package org.gephi.org.apache.poi.poifs.crypt.dsig;

import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import org.gephi.java.io.ByteArrayInputStream;
import org.gephi.java.io.IOException;
import org.gephi.java.io.InputStream;
import org.gephi.java.lang.Class;
import org.gephi.java.lang.Deprecated;
import org.gephi.java.lang.NoSuchFieldError;
import org.gephi.java.lang.Object;
import org.gephi.java.lang.String;
import org.gephi.java.lang.StringBuilder;
import org.gephi.java.lang.System;
import org.gephi.java.lang.ThreadLocal;
import org.gephi.java.lang.invoke.LambdaMetafactory;
import org.gephi.java.security.GeneralSecurityException;
import org.gephi.java.security.KeyStore;
import org.gephi.java.security.KeyStoreException;
import org.gephi.java.security.PrivateKey;
import org.gephi.java.security.Provider;
import org.gephi.java.security.cert.Certificate;
import org.gephi.java.security.cert.CertificateException;
import org.gephi.java.security.cert.CertificateFactory;
import org.gephi.java.security.cert.X509Certificate;
import org.gephi.java.text.ParseException;
import org.gephi.java.text.SimpleDateFormat;
import org.gephi.java.util.ArrayList;
import org.gephi.java.util.Arrays;
import org.gephi.java.util.Collections;
import org.gephi.java.util.Date;
import org.gephi.java.util.HashMap;
import org.gephi.java.util.Iterator;
import org.gephi.java.util.List;
import org.gephi.java.util.Locale;
import org.gephi.java.util.Map;
import org.gephi.java.util.Optional;
import org.gephi.java.util.UUID;
import org.gephi.java.util.function.Function;
import org.gephi.java.util.function.Predicate;
import org.gephi.java.util.function.Supplier;
import org.gephi.java.util.stream.Collectors;
import org.gephi.java.util.stream.Stream;
import org.gephi.javax.xml.crypto.URIDereferencer;
import org.gephi.javax.xml.crypto.dsig.XMLSignatureFactory;
import org.gephi.javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import org.gephi.org.apache.logging.log4j.LogManager;
import org.gephi.org.apache.logging.log4j.Logger;
import org.gephi.org.apache.poi.EncryptedDocumentException;
import org.gephi.org.apache.poi.hpsf.ClassID;
import org.gephi.org.apache.poi.openxml4j.opc.OPCPackage;
import org.gephi.org.apache.poi.poifs.crypt.HashAlgorithm;
import org.gephi.org.apache.poi.poifs.crypt.dsig.facets.KeyInfoSignatureFacet;
import org.gephi.org.apache.poi.poifs.crypt.dsig.facets.OOXMLSignatureFacet;
import org.gephi.org.apache.poi.poifs.crypt.dsig.facets.Office2010SignatureFacet;
import org.gephi.org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet;
import org.gephi.org.apache.poi.poifs.crypt.dsig.facets.XAdESSignatureFacet;
import org.gephi.org.apache.poi.poifs.crypt.dsig.services.RevocationDataService;
import org.gephi.org.apache.poi.poifs.crypt.dsig.services.SignaturePolicyService;
import org.gephi.org.apache.poi.poifs.crypt.dsig.services.TSPTimeStampService;
import org.gephi.org.apache.poi.poifs.crypt.dsig.services.TimeStampHttpClient;
import org.gephi.org.apache.poi.poifs.crypt.dsig.services.TimeStampService;
import org.gephi.org.apache.poi.poifs.crypt.dsig.services.TimeStampServiceValidator;
import org.gephi.org.apache.poi.poifs.crypt.dsig.services.TimeStampSimpleHttpClient;
import org.gephi.org.apache.poi.util.Internal;
import org.gephi.org.apache.poi.util.LocaleUtil;
import org.gephi.org.apache.poi.util.Removal;

/* loaded from: input_file:org/gephi/org/apache/poi/poifs/crypt/dsig/SignatureConfig.class */
public class SignatureConfig extends Object {
    public static final String SIGNATURE_TIME_FORMAT = "yyyy-MM-dd'T'HH:mm:ss'Z'";
    private static final String DigestMethod_SHA224 = "http://www.w3.org/2001/04/xmldsig-more#sha224";
    private static final String DigestMethod_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#sha384";
    private static final String XMLSEC_SANTUARIO = "org.gephi.org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI";
    private static final String XMLSEC_JDK = "org.jcp.xml.dsig.internal.dom.XMLDSigRI";
    private PrivateKey key;
    private List<X509Certificate> signingCertificateChain;
    private SignaturePolicyService signaturePolicyService;
    private boolean includeIssuerSerial;
    private boolean includeKeyValue;
    private String tspUrl;
    private boolean tspOldProtocol;
    private HashAlgorithm tspDigestAlgo;
    private String tspUser;
    private String tspPass;
    private TimeStampServiceValidator tspValidator;
    private String proxyUrl;
    private RevocationDataService revocationDataService;
    private HashAlgorithm xadesDigestAlgo;
    private String xadesRole;
    private ClassID signatureImageSetupId;
    private byte[] signatureImage;
    private byte[] signatureImageValid;
    private byte[] signatureImageInvalid;
    private static final Logger LOG = LogManager.getLogger((Class<?>) SignatureConfig.class);
    private static final List<Supplier<SignatureFacet>> DEFAULT_FACETS = Arrays.asList(new Supplier[]{(Supplier) LambdaMetafactory.metafactory(MethodHandles.lookup(), "get", MethodType.methodType(Supplier.class), MethodType.methodType(Object.class), MethodHandles.lookup().findConstructor(OOXMLSignatureFacet.class, "<init>", MethodType.methodType(Void.TYPE)), MethodType.methodType(SignatureFacet.class)).dynamicInvoker().invoke() /* invoke-custom */, (Supplier) LambdaMetafactory.metafactory(MethodHandles.lookup(), "get", MethodType.methodType(Supplier.class), MethodType.methodType(Object.class), MethodHandles.lookup().findConstructor(KeyInfoSignatureFacet.class, "<init>", MethodType.methodType(Void.TYPE)), MethodType.methodType(SignatureFacet.class)).dynamicInvoker().invoke() /* invoke-custom */, (Supplier) LambdaMetafactory.metafactory(MethodHandles.lookup(), "get", MethodType.methodType(Supplier.class), MethodType.methodType(Object.class), MethodHandles.lookup().findConstructor(XAdESSignatureFacet.class, "<init>", MethodType.methodType(Void.TYPE)), MethodType.methodType(SignatureFacet.class)).dynamicInvoker().invoke() /* invoke-custom */, (Supplier) LambdaMetafactory.metafactory(MethodHandles.lookup(), "get", MethodType.methodType(Supplier.class), MethodType.methodType(Object.class), MethodHandles.lookup().findConstructor(Office2010SignatureFacet.class, "<init>", MethodType.methodType(Void.TYPE)), MethodType.methodType(SignatureFacet.class)).dynamicInvoker().invoke() /* invoke-custom */});
    private final ThreadLocal<OPCPackage> opcPackage = new ThreadLocal<>();
    private final ThreadLocal<XMLSignatureFactory> signatureFactory = new ThreadLocal<>();
    private final ThreadLocal<KeyInfoFactory> keyInfoFactory = new ThreadLocal<>();
    private final ThreadLocal<Provider> provider = new ThreadLocal<>();
    private List<SignatureFacet> signatureFacets = new ArrayList();
    private HashAlgorithm digestAlgo = HashAlgorithm.sha256;
    private Date executionTime = new Date();
    private URIDereferencer uriDereferencer = new OOXMLURIDereferencer();
    private String canonicalizationMethod = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
    private boolean includeEntireCertificateChain = true;
    private TimeStampService tspService = new TSPTimeStampService();
    private TimeStampHttpClient tspHttpClient = new TimeStampSimpleHttpClient();
    private String tspRequestPolicy = "1.3.6.1.4.1.13762.3";
    private String userAgent = "POI XmlSign Service TSP Client";
    private String xadesSignatureId = "idSignedProperties";
    private boolean xadesSignaturePolicyImplied = true;
    private String xadesCanonicalizationMethod = "http://www.w3.org/2001/10/xml-exc-c14n#";
    private boolean xadesIssuerNameNoReverseOrder = true;
    private String packageSignatureId = "idPackageSignature";
    private String signatureDescription = "Office OpenXML Document";
    private SignatureMarshalListener signatureMarshalListener = new SignatureMarshalDefaultListener();
    private final Map<String, String> namespacePrefixes = new HashMap();
    private boolean updateConfigOnValidate = false;
    private boolean allowMultipleSignatures = false;
    private boolean secureValidation = true;
    private String commitmentType = "Created and approved this document";
    private boolean allowCRLDownload = false;
    private final List<CRLEntry> crlEntries = new ArrayList();
    private final KeyStore keyStore = emptyKeyStore();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.gephi.org.apache.poi.poifs.crypt.dsig.SignatureConfig$1, reason: invalid class name */
    /* loaded from: input_file:org/gephi/org/apache/poi/poifs/crypt/dsig/SignatureConfig$1.class */
    public static /* synthetic */ class AnonymousClass1 extends Object {
        static final /* synthetic */ int[] $SwitchMap$org$apache$poi$poifs$crypt$HashAlgorithm = new int[HashAlgorithm.values().length];

        static {
            try {
                $SwitchMap$org$apache$poi$poifs$crypt$HashAlgorithm[HashAlgorithm.sha1.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$poi$poifs$crypt$HashAlgorithm[HashAlgorithm.sha224.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apache$poi$poifs$crypt$HashAlgorithm[HashAlgorithm.sha256.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$apache$poi$poifs$crypt$HashAlgorithm[HashAlgorithm.sha384.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$apache$poi$poifs$crypt$HashAlgorithm[HashAlgorithm.sha512.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$apache$poi$poifs$crypt$HashAlgorithm[HashAlgorithm.ripemd160.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    /* loaded from: input_file:org/gephi/org/apache/poi/poifs/crypt/dsig/SignatureConfig$CRLEntry.class */
    public static class CRLEntry extends Object {
        private final String crlURL;
        private final String certCN;
        private final byte[] crlBytes;

        public CRLEntry(String string, String string2, byte[] bArr) {
            this.crlURL = string;
            this.certCN = string2;
            this.crlBytes = bArr;
        }

        public String getCrlURL() {
            return this.crlURL;
        }

        public String getCertCN() {
            return this.certCN;
        }

        public byte[] getCrlBytes() {
            return this.crlBytes;
        }
    }

    public SignatureConfig() {
        this.namespacePrefixes.put("http://schemas.openxmlformats.org/package/2006/digital-signature", "mdssi");
        this.namespacePrefixes.put("http://uri.etsi.org/01903/v1.3.2#", "xd");
    }

    public void addSignatureFacet(SignatureFacet signatureFacet) {
        this.signatureFacets.add(signatureFacet);
    }

    public List<SignatureFacet> getSignatureFacets() {
        return this.signatureFacets.isEmpty() ? DEFAULT_FACETS.stream().map((Function) LambdaMetafactory.metafactory(MethodHandles.lookup(), "apply", MethodType.methodType(Function.class), MethodType.methodType(Object.class, Object.class), MethodHandles.lookup().findVirtual(Supplier.class, "get", MethodType.methodType(Object.class)), MethodType.methodType(SignatureFacet.class, Supplier.class)).dynamicInvoker().invoke() /* invoke-custom */).collect(Collectors.toList()) : this.signatureFacets;
    }

    public void setSignatureFacets(List<SignatureFacet> list) {
        this.signatureFacets = list;
    }

    public HashAlgorithm getDigestAlgo() {
        return this.digestAlgo;
    }

    public void setDigestAlgo(HashAlgorithm hashAlgorithm) {
        this.digestAlgo = hashAlgorithm;
    }

    @Deprecated
    @Removal(version = "5.0.0")
    public OPCPackage getOpcPackage() {
        return (OPCPackage) this.opcPackage.get();
    }

    @Deprecated
    @Removal(version = "5.0.0")
    public void setOpcPackage(OPCPackage oPCPackage) {
        this.opcPackage.set(oPCPackage);
    }

    public PrivateKey getKey() {
        return this.key;
    }

    public void setKey(PrivateKey privateKey) {
        this.key = privateKey;
    }

    public List<X509Certificate> getSigningCertificateChain() {
        return this.signingCertificateChain;
    }

    public void setSigningCertificateChain(List<X509Certificate> list) {
        this.signingCertificateChain = list;
    }

    public Date getExecutionTime() {
        return this.executionTime;
    }

    public void setExecutionTime(Date date) {
        this.executionTime = date;
    }

    public String formatExecutionTime() {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'", Locale.ROOT);
        simpleDateFormat.setTimeZone(LocaleUtil.TIMEZONE_UTC);
        return simpleDateFormat.format(getExecutionTime());
    }

    public void setExecutionTime(String string) {
        if (string == null || "".equals(string)) {
            return;
        }
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'", Locale.ROOT);
        simpleDateFormat.setTimeZone(LocaleUtil.TIMEZONE_UTC);
        try {
            this.executionTime = simpleDateFormat.parse(string);
        } catch (ParseException e) {
            LOG.atWarn().log("Illegal execution time: {}. Must be formatted as yyyy-MM-dd'T'HH:mm:ss'Z'", (Object) string);
        }
    }

    public SignaturePolicyService getSignaturePolicyService() {
        return this.signaturePolicyService;
    }

    public void setSignaturePolicyService(SignaturePolicyService signaturePolicyService) {
        this.signaturePolicyService = signaturePolicyService;
    }

    @Deprecated
    @Removal(version = "5.0.0")
    public URIDereferencer getUriDereferencer() {
        return this.uriDereferencer;
    }

    @Deprecated
    @Removal(version = "5.0.0")
    public void setUriDereferencer(URIDereferencer uRIDereferencer) {
        this.uriDereferencer = uRIDereferencer;
    }

    public String getSignatureDescription() {
        return this.signatureDescription;
    }

    public void setSignatureDescription(String string) {
        this.signatureDescription = string;
    }

    public byte[] getSignatureImage() {
        return this.signatureImage;
    }

    public byte[] getSignatureImageValid() {
        return this.signatureImageValid;
    }

    public byte[] getSignatureImageInvalid() {
        return this.signatureImageInvalid;
    }

    public ClassID getSignatureImageSetupId() {
        return this.signatureImageSetupId;
    }

    public void setSignatureImageSetupId(ClassID classID) {
        this.signatureImageSetupId = classID;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void setSignatureImage(byte[] bArr) {
        this.signatureImage = bArr == null ? null : (byte[]) bArr.clone();
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void setSignatureImageValid(byte[] bArr) {
        this.signatureImageValid = bArr == null ? null : (byte[]) bArr.clone();
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void setSignatureImageInvalid(byte[] bArr) {
        this.signatureImageInvalid = bArr == null ? null : (byte[]) bArr.clone();
    }

    public String getCanonicalizationMethod() {
        return this.canonicalizationMethod;
    }

    public void setCanonicalizationMethod(String string) {
        this.canonicalizationMethod = verifyCanonicalizationMethod(string, "http://www.w3.org/TR/2001/REC-xml-c14n-20010315");
    }

    private static String verifyCanonicalizationMethod(String string, String string2) {
        if (string == null || string.isEmpty()) {
            return string2;
        }
        boolean z = -1;
        switch (string.hashCode()) {
            case -2012395451:
                if (string.equals("http://www.w3.org/TR/2001/REC-xml-c14n-20010315")) {
                    z = true;
                    break;
                }
                break;
            case -785330953:
                if (string.equals("http://www.w3.org/2000/09/xmldsig#enveloped-signature")) {
                    z = false;
                    break;
                }
                break;
            case -549269964:
                if (string.equals("http://www.w3.org/2001/10/xml-exc-c14n#")) {
                    z = 3;
                    break;
                }
                break;
            case 246158456:
                if (string.equals("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments")) {
                    z = 2;
                    break;
                }
                break;
            case 1783513390:
                if (string.equals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments")) {
                    z = 4;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
            case true:
            case true:
            case true:
            case true:
                return string;
            default:
                throw new EncryptedDocumentException(new StringBuilder().append("Unknown CanonicalizationMethod: ").append(string).toString());
        }
    }

    public String getPackageSignatureId() {
        return this.packageSignatureId;
    }

    public void setPackageSignatureId(String string) {
        this.packageSignatureId = nvl(string, new StringBuilder().append("xmldsig-").append(UUID.randomUUID()).toString());
    }

    public String getTspUrl() {
        return this.tspUrl;
    }

    public void setTspUrl(String string) {
        this.tspUrl = string;
    }

    public boolean isTspOldProtocol() {
        return this.tspOldProtocol;
    }

    public void setTspOldProtocol(boolean z) {
        this.tspOldProtocol = z;
    }

    public HashAlgorithm getTspDigestAlgo() {
        return nvl(this.tspDigestAlgo, this.digestAlgo);
    }

    public void setTspDigestAlgo(HashAlgorithm hashAlgorithm) {
        this.tspDigestAlgo = hashAlgorithm;
    }

    public String getProxyUrl() {
        return this.proxyUrl;
    }

    public void setProxyUrl(String string) {
        this.proxyUrl = string;
    }

    public TimeStampService getTspService() {
        return this.tspService;
    }

    public void setTspService(TimeStampService timeStampService) {
        this.tspService = timeStampService;
    }

    public TimeStampHttpClient getTspHttpClient() {
        return this.tspHttpClient;
    }

    public void setTspHttpClient(TimeStampHttpClient timeStampHttpClient) {
        this.tspHttpClient = timeStampHttpClient;
    }

    public String getTspUser() {
        return this.tspUser;
    }

    public void setTspUser(String string) {
        this.tspUser = string;
    }

    public String getTspPass() {
        return this.tspPass;
    }

    public void setTspPass(String string) {
        this.tspPass = string;
    }

    public TimeStampServiceValidator getTspValidator() {
        return this.tspValidator;
    }

    public void setTspValidator(TimeStampServiceValidator timeStampServiceValidator) {
        this.tspValidator = timeStampServiceValidator;
    }

    public RevocationDataService getRevocationDataService() {
        return this.revocationDataService;
    }

    public void setRevocationDataService(RevocationDataService revocationDataService) {
        this.revocationDataService = revocationDataService;
    }

    public HashAlgorithm getXadesDigestAlgo() {
        return nvl(this.xadesDigestAlgo, this.digestAlgo);
    }

    public void setXadesDigestAlgo(HashAlgorithm hashAlgorithm) {
        this.xadesDigestAlgo = hashAlgorithm;
    }

    public void setXadesDigestAlgo(String string) {
        this.xadesDigestAlgo = getDigestMethodAlgo(string);
    }

    public String getUserAgent() {
        return this.userAgent;
    }

    public void setUserAgent(String string) {
        this.userAgent = string;
    }

    public String getTspRequestPolicy() {
        return this.tspRequestPolicy;
    }

    public void setTspRequestPolicy(String string) {
        this.tspRequestPolicy = string;
    }

    public boolean isIncludeEntireCertificateChain() {
        return this.includeEntireCertificateChain;
    }

    public void setIncludeEntireCertificateChain(boolean z) {
        this.includeEntireCertificateChain = z;
    }

    public boolean isIncludeIssuerSerial() {
        return this.includeIssuerSerial;
    }

    public void setIncludeIssuerSerial(boolean z) {
        this.includeIssuerSerial = z;
    }

    public boolean isIncludeKeyValue() {
        return this.includeKeyValue;
    }

    public void setIncludeKeyValue(boolean z) {
        this.includeKeyValue = z;
    }

    public String getXadesRole() {
        return this.xadesRole;
    }

    public void setXadesRole(String string) {
        this.xadesRole = string;
    }

    public String getXadesSignatureId() {
        return nvl(this.xadesSignatureId, "idSignedProperties");
    }

    public void setXadesSignatureId(String string) {
        this.xadesSignatureId = string;
    }

    public boolean isXadesSignaturePolicyImplied() {
        return this.xadesSignaturePolicyImplied;
    }

    public void setXadesSignaturePolicyImplied(boolean z) {
        this.xadesSignaturePolicyImplied = z;
    }

    public boolean isXadesIssuerNameNoReverseOrder() {
        return this.xadesIssuerNameNoReverseOrder;
    }

    public void setXadesIssuerNameNoReverseOrder(boolean z) {
        this.xadesIssuerNameNoReverseOrder = z;
    }

    public SignatureMarshalListener getSignatureMarshalListener() {
        return this.signatureMarshalListener;
    }

    public void setSignatureMarshalListener(SignatureMarshalListener signatureMarshalListener) {
        this.signatureMarshalListener = signatureMarshalListener;
    }

    public Map<String, String> getNamespacePrefixes() {
        return this.namespacePrefixes;
    }

    public void setNamespacePrefixes(Map<String, String> map) {
        this.namespacePrefixes.clear();
        this.namespacePrefixes.putAll(map);
    }

    private static <T extends Object> T nvl(T t, T t2) {
        return t == null ? t2 : t;
    }

    public String getSignatureMethodUri() {
        switch (AnonymousClass1.$SwitchMap$org$apache$poi$poifs$crypt$HashAlgorithm[getDigestAlgo().ordinal()]) {
            case 1:
                return "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
            case 2:
                return "http://www.w3.org/2001/04/xmldsig-more#rsa-sha224";
            case 3:
                return "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
            case 4:
                return "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384";
            case 5:
                return "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512";
            case 6:
                return "http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160";
            default:
                throw new EncryptedDocumentException(new StringBuilder().append("Hash algorithm ").append(getDigestAlgo()).append(" not supported for signing.").toString());
        }
    }

    public String getDigestMethodUri() {
        return getDigestMethodUri(getDigestAlgo());
    }

    public static String getDigestMethodUri(HashAlgorithm hashAlgorithm) {
        switch (AnonymousClass1.$SwitchMap$org$apache$poi$poifs$crypt$HashAlgorithm[hashAlgorithm.ordinal()]) {
            case 1:
                return "http://www.w3.org/2000/09/xmldsig#sha1";
            case 2:
                return DigestMethod_SHA224;
            case 3:
                return "http://www.w3.org/2001/04/xmlenc#sha256";
            case 4:
                return DigestMethod_SHA384;
            case 5:
                return "http://www.w3.org/2001/04/xmlenc#sha512";
            case 6:
                return "http://www.w3.org/2001/04/xmlenc#ripemd160";
            default:
                throw new EncryptedDocumentException(new StringBuilder().append("Hash algorithm ").append(hashAlgorithm).append(" not supported for signing.").toString());
        }
    }

    private static HashAlgorithm getDigestMethodAlgo(String string) {
        if (string == null || string.isEmpty()) {
            return null;
        }
        boolean z = -1;
        switch (string.hashCode()) {
            case -1000393448:
                if (string.equals("http://www.w3.org/2001/04/xmlenc#sha256")) {
                    z = 2;
                    break;
                }
                break;
            case -1000390693:
                if (string.equals("http://www.w3.org/2001/04/xmlenc#sha512")) {
                    z = 4;
                    break;
                }
                break;
            case 1060036557:
                if (string.equals("http://www.w3.org/2000/09/xmldsig#sha1")) {
                    z = false;
                    break;
                }
                break;
            case 1253031479:
                if (string.equals("http://www.w3.org/2001/04/xmlenc#ripemd160")) {
                    z = 5;
                    break;
                }
                break;
            case 2029689854:
                if (string.equals(DigestMethod_SHA224)) {
                    z = true;
                    break;
                }
                break;
            case 2029691001:
                if (string.equals(DigestMethod_SHA384)) {
                    z = 3;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return HashAlgorithm.sha1;
            case true:
                return HashAlgorithm.sha224;
            case true:
                return HashAlgorithm.sha256;
            case true:
                return HashAlgorithm.sha384;
            case true:
                return HashAlgorithm.sha512;
            case true:
                return HashAlgorithm.ripemd160;
            default:
                throw new EncryptedDocumentException(new StringBuilder().append("Hash algorithm ").append(string).append(" not supported for signing.").toString());
        }
    }

    public void setSignatureMethodFromUri(String string) {
        boolean z = -1;
        switch (string.hashCode()) {
            case -871953275:
                if (string.equals("http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160")) {
                    z = 5;
                    break;
                }
                break;
            case -699582165:
                if (string.equals("http://www.w3.org/2001/04/xmldsig-more#rsa-sha224")) {
                    z = true;
                    break;
                }
                break;
            case -699582070:
                if (string.equals("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256")) {
                    z = 2;
                    break;
                }
                break;
            case -699581018:
                if (string.equals("http://www.w3.org/2001/04/xmldsig-more#rsa-sha384")) {
                    z = 3;
                    break;
                }
                break;
            case -699579315:
                if (string.equals("http://www.w3.org/2001/04/xmldsig-more#rsa-sha512")) {
                    z = 4;
                    break;
                }
                break;
            case 670108474:
                if (string.equals("http://www.w3.org/2000/09/xmldsig#rsa-sha1")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                setDigestAlgo(HashAlgorithm.sha1);
                return;
            case true:
                setDigestAlgo(HashAlgorithm.sha224);
                return;
            case true:
                setDigestAlgo(HashAlgorithm.sha256);
                return;
            case true:
                setDigestAlgo(HashAlgorithm.sha384);
                return;
            case true:
                setDigestAlgo(HashAlgorithm.sha512);
                return;
            case true:
                setDigestAlgo(HashAlgorithm.ripemd160);
                return;
            default:
                throw new EncryptedDocumentException(new StringBuilder().append("Hash algorithm ").append(string).append(" not supported.").toString());
        }
    }

    @Deprecated
    @Removal(version = "5.0.0")
    public void setSignatureFactory(XMLSignatureFactory xMLSignatureFactory) {
        this.signatureFactory.set(xMLSignatureFactory);
    }

    @Deprecated
    @Removal(version = "5.0.0")
    public XMLSignatureFactory getSignatureFactory() {
        return this.signatureFactory.get();
    }

    @Deprecated
    @Removal(version = "5.0.0")
    public void setKeyInfoFactory(KeyInfoFactory keyInfoFactory) {
        this.keyInfoFactory.set(keyInfoFactory);
    }

    @Deprecated
    @Removal(version = "5.0.0")
    public KeyInfoFactory getKeyInfoFactory() {
        return this.keyInfoFactory.get();
    }

    @Internal
    @Deprecated
    @Removal(version = "5.0.0")
    public void setProvider(Provider provider) {
        this.provider.set(provider);
    }

    @Deprecated
    @Removal(version = "5.0.0")
    public Provider getProvider() {
        return this.provider.get();
    }

    public static String[] getProviderNames() {
        String property = System.getProperty("jsr105Provider");
        return (property == null || "".equals(property)) ? new String[]{XMLSEC_SANTUARIO, XMLSEC_JDK} : new String[]{property, XMLSEC_SANTUARIO, XMLSEC_JDK};
    }

    public String getXadesCanonicalizationMethod() {
        return this.xadesCanonicalizationMethod;
    }

    public void setXadesCanonicalizationMethod(String string) {
        this.xadesCanonicalizationMethod = verifyCanonicalizationMethod(string, "http://www.w3.org/2001/10/xml-exc-c14n#");
    }

    public boolean isUpdateConfigOnValidate() {
        return this.updateConfigOnValidate;
    }

    public void setUpdateConfigOnValidate(boolean z) {
        this.updateConfigOnValidate = z;
    }

    public boolean isAllowMultipleSignatures() {
        return this.allowMultipleSignatures;
    }

    public void setAllowMultipleSignatures(boolean z) {
        this.allowMultipleSignatures = z;
    }

    public boolean isSecureValidation() {
        return this.secureValidation;
    }

    public void setSecureValidation(boolean z) {
        this.secureValidation = z;
    }

    public String getCommitmentType() {
        return this.commitmentType;
    }

    public void setCommitmentType(String string) {
        this.commitmentType = string;
    }

    public CRLEntry addCRL(String string, String string2, byte[] bArr) {
        CRLEntry cRLEntry = new CRLEntry(string, string2, bArr);
        this.crlEntries.add(cRLEntry);
        return cRLEntry;
    }

    public List<CRLEntry> getCrlEntries() {
        return this.crlEntries;
    }

    public boolean isAllowCRLDownload() {
        return this.allowCRLDownload;
    }

    public void setAllowCRLDownload(boolean z) {
        this.allowCRLDownload = z;
    }

    public KeyStore getKeyStore() {
        return this.keyStore;
    }

    public void addCachedCertificate(String string, X509Certificate x509Certificate) throws KeyStoreException {
        String string2 = string;
        if (string2 == null) {
            string2 = x509Certificate.getSubjectX500Principal().getName();
        }
        if (this.keyStore != null) {
            synchronized (this.keyStore) {
                this.keyStore.setCertificateEntry(string2, x509Certificate);
            }
        }
    }

    public void addCachedCertificate(String string, byte[] bArr) throws KeyStoreException, CertificateException {
        addCachedCertificate((String) null, (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr)));
    }

    public X509Certificate getCachedCertificateByPrinicipal(String string) {
        if (this.keyStore == null) {
            return null;
        }
        try {
            Iterator it2 = Collections.list(this.keyStore.aliases()).iterator();
            while (it2.hasNext()) {
                String next = it2.next();
                Certificate[] certificateChain = this.keyStore.getCertificateChain(next);
                if (certificateChain == null) {
                    Certificate certificate = this.keyStore.getCertificate(next);
                    if (certificate != null) {
                        certificateChain = new Certificate[]{certificate};
                    }
                }
                Stream of = Stream.of(certificateChain);
                X509Certificate.class.getClass();
                Optional findFirst = of.map((Function) LambdaMetafactory.metafactory(MethodHandles.lookup(), "apply", MethodType.methodType(Function.class, Class.class), MethodType.methodType(Object.class, Object.class), MethodHandles.lookup().findVirtual(Class.class, "cast", MethodType.methodType(Object.class, Object.class)), MethodType.methodType(X509Certificate.class, Certificate.class)).dynamicInvoker().invoke(X509Certificate.class) /* invoke-custom */).filter((Predicate) LambdaMetafactory.metafactory(MethodHandles.lookup(), "test", MethodType.methodType(Predicate.class, String.class), MethodType.methodType(Boolean.TYPE, Object.class), MethodHandles.lookup().findStatic(SignatureConfig.class, "lambda$getCachedCertificateByPrinicipal$0", MethodType.methodType(Boolean.TYPE, String.class, X509Certificate.class)), MethodType.methodType(Boolean.TYPE, X509Certificate.class)).dynamicInvoker().invoke(string) /* invoke-custom */).findFirst();
                if (findFirst.isPresent()) {
                    return findFirst.get();
                }
            }
            return null;
        } catch (KeyStoreException e) {
            return null;
        }
    }

    private static KeyStore emptyKeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load((InputStream) null, (char[]) null);
            return keyStore;
        } catch (IOException | GeneralSecurityException e) {
            LOG.atError().withThrowable(e).log("unable to create PKCS #12 keystore - XAdES certificate chain lookups disabled");
            return null;
        }
    }

    private static /* synthetic */ boolean lambda$getCachedCertificateByPrinicipal$0(String string, X509Certificate x509Certificate) {
        return string.equalsIgnoreCase(x509Certificate.getSubjectX500Principal().getName());
    }
}
