Information

13
Story Points

Technologies

Decompiled Java File
package com.lowagie.text.pdf;

import com.lowagie.text.ExceptionConverter;
import com.lowagie.text.pdf.TSAClient;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CRL;
import java.security.cert.Certificate;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1OutputStream;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DEREnumerated;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERString;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.DERUTCTime;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.ocsp.BasicOCSPResponse;
import org.bouncycastle.asn1.ocsp.OCSPObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.tsp.MessageImprint;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.jce.provider.X509CRLParser;
import org.bouncycastle.jce.provider.X509CertParser;
import org.bouncycastle.ocsp.BasicOCSPResp;
import org.bouncycastle.ocsp.CertificateID;
import org.bouncycastle.ocsp.SingleResp;
import org.bouncycastle.tsp.TimeStampToken;

public class PdfPKCS7 {
   private byte[] sigAttr;
   private byte[] digestAttr;
   private int version;
   private int signerversion;
   private Set digestalgos;
   private Collection certs;
   private Collection crls;
   private Collection signCerts;
   private X509Certificate signCert;
   private byte[] digest;
   private MessageDigest messageDigest;
   private String digestAlgorithm;
   private String digestEncryptionAlgorithm;
   private Signature sig;
   private transient PrivateKey privKey;
   private byte[] RSAdata;
   private boolean verified;
   private boolean verifyResult;
   private byte[] externalDigest;
   private byte[] externalRSAdata;
   private String provider;
   private static final String ID_PKCS7_DATA = "1.2.840.113549.1.7.1";
   private static final String ID_PKCS7_SIGNED_DATA = "1.2.840.113549.1.7.2";
   private static final String ID_RSA = "1.2.840.113549.1.1.1";
   private static final String ID_DSA = "1.2.840.10040.4.1";
   private static final String ID_CONTENT_TYPE = "1.2.840.113549.1.9.3";
   private static final String ID_MESSAGE_DIGEST = "1.2.840.113549.1.9.4";
   private static final String ID_SIGNING_TIME = "1.2.840.113549.1.9.5";
   private static final String ID_ADBE_REVOCATION = "1.2.840.113583.1.1.8";
   private String reason;
   private String location;
   private Calendar signDate;
   private String signName;
   private TimeStampToken timeStampToken;
   private static final HashMap digestNames = new HashMap();
   private static final HashMap algorithmNames = new HashMap();
   private static final HashMap allowedDigests = new HashMap();
   private BasicOCSPResp basicResp;

   public static String getDigest(String var0) {
      String var1 = (String)digestNames.get(var0);
      return var1 == null?var0:var1;
   }

   public static String getAlgorithm(String var0) {
      String var1 = (String)algorithmNames.get(var0);
      return var1 == null?var0:var1;
   }

   public TimeStampToken getTimeStampToken() {
      return this.timeStampToken;
   }

   public Calendar getTimeStampDate() {
      if(this.timeStampToken == null) {
         return null;
      } else {
         GregorianCalendar var1 = new GregorianCalendar();
         Date var2 = this.timeStampToken.getTimeStampInfo().getGenTime();
         var1.setTime(var2);
         return var1;
      }
   }

   public PdfPKCS7(byte[] var1, byte[] var2, String var3) {
      try {
         this.provider = var3;
         X509CertParser var4 = new X509CertParser();
         var4.engineInit(new ByteArrayInputStream(var2));
         this.certs = var4.engineReadAll();
         this.signCerts = this.certs;
         this.signCert = (X509Certificate)this.certs.iterator().next();
         this.crls = new ArrayList();
         ASN1InputStream var5 = new ASN1InputStream(new ByteArrayInputStream(var1));
         this.digest = ((DEROctetString)var5.readObject()).getOctets();
         if(var3 == null) {
            this.sig = Signature.getInstance("SHA1withRSA");
         } else {
            this.sig = Signature.getInstance("SHA1withRSA", var3);
         }

         this.sig.initVerify(this.signCert.getPublicKey());
      } catch (Exception var6) {
         throw new ExceptionConverter(var6);
      }
   }

   public BasicOCSPResp getOcsp() {
      return this.basicResp;
   }

   private void findOcsp(ASN1Sequence var1) throws IOException {
      this.basicResp = null;
      boolean var2 = false;

      do {
         if(var1.getObjectAt(0) instanceof DERObjectIdentifier && ((DERObjectIdentifier)var1.getObjectAt(0)).getId().equals(OCSPObjectIdentifiers.id_pkix_ocsp_basic.getId())) {
            DEROctetString var6 = (DEROctetString)var1.getObjectAt(1);
            ASN1InputStream var7 = new ASN1InputStream(var6.getOctets());
            BasicOCSPResponse var5 = BasicOCSPResponse.getInstance(var7.readObject());
            this.basicResp = new BasicOCSPResp(var5);
            return;
         }

         var2 = true;

         for(int var3 = 0; var3 < var1.size(); ++var3) {
            if(var1.getObjectAt(var3) instanceof ASN1Sequence) {
               var1 = (ASN1Sequence)var1.getObjectAt(0);
               var2 = false;
               break;
            }

            if(var1.getObjectAt(var3) instanceof ASN1TaggedObject) {
               ASN1TaggedObject var4 = (ASN1TaggedObject)var1.getObjectAt(var3);
               if(!(var4.getObject() instanceof ASN1Sequence)) {
                  return;
               }

               var1 = (ASN1Sequence)var4.getObject();
               var2 = false;
               break;
            }
         }
      } while(!var2);

   }

   public PdfPKCS7(byte[] var1, String var2) {
      try {
         this.provider = var2;
         ASN1InputStream var3 = new ASN1InputStream(new ByteArrayInputStream(var1));

         DERObject var4;
         try {
            var4 = var3.readObject();
         } catch (IOException var26) {
            throw new IllegalArgumentException("can\'t decode PKCS7SignedData object");
         }

         if(!(var4 instanceof ASN1Sequence)) {
            throw new IllegalArgumentException("Not a valid PKCS#7 object - not a sequence");
         } else {
            ASN1Sequence var5 = (ASN1Sequence)var4;
            DERObjectIdentifier var6 = (DERObjectIdentifier)var5.getObjectAt(0);
            if(!var6.getId().equals("1.2.840.113549.1.7.2")) {
               throw new IllegalArgumentException("Not a valid PKCS#7 object - not signed data");
            } else {
               ASN1Sequence var7 = (ASN1Sequence)((DERTaggedObject)var5.getObjectAt(1)).getObject();
               this.version = ((DERInteger)var7.getObjectAt(0)).getValue().intValue();
               this.digestalgos = new HashSet();
               Enumeration var8 = ((ASN1Set)var7.getObjectAt(1)).getObjects();

               while(var8.hasMoreElements()) {
                  ASN1Sequence var9 = (ASN1Sequence)var8.nextElement();
                  DERObjectIdentifier var10 = (DERObjectIdentifier)var9.getObjectAt(0);
                  this.digestalgos.add(var10.getId());
               }

               X509CertParser var28 = new X509CertParser();
               var28.engineInit(new ByteArrayInputStream(var1));
               this.certs = var28.engineReadAll();
               X509CRLParser var29 = new X509CRLParser();
               var29.engineInit(new ByteArrayInputStream(var1));
               this.crls = var29.engineReadAll();
               ASN1Sequence var11 = (ASN1Sequence)var7.getObjectAt(2);
               if(var11.size() > 1) {
                  DEROctetString var12 = (DEROctetString)((DERTaggedObject)var11.getObjectAt(1)).getObject();
                  this.RSAdata = var12.getOctets();
               }

               int var30;
               for(var30 = 3; var7.getObjectAt(var30) instanceof DERTaggedObject; ++var30) {
                  ;
               }

               ASN1Set var13 = (ASN1Set)var7.getObjectAt(var30);
               if(var13.size() != 1) {
                  throw new IllegalArgumentException("This PKCS#7 object has multiple SignerInfos - only one is supported at this time");
               } else {
                  ASN1Sequence var14 = (ASN1Sequence)var13.getObjectAt(0);
                  this.signerversion = ((DERInteger)var14.getObjectAt(0)).getValue().intValue();
                  ASN1Sequence var15 = (ASN1Sequence)var14.getObjectAt(1);
                  BigInteger var16 = ((DERInteger)var15.getObjectAt(1)).getValue();
                  Iterator var17 = this.certs.iterator();

                  while(var17.hasNext()) {
                     X509Certificate var18 = (X509Certificate)var17.next();
                     if(var16.equals(var18.getSerialNumber())) {
                        this.signCert = var18;
                        break;
                     }
                  }

                  if(this.signCert == null) {
                     throw new IllegalArgumentException("Can\'t find signing certificate with serial " + var16.toString(16));
                  } else {
                     this.signCertificateChain();
                     this.digestAlgorithm = ((DERObjectIdentifier)((ASN1Sequence)var14.getObjectAt(2)).getObjectAt(0)).getId();
                     var30 = 3;
                     ASN1Set var21;
                     ASN1Sequence var22;
                     ASN1Set var33;
                     if(var14.getObjectAt(var30) instanceof ASN1TaggedObject) {
                        ASN1TaggedObject var31 = (ASN1TaggedObject)var14.getObjectAt(var30);
                        var33 = ASN1Set.getInstance(var31, false);
                        this.sigAttr = var33.getEncoded("DER");

                        for(int var19 = 0; var19 < var33.size(); ++var19) {
                           ASN1Sequence var20 = (ASN1Sequence)var33.getObjectAt(var19);
                           if(((DERObjectIdentifier)var20.getObjectAt(0)).getId().equals("1.2.840.113549.1.9.4")) {
                              var21 = (ASN1Set)var20.getObjectAt(1);
                              this.digestAttr = ((DEROctetString)var21.getObjectAt(0)).getOctets();
                           } else if(((DERObjectIdentifier)var20.getObjectAt(0)).getId().equals("1.2.840.113583.1.1.8")) {
                              var21 = (ASN1Set)var20.getObjectAt(1);
                              var22 = (ASN1Sequence)var21.getObjectAt(0);

                              for(int var23 = 0; var23 < var22.size(); ++var23) {
                                 ASN1TaggedObject var24 = (ASN1TaggedObject)var22.getObjectAt(var23);
                                 if(var24.getTagNo() == 1) {
                                    ASN1Sequence var25 = (ASN1Sequence)var24.getObject();
                                    this.findOcsp(var25);
                                 }
                              }
                           }
                        }

                        if(this.digestAttr == null) {
                           throw new IllegalArgumentException("Authenticated attribute is missing the digest.");
                        }

                        ++var30;
                     }

                     this.digestEncryptionAlgorithm = ((DERObjectIdentifier)((ASN1Sequence)var14.getObjectAt(var30++)).getObjectAt(0)).getId();
                     this.digest = ((DEROctetString)var14.getObjectAt(var30++)).getOctets();
                     if(var30 < var14.size() && var14.getObjectAt(var30) instanceof DERTaggedObject) {
                        DERTaggedObject var32 = (DERTaggedObject)var14.getObjectAt(var30);
                        var33 = ASN1Set.getInstance(var32, false);
                        AttributeTable var34 = new AttributeTable(var33);
                        Attribute var35 = var34.get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken);
                        if(var35 != null) {
                           var21 = var35.getAttrValues();
                           var22 = ASN1Sequence.getInstance(var21.getObjectAt(0));
                           ContentInfo var36 = new ContentInfo(var22);
                           this.timeStampToken = new TimeStampToken(var36);
                        }
                     }

                     if(this.RSAdata != null || this.digestAttr != null) {
                        if(var2 != null && !var2.startsWith("SunPKCS11")) {
                           this.messageDigest = MessageDigest.getInstance(this.getHashAlgorithm(), var2);
                        } else {
                           this.messageDigest = MessageDigest.getInstance(this.getHashAlgorithm());
                        }
                     }

                     if(var2 == null) {
                        this.sig = Signature.getInstance(this.getDigestAlgorithm());
                     } else {
                        this.sig = Signature.getInstance(this.getDigestAlgorithm(), var2);
                     }

                     this.sig.initVerify(this.signCert.getPublicKey());
                  }
               }
            }
         }
      } catch (Exception var27) {
         throw new ExceptionConverter(var27);
      }
   }

   public PdfPKCS7(PrivateKey var1, Certificate[] var2, CRL[] var3, String var4, String var5, boolean var6) throws InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException {
      this.privKey = var1;
      this.provider = var5;
      this.digestAlgorithm = (String)allowedDigests.get(var4.toUpperCase());
      if(this.digestAlgorithm == null) {
         throw new NoSuchAlgorithmException("Unknown Hash Algorithm " + var4);
      } else {
         this.version = this.signerversion = 1;
         this.certs = new ArrayList();
         this.crls = new ArrayList();
         this.digestalgos = new HashSet();
         this.digestalgos.add(this.digestAlgorithm);
         this.signCert = (X509Certificate)var2[0];

         int var7;
         for(var7 = 0; var7 < var2.length; ++var7) {
            this.certs.add(var2[var7]);
         }

         if(var3 != null) {
            for(var7 = 0; var7 < var3.length; ++var7) {
               this.crls.add(var3[var7]);
            }
         }

         if(var1 != null) {
            this.digestEncryptionAlgorithm = var1.getAlgorithm();
            if(this.digestEncryptionAlgorithm.equals("RSA")) {
               this.digestEncryptionAlgorithm = "1.2.840.113549.1.1.1";
            } else {
               if(!this.digestEncryptionAlgorithm.equals("DSA")) {
                  throw new NoSuchAlgorithmException("Unknown Key Algorithm " + this.digestEncryptionAlgorithm);
               }

               this.digestEncryptionAlgorithm = "1.2.840.10040.4.1";
            }
         }

         if(var6) {
            this.RSAdata = new byte[0];
            if(var5 != null && !var5.startsWith("SunPKCS11")) {
               this.messageDigest = MessageDigest.getInstance(this.getHashAlgorithm(), var5);
            } else {
               this.messageDigest = MessageDigest.getInstance(this.getHashAlgorithm());
            }
         }

         if(var1 != null) {
            if(var5 == null) {
               this.sig = Signature.getInstance(this.getDigestAlgorithm());
            } else {
               this.sig = Signature.getInstance(this.getDigestAlgorithm(), var5);
            }

            this.sig.initSign(var1);
         }

      }
   }

   public void update(byte[] var1, int var2, int var3) throws SignatureException {
      if(this.RSAdata == null && this.digestAttr == null) {
         this.sig.update(var1, var2, var3);
      } else {
         this.messageDigest.update(var1, var2, var3);
      }

   }

   public boolean verify() throws SignatureException {
      if(this.verified) {
         return this.verifyResult;
      } else {
         if(this.sigAttr != null) {
            this.sig.update(this.sigAttr);
            if(this.RSAdata != null) {
               byte[] var1 = this.messageDigest.digest();
               this.messageDigest.update(var1);
            }

            this.verifyResult = Arrays.equals(this.messageDigest.digest(), this.digestAttr) && this.sig.verify(this.digest);
         } else {
            if(this.RSAdata != null) {
               this.sig.update(this.messageDigest.digest());
            }

            this.verifyResult = this.sig.verify(this.digest);
         }

         this.verified = true;
         return this.verifyResult;
      }
   }

   public boolean verifyTimestampImprint() throws NoSuchAlgorithmException {
      if(this.timeStampToken == null) {
         return false;
      } else {
         MessageImprint var1 = this.timeStampToken.getTimeStampInfo().toTSTInfo().getMessageImprint();
         byte[] var2 = MessageDigest.getInstance("SHA-1").digest(this.digest);
         byte[] var3 = var1.getHashedMessage();
         boolean var4 = Arrays.equals(var2, var3);
         return var4;
      }
   }

   public Certificate[] getCertificates() {
      return (X509Certificate[])((X509Certificate[])this.certs.toArray(new X509Certificate[this.certs.size()]));
   }

   public Certificate[] getSignCertificateChain() {
      return (X509Certificate[])((X509Certificate[])this.signCerts.toArray(new X509Certificate[this.signCerts.size()]));
   }

   private void signCertificateChain() {
      ArrayList var1 = new ArrayList();
      var1.add(this.signCert);
      ArrayList var2 = new ArrayList(this.certs);

      for(int var3 = 0; var3 < var2.size(); ++var3) {
         if(this.signCert.getSerialNumber().equals(((X509Certificate)var2.get(var3)).getSerialNumber())) {
            var2.remove(var3);
            --var3;
         }
      }

      boolean var8 = true;

      while(var8) {
         X509Certificate var4 = (X509Certificate)var1.get(var1.size() - 1);
         var8 = false;
         int var5 = 0;

         while(var5 < var2.size()) {
            try {
               if(this.provider == null) {
                  var4.verify(((X509Certificate)var2.get(var5)).getPublicKey());
               } else {
                  var4.verify(((X509Certificate)var2.get(var5)).getPublicKey(), this.provider);
               }

               var8 = true;
               var1.add(var2.get(var5));
               var2.remove(var5);
               break;
            } catch (Exception var7) {
               ++var5;
            }
         }
      }

      this.signCerts = var1;
   }

   public Collection getCRLs() {
      return this.crls;
   }

   public X509Certificate getSigningCertificate() {
      return this.signCert;
   }

   public int getVersion() {
      return this.version;
   }

   public int getSigningInfoVersion() {
      return this.signerversion;
   }

   public String getDigestAlgorithm() {
      String var1 = getAlgorithm(this.digestEncryptionAlgorithm);
      if(var1 == null) {
         var1 = this.digestEncryptionAlgorithm;
      }

      return this.getHashAlgorithm() + "with" + var1;
   }

   public String getHashAlgorithm() {
      return getDigest(this.digestAlgorithm);
   }

   public static KeyStore loadCacertsKeyStore() {
      return loadCacertsKeyStore((String)null);
   }

   public static KeyStore loadCacertsKeyStore(String var0) {
      File var1 = new File(System.getProperty("java.home"), "lib");
      var1 = new File(var1, "security");
      var1 = new File(var1, "cacerts");
      FileInputStream var2 = null;

      KeyStore var4;
      try {
         var2 = new FileInputStream(var1);
         KeyStore var3;
         if(var0 == null) {
            var3 = KeyStore.getInstance("JKS");
         } else {
            var3 = KeyStore.getInstance("JKS", var0);
         }

         var3.load(var2, (char[])null);
         var4 = var3;
      } catch (Exception var13) {
         throw new ExceptionConverter(var13);
      } finally {
         try {
            if(var2 != null) {
               var2.close();
            }
         } catch (Exception var12) {
            ;
         }

      }

      return var4;
   }

   public static String verifyCertificate(X509Certificate var0, Collection var1, Calendar var2) {
      if(var2 == null) {
         var2 = new GregorianCalendar();
      }

      if(var0.hasUnsupportedCriticalExtension()) {
         return "Has unsupported critical extension";
      } else {
         try {
            var0.checkValidity(((Calendar)var2).getTime());
         } catch (Exception var4) {
            return var4.getMessage();
         }

         if(var1 != null) {
            Iterator var3 = var1.iterator();

            while(var3.hasNext()) {
               if(((CRL)var3.next()).isRevoked(var0)) {
                  return "Certificate revoked";
               }
            }
         }

         return null;
      }
   }

   public static Object[] verifyCertificates(Certificate[] var0, KeyStore var1, Collection var2, Calendar var3) {
      if(var3 == null) {
         var3 = new GregorianCalendar();
      }

      for(int var4 = 0; var4 < var0.length; ++var4) {
         X509Certificate var5 = (X509Certificate)var0[var4];
         String var6 = verifyCertificate(var5, var2, (Calendar)var3);
         if(var6 != null) {
            return new Object[]{var5, var6};
         }

         try {
            Enumeration var7 = var1.aliases();

            while(var7.hasMoreElements()) {
               try {
                  String var8 = (String)var7.nextElement();
                  if(var1.isCertificateEntry(var8)) {
                     X509Certificate var9 = (X509Certificate)var1.getCertificate(var8);
                     if(verifyCertificate(var9, var2, (Calendar)var3) == null) {
                        try {
                           var5.verify(var9.getPublicKey());
                           return null;
                        } catch (Exception var12) {
                           ;
                        }
                     }
                  }
               } catch (Exception var13) {
                  ;
               }
            }
         } catch (Exception var14) {
            ;
         }

         int var15;
         for(var15 = 0; var15 < var0.length; ++var15) {
            if(var15 != var4) {
               X509Certificate var16 = (X509Certificate)var0[var15];

               try {
                  var5.verify(var16.getPublicKey());
                  break;
               } catch (Exception var11) {
                  ;
               }
            }
         }

         if(var15 == var0.length) {
            return new Object[]{var5, "Cannot be verified against the KeyStore or the certificate chain"};
         }
      }

      return new Object[]{null, "Invalid state. Possible circular certificate chain"};
   }

   public static boolean verifyOcspCertificates(BasicOCSPResp var0, KeyStore var1, String var2) {
      if(var2 == null) {
         var2 = "BC";
      }

      try {
         Enumeration var3 = var1.aliases();

         while(var3.hasMoreElements()) {
            try {
               String var4 = (String)var3.nextElement();
               if(var1.isCertificateEntry(var4)) {
                  X509Certificate var5 = (X509Certificate)var1.getCertificate(var4);
                  if(var0.verify(var5.getPublicKey(), var2)) {
                     return true;
                  }
               }
            } catch (Exception var6) {
               ;
            }
         }
      } catch (Exception var7) {
         ;
      }

      return false;
   }

   public static boolean verifyTimestampCertificates(TimeStampToken var0, KeyStore var1, String var2) {
      if(var2 == null) {
         var2 = "BC";
      }

      try {
         Enumeration var3 = var1.aliases();

         while(var3.hasMoreElements()) {
            try {
               String var4 = (String)var3.nextElement();
               if(var1.isCertificateEntry(var4)) {
                  X509Certificate var5 = (X509Certificate)var1.getCertificate(var4);
                  var0.validate(var5, var2);
                  return true;
               }
            } catch (Exception var6) {
               ;
            }
         }
      } catch (Exception var7) {
         ;
      }

      return false;
   }

   public static String getOCSPURL(X509Certificate var0) throws CertificateParsingException {
      try {
         DERObject var1 = getExtensionValue(var0, X509Extensions.AuthorityInfoAccess.getId());
         if(var1 == null) {
            return null;
         }

         ASN1Sequence var2 = (ASN1Sequence)var1;

         for(int var3 = 0; var3 < var2.size(); ++var3) {
            ASN1Sequence var4 = (ASN1Sequence)var2.getObjectAt(var3);
            if(var4.size() == 2 && var4.getObjectAt(0) instanceof DERObjectIdentifier && ((DERObjectIdentifier)var4.getObjectAt(0)).getId().equals("1.3.6.1.5.5.7.48.1")) {
               String var5 = getStringFromGeneralName((DERObject)var4.getObjectAt(1));
               if(var5 == null) {
                  return "";
               }

               return var5;
            }
         }
      } catch (Exception var6) {
         ;
      }

      return null;
   }

   public boolean isRevocationValid() {
      if(this.basicResp == null) {
         return false;
      } else if(this.signCerts.size() < 2) {
         return false;
      } else {
         try {
            X509Certificate[] var1 = (X509Certificate[])((X509Certificate[])this.getSignCertificateChain());
            SingleResp var2 = this.basicResp.getResponses()[0];
            CertificateID var3 = var2.getCertID();
            X509Certificate var4 = this.getSigningCertificate();
            X509Certificate var5 = var1[1];
            CertificateID var6 = new CertificateID("1.3.14.3.2.26", var5, var4.getSerialNumber());
            return var6.equals(var3);
         } catch (Exception var7) {
            return false;
         }
      }
   }

   private static DERObject getExtensionValue(X509Certificate var0, String var1) throws IOException {
      byte[] var2 = var0.getExtensionValue(var1);
      if(var2 == null) {
         return null;
      } else {
         ASN1InputStream var3 = new ASN1InputStream(new ByteArrayInputStream(var2));
         ASN1OctetString var4 = (ASN1OctetString)var3.readObject();
         var3 = new ASN1InputStream(new ByteArrayInputStream(var4.getOctets()));
         return var3.readObject();
      }
   }

   private static String getStringFromGeneralName(DERObject var0) throws IOException {
      DERTaggedObject var1 = (DERTaggedObject)var0;
      return new String(ASN1OctetString.getInstance(var1, false).getOctets(), "ISO-8859-1");
   }

   private static DERObject getIssuer(byte[] var0) {
      try {
         ASN1InputStream var1 = new ASN1InputStream(new ByteArrayInputStream(var0));
         ASN1Sequence var2 = (ASN1Sequence)var1.readObject();
         return (DERObject)var2.getObjectAt(var2.getObjectAt(0) instanceof DERTaggedObject?3:2);
      } catch (IOException var3) {
         throw new ExceptionConverter(var3);
      }
   }

   private static DERObject getSubject(byte[] var0) {
      try {
         ASN1InputStream var1 = new ASN1InputStream(new ByteArrayInputStream(var0));
         ASN1Sequence var2 = (ASN1Sequence)var1.readObject();
         return (DERObject)var2.getObjectAt(var2.getObjectAt(0) instanceof DERTaggedObject?5:4);
      } catch (IOException var3) {
         throw new ExceptionConverter(var3);
      }
   }

   public static PdfPKCS7.X509Name getIssuerFields(X509Certificate var0) {
      try {
         return new PdfPKCS7.X509Name((ASN1Sequence)getIssuer(var0.getTBSCertificate()));
      } catch (Exception var2) {
         throw new ExceptionConverter(var2);
      }
   }

   public static PdfPKCS7.X509Name getSubjectFields(X509Certificate var0) {
      try {
         return new PdfPKCS7.X509Name((ASN1Sequence)getSubject(var0.getTBSCertificate()));
      } catch (Exception var2) {
         throw new ExceptionConverter(var2);
      }
   }

   public byte[] getEncodedPKCS1() {
      try {
         if(this.externalDigest != null) {
            this.digest = this.externalDigest;
         } else {
            this.digest = this.sig.sign();
         }

         ByteArrayOutputStream var1 = new ByteArrayOutputStream();
         ASN1OutputStream var2 = new ASN1OutputStream(var1);
         var2.writeObject(new DEROctetString(this.digest));
         var2.close();
         return var1.toByteArray();
      } catch (Exception var3) {
         throw new ExceptionConverter(var3);
      }
   }

   public void setExternalDigest(byte[] var1, byte[] var2, String var3) {
      this.externalDigest = var1;
      this.externalRSAdata = var2;
      if(var3 != null) {
         if(var3.equals("RSA")) {
            this.digestEncryptionAlgorithm = "1.2.840.113549.1.1.1";
         } else {
            if(!var3.equals("DSA")) {
               throw new ExceptionConverter(new NoSuchAlgorithmException("Unknown Key Algorithm " + var3));
            }

            this.digestEncryptionAlgorithm = "1.2.840.10040.4.1";
         }
      }

   }

   public byte[] getEncodedPKCS7() {
      return this.getEncodedPKCS7((byte[])null, (Calendar)null, (TSAClient)null, (byte[])null);
   }

   public byte[] getEncodedPKCS7(byte[] var1, Calendar var2) {
      return this.getEncodedPKCS7(var1, var2, (TSAClient)null, (byte[])null);
   }

   public byte[] getEncodedPKCS7(byte[] var1, Calendar var2, TSAClient var3, byte[] var4) {
      try {
         if(this.externalDigest != null) {
            this.digest = this.externalDigest;
            if(this.RSAdata != null) {
               this.RSAdata = this.externalRSAdata;
            }
         } else if(this.externalRSAdata != null && this.RSAdata != null) {
            this.RSAdata = this.externalRSAdata;
            this.sig.update(this.RSAdata);
            this.digest = this.sig.sign();
         } else {
            if(this.RSAdata != null) {
               this.RSAdata = this.messageDigest.digest();
               this.sig.update(this.RSAdata);
            }

            this.digest = this.sig.sign();
         }

         ASN1EncodableVector var5 = new ASN1EncodableVector();
         Iterator var6 = this.digestalgos.iterator();

         while(var6.hasNext()) {
            ASN1EncodableVector var7 = new ASN1EncodableVector();
            var7.add(new DERObjectIdentifier((String)var6.next()));
            var7.add(DERNull.INSTANCE);
            var5.add(new DERSequence(var7));
         }

         ASN1EncodableVector var15 = new ASN1EncodableVector();
         var15.add(new DERObjectIdentifier("1.2.840.113549.1.7.1"));
         if(this.RSAdata != null) {
            var15.add(new DERTaggedObject(0, new DEROctetString(this.RSAdata)));
         }

         DERSequence var16 = new DERSequence(var15);
         var15 = new ASN1EncodableVector();
         Iterator var8 = this.certs.iterator();

         while(var8.hasNext()) {
            ASN1InputStream var9 = new ASN1InputStream(new ByteArrayInputStream(((X509Certificate)var8.next()).getEncoded()));
            var15.add(var9.readObject());
         }

         DERSet var17 = new DERSet(var15);
         ASN1EncodableVector var18 = new ASN1EncodableVector();
         var18.add(new DERInteger(this.signerversion));
         var15 = new ASN1EncodableVector();
         var15.add(getIssuer(this.signCert.getTBSCertificate()));
         var15.add(new DERInteger(this.signCert.getSerialNumber()));
         var18.add(new DERSequence(var15));
         var15 = new ASN1EncodableVector();
         var15.add(new DERObjectIdentifier(this.digestAlgorithm));
         var15.add(new DERNull());
         var18.add(new DERSequence(var15));
         if(var1 != null && var2 != null) {
            var18.add(new DERTaggedObject(false, 0, this.getAuthenticatedAttributeSet(var1, var2, var4)));
         }

         var15 = new ASN1EncodableVector();
         var15.add(new DERObjectIdentifier(this.digestEncryptionAlgorithm));
         var15.add(new DERNull());
         var18.add(new DERSequence(var15));
         var18.add(new DEROctetString(this.digest));
         if(var3 != null) {
            byte[] var10 = MessageDigest.getInstance("SHA-1").digest(this.digest);
            byte[] var11 = var3.getTimeStampToken(this, var10);
            if(var11 != null) {
               ASN1EncodableVector var12 = this.buildUnauthenticatedAttributes(var11);
               if(var12 != null) {
                  var18.add(new DERTaggedObject(false, 1, new DERSet(var12)));
               }
            }
         }

         ASN1EncodableVector var19 = new ASN1EncodableVector();
         var19.add(new DERInteger(this.version));
         var19.add(new DERSet(var5));
         var19.add(var16);
         var19.add(new DERTaggedObject(false, 0, var17));
         if(!this.crls.isEmpty()) {
            var15 = new ASN1EncodableVector();
            Iterator var20 = this.crls.iterator();

            while(var20.hasNext()) {
               ASN1InputStream var23 = new ASN1InputStream(new ByteArrayInputStream(((X509CRL)var20.next()).getEncoded()));
               var15.add(var23.readObject());
            }

            DERSet var21 = new DERSet(var15);
            var19.add(new DERTaggedObject(false, 1, var21));
         }

         var19.add(new DERSet(new DERSequence(var18)));
         ASN1EncodableVector var22 = new ASN1EncodableVector();
         var22.add(new DERObjectIdentifier("1.2.840.113549.1.7.2"));
         var22.add(new DERTaggedObject(0, new DERSequence(var19)));
         ByteArrayOutputStream var24 = new ByteArrayOutputStream();
         ASN1OutputStream var13 = new ASN1OutputStream(var24);
         var13.writeObject(new DERSequence(var22));
         var13.close();
         return var24.toByteArray();
      } catch (Exception var14) {
         throw new ExceptionConverter(var14);
      }
   }

   private ASN1EncodableVector buildUnauthenticatedAttributes(byte[] var1) throws IOException {
      if(var1 == null) {
         return null;
      } else {
         String var2 = "1.2.840.113549.1.9.16.2.14";
         ASN1InputStream var3 = new ASN1InputStream(new ByteArrayInputStream(var1));
         ASN1EncodableVector var4 = new ASN1EncodableVector();
         ASN1EncodableVector var5 = new ASN1EncodableVector();
         var5.add(new DERObjectIdentifier(var2));
         ASN1Sequence var6 = (ASN1Sequence)var3.readObject();
         var5.add(new DERSet(var6));
         var4.add(new DERSequence(var5));
         return var4;
      }
   }

   public byte[] getAuthenticatedAttributeBytes(byte[] var1, Calendar var2, byte[] var3) {
      try {
         return this.getAuthenticatedAttributeSet(var1, var2, var3).getEncoded("DER");
      } catch (Exception var5) {
         throw new ExceptionConverter(var5);
      }
   }

   private DERSet getAuthenticatedAttributeSet(byte[] var1, Calendar var2, byte[] var3) {
      try {
         ASN1EncodableVector var4 = new ASN1EncodableVector();
         ASN1EncodableVector var5 = new ASN1EncodableVector();
         var5.add(new DERObjectIdentifier("1.2.840.113549.1.9.3"));
         var5.add(new DERSet(new DERObjectIdentifier("1.2.840.113549.1.7.1")));
         var4.add(new DERSequence(var5));
         var5 = new ASN1EncodableVector();
         var5.add(new DERObjectIdentifier("1.2.840.113549.1.9.5"));
         var5.add(new DERSet(new DERUTCTime(var2.getTime())));
         var4.add(new DERSequence(var5));
         var5 = new ASN1EncodableVector();
         var5.add(new DERObjectIdentifier("1.2.840.113549.1.9.4"));
         var5.add(new DERSet(new DEROctetString(var1)));
         var4.add(new DERSequence(var5));
         if(var3 != null) {
            var5 = new ASN1EncodableVector();
            var5.add(new DERObjectIdentifier("1.2.840.113583.1.1.8"));
            DEROctetString var6 = new DEROctetString(var3);
            ASN1EncodableVector var7 = new ASN1EncodableVector();
            ASN1EncodableVector var8 = new ASN1EncodableVector();
            var8.add(OCSPObjectIdentifiers.id_pkix_ocsp_basic);
            var8.add(var6);
            DEREnumerated var9 = new DEREnumerated(0);
            ASN1EncodableVector var10 = new ASN1EncodableVector();
            var10.add(var9);
            var10.add(new DERTaggedObject(true, 0, new DERSequence(var8)));
            var7.add(new DERSequence(var10));
            var5.add(new DERSet(new DERSequence(new DERTaggedObject(true, 1, new DERSequence(var7)))));
            var4.add(new DERSequence(var5));
         } else if(!this.crls.isEmpty()) {
            var5 = new ASN1EncodableVector();
            var5.add(new DERObjectIdentifier("1.2.840.113583.1.1.8"));
            ASN1EncodableVector var12 = new ASN1EncodableVector();
            Iterator var13 = this.crls.iterator();

            while(var13.hasNext()) {
               ASN1InputStream var14 = new ASN1InputStream(new ByteArrayInputStream(((X509CRL)var13.next()).getEncoded()));
               var12.add(var14.readObject());
            }

            var5.add(new DERSet(new DERSequence(new DERTaggedObject(true, 0, new DERSequence(var12)))));
            var4.add(new DERSequence(var5));
         }

         return new DERSet(var4);
      } catch (Exception var11) {
         throw new ExceptionConverter(var11);
      }
   }

   public String getReason() {
      return this.reason;
   }

   public void setReason(String var1) {
      this.reason = var1;
   }

   public String getLocation() {
      return this.location;
   }

   public void setLocation(String var1) {
      this.location = var1;
   }

   public Calendar getSignDate() {
      return this.signDate;
   }

   public void setSignDate(Calendar var1) {
      this.signDate = var1;
   }

   public String getSignName() {
      return this.signName;
   }

   public void setSignName(String var1) {
      this.signName = var1;
   }

   static {
      digestNames.put("1.2.840.113549.2.5", "MD5");
      digestNames.put("1.2.840.113549.2.2", "MD2");
      digestNames.put("1.3.14.3.2.26", "SHA1");
      digestNames.put("2.16.840.1.101.3.4.2.4", "SHA224");
      digestNames.put("2.16.840.1.101.3.4.2.1", "SHA256");
      digestNames.put("2.16.840.1.101.3.4.2.2", "SHA384");
      digestNames.put("2.16.840.1.101.3.4.2.3", "SHA512");
      digestNames.put("1.3.36.3.2.2", "RIPEMD128");
      digestNames.put("1.3.36.3.2.1", "RIPEMD160");
      digestNames.put("1.3.36.3.2.3", "RIPEMD256");
      digestNames.put("1.2.840.113549.1.1.4", "MD5");
      digestNames.put("1.2.840.113549.1.1.2", "MD2");
      digestNames.put("1.2.840.113549.1.1.5", "SHA1");
      digestNames.put("1.2.840.113549.1.1.14", "SHA224");
      digestNames.put("1.2.840.113549.1.1.11", "SHA256");
      digestNames.put("1.2.840.113549.1.1.12", "SHA384");
      digestNames.put("1.2.840.113549.1.1.13", "SHA512");
      digestNames.put("1.2.840.113549.2.5", "MD5");
      digestNames.put("1.2.840.113549.2.2", "MD2");
      digestNames.put("1.2.840.10040.4.3", "SHA1");
      digestNames.put("2.16.840.1.101.3.4.3.1", "SHA224");
      digestNames.put("2.16.840.1.101.3.4.3.2", "SHA256");
      digestNames.put("2.16.840.1.101.3.4.3.3", "SHA384");
      digestNames.put("2.16.840.1.101.3.4.3.4", "SHA512");
      digestNames.put("1.3.36.3.3.1.3", "RIPEMD128");
      digestNames.put("1.3.36.3.3.1.2", "RIPEMD160");
      digestNames.put("1.3.36.3.3.1.4", "RIPEMD256");
      algorithmNames.put("1.2.840.113549.1.1.1", "RSA");
      algorithmNames.put("1.2.840.10040.4.1", "DSA");
      algorithmNames.put("1.2.840.113549.1.1.2", "RSA");
      algorithmNames.put("1.2.840.113549.1.1.4", "RSA");
      algorithmNames.put("1.2.840.113549.1.1.5", "RSA");
      algorithmNames.put("1.2.840.113549.1.1.14", "RSA");
      algorithmNames.put("1.2.840.113549.1.1.11", "RSA");
      algorithmNames.put("1.2.840.113549.1.1.12", "RSA");
      algorithmNames.put("1.2.840.113549.1.1.13", "RSA");
      algorithmNames.put("1.2.840.10040.4.3", "DSA");
      algorithmNames.put("2.16.840.1.101.3.4.3.1", "DSA");
      algorithmNames.put("2.16.840.1.101.3.4.3.2", "DSA");
      algorithmNames.put("1.3.36.3.3.1.3", "RSA");
      algorithmNames.put("1.3.36.3.3.1.2", "RSA");
      algorithmNames.put("1.3.36.3.3.1.4", "RSA");
      allowedDigests.put("MD5", "1.2.840.113549.2.5");
      allowedDigests.put("MD2", "1.2.840.113549.2.2");
      allowedDigests.put("SHA1", "1.3.14.3.2.26");
      allowedDigests.put("SHA224", "2.16.840.1.101.3.4.2.4");
      allowedDigests.put("SHA256", "2.16.840.1.101.3.4.2.1");
      allowedDigests.put("SHA384", "2.16.840.1.101.3.4.2.2");
      allowedDigests.put("SHA512", "2.16.840.1.101.3.4.2.3");
      allowedDigests.put("MD-5", "1.2.840.113549.2.5");
      allowedDigests.put("MD-2", "1.2.840.113549.2.2");
      allowedDigests.put("SHA-1", "1.3.14.3.2.26");
      allowedDigests.put("SHA-224", "2.16.840.1.101.3.4.2.4");
      allowedDigests.put("SHA-256", "2.16.840.1.101.3.4.2.1");
      allowedDigests.put("SHA-384", "2.16.840.1.101.3.4.2.2");
      allowedDigests.put("SHA-512", "2.16.840.1.101.3.4.2.3");
      allowedDigests.put("RIPEMD128", "1.3.36.3.2.2");
      allowedDigests.put("RIPEMD-128", "1.3.36.3.2.2");
      allowedDigests.put("RIPEMD160", "1.3.36.3.2.1");
      allowedDigests.put("RIPEMD-160", "1.3.36.3.2.1");
      allowedDigests.put("RIPEMD256", "1.3.36.3.2.3");
      allowedDigests.put("RIPEMD-256", "1.3.36.3.2.3");
   }

   public static class X509NameTokenizer {
      private String oid;
      private int index;
      private StringBuffer buf = new StringBuffer();

      public X509NameTokenizer(String var1) {
         this.oid = var1;
         this.index = -1;
      }

      public boolean hasMoreTokens() {
         return this.index != this.oid.length();
      }

      public String nextToken() {
         if(this.index == this.oid.length()) {
            return null;
         } else {
            int var1 = this.index + 1;
            boolean var2 = false;
            boolean var3 = false;
            this.buf.setLength(0);

            for(; var1 != this.oid.length(); ++var1) {
               char var4 = this.oid.charAt(var1);
               if(var4 == 34) {
                  if(!var3) {
                     var2 = !var2;
                  } else {
                     this.buf.append(var4);
                  }

                  var3 = false;
               } else if(!var3 && !var2) {
                  if(var4 == 92) {
                     var3 = true;
                  } else {
                     if(var4 == 44) {
                        break;
                     }

                     this.buf.append(var4);
                  }
               } else {
                  this.buf.append(var4);
                  var3 = false;
               }
            }

            this.index = var1;
            return this.buf.toString().trim();
         }
      }
   }

   public static class X509Name {
      public static final DERObjectIdentifier C = new DERObjectIdentifier("2.5.4.6");
      public static final DERObjectIdentifier O = new DERObjectIdentifier("2.5.4.10");
      public static final DERObjectIdentifier OU = new DERObjectIdentifier("2.5.4.11");
      public static final DERObjectIdentifier T = new DERObjectIdentifier("2.5.4.12");
      public static final DERObjectIdentifier CN = new DERObjectIdentifier("2.5.4.3");
      public static final DERObjectIdentifier SN = new DERObjectIdentifier("2.5.4.5");
      public static final DERObjectIdentifier L = new DERObjectIdentifier("2.5.4.7");
      public static final DERObjectIdentifier ST = new DERObjectIdentifier("2.5.4.8");
      public static final DERObjectIdentifier SURNAME = new DERObjectIdentifier("2.5.4.4");
      public static final DERObjectIdentifier GIVENNAME = new DERObjectIdentifier("2.5.4.42");
      public static final DERObjectIdentifier INITIALS = new DERObjectIdentifier("2.5.4.43");
      public static final DERObjectIdentifier GENERATION = new DERObjectIdentifier("2.5.4.44");
      public static final DERObjectIdentifier UNIQUE_IDENTIFIER = new DERObjectIdentifier("2.5.4.45");
      public static final DERObjectIdentifier EmailAddress = new DERObjectIdentifier("1.2.840.113549.1.9.1");
      public static final DERObjectIdentifier E;
      public static final DERObjectIdentifier DC;
      public static final DERObjectIdentifier UID;
      public static HashMap DefaultSymbols;
      public HashMap values = new HashMap();

      public X509Name(ASN1Sequence var1) {
         Enumeration var2 = var1.getObjects();

         while(var2.hasMoreElements()) {
            ASN1Set var3 = (ASN1Set)var2.nextElement();

            for(int var4 = 0; var4 < var3.size(); ++var4) {
               ASN1Sequence var5 = (ASN1Sequence)var3.getObjectAt(var4);
               String var6 = (String)DefaultSymbols.get(var5.getObjectAt(0));
               if(var6 != null) {
                  ArrayList var7 = (ArrayList)this.values.get(var6);
                  if(var7 == null) {
                     var7 = new ArrayList();
                     this.values.put(var6, var7);
                  }

                  var7.add(((DERString)var5.getObjectAt(1)).getString());
               }
            }
         }

      }

      public X509Name(String var1) {
         String var6;
         ArrayList var7;
         for(PdfPKCS7.X509NameTokenizer var2 = new PdfPKCS7.X509NameTokenizer(var1); var2.hasMoreTokens(); var7.add(var6)) {
            String var3 = var2.nextToken();
            int var4 = var3.indexOf(61);
            if(var4 == -1) {
               throw new IllegalArgumentException("badly formated directory string");
            }

            String var5 = var3.substring(0, var4).toUpperCase();
            var6 = var3.substring(var4 + 1);
            var7 = (ArrayList)this.values.get(var5);
            if(var7 == null) {
               var7 = new ArrayList();
               this.values.put(var5, var7);
            }
         }

      }

      public String getField(String var1) {
         ArrayList var2 = (ArrayList)this.values.get(var1);
         return var2 == null?null:(String)var2.get(0);
      }

      public ArrayList getFieldArray(String var1) {
         ArrayList var2 = (ArrayList)this.values.get(var1);
         return var2 == null?null:var2;
      }

      public HashMap getFields() {
         return this.values;
      }

      public String toString() {
         return this.values.toString();
      }

      static {
         E = EmailAddress;
         DC = new DERObjectIdentifier("0.9.2342.19200300.100.1.25");
         UID = new DERObjectIdentifier("0.9.2342.19200300.100.1.1");
         DefaultSymbols = new HashMap();
         DefaultSymbols.put(C, "C");
         DefaultSymbols.put(O, "O");
         DefaultSymbols.put(T, "T");
         DefaultSymbols.put(OU, "OU");
         DefaultSymbols.put(CN, "CN");
         DefaultSymbols.put(L, "L");
         DefaultSymbols.put(ST, "ST");
         DefaultSymbols.put(SN, "SN");
         DefaultSymbols.put(EmailAddress, "E");
         DefaultSymbols.put(DC, "DC");
         DefaultSymbols.put(UID, "UID");
         DefaultSymbols.put(SURNAME, "SURNAME");
         DefaultSymbols.put(GIVENNAME, "GIVENNAME");
         DefaultSymbols.put(INITIALS, "INITIALS");
         DefaultSymbols.put(GENERATION, "GENERATION");
      }
   }
}
Page generated: Oct 19, 2017 2:35:22 PM