureConfig = signatureInfo.getSignatureConfig();
        String signatureDescription = signatureConfig.getSignatureDescription();
        String commitmentType = signatureConfig.getCommitmentType();
        if (signatureDescription == null && commitmentType == null) {
            return;
        }
        InterfaceC12755j gQ2 = (interfaceC12740F.z31() ? interfaceC12740F.wM1() : interfaceC12740F.Il2()).gQ2();
        if (commitmentType != null) {
            InterfaceC12768w bt4 = gQ2.bt4();
            bt4.oE3().setStringValue("http://uri.etsi.org/01903/v1.2.2#ProofOfOrigin");
            bt4.setDescription(signatureConfig.getCommitmentType());
        }
        if (signatureDescription != null) {
            gQ2.P13();
            gQ2.lc4().gU2().set(XmlString.Factory.newValue(signatureDescription));
        }
    }

    public void addMimeType(String str, String str2) {
        this.dataObjectFormatMimeTypes.put(str, str2);
    }

    public void addMimeTypes(SignatureInfo signatureInfo, InterfaceC12740F interfaceC12740F) {
        if (this.dataObjectFormatMimeTypes.isEmpty()) {
            return;
        }
        final List<InterfaceC12759n> rn2 = interfaceC12740F.Il2().rn2();
        this.dataObjectFormatMimeTypes.forEach(new BiConsumer() { // from class: org.apache.poi.poifs.crypt.dsig.facets.c
            @Override // java.util.function.BiConsumer
            public final void accept(Object obj, Object obj2) {
                XAdESSignatureFacet.a(rn2, (String) obj, (String) obj2);
            }
        });
    }

    public void addPolicy(SignatureInfo signatureInfo, InterfaceC12741G interfaceC12741G) {
        SignatureConfig signatureConfig = signatureInfo.getSignatureConfig();
        SignaturePolicyService signaturePolicyService = signatureConfig.getSignaturePolicyService();
        if (signaturePolicyService == null) {
            if (signatureConfig.isXadesSignaturePolicyImplied()) {
                interfaceC12741G.x03().tj2();
                return;
            }
            return;
        }
        InterfaceC12737C UD2 = interfaceC12741G.x03().UD2();
        InterfaceC12768w SU3 = UD2.SU3();
        SU3.setDescription(signaturePolicyService.getSignaturePolicyDescription());
        SU3.oE3().setStringValue(signaturePolicyService.getSignaturePolicyIdentifier());
        setDigestAlgAndValue(UD2.nw2(), signaturePolicyService.getSignaturePolicyDocument(), signatureConfig.getDigestAlgo());
        String signaturePolicyDownloadUrl = signaturePolicyService.getSignaturePolicyDownloadUrl();
        if (signaturePolicyDownloadUrl == null) {
            return;
        }
        InterfaceC12746a vG3 = UD2.Qk4().vG3();
        XmlString newInstance = XmlString.Factory.newInstance();
        newInstance.setStringValue(signaturePolicyDownloadUrl);
        insertXChild(vG3, newInstance);
    }

    public void addSigningTime(SignatureInfo signatureInfo, InterfaceC12741G interfaceC12741G) {
        SignatureConfig signatureConfig = signatureInfo.getSignatureConfig();
        Calendar calendar = Calendar.getInstance(TimeZone.getTimeZone("Z"), Locale.ROOT);
        calendar.setTime(signatureConfig.getExecutionTime());
        calendar.clear(14);
        interfaceC12741G.h12(calendar);
    }

    public XMLObject addXadesObject(SignatureInfo signatureInfo, Document document, InterfaceC12770y interfaceC12770y) {
        return signatureInfo.getSignatureFactory().newXMLObject(Collections.singletonList(new DOMStructure(importNode(document, interfaceC12770y))), (String) null, (String) null, (String) null);
    }

    public Reference addXadesReference(SignatureInfo signatureInfo) throws XMLSignatureException {
        SignatureConfig signatureConfig = signatureInfo.getSignatureConfig();
        return SignatureFacetHelper.newReference(signatureInfo, "#" + signatureConfig.getXadesSignatureId(), Collections.singletonList(SignatureFacetHelper.newTransform(signatureInfo, "http://www.w3.org/TR/2001/REC-xml-c14n-20010315")), XADES_TYPE);
    }

    public void addXadesRole(SignatureInfo signatureInfo, InterfaceC12741G interfaceC12741G) {
        String xadesRole = signatureInfo.getSignatureConfig().getXadesRole();
        if (xadesRole == null || xadesRole.isEmpty()) {
            return;
        }
        InterfaceC12742H I71 = interfaceC12741G.I71();
        interfaceC12741G.nA3(I71);
        InterfaceC12746a My4 = I71.Fm2().My4();
        XmlString newInstance = XmlString.Factory.newInstance();
        newInstance.setStringValue(xadesRole);
        insertXChild(My4, newInstance);
    }

    public InterfaceC12740F createSignedProperties(SignatureInfo signatureInfo, InterfaceC12770y interfaceC12770y) {
        InterfaceC12740F Zk2 = interfaceC12770y.Zk2();
        Zk2.setId(signatureInfo.getSignatureConfig().getXadesSignatureId());
        InterfaceC12741G yZ1 = Zk2.yZ1();
        addSigningTime(signatureInfo, yZ1);
        addCertificate(signatureInfo, yZ1);
        addXadesRole(signatureInfo, yZ1);
        addPolicy(signatureInfo, yZ1);
        addMimeTypes(signatureInfo, Zk2);
        addCommitmentType(signatureInfo, Zk2);
        return Zk2;
    }

    @Override // org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet
    public void preSign(SignatureInfo signatureInfo, Document document, List<Reference> list, List<XMLObject> list2) throws XMLSignatureException {
        LOG.atDebug().log("preSign");
        SignatureConfig signatureConfig = signatureInfo.getSignatureConfig();
        InterfaceC12770y Vw2 = InterfaceC12769x.t51.newInstance().Vw2();
        Vw2.setTarget("#" + signatureConfig.getPackageSignatureId());
        createSignedProperties(signatureInfo, Vw2);
        list2.add(addXadesObject(signatureInfo, document, Vw2));
        list.add(addXadesReference(signatureInfo));
    }
}
