package com.atolcd.parapheur.web.bean.wizard;

import com.atolcd.parapheur.model.ParapheurModel;
import com.atolcd.parapheur.repo.EtapeCircuit;
import com.atolcd.parapheur.repo.S2lowService;
import com.atolcd.parapheur.repo.job.AbstractJob;
import com.atolcd.parapheur.web.action.evaluator.SignEvaluator;
import com.atolcd.parapheur.web.bean.ClientCertificateBean;
import com.atolcd.parapheur.web.bean.wizard.AbstractBatchWorkflowWizard;
import fr.bl.iparapheur.srci.SrciService;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javax.faces.context.FacesContext;
import nu.xom.Builder;
import nu.xom.Document;
import nu.xom.Element;
import nu.xom.ParsingException;
import nu.xom.canonical.Canonicalizer;
import org.adullact.iparapheur.tdt.s2low.TransactionStatus;
import org.adullact.libersign.util.signature.DigestComputer;
import org.adullact.libersign.util.signature.PKCS7VerUtil;
import org.adullact.libersign.util.signature.PesDigest;
import org.adullact.libersign.util.signature.SignatureFormats;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.service.cmr.repository.ContentReader;
import org.alfresco.service.cmr.repository.ContentService;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.Path;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.namespace.QName;
import org.alfresco.web.app.Application;
import org.alfresco.web.app.servlet.FacesHelper;
import org.alfresco.web.bean.repository.Node;
import org.alfresco.web.bean.repository.Repository;
import org.alfresco.web.bean.repository.User;
import org.apache.log4j.Logger;
import org.bouncycastle.cert.X509CertificateHolder;
import org.springframework.extensions.surf.util.Base64;

/* loaded from: input_file:com/atolcd/parapheur/web/bean/wizard/SignatureBatchWorkflowWizard.class */
public class SignatureBatchWorkflowWizard extends AbstractBatchWorkflowWizard {
    private Logger logger = Logger.getLogger(SignatureBatchWorkflowWizard.class);
    private PersonService personService;
    private ContentService contentService;
    private List<Map<String, String>> appletParams;

    @Override // com.atolcd.parapheur.web.bean.wizard.AbstractBatchWorkflowWizard
    public void init(Map<String, String> map) {
        super.init(map);
        this.appletParams = null;
    }

    @Override // com.atolcd.parapheur.web.bean.wizard.AbstractBatchWorkflowWizard
    protected String getSearchPath() {
        NodeRef parapheurCourant = this.parapheurBean.getParapheurCourant();
        Path.Element last = this.nodeService.getPath(parapheurCourant).last();
        last.getElementString();
        QName prefixedQName = ParapheurModel.NAME_A_TRAITER.getPrefixedQName(this.namespaceService);
        this.corbeilleName = ParapheurModel.NAME_A_TRAITER.toString();
        return String.format("/app:company_home/ph:parapheurs/%s/%s/*", last.getPrefixedString(this.namespaceService), prefixedQName.getPrefixString());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.atolcd.parapheur.web.bean.wizard.AbstractBatchWorkflowWizard
    public boolean shallSelectDossier(NodeRef nodeRef) {
        return !EtapeCircuit.ETAPE_TDT.equalsIgnoreCase(this.parapheurService.getCurrentEtapeCircuit(nodeRef).getActionDemandee().trim()) && new SignEvaluator().evaluate(new Node(nodeRef));
    }

    protected X509Certificate[] finishUnitImpl(AbstractBatchWorkflowWizard.SelectableDossier selectableDossier, X509Certificate[] x509CertificateArr, X509Certificate[] x509CertificateArr2, String str, int i, String str2) {
        NodeRef nodeRef = selectableDossier.getDossier().getNodeRef();
        EtapeCircuit currentEtapeCircuit = this.parapheurService.getCurrentEtapeCircuit(nodeRef);
        if (selectableDossier.isRead()) {
            this.parapheurService.markAsRead(nodeRef);
        }
        if (selectableDossier.isSelected()) {
            if (EtapeCircuit.ETAPE_SIGNATURE.equals(currentEtapeCircuit.getActionDemandee())) {
                byte[] bytes = (str2 == null || str2.trim().isEmpty()) ? null : str2.contains(",") ? str2.getBytes() : Base64.decode(str2);
                X509CertificateHolder[] x509CertificateHolderArr = null;
                if (bytes == null) {
                    throw new RuntimeException("Impossible d'effectuer la ou les operation(s) de signature. Assurez-vous d'être en mode sécurisé pour signer.");
                }
                System.currentTimeMillis();
                this.parapheurService.setSignature(nodeRef, bytes);
                String trim = ((String) getNodeService().getProperty(nodeRef, ParapheurModel.PROP_SIGNATURE_FORMAT)).toLowerCase().trim();
                if (x509CertificateArr != null && trim.startsWith("pkcs#7")) {
                    x509CertificateHolderArr = new X509CertificateHolder[]{PKCS7VerUtil.getSignatureCertificateHolder(null, PKCS7VerUtil.pem2der(bytes, "-----BEGIN".getBytes(), "-----END".getBytes()))};
                }
                this.parapheurService.setAnnotationPublique(nodeRef, this.annotation);
                this.parapheurService.setAnnotationPrivee(nodeRef, this.annotationPrivee);
                this.parapheurService.setSignataire(nodeRef, str, x509CertificateHolderArr);
                this.parapheurService.approveV4(nodeRef, this.parapheurService.getCurrentParapheur());
            } else {
                this.parapheurService.setAnnotationPublique(nodeRef, this.annotation);
                this.parapheurService.setAnnotationPrivee(nodeRef, this.annotationPrivee);
                this.parapheurService.setSignataire(nodeRef, str, (X509Certificate[]) null);
                this.parapheurService.approveV4(nodeRef, this.parapheurService.getCurrentParapheur());
            }
        }
        return x509CertificateArr2;
    }

    public String getStepDescription() {
        return "Veuillez selectionner les dossiers à " + getActionName().toLowerCase() + ".";
    }

    protected String finishImpl(FacesContext facesContext, String str) throws Throwable {
        long currentTimeMillis = System.currentTimeMillis();
        String str2 = null;
        String userName = Application.getCurrentUser(facesContext).getUserName();
        NodeRef parapheurCourant = this.parapheurBean.getParapheurCourant();
        if (this.parapheurService.isParapheurSecretaire(parapheurCourant, userName)) {
            str2 = String.format("%s pour le compte de \"%s\"", User.getFullName(getNodeService(), this.personService.getPerson(userName)), this.parapheurService.getNomParapheur(parapheurCourant));
        } else if (this.parapheurService.isParapheurOwner(parapheurCourant, userName)) {
            str2 = Application.getCurrentUser(facesContext).getFullName(getNodeService());
        }
        ClientCertificateBean clientCertificateBean = (ClientCertificateBean) FacesHelper.getManagedBean(facesContext, "ClientCertificateBean");
        final X509Certificate[] x509Certificate = clientCertificateBean != null ? clientCertificateBean.getX509Certificate() : null;
        int i = 1;
        for (final AbstractBatchWorkflowWizard.SelectableDossier selectableDossier : getDossiers()) {
            if (selectableDossier.isSelected()) {
                final String str3 = str2;
                final int i2 = i;
                RetryingTransactionHelper retryingTransactionHelper = Repository.getRetryingTransactionHelper(facesContext);
                retryingTransactionHelper.setMaxRetryWaitMs(0);
                retryingTransactionHelper.setMinRetryWaitMs(0);
                retryingTransactionHelper.setRetryWaitIncrementMs(1);
                retryingTransactionHelper.setMaxRetries(5);
                final String str4 = (String) FacesContext.getCurrentInstance().getExternalContext().getRequestParameterMap().get("wizard:wizard-body:signature_" + i2);
                if (EtapeCircuit.ETAPE_SIGNATURE.equals(this.parapheurService.getCurrentEtapeCircuit(selectableDossier.getDossier().getNodeRef()).getActionDemandee())) {
                    i++;
                }
                this.jobService.lockNode(selectableDossier.getDossier().getNodeRef());
                this.jobService.postJob(new AbstractJob() { // from class: com.atolcd.parapheur.web.bean.wizard.SignatureBatchWorkflowWizard.1
                    @Override // com.atolcd.parapheur.repo.job.AbstractJob
                    /* renamed from: doWork */
                    public Void mo53doWork() {
                        RetryingTransactionHelper retryingTransactionHelper2 = this.transactionService.getRetryingTransactionHelper();
                        retryingTransactionHelper2.setMaxRetries(5);
                        retryingTransactionHelper2.setMinRetryWaitMs(1000);
                        retryingTransactionHelper2.setMaxRetryWaitMs(10000);
                        retryingTransactionHelper2.setRetryWaitIncrementMs(1000);
                        try {
                            retryingTransactionHelper2.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Void>() { // from class: com.atolcd.parapheur.web.bean.wizard.SignatureBatchWorkflowWizard.1.1
                                /* renamed from: execute, reason: merged with bridge method [inline-methods] */
                                public Void m115execute() throws Throwable {
                                    selectableDossier.getDossier().getNodeRef();
                                    SignatureBatchWorkflowWizard.this.finishUnitImpl(selectableDossier, x509Certificate, x509Certificate, str3, i2, str4);
                                    return null;
                                }
                            }, false, true);
                            return null;
                        } catch (Exception e) {
                            putExceptionForDossier(e, selectableDossier.getDossier().getNodeRef());
                            this.logger.error("la signature à échouée");
                            this.jobService.unlockNodeInTransaction(selectableDossier.getDossier().getNodeRef());
                            return null;
                        }
                    }
                });
            }
        }
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Sign Time: " + (System.currentTimeMillis() - currentTimeMillis));
        }
        if (this.jobService.isBackgroundWorkEnabled()) {
            this.corbeillesService.updateCorbeilleChildCount(this.parapheurService.getCorbeille(this.parapheurBean.getParapheurCourant(), ParapheurModel.NAME_A_TRAITER));
        }
        forceShelfUpdate();
        this.browseBean.updateUILocation(this.parapheurBean.getParapheurCourant());
        return "success";
    }

    @Override // com.atolcd.parapheur.web.bean.wizard.AbstractBatchWorkflowWizard
    public List<Map<String, String>> getAppletParams() {
        String str;
        Properties xadesSignatureProperties;
        if (this.appletParams == null) {
            this.appletParams = new ArrayList();
            int i = 1;
            for (AbstractBatchWorkflowWizard.SelectableDossier selectableDossier : getDossiers()) {
                NodeRef nodeRef = selectableDossier.getDossier().getNodeRef();
                EtapeCircuit currentEtapeCircuit = this.parapheurService.getCurrentEtapeCircuit(nodeRef);
                if (selectableDossier.isSelected() && EtapeCircuit.ETAPE_SIGNATURE.equals(currentEtapeCircuit.getActionDemandee())) {
                    HashMap hashMap = new HashMap();
                    hashMap.put("id", "" + i);
                    String str2 = (String) getNodeService().getProperty(nodeRef, ParapheurModel.PROP_SIGNATURE_FORMAT);
                    if (ParapheurModel.PROP_SIGNATURE_FORMAT_VAL_CMS_PKCS7.equals(str2)) {
                        str = SignatureFormats.CMS_PKCS7;
                    } else if (ParapheurModel.PROP_SIGNATURE_FORMAT_VAL_CMS_PKCS7_Ain1.equals(str2)) {
                        str = SignatureFormats.CMS_PKCS7_Ain1;
                    } else if (ParapheurModel.PROP_SIGNATURE_FORMAT_VAL_XADES_EPES_ENV_PESv2.equals(str2)) {
                        str = SignatureFormats.XADES_EPES_ENV_PESv2;
                    } else if (ParapheurModel.PROP_SIGNATURE_FORMAT_VAL_XADES_EPES_ENV_DIA.equals(str2)) {
                        str = SignatureFormats.XADES_EPES_ENV_DIA;
                    } else if (ParapheurModel.PROP_SIGNATURE_FORMAT_VAL_XADES_EPES_DET_1_1_1.equals(str2)) {
                        str = SignatureFormats.XADES_EPES_DET_1_1_1;
                    } else if (ParapheurModel.PROP_SIGNATURE_FORMAT_VAL_XADES_EPES_DET_1_3_2.equals(str2)) {
                        str = SignatureFormats.XADES_EPES_DET_1_3_2;
                    } else {
                        if (!ParapheurModel.PROP_SIGNATURE_FORMAT_VAL_XADES_T_EPES_ENV_1_3_2.equals(str2)) {
                            throw new UnsupportedOperationException("Unknown signature format: " + str2);
                        }
                        str = SignatureFormats.XADES_T_EPES_ENV_1_3_2;
                    }
                    hashMap.put("format", str);
                    if (!str.startsWith(SignatureFormats.CMS_PKCS7) && (xadesSignatureProperties = this.parapheurService.getXadesSignatureProperties(nodeRef)) != null) {
                        for (Map.Entry entry : xadesSignatureProperties.entrySet()) {
                            hashMap.put(entry.getKey().toString(), entry.getValue().toString());
                        }
                    }
                    String str3 = (String) this.nodeService.getProperty(nodeRef, ParapheurModel.PROP_TDT_NOM);
                    if (S2lowService.PROP_TDT_NOM_S2LOW.equals(str3) || SrciService.K.tdtName.equals(str3)) {
                        hashMap.put("pClaimedRole", this.parapheurService.getNomParapheur(this.parapheurService.getParentParapheur(nodeRef)));
                    }
                    if ("pesv2".equalsIgnoreCase(str) || str.toLowerCase().startsWith("xades")) {
                        ContentReader reader = this.contentService.getReader(this.parapheurService.getDocuments(nodeRef).get(0), ContentModel.PROP_CONTENT);
                        InputStream contentInputStream = reader.getContentInputStream();
                        if (contentInputStream == null) {
                            return null;
                        }
                        if (str.equalsIgnoreCase(SignatureFormats.XADES_EPES_ENV_DIA)) {
                            try {
                                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                                Builder builder = new Builder();
                                Canonicalizer canonicalizer = new Canonicalizer(byteArrayOutputStream, "http://www.w3.org/2001/10/xml-exc-c14n#");
                                Document build = builder.build(contentInputStream);
                                Element rootElement = build.getRootElement();
                                if (null == rootElement) {
                                    hashMap.put("pesid", "");
                                } else {
                                    hashMap.put("pesid", rootElement.getAttributeValue("Id"));
                                }
                                canonicalizer.write(build);
                                byte[] byteArray = byteArrayOutputStream.toByteArray();
                                String str4 = (String) getNodeService().getProperty(this.parapheurService.getParentParapheur(nodeRef), ContentModel.PROP_DESCRIPTION);
                                if (str4 != null) {
                                    String trim = str4.trim();
                                    if (trim.length() > 5) {
                                        hashMap.put("pPostalCode", trim.substring(0, 5));
                                        hashMap.put("pCity", trim.substring(5).trim());
                                    }
                                }
                                hashMap.put("hash", "");
                                if (byteArray != null) {
                                    StringBuilder sb = new StringBuilder();
                                    for (byte b : byteArray) {
                                        sb.append(Integer.toHexString((b & 240) >> 4));
                                        sb.append(Integer.toHexString(b & 15));
                                    }
                                    hashMap.put("hash", sb.toString());
                                }
                            } catch (IOException e) {
                                this.logger.error(e);
                                return null;
                            } catch (ParsingException e2) {
                                this.logger.error(e2);
                                return null;
                            }
                        } else if (str.equalsIgnoreCase(SignatureFormats.XADES_EPES_DET_1_3_2)) {
                            try {
                                MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
                                ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                                reader.getContent(byteArrayOutputStream2);
                                messageDigest.update(byteArrayOutputStream2.toByteArray());
                                byte[] digest = messageDigest.digest();
                                hashMap.put("hash", "");
                                if (digest != null) {
                                    StringBuilder sb2 = new StringBuilder();
                                    for (byte b2 : digest) {
                                        sb2.append(Integer.toHexString((b2 & 240) >> 4));
                                        sb2.append(Integer.toHexString(b2 & 15));
                                    }
                                    hashMap.put("hash", sb2.toString());
                                }
                            } catch (NoSuchAlgorithmException e3) {
                                throw new RuntimeException("SHA256 unsupported", e3);
                            }
                        } else {
                            String xPathSignature = this.parapheurService.getXPathSignature(nodeRef);
                            System.out.println("xPathSignature = " + xPathSignature);
                            List<PesDigest> computeDigests = DigestComputer.computeDigests(contentInputStream, xPathSignature);
                            if (computeDigests == null) {
                                this.logger.error("Unable to compute Hash.");
                                throw new RuntimeException("Unable to compute Hash");
                            }
                            int size = computeDigests.size();
                            boolean z = true;
                            StringBuilder sb3 = new StringBuilder();
                            for (int i2 = 0; i2 < size; i2++) {
                                if (z) {
                                    z = false;
                                } else {
                                    sb3.append(",");
                                }
                                sb3.append(computeDigests.get(i2).getId());
                            }
                            StringBuilder sb4 = new StringBuilder();
                            boolean z2 = true;
                            for (int i3 = 0; i3 < size; i3++) {
                                if (z2) {
                                    z2 = false;
                                } else {
                                    sb4.append(",");
                                }
                                byte[] digest2 = computeDigests.get(i3).getDigest();
                                StringBuilder sb5 = new StringBuilder();
                                if (digest2 == null) {
                                    sb4.append(" ");
                                } else {
                                    for (byte b3 : digest2) {
                                        sb5.append(Integer.toHexString((b3 & 240) >> 4));
                                        sb5.append(Integer.toHexString(b3 & 15));
                                    }
                                    sb4.append(sb5.toString());
                                }
                            }
                            hashMap.put("pesid", sb3.toString());
                            hashMap.put("hash", sb4.toString());
                            hashMap.put("pEncoding", reader.getEncoding());
                        }
                    } else {
                        ContentReader reader2 = this.contentService.getReader(this.parapheurService.getDocuments(nodeRef).get(0), ContentModel.PROP_CONTENT);
                        ByteArrayOutputStream byteArrayOutputStream3 = new ByteArrayOutputStream();
                        reader2.getContent(byteArrayOutputStream3);
                        try {
                            MessageDigest messageDigest2 = MessageDigest.getInstance("SHA1");
                            messageDigest2.update(byteArrayOutputStream3.toByteArray());
                            byte[] digest3 = messageDigest2.digest();
                            if (SignatureFormats.CMS_PKCS7_Ain1.equalsIgnoreCase(str)) {
                                byte[] signature = this.parapheurService.getSignature(nodeRef);
                                if (signature != null) {
                                    hashMap.put("p7sSignatureString", new String(Base64.encodeBytes(signature)));
                                    if (this.logger.isDebugEnabled()) {
                                        this.logger.debug("CMS-Allin1 pre-Signature not null, is:\n" + ((String) hashMap.get("p7sSignatureString")));
                                    }
                                } else {
                                    hashMap.put("p7sSignatureString", "null");
                                }
                            }
                            hashMap.put("hash", "");
                            if (digest3 != null) {
                                StringBuilder sb6 = new StringBuilder();
                                for (byte b4 : digest3) {
                                    sb6.append(Integer.toHexString((b4 & 240) >> 4));
                                    sb6.append(Integer.toHexString(b4 & 15));
                                }
                                hashMap.put("hash", sb6.toString());
                            }
                        } catch (NoSuchAlgorithmException e4) {
                            throw new RuntimeException("SHA1 unsupported", e4);
                        }
                    }
                    this.appletParams.add(hashMap);
                    i++;
                }
            }
        }
        return this.appletParams;
    }

    public String getStepTitle() {
        switch (this.currentStep) {
            case TransactionStatus.STATUS_ANNULE /* 0 */:
                return "Dossiers à " + getActionName().toLowerCase();
            default:
                return super.getStepTitle();
        }
    }

    public String getFinishButtonLabel() {
        return getActionName();
    }

    protected String getActionName() {
        return "Viser/Signer";
    }

    @Override // com.atolcd.parapheur.web.bean.wizard.AbstractBatchWorkflowWizard
    public String getAppletUrl() {
        return this.parapheurService.getSignAppletURL();
    }

    @Override // com.atolcd.parapheur.web.bean.wizard.AbstractBatchWorkflowWizard
    public int getAppletParamsCount() {
        return this.appletParams.size();
    }

    public void setPersonService(PersonService personService) {
        this.personService = personService;
    }

    public void setContentService(ContentService contentService) {
        this.contentService = contentService;
    }
}
