package com.healthmarketscience.jackcess.crypt.impl.office;

import com.healthmarketscience.jackcess.crypt.InvalidCryptoConfigurationException;
import com.healthmarketscience.jackcess.crypt.model.CTDataIntegrity;
import com.healthmarketscience.jackcess.crypt.model.CTEncryption;
import com.healthmarketscience.jackcess.crypt.model.CTKeyData;
import com.healthmarketscience.jackcess.crypt.model.CTKeyEncryptor;
import com.healthmarketscience.jackcess.crypt.model.CTKeyEncryptors;
import com.healthmarketscience.jackcess.crypt.model.cert.CTCertificateKeyEncryptor;
import com.healthmarketscience.jackcess.crypt.model.cert.STCertificateKeyEncryptorUri;
import com.healthmarketscience.jackcess.crypt.model.password.CTPasswordKeyEncryptor;
import com.healthmarketscience.jackcess.crypt.model.password.STPasswordKeyEncryptorUri;
import com.sun.xml.bind.v2.util.XmlFactory;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.StringReader;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.EntityResolver;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;

/* loaded from: input_file:BOOT-INF/lib/jackcess-encrypt-4.0.1.jar:com/healthmarketscience/jackcess/crypt/impl/office/XmlEncryptionParser.class */
public class XmlEncryptionParser {
    private static final String ENC_NS = "http://schemas.microsoft.com/office/2006/encryption";
    private static final String PWD_NS = "http://schemas.microsoft.com/office/2006/keyEncryptor/password";
    private static final String CERT_NS = "http://schemas.microsoft.com/office/2006/keyEncryptor/certificate";
    private static final Log LOG = LogFactory.getLog(XmlEncryptionParser.class);
    private static final Base64.Decoder B64_DEC = Base64.getDecoder();
    private static final EntityResolver IGNORING_ENTITY_RESOLVER = new EntityResolver() { // from class: com.healthmarketscience.jackcess.crypt.impl.office.XmlEncryptionParser.1
        @Override // org.xml.sax.EntityResolver
        public InputSource resolveEntity(String str, String str2) throws SAXException, IOException {
            return new InputSource(new StringReader(""));
        }
    };

    private XmlEncryptionParser() {
    }

    public static final CTEncryption parseEncryptionDescriptor(byte[] bArr) {
        try {
            Element documentElement = newBuilder().parse(new ByteArrayInputStream(bArr)).getDocumentElement();
            if ("encryption".equals(documentElement.getLocalName()) && ENC_NS.equals(documentElement.getNamespaceURI())) {
                return parseEncryption(documentElement);
            }
            throw new InvalidCryptoConfigurationException("Unexpected xml config " + documentElement.getTagName());
        } catch (InvalidCryptoConfigurationException e) {
            throw e;
        } catch (Exception e2) {
            throw new InvalidCryptoConfigurationException("Failed parsing encryption descriptor", e2);
        }
    }

    private static CTEncryption parseEncryption(Element element) {
        CTEncryption cTEncryption = new CTEncryption();
        cTEncryption.setKeyData(parseKeyData(getElement(element, "keyData", ENC_NS, true)));
        cTEncryption.setDataIntegrity(parseDataIntegrity(getElement(element, "dataIntegrity", ENC_NS, false)));
        cTEncryption.setKeyEncryptors(parseKeyEncryptors(getElement(element, "keyEncryptors", ENC_NS, true)));
        return cTEncryption;
    }

    private static CTKeyData parseKeyData(Element element) {
        CTKeyData cTKeyData = new CTKeyData();
        cTKeyData.setSaltSize(getLongAttribute(element, "saltSize"));
        cTKeyData.setBlockSize(getLongAttribute(element, "blockSize"));
        cTKeyData.setKeyBits(getLongAttribute(element, "keyBits"));
        cTKeyData.setHashSize(getLongAttribute(element, "hashSize"));
        cTKeyData.setCipherAlgorithm(getStringAttribute(element, "cipherAlgorithm"));
        cTKeyData.setCipherChaining(getStringAttribute(element, "cipherChaining"));
        cTKeyData.setHashAlgorithm(getStringAttribute(element, "hashAlgorithm"));
        cTKeyData.setSaltValue(getBase64Attribute(element, "saltValue"));
        return cTKeyData;
    }

    private static CTDataIntegrity parseDataIntegrity(Element element) {
        if (element == null) {
            return null;
        }
        CTDataIntegrity cTDataIntegrity = new CTDataIntegrity();
        cTDataIntegrity.setEncryptedHmacKey(getBase64Attribute(element, "encryptedHmacKey"));
        cTDataIntegrity.setEncryptedHmacValue(getBase64Attribute(element, "encryptedHmacValue"));
        return cTDataIntegrity;
    }

    private static CTKeyEncryptors parseKeyEncryptors(Element element) {
        CTKeyEncryptors cTKeyEncryptors = new CTKeyEncryptors();
        Iterator<Element> it = getElements(element, "keyEncryptor", ENC_NS).iterator();
        while (it.hasNext()) {
            cTKeyEncryptors.getKeyEncryptor().add(parseKeyEncryptor(it.next()));
        }
        return cTKeyEncryptors;
    }

    private static CTKeyEncryptor parseKeyEncryptor(Element element) {
        Object parseCertificateKeyEncryptor;
        CTKeyEncryptor cTKeyEncryptor = new CTKeyEncryptor();
        String stringAttribute = getStringAttribute(element, "uri");
        cTKeyEncryptor.setUri(stringAttribute);
        if (STPasswordKeyEncryptorUri.HTTP_SCHEMAS_MICROSOFT_COM_OFFICE_2006_KEY_ENCRYPTOR_PASSWORD.value().equals(stringAttribute)) {
            parseCertificateKeyEncryptor = parsePasswordKeyEncryptor(element);
        } else {
            if (!STCertificateKeyEncryptorUri.HTTP_SCHEMAS_MICROSOFT_COM_OFFICE_2006_KEY_ENCRYPTOR_CERTIFICATE.value().equals(stringAttribute)) {
                throw createException("Unexpected xml config ", stringAttribute, element);
            }
            parseCertificateKeyEncryptor = parseCertificateKeyEncryptor(element);
        }
        cTKeyEncryptor.setAny(parseCertificateKeyEncryptor);
        return cTKeyEncryptor;
    }

    private static CTPasswordKeyEncryptor parsePasswordKeyEncryptor(Element element) {
        Element element2 = getElement(element, "encryptedKey", PWD_NS, true);
        CTPasswordKeyEncryptor cTPasswordKeyEncryptor = new CTPasswordKeyEncryptor();
        cTPasswordKeyEncryptor.setSaltSize(getLongAttribute(element2, "saltSize"));
        cTPasswordKeyEncryptor.setBlockSize(getLongAttribute(element2, "blockSize"));
        cTPasswordKeyEncryptor.setKeyBits(getLongAttribute(element2, "keyBits"));
        cTPasswordKeyEncryptor.setHashSize(getLongAttribute(element2, "hashSize"));
        cTPasswordKeyEncryptor.setCipherAlgorithm(getStringAttribute(element2, "cipherAlgorithm"));
        cTPasswordKeyEncryptor.setCipherChaining(getStringAttribute(element2, "cipherChaining"));
        cTPasswordKeyEncryptor.setHashAlgorithm(getStringAttribute(element2, "hashAlgorithm"));
        cTPasswordKeyEncryptor.setSaltValue(getBase64Attribute(element2, "saltValue"));
        cTPasswordKeyEncryptor.setSpinCount(getLongAttribute(element2, "spinCount"));
        cTPasswordKeyEncryptor.setEncryptedVerifierHashInput(getBase64Attribute(element2, "encryptedVerifierHashInput"));
        cTPasswordKeyEncryptor.setEncryptedVerifierHashValue(getBase64Attribute(element2, "encryptedVerifierHashValue"));
        cTPasswordKeyEncryptor.setEncryptedKeyValue(getBase64Attribute(element2, "encryptedKeyValue"));
        return cTPasswordKeyEncryptor;
    }

    private static CTCertificateKeyEncryptor parseCertificateKeyEncryptor(Element element) {
        Element element2 = getElement(element, "encryptedKey", CERT_NS, true);
        CTCertificateKeyEncryptor cTCertificateKeyEncryptor = new CTCertificateKeyEncryptor();
        cTCertificateKeyEncryptor.setEncryptedKeyValue(getBase64Attribute(element2, "encryptedKeyValue"));
        cTCertificateKeyEncryptor.setX509Certificate(getBase64Attribute(element2, "x509Certificate"));
        cTCertificateKeyEncryptor.setCertVerifier(getBase64Attribute(element2, "certVerifier"));
        return cTCertificateKeyEncryptor;
    }

    private static Element getElement(Element element, String str, String str2, boolean z) {
        NodeList elementsByTagNameNS = element.getElementsByTagNameNS(str2, str);
        if (elementsByTagNameNS != null && elementsByTagNameNS.getLength() > 0) {
            return (Element) elementsByTagNameNS.item(0);
        }
        if (z) {
            throw createException(str, element);
        }
        return null;
    }

    private static List<Element> getElements(Element element, String str, String str2) {
        NodeList elementsByTagNameNS = element.getElementsByTagNameNS(str2, str);
        if (elementsByTagNameNS == null || elementsByTagNameNS.getLength() == 0) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < elementsByTagNameNS.getLength(); i++) {
            arrayList.add((Element) elementsByTagNameNS.item(i));
        }
        return arrayList;
    }

    private static long getLongAttribute(Element element, String str) {
        String trimToNull = StringUtils.trimToNull(element.getAttribute(str));
        if (trimToNull == null) {
            throw createException(str, element);
        }
        return Long.parseLong(trimToNull);
    }

    private static String getStringAttribute(Element element, String str) {
        String trimToNull = StringUtils.trimToNull(element.getAttribute(str));
        if (trimToNull == null) {
            throw createException(str, element);
        }
        return trimToNull;
    }

    private static byte[] getBase64Attribute(Element element, String str) {
        String trimToNull = StringUtils.trimToNull(element.getAttribute(str));
        if (trimToNull == null) {
            throw createException(str, element);
        }
        return B64_DEC.decode(trimToNull);
    }

    private static DocumentBuilder newBuilder() throws ParserConfigurationException {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setFeature("http://javax.xml.XMLConstants/feature/secure-processing", true);
        maybeSetAttribute(newInstance, XmlFactory.ACCESS_EXTERNAL_DTD, "");
        maybeSetAttribute(newInstance, XmlFactory.ACCESS_EXTERNAL_SCHEMA, "");
        newInstance.setXIncludeAware(false);
        newInstance.setExpandEntityReferences(false);
        newInstance.setIgnoringComments(true);
        newInstance.setCoalescing(true);
        newInstance.setNamespaceAware(true);
        DocumentBuilder newDocumentBuilder = newInstance.newDocumentBuilder();
        newDocumentBuilder.setEntityResolver(IGNORING_ENTITY_RESOLVER);
        return newDocumentBuilder;
    }

    private static void maybeSetAttribute(DocumentBuilderFactory documentBuilderFactory, String str, String str2) {
        try {
            documentBuilderFactory.setAttribute(str, str2);
        } catch (IllegalArgumentException e) {
            LOG.warn("Xml parser does not support property " + str);
        }
    }

    private static InvalidCryptoConfigurationException createException(String str, Element element) {
        return createException("Could not find xml config ", str, element);
    }

    private static InvalidCryptoConfigurationException createException(String str, String str2, Element element) {
        return new InvalidCryptoConfigurationException(str + str2 + " under " + element.getTagName());
    }
}
