package pt.digitalis.dif.utils.pdf;

import com.lowagie.text.DocumentException;
import com.lowagie.text.Rectangle;
import com.lowagie.text.pdf.PdfDate;
import com.lowagie.text.pdf.PdfDictionary;
import com.lowagie.text.pdf.PdfFormField;
import com.lowagie.text.pdf.PdfName;
import com.lowagie.text.pdf.PdfPKCS7;
import com.lowagie.text.pdf.PdfReader;
import com.lowagie.text.pdf.PdfSignature;
import com.lowagie.text.pdf.PdfSignatureAppearance;
import com.lowagie.text.pdf.PdfStamper;
import com.lowagie.text.pdf.PdfString;
import com.lowagie.text.pdf.TSAClient;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CRL;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Scanner;
import java.util.Set;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.xml.namespace.QName;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.datacontract.schemas._2004._07.ama_structures.ObjectFactory;
import org.datacontract.schemas._2004._07.ama_structures.SignRequest;
import org.datacontract.schemas._2004._07.ama_structures.SignResponse;
import org.datacontract.schemas._2004._07.ama_structures.SignStatus;
import org.tempuri.SCMDService_Service;

/* loaded from: input_file:pt/digitalis/dif/utils/pdf/AMACertificateManager.class */
public class AMACertificateManager {
    private static PdfSignatureAppearance appearance = null;

    /* loaded from: input_file:pt/digitalis/dif/utils/pdf/AMACertificateManager$AMASOAPHandler.class */
    private static class AMASOAPHandler implements SOAPHandler<SOAPMessageContext> {
        private AMASOAPHandler() {
        }

        public void close(MessageContext messageContext) {
        }

        public Set<QName> getHeaders() {
            return null;
        }

        public boolean handleFault(SOAPMessageContext sOAPMessageContext) {
            return true;
        }

        public boolean handleMessage(SOAPMessageContext sOAPMessageContext) {
            try {
                sOAPMessageContext.getMessage().writeTo(System.out);
                System.out.println("\n");
                return true;
            } catch (Exception e) {
                e.printStackTrace();
                return true;
            }
        }
    }

    private static PublicKey getPublicKey(boolean z) throws IOException, CertificateException {
        File file = new File("/home/lpinto/certnew.p7b.spc");
        System.out.println(file.isFile());
        PublicKey publicKey = null;
        for (Certificate certificate : CertificateFactory.getInstance("X.509").generateCertificates(new ByteArrayInputStream(FileUtils.readFileToByteArray(file)))) {
            if ((certificate instanceof X509Certificate) && ((X509Certificate) certificate).getSubjectX500Principal().getName().toLowerCase().contains("cmd.assinatura")) {
                publicKey = certificate.getPublicKey();
            }
        }
        if (z) {
            System.out.println((("-----BEGIN PUBLIC KEY-----\n") + Base64.encodeBase64String(publicKey.getEncoded())) + "\n-----END PUBLIC KEY-----");
        }
        return publicKey;
    }

    public static void main(String[] strArr) throws Exception {
        byte[] bytes = "924192aa-3b74-4c27-9f0c-9cb2273f4272".getBytes();
        BindingProvider basicHttpBindingSCMDService = new SCMDService_Service().getBasicHttpBindingSCMDService();
        BindingProvider bindingProvider = basicHttpBindingSCMDService;
        if (1 != 0) {
            List handlerChain = bindingProvider.getBinding().getHandlerChain();
            handlerChain.add(new AMASOAPHandler());
            bindingProvider.getBinding().setHandlerChain(handlerChain);
        }
        bindingProvider.getRequestContext().put("javax.xml.ws.service.endpoint.address", "https://preprod.cmd.autenticacao.gov.pt/Ama.Authentication.Frontend/SCMDService.svc");
        bindingProvider.getRequestContext().put("javax.xml.ws.security.auth.username", "tx3hmWas");
        bindingProvider.getRequestContext().put("javax.xml.ws.security.auth.password", "4pIXikQzfxrQt73wLiO2");
        PublicKey publicKey = getPublicKey(true);
        String encryptWithBase64 = encryptWithBase64(publicKey, "+351 938012085".getBytes());
        String encryptWithBase642 = encryptWithBase64(publicKey, "1234".getBytes());
        SignStatus certificateWithPin = basicHttpBindingSCMDService.getCertificateWithPin(bytes, encryptWithBase64, encryptWithBase642);
        Collection<? extends Certificate> collection = null;
        if ("200".equals(certificateWithPin.getCode())) {
            System.out.println("ProcessId:" + certificateWithPin.getProcessId());
            System.out.println("Inserir getCertificateWithPin OTP :");
            SignResponse validateOtp = basicHttpBindingSCMDService.validateOtp(encryptWithBase64(publicKey, new Scanner(System.in).next().getBytes()), certificateWithPin.getProcessId(), bytes);
            if ("200".equals(validateOtp.getStatus().getCode())) {
                collection = CertificateFactory.getInstance("X.509").generateCertificates(IOUtils.toInputStream(validateOtp.getCertificate()));
            }
        }
        Certificate[] certificateArr = (Certificate[]) collection.toArray(new Certificate[collection.size()]);
        if (1 != 0) {
            InputStream addEmptyEmptySignature = addEmptyEmptySignature(certificateArr);
            PdfPKCS7 pdfPKCS7 = new PdfPKCS7((PrivateKey) null, new X509Certificate[]{(X509Certificate) certificateArr[0]}, (CRL[]) null, "SHA256", (String) null, false);
            MessageDigest messageDigest = MessageDigest.getInstance("SHA256", "BC");
            byte[] bArr = new byte[8192];
            while (true) {
                int read = addEmptyEmptySignature.read(bArr, 0, bArr.length);
                if (read <= 0) {
                    break;
                } else {
                    messageDigest.update(bArr, 0, read);
                }
            }
            byte[] digest = messageDigest.digest();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byteArrayOutputStream.write(digest);
            byteArrayOutputStream.write(new byte[]{48, 49, 48, 13, 6, 9, 96, -122, 72, 1, 101, 3, 4, 2, 1, 5, 0, 4, 32});
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            Calendar calendar = Calendar.getInstance();
            byte[] digest2 = MessageDigest.getInstance("SHA256", "BC").digest(pdfPKCS7.getAuthenticatedAttributeBytes(byteArray, calendar, (byte[]) null));
            SignRequest signRequest = new SignRequest();
            signRequest.setHash(digest2);
            signRequest.setApplicationId(bytes);
            signRequest.setPin(encryptWithBase642);
            signRequest.setUserId(encryptWithBase64);
            signRequest.setDocName(new ObjectFactory().createSignRequestDocName("Nome do documento Teste"));
            SignStatus scmdSign = basicHttpBindingSCMDService.scmdSign(signRequest);
            String processId = scmdSign.getProcessId();
            if (!"200".equals(scmdSign.getCode())) {
                System.out.println(scmdSign.getMessage());
                return;
            }
            System.out.println("ProcessId:" + processId);
            System.out.println("Inserir scmdSign OTP :");
            SignResponse validateOtp2 = basicHttpBindingSCMDService.validateOtp(encryptWithBase64(publicKey, new Scanner(System.in).next().getBytes()), processId, bytes);
            if ("200".equals(validateOtp2.getStatus().getCode())) {
                pdfPKCS7.setExternalDigest(validateOtp2.getSignature(), (byte[]) null, "RSA");
                byte[] encodedPKCS7 = pdfPKCS7.getEncodedPKCS7(digest, calendar, (TSAClient) null, (byte[]) null);
                System.arraycopy(encodedPKCS7, 0, new byte[2000002], 0, encodedPKCS7.length);
                if (2000002 + 2 < encodedPKCS7.length) {
                    throw new Exception("Not enough space for signature");
                }
                PdfDictionary pdfDictionary = new PdfDictionary();
                pdfDictionary.put(PdfName.CONTENTS, new PdfString(encodedPKCS7).setHexWriting(true));
                appearance.close(pdfDictionary);
            }
        }
    }

    private static String encryptWithBase64(PublicKey publicKey, byte[] bArr) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, NoSuchPaddingException, BadPaddingException, IllegalBlockSizeException {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(1, publicKey);
        return Base64.encodeBase64String(cipher.doFinal(bArr));
    }

    private static byte[] getSignatureHash(Certificate[] certificateArr) throws IOException, NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException, DocumentException {
        byte[] byteArray = IOUtils.toByteArray(addEmptyEmptySignature(certificateArr));
        byte[] bArr = {48, 49, 48, 13, 6, 9, 96, -122, 72, 1, 101, 3, 4, 2, 1, 5, 0, 4, 32, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(byteArray);
        return DigestUtils.sha256(appearance.getSigStandard().getSigner().getAuthenticatedAttributeBytes(byteArrayOutputStream.toByteArray(), Calendar.getInstance(), (byte[]) null));
    }

    private static InputStream addEmptyEmptySignature(Certificate[] certificateArr) throws IOException, NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException, DocumentException {
        File file = new File("/home/lpinto/Desktop/test_for_sign.pdf");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        FileOutputStream fileOutputStream = new FileOutputStream("/home/lpinto/Desktop/test_for_sign_signed.pdf");
        PdfStamper pdfStamper = new PdfStamper(new PdfReader(new FileInputStream(file.getAbsolutePath())), byteArrayOutputStream, (char) 0, true);
        PdfFormField createSignature = PdfFormField.createSignature(pdfStamper.getWriter());
        createSignature.setWidget(new Rectangle(20.0f, 20.0f, 100.0f, 60.0f), (PdfName) null);
        createSignature.setFlags(4);
        createSignature.put(PdfName.DA, new PdfString("/Helv 0 Tf 0 g"));
        createSignature.setFieldName("Signature1");
        createSignature.setPage(1);
        pdfStamper.addAnnotation(createSignature, 1);
        pdfStamper.close();
        appearance = PdfStamper.createSignature(new PdfReader(byteArrayOutputStream.toByteArray()), fileOutputStream, (char) 0, (File) null, true).getSignatureAppearance();
        appearance.setLayer2Text("Digitally Signed by Name");
        appearance.setAcro6Layers(true);
        appearance.setSignDate(Calendar.getInstance());
        appearance.setVisibleSignature("Signature1");
        appearance.setCrypto((PrivateKey) null, certificateArr, (CRL[]) null, PdfSignatureAppearance.SELF_SIGNED);
        appearance.setExternalDigest(new byte[2000002], (byte[]) null, "RSA");
        HashMap hashMap = new HashMap();
        hashMap.put(PdfName.CONTENTS, Integer.valueOf((16384 * 2) + 2));
        PdfSignature pdfSignature = new PdfSignature(PdfName.ADOBE_PPKLITE, PdfName.ADBE_PKCS7_DETACHED);
        pdfSignature.setReason(appearance.getReason());
        pdfSignature.setLocation(appearance.getLocation());
        pdfSignature.setDate(new PdfDate(appearance.getSignDate()));
        appearance.setCryptoDictionary(pdfSignature);
        appearance.preClose(hashMap);
        return appearance.getRangeStream();
    }

    private static byte[] createPDFToSign2() throws IOException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, DocumentException {
        PdfReader pdfReader = new PdfReader("/home/lpinto/Desktop/test_for_sign.pdf");
        pdfReader.setAppendable(true);
        new ByteArrayOutputStream();
        PdfSignatureAppearance signatureAppearance = PdfStamper.createSignature(pdfReader, new FileOutputStream("/home/lpinto/Desktop/test_for_sign_signed.pdf"), (char) 0).getSignatureAppearance();
        signatureAppearance.setReason("Test");
        signatureAppearance.setLocation("footer");
        signatureAppearance.setVisibleSignature(new Rectangle(100.0f, 100.0f, 200.0f, 200.0f), 1, (String) null);
        PdfSignature pdfSignature = new PdfSignature(PdfName.ADOBE_PPKLITE, PdfName.ADBE_PKCS7_DETACHED);
        pdfSignature.setReason(signatureAppearance.getReason());
        pdfSignature.setLocation(signatureAppearance.getLocation());
        pdfSignature.setContact(signatureAppearance.getContact());
        pdfSignature.setDate(new PdfDate(signatureAppearance.getSignDate()));
        signatureAppearance.setCryptoDictionary(new PdfDictionary());
        HashMap hashMap = new HashMap();
        hashMap.put(PdfName.CONTENTS, new Integer(16386));
        signatureAppearance.preClose(hashMap);
        MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
        PdfPKCS7 pdfPKCS7 = null;
        signatureAppearance.getRangeStream();
        int numberOfPages = pdfReader.getNumberOfPages();
        for (int i = 1; i <= numberOfPages; i++) {
            byte[] pageContent = pdfReader.getPageContent(i);
            messageDigest.update(pageContent, 0, pageContent.length);
        }
        Base64.encodeBase64String(MessageDigest.getInstance("SHA256", "BC").digest(pdfPKCS7.getAuthenticatedAttributeBytes(messageDigest.digest(), Calendar.getInstance(), (byte[]) null)));
        return null;
    }

    private static void signPDF(Certificate[] certificateArr, SignResponse signResponse) throws Exception {
        InputStream rangeStream = appearance.getRangeStream();
        new X509Certificate[1][0] = (X509Certificate) certificateArr[0];
        PdfPKCS7 signer = appearance.getSigStandard().getSigner();
        MessageDigest messageDigest = MessageDigest.getInstance("SHA256", "BC");
        byte[] bArr = new byte[8192];
        while (true) {
            int read = rangeStream.read(bArr, 0, bArr.length);
            if (read <= 0) {
                break;
            } else {
                messageDigest.update(bArr, 0, read);
            }
        }
        byte[] digest = messageDigest.digest();
        Calendar calendar = Calendar.getInstance();
        Base64.encodeBase64String(MessageDigest.getInstance("SHA256", "BC").digest(signer.getAuthenticatedAttributeBytes(digest, calendar, (byte[]) null)));
        signer.setExternalDigest(signResponse.getSignature(), (byte[]) null, "RSA");
        byte[] bArr2 = new byte[1000000];
        byte[] encodedPKCS7 = signer.getEncodedPKCS7(digest, calendar, (TSAClient) null, (byte[]) null);
        System.arraycopy(encodedPKCS7, 0, bArr2, 0, encodedPKCS7.length);
        if (1000000 + 2 < encodedPKCS7.length) {
            throw new Exception("Not enough space for signature");
        }
        PdfDictionary pdfDictionary = new PdfDictionary();
        pdfDictionary.put(PdfName.CONTENTS, new PdfString(bArr2).setHexWriting(true));
        appearance.close(pdfDictionary);
    }

    private void mainInsertSignatureIntoPDF() {
    }
}
