package org.apache.poi.poifs.crypt.dsig.facets;

import g.a.a.a.a;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.TimeZone;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLObject;
import l.a.d.H0;
import l.a.d.R0;
import l.a.d.T;
import l.c.a.a.a.f;
import l.c.a.a.a.j;
import l.c.a.a.a.q;
import l.c.a.a.a.r;
import l.c.a.a.a.v;
import l.c.a.a.a.w;
import org.apache.poi.POIXMLTypeLoader;
import org.apache.poi.poifs.crypt.CryptoFunctions;
import org.apache.poi.poifs.crypt.HashAlgorithm;
import org.apache.poi.poifs.crypt.dsig.SignatureConfig;
import org.apache.poi.poifs.crypt.dsig.services.SignaturePolicyService;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
import org.apache.xmlbeans.impl.store.d;
import org.etsi.uri.x01903.v13.AnyType;
import org.etsi.uri.x01903.v13.DataObjectFormatType;
import org.etsi.uri.x01903.v13.ObjectIdentifierType;
import org.etsi.uri.x01903.v13.SignaturePolicyIdType;
import org.etsi.uri.x01903.v13.SignerRoleType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: classes.dex */
public class XAdESSignatureFacet extends SignatureFacet {
    private static final POILogger c = POILogFactory.getLogger((Class<?>) XAdESSignatureFacet.class);
    private Map<String, String> b = new HashMap();

    /* JADX INFO: Access modifiers changed from: protected */
    public static void insertXChild(H0 h0, H0 h02) {
        d dVar = (d) h0.newCursor();
        dVar.l6();
        d dVar2 = (d) h02.newCursor();
        dVar2.t6();
        dVar2.R5(dVar);
        dVar2.t5();
        dVar.t5();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void setCertID(f fVar, SignatureConfig signatureConfig, boolean z, X509Certificate x509Certificate) {
        l.f.a.a.a.f E3 = fVar.E3();
        E3.U3(z ? x509Certificate.getIssuerDN().getName().replace(",", ", ") : x509Certificate.getIssuerX500Principal().toString());
        E3.e4(x509Certificate.getSerialNumber());
        try {
            setDigestAlgAndValue(fVar.R3(), x509Certificate.getEncoded(), signatureConfig.getXadesDigestAlgo());
        } catch (CertificateEncodingException e2) {
            StringBuilder N = a.N("certificate encoding error: ");
            N.append(e2.getMessage());
            throw new RuntimeException(N.toString(), e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void setDigestAlgAndValue(j jVar, byte[] bArr, HashAlgorithm hashAlgorithm) {
        jVar.j4().K(SignatureConfig.getDigestMethodUri(hashAlgorithm));
        jVar.K2(CryptoFunctions.getMessageDigest(hashAlgorithm).digest(bArr));
    }

    public void addMimeType(String str, String str2) {
        this.b.put(str, str2);
    }

    @Override // org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet
    public void preSign(Document document, List<Reference> list, List<XMLObject> list2) {
        c.log(1, "preSign");
        r k4 = ((q) POIXMLTypeLoader.newInstance(q.g1, null)).k4();
        StringBuilder N = a.N("#");
        N.append(this.signatureConfig.getPackageSignatureId());
        k4.x1(N.toString());
        v S3 = k4.S3();
        S3.setId(this.signatureConfig.getXadesSignatureId());
        w S2 = S3.S2();
        Calendar calendar = Calendar.getInstance(TimeZone.getTimeZone("Z"), Locale.ROOT);
        calendar.setTime(this.signatureConfig.getExecutionTime());
        calendar.clear(14);
        S2.W2(calendar);
        if (this.signatureConfig.getSigningCertificateChain() == null || this.signatureConfig.getSigningCertificateChain().isEmpty()) {
            throw new RuntimeException("no signing certificate chain available");
        }
        f G3 = S2.M2().G3();
        X509Certificate x509Certificate = this.signatureConfig.getSigningCertificateChain().get(0);
        SignatureConfig signatureConfig = this.signatureConfig;
        setCertID(G3, signatureConfig, signatureConfig.isXadesIssuerNameNoReverseOrder(), x509Certificate);
        String xadesRole = this.signatureConfig.getXadesRole();
        if (xadesRole != null && !xadesRole.isEmpty()) {
            SignerRoleType o1 = S2.o1();
            S2.y3(o1);
            AnyType addNewClaimedRole = o1.addNewClaimedRoles().addNewClaimedRole();
            R0 r0 = (R0) T.f().D(R0.R0, null);
            r0.setStringValue(xadesRole);
            insertXChild(addNewClaimedRole, r0);
        }
        SignaturePolicyService signaturePolicyService = this.signatureConfig.getSignaturePolicyService();
        if (signaturePolicyService != null) {
            SignaturePolicyIdType j0 = S2.Z0().j0();
            ObjectIdentifierType addNewSigPolicyId = j0.addNewSigPolicyId();
            addNewSigPolicyId.setDescription(signaturePolicyService.getSignaturePolicyDescription());
            addNewSigPolicyId.addNewIdentifier().setStringValue(signaturePolicyService.getSignaturePolicyIdentifier());
            setDigestAlgAndValue(j0.addNewSigPolicyHash(), signaturePolicyService.getSignaturePolicyDocument(), this.signatureConfig.getDigestAlgo());
            String signaturePolicyDownloadUrl = signaturePolicyService.getSignaturePolicyDownloadUrl();
            if (signaturePolicyDownloadUrl != null) {
                AnyType addNewSigPolicyQualifier = j0.addNewSigPolicyQualifiers().addNewSigPolicyQualifier();
                R0 r02 = (R0) T.f().D(R0.R0, null);
                r02.setStringValue(signaturePolicyDownloadUrl);
                insertXChild(addNewSigPolicyQualifier, r02);
            }
        } else if (this.signatureConfig.isXadesSignaturePolicyImplied()) {
            S2.Z0().O3();
        }
        if (!this.b.isEmpty()) {
            List dataObjectFormatList = S3.T3().getDataObjectFormatList();
            for (Map.Entry<String, String> entry : this.b.entrySet()) {
                DataObjectFormatType newInstance = DataObjectFormatType.Factory.newInstance();
                StringBuilder N2 = a.N("#");
                N2.append(entry.getKey());
                newInstance.setObjectReference(N2.toString());
                newInstance.setMimeType(entry.getValue());
                dataObjectFormatList.add(newInstance);
            }
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(new DOMStructure((Element) document.importNode((Element) k4.getDomNode(), true)));
        list2.add(getSignatureFactory().newXMLObject(arrayList, (String) null, (String) null, (String) null));
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(newTransform("http://www.w3.org/TR/2001/REC-xml-c14n-20010315"));
        list.add(newReference("#" + this.signatureConfig.getXadesSignatureId(), arrayList2, "http://uri.etsi.org/01903#SignedProperties", null, null));
    }
}
