package org.apache.poi.poifs.crypt.dsig.facets;

import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.TimeZone;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLObject;
import javax.xml.crypto.dsig.XMLSignatureException;
import k0.a.b.n;
import k0.a.b.o;
import k0.a.b.s;
import k0.b.a.a.a.f;
import k0.b.a.a.a.j;
import k0.b.a.a.a.q;
import k0.b.a.a.a.r;
import k0.b.a.a.a.v;
import k0.b.a.a.a.w;
import l.c.a.a.a;
import org.apache.poi.POIXMLTypeLoader;
import org.apache.poi.poifs.crypt.CryptoFunctions;
import org.apache.poi.poifs.crypt.HashAlgorithm;
import org.apache.poi.poifs.crypt.dsig.SignatureConfig;
import org.apache.poi.poifs.crypt.dsig.services.SignaturePolicyService;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
import org.etsi.uri.x01903.v13.AnyType;
import org.etsi.uri.x01903.v13.DataObjectFormatType;
import org.etsi.uri.x01903.v13.ObjectIdentifierType;
import org.etsi.uri.x01903.v13.SignaturePolicyIdType;
import org.etsi.uri.x01903.v13.SignerRoleType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: classes3.dex */
public class XAdESSignatureFacet extends SignatureFacet {
    private static final POILogger LOG = POILogFactory.getLogger((Class<?>) XAdESSignatureFacet.class);
    private static final String XADES_TYPE = "http://uri.etsi.org/01903#SignedProperties";
    private Map<String, String> dataObjectFormatMimeTypes = new HashMap();

    public static void insertXChild(s sVar, s sVar2) {
        o g9 = sVar.g9();
        g9.Hi();
        o g92 = sVar2.g9();
        g92.Kn();
        g92.s7(g9);
        g92.dispose();
        g9.dispose();
    }

    public static void setCertID(f fVar, SignatureConfig signatureConfig, boolean z2, X509Certificate x509Certificate) {
        k0.e.a.a.a.f fw = fVar.fw();
        fw.cA(z2 ? x509Certificate.getIssuerDN().getName().replace(",", ", ") : x509Certificate.getIssuerX500Principal().toString());
        fw.HE(x509Certificate.getSerialNumber());
        try {
            setDigestAlgAndValue(fVar.az(), x509Certificate.getEncoded(), signatureConfig.getXadesDigestAlgo());
        } catch (CertificateEncodingException e2) {
            StringBuilder w2 = a.w("certificate encoding error: ");
            w2.append(e2.getMessage());
            throw new RuntimeException(w2.toString(), e2);
        }
    }

    public static void setDigestAlgAndValue(j jVar, byte[] bArr, HashAlgorithm hashAlgorithm) {
        jVar.eG().e2(SignatureConfig.getDigestMethodUri(hashAlgorithm));
        jVar.ik(CryptoFunctions.getMessageDigest(hashAlgorithm).digest(bArr));
    }

    public void addMimeType(String str, String str2) {
        this.dataObjectFormatMimeTypes.put(str, str2);
    }

    @Override // org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet
    public void preSign(Document document, List<Reference> list, List<XMLObject> list2) throws XMLSignatureException {
        LOG.log(1, "preSign");
        r gG = ((q) POIXMLTypeLoader.newInstance(q.f3855y0, null)).gG();
        StringBuilder w2 = a.w("#");
        w2.append(this.signatureConfig.getPackageSignatureId());
        gG.gv(w2.toString());
        v jz = gG.jz();
        jz.b(this.signatureConfig.getXadesSignatureId());
        w fm = jz.fm();
        Calendar calendar = Calendar.getInstance(TimeZone.getTimeZone("Z"), Locale.ROOT);
        calendar.setTime(this.signatureConfig.getExecutionTime());
        calendar.clear(14);
        fm.jn(calendar);
        if (this.signatureConfig.getSigningCertificateChain() == null || this.signatureConfig.getSigningCertificateChain().isEmpty()) {
            throw new RuntimeException("no signing certificate chain available");
        }
        f sw = fm.Sk().sw();
        X509Certificate x509Certificate = this.signatureConfig.getSigningCertificateChain().get(0);
        SignatureConfig signatureConfig = this.signatureConfig;
        setCertID(sw, signatureConfig, signatureConfig.isXadesIssuerNameNoReverseOrder(), x509Certificate);
        String xadesRole = this.signatureConfig.getXadesRole();
        if (xadesRole != null && !xadesRole.isEmpty()) {
            SignerRoleType yr = fm.yr();
            fm.Nt(yr);
            AnyType addNewClaimedRole = yr.addNewClaimedRoles().addNewClaimedRole();
            k0.a.b.v vVar = (k0.a.b.v) n.e().f(k0.a.b.v.f3849t0, null);
            vVar.Pi(xadesRole);
            insertXChild(addNewClaimedRole, vVar);
        }
        SignaturePolicyService signaturePolicyService = this.signatureConfig.getSignaturePolicyService();
        if (signaturePolicyService != null) {
            SignaturePolicyIdType a9 = fm.Ll().a9();
            ObjectIdentifierType addNewSigPolicyId = a9.addNewSigPolicyId();
            addNewSigPolicyId.setDescription(signaturePolicyService.getSignaturePolicyDescription());
            addNewSigPolicyId.addNewIdentifier().setStringValue(signaturePolicyService.getSignaturePolicyIdentifier());
            setDigestAlgAndValue(a9.addNewSigPolicyHash(), signaturePolicyService.getSignaturePolicyDocument(), this.signatureConfig.getDigestAlgo());
            String signaturePolicyDownloadUrl = signaturePolicyService.getSignaturePolicyDownloadUrl();
            if (signaturePolicyDownloadUrl != null) {
                AnyType addNewSigPolicyQualifier = a9.addNewSigPolicyQualifiers().addNewSigPolicyQualifier();
                k0.a.b.v vVar2 = (k0.a.b.v) n.e().f(k0.a.b.v.f3849t0, null);
                vVar2.Pi(signaturePolicyDownloadUrl);
                insertXChild(addNewSigPolicyQualifier, vVar2);
            }
        } else if (this.signatureConfig.isXadesSignaturePolicyImplied()) {
            fm.Ll().iy();
        }
        if (!this.dataObjectFormatMimeTypes.isEmpty()) {
            List dataObjectFormatList = jz.Hz().getDataObjectFormatList();
            for (Map.Entry<String, String> entry : this.dataObjectFormatMimeTypes.entrySet()) {
                DataObjectFormatType newInstance = DataObjectFormatType.Factory.newInstance();
                StringBuilder w3 = a.w("#");
                w3.append(entry.getKey());
                newInstance.setObjectReference(w3.toString());
                newInstance.setMimeType(entry.getValue());
                dataObjectFormatList.add(newInstance);
            }
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(new DOMStructure((Element) document.importNode((Element) gG.il(), true)));
        list2.add(getSignatureFactory().newXMLObject(arrayList, (String) null, (String) null, (String) null));
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(newTransform("http://www.w3.org/TR/2001/REC-xml-c14n-20010315"));
        list.add(newReference("#" + this.signatureConfig.getXadesSignatureId(), arrayList2, XADES_TYPE, null, null));
    }
}
