package com.itextpdf.text.pdf;

import com.itextpdf.text.ExceptionConverter;
import com.itextpdf.text.error_messages.MessageLocalization;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Collection;
import java.util.Enumeration;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.apache.pdfbox.pdmodel.interactive.annotation.PDAnnotationLink;
import org.apache.pdfbox.pdmodel.interactive.measurement.PDNumberFormatDictionary;
import org.apache.tools.ant.launch.Launcher;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1OutputStream;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DEREnumerated;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERString;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.DERUTCTime;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.ocsp.BasicOCSPResponse;
import org.bouncycastle.asn1.ocsp.OCSPObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.provider.X509CertParser;
import org.bouncycastle.ocsp.BasicOCSPResp;
import org.bouncycastle.ocsp.CertificateID;
import org.bouncycastle.tsp.TimeStampToken;
import org.opensaml.lite.security.x509.X509Util;
import org.opensaml.lite.signature.digest.impl.BuiltInGenericObjectDigester;
import pl.edu.icm.yadda.aas.utils.SecurityUtils;

/* loaded from: input_file:WEB-INF/lib/iText-5.0.1.jar:com/itextpdf/text/pdf/PdfPKCS7.class */
public class PdfPKCS7 {
    private byte[] sigAttr;
    private byte[] digestAttr;
    private int version;
    private int signerversion;
    private Set<String> digestalgos;
    private Collection<Certificate> certs;
    private Collection<CRL> crls;
    private Collection<Certificate> signCerts;
    private X509Certificate signCert;
    private byte[] digest;
    private MessageDigest messageDigest;
    private String digestAlgorithm;
    private String digestEncryptionAlgorithm;
    private Signature sig;
    private transient PrivateKey privKey;
    private byte[] RSAdata;
    private boolean verified;
    private boolean verifyResult;
    private byte[] externalDigest;
    private byte[] externalRSAdata;
    private String provider;
    private static final String ID_PKCS7_DATA = "1.2.840.113549.1.7.1";
    private static final String ID_PKCS7_SIGNED_DATA = "1.2.840.113549.1.7.2";
    private static final String ID_RSA = "1.2.840.113549.1.1.1";
    private static final String ID_DSA = "1.2.840.10040.4.1";
    private static final String ID_CONTENT_TYPE = "1.2.840.113549.1.9.3";
    private static final String ID_MESSAGE_DIGEST = "1.2.840.113549.1.9.4";
    private static final String ID_SIGNING_TIME = "1.2.840.113549.1.9.5";
    private static final String ID_ADBE_REVOCATION = "1.2.840.113583.1.1.8";
    private String reason;
    private String location;
    private Calendar signDate;
    private String signName;
    private TimeStampToken timeStampToken;
    private static final HashMap<String, String> digestNames = new HashMap<>();
    private static final HashMap<String, String> algorithmNames = new HashMap<>();
    private static final HashMap<String, String> allowedDigests = new HashMap<>();
    private BasicOCSPResp basicResp;

    /* loaded from: input_file:WEB-INF/lib/iText-5.0.1.jar:com/itextpdf/text/pdf/PdfPKCS7$X509Name.class */
    public static class X509Name {
        public static final DERObjectIdentifier C = new DERObjectIdentifier("2.5.4.6");
        public static final DERObjectIdentifier O = new DERObjectIdentifier("2.5.4.10");
        public static final DERObjectIdentifier OU = new DERObjectIdentifier("2.5.4.11");
        public static final DERObjectIdentifier T = new DERObjectIdentifier("2.5.4.12");
        public static final DERObjectIdentifier CN = new DERObjectIdentifier(X509Util.CN_OID);
        public static final DERObjectIdentifier SN = new DERObjectIdentifier("2.5.4.5");
        public static final DERObjectIdentifier L = new DERObjectIdentifier("2.5.4.7");
        public static final DERObjectIdentifier ST = new DERObjectIdentifier("2.5.4.8");
        public static final DERObjectIdentifier SURNAME = new DERObjectIdentifier("2.5.4.4");
        public static final DERObjectIdentifier GIVENNAME = new DERObjectIdentifier("2.5.4.42");
        public static final DERObjectIdentifier INITIALS = new DERObjectIdentifier("2.5.4.43");
        public static final DERObjectIdentifier GENERATION = new DERObjectIdentifier("2.5.4.44");
        public static final DERObjectIdentifier UNIQUE_IDENTIFIER = new DERObjectIdentifier("2.5.4.45");
        public static final DERObjectIdentifier EmailAddress = new DERObjectIdentifier("1.2.840.113549.1.9.1");
        public static final DERObjectIdentifier E = EmailAddress;
        public static final DERObjectIdentifier DC = new DERObjectIdentifier("0.9.2342.19200300.100.1.25");
        public static final DERObjectIdentifier UID = new DERObjectIdentifier("0.9.2342.19200300.100.1.1");
        public static HashMap<DERObjectIdentifier, String> DefaultSymbols = new HashMap<>();
        public HashMap<String, ArrayList<String>> values = new HashMap<>();

        public X509Name(ASN1Sequence aSN1Sequence) {
            Enumeration objects = aSN1Sequence.getObjects();
            while (objects.hasMoreElements()) {
                ASN1Set aSN1Set = (ASN1Set) objects.nextElement();
                for (int i = 0; i < aSN1Set.size(); i++) {
                    ASN1Sequence aSN1Sequence2 = (ASN1Sequence) aSN1Set.getObjectAt(i);
                    String str = DefaultSymbols.get(aSN1Sequence2.getObjectAt(0));
                    if (str != null) {
                        ArrayList<String> arrayList = this.values.get(str);
                        if (arrayList == null) {
                            arrayList = new ArrayList<>();
                            this.values.put(str, arrayList);
                        }
                        arrayList.add(((DERString) aSN1Sequence2.getObjectAt(1)).getString());
                    }
                }
            }
        }

        public X509Name(String str) {
            X509NameTokenizer x509NameTokenizer = new X509NameTokenizer(str);
            while (x509NameTokenizer.hasMoreTokens()) {
                String nextToken = x509NameTokenizer.nextToken();
                int indexOf = nextToken.indexOf(61);
                if (indexOf == -1) {
                    throw new IllegalArgumentException(MessageLocalization.getComposedMessage("badly.formated.directory.string"));
                }
                String upperCase = nextToken.substring(0, indexOf).toUpperCase();
                String substring = nextToken.substring(indexOf + 1);
                ArrayList<String> arrayList = this.values.get(upperCase);
                if (arrayList == null) {
                    arrayList = new ArrayList<>();
                    this.values.put(upperCase, arrayList);
                }
                arrayList.add(substring);
            }
        }

        public String getField(String str) {
            ArrayList<String> arrayList = this.values.get(str);
            if (arrayList == null) {
                return null;
            }
            return arrayList.get(0);
        }

        public ArrayList<String> getFieldArray(String str) {
            ArrayList<String> arrayList = this.values.get(str);
            if (arrayList == null) {
                return null;
            }
            return arrayList;
        }

        public HashMap<String, ArrayList<String>> getFields() {
            return this.values;
        }

        public String toString() {
            return this.values.toString();
        }

        static {
            DefaultSymbols.put(C, "C");
            DefaultSymbols.put(O, PDAnnotationLink.HIGHLIGHT_MODE_OUTLINE);
            DefaultSymbols.put(T, PDNumberFormatDictionary.FRACTIONAL_DISPLAY_TRUNCATE);
            DefaultSymbols.put(OU, "OU");
            DefaultSymbols.put(CN, "CN");
            DefaultSymbols.put(L, "L");
            DefaultSymbols.put(ST, "ST");
            DefaultSymbols.put(SN, "SN");
            DefaultSymbols.put(EmailAddress, "E");
            DefaultSymbols.put(DC, "DC");
            DefaultSymbols.put(UID, "UID");
            DefaultSymbols.put(SURNAME, "SURNAME");
            DefaultSymbols.put(GIVENNAME, "GIVENNAME");
            DefaultSymbols.put(INITIALS, "INITIALS");
            DefaultSymbols.put(GENERATION, "GENERATION");
        }
    }

    /* loaded from: input_file:WEB-INF/lib/iText-5.0.1.jar:com/itextpdf/text/pdf/PdfPKCS7$X509NameTokenizer.class */
    public static class X509NameTokenizer {
        private String oid;
        private StringBuffer buf = new StringBuffer();
        private int index = -1;

        public X509NameTokenizer(String str) {
            this.oid = str;
        }

        public boolean hasMoreTokens() {
            return this.index != this.oid.length();
        }

        public String nextToken() {
            if (this.index == this.oid.length()) {
                return null;
            }
            int i = this.index + 1;
            boolean z = false;
            boolean z2 = false;
            this.buf.setLength(0);
            while (i != this.oid.length()) {
                char charAt = this.oid.charAt(i);
                if (charAt == '\"') {
                    if (z2) {
                        this.buf.append(charAt);
                    } else {
                        z = !z;
                    }
                    z2 = false;
                } else if (z2 || z) {
                    this.buf.append(charAt);
                    z2 = false;
                } else if (charAt == '\\') {
                    z2 = true;
                } else {
                    if (charAt == ',') {
                        break;
                    }
                    this.buf.append(charAt);
                }
                i++;
            }
            this.index = i;
            return this.buf.toString().trim();
        }
    }

    public static String getDigest(String str) {
        String str2 = digestNames.get(str);
        return str2 == null ? str : str2;
    }

    public static String getAlgorithm(String str) {
        String str2 = algorithmNames.get(str);
        return str2 == null ? str : str2;
    }

    public TimeStampToken getTimeStampToken() {
        return this.timeStampToken;
    }

    public Calendar getTimeStampDate() {
        if (this.timeStampToken == null) {
            return null;
        }
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        gregorianCalendar.setTime(this.timeStampToken.getTimeStampInfo().getGenTime());
        return gregorianCalendar;
    }

    public PdfPKCS7(byte[] bArr, byte[] bArr2, String str) {
        try {
            this.provider = str;
            X509CertParser x509CertParser = new X509CertParser();
            x509CertParser.engineInit(new ByteArrayInputStream(bArr2));
            this.certs = x509CertParser.engineReadAll();
            this.signCerts = this.certs;
            this.signCert = (X509Certificate) this.certs.iterator().next();
            this.crls = new ArrayList();
            this.digest = ((DEROctetString) new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject()).getOctets();
            if (str == null) {
                this.sig = Signature.getInstance("SHA1withRSA");
            } else {
                this.sig = Signature.getInstance("SHA1withRSA", str);
            }
            this.sig.initVerify(this.signCert.getPublicKey());
        } catch (Exception e) {
            throw new ExceptionConverter(e);
        }
    }

    public BasicOCSPResp getOcsp() {
        return this.basicResp;
    }

    private void findCRL(ASN1Sequence aSN1Sequence) throws IOException, CertificateException, CRLException {
        try {
            this.crls = new ArrayList();
            for (int i = 0; i < aSN1Sequence.size(); i++) {
                this.crls.add((X509CRL) CertificateFactory.getInstance("X.509").generateCRL(new ByteArrayInputStream(aSN1Sequence.getObjectAt(i).getDERObject().getDEREncoded())));
            }
        } catch (Exception e) {
        }
    }

    private void findOcsp(ASN1Sequence aSN1Sequence) throws IOException {
        boolean z;
        this.basicResp = null;
        do {
            if ((aSN1Sequence.getObjectAt(0) instanceof DERObjectIdentifier) && ((DERObjectIdentifier) aSN1Sequence.getObjectAt(0)).getId().equals(OCSPObjectIdentifiers.id_pkix_ocsp_basic.getId())) {
                this.basicResp = new BasicOCSPResp(BasicOCSPResponse.getInstance(new ASN1InputStream(((DEROctetString) aSN1Sequence.getObjectAt(1)).getOctets()).readObject()));
                return;
            }
            z = true;
            int i = 0;
            while (true) {
                if (i >= aSN1Sequence.size()) {
                    break;
                }
                if (aSN1Sequence.getObjectAt(i) instanceof ASN1Sequence) {
                    aSN1Sequence = (ASN1Sequence) aSN1Sequence.getObjectAt(0);
                    z = false;
                    break;
                } else if (aSN1Sequence.getObjectAt(i) instanceof ASN1TaggedObject) {
                    ASN1TaggedObject aSN1TaggedObject = (ASN1TaggedObject) aSN1Sequence.getObjectAt(i);
                    if (!(aSN1TaggedObject.getObject() instanceof ASN1Sequence)) {
                        return;
                    }
                    aSN1Sequence = (ASN1Sequence) aSN1TaggedObject.getObject();
                    z = false;
                } else {
                    i++;
                }
            }
        } while (!z);
    }

    public PdfPKCS7(byte[] bArr, String str) {
        Attribute attribute;
        try {
            this.provider = str;
            try {
                DERObject readObject = new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject();
                if (!(readObject instanceof ASN1Sequence)) {
                    throw new IllegalArgumentException(MessageLocalization.getComposedMessage("not.a.valid.pkcs.7.object.not.a.sequence"));
                }
                ASN1Sequence aSN1Sequence = (ASN1Sequence) readObject;
                if (!((DERObjectIdentifier) aSN1Sequence.getObjectAt(0)).getId().equals(ID_PKCS7_SIGNED_DATA)) {
                    throw new IllegalArgumentException(MessageLocalization.getComposedMessage("not.a.valid.pkcs.7.object.not.signed.data"));
                }
                ASN1Sequence aSN1Sequence2 = (ASN1Sequence) ((DERTaggedObject) aSN1Sequence.getObjectAt(1)).getObject();
                this.version = ((DERInteger) aSN1Sequence2.getObjectAt(0)).getValue().intValue();
                this.digestalgos = new HashSet();
                Enumeration objects = ((ASN1Set) aSN1Sequence2.getObjectAt(1)).getObjects();
                while (objects.hasMoreElements()) {
                    this.digestalgos.add(((DERObjectIdentifier) ((ASN1Sequence) objects.nextElement()).getObjectAt(0)).getId());
                }
                X509CertParser x509CertParser = new X509CertParser();
                x509CertParser.engineInit(new ByteArrayInputStream(bArr));
                this.certs = x509CertParser.engineReadAll();
                ASN1Sequence aSN1Sequence3 = (ASN1Sequence) aSN1Sequence2.getObjectAt(2);
                if (aSN1Sequence3.size() > 1) {
                    this.RSAdata = ((DEROctetString) ((DERTaggedObject) aSN1Sequence3.getObjectAt(1)).getObject()).getOctets();
                }
                int i = 3;
                while (aSN1Sequence2.getObjectAt(i) instanceof DERTaggedObject) {
                    i++;
                }
                ASN1Set aSN1Set = (ASN1Set) aSN1Sequence2.getObjectAt(i);
                if (aSN1Set.size() != 1) {
                    throw new IllegalArgumentException(MessageLocalization.getComposedMessage("this.pkcs.7.object.has.multiple.signerinfos.only.one.is.supported.at.this.time"));
                }
                ASN1Sequence aSN1Sequence4 = (ASN1Sequence) aSN1Set.getObjectAt(0);
                this.signerversion = ((DERInteger) aSN1Sequence4.getObjectAt(0)).getValue().intValue();
                ASN1Sequence aSN1Sequence5 = (ASN1Sequence) aSN1Sequence4.getObjectAt(1);
                X509Principal x509Principal = new X509Principal(aSN1Sequence5.getObjectAt(0).getDERObject().getEncoded());
                BigInteger value = ((DERInteger) aSN1Sequence5.getObjectAt(1)).getValue();
                Iterator<Certificate> it = this.certs.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    X509Certificate x509Certificate = (X509Certificate) it.next();
                    if (x509Principal.equals(x509Certificate.getIssuerDN()) && value.equals(x509Certificate.getSerialNumber())) {
                        this.signCert = x509Certificate;
                        break;
                    }
                }
                if (this.signCert == null) {
                    throw new IllegalArgumentException(MessageLocalization.getComposedMessage("can.t.find.signing.certificate.with.serial.1", x509Principal.getName() + " / " + value.toString(16)));
                }
                signCertificateChain();
                this.digestAlgorithm = ((DERObjectIdentifier) ((ASN1Sequence) aSN1Sequence4.getObjectAt(2)).getObjectAt(0)).getId();
                int i2 = 3;
                if (aSN1Sequence4.getObjectAt(3) instanceof ASN1TaggedObject) {
                    ASN1Set aSN1Set2 = ASN1Set.getInstance((ASN1TaggedObject) aSN1Sequence4.getObjectAt(3), false);
                    this.sigAttr = aSN1Set2.getEncoded("DER");
                    for (int i3 = 0; i3 < aSN1Set2.size(); i3++) {
                        ASN1Sequence aSN1Sequence6 = (ASN1Sequence) aSN1Set2.getObjectAt(i3);
                        if (((DERObjectIdentifier) aSN1Sequence6.getObjectAt(0)).getId().equals(ID_MESSAGE_DIGEST)) {
                            this.digestAttr = ((DEROctetString) ((ASN1Set) aSN1Sequence6.getObjectAt(1)).getObjectAt(0)).getOctets();
                        } else if (((DERObjectIdentifier) aSN1Sequence6.getObjectAt(0)).getId().equals(ID_ADBE_REVOCATION)) {
                            ASN1Sequence aSN1Sequence7 = (ASN1Sequence) ((ASN1Set) aSN1Sequence6.getObjectAt(1)).getObjectAt(0);
                            for (int i4 = 0; i4 < aSN1Sequence7.size(); i4++) {
                                ASN1TaggedObject aSN1TaggedObject = (ASN1TaggedObject) aSN1Sequence7.getObjectAt(i4);
                                if (aSN1TaggedObject.getTagNo() == 0) {
                                    findCRL((ASN1Sequence) aSN1TaggedObject.getObject());
                                }
                                if (aSN1TaggedObject.getTagNo() == 1) {
                                    findOcsp((ASN1Sequence) aSN1TaggedObject.getObject());
                                }
                            }
                        }
                    }
                    if (this.digestAttr == null) {
                        throw new IllegalArgumentException(MessageLocalization.getComposedMessage("authenticated.attribute.is.missing.the.digest"));
                    }
                    i2 = 3 + 1;
                }
                int i5 = i2;
                int i6 = i2 + 1;
                this.digestEncryptionAlgorithm = ((DERObjectIdentifier) ((ASN1Sequence) aSN1Sequence4.getObjectAt(i5)).getObjectAt(0)).getId();
                int i7 = i6 + 1;
                this.digest = ((DEROctetString) aSN1Sequence4.getObjectAt(i6)).getOctets();
                if (i7 < aSN1Sequence4.size() && (aSN1Sequence4.getObjectAt(i7) instanceof DERTaggedObject) && (attribute = new AttributeTable(ASN1Set.getInstance((DERTaggedObject) aSN1Sequence4.getObjectAt(i7), false)).get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken)) != null && attribute.getAttrValues().size() > 0) {
                    this.timeStampToken = new TimeStampToken(new ContentInfo(ASN1Sequence.getInstance(attribute.getAttrValues().getObjectAt(0))));
                }
                if (this.RSAdata != null || this.digestAttr != null) {
                    if (str == null || str.startsWith("SunPKCS11")) {
                        this.messageDigest = MessageDigest.getInstance(getHashAlgorithm());
                    } else {
                        this.messageDigest = MessageDigest.getInstance(getHashAlgorithm(), str);
                    }
                }
                if (str == null) {
                    this.sig = Signature.getInstance(getDigestAlgorithm());
                } else {
                    this.sig = Signature.getInstance(getDigestAlgorithm(), str);
                }
                this.sig.initVerify(this.signCert.getPublicKey());
            } catch (IOException e) {
                throw new IllegalArgumentException(MessageLocalization.getComposedMessage("can.t.decode.pkcs7signeddata.object"));
            }
        } catch (Exception e2) {
            throw new ExceptionConverter(e2);
        }
    }

    public PdfPKCS7(PrivateKey privateKey, Certificate[] certificateArr, CRL[] crlArr, String str, String str2, boolean z) throws InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException {
        this.privKey = privateKey;
        this.provider = str2;
        this.digestAlgorithm = allowedDigests.get(str.toUpperCase());
        if (this.digestAlgorithm == null) {
            throw new NoSuchAlgorithmException(MessageLocalization.getComposedMessage("unknown.hash.algorithm.1", str));
        }
        this.signerversion = 1;
        this.version = 1;
        this.certs = new ArrayList();
        this.crls = new ArrayList();
        this.digestalgos = new HashSet();
        this.digestalgos.add(this.digestAlgorithm);
        this.signCert = (X509Certificate) certificateArr[0];
        for (Certificate certificate : certificateArr) {
            this.certs.add(certificate);
        }
        if (crlArr != null) {
            for (CRL crl : crlArr) {
                this.crls.add(crl);
            }
        }
        if (privateKey != null) {
            this.digestEncryptionAlgorithm = privateKey.getAlgorithm();
            if (this.digestEncryptionAlgorithm.equals(SecurityUtils.DEFAULT_ASYM_ALGORITHM)) {
                this.digestEncryptionAlgorithm = "1.2.840.113549.1.1.1";
            } else {
                if (!this.digestEncryptionAlgorithm.equals("DSA")) {
                    throw new NoSuchAlgorithmException(MessageLocalization.getComposedMessage("unknown.key.algorithm.1", this.digestEncryptionAlgorithm));
                }
                this.digestEncryptionAlgorithm = "1.2.840.10040.4.1";
            }
        }
        if (z) {
            this.RSAdata = new byte[0];
            if (str2 == null || str2.startsWith("SunPKCS11")) {
                this.messageDigest = MessageDigest.getInstance(getHashAlgorithm());
            } else {
                this.messageDigest = MessageDigest.getInstance(getHashAlgorithm(), str2);
            }
        }
        if (privateKey != null) {
            if (str2 == null) {
                this.sig = Signature.getInstance(getDigestAlgorithm());
            } else {
                this.sig = Signature.getInstance(getDigestAlgorithm(), str2);
            }
            this.sig.initSign(privateKey);
        }
    }

    public void update(byte[] bArr, int i, int i2) throws SignatureException {
        if (this.RSAdata == null && this.digestAttr == null) {
            this.sig.update(bArr, i, i2);
        } else {
            this.messageDigest.update(bArr, i, i2);
        }
    }

    public boolean verify() throws SignatureException {
        if (this.verified) {
            return this.verifyResult;
        }
        if (this.sigAttr != null) {
            this.sig.update(this.sigAttr);
            if (this.RSAdata != null) {
                this.messageDigest.update(this.messageDigest.digest());
            }
            this.verifyResult = Arrays.equals(this.messageDigest.digest(), this.digestAttr) && this.sig.verify(this.digest);
        } else {
            if (this.RSAdata != null) {
                this.sig.update(this.messageDigest.digest());
            }
            this.verifyResult = this.sig.verify(this.digest);
        }
        this.verified = true;
        return this.verifyResult;
    }

    public boolean verifyTimestampImprint() throws NoSuchAlgorithmException {
        if (this.timeStampToken == null) {
            return false;
        }
        return Arrays.equals(MessageDigest.getInstance("SHA-1").digest(this.digest), this.timeStampToken.getTimeStampInfo().toTSTInfo().getMessageImprint().getHashedMessage());
    }

    public Certificate[] getCertificates() {
        return (Certificate[]) this.certs.toArray(new X509Certificate[this.certs.size()]);
    }

    public Certificate[] getSignCertificateChain() {
        return (Certificate[]) this.signCerts.toArray(new X509Certificate[this.signCerts.size()]);
    }

    private void signCertificateChain() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.signCert);
        ArrayList arrayList2 = new ArrayList(this.certs);
        int i = 0;
        while (i < arrayList2.size()) {
            if (this.signCert.equals(arrayList2.get(i))) {
                arrayList2.remove(i);
                i--;
            }
            i++;
        }
        boolean z = true;
        while (z) {
            X509Certificate x509Certificate = (X509Certificate) arrayList.get(arrayList.size() - 1);
            z = false;
            int i2 = 0;
            while (true) {
                if (i2 < arrayList2.size()) {
                    try {
                        if (this.provider == null) {
                            x509Certificate.verify(((X509Certificate) arrayList2.get(i2)).getPublicKey());
                        } else {
                            x509Certificate.verify(((X509Certificate) arrayList2.get(i2)).getPublicKey(), this.provider);
                        }
                        z = true;
                        arrayList.add(arrayList2.get(i2));
                        arrayList2.remove(i2);
                    } catch (Exception e) {
                        i2++;
                    }
                }
            }
        }
        this.signCerts = arrayList;
    }

    public Collection<CRL> getCRLs() {
        return this.crls;
    }

    public X509Certificate getSigningCertificate() {
        return this.signCert;
    }

    public int getVersion() {
        return this.version;
    }

    public int getSigningInfoVersion() {
        return this.signerversion;
    }

    public String getDigestAlgorithm() {
        String algorithm = getAlgorithm(this.digestEncryptionAlgorithm);
        if (algorithm == null) {
            algorithm = this.digestEncryptionAlgorithm;
        }
        return getHashAlgorithm() + "with" + algorithm;
    }

    public String getHashAlgorithm() {
        return getDigest(this.digestAlgorithm);
    }

    public static KeyStore loadCacertsKeyStore() {
        return loadCacertsKeyStore(null);
    }

    public static KeyStore loadCacertsKeyStore(String str) {
        FileInputStream fileInputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(new File(new File(new File(System.getProperty("java.home"), Launcher.ANT_PRIVATELIB), "security"), "cacerts"));
                KeyStore keyStore = str == null ? KeyStore.getInstance("JKS") : KeyStore.getInstance("JKS", str);
                keyStore.load(fileInputStream, null);
                KeyStore keyStore2 = keyStore;
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (Exception e) {
                    }
                }
                return keyStore2;
            } catch (Exception e2) {
                throw new ExceptionConverter(e2);
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Exception e3) {
                    throw th;
                }
            }
            throw th;
        }
    }

    public static String verifyCertificate(X509Certificate x509Certificate, Collection<CRL> collection, Calendar calendar) {
        if (calendar == null) {
            calendar = new GregorianCalendar();
        }
        if (x509Certificate.hasUnsupportedCriticalExtension()) {
            return "Has unsupported critical extension";
        }
        try {
            x509Certificate.checkValidity(calendar.getTime());
            if (collection == null) {
                return null;
            }
            Iterator<CRL> it = collection.iterator();
            while (it.hasNext()) {
                if (it.next().isRevoked(x509Certificate)) {
                    return "Certificate revoked";
                }
            }
            return null;
        } catch (Exception e) {
            return e.getMessage();
        }
    }

    public static Object[] verifyCertificates(Certificate[] certificateArr, KeyStore keyStore, Collection<CRL> collection, Calendar calendar) {
        if (calendar == null) {
            calendar = new GregorianCalendar();
        }
        for (int i = 0; i < certificateArr.length; i++) {
            X509Certificate x509Certificate = (X509Certificate) certificateArr[i];
            String verifyCertificate = verifyCertificate(x509Certificate, collection, calendar);
            if (verifyCertificate != null) {
                return new Object[]{x509Certificate, verifyCertificate};
            }
            try {
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    try {
                        String nextElement = aliases.nextElement();
                        if (keyStore.isCertificateEntry(nextElement)) {
                            X509Certificate x509Certificate2 = (X509Certificate) keyStore.getCertificate(nextElement);
                            if (verifyCertificate(x509Certificate2, collection, calendar) == null) {
                                try {
                                    x509Certificate.verify(x509Certificate2.getPublicKey());
                                    return null;
                                } catch (Exception e) {
                                }
                            }
                        }
                    } catch (Exception e2) {
                    }
                }
            } catch (Exception e3) {
            }
            int i2 = 0;
            while (i2 < certificateArr.length) {
                if (i2 != i) {
                    try {
                        x509Certificate.verify(((X509Certificate) certificateArr[i2]).getPublicKey());
                        break;
                    } catch (Exception e4) {
                    }
                }
                i2++;
            }
            if (i2 == certificateArr.length) {
                return new Object[]{x509Certificate, "Cannot be verified against the KeyStore or the certificate chain"};
            }
        }
        return new Object[]{null, "Invalid state. Possible circular certificate chain"};
    }

    public static boolean verifyOcspCertificates(BasicOCSPResp basicOCSPResp, KeyStore keyStore, String str) {
        if (str == null) {
            str = "BC";
        }
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                try {
                    String nextElement = aliases.nextElement();
                    if (keyStore.isCertificateEntry(nextElement) && basicOCSPResp.verify(((X509Certificate) keyStore.getCertificate(nextElement)).getPublicKey(), str)) {
                        return true;
                    }
                } catch (Exception e) {
                }
            }
            return false;
        } catch (Exception e2) {
            return false;
        }
    }

    public static boolean verifyTimestampCertificates(TimeStampToken timeStampToken, KeyStore keyStore, String str) {
        String nextElement;
        if (str == null) {
            str = "BC";
        }
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                try {
                    nextElement = aliases.nextElement();
                } catch (Exception e) {
                }
                if (keyStore.isCertificateEntry(nextElement)) {
                    timeStampToken.validate((X509Certificate) keyStore.getCertificate(nextElement), str);
                    return true;
                }
            }
            return false;
        } catch (Exception e2) {
            return false;
        }
    }

    public static String getOCSPURL(X509Certificate x509Certificate) throws CertificateParsingException {
        try {
            DERObject extensionValue = getExtensionValue(x509Certificate, X509Extensions.AuthorityInfoAccess.getId());
            if (extensionValue == null) {
                return null;
            }
            ASN1Sequence aSN1Sequence = (ASN1Sequence) extensionValue;
            for (int i = 0; i < aSN1Sequence.size(); i++) {
                ASN1Sequence aSN1Sequence2 = (ASN1Sequence) aSN1Sequence.getObjectAt(i);
                if (aSN1Sequence2.size() == 2 && (aSN1Sequence2.getObjectAt(0) instanceof DERObjectIdentifier) && ((DERObjectIdentifier) aSN1Sequence2.getObjectAt(0)).getId().equals(OCSPObjectIdentifiers.pkix_ocsp)) {
                    String stringFromGeneralName = getStringFromGeneralName((DERObject) aSN1Sequence2.getObjectAt(1));
                    return stringFromGeneralName == null ? "" : stringFromGeneralName;
                }
            }
            return null;
        } catch (Exception e) {
            return null;
        }
    }

    public boolean isRevocationValid() {
        if (this.basicResp == null || this.signCerts.size() < 2) {
            return false;
        }
        try {
            X509Certificate[] x509CertificateArr = (X509Certificate[]) getSignCertificateChain();
            return new CertificateID(CertificateID.HASH_SHA1, x509CertificateArr[1], getSigningCertificate().getSerialNumber()).equals(this.basicResp.getResponses()[0].getCertID());
        } catch (Exception e) {
            return false;
        }
    }

    private static DERObject getExtensionValue(X509Certificate x509Certificate, String str) throws IOException {
        byte[] extensionValue = x509Certificate.getExtensionValue(str);
        if (extensionValue == null) {
            return null;
        }
        return new ASN1InputStream(new ByteArrayInputStream(((ASN1OctetString) new ASN1InputStream(new ByteArrayInputStream(extensionValue)).readObject()).getOctets())).readObject();
    }

    private static String getStringFromGeneralName(DERObject dERObject) throws IOException {
        return new String(ASN1OctetString.getInstance((DERTaggedObject) dERObject, false).getOctets(), "ISO-8859-1");
    }

    private static DERObject getIssuer(byte[] bArr) {
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject();
            return (DERObject) aSN1Sequence.getObjectAt(aSN1Sequence.getObjectAt(0) instanceof DERTaggedObject ? 3 : 2);
        } catch (IOException e) {
            throw new ExceptionConverter(e);
        }
    }

    private static DERObject getSubject(byte[] bArr) {
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject();
            return (DERObject) aSN1Sequence.getObjectAt(aSN1Sequence.getObjectAt(0) instanceof DERTaggedObject ? 5 : 4);
        } catch (IOException e) {
            throw new ExceptionConverter(e);
        }
    }

    public static X509Name getIssuerFields(X509Certificate x509Certificate) {
        try {
            return new X509Name((ASN1Sequence) getIssuer(x509Certificate.getTBSCertificate()));
        } catch (Exception e) {
            throw new ExceptionConverter(e);
        }
    }

    public static X509Name getSubjectFields(X509Certificate x509Certificate) {
        try {
            return new X509Name((ASN1Sequence) getSubject(x509Certificate.getTBSCertificate()));
        } catch (Exception e) {
            throw new ExceptionConverter(e);
        }
    }

    public byte[] getEncodedPKCS1() {
        try {
            if (this.externalDigest != null) {
                this.digest = this.externalDigest;
            } else {
                this.digest = this.sig.sign();
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ASN1OutputStream aSN1OutputStream = new ASN1OutputStream(byteArrayOutputStream);
            aSN1OutputStream.writeObject(new DEROctetString(this.digest));
            aSN1OutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            throw new ExceptionConverter(e);
        }
    }

    public void setExternalDigest(byte[] bArr, byte[] bArr2, String str) {
        this.externalDigest = bArr;
        this.externalRSAdata = bArr2;
        if (str != null) {
            if (str.equals(SecurityUtils.DEFAULT_ASYM_ALGORITHM)) {
                this.digestEncryptionAlgorithm = "1.2.840.113549.1.1.1";
            } else {
                if (!str.equals("DSA")) {
                    throw new ExceptionConverter(new NoSuchAlgorithmException(MessageLocalization.getComposedMessage("unknown.key.algorithm.1", str)));
                }
                this.digestEncryptionAlgorithm = "1.2.840.10040.4.1";
            }
        }
    }

    public byte[] getEncodedPKCS7() {
        return getEncodedPKCS7(null, null, null, null);
    }

    public byte[] getEncodedPKCS7(byte[] bArr, Calendar calendar) {
        return getEncodedPKCS7(bArr, calendar, null, null);
    }

    public byte[] getEncodedPKCS7(byte[] bArr, Calendar calendar, TSAClient tSAClient, byte[] bArr2) {
        byte[] timeStampToken;
        ASN1EncodableVector buildUnauthenticatedAttributes;
        try {
            if (this.externalDigest != null) {
                this.digest = this.externalDigest;
                if (this.RSAdata != null) {
                    this.RSAdata = this.externalRSAdata;
                }
            } else if (this.externalRSAdata == null || this.RSAdata == null) {
                if (this.RSAdata != null) {
                    this.RSAdata = this.messageDigest.digest();
                    this.sig.update(this.RSAdata);
                }
                this.digest = this.sig.sign();
            } else {
                this.RSAdata = this.externalRSAdata;
                this.sig.update(this.RSAdata);
                this.digest = this.sig.sign();
            }
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            for (String str : this.digestalgos) {
                ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
                aSN1EncodableVector2.add(new DERObjectIdentifier(str));
                aSN1EncodableVector2.add(DERNull.INSTANCE);
                aSN1EncodableVector.add(new DERSequence(aSN1EncodableVector2));
            }
            ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
            aSN1EncodableVector3.add(new DERObjectIdentifier(ID_PKCS7_DATA));
            if (this.RSAdata != null) {
                aSN1EncodableVector3.add(new DERTaggedObject(0, new DEROctetString(this.RSAdata)));
            }
            DERSequence dERSequence = new DERSequence(aSN1EncodableVector3);
            ASN1EncodableVector aSN1EncodableVector4 = new ASN1EncodableVector();
            Iterator<Certificate> it = this.certs.iterator();
            while (it.hasNext()) {
                aSN1EncodableVector4.add(new ASN1InputStream(new ByteArrayInputStream(((X509Certificate) it.next()).getEncoded())).readObject());
            }
            DERSet dERSet = new DERSet(aSN1EncodableVector4);
            ASN1EncodableVector aSN1EncodableVector5 = new ASN1EncodableVector();
            aSN1EncodableVector5.add(new DERInteger(this.signerversion));
            ASN1EncodableVector aSN1EncodableVector6 = new ASN1EncodableVector();
            aSN1EncodableVector6.add(getIssuer(this.signCert.getTBSCertificate()));
            aSN1EncodableVector6.add(new DERInteger(this.signCert.getSerialNumber()));
            aSN1EncodableVector5.add(new DERSequence(aSN1EncodableVector6));
            ASN1EncodableVector aSN1EncodableVector7 = new ASN1EncodableVector();
            aSN1EncodableVector7.add(new DERObjectIdentifier(this.digestAlgorithm));
            aSN1EncodableVector7.add(new DERNull());
            aSN1EncodableVector5.add(new DERSequence(aSN1EncodableVector7));
            if (bArr != null && calendar != null) {
                aSN1EncodableVector5.add(new DERTaggedObject(false, 0, getAuthenticatedAttributeSet(bArr, calendar, bArr2)));
            }
            ASN1EncodableVector aSN1EncodableVector8 = new ASN1EncodableVector();
            aSN1EncodableVector8.add(new DERObjectIdentifier(this.digestEncryptionAlgorithm));
            aSN1EncodableVector8.add(new DERNull());
            aSN1EncodableVector5.add(new DERSequence(aSN1EncodableVector8));
            aSN1EncodableVector5.add(new DEROctetString(this.digest));
            if (tSAClient != null && (timeStampToken = tSAClient.getTimeStampToken(this, MessageDigest.getInstance("SHA-1").digest(this.digest))) != null && (buildUnauthenticatedAttributes = buildUnauthenticatedAttributes(timeStampToken)) != null) {
                aSN1EncodableVector5.add(new DERTaggedObject(false, 1, new DERSet(buildUnauthenticatedAttributes)));
            }
            ASN1EncodableVector aSN1EncodableVector9 = new ASN1EncodableVector();
            aSN1EncodableVector9.add(new DERInteger(this.version));
            aSN1EncodableVector9.add(new DERSet(aSN1EncodableVector));
            aSN1EncodableVector9.add(dERSequence);
            aSN1EncodableVector9.add(new DERTaggedObject(false, 0, dERSet));
            aSN1EncodableVector9.add(new DERSet(new DERSequence(aSN1EncodableVector5)));
            ASN1EncodableVector aSN1EncodableVector10 = new ASN1EncodableVector();
            aSN1EncodableVector10.add(new DERObjectIdentifier(ID_PKCS7_SIGNED_DATA));
            aSN1EncodableVector10.add(new DERTaggedObject(0, new DERSequence(aSN1EncodableVector9)));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ASN1OutputStream aSN1OutputStream = new ASN1OutputStream(byteArrayOutputStream);
            aSN1OutputStream.writeObject(new DERSequence(aSN1EncodableVector10));
            aSN1OutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            throw new ExceptionConverter(e);
        }
    }

    private ASN1EncodableVector buildUnauthenticatedAttributes(byte[] bArr) throws IOException {
        if (bArr == null) {
            return null;
        }
        ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(bArr));
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        aSN1EncodableVector2.add(new DERObjectIdentifier("1.2.840.113549.1.9.16.2.14"));
        aSN1EncodableVector2.add(new DERSet((ASN1Sequence) aSN1InputStream.readObject()));
        aSN1EncodableVector.add(new DERSequence(aSN1EncodableVector2));
        return aSN1EncodableVector;
    }

    public byte[] getAuthenticatedAttributeBytes(byte[] bArr, Calendar calendar, byte[] bArr2) {
        try {
            return getAuthenticatedAttributeSet(bArr, calendar, bArr2).getEncoded("DER");
        } catch (Exception e) {
            throw new ExceptionConverter(e);
        }
    }

    private DERSet getAuthenticatedAttributeSet(byte[] bArr, Calendar calendar, byte[] bArr2) {
        try {
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            aSN1EncodableVector2.add(new DERObjectIdentifier(ID_CONTENT_TYPE));
            aSN1EncodableVector2.add(new DERSet(new DERObjectIdentifier(ID_PKCS7_DATA)));
            aSN1EncodableVector.add(new DERSequence(aSN1EncodableVector2));
            ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
            aSN1EncodableVector3.add(new DERObjectIdentifier(ID_SIGNING_TIME));
            aSN1EncodableVector3.add(new DERSet(new DERUTCTime(calendar.getTime())));
            aSN1EncodableVector.add(new DERSequence(aSN1EncodableVector3));
            ASN1EncodableVector aSN1EncodableVector4 = new ASN1EncodableVector();
            aSN1EncodableVector4.add(new DERObjectIdentifier(ID_MESSAGE_DIGEST));
            aSN1EncodableVector4.add(new DERSet(new DEROctetString(bArr)));
            aSN1EncodableVector.add(new DERSequence(aSN1EncodableVector4));
            if (bArr2 != null || !this.crls.isEmpty()) {
                ASN1EncodableVector aSN1EncodableVector5 = new ASN1EncodableVector();
                aSN1EncodableVector5.add(new DERObjectIdentifier(ID_ADBE_REVOCATION));
                ASN1EncodableVector aSN1EncodableVector6 = new ASN1EncodableVector();
                if (!this.crls.isEmpty()) {
                    ASN1EncodableVector aSN1EncodableVector7 = new ASN1EncodableVector();
                    Iterator<CRL> it = this.crls.iterator();
                    while (it.hasNext()) {
                        aSN1EncodableVector7.add(new ASN1InputStream(new ByteArrayInputStream(((X509CRL) it.next()).getEncoded())).readObject());
                    }
                    aSN1EncodableVector6.add(new DERTaggedObject(true, 0, new DERSequence(aSN1EncodableVector7)));
                }
                if (bArr2 != null) {
                    DEROctetString dEROctetString = new DEROctetString(bArr2);
                    ASN1EncodableVector aSN1EncodableVector8 = new ASN1EncodableVector();
                    ASN1EncodableVector aSN1EncodableVector9 = new ASN1EncodableVector();
                    aSN1EncodableVector9.add(OCSPObjectIdentifiers.id_pkix_ocsp_basic);
                    aSN1EncodableVector9.add(dEROctetString);
                    DEREnumerated dEREnumerated = new DEREnumerated(0);
                    ASN1EncodableVector aSN1EncodableVector10 = new ASN1EncodableVector();
                    aSN1EncodableVector10.add(dEREnumerated);
                    aSN1EncodableVector10.add(new DERTaggedObject(true, 0, new DERSequence(aSN1EncodableVector9)));
                    aSN1EncodableVector8.add(new DERSequence(aSN1EncodableVector10));
                    aSN1EncodableVector6.add(new DERTaggedObject(true, 1, new DERSequence(aSN1EncodableVector8)));
                }
                aSN1EncodableVector5.add(new DERSet(new DERSequence(aSN1EncodableVector6)));
                aSN1EncodableVector.add(new DERSequence(aSN1EncodableVector5));
            }
            return new DERSet(aSN1EncodableVector);
        } catch (Exception e) {
            throw new ExceptionConverter(e);
        }
    }

    public String getReason() {
        return this.reason;
    }

    public void setReason(String str) {
        this.reason = str;
    }

    public String getLocation() {
        return this.location;
    }

    public void setLocation(String str) {
        this.location = str;
    }

    public Calendar getSignDate() {
        return this.signDate;
    }

    public void setSignDate(Calendar calendar) {
        this.signDate = calendar;
    }

    public String getSignName() {
        return this.signName;
    }

    public void setSignName(String str) {
        this.signName = str;
    }

    static {
        digestNames.put("1.2.840.113549.2.5", "MD5");
        digestNames.put("1.2.840.113549.2.2", "MD2");
        digestNames.put(CertificateID.HASH_SHA1, BuiltInGenericObjectDigester.HASH_ALGORITHM_SHA1);
        digestNames.put("2.16.840.1.101.3.4.2.4", "SHA224");
        digestNames.put("2.16.840.1.101.3.4.2.1", "SHA256");
        digestNames.put("2.16.840.1.101.3.4.2.2", "SHA384");
        digestNames.put("2.16.840.1.101.3.4.2.3", "SHA512");
        digestNames.put("1.3.36.3.2.2", "RIPEMD128");
        digestNames.put("1.3.36.3.2.1", "RIPEMD160");
        digestNames.put("1.3.36.3.2.3", "RIPEMD256");
        digestNames.put("1.2.840.113549.1.1.4", "MD5");
        digestNames.put("1.2.840.113549.1.1.2", "MD2");
        digestNames.put("1.2.840.113549.1.1.5", BuiltInGenericObjectDigester.HASH_ALGORITHM_SHA1);
        digestNames.put("1.2.840.113549.1.1.14", "SHA224");
        digestNames.put("1.2.840.113549.1.1.11", "SHA256");
        digestNames.put("1.2.840.113549.1.1.12", "SHA384");
        digestNames.put("1.2.840.113549.1.1.13", "SHA512");
        digestNames.put("1.2.840.113549.2.5", "MD5");
        digestNames.put("1.2.840.113549.2.2", "MD2");
        digestNames.put("1.2.840.10040.4.3", BuiltInGenericObjectDigester.HASH_ALGORITHM_SHA1);
        digestNames.put("2.16.840.1.101.3.4.3.1", "SHA224");
        digestNames.put("2.16.840.1.101.3.4.3.2", "SHA256");
        digestNames.put("2.16.840.1.101.3.4.3.3", "SHA384");
        digestNames.put("2.16.840.1.101.3.4.3.4", "SHA512");
        digestNames.put("1.3.36.3.3.1.3", "RIPEMD128");
        digestNames.put("1.3.36.3.3.1.2", "RIPEMD160");
        digestNames.put("1.3.36.3.3.1.4", "RIPEMD256");
        algorithmNames.put("1.2.840.113549.1.1.1", SecurityUtils.DEFAULT_ASYM_ALGORITHM);
        algorithmNames.put("1.2.840.10040.4.1", "DSA");
        algorithmNames.put("1.2.840.113549.1.1.2", SecurityUtils.DEFAULT_ASYM_ALGORITHM);
        algorithmNames.put("1.2.840.113549.1.1.4", SecurityUtils.DEFAULT_ASYM_ALGORITHM);
        algorithmNames.put("1.2.840.113549.1.1.5", SecurityUtils.DEFAULT_ASYM_ALGORITHM);
        algorithmNames.put("1.2.840.113549.1.1.14", SecurityUtils.DEFAULT_ASYM_ALGORITHM);
        algorithmNames.put("1.2.840.113549.1.1.11", SecurityUtils.DEFAULT_ASYM_ALGORITHM);
        algorithmNames.put("1.2.840.113549.1.1.12", SecurityUtils.DEFAULT_ASYM_ALGORITHM);
        algorithmNames.put("1.2.840.113549.1.1.13", SecurityUtils.DEFAULT_ASYM_ALGORITHM);
        algorithmNames.put("1.2.840.10040.4.3", "DSA");
        algorithmNames.put("2.16.840.1.101.3.4.3.1", "DSA");
        algorithmNames.put("2.16.840.1.101.3.4.3.2", "DSA");
        algorithmNames.put("1.3.36.3.3.1.3", SecurityUtils.DEFAULT_ASYM_ALGORITHM);
        algorithmNames.put("1.3.36.3.3.1.2", SecurityUtils.DEFAULT_ASYM_ALGORITHM);
        algorithmNames.put("1.3.36.3.3.1.4", SecurityUtils.DEFAULT_ASYM_ALGORITHM);
        allowedDigests.put("MD5", "1.2.840.113549.2.5");
        allowedDigests.put("MD2", "1.2.840.113549.2.2");
        allowedDigests.put(BuiltInGenericObjectDigester.HASH_ALGORITHM_SHA1, CertificateID.HASH_SHA1);
        allowedDigests.put("SHA224", "2.16.840.1.101.3.4.2.4");
        allowedDigests.put("SHA256", "2.16.840.1.101.3.4.2.1");
        allowedDigests.put("SHA384", "2.16.840.1.101.3.4.2.2");
        allowedDigests.put("SHA512", "2.16.840.1.101.3.4.2.3");
        allowedDigests.put("MD-5", "1.2.840.113549.2.5");
        allowedDigests.put("MD-2", "1.2.840.113549.2.2");
        allowedDigests.put("SHA-1", CertificateID.HASH_SHA1);
        allowedDigests.put("SHA-224", "2.16.840.1.101.3.4.2.4");
        allowedDigests.put("SHA-256", "2.16.840.1.101.3.4.2.1");
        allowedDigests.put("SHA-384", "2.16.840.1.101.3.4.2.2");
        allowedDigests.put("SHA-512", "2.16.840.1.101.3.4.2.3");
        allowedDigests.put("RIPEMD128", "1.3.36.3.2.2");
        allowedDigests.put("RIPEMD-128", "1.3.36.3.2.2");
        allowedDigests.put("RIPEMD160", "1.3.36.3.2.1");
        allowedDigests.put("RIPEMD-160", "1.3.36.3.2.1");
        allowedDigests.put("RIPEMD256", "1.3.36.3.2.3");
        allowedDigests.put("RIPEMD-256", "1.3.36.3.2.3");
    }
}
