Red Hat Application Migration Toolkit
package com.lowagie.text.pdf; import com.lowagie.text.ExceptionConverter; import com.lowagie.text.pdf.TSAClient; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.math.BigInteger; import java.security.InvalidKeyException; import java.security.KeyStore; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.PrivateKey; import java.security.Signature; import java.security.SignatureException; import java.security.cert.CRL; import java.security.cert.Certificate; import java.security.cert.CertificateParsingException; import java.security.cert.X509CRL; import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Arrays; import java.util.Calendar; import java.util.Collection; import java.util.Date; import java.util.Enumeration; import java.util.GregorianCalendar; import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; import java.util.Set; import org.bouncycastle.asn1.ASN1EncodableVector; import org.bouncycastle.asn1.ASN1InputStream; import org.bouncycastle.asn1.ASN1OctetString; import org.bouncycastle.asn1.ASN1OutputStream; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1Set; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DEREnumerated; import org.bouncycastle.asn1.DERInteger; import org.bouncycastle.asn1.DERNull; import org.bouncycastle.asn1.DERObject; import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERSet; import org.bouncycastle.asn1.DERString; import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.asn1.DERUTCTime; import org.bouncycastle.asn1.cms.Attribute; import org.bouncycastle.asn1.cms.AttributeTable; import org.bouncycastle.asn1.cms.ContentInfo; import org.bouncycastle.asn1.ocsp.BasicOCSPResponse; import org.bouncycastle.asn1.ocsp.OCSPObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.asn1.tsp.MessageImprint; import org.bouncycastle.asn1.x509.X509Extensions; import org.bouncycastle.jce.provider.X509CRLParser; import org.bouncycastle.jce.provider.X509CertParser; import org.bouncycastle.ocsp.BasicOCSPResp; import org.bouncycastle.ocsp.CertificateID; import org.bouncycastle.ocsp.SingleResp; import org.bouncycastle.tsp.TimeStampToken; public class PdfPKCS7 { private byte[] sigAttr; private byte[] digestAttr; private int version; private int signerversion; private Set digestalgos; private Collection certs; private Collection crls; private Collection signCerts; private X509Certificate signCert; private byte[] digest; private MessageDigest messageDigest; private String digestAlgorithm; private String digestEncryptionAlgorithm; private Signature sig; private transient PrivateKey privKey; private byte[] RSAdata; private boolean verified; private boolean verifyResult; private byte[] externalDigest; private byte[] externalRSAdata; private String provider; private static final String ID_PKCS7_DATA = "1.2.840.113549.1.7.1"; private static final String ID_PKCS7_SIGNED_DATA = "1.2.840.113549.1.7.2"; private static final String ID_RSA = "1.2.840.113549.1.1.1"; private static final String ID_DSA = "1.2.840.10040.4.1"; private static final String ID_CONTENT_TYPE = "1.2.840.113549.1.9.3"; private static final String ID_MESSAGE_DIGEST = "1.2.840.113549.1.9.4"; private static final String ID_SIGNING_TIME = "1.2.840.113549.1.9.5"; private static final String ID_ADBE_REVOCATION = "1.2.840.113583.1.1.8"; private String reason; private String location; private Calendar signDate; private String signName; private TimeStampToken timeStampToken; private static final HashMap digestNames = new HashMap(); private static final HashMap algorithmNames = new HashMap(); private static final HashMap allowedDigests = new HashMap(); private BasicOCSPResp basicResp; public static String getDigest(String var0) { String var1 = (String)digestNames.get(var0); return var1 == null?var0:var1; } public static String getAlgorithm(String var0) { String var1 = (String)algorithmNames.get(var0); return var1 == null?var0:var1; } public TimeStampToken getTimeStampToken() { return this.timeStampToken; } public Calendar getTimeStampDate() { if(this.timeStampToken == null) { return null; } else { GregorianCalendar var1 = new GregorianCalendar(); Date var2 = this.timeStampToken.getTimeStampInfo().getGenTime(); var1.setTime(var2); return var1; } } public PdfPKCS7(byte[] var1, byte[] var2, String var3) { try { this.provider = var3; X509CertParser var4 = new X509CertParser(); var4.engineInit(new ByteArrayInputStream(var2)); this.certs = var4.engineReadAll(); this.signCerts = this.certs; this.signCert = (X509Certificate)this.certs.iterator().next(); this.crls = new ArrayList(); ASN1InputStream var5 = new ASN1InputStream(new ByteArrayInputStream(var1)); this.digest = ((DEROctetString)var5.readObject()).getOctets(); if(var3 == null) { this.sig = Signature.getInstance("SHA1withRSA"); } else { this.sig = Signature.getInstance("SHA1withRSA", var3); } this.sig.initVerify(this.signCert.getPublicKey()); } catch (Exception var6) { throw new ExceptionConverter(var6); } } public BasicOCSPResp getOcsp() { return this.basicResp; } private void findOcsp(ASN1Sequence var1) throws IOException { this.basicResp = null; boolean var2 = false; do { if(var1.getObjectAt(0) instanceof DERObjectIdentifier && ((DERObjectIdentifier)var1.getObjectAt(0)).getId().equals(OCSPObjectIdentifiers.id_pkix_ocsp_basic.getId())) { DEROctetString var6 = (DEROctetString)var1.getObjectAt(1); ASN1InputStream var7 = new ASN1InputStream(var6.getOctets()); BasicOCSPResponse var5 = BasicOCSPResponse.getInstance(var7.readObject()); this.basicResp = new BasicOCSPResp(var5); return; } var2 = true; for(int var3 = 0; var3 < var1.size(); ++var3) { if(var1.getObjectAt(var3) instanceof ASN1Sequence) { var1 = (ASN1Sequence)var1.getObjectAt(0); var2 = false; break; } if(var1.getObjectAt(var3) instanceof ASN1TaggedObject) { ASN1TaggedObject var4 = (ASN1TaggedObject)var1.getObjectAt(var3); if(!(var4.getObject() instanceof ASN1Sequence)) { return; } var1 = (ASN1Sequence)var4.getObject(); var2 = false; break; } } } while(!var2); } public PdfPKCS7(byte[] var1, String var2) { try { this.provider = var2; ASN1InputStream var3 = new ASN1InputStream(new ByteArrayInputStream(var1)); DERObject var4; try { var4 = var3.readObject(); } catch (IOException var26) { throw new IllegalArgumentException("can\'t decode PKCS7SignedData object"); } if(!(var4 instanceof ASN1Sequence)) { throw new IllegalArgumentException("Not a valid PKCS#7 object - not a sequence"); } else { ASN1Sequence var5 = (ASN1Sequence)var4; DERObjectIdentifier var6 = (DERObjectIdentifier)var5.getObjectAt(0); if(!var6.getId().equals("1.2.840.113549.1.7.2")) { throw new IllegalArgumentException("Not a valid PKCS#7 object - not signed data"); } else { ASN1Sequence var7 = (ASN1Sequence)((DERTaggedObject)var5.getObjectAt(1)).getObject(); this.version = ((DERInteger)var7.getObjectAt(0)).getValue().intValue(); this.digestalgos = new HashSet(); Enumeration var8 = ((ASN1Set)var7.getObjectAt(1)).getObjects(); while(var8.hasMoreElements()) { ASN1Sequence var9 = (ASN1Sequence)var8.nextElement(); DERObjectIdentifier var10 = (DERObjectIdentifier)var9.getObjectAt(0); this.digestalgos.add(var10.getId()); } X509CertParser var28 = new X509CertParser(); var28.engineInit(new ByteArrayInputStream(var1)); this.certs = var28.engineReadAll(); X509CRLParser var29 = new X509CRLParser(); var29.engineInit(new ByteArrayInputStream(var1)); this.crls = var29.engineReadAll(); ASN1Sequence var11 = (ASN1Sequence)var7.getObjectAt(2); if(var11.size() > 1) { DEROctetString var12 = (DEROctetString)((DERTaggedObject)var11.getObjectAt(1)).getObject(); this.RSAdata = var12.getOctets(); } int var30; for(var30 = 3; var7.getObjectAt(var30) instanceof DERTaggedObject; ++var30) { ; } ASN1Set var13 = (ASN1Set)var7.getObjectAt(var30); if(var13.size() != 1) { throw new IllegalArgumentException("This PKCS#7 object has multiple SignerInfos - only one is supported at this time"); } else { ASN1Sequence var14 = (ASN1Sequence)var13.getObjectAt(0); this.signerversion = ((DERInteger)var14.getObjectAt(0)).getValue().intValue(); ASN1Sequence var15 = (ASN1Sequence)var14.getObjectAt(1); BigInteger var16 = ((DERInteger)var15.getObjectAt(1)).getValue(); Iterator var17 = this.certs.iterator(); while(var17.hasNext()) { X509Certificate var18 = (X509Certificate)var17.next(); if(var16.equals(var18.getSerialNumber())) { this.signCert = var18; break; } } if(this.signCert == null) { throw new IllegalArgumentException("Can\'t find signing certificate with serial " + var16.toString(16)); } else { this.signCertificateChain(); this.digestAlgorithm = ((DERObjectIdentifier)((ASN1Sequence)var14.getObjectAt(2)).getObjectAt(0)).getId(); var30 = 3; ASN1Set var21; ASN1Sequence var22; ASN1Set var33; if(var14.getObjectAt(var30) instanceof ASN1TaggedObject) { ASN1TaggedObject var31 = (ASN1TaggedObject)var14.getObjectAt(var30); var33 = ASN1Set.getInstance(var31, false); this.sigAttr = var33.getEncoded("DER"); for(int var19 = 0; var19 < var33.size(); ++var19) { ASN1Sequence var20 = (ASN1Sequence)var33.getObjectAt(var19); if(((DERObjectIdentifier)var20.getObjectAt(0)).getId().equals("1.2.840.113549.1.9.4")) { var21 = (ASN1Set)var20.getObjectAt(1); this.digestAttr = ((DEROctetString)var21.getObjectAt(0)).getOctets(); } else if(((DERObjectIdentifier)var20.getObjectAt(0)).getId().equals("1.2.840.113583.1.1.8")) { var21 = (ASN1Set)var20.getObjectAt(1); var22 = (ASN1Sequence)var21.getObjectAt(0); for(int var23 = 0; var23 < var22.size(); ++var23) { ASN1TaggedObject var24 = (ASN1TaggedObject)var22.getObjectAt(var23); if(var24.getTagNo() == 1) { ASN1Sequence var25 = (ASN1Sequence)var24.getObject(); this.findOcsp(var25); } } } } if(this.digestAttr == null) { throw new IllegalArgumentException("Authenticated attribute is missing the digest."); } ++var30; } this.digestEncryptionAlgorithm = ((DERObjectIdentifier)((ASN1Sequence)var14.getObjectAt(var30++)).getObjectAt(0)).getId(); this.digest = ((DEROctetString)var14.getObjectAt(var30++)).getOctets(); if(var30 < var14.size() && var14.getObjectAt(var30) instanceof DERTaggedObject) { DERTaggedObject var32 = (DERTaggedObject)var14.getObjectAt(var30); var33 = ASN1Set.getInstance(var32, false); AttributeTable var34 = new AttributeTable(var33); Attribute var35 = var34.get(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken); if(var35 != null) { var21 = var35.getAttrValues(); var22 = ASN1Sequence.getInstance(var21.getObjectAt(0)); ContentInfo var36 = new ContentInfo(var22); this.timeStampToken = new TimeStampToken(var36); } } if(this.RSAdata != null || this.digestAttr != null) { if(var2 != null && !var2.startsWith("SunPKCS11")) { this.messageDigest = MessageDigest.getInstance(this.getHashAlgorithm(), var2); } else { this.messageDigest = MessageDigest.getInstance(this.getHashAlgorithm()); } } if(var2 == null) { this.sig = Signature.getInstance(this.getDigestAlgorithm()); } else { this.sig = Signature.getInstance(this.getDigestAlgorithm(), var2); } this.sig.initVerify(this.signCert.getPublicKey()); } } } } } catch (Exception var27) { throw new ExceptionConverter(var27); } } public PdfPKCS7(PrivateKey var1, Certificate[] var2, CRL[] var3, String var4, String var5, boolean var6) throws InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException { this.privKey = var1; this.provider = var5; this.digestAlgorithm = (String)allowedDigests.get(var4.toUpperCase()); if(this.digestAlgorithm == null) { throw new NoSuchAlgorithmException("Unknown Hash Algorithm " + var4); } else { this.version = this.signerversion = 1; this.certs = new ArrayList(); this.crls = new ArrayList(); this.digestalgos = new HashSet(); this.digestalgos.add(this.digestAlgorithm); this.signCert = (X509Certificate)var2[0]; int var7; for(var7 = 0; var7 < var2.length; ++var7) { this.certs.add(var2[var7]); } if(var3 != null) { for(var7 = 0; var7 < var3.length; ++var7) { this.crls.add(var3[var7]); } } if(var1 != null) { this.digestEncryptionAlgorithm = var1.getAlgorithm(); if(this.digestEncryptionAlgorithm.equals("RSA")) { this.digestEncryptionAlgorithm = "1.2.840.113549.1.1.1"; } else { if(!this.digestEncryptionAlgorithm.equals("DSA")) { throw new NoSuchAlgorithmException("Unknown Key Algorithm " + this.digestEncryptionAlgorithm); } this.digestEncryptionAlgorithm = "1.2.840.10040.4.1"; } } if(var6) { this.RSAdata = new byte[0]; if(var5 != null && !var5.startsWith("SunPKCS11")) { this.messageDigest = MessageDigest.getInstance(this.getHashAlgorithm(), var5); } else { this.messageDigest = MessageDigest.getInstance(this.getHashAlgorithm()); } } if(var1 != null) { if(var5 == null) { this.sig = Signature.getInstance(this.getDigestAlgorithm()); } else { this.sig = Signature.getInstance(this.getDigestAlgorithm(), var5); } this.sig.initSign(var1); } } } public void update(byte[] var1, int var2, int var3) throws SignatureException { if(this.RSAdata == null && this.digestAttr == null) { this.sig.update(var1, var2, var3); } else { this.messageDigest.update(var1, var2, var3); } } public boolean verify() throws SignatureException { if(this.verified) { return this.verifyResult; } else { if(this.sigAttr != null) { this.sig.update(this.sigAttr); if(this.RSAdata != null) { byte[] var1 = this.messageDigest.digest(); this.messageDigest.update(var1); } this.verifyResult = Arrays.equals(this.messageDigest.digest(), this.digestAttr) && this.sig.verify(this.digest); } else { if(this.RSAdata != null) { this.sig.update(this.messageDigest.digest()); } this.verifyResult = this.sig.verify(this.digest); } this.verified = true; return this.verifyResult; } } public boolean verifyTimestampImprint() throws NoSuchAlgorithmException { if(this.timeStampToken == null) { return false; } else { MessageImprint var1 = this.timeStampToken.getTimeStampInfo().toTSTInfo().getMessageImprint(); byte[] var2 = MessageDigest.getInstance("SHA-1").digest(this.digest); byte[] var3 = var1.getHashedMessage(); boolean var4 = Arrays.equals(var2, var3); return var4; } } public Certificate[] getCertificates() { return (X509Certificate[])((X509Certificate[])this.certs.toArray(new X509Certificate[this.certs.size()])); } public Certificate[] getSignCertificateChain() { return (X509Certificate[])((X509Certificate[])this.signCerts.toArray(new X509Certificate[this.signCerts.size()])); } private void signCertificateChain() { ArrayList var1 = new ArrayList(); var1.add(this.signCert); ArrayList var2 = new ArrayList(this.certs); for(int var3 = 0; var3 < var2.size(); ++var3) { if(this.signCert.getSerialNumber().equals(((X509Certificate)var2.get(var3)).getSerialNumber())) { var2.remove(var3); --var3; } } boolean var8 = true; while(var8) { X509Certificate var4 = (X509Certificate)var1.get(var1.size() - 1); var8 = false; int var5 = 0; while(var5 < var2.size()) { try { if(this.provider == null) { var4.verify(((X509Certificate)var2.get(var5)).getPublicKey()); } else { var4.verify(((X509Certificate)var2.get(var5)).getPublicKey(), this.provider); } var8 = true; var1.add(var2.get(var5)); var2.remove(var5); break; } catch (Exception var7) { ++var5; } } } this.signCerts = var1; } public Collection getCRLs() { return this.crls; } public X509Certificate getSigningCertificate() { return this.signCert; } public int getVersion() { return this.version; } public int getSigningInfoVersion() { return this.signerversion; } public String getDigestAlgorithm() { String var1 = getAlgorithm(this.digestEncryptionAlgorithm); if(var1 == null) { var1 = this.digestEncryptionAlgorithm; } return this.getHashAlgorithm() + "with" + var1; } public String getHashAlgorithm() { return getDigest(this.digestAlgorithm); } public static KeyStore loadCacertsKeyStore() { return loadCacertsKeyStore((String)null); } public static KeyStore loadCacertsKeyStore(String var0) { File var1 = new File(System.getProperty("java.home"), "lib"); var1 = new File(var1, "security"); var1 = new File(var1, "cacerts"); FileInputStream var2 = null; KeyStore var4; try { var2 = new FileInputStream(var1); KeyStore var3; if(var0 == null) { var3 = KeyStore.getInstance("JKS"); } else { var3 = KeyStore.getInstance("JKS", var0); } var3.load(var2, (char[])null); var4 = var3; } catch (Exception var13) { throw new ExceptionConverter(var13); } finally { try { if(var2 != null) { var2.close(); } } catch (Exception var12) { ; } } return var4; } public static String verifyCertificate(X509Certificate var0, Collection var1, Calendar var2) { if(var2 == null) { var2 = new GregorianCalendar(); } if(var0.hasUnsupportedCriticalExtension()) { return "Has unsupported critical extension"; } else { try { var0.checkValidity(((Calendar)var2).getTime()); } catch (Exception var4) { return var4.getMessage(); } if(var1 != null) { Iterator var3 = var1.iterator(); while(var3.hasNext()) { if(((CRL)var3.next()).isRevoked(var0)) { return "Certificate revoked"; } } } return null; } } public static Object[] verifyCertificates(Certificate[] var0, KeyStore var1, Collection var2, Calendar var3) { if(var3 == null) { var3 = new GregorianCalendar(); } for(int var4 = 0; var4 < var0.length; ++var4) { X509Certificate var5 = (X509Certificate)var0[var4]; String var6 = verifyCertificate(var5, var2, (Calendar)var3); if(var6 != null) { return new Object[]{var5, var6}; } try { Enumeration var7 = var1.aliases(); while(var7.hasMoreElements()) { try { String var8 = (String)var7.nextElement(); if(var1.isCertificateEntry(var8)) { X509Certificate var9 = (X509Certificate)var1.getCertificate(var8); if(verifyCertificate(var9, var2, (Calendar)var3) == null) { try { var5.verify(var9.getPublicKey()); return null; } catch (Exception var12) { ; } } } } catch (Exception var13) { ; } } } catch (Exception var14) { ; } int var15; for(var15 = 0; var15 < var0.length; ++var15) { if(var15 != var4) { X509Certificate var16 = (X509Certificate)var0[var15]; try { var5.verify(var16.getPublicKey()); break; } catch (Exception var11) { ; } } } if(var15 == var0.length) { return new Object[]{var5, "Cannot be verified against the KeyStore or the certificate chain"}; } } return new Object[]{null, "Invalid state. Possible circular certificate chain"}; } public static boolean verifyOcspCertificates(BasicOCSPResp var0, KeyStore var1, String var2) { if(var2 == null) { var2 = "BC"; } try { Enumeration var3 = var1.aliases(); while(var3.hasMoreElements()) { try { String var4 = (String)var3.nextElement(); if(var1.isCertificateEntry(var4)) { X509Certificate var5 = (X509Certificate)var1.getCertificate(var4); if(var0.verify(var5.getPublicKey(), var2)) { return true; } } } catch (Exception var6) { ; } } } catch (Exception var7) { ; } return false; } public static boolean verifyTimestampCertificates(TimeStampToken var0, KeyStore var1, String var2) { if(var2 == null) { var2 = "BC"; } try { Enumeration var3 = var1.aliases(); while(var3.hasMoreElements()) { try { String var4 = (String)var3.nextElement(); if(var1.isCertificateEntry(var4)) { X509Certificate var5 = (X509Certificate)var1.getCertificate(var4); var0.validate(var5, var2); return true; } } catch (Exception var6) { ; } } } catch (Exception var7) { ; } return false; } public static String getOCSPURL(X509Certificate var0) throws CertificateParsingException { try { DERObject var1 = getExtensionValue(var0, X509Extensions.AuthorityInfoAccess.getId()); if(var1 == null) { return null; } ASN1Sequence var2 = (ASN1Sequence)var1; for(int var3 = 0; var3 < var2.size(); ++var3) { ASN1Sequence var4 = (ASN1Sequence)var2.getObjectAt(var3); if(var4.size() == 2 && var4.getObjectAt(0) instanceof DERObjectIdentifier && ((DERObjectIdentifier)var4.getObjectAt(0)).getId().equals("1.3.6.1.5.5.7.48.1")) { String var5 = getStringFromGeneralName((DERObject)var4.getObjectAt(1)); if(var5 == null) { return ""; } return var5; } } } catch (Exception var6) { ; } return null; } public boolean isRevocationValid() { if(this.basicResp == null) { return false; } else if(this.signCerts.size() < 2) { return false; } else { try { X509Certificate[] var1 = (X509Certificate[])((X509Certificate[])this.getSignCertificateChain()); SingleResp var2 = this.basicResp.getResponses()[0]; CertificateID var3 = var2.getCertID(); X509Certificate var4 = this.getSigningCertificate(); X509Certificate var5 = var1[1]; CertificateID var6 = new CertificateID("1.3.14.3.2.26", var5, var4.getSerialNumber()); return var6.equals(var3); } catch (Exception var7) { return false; } } } private static DERObject getExtensionValue(X509Certificate var0, String var1) throws IOException { byte[] var2 = var0.getExtensionValue(var1); if(var2 == null) { return null; } else { ASN1InputStream var3 = new ASN1InputStream(new ByteArrayInputStream(var2)); ASN1OctetString var4 = (ASN1OctetString)var3.readObject(); var3 = new ASN1InputStream(new ByteArrayInputStream(var4.getOctets())); return var3.readObject(); } } private static String getStringFromGeneralName(DERObject var0) throws IOException { DERTaggedObject var1 = (DERTaggedObject)var0; return new String(ASN1OctetString.getInstance(var1, false).getOctets(), "ISO-8859-1"); } private static DERObject getIssuer(byte[] var0) { try { ASN1InputStream var1 = new ASN1InputStream(new ByteArrayInputStream(var0)); ASN1Sequence var2 = (ASN1Sequence)var1.readObject(); return (DERObject)var2.getObjectAt(var2.getObjectAt(0) instanceof DERTaggedObject?3:2); } catch (IOException var3) { throw new ExceptionConverter(var3); } } private static DERObject getSubject(byte[] var0) { try { ASN1InputStream var1 = new ASN1InputStream(new ByteArrayInputStream(var0)); ASN1Sequence var2 = (ASN1Sequence)var1.readObject(); return (DERObject)var2.getObjectAt(var2.getObjectAt(0) instanceof DERTaggedObject?5:4); } catch (IOException var3) { throw new ExceptionConverter(var3); } } public static PdfPKCS7.X509Name getIssuerFields(X509Certificate var0) { try { return new PdfPKCS7.X509Name((ASN1Sequence)getIssuer(var0.getTBSCertificate())); } catch (Exception var2) { throw new ExceptionConverter(var2); } } public static PdfPKCS7.X509Name getSubjectFields(X509Certificate var0) { try { return new PdfPKCS7.X509Name((ASN1Sequence)getSubject(var0.getTBSCertificate())); } catch (Exception var2) { throw new ExceptionConverter(var2); } } public byte[] getEncodedPKCS1() { try { if(this.externalDigest != null) { this.digest = this.externalDigest; } else { this.digest = this.sig.sign(); } ByteArrayOutputStream var1 = new ByteArrayOutputStream(); ASN1OutputStream var2 = new ASN1OutputStream(var1); var2.writeObject(new DEROctetString(this.digest)); var2.close(); return var1.toByteArray(); } catch (Exception var3) { throw new ExceptionConverter(var3); } } public void setExternalDigest(byte[] var1, byte[] var2, String var3) { this.externalDigest = var1; this.externalRSAdata = var2; if(var3 != null) { if(var3.equals("RSA")) { this.digestEncryptionAlgorithm = "1.2.840.113549.1.1.1"; } else { if(!var3.equals("DSA")) { throw new ExceptionConverter(new NoSuchAlgorithmException("Unknown Key Algorithm " + var3)); } this.digestEncryptionAlgorithm = "1.2.840.10040.4.1"; } } } public byte[] getEncodedPKCS7() { return this.getEncodedPKCS7((byte[])null, (Calendar)null, (TSAClient)null, (byte[])null); } public byte[] getEncodedPKCS7(byte[] var1, Calendar var2) { return this.getEncodedPKCS7(var1, var2, (TSAClient)null, (byte[])null); } public byte[] getEncodedPKCS7(byte[] var1, Calendar var2, TSAClient var3, byte[] var4) { try { if(this.externalDigest != null) { this.digest = this.externalDigest; if(this.RSAdata != null) { this.RSAdata = this.externalRSAdata; } } else if(this.externalRSAdata != null && this.RSAdata != null) { this.RSAdata = this.externalRSAdata; this.sig.update(this.RSAdata); this.digest = this.sig.sign(); } else { if(this.RSAdata != null) { this.RSAdata = this.messageDigest.digest(); this.sig.update(this.RSAdata); } this.digest = this.sig.sign(); } ASN1EncodableVector var5 = new ASN1EncodableVector(); Iterator var6 = this.digestalgos.iterator(); while(var6.hasNext()) { ASN1EncodableVector var7 = new ASN1EncodableVector(); var7.add(new DERObjectIdentifier((String)var6.next())); var7.add(DERNull.INSTANCE); var5.add(new DERSequence(var7)); } ASN1EncodableVector var15 = new ASN1EncodableVector(); var15.add(new DERObjectIdentifier("1.2.840.113549.1.7.1")); if(this.RSAdata != null) { var15.add(new DERTaggedObject(0, new DEROctetString(this.RSAdata))); } DERSequence var16 = new DERSequence(var15); var15 = new ASN1EncodableVector(); Iterator var8 = this.certs.iterator(); while(var8.hasNext()) { ASN1InputStream var9 = new ASN1InputStream(new ByteArrayInputStream(((X509Certificate)var8.next()).getEncoded())); var15.add(var9.readObject()); } DERSet var17 = new DERSet(var15); ASN1EncodableVector var18 = new ASN1EncodableVector(); var18.add(new DERInteger(this.signerversion)); var15 = new ASN1EncodableVector(); var15.add(getIssuer(this.signCert.getTBSCertificate())); var15.add(new DERInteger(this.signCert.getSerialNumber())); var18.add(new DERSequence(var15)); var15 = new ASN1EncodableVector(); var15.add(new DERObjectIdentifier(this.digestAlgorithm)); var15.add(new DERNull()); var18.add(new DERSequence(var15)); if(var1 != null && var2 != null) { var18.add(new DERTaggedObject(false, 0, this.getAuthenticatedAttributeSet(var1, var2, var4))); } var15 = new ASN1EncodableVector(); var15.add(new DERObjectIdentifier(this.digestEncryptionAlgorithm)); var15.add(new DERNull()); var18.add(new DERSequence(var15)); var18.add(new DEROctetString(this.digest)); if(var3 != null) { byte[] var10 = MessageDigest.getInstance("SHA-1").digest(this.digest); byte[] var11 = var3.getTimeStampToken(this, var10); if(var11 != null) { ASN1EncodableVector var12 = this.buildUnauthenticatedAttributes(var11); if(var12 != null) { var18.add(new DERTaggedObject(false, 1, new DERSet(var12))); } } } ASN1EncodableVector var19 = new ASN1EncodableVector(); var19.add(new DERInteger(this.version)); var19.add(new DERSet(var5)); var19.add(var16); var19.add(new DERTaggedObject(false, 0, var17)); if(!this.crls.isEmpty()) { var15 = new ASN1EncodableVector(); Iterator var20 = this.crls.iterator(); while(var20.hasNext()) { ASN1InputStream var23 = new ASN1InputStream(new ByteArrayInputStream(((X509CRL)var20.next()).getEncoded())); var15.add(var23.readObject()); } DERSet var21 = new DERSet(var15); var19.add(new DERTaggedObject(false, 1, var21)); } var19.add(new DERSet(new DERSequence(var18))); ASN1EncodableVector var22 = new ASN1EncodableVector(); var22.add(new DERObjectIdentifier("1.2.840.113549.1.7.2")); var22.add(new DERTaggedObject(0, new DERSequence(var19))); ByteArrayOutputStream var24 = new ByteArrayOutputStream(); ASN1OutputStream var13 = new ASN1OutputStream(var24); var13.writeObject(new DERSequence(var22)); var13.close(); return var24.toByteArray(); } catch (Exception var14) { throw new ExceptionConverter(var14); } } private ASN1EncodableVector buildUnauthenticatedAttributes(byte[] var1) throws IOException { if(var1 == null) { return null; } else { String var2 = "1.2.840.113549.1.9.16.2.14"; ASN1InputStream var3 = new ASN1InputStream(new ByteArrayInputStream(var1)); ASN1EncodableVector var4 = new ASN1EncodableVector(); ASN1EncodableVector var5 = new ASN1EncodableVector(); var5.add(new DERObjectIdentifier(var2)); ASN1Sequence var6 = (ASN1Sequence)var3.readObject(); var5.add(new DERSet(var6)); var4.add(new DERSequence(var5)); return var4; } } public byte[] getAuthenticatedAttributeBytes(byte[] var1, Calendar var2, byte[] var3) { try { return this.getAuthenticatedAttributeSet(var1, var2, var3).getEncoded("DER"); } catch (Exception var5) { throw new ExceptionConverter(var5); } } private DERSet getAuthenticatedAttributeSet(byte[] var1, Calendar var2, byte[] var3) { try { ASN1EncodableVector var4 = new ASN1EncodableVector(); ASN1EncodableVector var5 = new ASN1EncodableVector(); var5.add(new DERObjectIdentifier("1.2.840.113549.1.9.3")); var5.add(new DERSet(new DERObjectIdentifier("1.2.840.113549.1.7.1"))); var4.add(new DERSequence(var5)); var5 = new ASN1EncodableVector(); var5.add(new DERObjectIdentifier("1.2.840.113549.1.9.5")); var5.add(new DERSet(new DERUTCTime(var2.getTime()))); var4.add(new DERSequence(var5)); var5 = new ASN1EncodableVector(); var5.add(new DERObjectIdentifier("1.2.840.113549.1.9.4")); var5.add(new DERSet(new DEROctetString(var1))); var4.add(new DERSequence(var5)); if(var3 != null) { var5 = new ASN1EncodableVector(); var5.add(new DERObjectIdentifier("1.2.840.113583.1.1.8")); DEROctetString var6 = new DEROctetString(var3); ASN1EncodableVector var7 = new ASN1EncodableVector(); ASN1EncodableVector var8 = new ASN1EncodableVector(); var8.add(OCSPObjectIdentifiers.id_pkix_ocsp_basic); var8.add(var6); DEREnumerated var9 = new DEREnumerated(0); ASN1EncodableVector var10 = new ASN1EncodableVector(); var10.add(var9); var10.add(new DERTaggedObject(true, 0, new DERSequence(var8))); var7.add(new DERSequence(var10)); var5.add(new DERSet(new DERSequence(new DERTaggedObject(true, 1, new DERSequence(var7))))); var4.add(new DERSequence(var5)); } else if(!this.crls.isEmpty()) { var5 = new ASN1EncodableVector(); var5.add(new DERObjectIdentifier("1.2.840.113583.1.1.8")); ASN1EncodableVector var12 = new ASN1EncodableVector(); Iterator var13 = this.crls.iterator(); while(var13.hasNext()) { ASN1InputStream var14 = new ASN1InputStream(new ByteArrayInputStream(((X509CRL)var13.next()).getEncoded())); var12.add(var14.readObject()); } var5.add(new DERSet(new DERSequence(new DERTaggedObject(true, 0, new DERSequence(var12))))); var4.add(new DERSequence(var5)); } return new DERSet(var4); } catch (Exception var11) { throw new ExceptionConverter(var11); } } public String getReason() { return this.reason; } public void setReason(String var1) { this.reason = var1; } public String getLocation() { return this.location; } public void setLocation(String var1) { this.location = var1; } public Calendar getSignDate() { return this.signDate; } public void setSignDate(Calendar var1) { this.signDate = var1; } public String getSignName() { return this.signName; } public void setSignName(String var1) { this.signName = var1; } static { digestNames.put("1.2.840.113549.2.5", "MD5"); digestNames.put("1.2.840.113549.2.2", "MD2"); digestNames.put("1.3.14.3.2.26", "SHA1"); digestNames.put("2.16.840.1.101.3.4.2.4", "SHA224"); digestNames.put("2.16.840.1.101.3.4.2.1", "SHA256"); digestNames.put("2.16.840.1.101.3.4.2.2", "SHA384"); digestNames.put("2.16.840.1.101.3.4.2.3", "SHA512"); digestNames.put("1.3.36.3.2.2", "RIPEMD128"); digestNames.put("1.3.36.3.2.1", "RIPEMD160"); digestNames.put("1.3.36.3.2.3", "RIPEMD256"); digestNames.put("1.2.840.113549.1.1.4", "MD5"); digestNames.put("1.2.840.113549.1.1.2", "MD2"); digestNames.put("1.2.840.113549.1.1.5", "SHA1"); digestNames.put("1.2.840.113549.1.1.14", "SHA224"); digestNames.put("1.2.840.113549.1.1.11", "SHA256"); digestNames.put("1.2.840.113549.1.1.12", "SHA384"); digestNames.put("1.2.840.113549.1.1.13", "SHA512"); digestNames.put("1.2.840.113549.2.5", "MD5"); digestNames.put("1.2.840.113549.2.2", "MD2"); digestNames.put("1.2.840.10040.4.3", "SHA1"); digestNames.put("2.16.840.1.101.3.4.3.1", "SHA224"); digestNames.put("2.16.840.1.101.3.4.3.2", "SHA256"); digestNames.put("2.16.840.1.101.3.4.3.3", "SHA384"); digestNames.put("2.16.840.1.101.3.4.3.4", "SHA512"); digestNames.put("1.3.36.3.3.1.3", "RIPEMD128"); digestNames.put("1.3.36.3.3.1.2", "RIPEMD160"); digestNames.put("1.3.36.3.3.1.4", "RIPEMD256"); algorithmNames.put("1.2.840.113549.1.1.1", "RSA"); algorithmNames.put("1.2.840.10040.4.1", "DSA"); algorithmNames.put("1.2.840.113549.1.1.2", "RSA"); algorithmNames.put("1.2.840.113549.1.1.4", "RSA"); algorithmNames.put("1.2.840.113549.1.1.5", "RSA"); algorithmNames.put("1.2.840.113549.1.1.14", "RSA"); algorithmNames.put("1.2.840.113549.1.1.11", "RSA"); algorithmNames.put("1.2.840.113549.1.1.12", "RSA"); algorithmNames.put("1.2.840.113549.1.1.13", "RSA"); algorithmNames.put("1.2.840.10040.4.3", "DSA"); algorithmNames.put("2.16.840.1.101.3.4.3.1", "DSA"); algorithmNames.put("2.16.840.1.101.3.4.3.2", "DSA"); algorithmNames.put("1.3.36.3.3.1.3", "RSA"); algorithmNames.put("1.3.36.3.3.1.2", "RSA"); algorithmNames.put("1.3.36.3.3.1.4", "RSA"); allowedDigests.put("MD5", "1.2.840.113549.2.5"); allowedDigests.put("MD2", "1.2.840.113549.2.2"); allowedDigests.put("SHA1", "1.3.14.3.2.26"); allowedDigests.put("SHA224", "2.16.840.1.101.3.4.2.4"); allowedDigests.put("SHA256", "2.16.840.1.101.3.4.2.1"); allowedDigests.put("SHA384", "2.16.840.1.101.3.4.2.2"); allowedDigests.put("SHA512", "2.16.840.1.101.3.4.2.3"); allowedDigests.put("MD-5", "1.2.840.113549.2.5"); allowedDigests.put("MD-2", "1.2.840.113549.2.2"); allowedDigests.put("SHA-1", "1.3.14.3.2.26"); allowedDigests.put("SHA-224", "2.16.840.1.101.3.4.2.4"); allowedDigests.put("SHA-256", "2.16.840.1.101.3.4.2.1"); allowedDigests.put("SHA-384", "2.16.840.1.101.3.4.2.2"); allowedDigests.put("SHA-512", "2.16.840.1.101.3.4.2.3"); allowedDigests.put("RIPEMD128", "1.3.36.3.2.2"); allowedDigests.put("RIPEMD-128", "1.3.36.3.2.2"); allowedDigests.put("RIPEMD160", "1.3.36.3.2.1"); allowedDigests.put("RIPEMD-160", "1.3.36.3.2.1"); allowedDigests.put("RIPEMD256", "1.3.36.3.2.3"); allowedDigests.put("RIPEMD-256", "1.3.36.3.2.3"); } public static class X509NameTokenizer { private String oid; private int index; private StringBuffer buf = new StringBuffer(); public X509NameTokenizer(String var1) { this.oid = var1; this.index = -1; } public boolean hasMoreTokens() { return this.index != this.oid.length(); } public String nextToken() { if(this.index == this.oid.length()) { return null; } else { int var1 = this.index + 1; boolean var2 = false; boolean var3 = false; this.buf.setLength(0); for(; var1 != this.oid.length(); ++var1) { char var4 = this.oid.charAt(var1); if(var4 == 34) { if(!var3) { var2 = !var2; } else { this.buf.append(var4); } var3 = false; } else if(!var3 && !var2) { if(var4 == 92) { var3 = true; } else { if(var4 == 44) { break; } this.buf.append(var4); } } else { this.buf.append(var4); var3 = false; } } this.index = var1; return this.buf.toString().trim(); } } } public static class X509Name { public static final DERObjectIdentifier C = new DERObjectIdentifier("2.5.4.6"); public static final DERObjectIdentifier O = new DERObjectIdentifier("2.5.4.10"); public static final DERObjectIdentifier OU = new DERObjectIdentifier("2.5.4.11"); public static final DERObjectIdentifier T = new DERObjectIdentifier("2.5.4.12"); public static final DERObjectIdentifier CN = new DERObjectIdentifier("2.5.4.3"); public static final DERObjectIdentifier SN = new DERObjectIdentifier("2.5.4.5"); public static final DERObjectIdentifier L = new DERObjectIdentifier("2.5.4.7"); public static final DERObjectIdentifier ST = new DERObjectIdentifier("2.5.4.8"); public static final DERObjectIdentifier SURNAME = new DERObjectIdentifier("2.5.4.4"); public static final DERObjectIdentifier GIVENNAME = new DERObjectIdentifier("2.5.4.42"); public static final DERObjectIdentifier INITIALS = new DERObjectIdentifier("2.5.4.43"); public static final DERObjectIdentifier GENERATION = new DERObjectIdentifier("2.5.4.44"); public static final DERObjectIdentifier UNIQUE_IDENTIFIER = new DERObjectIdentifier("2.5.4.45"); public static final DERObjectIdentifier EmailAddress = new DERObjectIdentifier("1.2.840.113549.1.9.1"); public static final DERObjectIdentifier E; public static final DERObjectIdentifier DC; public static final DERObjectIdentifier UID; public static HashMap DefaultSymbols; public HashMap values = new HashMap(); public X509Name(ASN1Sequence var1) { Enumeration var2 = var1.getObjects(); while(var2.hasMoreElements()) { ASN1Set var3 = (ASN1Set)var2.nextElement(); for(int var4 = 0; var4 < var3.size(); ++var4) { ASN1Sequence var5 = (ASN1Sequence)var3.getObjectAt(var4); String var6 = (String)DefaultSymbols.get(var5.getObjectAt(0)); if(var6 != null) { ArrayList var7 = (ArrayList)this.values.get(var6); if(var7 == null) { var7 = new ArrayList(); this.values.put(var6, var7); } var7.add(((DERString)var5.getObjectAt(1)).getString()); } } } } public X509Name(String var1) { String var6; ArrayList var7; for(PdfPKCS7.X509NameTokenizer var2 = new PdfPKCS7.X509NameTokenizer(var1); var2.hasMoreTokens(); var7.add(var6)) { String var3 = var2.nextToken(); int var4 = var3.indexOf(61); if(var4 == -1) { throw new IllegalArgumentException("badly formated directory string"); } String var5 = var3.substring(0, var4).toUpperCase(); var6 = var3.substring(var4 + 1); var7 = (ArrayList)this.values.get(var5); if(var7 == null) { var7 = new ArrayList(); this.values.put(var5, var7); } } } public String getField(String var1) { ArrayList var2 = (ArrayList)this.values.get(var1); return var2 == null?null:(String)var2.get(0); } public ArrayList getFieldArray(String var1) { ArrayList var2 = (ArrayList)this.values.get(var1); return var2 == null?null:var2; } public HashMap getFields() { return this.values; } public String toString() { return this.values.toString(); } static { E = EmailAddress; DC = new DERObjectIdentifier("0.9.2342.19200300.100.1.25"); UID = new DERObjectIdentifier("0.9.2342.19200300.100.1.1"); DefaultSymbols = new HashMap(); DefaultSymbols.put(C, "C"); DefaultSymbols.put(O, "O"); DefaultSymbols.put(T, "T"); DefaultSymbols.put(OU, "OU"); DefaultSymbols.put(CN, "CN"); DefaultSymbols.put(L, "L"); DefaultSymbols.put(ST, "ST"); DefaultSymbols.put(SN, "SN"); DefaultSymbols.put(EmailAddress, "E"); DefaultSymbols.put(DC, "DC"); DefaultSymbols.put(UID, "UID"); DefaultSymbols.put(SURNAME, "SURNAME"); DefaultSymbols.put(GIVENNAME, "GIVENNAME"); DefaultSymbols.put(INITIALS, "INITIALS"); DefaultSymbols.put(GENERATION, "GENERATION"); } } }