/*
 * Copyright (C) 2023 ctecinf.com.br
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
package br.com.ctecinf.nfe;

import br.com.ctecinf.Empresa;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.io.PrintWriter;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Security;

/**
 *
 * @author Cássio Conceição
 * @since 18/05/2023
 * @version 2305
 * @see http://ctecinf.com.br/
 */
public class PKCS11 {

    private static final String NAME = "SunPKCS11";

    public static PKCS11 load() throws IOException, IllegalAccessException, KeyStoreException {

        PKCS11 pkcs11 = new PKCS11();
        File file = new File("config", "pkcs11.properties");

        if (file.getParentFile() != null && !file.getParentFile().exists()) {
            file.getParentFile().mkdirs();
        }

        if (!file.exists()) {
            try (PrintWriter p = new PrintWriter(new FileWriter(file, false))) {
                p.write("name=SmartCard\nlibrary=" + pkcs11.getProviderLibrary().getAbsolutePath() + "\nshowInfo=false");
            }
        }

        Security.addProvider(Security.getProvider(PKCS11.NAME).configure(file.getAbsolutePath()));

        KeyStore keyStore = KeyStore.getInstance("PKCS11");

        // Registra conexão com SEFAZ
        System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
        System.setProperty("javax.net.ssl.keyStoreType", keyStore.getType());
        System.setProperty("javax.net.ssl.keyStore", "NONE");
        System.setProperty("javax.net.ssl.keyStorePassword", Empresa.getSenhaCertificado());
        System.setProperty("javax.net.ssl.keyStoreProvider", keyStore.getProvider().getName());

        System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");
        System.setProperty("javax.net.ssl.trustStoreType", "JKS");
        System.setProperty("javax.net.ssl.trustStore", Constants.CA_CERTS);
        System.setProperty("javax.net.ssl.trustStorePassword", Constants.CA_CERTS_PASS);

        return pkcs11;
    }

    /**
     *
     * @return File
     * @throws java.io.IOException
     * @throws java.lang.IllegalAccessException
     */
    protected File getProviderLibrary() throws IOException, IllegalAccessException {
        if (System.getProperty("os.name").equalsIgnoreCase("linux")) {
            return new File("lib", "libOcsCryptoki.so");
        } else {
            return new File("lib", "aetpkss1.dll");
        }
    }
}