package org.apache.poi.poifs.crypt.dsig;

import com.google.common.base.Ascii;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import javax.xml.crypto.URIDereferencer;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import org.apache.poi.EncryptedDocumentException;
import org.apache.poi.openxml4j.opc.OPCPackage;
import org.apache.poi.poifs.crypt.HashAlgorithm;
import org.apache.poi.poifs.crypt.dsig.facets.KeyInfoSignatureFacet;
import org.apache.poi.poifs.crypt.dsig.facets.OOXMLSignatureFacet;
import org.apache.poi.poifs.crypt.dsig.facets.Office2010SignatureFacet;
import org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet;
import org.apache.poi.poifs.crypt.dsig.facets.XAdESSignatureFacet;
import org.apache.poi.poifs.crypt.dsig.services.RevocationDataService;
import org.apache.poi.poifs.crypt.dsig.services.SignaturePolicyService;
import org.apache.poi.poifs.crypt.dsig.services.TSPTimeStampService;
import org.apache.poi.poifs.crypt.dsig.services.TimeStampService;
import org.apache.poi.poifs.crypt.dsig.services.TimeStampServiceValidator;
import org.apache.poi.ss.formula.ptg.AreaErrPtg;
import org.apache.poi.ss.formula.ptg.RefPtg;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
import org.w3c.dom.events.EventListener;

/* loaded from: classes4.dex */
public class SignatureConfig {
    private static final POILogger LOG = POILogFactory.getLogger((Class<?>) SignatureConfig.class);
    private PrivateKey key;
    private String proxyUrl;
    private RevocationDataService revocationDataService;
    private SignaturePolicyService signaturePolicyService;
    private List<X509Certificate> signingCertificateChain;
    private String tspPass;
    private String tspUrl;
    private String tspUser;
    private TimeStampServiceValidator tspValidator;
    private ThreadLocal<OPCPackage> opcPackage = new ThreadLocal<>();
    private ThreadLocal<XMLSignatureFactory> signatureFactory = new ThreadLocal<>();
    private ThreadLocal<KeyInfoFactory> keyInfoFactory = new ThreadLocal<>();
    private ThreadLocal<Provider> provider = new ThreadLocal<>();
    private List<SignatureFacet> signatureFacets = new ArrayList();
    private HashAlgorithm digestAlgo = HashAlgorithm.sha1;
    private Date executionTime = new Date();
    private URIDereferencer uriDereferencer = null;
    private String canonicalizationMethod = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
    private boolean includeEntireCertificateChain = true;
    private boolean includeIssuerSerial = false;
    private boolean includeKeyValue = false;
    private TimeStampService tspService = new TSPTimeStampService();
    private boolean tspOldProtocol = false;
    private HashAlgorithm tspDigestAlgo = null;
    private String tspRequestPolicy = "1.3.6.1.4.1.13762.3";
    private String userAgent = "POI XmlSign Service TSP Client";
    private HashAlgorithm xadesDigestAlgo = null;
    private String xadesRole = null;
    private String xadesSignatureId = "idSignedProperties";
    private boolean xadesSignaturePolicyImplied = true;
    private String xadesCanonicalizationMethod = "http://www.w3.org/2001/10/xml-exc-c14n#";
    private boolean xadesIssuerNameNoReverseOrder = true;
    private String packageSignatureId = "idPackageSignature";
    private String signatureDescription = "Office OpenXML Document";
    EventListener signatureMarshalListener = null;
    Map<String, String> namespacePrefixes = new HashMap();

    /* loaded from: classes4.dex */
    public interface SignatureConfigurable {
        void setSignatureConfig(SignatureConfig signatureConfig);
    }

    public static String getDigestMethodUri(HashAlgorithm hashAlgorithm) {
        int i = AnonymousClass1.$SwitchMap$org$apache$poi$poifs$crypt$HashAlgorithm[hashAlgorithm.ordinal()];
        if (i == 7) {
            return "http://www.w3.org/2001/04/xmlenc#ripemd160";
        }
        switch (i) {
            case 1:
                return "http://www.w3.org/2000/09/xmldsig#sha1";
            case 2:
                return "http://www.w3.org/2001/04/xmldsig-more#sha224";
            case 3:
                return "http://www.w3.org/2001/04/xmlenc#sha256";
            case 4:
                return "http://www.w3.org/2001/04/xmldsig-more#sha384";
            case 5:
                return "http://www.w3.org/2001/04/xmlenc#sha512";
            default:
                throw new EncryptedDocumentException("Hash algorithm " + hashAlgorithm + " not supported for signing.");
        }
    }

    protected static <T> T nvl(T t, T t2) {
        return t == null ? t2 : t;
    }

    public void addSignatureFacet(SignatureFacet signatureFacet) {
        this.signatureFacets.add(signatureFacet);
    }

    public String getCanonicalizationMethod() {
        return this.canonicalizationMethod;
    }

    public HashAlgorithm getDigestAlgo() {
        return this.digestAlgo;
    }

    public String getDigestMethodUri() {
        return getDigestMethodUri(getDigestAlgo());
    }

    public Date getExecutionTime() {
        return this.executionTime;
    }

    public byte[] getHashMagic() {
        switch (getDigestAlgo()) {
            case sha1:
                return new byte[]{48, 31, 48, 7, 6, 5, AreaErrPtg.sid, 14, 3, 2, Ascii.SUB, 4, 20};
            case sha224:
                return new byte[]{48, AreaErrPtg.sid, 48, 11, 6, 9, 96, -122, 72, 1, 101, 3, 4, 2, 4, 4, Ascii.FS};
            case sha256:
                return new byte[]{48, 47, 48, 11, 6, 9, 96, -122, 72, 1, 101, 3, 4, 2, 1, 4, 32};
            case sha384:
                return new byte[]{48, 63, 48, 11, 6, 9, 96, -122, 72, 1, 101, 3, 4, 2, 2, 4, 48};
            case sha512:
                return new byte[]{48, 79, 48, 11, 6, 9, 96, -122, 72, 1, 101, 3, 4, 2, 3, 4, 64};
            case ripemd128:
                return new byte[]{48, Ascii.ESC, 48, 7, 6, 5, AreaErrPtg.sid, RefPtg.sid, 3, 2, 2, 4, 16};
            case ripemd160:
                return new byte[]{48, 31, 48, 7, 6, 5, AreaErrPtg.sid, RefPtg.sid, 3, 2, 1, 4, 20};
            default:
                throw new EncryptedDocumentException("Hash algorithm " + getDigestAlgo() + " not supported for signing.");
        }
    }

    public PrivateKey getKey() {
        return this.key;
    }

    public KeyInfoFactory getKeyInfoFactory() {
        KeyInfoFactory keyInfoFactory = this.keyInfoFactory.get();
        if (keyInfoFactory != null) {
            return keyInfoFactory;
        }
        KeyInfoFactory keyInfoFactory2 = KeyInfoFactory.getInstance("DOM", getProvider());
        setKeyInfoFactory(keyInfoFactory2);
        return keyInfoFactory2;
    }

    public Map<String, String> getNamespacePrefixes() {
        return this.namespacePrefixes;
    }

    public OPCPackage getOpcPackage() {
        return this.opcPackage.get();
    }

    public String getPackageSignatureId() {
        return this.packageSignatureId;
    }

    public Provider getProvider() {
        Provider provider = this.provider.get();
        if (provider == null) {
            int i = 0;
            String[] strArr = {System.getProperty("jsr105Provider"), "org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI", "org.jcp.xml.dsig.internal.dom.XMLDSigRI"};
            int length = strArr.length;
            while (true) {
                if (i >= length) {
                    break;
                }
                String str = strArr[i];
                if (str != null) {
                    try {
                        provider = (Provider) Class.forName(str).newInstance();
                        break;
                    } catch (Exception unused) {
                        LOG.log(1, "XMLDsig-Provider '" + str + "' can't be found - trying next.");
                    }
                }
                i++;
            }
        }
        if (provider != null) {
            return provider;
        }
        throw new RuntimeException("JRE doesn't support default xml signature provider - set jsr105Provider system property!");
    }

    public String getProxyUrl() {
        return this.proxyUrl;
    }

    public RevocationDataService getRevocationDataService() {
        return this.revocationDataService;
    }

    public String getSignatureDescription() {
        return this.signatureDescription;
    }

    public List<SignatureFacet> getSignatureFacets() {
        return this.signatureFacets;
    }

    public XMLSignatureFactory getSignatureFactory() {
        XMLSignatureFactory xMLSignatureFactory = this.signatureFactory.get();
        if (xMLSignatureFactory != null) {
            return xMLSignatureFactory;
        }
        XMLSignatureFactory xMLSignatureFactory2 = XMLSignatureFactory.getInstance("DOM", getProvider());
        setSignatureFactory(xMLSignatureFactory2);
        return xMLSignatureFactory2;
    }

    public EventListener getSignatureMarshalListener() {
        return this.signatureMarshalListener;
    }

    public String getSignatureMethodUri() {
        int i = AnonymousClass1.$SwitchMap$org$apache$poi$poifs$crypt$HashAlgorithm[getDigestAlgo().ordinal()];
        if (i == 7) {
            return "http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160";
        }
        switch (i) {
            case 1:
                return "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
            case 2:
                return "http://www.w3.org/2001/04/xmldsig-more#rsa-sha224";
            case 3:
                return "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
            case 4:
                return "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384";
            case 5:
                return "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512";
            default:
                throw new EncryptedDocumentException("Hash algorithm " + getDigestAlgo() + " not supported for signing.");
        }
    }

    public SignaturePolicyService getSignaturePolicyService() {
        return this.signaturePolicyService;
    }

    public List<X509Certificate> getSigningCertificateChain() {
        return this.signingCertificateChain;
    }

    public HashAlgorithm getTspDigestAlgo() {
        return (HashAlgorithm) nvl(this.tspDigestAlgo, this.digestAlgo);
    }

    public String getTspPass() {
        return this.tspPass;
    }

    public String getTspRequestPolicy() {
        return this.tspRequestPolicy;
    }

    public TimeStampService getTspService() {
        return this.tspService;
    }

    public String getTspUrl() {
        return this.tspUrl;
    }

    public String getTspUser() {
        return this.tspUser;
    }

    public TimeStampServiceValidator getTspValidator() {
        return this.tspValidator;
    }

    public URIDereferencer getUriDereferencer() {
        return this.uriDereferencer;
    }

    public String getUserAgent() {
        return this.userAgent;
    }

    public String getXadesCanonicalizationMethod() {
        return this.xadesCanonicalizationMethod;
    }

    public HashAlgorithm getXadesDigestAlgo() {
        return (HashAlgorithm) nvl(this.xadesDigestAlgo, this.digestAlgo);
    }

    public String getXadesRole() {
        return this.xadesRole;
    }

    public String getXadesSignatureId() {
        return (String) nvl(this.xadesSignatureId, "idSignedProperties");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void init(boolean z) {
        if (this.opcPackage == null) {
            throw new EncryptedDocumentException("opcPackage is null");
        }
        if (this.uriDereferencer == null) {
            this.uriDereferencer = new OOXMLURIDereferencer();
        }
        if (this.uriDereferencer instanceof SignatureConfigurable) {
            this.uriDereferencer.setSignatureConfig(this);
        }
        if (this.namespacePrefixes.isEmpty()) {
            this.namespacePrefixes.put("http://schemas.openxmlformats.org/package/2006/digital-signature", "mdssi");
            this.namespacePrefixes.put(SignatureFacet.XADES_132_NS, "xd");
        }
        if (z) {
            return;
        }
        if (this.signatureMarshalListener == null) {
            this.signatureMarshalListener = new SignatureMarshalListener();
        }
        if (this.signatureMarshalListener instanceof SignatureConfigurable) {
            this.signatureMarshalListener.setSignatureConfig(this);
        }
        if (this.tspService != null) {
            this.tspService.setSignatureConfig(this);
        }
        if (this.signatureFacets.isEmpty()) {
            addSignatureFacet(new OOXMLSignatureFacet());
            addSignatureFacet(new KeyInfoSignatureFacet());
            addSignatureFacet(new XAdESSignatureFacet());
            addSignatureFacet(new Office2010SignatureFacet());
        }
        Iterator<SignatureFacet> it = this.signatureFacets.iterator();
        while (it.hasNext()) {
            it.next().setSignatureConfig(this);
        }
    }

    public boolean isIncludeEntireCertificateChain() {
        return this.includeEntireCertificateChain;
    }

    public boolean isIncludeIssuerSerial() {
        return this.includeIssuerSerial;
    }

    public boolean isIncludeKeyValue() {
        return this.includeKeyValue;
    }

    public boolean isTspOldProtocol() {
        return this.tspOldProtocol;
    }

    public boolean isXadesIssuerNameNoReverseOrder() {
        return this.xadesIssuerNameNoReverseOrder;
    }

    public boolean isXadesSignaturePolicyImplied() {
        return this.xadesSignaturePolicyImplied;
    }

    public void setCanonicalizationMethod(String str) {
        this.canonicalizationMethod = str;
    }

    public void setDigestAlgo(HashAlgorithm hashAlgorithm) {
        this.digestAlgo = hashAlgorithm;
    }

    public void setExecutionTime(Date date) {
        this.executionTime = date;
    }

    public void setIncludeEntireCertificateChain(boolean z) {
        this.includeEntireCertificateChain = z;
    }

    public void setIncludeIssuerSerial(boolean z) {
        this.includeIssuerSerial = z;
    }

    public void setIncludeKeyValue(boolean z) {
        this.includeKeyValue = z;
    }

    public void setKey(PrivateKey privateKey) {
        this.key = privateKey;
    }

    public void setKeyInfoFactory(KeyInfoFactory keyInfoFactory) {
        this.keyInfoFactory.set(keyInfoFactory);
    }

    public void setNamespacePrefixes(Map<String, String> map) {
        this.namespacePrefixes = map;
    }

    public void setOpcPackage(OPCPackage oPCPackage) {
        this.opcPackage.set(oPCPackage);
    }

    public void setPackageSignatureId(String str) {
        this.packageSignatureId = (String) nvl(str, "xmldsig-" + UUID.randomUUID());
    }

    public void setProxyUrl(String str) {
        this.proxyUrl = str;
    }

    public void setRevocationDataService(RevocationDataService revocationDataService) {
        this.revocationDataService = revocationDataService;
    }

    public void setSignatureDescription(String str) {
        this.signatureDescription = str;
    }

    public void setSignatureFacets(List<SignatureFacet> list) {
        this.signatureFacets = list;
    }

    public void setSignatureFactory(XMLSignatureFactory xMLSignatureFactory) {
        this.signatureFactory.set(xMLSignatureFactory);
    }

    public void setSignatureMarshalListener(EventListener eventListener) {
        this.signatureMarshalListener = eventListener;
    }

    public void setSignaturePolicyService(SignaturePolicyService signaturePolicyService) {
        this.signaturePolicyService = signaturePolicyService;
    }

    public void setSigningCertificateChain(List<X509Certificate> list) {
        this.signingCertificateChain = list;
    }

    public void setTspDigestAlgo(HashAlgorithm hashAlgorithm) {
        this.tspDigestAlgo = hashAlgorithm;
    }

    public void setTspOldProtocol(boolean z) {
        this.tspOldProtocol = z;
    }

    public void setTspPass(String str) {
        this.tspPass = str;
    }

    public void setTspRequestPolicy(String str) {
        this.tspRequestPolicy = str;
    }

    public void setTspService(TimeStampService timeStampService) {
        this.tspService = timeStampService;
    }

    public void setTspUrl(String str) {
        this.tspUrl = str;
    }

    public void setTspUser(String str) {
        this.tspUser = str;
    }

    public void setTspValidator(TimeStampServiceValidator timeStampServiceValidator) {
        this.tspValidator = timeStampServiceValidator;
    }

    public void setUriDereferencer(URIDereferencer uRIDereferencer) {
        this.uriDereferencer = uRIDereferencer;
    }

    public void setUserAgent(String str) {
        this.userAgent = str;
    }

    public void setXadesCanonicalizationMethod(String str) {
        this.xadesCanonicalizationMethod = str;
    }

    public void setXadesDigestAlgo(HashAlgorithm hashAlgorithm) {
        this.xadesDigestAlgo = hashAlgorithm;
    }

    public void setXadesIssuerNameNoReverseOrder(boolean z) {
        this.xadesIssuerNameNoReverseOrder = z;
    }

    public void setXadesRole(String str) {
        this.xadesRole = str;
    }

    public void setXadesSignatureId(String str) {
        this.xadesSignatureId = str;
    }

    public void setXadesSignaturePolicyImplied(boolean z) {
        this.xadesSignaturePolicyImplied = z;
    }
}
