#7323

Committed 07 Nov 2025 12:20PM UTC coverage: 52.488% (-0.1%) from 52.617%

Build # #7323

Build Type

push

Committed by

Commit Message

Merge 372a05676 into f1539e1c0

Run Details

272 of 387 new or added lines in 14 files covered. (70.28%)

1 existing line in 1 file now uncovered.

14639 of 27890 relevant lines covered (52.49%)

0.52 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/main/java/com/fincatto/documentofiscal/utils/DFCadeiaCertificados.java

package com.fincatto.documentofiscal.utils;

import java.io.ByteArrayOutputStream;
import java.net.URI;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

import org.apache.commons.lang3.StringUtils;

import com.fincatto.documentofiscal.DFAmbiente;
import com.fincatto.documentofiscal.DFLog;
import com.fincatto.documentofiscal.cte300.classes.CTAutorizador31;
import com.fincatto.documentofiscal.cte400.classes.CTAutorizador400;
import com.fincatto.documentofiscal.mdfe3.classes.MDFAutorizador3;
import com.fincatto.documentofiscal.nfe400.classes.NFAutorizador400;

public abstract class DFCadeiaCertificados implements DFLog {

        private static final int PORT = 443;
        private static final String PROTOCOL = "TLSv1.2";

        public static byte[] geraCadeiaCertificados(final DFAmbiente ambiente, final String senha) throws Exception {
                final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(null, senha.toCharArray());
                try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {

                        /*
                         * //nao eh mais usado for (final NFAutorizador31 aut :
                         * NFAutorizador31.values()) { // Para NFe... final String urlNF =
                         * aut.getNfeStatusServico(ambiente); if (StringUtils.isNotBlank(urlNF)) { final
                         * String host = new URI(urlNF).getHost(); DFCadeiaCertificados.get(keyStore,
                         * host); }
                         * 
                         * // Para NFCe... final String urlNFC = aut.getNfceStatusServico(ambiente); if
                         * (StringUtils.isNotBlank(urlNFC)) { final String host = new
                         * URI(urlNFC).getHost(); DFCadeiaCertificados.get(keyStore, host); } }
                         */

                        for (final NFAutorizador400 aut : NFAutorizador400.values()) {
                                // Para NFe...
                                final String urlNF = aut.getNfeStatusServico(ambiente);
                                if (StringUtils.isNotBlank(urlNF)) {
                                        final String host = new URI(urlNF).getHost();
                                        DFCadeiaCertificados.get(keyStore, host);
                                }

                                // Para NFCe...
                                final String urlNFC = aut.getNfceStatusServico(ambiente);
                                if (StringUtils.isNotBlank(urlNFC)) {
                                        final String host = new URI(urlNFC).getHost();
                                        DFCadeiaCertificados.get(keyStore, host);
                                }
                        }

                        // URLs especificas do AN (www.fazenda.gov.br e www1.fazenda.gov.br)
                        final String urlNF1 = NFAutorizador400.AN.getRecepcaoEventoAN(ambiente);
                        if (StringUtils.isNotBlank(urlNF1)) {
                                final String host = new URI(urlNF1).getHost();
                                DFCadeiaCertificados.get(keyStore, host);
                        }
                        final String urlNF2 = NFAutorizador400.AN.getNFeDistribuicaoDFe(ambiente);
                        if (StringUtils.isNotBlank(urlNF2)) {
                                final String host = new URI(urlNF2).getHost();
                                DFCadeiaCertificados.get(keyStore, host);
                        }

                        // MDFE
                        for (final MDFAutorizador3 aut : MDFAutorizador3.values()) {
                                final String urlMDFe = aut.getMDFeStatusServico(ambiente);
                                if (StringUtils.isNotBlank(urlMDFe)) {
                                        final String host = new URI(urlMDFe).getHost();
                                        DFCadeiaCertificados.get(keyStore, host);
                                }
                        }

                        // CTe
                        for (final CTAutorizador31 aut : CTAutorizador31.values()) {
                                final String urlCTe = aut.getCteStatusServico(ambiente);
                                if (StringUtils.isNotBlank(urlCTe)) {
                                        final String host = new URI(urlCTe).getHost();
                                        DFCadeiaCertificados.get(keyStore, host);
                                }
                        }

                        // CTe 4.00
                        for (final CTAutorizador400 aut : CTAutorizador400.values()) {
                                final String urlCTe = aut.getCteStatusServico(ambiente);
                                if (StringUtils.isNotBlank(urlCTe)) {
                                        final String host = new URI(urlCTe).getHost();
                                        DFCadeiaCertificados.get(keyStore, host);
                                }
                        }

                        keyStore.store(out, senha.toCharArray());
                        return out.toByteArray();
                }
        }

        private static void get(final KeyStore keyStore, final String host) throws Exception {
                final TrustManagerFactory trustManagerFactory = TrustManagerFactory
                                .getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);

                final X509TrustManager defaultTrustManager = (X509TrustManager) trustManagerFactory.getTrustManagers()[0];
                final SavingTrustManager savingTrustManager = new SavingTrustManager(defaultTrustManager);

                final SSLContext sslContext = SSLContext.getInstance(DFCadeiaCertificados.PROTOCOL);
                sslContext.init(null, new TrustManager[] { savingTrustManager }, null);

                DFLog.getLogger(DFCadeiaCertificados.class).debug("Abrindo conexao para o servidor: {}:{}", host,
                                DFCadeiaCertificados.PORT);
                try (SSLSocket sslSocket = (SSLSocket) sslContext.getSocketFactory().createSocket(host,
                                DFCadeiaCertificados.PORT)) {
                        sslSocket.setSoTimeout(10000);
                        sslSocket.startHandshake();
                } catch (final Exception e) {
                        DFLog.getLogger(DFCadeiaCertificados.class).error(String.format("[%s] %s", host, e.toString()));
                }

                // se conseguir obter a cadeia de certificados, adiciona no keystore
                if (savingTrustManager.chain != null) {
                        DFLog.getLogger(DFCadeiaCertificados.class).debug("Certificados enviados pelo servidor: {}",
                                        savingTrustManager.chain.length);
                        final MessageDigest sha1 = MessageDigest.getInstance("SHA1");
                        final MessageDigest md5 = MessageDigest.getInstance("MD5");
                        for (int i = 0; i < savingTrustManager.chain.length; i++) {
                                final X509Certificate certificate = savingTrustManager.chain[i];
                                sha1.update(certificate.getEncoded());
                                md5.update(certificate.getEncoded());

                                final String alias = String.format("%s.%s", host, i + 1);
                                keyStore.setCertificateEntry(alias, certificate);
                                DFLog.getLogger(DFCadeiaCertificados.class).debug("Adicionado certificado no keystore com o alias: {}",
                                                alias);
                        }
                }
        }

        private static class SavingTrustManager implements X509TrustManager {
                private final X509TrustManager trustManager;
                private X509Certificate[] chain;

                SavingTrustManager(final X509TrustManager trustManager) {
                        this.trustManager = trustManager;
                }

                @Override
                public X509Certificate[] getAcceptedIssuers() {
                        return this.trustManager.getAcceptedIssuers();
                }

                @Override
                public void checkClientTrusted(final X509Certificate[] chain, final String authType)
                                throws CertificateException {
                        this.trustManager.checkClientTrusted(chain, authType);
                }

                @Override
                public void checkServerTrusted(final X509Certificate[] chain, final String authType)
                                throws CertificateException {
                        this.chain = chain;
                        this.trustManager.checkServerTrusted(chain, authType);
                }
        }
}

1	package com.fincatto.documentofiscal.utils;
2
3	import java.io.ByteArrayOutputStream;
4	import java.net.URI;
5	import java.security.KeyStore;
6	import java.security.MessageDigest;
7	import java.security.cert.CertificateException;
8	import java.security.cert.X509Certificate;
9
10	import javax.net.ssl.SSLContext;
11	import javax.net.ssl.SSLSocket;
12	import javax.net.ssl.TrustManager;
13	import javax.net.ssl.TrustManagerFactory;
14	import javax.net.ssl.X509TrustManager;
15
16	import org.apache.commons.lang3.StringUtils;
17
18	import com.fincatto.documentofiscal.DFAmbiente;
19	import com.fincatto.documentofiscal.DFLog;
20	import com.fincatto.documentofiscal.cte300.classes.CTAutorizador31;
21	import com.fincatto.documentofiscal.cte400.classes.CTAutorizador400;
22	import com.fincatto.documentofiscal.mdfe3.classes.MDFAutorizador3;
23	import com.fincatto.documentofiscal.nfe400.classes.NFAutorizador400;
24
UNCOV 25	public abstract class DFCadeiaCertificados implements DFLog {	×
26
27	private static final int PORT = 443;
28	private static final String PROTOCOL = "TLSv1.2";
29
30	public static byte[] geraCadeiaCertificados(final DFAmbiente ambiente, final String senha) throws Exception {
NEW 31	final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());	×
NEW 32	keyStore.load(null, senha.toCharArray());	×
NEW 33	try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {	×
34
35	/*
36	* //nao eh mais usado for (final NFAutorizador31 aut :
37	* NFAutorizador31.values()) { // Para NFe... final String urlNF =
38	* aut.getNfeStatusServico(ambiente); if (StringUtils.isNotBlank(urlNF)) { final
39	* String host = new URI(urlNF).getHost(); DFCadeiaCertificados.get(keyStore,
40	* host); }
41	*
42	* // Para NFCe... final String urlNFC = aut.getNfceStatusServico(ambiente); if
43	* (StringUtils.isNotBlank(urlNFC)) { final String host = new
44	* URI(urlNFC).getHost(); DFCadeiaCertificados.get(keyStore, host); } }
45	*/
46
NEW 47	for (final NFAutorizador400 aut : NFAutorizador400.values()) {	×
48	// Para NFe...
NEW 49	final String urlNF = aut.getNfeStatusServico(ambiente);	×
NEW 50	if (StringUtils.isNotBlank(urlNF)) {	×
NEW 51	final String host = new URI(urlNF).getHost();	×
NEW 52	DFCadeiaCertificados.get(keyStore, host);	×
53	}
54
55	// Para NFCe...
NEW 56	final String urlNFC = aut.getNfceStatusServico(ambiente);	×
NEW 57	if (StringUtils.isNotBlank(urlNFC)) {	×
NEW 58	final String host = new URI(urlNFC).getHost();	×
NEW 59	DFCadeiaCertificados.get(keyStore, host);	×
60	}
61	}
62
63	// URLs especificas do AN (www.fazenda.gov.br e www1.fazenda.gov.br)
NEW 64	final String urlNF1 = NFAutorizador400.AN.getRecepcaoEventoAN(ambiente);	×
NEW 65	if (StringUtils.isNotBlank(urlNF1)) {	×
NEW 66	final String host = new URI(urlNF1).getHost();	×
NEW 67	DFCadeiaCertificados.get(keyStore, host);	×
68	}
NEW 69	final String urlNF2 = NFAutorizador400.AN.getNFeDistribuicaoDFe(ambiente);	×
NEW 70	if (StringUtils.isNotBlank(urlNF2)) {	×
NEW 71	final String host = new URI(urlNF2).getHost();	×
NEW 72	DFCadeiaCertificados.get(keyStore, host);	×
73	}
74
75	// MDFE
NEW 76	for (final MDFAutorizador3 aut : MDFAutorizador3.values()) {	×
NEW 77	final String urlMDFe = aut.getMDFeStatusServico(ambiente);	×
NEW 78	if (StringUtils.isNotBlank(urlMDFe)) {	×
NEW 79	final String host = new URI(urlMDFe).getHost();	×
NEW 80	DFCadeiaCertificados.get(keyStore, host);	×
81	}
82	}
83
84	// CTe
NEW 85	for (final CTAutorizador31 aut : CTAutorizador31.values()) {	×
NEW 86	final String urlCTe = aut.getCteStatusServico(ambiente);	×
NEW 87	if (StringUtils.isNotBlank(urlCTe)) {	×
NEW 88	final String host = new URI(urlCTe).getHost();	×
NEW 89	DFCadeiaCertificados.get(keyStore, host);	×
90	}
91	}
92
93	// CTe 4.00
NEW 94	for (final CTAutorizador400 aut : CTAutorizador400.values()) {	×
NEW 95	final String urlCTe = aut.getCteStatusServico(ambiente);	×
NEW 96	if (StringUtils.isNotBlank(urlCTe)) {	×
NEW 97	final String host = new URI(urlCTe).getHost();	×
NEW 98	DFCadeiaCertificados.get(keyStore, host);	×
99	}
100	}
101
NEW 102	keyStore.store(out, senha.toCharArray());	×
NEW 103	return out.toByteArray();	×
104	}
105	}
106
107	private static void get(final KeyStore keyStore, final String host) throws Exception {
108	final TrustManagerFactory trustManagerFactory = TrustManagerFactory
NEW 109	.getInstance(TrustManagerFactory.getDefaultAlgorithm());	×
NEW 110	trustManagerFactory.init(keyStore);	×
111
NEW 112	final X509TrustManager defaultTrustManager = (X509TrustManager) trustManagerFactory.getTrustManagers()[0];	×
NEW 113	final SavingTrustManager savingTrustManager = new SavingTrustManager(defaultTrustManager);	×
114
NEW 115	final SSLContext sslContext = SSLContext.getInstance(DFCadeiaCertificados.PROTOCOL);	×
NEW 116	sslContext.init(null, new TrustManager[] { savingTrustManager }, null);	×
117
NEW 118	DFLog.getLogger(DFCadeiaCertificados.class).debug("Abrindo conexao para o servidor: {}:{}", host,	×
NEW 119	DFCadeiaCertificados.PORT);	×
NEW 120	try (SSLSocket sslSocket = (SSLSocket) sslContext.getSocketFactory().createSocket(host,	×
121	DFCadeiaCertificados.PORT)) {
NEW 122	sslSocket.setSoTimeout(10000);	×
NEW 123	sslSocket.startHandshake();	×
NEW 124	} catch (final Exception e) {	×
NEW 125	DFLog.getLogger(DFCadeiaCertificados.class).error(String.format("[%s] %s", host, e.toString()));	×
NEW 126	}	×
127
128	// se conseguir obter a cadeia de certificados, adiciona no keystore
NEW 129	if (savingTrustManager.chain != null) {	×
NEW 130	DFLog.getLogger(DFCadeiaCertificados.class).debug("Certificados enviados pelo servidor: {}",	×
NEW 131	savingTrustManager.chain.length);	×
NEW 132	final MessageDigest sha1 = MessageDigest.getInstance("SHA1");	×
NEW 133	final MessageDigest md5 = MessageDigest.getInstance("MD5");	×
NEW 134	for (int i = 0; i < savingTrustManager.chain.length; i++) {	×
NEW 135	final X509Certificate certificate = savingTrustManager.chain[i];	×
NEW 136	sha1.update(certificate.getEncoded());	×
NEW 137	md5.update(certificate.getEncoded());	×
138
NEW 139	final String alias = String.format("%s.%s", host, i + 1);	×
NEW 140	keyStore.setCertificateEntry(alias, certificate);	×
NEW 141	DFLog.getLogger(DFCadeiaCertificados.class).debug("Adicionado certificado no keystore com o alias: {}",	×
142	alias);
143	}
144	}
NEW 145	}	×
146
147	private static class SavingTrustManager implements X509TrustManager {
148	private final X509TrustManager trustManager;
149	private X509Certificate[] chain;
150
NEW 151	SavingTrustManager(final X509TrustManager trustManager) {	×
NEW 152	this.trustManager = trustManager;	×
NEW 153	}	×
154
155	@Override
156	public X509Certificate[] getAcceptedIssuers() {
NEW 157	return this.trustManager.getAcceptedIssuers();	×
158	}
159
160	@Override
161	public void checkClientTrusted(final X509Certificate[] chain, final String authType)
162	throws CertificateException {
NEW 163	this.trustManager.checkClientTrusted(chain, authType);	×
NEW 164	}	×
165
166	@Override
167	public void checkServerTrusted(final X509Certificate[] chain, final String authType)
168	throws CertificateException {
NEW 169	this.chain = chain;	×
NEW 170	this.trustManager.checkServerTrusted(chain, authType);	×
NEW 171	}	×
172	}
173	}

wmixvideo / nfe / #7323

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous