package com.lowagie.text.pdf;

import com.lowagie.text.ExceptionConverter;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Collection;
import java.util.Enumeration;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1OutputStream;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERConstructedSet;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.DERUTCTime;
import org.bouncycastle.jce.provider.X509CRLParser;
import org.bouncycastle.jce.provider.X509CertParser;
import org.bouncycastle.util.StreamParsingException;

/* JADX WARN: Classes with same name are omitted:
  input_file:lib/.svn/text-base/itext-2.0.2.jar.svn-base:com/lowagie/text/pdf/PdfPKCS7.class
 */
/* loaded from: input_file:lib/itext-2.0.2.jar:com/lowagie/text/pdf/PdfPKCS7.class */
public class PdfPKCS7 {
    private byte[] sigAttr;
    private byte[] digestAttr;
    private int version;
    private int signerversion;
    private Set digestalgos;
    private Collection certs;
    private Collection crls;
    private X509Certificate signCert;
    private byte[] digest;
    private MessageDigest messageDigest;
    private String digestAlgorithm;
    private String digestEncryptionAlgorithm;
    private Signature sig;
    private transient PrivateKey privKey;
    private byte[] RSAdata;
    private boolean verified;
    private boolean verifyResult;
    private byte[] externalDigest;
    private byte[] externalRSAdata;
    private static final String ID_PKCS7_DATA = "1.2.840.113549.1.7.1";
    private static final String ID_PKCS7_SIGNED_DATA = "1.2.840.113549.1.7.2";
    private static final String ID_MD5 = "1.2.840.113549.2.5";
    private static final String ID_MD2 = "1.2.840.113549.2.2";
    private static final String ID_SHA1 = "1.3.14.3.2.26";
    private static final String ID_RSA = "1.2.840.113549.1.1.1";
    private static final String ID_DSA = "1.2.840.10040.4.1";
    private static final String ID_CONTENT_TYPE = "1.2.840.113549.1.9.3";
    private static final String ID_MESSAGE_DIGEST = "1.2.840.113549.1.9.4";
    private static final String ID_SIGNING_TIME = "1.2.840.113549.1.9.5";
    private static final String ID_MD2RSA = "1.2.840.113549.1.1.2";
    private static final String ID_MD5RSA = "1.2.840.113549.1.1.4";
    private static final String ID_SHA1RSA = "1.2.840.113549.1.1.5";
    private String reason;
    private String location;
    private Calendar signDate;
    private String signName;

    /* JADX WARN: Classes with same name are omitted:
      input_file:lib/.svn/text-base/itext-2.0.2.jar.svn-base:com/lowagie/text/pdf/PdfPKCS7$X509Name.class
     */
    /* loaded from: input_file:lib/itext-2.0.2.jar:com/lowagie/text/pdf/PdfPKCS7$X509Name.class */
    public static class X509Name {
        public static final DERObjectIdentifier C = new DERObjectIdentifier("2.5.4.6");
        public static final DERObjectIdentifier O = new DERObjectIdentifier("2.5.4.10");
        public static final DERObjectIdentifier OU = new DERObjectIdentifier("2.5.4.11");
        public static final DERObjectIdentifier T = new DERObjectIdentifier("2.5.4.12");
        public static final DERObjectIdentifier CN = new DERObjectIdentifier("2.5.4.3");
        public static final DERObjectIdentifier SN = new DERObjectIdentifier("2.5.4.5");
        public static final DERObjectIdentifier L = new DERObjectIdentifier("2.5.4.7");
        public static final DERObjectIdentifier ST = new DERObjectIdentifier("2.5.4.8");
        public static final DERObjectIdentifier SURNAME = new DERObjectIdentifier("2.5.4.4");
        public static final DERObjectIdentifier GIVENNAME = new DERObjectIdentifier("2.5.4.42");
        public static final DERObjectIdentifier INITIALS = new DERObjectIdentifier("2.5.4.43");
        public static final DERObjectIdentifier GENERATION = new DERObjectIdentifier("2.5.4.44");
        public static final DERObjectIdentifier UNIQUE_IDENTIFIER = new DERObjectIdentifier("2.5.4.45");
        public static final DERObjectIdentifier EmailAddress = new DERObjectIdentifier("1.2.840.113549.1.9.1");
        public static final DERObjectIdentifier E = EmailAddress;
        public static final DERObjectIdentifier DC = new DERObjectIdentifier("0.9.2342.19200300.100.1.25");
        public static final DERObjectIdentifier UID = new DERObjectIdentifier("0.9.2342.19200300.100.1.1");
        public static HashMap DefaultSymbols = new HashMap();
        public HashMap values = new HashMap();

        public X509Name(ASN1Sequence aSN1Sequence) {
            Enumeration objects = aSN1Sequence.getObjects();
            while (objects.hasMoreElements()) {
                ASN1Set aSN1Set = (ASN1Set) objects.nextElement();
                for (int i = 0; i < aSN1Set.size(); i++) {
                    ASN1Sequence objectAt = aSN1Set.getObjectAt(i);
                    String str = (String) DefaultSymbols.get(objectAt.getObjectAt(0));
                    if (str != null) {
                        ArrayList arrayList = (ArrayList) this.values.get(str);
                        if (arrayList == null) {
                            arrayList = new ArrayList();
                            this.values.put(str, arrayList);
                        }
                        arrayList.add(objectAt.getObjectAt(1).getString());
                    }
                }
            }
        }

        public X509Name(String str) {
            X509NameTokenizer x509NameTokenizer = new X509NameTokenizer(str);
            while (x509NameTokenizer.hasMoreTokens()) {
                String nextToken = x509NameTokenizer.nextToken();
                int indexOf = nextToken.indexOf(61);
                if (indexOf == -1) {
                    throw new IllegalArgumentException("badly formated directory string");
                }
                String upperCase = nextToken.substring(0, indexOf).toUpperCase();
                String substring = nextToken.substring(indexOf + 1);
                ArrayList arrayList = (ArrayList) this.values.get(upperCase);
                if (arrayList == null) {
                    arrayList = new ArrayList();
                    this.values.put(upperCase, arrayList);
                }
                arrayList.add(substring);
            }
        }

        public String getField(String str) {
            ArrayList arrayList = (ArrayList) this.values.get(str);
            if (arrayList == null) {
                return null;
            }
            return (String) arrayList.get(0);
        }

        public ArrayList getFieldArray(String str) {
            ArrayList arrayList = (ArrayList) this.values.get(str);
            if (arrayList == null) {
                return null;
            }
            return arrayList;
        }

        public HashMap getFields() {
            return this.values;
        }

        public String toString() {
            return this.values.toString();
        }

        static {
            DefaultSymbols.put(C, "C");
            DefaultSymbols.put(O, "O");
            DefaultSymbols.put(T, "T");
            DefaultSymbols.put(OU, "OU");
            DefaultSymbols.put(CN, "CN");
            DefaultSymbols.put(L, "L");
            DefaultSymbols.put(ST, "ST");
            DefaultSymbols.put(SN, "SN");
            DefaultSymbols.put(EmailAddress, "E");
            DefaultSymbols.put(DC, "DC");
            DefaultSymbols.put(UID, "UID");
            DefaultSymbols.put(SURNAME, "SURNAME");
            DefaultSymbols.put(GIVENNAME, "GIVENNAME");
            DefaultSymbols.put(INITIALS, "INITIALS");
            DefaultSymbols.put(GENERATION, "GENERATION");
        }
    }

    /* JADX WARN: Classes with same name are omitted:
      input_file:lib/.svn/text-base/itext-2.0.2.jar.svn-base:com/lowagie/text/pdf/PdfPKCS7$X509NameTokenizer.class
     */
    /* loaded from: input_file:lib/itext-2.0.2.jar:com/lowagie/text/pdf/PdfPKCS7$X509NameTokenizer.class */
    public static class X509NameTokenizer {
        private String oid;
        private StringBuffer buf = new StringBuffer();
        private int index = -1;

        public X509NameTokenizer(String str) {
            this.oid = str;
        }

        public boolean hasMoreTokens() {
            return this.index != this.oid.length();
        }

        public String nextToken() {
            if (this.index == this.oid.length()) {
                return null;
            }
            int i = this.index + 1;
            boolean z = false;
            boolean z2 = false;
            this.buf.setLength(0);
            while (i != this.oid.length()) {
                char charAt = this.oid.charAt(i);
                if (charAt == '\"') {
                    if (z2) {
                        this.buf.append(charAt);
                    } else {
                        z = !z;
                    }
                    z2 = false;
                } else if (z2 || z) {
                    this.buf.append(charAt);
                    z2 = false;
                } else if (charAt == '\\') {
                    z2 = true;
                } else {
                    if (charAt == ',') {
                        break;
                    }
                    this.buf.append(charAt);
                }
                i++;
            }
            this.index = i;
            return this.buf.toString().trim();
        }
    }

    public PdfPKCS7(byte[] bArr, byte[] bArr2, String str) throws SecurityException, InvalidKeyException, CertificateException, NoSuchProviderException, NoSuchAlgorithmException, IOException {
        CertificateFactory certificateFactory = str == null ? CertificateFactory.getInstance("X.509") : CertificateFactory.getInstance("X.509", str);
        if (str == null) {
            this.certs = certificateFactory.generateCertificates(new ByteArrayInputStream(bArr2));
        }
        this.signCert = (X509Certificate) this.certs.iterator().next();
        this.crls = new ArrayList();
        this.digest = new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject().getOctets();
        if (str == null) {
            this.sig = Signature.getInstance("SHA1withRSA");
        } else {
            this.sig = Signature.getInstance("SHA1withRSA", str);
        }
        this.sig.initVerify(this.signCert.getPublicKey());
    }

    public PdfPKCS7(byte[] bArr, String str) throws SecurityException, CRLException, InvalidKeyException, CertificateException, NoSuchProviderException, NoSuchAlgorithmException, StreamParsingException {
        try {
            ASN1Sequence readObject = new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject();
            if (!(readObject instanceof ASN1Sequence)) {
                throw new SecurityException("Not a valid PKCS#7 object - not a sequence");
            }
            ASN1Sequence aSN1Sequence = readObject;
            if (!aSN1Sequence.getObjectAt(0).getId().equals(ID_PKCS7_SIGNED_DATA)) {
                throw new SecurityException("Not a valid PKCS#7 object - not signed data");
            }
            ASN1Sequence object = aSN1Sequence.getObjectAt(1).getObject();
            this.version = object.getObjectAt(0).getValue().intValue();
            this.digestalgos = new HashSet();
            Enumeration objects = object.getObjectAt(1).getObjects();
            while (objects.hasMoreElements()) {
                this.digestalgos.add(((ASN1Sequence) objects.nextElement()).getObjectAt(0).getId());
            }
            X509CertParser x509CertParser = new X509CertParser();
            x509CertParser.engineInit(new ByteArrayInputStream(bArr));
            this.certs = x509CertParser.engineReadAll();
            X509CRLParser x509CRLParser = new X509CRLParser();
            x509CRLParser.engineInit(new ByteArrayInputStream(bArr));
            this.crls = x509CRLParser.engineReadAll();
            ASN1Sequence objectAt = object.getObjectAt(2);
            if (objectAt.size() > 1) {
                this.RSAdata = objectAt.getObjectAt(1).getObject().getOctets();
            }
            int i = 3;
            while (object.getObjectAt(i) instanceof DERTaggedObject) {
                i++;
            }
            ASN1Set objectAt2 = object.getObjectAt(i);
            if (objectAt2.size() != 1) {
                throw new SecurityException("This PKCS#7 object has multiple SignerInfos - only one is supported at this time");
            }
            ASN1Sequence objectAt3 = objectAt2.getObjectAt(0);
            this.signerversion = objectAt3.getObjectAt(0).getValue().intValue();
            BigInteger value = objectAt3.getObjectAt(1).getObjectAt(1).getValue();
            Iterator it = this.certs.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                X509Certificate x509Certificate = (X509Certificate) it.next();
                if (value.equals(x509Certificate.getSerialNumber())) {
                    this.signCert = x509Certificate;
                    break;
                }
            }
            if (this.signCert == null) {
                throw new SecurityException(new StringBuffer().append("Can't find signing certificate with serial ").append(value.toString(16)).toString());
            }
            this.digestAlgorithm = objectAt3.getObjectAt(2).getObjectAt(0).getId();
            int i2 = 3;
            if (objectAt3.getObjectAt(3) instanceof ASN1TaggedObject) {
                ASN1Sequence object2 = objectAt3.getObjectAt(3).getObject();
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                ASN1OutputStream aSN1OutputStream = new ASN1OutputStream(byteArrayOutputStream);
                try {
                    ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                    for (int i3 = 0; i3 < object2.size(); i3++) {
                        aSN1EncodableVector.add(object2.getObjectAt(i3));
                    }
                    aSN1OutputStream.writeObject(new DERSet(aSN1EncodableVector));
                    aSN1OutputStream.close();
                } catch (IOException e) {
                }
                this.sigAttr = byteArrayOutputStream.toByteArray();
                int i4 = 0;
                while (true) {
                    if (i4 >= object2.size()) {
                        break;
                    }
                    ASN1Sequence objectAt4 = object2.getObjectAt(i4);
                    if (objectAt4.getObjectAt(0).getId().equals(ID_MESSAGE_DIGEST)) {
                        this.digestAttr = objectAt4.getObjectAt(1).getObjectAt(0).getOctets();
                        break;
                    }
                    i4++;
                }
                if (this.digestAttr == null) {
                    throw new SecurityException("Authenticated attribute is missing the digest.");
                }
                i2 = 3 + 1;
            }
            this.digestEncryptionAlgorithm = objectAt3.getObjectAt(i2).getObjectAt(0).getId();
            this.digest = objectAt3.getObjectAt(i2 + 1).getOctets();
            if (this.RSAdata != null || this.digestAttr != null) {
                if (str == null || str.startsWith("SunPKCS11")) {
                    this.messageDigest = MessageDigest.getInstance(getHashAlgorithm());
                } else {
                    this.messageDigest = MessageDigest.getInstance(getHashAlgorithm(), str);
                }
            }
            if (str == null) {
                this.sig = Signature.getInstance(getDigestAlgorithm());
            } else {
                this.sig = Signature.getInstance(getDigestAlgorithm(), str);
            }
            this.sig.initVerify(this.signCert.getPublicKey());
        } catch (IOException e2) {
            throw new SecurityException("can't decode PKCS7SignedData object");
        }
    }

    public PdfPKCS7(PrivateKey privateKey, Certificate[] certificateArr, CRL[] crlArr, String str, String str2, boolean z) throws SecurityException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException {
        this.privKey = privateKey;
        if (str.equals("MD5")) {
            this.digestAlgorithm = ID_MD5;
        } else if (str.equals("MD2")) {
            this.digestAlgorithm = ID_MD2;
        } else if (str.equals("SHA")) {
            this.digestAlgorithm = ID_SHA1;
        } else {
            if (!str.equals("SHA1")) {
                throw new NoSuchAlgorithmException(new StringBuffer().append("Unknown Hash Algorithm ").append(str).toString());
            }
            this.digestAlgorithm = ID_SHA1;
        }
        this.signerversion = 1;
        this.version = 1;
        this.certs = new ArrayList();
        this.crls = new ArrayList();
        this.digestalgos = new HashSet();
        this.digestalgos.add(this.digestAlgorithm);
        this.signCert = (X509Certificate) certificateArr[0];
        for (Certificate certificate : certificateArr) {
            this.certs.add(certificate);
        }
        if (crlArr != null) {
            for (CRL crl : crlArr) {
                this.crls.add(crl);
            }
        }
        if (privateKey != null) {
            this.digestEncryptionAlgorithm = privateKey.getAlgorithm();
            if (this.digestEncryptionAlgorithm.equals("RSA")) {
                this.digestEncryptionAlgorithm = ID_RSA;
            } else {
                if (!this.digestEncryptionAlgorithm.equals("DSA")) {
                    throw new NoSuchAlgorithmException(new StringBuffer().append("Unknown Key Algorithm ").append(this.digestEncryptionAlgorithm).toString());
                }
                this.digestEncryptionAlgorithm = ID_DSA;
            }
        }
        if (z) {
            this.RSAdata = new byte[0];
            if (str2 == null || str2.startsWith("SunPKCS11")) {
                this.messageDigest = MessageDigest.getInstance(getHashAlgorithm());
            } else {
                this.messageDigest = MessageDigest.getInstance(getHashAlgorithm(), str2);
            }
        }
        if (privateKey != null) {
            if (str2 == null) {
                this.sig = Signature.getInstance(getDigestAlgorithm());
            } else {
                this.sig = Signature.getInstance(getDigestAlgorithm(), str2);
            }
            this.sig.initSign(privateKey);
        }
    }

    public void update(byte[] bArr, int i, int i2) throws SignatureException {
        if (this.RSAdata == null && this.digestAttr == null) {
            this.sig.update(bArr, i, i2);
        } else {
            this.messageDigest.update(bArr, i, i2);
        }
    }

    public boolean verify() throws SignatureException {
        if (this.verified) {
            return this.verifyResult;
        }
        if (this.sigAttr != null) {
            this.sig.update(this.sigAttr);
            if (this.RSAdata != null) {
                this.messageDigest.update(this.messageDigest.digest());
            }
            this.verifyResult = Arrays.equals(this.messageDigest.digest(), this.digestAttr) && this.sig.verify(this.digest);
        } else {
            if (this.RSAdata != null) {
                this.sig.update(this.messageDigest.digest());
            }
            this.verifyResult = this.sig.verify(this.digest);
        }
        this.verified = true;
        return this.verifyResult;
    }

    public Certificate[] getCertificates() {
        return (X509Certificate[]) this.certs.toArray(new X509Certificate[this.certs.size()]);
    }

    public Collection getCRLs() {
        return this.crls;
    }

    public X509Certificate getSigningCertificate() {
        return this.signCert;
    }

    public int getVersion() {
        return this.version;
    }

    public int getSigningInfoVersion() {
        return this.signerversion;
    }

    public String getDigestAlgorithm() {
        String str = this.digestEncryptionAlgorithm;
        if (this.digestEncryptionAlgorithm.equals(ID_RSA) || this.digestEncryptionAlgorithm.equals(ID_MD5RSA) || this.digestEncryptionAlgorithm.equals(ID_MD2RSA) || this.digestEncryptionAlgorithm.equals(ID_SHA1RSA)) {
            str = "RSA";
        } else if (this.digestEncryptionAlgorithm.equals(ID_DSA)) {
            str = "DSA";
        }
        return new StringBuffer().append(getHashAlgorithm()).append("with").append(str).toString();
    }

    public String getHashAlgorithm() {
        String str = this.digestAlgorithm;
        if (this.digestAlgorithm.equals(ID_MD5) || this.digestAlgorithm.equals(ID_MD5RSA)) {
            str = "MD5";
        } else if (this.digestAlgorithm.equals(ID_MD2) || this.digestAlgorithm.equals(ID_MD2RSA)) {
            str = "MD2";
        } else if (this.digestAlgorithm.equals(ID_SHA1) || this.digestAlgorithm.equals(ID_SHA1RSA)) {
            str = "SHA1";
        }
        return str;
    }

    public static KeyStore loadCacertsKeyStore() {
        return loadCacertsKeyStore(null);
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:14:0x0072
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    public static java.security.KeyStore loadCacertsKeyStore(java.lang.String r5) {
        /*
            java.io.File r0 = new java.io.File
            r1 = r0
            java.lang.String r2 = "java.home"
            java.lang.String r2 = java.lang.System.getProperty(r2)
            java.lang.String r3 = "lib"
            r1.<init>(r2, r3)
            r6 = r0
            java.io.File r0 = new java.io.File
            r1 = r0
            r2 = r6
            java.lang.String r3 = "security"
            r1.<init>(r2, r3)
            r6 = r0
            java.io.File r0 = new java.io.File
            r1 = r0
            r2 = r6
            java.lang.String r3 = "cacerts"
            r1.<init>(r2, r3)
            r6 = r0
            r0 = 0
            r7 = r0
            java.io.FileInputStream r0 = new java.io.FileInputStream     // Catch: java.lang.Exception -> L53 java.lang.Throwable -> L5d
            r1 = r0
            r2 = r6
            r1.<init>(r2)     // Catch: java.lang.Exception -> L53 java.lang.Throwable -> L5d
            r7 = r0
            r0 = r5
            if (r0 != 0) goto L3d
            java.lang.String r0 = "JKS"
            java.security.KeyStore r0 = java.security.KeyStore.getInstance(r0)     // Catch: java.lang.Exception -> L53 java.lang.Throwable -> L5d
            r8 = r0
            goto L44
        L3d:
            java.lang.String r0 = "JKS"
            r1 = r5
            java.security.KeyStore r0 = java.security.KeyStore.getInstance(r0, r1)     // Catch: java.lang.Exception -> L53 java.lang.Throwable -> L5d
            r8 = r0
        L44:
            r0 = r8
            r1 = r7
            r2 = 0
            r0.load(r1, r2)     // Catch: java.lang.Exception -> L53 java.lang.Throwable -> L5d
            r0 = r8
            r9 = r0
            r0 = jsr -> L65
        L50:
            r1 = r9
            return r1
        L53:
            r8 = move-exception
            com.lowagie.text.ExceptionConverter r0 = new com.lowagie.text.ExceptionConverter     // Catch: java.lang.Throwable -> L5d
            r1 = r0
            r2 = r8
            r1.<init>(r2)     // Catch: java.lang.Throwable -> L5d
            throw r0     // Catch: java.lang.Throwable -> L5d
        L5d:
            r10 = move-exception
            r0 = jsr -> L65
        L62:
            r1 = r10
            throw r1
        L65:
            r11 = r0
            r0 = r7
            if (r0 == 0) goto L6f
            r0 = r7
            r0.close()     // Catch: java.lang.Exception -> L72
        L6f:
            goto L74
        L72:
            r12 = move-exception
        L74:
            ret r11
        */
        throw new UnsupportedOperationException("Method not decompiled: com.lowagie.text.pdf.PdfPKCS7.loadCacertsKeyStore(java.lang.String):java.security.KeyStore");
    }

    public static String verifyCertificate(X509Certificate x509Certificate, Collection collection, Calendar calendar) {
        if (calendar == null) {
            calendar = new GregorianCalendar();
        }
        if (x509Certificate.hasUnsupportedCriticalExtension()) {
            return "Has unsupported critical extension";
        }
        try {
            x509Certificate.checkValidity(calendar.getTime());
            if (collection == null) {
                return null;
            }
            Iterator it = collection.iterator();
            while (it.hasNext()) {
                if (((CRL) it.next()).isRevoked(x509Certificate)) {
                    return "Certificate revoked";
                }
            }
            return null;
        } catch (Exception e) {
            return e.getMessage();
        }
    }

    public static Object[] verifyCertificates(Certificate[] certificateArr, KeyStore keyStore, Collection collection, Calendar calendar) {
        if (calendar == null) {
            calendar = new GregorianCalendar();
        }
        for (int i = 0; i < certificateArr.length; i++) {
            X509Certificate x509Certificate = (X509Certificate) certificateArr[i];
            String verifyCertificate = verifyCertificate(x509Certificate, collection, calendar);
            if (verifyCertificate != null) {
                return new Object[]{x509Certificate, verifyCertificate};
            }
            try {
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    try {
                        String nextElement = aliases.nextElement();
                        if (keyStore.isCertificateEntry(nextElement)) {
                            X509Certificate x509Certificate2 = (X509Certificate) keyStore.getCertificate(nextElement);
                            if (verifyCertificate(x509Certificate2, collection, calendar) == null) {
                                try {
                                    x509Certificate.verify(x509Certificate2.getPublicKey());
                                    return null;
                                } catch (Exception e) {
                                }
                            }
                        }
                    } catch (Exception e2) {
                    }
                }
            } catch (Exception e3) {
            }
            int i2 = 0;
            while (i2 < certificateArr.length) {
                if (i2 != i) {
                    try {
                        x509Certificate.verify(((X509Certificate) certificateArr[i2]).getPublicKey());
                        break;
                    } catch (Exception e4) {
                    }
                }
                i2++;
            }
            if (i2 == certificateArr.length) {
                return new Object[]{x509Certificate, "Cannot be verified against the KeyStore or the certificate chain"};
            }
        }
        return new Object[]{null, "Invalid state. Possible circular certificate chain"};
    }

    private static DERObject getIssuer(byte[] bArr) {
        try {
            ASN1Sequence readObject = new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject();
            return readObject.getObjectAt(readObject.getObjectAt(0) instanceof DERTaggedObject ? 3 : 2);
        } catch (IOException e) {
            throw new ExceptionConverter(e);
        }
    }

    private static DERObject getSubject(byte[] bArr) {
        try {
            ASN1Sequence readObject = new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject();
            return readObject.getObjectAt(readObject.getObjectAt(0) instanceof DERTaggedObject ? 5 : 4);
        } catch (IOException e) {
            throw new ExceptionConverter(e);
        }
    }

    public static X509Name getIssuerFields(X509Certificate x509Certificate) {
        try {
            return new X509Name(getIssuer(x509Certificate.getTBSCertificate()));
        } catch (Exception e) {
            throw new ExceptionConverter(e);
        }
    }

    public static X509Name getSubjectFields(X509Certificate x509Certificate) {
        try {
            return new X509Name(getSubject(x509Certificate.getTBSCertificate()));
        } catch (Exception e) {
            throw new ExceptionConverter(e);
        }
    }

    public byte[] getEncodedPKCS1() {
        try {
            if (this.externalDigest != null) {
                this.digest = this.externalDigest;
            } else {
                this.digest = this.sig.sign();
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ASN1OutputStream aSN1OutputStream = new ASN1OutputStream(byteArrayOutputStream);
            aSN1OutputStream.writeObject(new DEROctetString(this.digest));
            aSN1OutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            throw new ExceptionConverter(e);
        }
    }

    public void setExternalDigest(byte[] bArr, byte[] bArr2, String str) {
        this.externalDigest = bArr;
        this.externalRSAdata = bArr2;
        if (str != null) {
            if (str.equals("RSA")) {
                this.digestEncryptionAlgorithm = ID_RSA;
            } else {
                if (!str.equals("DSA")) {
                    throw new ExceptionConverter(new NoSuchAlgorithmException(new StringBuffer().append("Unknown Key Algorithm ").append(str).toString()));
                }
                this.digestEncryptionAlgorithm = ID_DSA;
            }
        }
    }

    public byte[] getEncodedPKCS7() {
        return getEncodedPKCS7(null, null);
    }

    public byte[] getEncodedPKCS7(byte[] bArr, Calendar calendar) {
        try {
            if (this.externalDigest != null) {
                this.digest = this.externalDigest;
                if (this.RSAdata != null) {
                    this.RSAdata = this.externalRSAdata;
                }
            } else if (this.externalRSAdata == null || this.RSAdata == null) {
                if (this.RSAdata != null) {
                    this.RSAdata = this.messageDigest.digest();
                    this.sig.update(this.RSAdata);
                }
                this.digest = this.sig.sign();
            } else {
                this.RSAdata = this.externalRSAdata;
                this.sig.update(this.RSAdata);
                this.digest = this.sig.sign();
            }
            DERConstructedSet dERConstructedSet = new DERConstructedSet();
            Iterator it = this.digestalgos.iterator();
            while (it.hasNext()) {
                ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                aSN1EncodableVector.add(new DERObjectIdentifier((String) it.next()));
                aSN1EncodableVector.add(new DERNull());
                dERConstructedSet.addObject(new DERSequence(aSN1EncodableVector));
            }
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            aSN1EncodableVector2.add(new DERObjectIdentifier(ID_PKCS7_DATA));
            if (this.RSAdata != null) {
                aSN1EncodableVector2.add(new DERTaggedObject(0, new DEROctetString(this.RSAdata)));
            }
            DERSequence dERSequence = new DERSequence(aSN1EncodableVector2);
            ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
            Iterator it2 = this.certs.iterator();
            while (it2.hasNext()) {
                aSN1EncodableVector3.add(new ASN1InputStream(new ByteArrayInputStream(((X509Certificate) it2.next()).getEncoded())).readObject());
            }
            DERSet dERSet = new DERSet(aSN1EncodableVector3);
            ASN1EncodableVector aSN1EncodableVector4 = new ASN1EncodableVector();
            aSN1EncodableVector4.add(new DERInteger(this.signerversion));
            ASN1EncodableVector aSN1EncodableVector5 = new ASN1EncodableVector();
            aSN1EncodableVector5.add(getIssuer(this.signCert.getTBSCertificate()));
            aSN1EncodableVector5.add(new DERInteger(this.signCert.getSerialNumber()));
            aSN1EncodableVector4.add(new DERSequence(aSN1EncodableVector5));
            ASN1EncodableVector aSN1EncodableVector6 = new ASN1EncodableVector();
            aSN1EncodableVector6.add(new DERObjectIdentifier(this.digestAlgorithm));
            aSN1EncodableVector6.add(new DERNull());
            aSN1EncodableVector4.add(new DERSequence(aSN1EncodableVector6));
            if (bArr != null && calendar != null) {
                ASN1EncodableVector aSN1EncodableVector7 = new ASN1EncodableVector();
                ASN1EncodableVector aSN1EncodableVector8 = new ASN1EncodableVector();
                aSN1EncodableVector8.add(new DERObjectIdentifier(ID_CONTENT_TYPE));
                aSN1EncodableVector8.add(new DERSet(new DERObjectIdentifier(ID_PKCS7_DATA)));
                aSN1EncodableVector7.add(new DERSequence(aSN1EncodableVector8));
                ASN1EncodableVector aSN1EncodableVector9 = new ASN1EncodableVector();
                aSN1EncodableVector9.add(new DERObjectIdentifier(ID_SIGNING_TIME));
                aSN1EncodableVector9.add(new DERSet(new DERUTCTime(calendar.getTime())));
                aSN1EncodableVector7.add(new DERSequence(aSN1EncodableVector9));
                ASN1EncodableVector aSN1EncodableVector10 = new ASN1EncodableVector();
                aSN1EncodableVector10.add(new DERObjectIdentifier(ID_MESSAGE_DIGEST));
                aSN1EncodableVector10.add(new DERSet(new DEROctetString(bArr)));
                aSN1EncodableVector7.add(new DERSequence(aSN1EncodableVector10));
                aSN1EncodableVector4.add(new DERTaggedObject(false, 0, new DERSet(aSN1EncodableVector7)));
            }
            ASN1EncodableVector aSN1EncodableVector11 = new ASN1EncodableVector();
            aSN1EncodableVector11.add(new DERObjectIdentifier(this.digestEncryptionAlgorithm));
            aSN1EncodableVector11.add(new DERNull());
            aSN1EncodableVector4.add(new DERSequence(aSN1EncodableVector11));
            aSN1EncodableVector4.add(new DEROctetString(this.digest));
            ASN1EncodableVector aSN1EncodableVector12 = new ASN1EncodableVector();
            aSN1EncodableVector12.add(new DERInteger(this.version));
            aSN1EncodableVector12.add(dERConstructedSet);
            aSN1EncodableVector12.add(dERSequence);
            aSN1EncodableVector12.add(new DERTaggedObject(false, 0, dERSet));
            if (!this.crls.isEmpty()) {
                ASN1EncodableVector aSN1EncodableVector13 = new ASN1EncodableVector();
                Iterator it3 = this.crls.iterator();
                while (it3.hasNext()) {
                    aSN1EncodableVector13.add(new ASN1InputStream(new ByteArrayInputStream(((X509CRL) it3.next()).getEncoded())).readObject());
                }
                aSN1EncodableVector12.add(new DERTaggedObject(false, 1, new DERSet(aSN1EncodableVector13)));
            }
            aSN1EncodableVector12.add(new DERSet(new DERSequence(aSN1EncodableVector4)));
            ASN1EncodableVector aSN1EncodableVector14 = new ASN1EncodableVector();
            aSN1EncodableVector14.add(new DERObjectIdentifier(ID_PKCS7_SIGNED_DATA));
            aSN1EncodableVector14.add(new DERTaggedObject(0, new DERSequence(aSN1EncodableVector12)));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ASN1OutputStream aSN1OutputStream = new ASN1OutputStream(byteArrayOutputStream);
            aSN1OutputStream.writeObject(new DERSequence(aSN1EncodableVector14));
            aSN1OutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            throw new ExceptionConverter(e);
        }
    }

    public byte[] getAuthenticatedAttributeBytes(byte[] bArr, Calendar calendar) {
        try {
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            aSN1EncodableVector2.add(new DERObjectIdentifier(ID_CONTENT_TYPE));
            aSN1EncodableVector2.add(new DERSet(new DERObjectIdentifier(ID_PKCS7_DATA)));
            aSN1EncodableVector.add(new DERSequence(aSN1EncodableVector2));
            ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
            aSN1EncodableVector3.add(new DERObjectIdentifier(ID_SIGNING_TIME));
            aSN1EncodableVector3.add(new DERSet(new DERUTCTime(calendar.getTime())));
            aSN1EncodableVector.add(new DERSequence(aSN1EncodableVector3));
            ASN1EncodableVector aSN1EncodableVector4 = new ASN1EncodableVector();
            aSN1EncodableVector4.add(new DERObjectIdentifier(ID_MESSAGE_DIGEST));
            aSN1EncodableVector4.add(new DERSet(new DEROctetString(bArr)));
            aSN1EncodableVector.add(new DERSequence(aSN1EncodableVector4));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ASN1OutputStream aSN1OutputStream = new ASN1OutputStream(byteArrayOutputStream);
            aSN1OutputStream.writeObject(new DERSet(aSN1EncodableVector));
            aSN1OutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            throw new ExceptionConverter(e);
        }
    }

    public String getReason() {
        return this.reason;
    }

    public void setReason(String str) {
        this.reason = str;
    }

    public String getLocation() {
        return this.location;
    }

    public void setLocation(String str) {
        this.location = str;
    }

    public Calendar getSignDate() {
        return this.signDate;
    }

    public void setSignDate(Calendar calendar) {
        this.signDate = calendar;
    }

    public String getSignName() {
        return this.signName;
    }

    public void setSignName(String str) {
        this.signName = str;
    }
}
