package sokordia;

import com.gargoylesoftware.htmlunit.html.HtmlCode;
import com.gargoylesoftware.htmlunit.html.HtmlObject;
import com.gargoylesoftware.htmlunit.javascript.host.event.Event;
import com.itextpdf.text.Annotation;
import com.itextpdf.text.pdf.security.BouncyCastleDigest;
import com.itextpdf.text.pdf.security.PdfPKCS7;
import com.itextpdf.text.pdf.security.TSAClient;
import java.io.FileInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Base64;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.XMLObject;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.soap.SOAPConstants;
import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.xalan.templates.Constants;
import org.apache.xerces.impl.xs.SchemaSymbols;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.cms.SignerId;
import org.bouncycastle.tsp.TimeStampRequestGenerator;
import org.bouncycastle.tsp.TimeStampToken;
import org.jdom.Document;
import org.jdom.Element;
import org.jdom.input.DOMBuilder;
import org.jdom.input.SAXBuilder;
import org.jdom.output.XMLOutputter;
import sokordia.Konverze;
import sokordia.LegalVerifier;

/* loaded from: input_file:main/main.jar:sokordia/KzMU.class */
public class KzMU {
    private Document xml = null;
    private TimeStampToken tsaToken = null;
    private boolean demo;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:main/main.jar:sokordia/KzMU$KzMUTSAClient.class */
    public class KzMUTSAClient implements TSAClient {
        private KzMU kzmu;

        public KzMUTSAClient(KzMU kzMU) {
            this.kzmu = kzMU;
        }

        @Override // com.itextpdf.text.pdf.security.TSAClient
        public MessageDigest getMessageDigest() throws GeneralSecurityException {
            System.out.println("KzMUTSAClient.getMessageDigest() called");
            return new BouncyCastleDigest().getMessageDigest("SHA-256");
        }

        private ASN1ObjectIdentifier getHashObjectIdentifier(String str) {
            return str.equals("SHA-256") ? new ASN1ObjectIdentifier(NISTObjectIdentifiers.id_sha256.getId()) : new ASN1ObjectIdentifier(str);
        }

        @Override // com.itextpdf.text.pdf.security.TSAClient
        public byte[] getTimeStampToken(byte[] bArr) throws Exception {
            if (1 != 0) {
                return this.kzmu.tsa("27fedc9b87c422443bc8c29f6ef47a86e381e4171ba29f99fb0459ed303df7170").getEncoded();
            }
            MessageDigest messageDigest = getMessageDigest();
            messageDigest.reset();
            byte[] digest = messageDigest.digest(bArr);
            int nextInt = new SecureRandom().nextInt();
            TimeStampRequestGenerator timeStampRequestGenerator = new TimeStampRequestGenerator();
            timeStampRequestGenerator.setCertReq(true);
            timeStampRequestGenerator.generate(getHashObjectIdentifier(messageDigest.getAlgorithm()), digest, BigInteger.valueOf(nextInt));
            TimeStampToken tsa = this.kzmu.tsa(new String(Base64.getEncoder().encode(digest)));
            if (tsa == null) {
                throw new IOException("Response does not have a time stamp token");
            }
            return tsa.getEncoded();
        }

        public byte[] getTimeStampToken(PdfPKCS7 pdfPKCS7, byte[] bArr) throws Exception {
            return getTimeStampToken(bArr);
        }

        @Override // com.itextpdf.text.pdf.security.TSAClient
        public int getTokenSizeEstimate() {
            return 4096;
        }
    }

    public static void trySignIn(String str, String str2, PrivateKey privateKey, Certificate certificate, boolean z) throws Exception {
        new KzMU().login(str, str2, privateKey, certificate, z);
    }

    public static HashMap<String, String> magic(String str, String str2, KeyStore keyStore, PrivateKey privateKey, Certificate certificate, boolean z, boolean z2, KeyStore keyStore2, PrivateKey privateKey2, Certificate certificate2, Certificate[] certificateArr, LegalVerifier.Detail detail, String str3, String str4) throws Exception, Konverze.APIException {
        KzMU kzMU = new KzMU();
        kzMU.login(str, str2, privateKey, certificate, z);
        Dolozka dolozka = new Dolozka(str3, keyStore2, privateKey2, certificateArr, kzMU.getLocation(), true);
        HashMap<String, String> authInfo = Konverze.authInfo(certificate2, certificate, z, str3, kzMU.getOffice(), kzMU.getSequence(), dolozka.getEmail());
        dolozka.addClause(detail, kzMU.getGUID(), dolozka.getLegalizer(), kzMU.getOffice(), null, kzMU.getLocation(), kzMU.isDemo(), z2);
        dolozka.sign(kzMU.getTSAClient(), true);
        kzMU.commit(Integer.valueOf(dolozka.getPages()), dolozka.getLegalNotice(), dolozka.getLegalizerSerial(), dolozka.getLegalizerIssuer(), dolozka.getDate(), kzMU.getGUID(), z);
        System.out.println("Saving to " + str4);
        dolozka.save(str4);
        return authInfo;
    }

    public TSAClient getTSAClient() {
        return new KzMUTSAClient(this);
    }

    public String getGUID() {
        return this.xml.getRootElement().getChild("dolozka").getChildText("guid");
    }

    public String getSequence() {
        return this.xml.getRootElement().getAttribute("query_seq").getValue();
    }

    public String getLocation() {
        return isDemo() ? "V Brně" : this.xml.getRootElement().getChild("referent").getChildText("misto");
    }

    public String getReferent() {
        Element child = this.xml.getRootElement().getChild("referent");
        String childText = child.getChildText("titpredjm");
        String childText2 = child.getChildText("titzajm");
        if (isDemo()) {
            return "Alice Pomocná";
        }
        return (childText == null ? "" : childText + " ") + child.getChildText("jmeno") + " " + child.getChildText("prijmeni") + (childText2 == null ? "" : " " + childText2);
    }

    public boolean isDemo() {
        return this.demo;
    }

    public String getOfficeShort() {
        return this.xml.getRootElement().getChild("referent").getChildText("zkratka_uradu");
    }

    public String getOffice() {
        return this.xml.getRootElement().getChild("referent").getChildText("urad_nazev");
    }

    public boolean signEL() {
        String officeShort = getOfficeShort();
        return (officeShort.equals("MrslvHrlnd") || officeShort.equals("ApiKzmuTst")) ? false : true;
    }

    public boolean separateClause(boolean z) {
        String officeShort = getOfficeShort();
        if (officeShort.equals("MrslvHrlnd") || officeShort.equals("ApiKzmuTst")) {
            return true;
        }
        return z;
    }

    private void call_api() throws Exception, Konverze.APIException {
        String attributeValue = this.xml.getRootElement().getAttributeValue(Annotation.URL);
        if (attributeValue == null) {
            attributeValue = "https://" + (this.demo ? "cert.edu" : "www") + ".czechpoint.cz/czechpoint/downloadTemplate.do";
        }
        System.out.println(attributeValue);
        String attributeValue2 = this.xml.getRootElement().getAttributeValue("query_seq");
        if (attributeValue2 != null) {
            this.xml.getRootElement().setAttribute("query_seq", Integer.valueOf(Integer.valueOf(attributeValue2).intValue() + 1).toString());
        }
        TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: sokordia.KzMU.1
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                System.out.println("getAcceptedIssuers");
                return null;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                System.out.println("checkClientTrusted");
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
                System.out.println("checkServerTrusted");
                if (Util.byteequals(new byte[]{33, -99, 8, 1, -71, -51, -86, -49, -108, 35, -75, 24, 106, 66, -46, 92, 24, 104, -78, -70, -80, -42, -21, 98, -52, 78, 93, 1, 86, -43, 70, -10, -95, 92, 86, -107, 35, -80, -60, -87, 123, -20, -112, -100, 85, -126, 39, -6, 125, 74, -54, 107, -115, 37, 55, -87, 105, 114, -28, 92, 84, -83, 108, 55, -20, -5, 35, -88, -87, 81, 7, -74, -42, -19, -73, -103, -107, -3, -54, -54, 14, -63, 24, 116, 66, -123, 16, -74, 51, 106, 85, 91, 3, 46, -55, -88, 15, 101, 115, -69, 125, -41, -69, 14, 19, 17, 86, -127, -121, -11, 4, 53, -54, -81, -62, -117, 68, -82, -47, 121, 82, 76, 16, -46, -15, -37, -1, 20, 67, 72, 79, 82, -102, -58, -31, 125, 84, -41, -22, -94, 51, -124, -2, -114, 46, -66, -63, 74, 81, 94, -36, -11, -11, 18, 5, 30, -52, -49, 124, -35, 7, -62, -43, 5, 23, Byte.MAX_VALUE, 84, -57, 0, -3, -120, 27, 25, -38, -1, 89, -33, 121, -39, 69, -69, 117, 84, -72, -62, -112, -74, 25, -13, -95, -73, -91, 56, 60, -51, -124, -17, -38, -55, 109, 35, -121, 0, 0, 105, -4, 119, 25, -86, 79, -3, 69, -14, -18, 72, 125, 111, 10, 108, -101, 31, -7, 29, 22, 7, -104, 40, 46, 118, -22, -85, 70, -77, -62, 61, -90, 49, 72, -49, 25, -101, -9, -47, -65, -87, -33, -34, 10, 51, 92, -76, 59, -110, 70, -71, 31}, x509CertificateArr[0].getSignature()) || Util.byteequals(new byte[]{93, 116, -37, -1, 23, 115, 39, 45, 41, 35, -54, 54, 96, -16, 39, 11, -39, -68, -42, -36, Byte.MIN_VALUE, -40, 35, -105, -87, -116, -66, -80, 33, -31, 14, -126, -21, 21, 87, -61, -63, -64, -126, -43, -103, 119, -85, -74, -97, 82, 36, -12, 81, 116, 45, -36, 50, 73, 32, 53, 119, -67, 120, 59, -50, -76, -18, 96, -71, 67, 52, -45, -47, 124, 73, -70, 80, -4, -110, -72, -80, -127, 82, 115, 98, -63, -30, -76, -20, -106, 1, -97, 20, 62, 49, 81, -80, 88, -55, -54, -100, -39, -82, 79, 113, 48, 13, -115, -59, -72, -98, 122, 40, 10, -33, 21, 53, 78, -44, 5, 42, 114, 117, 57, 67, -31, -98, -62, -69, 103, 25, 70, -98, 64, 39, -117, -85, -44, -77, -98, 114, -26, -79, -101, -43, 18, -57, 106, -46, 89, 68, -42, 78, -102, -59, -1, -121, -98, -127, -48, -91, 41, 37, -125, 21, 18, 96, 76, -41, 111, 75, -9, 1, 105, 35, 76, -5, -19, 0, -35, -9, 10, -1, -121, -16, -38, -43, -73, 89, 102, -64, -30, -80, 122, -123, -63, 43, -66, 18, -52, 68, -76, -87, 86, 90, 6, -64, -60, 109, 112, -60, 51, -61, -45, 96, 87, 11, -21, -44, 115, 64, -101, 40, 97, -119, 109, -23, -93, -26, 112, 7, 29, -56, 84, -106, 31, Byte.MIN_VALUE, -29, -34, -71, -75, -6, 88, -3, 21, -69, 102, 9, 66, -31, -126, 124, 91, -13, 62, -41, 19, -3, 53, -44}, x509CertificateArr[0].getSignature())) {
                    return;
                }
                System.out.println("checkServerTrusted() authType=" + str);
                System.out.println("    certs[] " + x509CertificateArr.length);
                byte[] signature = x509CertificateArr[0].getSignature();
                System.out.print("cert = { ");
                for (byte b : signature) {
                    System.out.print(b + ", ");
                }
                System.out.println(" };");
            }
        }};
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(attributeValue).openConnection();
        httpsURLConnection.setDoInput(true);
        httpsURLConnection.setDoOutput(true);
        httpsURLConnection.setUseCaches(false);
        httpsURLConnection.setRequestProperty("Content-Type", URLEncodedUtils.CONTENT_TYPE);
        KeyManagerFactory keyManagerFactory = null;
        if (this.demo) {
            keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
            KeyStore keyStore = KeyStore.getInstance("pkcs12");
            keyStore.load(new FileInputStream("sarfy_vca.pfx"), "heslo123".toCharArray());
            keyManagerFactory.init(keyStore, "heslo123".toCharArray());
        }
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagerFactory != null ? keyManagerFactory.getKeyManagers() : null, trustManagerArr, null);
        httpsURLConnection.setSSLSocketFactory(sSLContext.getSocketFactory());
        try {
            new XMLOutputter().output(this.xml, System.out);
            new XMLOutputter().output(this.xml, httpsURLConnection.getOutputStream());
            this.xml = new SAXBuilder().build(httpsURLConnection.getInputStream());
            Element child = this.xml.getRootElement().getChild("errors");
            if (child != null) {
                new XMLOutputter().output(child, System.out);
            }
            if (child != null) {
                Element child2 = child.getChild(Event.TYPE_ERROR);
                throw new Exception(child2.getChildText("message") + " " + child2.getChildText(HtmlCode.TAG_NAME));
            }
        } catch (UnknownHostException e) {
            throw new Exception("Nepovedlo se připojit k " + e.getMessage() + ", zkontrolujte připojení k internetu.");
        }
    }

    Document sign_login_xml(String str, String str2, PrivateKey privateKey, Certificate certificate, boolean z) throws Exception {
        XMLSignatureFactory xMLSignatureFactory = XMLSignatureFactory.getInstance("DOM");
        Reference newReference = xMLSignatureFactory.newReference("#object", xMLSignatureFactory.newDigestMethod("http://www.w3.org/2001/04/xmlenc#sha256", (DigestMethodParameterSpec) null));
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        org.w3c.dom.Document newDocument = newInstance.newDocumentBuilder().newDocument();
        org.w3c.dom.Element createElement = newDocument.createElement("username");
        createElement.appendChild(newDocument.createTextNode(str));
        org.w3c.dom.Element createElement2 = newDocument.createElement("password");
        createElement2.appendChild(newDocument.createTextNode(str2));
        org.w3c.dom.Element createElement3 = newDocument.createElement("referent");
        createElement3.appendChild(createElement);
        createElement3.appendChild(createElement2);
        XMLObject newXMLObject = xMLSignatureFactory.newXMLObject(Collections.singletonList(new DOMStructure(createElement3)), HtmlObject.TAG_NAME, SOAPConstants.SOAP_1_1_CONTENT_TYPE, (String) null);
        SignedInfo newSignedInfo = xMLSignatureFactory.newSignedInfo(xMLSignatureFactory.newCanonicalizationMethod("http://www.w3.org/2001/10/xml-exc-c14n#", (C14NMethodParameterSpec) null), xMLSignatureFactory.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", (SignatureMethodParameterSpec) null), Collections.singletonList(newReference));
        KeyInfoFactory keyInfoFactory = xMLSignatureFactory.getKeyInfoFactory();
        XMLSignature newXMLSignature = xMLSignatureFactory.newXMLSignature(newSignedInfo, keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newX509Data(Collections.singletonList(certificate)))), Collections.singletonList(newXMLObject), (String) null, (String) null);
        DOMSignContext dOMSignContext = new DOMSignContext(privateKey, newDocument);
        dOMSignContext.setDefaultNamespacePrefix("dsig");
        newXMLSignature.sign(dOMSignContext);
        org.w3c.dom.Element documentElement = newDocument.getDocumentElement();
        newDocument.removeChild(documentElement);
        org.w3c.dom.Element createElement4 = newDocument.createElement(Constants.ELEMNAME_ROOT_STRING);
        createElement4.setAttribute("register", z ? "201" : "202");
        createElement4.appendChild(documentElement);
        newDocument.appendChild(createElement4);
        return new DOMBuilder().build(newDocument);
    }

    public void login(String str, String str2, PrivateKey privateKey, Certificate certificate, boolean z) throws Exception, Konverze.APIException {
        this.demo = str.equals("safrysokordia");
        this.xml = sign_login_xml(str, str2, privateKey, certificate, z);
        call_api();
    }

    public void login(String str, String str2, FileInputStream fileInputStream, String str3, boolean z) throws Exception, Konverze.APIException {
        KeyStore keyStore = KeyStore.getInstance("pkcs12");
        keyStore.load(fileInputStream, str3.toCharArray());
        String nextElement = keyStore.aliases().nextElement();
        PrivateKey privateKey = (PrivateKey) keyStore.getKey(nextElement, str3.toCharArray());
        Certificate certificate = keyStore.getCertificate(nextElement);
        if (certificate == null) {
            throw new Exception("VCA bez certifikatu");
        }
        login(str, str2, privateKey, certificate, z);
    }

    public Date getTSADate() {
        if (this.tsaToken == null) {
            return null;
        }
        return this.tsaToken.getTimeStampInfo().getGenTime();
    }

    public TimeStampToken tsa(String str) throws Exception {
        return null;
    }

    private static void add_element(Element element, String str, String str2) {
        Element element2 = new Element(str);
        if (str2 != null) {
            element2.setText(str2);
        }
        element.addContent(element2);
    }

    public void commit(Integer num, String str, String str2, String str3, String str4, String str5, boolean z) throws Exception {
        Element rootElement = this.xml.getRootElement();
        Element child = rootElement.getChild("dolozka");
        Element child2 = rootElement.getChild("referent");
        add_element(child, "zkratka", child2.getChildText("zkratka_uradu"));
        add_element(child, "nazev_subjektu", child2.getChildText("urad_nazev"));
        add_element(child, "typ_konverze", "z moci úřední");
        add_element(child, "konverze", z ? "LE" : "EL");
        add_element(child, "poradove_cislo", str5);
        add_element(child, "overovaci_dolozka", "Ověřovací doložka konverze do dokumentu obsaženého v datové zprávě");
        add_element(child, "pocet_listu", num.toString());
        add_element(child, "jmeno_osoby", child2.getChildText("jmeno"));
        add_element(child, "prijmeni_osoby", child2.getChildText("prijmeni"));
        add_element(child, "misto", child2.getChildText("misto"));
        add_element(child, "datum_vyhotoveni_overovaci_dolozky", str4);
        add_element(child, "overeni", str);
        if (z) {
            SignerId sid = this.tsaToken.getSID();
            add_element(child, "identita_casoveho_razitka_seriove_cislo", sid.getSerialNumber().toString());
            add_element(child, "identita_casoveho_razitka_vystavitel", sid.getIssuer().toString());
            add_element(child, "identita_casoveho_razitka_datum_cas", new SimpleDateFormat("dd.MM.yyyy HH:mm").format(this.tsaToken.getTimeStampInfo().getGenTime()));
        } else {
            add_element(child, "identita_casoveho_razitka_seriove_cislo", "1042771");
            add_element(child, "identita_casoveho_razitka_vystavitel", "CN=PostSignum Qualified CA 2,O=Česká pošta, s.p. [IČ 47114983],C=CZ");
            add_element(child, "identita_casoveho_razitka_datum_cas", new SimpleDateFormat("dd.MM.yyyy HH:mm").format(new Date()));
        }
        add_element(child, "identita_autora_podpisu_seriove_cislo", str2);
        add_element(child, "identita_autora_podpisu_vystavitel", str3);
        Element element = new Element("evidence_provedenych_konverzi");
        add_element(element, "zkratka", child2.getChildText("zkratka_uradu"));
        add_element(element, "nazev_subjektu", child2.getChildText("urad_nazev"));
        add_element(element, "typ_konverze", "z moci úřední");
        add_element(element, "konverze", z ? "LE" : "EL");
        add_element(element, "poradove_cislo", str5);
        add_element(element, "datum_provedeni_konverze", str4);
        add_element(element, "oznaceni_vstupu", "nezadáno");
        add_element(element, "datum_sepsani", str4);
        add_element(element, "spravni_poplatek", "30");
        add_element(element, "osvobozeno", "NE");
        add_element(element, "duvod", null);
        add_element(element, "cislo_dokladu", null);
        Element child3 = rootElement.getChild("tsa");
        if (child3 != null) {
            child3.detach();
        }
        rootElement.getChild("priloha_pdf").getChild("pocet_stran").setText(num.toString());
        rootElement.addContent(element);
        if (z) {
            call_api();
        } else {
            this.xml.getRootElement().setAttribute("query_seq", SchemaSymbols.ATTVAL_TRUE_1);
            call_api();
            rootElement.getChild("stav_rizeni").getChild("vydano").setText(SchemaSymbols.ATTVAL_TRUE_1);
            call_api();
        }
        if (!this.xml.getRootElement().getChild("stav_rizeni").getChildText("potvrzeno").equals(SchemaSymbols.ATTVAL_TRUE_1)) {
            throw new Exception("Evidence doložky nebyla potvrzena");
        }
    }

    private KzMU() {
    }

    public static void main(String[] strArr) {
        System.out.println("Hello");
    }
}
