package com.ecopy.common;

import com.puhua.jsicerapp.contants.Constant;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PrintStream;
import java.math.BigInteger;
import java.net.URL;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.SignatureException;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.CertStore;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.time.DateUtils;
import org.apache.log4j.Logger;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DERInputStream;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.DERUTF8String;
import org.bouncycastle.asn1.pkcs.Attribute;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.CRLNumber;
import org.bouncycastle.asn1.x509.PolicyInformation;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.asn1.x509.X509Name;
import org.bouncycastle.asn1.x509.X509NameTokenizer;
import org.bouncycastle.cms.CMSProcessable;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.jce.PKCS10CertificationRequest;
import org.bouncycastle.jce.X509KeyUsage;
import org.bouncycastle.jce.X509V2CRLGenerator;
import org.bouncycastle.jce.X509V3CertificateGenerator;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi;
import org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi;
import org.bouncycastle.ocsp.CertificateID;
import org.springframework.beans.propertyeditors.StringArrayPropertyEditor;
import org.springframework.util.FileCopyUtils;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
import sun.security.pkcs.PKCS10;
import sun.security.pkcs.PKCS10Attributes;

/* loaded from: classes.dex */
public class CertTools {
    public static final String DNS = "dNSName";
    public static final String EMAIL1 = "email";
    public static final String GUID = "guid";
    public static final String GUID_OBJECTID = "1.3.6.1.4.1.311.25.1";
    public static final String IPADDR = "iPAddress";
    public static final String UPN = "upn";
    public static final String UPN_OBJECTID = "1.3.6.1.4.1.311.20.2.3";
    public static final String URI = "uniformResourceIdentifier";
    public static final String URI1 = "uri";
    private static final String[] dNObjects;
    private static final String[] dNObjectsForward;
    private static final String[] dNObjectsReverse;
    static SimpleDateFormat sdf;
    DERObjectIdentifier f;
    private static Logger log = Logger.getLogger(CertTools.class);
    public static final String EMAIL = "rfc822name";
    public static final String EMAIL2 = "EmailAddress";
    public static final String EMAIL3 = "E";
    private static final String[] EMAILIDS = {EMAIL, "email", EMAIL2, EMAIL3};
    public static final DERObjectIdentifier unstructuredName = new DERObjectIdentifier("1.2.840.113549.1.9.2");
    public static final DERObjectIdentifier unstructuredAddress = new DERObjectIdentifier("1.2.840.113549.1.9.8");
    private static final HashMap oids = new HashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class BasicX509NameTokenizer {
        private StringBuffer buf = new StringBuffer();
        private int index = -1;
        private String oid;

        public BasicX509NameTokenizer(String str) {
            this.oid = str;
        }

        public boolean hasMoreTokens() {
            return this.index != this.oid.length();
        }

        public String nextToken() {
            if (this.index == this.oid.length()) {
                return null;
            }
            int i = this.index + 1;
            boolean z = false;
            boolean z2 = false;
            this.buf.setLength(0);
            while (i != this.oid.length()) {
                char charAt = this.oid.charAt(i);
                if (charAt != '\"') {
                    if (!z2 && !z) {
                        if (charAt != '\\') {
                            if (charAt == ',' && !z2) {
                                break;
                            }
                            this.buf.append(charAt);
                        } else {
                            this.buf.append(charAt);
                            z2 = true;
                        }
                    } else {
                        this.buf.append(charAt);
                        z2 = false;
                    }
                } else {
                    if (z2) {
                        this.buf.append(charAt);
                    } else {
                        this.buf.append(charAt);
                        z = !z;
                    }
                    z2 = false;
                }
                i++;
            }
            this.index = i;
            return this.buf.toString().trim();
        }
    }

    static {
        oids.put("c", X509Name.C);
        oids.put("dc", X509Name.DC);
        oids.put("st", X509Name.ST);
        oids.put("l", X509Name.L);
        oids.put("o", X509Name.O);
        oids.put("ou", X509Name.OU);
        oids.put("t", X509Name.T);
        oids.put("surname", X509Name.SURNAME);
        oids.put("initials", X509Name.INITIALS);
        oids.put("givenname", X509Name.GIVENNAME);
        oids.put("gn", X509Name.GIVENNAME);
        oids.put("sn", X509Name.SN);
        oids.put("serialnumber", X509Name.SN);
        oids.put("cn", X509Name.CN);
        oids.put("uid", X509Name.UID);
        oids.put("emailaddress", X509Name.EmailAddress);
        oids.put("e", X509Name.EmailAddress);
        oids.put("email", X509Name.EmailAddress);
        oids.put("1.2.840.113549.1.9.2", unstructuredName);
        oids.put("1.2.840.113549.1.9.8", unstructuredAddress);
        dNObjectsForward = new String[]{"1.2.840.113549.1.9.8", "1.2.840.113549.1.9.2", "emailaddress", "e", "email", "uid", "cn", "sn", "serialnumber", "gn", "givenname", "initials", "surname", "t", "ou", "o", "l", "st", "dc", "c"};
        dNObjectsReverse = new String[]{"c", "dc", "st", "l", "o", "ou", "t", "surname", "initials", "givenname", "gn", "serialnumber", "sn", "cn", "uid", "email", "e", "emailaddress", "1.2.840.113549.1.9.2", "1.2.840.113549.1.9.8"};
        dNObjects = dNObjectsForward;
        sdf = new SimpleDateFormat("yyyyMMddHHmmssSSS");
    }

    private CertTools() {
    }

    public static PKCS10CertificationRequest crteatPKCS10(String str, String str2, PublicKey publicKey, PrivateKey privateKey) {
        installBCProvider();
        try {
            return new PKCS10CertificationRequest(str2, stringToBcX509Name(str), publicKey, new DERSet(new Attribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, new DERSet())), privateKey);
        } catch (InvalidKeyException e) {
            e.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
            return null;
        } catch (NoSuchProviderException e3) {
            e3.printStackTrace();
            return null;
        } catch (SignatureException e4) {
            e4.printStackTrace();
            return null;
        }
    }

    public static X509Certificate genSelfCert() {
        installBCProvider();
        KeyPairGenerator keyPairGenerator = null;
        try {
            keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
        keyPairGenerator.initialize(1024);
        KeyPair genKeyPair = keyPairGenerator.genKeyPair();
        PublicKey publicKey = genKeyPair.getPublic();
        PrivateKey privateKey = genKeyPair.getPrivate();
        PKCS10Attributes pKCS10Attributes = new PKCS10Attributes();
        pKCS10Attributes.setAttribute("O", "O_VALUE");
        pKCS10Attributes.setAttribute("C", "C_VALUE");
        pKCS10Attributes.setAttribute("L", "L_VALUE");
        pKCS10Attributes.setAttribute("OU", "OU_VALUE");
        PKCS10 pkcs10 = new PKCS10(publicKey, pKCS10Attributes);
        System.out.println("--name500s---" + pkcs10.getAttributes().toString());
        stringToBcX509Name(pkcs10.getAttributes().toString());
        X509Certificate x509Certificate = null;
        try {
            x509Certificate = genSelfCert(pkcs10.getAttributes().toString(), 123132L, null, privateKey, pkcs10.getSubjectPublicKeyInfo(), true);
        } catch (InvalidKeyException e2) {
            e2.printStackTrace();
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
        } catch (SignatureException e4) {
            e4.printStackTrace();
        }
        new BASE64Decoder();
        try {
            System.out.println("====" + new BASE64Encoder().encode(x509Certificate.getEncoded()));
        } catch (CertificateEncodingException e5) {
            e5.printStackTrace();
        }
        return x509Certificate;
    }

    public static X509Certificate genSelfCert(String str, long j, String str2, PrivateKey privateKey, PublicKey publicKey, boolean z) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        Date date = new Date();
        date.setTime(date.getTime() - 600000);
        Date date2 = new Date();
        date2.setTime(date2.getTime() + (DateUtils.MILLIS_PER_DAY * j));
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
        secureRandom.setSeed(new Date().getTime());
        secureRandom.nextBytes(new byte[8]);
        x509V3CertificateGenerator.setSerialNumber(new BigInteger(Constant.APP_SUCCESS_SQ + sdf.format(new Date())));
        x509V3CertificateGenerator.setNotBefore(date);
        x509V3CertificateGenerator.setNotAfter(date2);
        x509V3CertificateGenerator.setSignatureAlgorithm("SHA1WithRSA");
        x509V3CertificateGenerator.setSubjectDN(stringToBcX509Name(str));
        x509V3CertificateGenerator.setIssuerDN(stringToBcX509Name(str));
        x509V3CertificateGenerator.setPublicKey(publicKey);
        x509V3CertificateGenerator.addExtension(X509Extensions.BasicConstraints.getId(), true, (DEREncodable) new BasicConstraints(z));
        if (z) {
            x509V3CertificateGenerator.addExtension(X509Extensions.KeyUsage.getId(), true, (DEREncodable) new X509KeyUsage(6));
        }
        if (z) {
            try {
                SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifier(new SubjectPublicKeyInfo((ASN1Sequence) new DERInputStream(new ByteArrayInputStream(publicKey.getEncoded())).readObject()));
                AuthorityKeyIdentifier authorityKeyIdentifier = new AuthorityKeyIdentifier(new SubjectPublicKeyInfo((ASN1Sequence) new DERInputStream(new ByteArrayInputStream(publicKey.getEncoded())).readObject()));
                x509V3CertificateGenerator.addExtension(X509Extensions.SubjectKeyIdentifier.getId(), false, (DEREncodable) subjectKeyIdentifier);
                x509V3CertificateGenerator.addExtension(X509Extensions.AuthorityKeyIdentifier.getId(), false, (DEREncodable) authorityKeyIdentifier);
            } catch (IOException e) {
            }
        }
        if (str2 != null) {
            x509V3CertificateGenerator.addExtension(X509Extensions.CertificatePolicies.getId(), false, (DEREncodable) new DERSequence(new PolicyInformation(new DERObjectIdentifier(str2))));
        }
        return x509V3CertificateGenerator.generateX509Certificate(privateKey);
    }

    public static X509Certificate genSelfCert(String str, String str2, long j, String str3, PrivateKey privateKey, PublicKey publicKey, boolean z) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        Date date = new Date();
        date.setTime(date.getTime() - 600000);
        Date date2 = new Date();
        date2.setTime(date2.getTime() + (DateUtils.MILLIS_PER_DAY * j));
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
        secureRandom.setSeed(new Date().getTime());
        secureRandom.nextBytes(new byte[8]);
        x509V3CertificateGenerator.setSerialNumber(new BigInteger("11000000000000002"));
        x509V3CertificateGenerator.setNotBefore(date);
        x509V3CertificateGenerator.setNotAfter(date2);
        x509V3CertificateGenerator.setSignatureAlgorithm("SHA1WithRSA");
        x509V3CertificateGenerator.setSubjectDN(stringToBcX509Name(str));
        if (str2 == null) {
            x509V3CertificateGenerator.setIssuerDN(stringToBcX509Name(str));
        } else {
            x509V3CertificateGenerator.setIssuerDN(stringToBcX509Name(str2));
        }
        x509V3CertificateGenerator.setPublicKey(publicKey);
        x509V3CertificateGenerator.addExtension(X509Extensions.BasicConstraints.getId(), true, (DEREncodable) new BasicConstraints(z));
        if (z) {
            x509V3CertificateGenerator.addExtension(X509Extensions.KeyUsage.getId(), true, (DEREncodable) new X509KeyUsage(6));
        }
        if (!z) {
            x509V3CertificateGenerator.addExtension(X509Extensions.CRLDistributionPoints, true, "casn=CA1100,root=ca".getBytes());
        }
        if (str3 != null) {
            x509V3CertificateGenerator.addExtension(X509Extensions.CertificatePolicies.getId(), false, (DEREncodable) new DERSequence(new PolicyInformation(new DERObjectIdentifier(str3))));
        }
        return x509V3CertificateGenerator.generateX509Certificate(privateKey);
    }

    public static X509Certificate genSelfCert(String str, String str2, long j, String[] strArr, String[] strArr2, PrivateKey privateKey, PublicKey publicKey) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        Date date = new Date();
        date.setTime(date.getTime() - 600000);
        Date date2 = new Date();
        date2.setTime(date2.getTime() + (DateUtils.MILLIS_PER_DAY * j));
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        byte[] bArr = new byte[8];
        x509V3CertificateGenerator.setSerialNumber(new BigInteger(sdf.format(new Date())));
        x509V3CertificateGenerator.setNotBefore(date);
        x509V3CertificateGenerator.setNotAfter(date2);
        x509V3CertificateGenerator.setSignatureAlgorithm("SHA1WithRSA");
        x509V3CertificateGenerator.setSubjectDN(stringToBcX509Name(str));
        if (str2 == null) {
            x509V3CertificateGenerator.setIssuerDN(stringToBcX509Name(str));
        } else {
            x509V3CertificateGenerator.setIssuerDN(stringToBcX509Name(str2));
        }
        x509V3CertificateGenerator.setPublicKey(publicKey);
        x509V3CertificateGenerator.addExtension(X509Extensions.BasicConstraints.getId(), true, (DEREncodable) new BasicConstraints(false));
        if (strArr != null && strArr2 != null) {
            for (int i = 0; i < strArr.length; i++) {
                if (strArr2 != null) {
                    x509V3CertificateGenerator.addExtension(strArr[i], true, strArr2[i].getBytes());
                }
            }
        }
        return x509V3CertificateGenerator.generateX509Certificate(privateKey);
    }

    public static X509Certificate genSelfCert(String str, String str2, String str3, Date date, Date date2, String str4, PrivateKey privateKey, PublicKey publicKey, boolean z, String[] strArr, String[] strArr2, boolean[] zArr) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.setSerialNumber(new BigInteger(str));
        x509V3CertificateGenerator.setNotBefore(date2);
        x509V3CertificateGenerator.setNotAfter(date);
        x509V3CertificateGenerator.setSignatureAlgorithm("SHA1WithRSA");
        x509V3CertificateGenerator.setSubjectDN(stringToBcX509Name(str2));
        x509V3CertificateGenerator.setIssuerDN(stringToBcX509Name(str3));
        x509V3CertificateGenerator.setPublicKey(publicKey);
        x509V3CertificateGenerator.addExtension(X509Extensions.BasicConstraints.getId(), true, (DEREncodable) new BasicConstraints(z));
        if (strArr != null && strArr2 != null) {
            for (int i = 0; i < strArr.length; i++) {
                if (strArr2[i] != null) {
                    x509V3CertificateGenerator.addExtension(strArr[i], zArr[i], strArr2[i].getBytes());
                }
            }
        }
        if (z) {
            x509V3CertificateGenerator.addExtension(X509Extensions.KeyUsage.getId(), true, (DEREncodable) new X509KeyUsage(6));
        }
        if (z) {
            try {
                SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifier(new SubjectPublicKeyInfo((ASN1Sequence) new DERInputStream(new ByteArrayInputStream(publicKey.getEncoded())).readObject()));
                AuthorityKeyIdentifier authorityKeyIdentifier = new AuthorityKeyIdentifier(new SubjectPublicKeyInfo((ASN1Sequence) new DERInputStream(new ByteArrayInputStream(publicKey.getEncoded())).readObject()));
                x509V3CertificateGenerator.addExtension(X509Extensions.SubjectKeyIdentifier.getId(), false, (DEREncodable) subjectKeyIdentifier);
                x509V3CertificateGenerator.addExtension(X509Extensions.AuthorityKeyIdentifier.getId(), false, (DEREncodable) authorityKeyIdentifier);
            } catch (IOException e) {
            }
        }
        if (str4 != null) {
            x509V3CertificateGenerator.addExtension(X509Extensions.CertificatePolicies.getId(), false, (DEREncodable) new DERSequence(new PolicyInformation(new DERObjectIdentifier(str4))));
        }
        return x509V3CertificateGenerator.generateX509Certificate(privateKey);
    }

    public static X509Certificate genSelfCert(String str, String str2, String str3, Date date, Date date2, String[] strArr, String[] strArr2, boolean[] zArr, PrivateKey privateKey, PublicKey publicKey) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.setSerialNumber(new BigInteger(str));
        x509V3CertificateGenerator.setNotBefore(date);
        x509V3CertificateGenerator.setNotAfter(date2);
        x509V3CertificateGenerator.setSignatureAlgorithm("SHA1WithRSA");
        x509V3CertificateGenerator.setSubjectDN(stringToBcX509Name(str2));
        if (str3 == null) {
            x509V3CertificateGenerator.setIssuerDN(stringToBcX509Name(str2));
        } else {
            x509V3CertificateGenerator.setIssuerDN(stringToBcX509Name(str3));
        }
        x509V3CertificateGenerator.setPublicKey(publicKey);
        x509V3CertificateGenerator.addExtension(X509Extensions.BasicConstraints.getId(), true, (DEREncodable) new BasicConstraints(false));
        if (strArr != null && strArr2 != null) {
            for (int i = 0; i < strArr.length; i++) {
                if (strArr2[i] != null) {
                    x509V3CertificateGenerator.addExtension(strArr[i], zArr[i], strArr2[i].getBytes());
                }
            }
        }
        return x509V3CertificateGenerator.generateX509Certificate(privateKey);
    }

    public static CRL generateCRL(Vector vector, int i) throws Exception {
        PublicKey publicKey = ((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(FileCopyUtils.copyToByteArray(new FileInputStream(new File("c://ca/cacert.cer"))))))).getPublicKey();
        Date date = new Date();
        Date date2 = new Date();
        date2.setTime(date2.getTime() + 60000000000000L);
        X509V2CRLGenerator x509V2CRLGenerator = new X509V2CRLGenerator();
        x509V2CRLGenerator.setThisUpdate(date);
        x509V2CRLGenerator.setNextUpdate(date2);
        x509V2CRLGenerator.setSignatureAlgorithm("SHA1WithRSA");
        x509V2CRLGenerator.setIssuerDN(new X509Name("OU=��ҹ������������ܾ�CA����,C=ch,O=����������������Ӷ�·�˺�?CN=��ҹ������������ܾ�CA����"));
        BigInteger bigInteger = new BigInteger("10000100010030010074557330202", 16);
        BigInteger bigInteger2 = new BigInteger("10000100010030010074557330203", 16);
        BigInteger bigInteger3 = new BigInteger("10000100010030010074557330204", 16);
        x509V2CRLGenerator.addCRLEntry(bigInteger, new Date(), 1);
        x509V2CRLGenerator.addCRLEntry(bigInteger2, new Date(), 2);
        x509V2CRLGenerator.addCRLEntry(bigInteger3, new Date(), 3);
        x509V2CRLGenerator.addCRLEntry(new BigInteger("200902161600004", 16), new Date(), 4);
        BigInteger bigInteger4 = new BigInteger("200902161600005", 16);
        x509V2CRLGenerator.addCRLEntry(bigInteger4, new Date(), 5);
        new BigInteger("200902161600006", 16);
        x509V2CRLGenerator.addCRLEntry(bigInteger4, new Date(), 6);
        if (vector != null) {
            Iterator it = vector.iterator();
            while (it.hasNext()) {
                RevokedCertInfo revokedCertInfo = (RevokedCertInfo) it.next();
                x509V2CRLGenerator.addCRLEntry(revokedCertInfo.getUserCertificate(), revokedCertInfo.getRevocationDate(), revokedCertInfo.getReason());
            }
        }
        x509V2CRLGenerator.addExtension(X509Extensions.CRLNumber.getId(), true, (DEREncodable) new CRLNumber(new BigInteger("2009021616008000", 16)));
        try {
            X509CRL generateX509CRL = x509V2CRLGenerator.generateX509CRL(KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(FileCopyUtils.copyToByteArray(new File("c://ca/cacert.der")))));
            generateX509CRL.verify(publicKey);
            return generateX509CRL;
        } catch (Exception e) {
            throw e;
        }
    }

    public static CRL generateCRL(Vector vector, int i, String str, String str2) throws Exception {
        PublicKey publicKey = ((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(FileCopyUtils.copyToByteArray(new FileInputStream(new File(str)))))).getPublicKey();
        Date date = new Date();
        Date date2 = new Date();
        date2.setTime(date2.getTime() + 60000000000000L);
        X509V2CRLGenerator x509V2CRLGenerator = new X509V2CRLGenerator();
        x509V2CRLGenerator.setThisUpdate(date);
        x509V2CRLGenerator.setNextUpdate(date2);
        x509V2CRLGenerator.setSignatureAlgorithm("SHA1WithRSA");
        x509V2CRLGenerator.setIssuerDN(new X509Name("OU=测试CA,C=ch,O=测试CRL,CN=测试CA签发CRL文件"));
        for (int i2 = 0; i2 < i; i2++) {
            x509V2CRLGenerator.addCRLEntry(new BigInteger("100001000100300100" + i2, 12), new Date(), i2);
        }
        if (vector != null) {
            Iterator it = vector.iterator();
            while (it.hasNext()) {
                RevokedCertInfo revokedCertInfo = (RevokedCertInfo) it.next();
                x509V2CRLGenerator.addCRLEntry(revokedCertInfo.getUserCertificate(), revokedCertInfo.getRevocationDate(), revokedCertInfo.getReason());
            }
        }
        x509V2CRLGenerator.addExtension(X509Extensions.CRLNumber.getId(), true, (DEREncodable) new CRLNumber(new BigInteger("2009021616008000", 16)));
        try {
            X509CRL generateX509CRL = x509V2CRLGenerator.generateX509CRL(KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(FileCopyUtils.copyToByteArray(new File(str2)))));
            generateX509CRL.verify(publicKey);
            return generateX509CRL;
        } catch (Exception e) {
            throw e;
        }
    }

    public static byte[] generateMD5Fingerprint(byte[] bArr) {
        try {
            return MessageDigest.getInstance("MD5").digest(bArr);
        } catch (NoSuchAlgorithmException e) {
            log.error("MD5 algorithm not supported", e);
            return null;
        }
    }

    public static byte[] generateSHA1Fingerprint(byte[] bArr) {
        try {
            return MessageDigest.getInstance("SHA1").digest(bArr);
        } catch (NoSuchAlgorithmException e) {
            log.error("SHA1 algorithm not supported", e);
            return null;
        }
    }

    public static byte[] getAuthorityKeyId(X509Certificate x509Certificate) throws IOException {
        byte[] extensionValue = x509Certificate.getExtensionValue("2.5.29.35");
        if (extensionValue == null) {
            return null;
        }
        return new AuthorityKeyIdentifier((ASN1Sequence) new DERInputStream(new ByteArrayInputStream(((DEROctetString) new DERInputStream(new ByteArrayInputStream(extensionValue)).readObject()).getOctets())).readObject()).getKeyIdentifier();
    }

    public static X509CRL getCRLfromByteArray(byte[] bArr) throws IOException, CertificateException, CRLException {
        log.debug(">getCRLfromByteArray:");
        if (bArr == null) {
            throw new IOException("Cannot read byte[] that is 'null'!");
        }
        X509CRL x509crl = (X509CRL) getCertificateFactory().generateCRL(new ByteArrayInputStream(bArr));
        log.debug("<getCRLfromByteArray:");
        return x509crl;
    }

    public static X509Certificate getCertfromByteArray(byte[] bArr) throws IOException, CertificateException {
        log.debug(">getCertfromByteArray:");
        X509Certificate x509Certificate = (X509Certificate) getCertificateFactory().generateCertificate(new ByteArrayInputStream(bArr));
        log.debug("<getCertfromByteArray:");
        return x509Certificate;
    }

    public static CertificateFactory getCertificateFactory() {
        try {
            return CertificateFactory.getInstance("X.509", "BC");
        } catch (NoSuchProviderException e) {
            log.error("NoSuchProvider: ", e);
            return null;
        } catch (CertificateException e2) {
            log.error("CertificateException: ", e2);
            return null;
        }
    }

    public static String getCertificatePolicyId(X509Certificate x509Certificate, int i) throws IOException {
        byte[] extensionValue = x509Certificate.getExtensionValue(X509Extensions.CertificatePolicies.getId());
        if (extensionValue == null) {
            return null;
        }
        ASN1Sequence aSN1Sequence = (ASN1Sequence) new DERInputStream(new ByteArrayInputStream(((DEROctetString) new DERInputStream(new ByteArrayInputStream(extensionValue)).readObject()).getOctets())).readObject();
        if (aSN1Sequence.size() >= i + 1) {
            return new PolicyInformation((ASN1Sequence) aSN1Sequence.getObjectAt(i)).getPolicyIdentifier().getId();
        }
        return null;
    }

    public static Collection getCertsFromPEM(InputStream inputStream) throws IOException, CertificateException {
        String readLine;
        String readLine2;
        log.debug(">getCertfromPEM:");
        ArrayList arrayList = new ArrayList();
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
        while (bufferedReader.ready()) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            PrintStream printStream = new PrintStream(byteArrayOutputStream);
            do {
                readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
            } while (!readLine.equals("-----BEGIN CERTIFICATE-----"));
            if (readLine == null) {
                throw new IOException("Error in " + inputStream.toString() + ", missing -----BEGIN CERTIFICATE----- boundary");
            }
            while (true) {
                readLine2 = bufferedReader.readLine();
                if (readLine2 == null || readLine2.equals("-----END CERTIFICATE-----")) {
                    break;
                }
                printStream.print(readLine2);
            }
            if (readLine2 == null) {
                throw new IOException("Error in " + inputStream.toString() + ", missing -----END CERTIFICATE----- boundary");
            }
            printStream.close();
            byte[] decode = Base64.decode(byteArrayOutputStream.toByteArray());
            byteArrayOutputStream.close();
            X509Certificate x509Certificate = (X509Certificate) getCertificateFactory().generateCertificate(new ByteArrayInputStream(decode));
            x509Certificate.getSubjectDN().toString();
            arrayList.add(x509Certificate);
        }
        log.debug("<getcertfromPEM:" + arrayList.size());
        return arrayList;
    }

    public static Collection getCertsFromPEM(String str) throws IOException, CertificateException {
        log.debug(">getCertfromPEM: certFile=" + str);
        Collection certsFromPEM = getCertsFromPEM(new FileInputStream(str));
        log.debug("<getCertfromPEM: certFile=" + str);
        return certsFromPEM;
    }

    public static URL getCrlDistributionPoint(X509Certificate x509Certificate) throws CertificateParsingException {
        String stringFromGeneralNames;
        try {
            DERObject extensionValue = getExtensionValue(x509Certificate, X509Extensions.CRLDistributionPoints.getId());
            if (extensionValue == null) {
                return null;
            }
            ASN1Sequence aSN1Sequence = (ASN1Sequence) extensionValue;
            for (int i = 0; i < aSN1Sequence.size(); i++) {
                ASN1Sequence aSN1Sequence2 = (ASN1Sequence) aSN1Sequence.getObjectAt(i);
                for (int i2 = 0; i2 < aSN1Sequence2.size(); i2++) {
                    ASN1TaggedObject aSN1TaggedObject = (ASN1TaggedObject) aSN1Sequence2.getObjectAt(i2);
                    if (aSN1TaggedObject.getTagNo() == 0 && (stringFromGeneralNames = getStringFromGeneralNames(aSN1TaggedObject.getObject())) != null) {
                        return new URL(stringFromGeneralNames);
                    }
                }
            }
            return null;
        } catch (Exception e) {
            log.error("Error parsing CrlDistributionPoint", e);
            throw new CertificateParsingException(e.toString());
        }
    }

    private static String getDN(X509Certificate x509Certificate, int i) {
        if (x509Certificate == null) {
            return null;
        }
        try {
            X509Certificate x509Certificate2 = (X509Certificate) getCertificateFactory().generateCertificate(new ByteArrayInputStream(x509Certificate.getEncoded()));
            return stringToBCDNString(i == 1 ? x509Certificate2.getSubjectDN().toString() : x509Certificate2.getIssuerDN().toString());
        } catch (CertificateException e) {
            log.error("CertificateException: ", e);
            return null;
        }
    }

    public static String getEmailFromDN(String str) {
        log.debug(">getEmailFromDN(" + str + ")");
        String str2 = null;
        for (int i = 0; i < EMAILIDS.length && str2 == null; i++) {
            str2 = getPartFromDN(str, EMAILIDS[i]);
        }
        log.debug("<getEmailFromDN(" + str + "): " + str2);
        return str2;
    }

    private static DERObject getExtensionValue(X509Certificate x509Certificate, String str) throws IOException {
        byte[] extensionValue = x509Certificate.getExtensionValue(str);
        if (extensionValue == null) {
            return null;
        }
        return new ASN1InputStream(new ByteArrayInputStream(((ASN1OctetString) new ASN1InputStream(new ByteArrayInputStream(extensionValue)).readObject()).getOctets())).readObject();
    }

    public static String getIssuerDN(X509CRL x509crl) {
        try {
            return stringToBCDNString(((X509CRL) getCertificateFactory().generateCRL(new ByteArrayInputStream(x509crl.getEncoded()))).getIssuerDN().toString());
        } catch (CRLException e) {
            log.error("CRLException: ", e);
            return null;
        }
    }

    public static String getIssuerDN(X509Certificate x509Certificate) {
        return getDN(x509Certificate, 2);
    }

    private static DERObjectIdentifier getOid(String str) {
        return (DERObjectIdentifier) oids.get(str.toLowerCase());
    }

    public static byte[] getPEMFromCerts(Collection collection) throws CertificateException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        PrintStream printStream = new PrintStream(byteArrayOutputStream);
        Iterator it = collection.iterator();
        while (it.hasNext()) {
            X509Certificate x509Certificate = (X509Certificate) it.next();
            byte[] encode = Base64.encode(x509Certificate.getEncoded());
            printStream.println("Subject: " + x509Certificate.getSubjectDN());
            printStream.println("Issuer: " + x509Certificate.getIssuerDN());
            printStream.println("-----BEGIN CERTIFICATE-----");
            printStream.println(new String(encode));
            printStream.println("-----END CERTIFICATE-----");
        }
        printStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    public static String getPartFromDN(String str, String str2) {
        log.debug(">getPartFromDN: dn:'" + str + "', dnpart=" + str2);
        String str3 = null;
        if (str != null && str2 != null) {
            String str4 = String.valueOf(str2) + "=";
            X509NameTokenizer x509NameTokenizer = new X509NameTokenizer(str);
            while (true) {
                if (!x509NameTokenizer.hasMoreTokens()) {
                    break;
                }
                String nextToken = x509NameTokenizer.nextToken();
                if (nextToken.length() > str4.length() && nextToken.substring(0, str4.length()).equalsIgnoreCase(str4)) {
                    str3 = nextToken.substring(str4.length());
                    break;
                }
            }
        }
        log.debug("<getpartFromDN: resulting DN part=" + str3);
        return str3;
    }

    private static String getStringFromGeneralNames(DERObject dERObject) {
        ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance((ASN1TaggedObject) dERObject, false);
        if (aSN1Sequence.size() == 0) {
            return null;
        }
        return new String(ASN1OctetString.getInstance((DERTaggedObject) aSN1Sequence.getObjectAt(0), false).getOctets());
    }

    public static String getSubjectDN(X509Certificate x509Certificate) {
        return getDN(x509Certificate, 1);
    }

    public static byte[] getSubjectKeyId(X509Certificate x509Certificate) throws IOException {
        byte[] extensionValue = x509Certificate.getExtensionValue("2.5.29.14");
        if (extensionValue == null) {
            return null;
        }
        return SubjectKeyIdentifier.getInstance(new DERInputStream(new ByteArrayInputStream(ASN1OctetString.getInstance(new DERInputStream(new ByteArrayInputStream(extensionValue)).readObject()).getOctets())).readObject()).getKeyIdentifier();
    }

    public static String getUPNAltName(X509Certificate x509Certificate) throws IOException, CertificateParsingException {
        Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
        if (subjectAlternativeNames != null) {
            for (List<?> list : subjectAlternativeNames) {
                if (((Integer) list.get(0)).intValue() == 0) {
                    ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(new DERInputStream(new ByteArrayInputStream((byte[]) list.get(1))).readObject());
                    if (DERObjectIdentifier.getInstance(aSN1Sequence.getObjectAt(0)).getId().equals(UPN_OBJECTID)) {
                        return DERUTF8String.getInstance(((ASN1TaggedObject) aSN1Sequence.getObjectAt(1)).getObject()).getString();
                    }
                }
            }
        }
        return null;
    }

    public static String getX509CertificateSubject(X509Certificate x509Certificate) throws CertificateParsingException {
        return x509Certificate.getSubjectDN().getName();
    }

    public static void installBCProvider() {
        if (Security.addProvider(new BouncyCastleProvider()) < 0) {
            Security.removeProvider("BC");
            if (Security.addProvider(new BouncyCastleProvider()) < 0) {
                log.error("Cannot even install BC provider again!");
            }
        }
    }

    public static boolean isDNReversed(String str) {
        if (str == null) {
            return false;
        }
        String str2 = null;
        X509NameTokenizer x509NameTokenizer = new X509NameTokenizer(str);
        String nextToken = x509NameTokenizer.hasMoreTokens() ? x509NameTokenizer.nextToken() : null;
        while (x509NameTokenizer.hasMoreTokens()) {
            str2 = x509NameTokenizer.nextToken();
        }
        if (nextToken == null || str2 == null) {
            return false;
        }
        String substring = nextToken.substring(0, nextToken.indexOf(61));
        String substring2 = str2.substring(0, str2.indexOf(61));
        int i = 0;
        int i2 = 0;
        for (int i3 = 0; i3 < dNObjects.length; i3++) {
            if (substring.toLowerCase().equals(dNObjectsForward[i3])) {
                i = i3;
            }
            if (substring2.toLowerCase().equals(dNObjectsForward[i3])) {
                i2 = i3;
            }
        }
        return i2 < i;
    }

    public static boolean isSelfSigned(X509Certificate x509Certificate) {
        log.debug(">isSelfSigned: cert: " + getIssuerDN(x509Certificate) + IOUtils.LINE_SEPARATOR_UNIX + getSubjectDN(x509Certificate));
        boolean equals = getSubjectDN(x509Certificate).equals(getIssuerDN(x509Certificate));
        log.debug("<isSelfSigned:" + equals);
        return equals;
    }

    public static void main(String[] strArr) {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMddHH");
        try {
            byte[] encoded = testSignCACert("123", simpleDateFormat.parse("2013122810"), simpleDateFormat.parse("2011122910"), true, null, null, null).getEncoded();
            System.out.println(new BASE64Encoder().encode(encoded));
        } catch (InvalidKeyException e) {
            e.printStackTrace();
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
        } catch (SignatureException e3) {
            e3.printStackTrace();
        } catch (Exception e4) {
            e4.printStackTrace();
        }
    }

    public static String reverseDN(String str) {
        log.debug(">reverseDN: dn: " + str);
        String str2 = null;
        if (str != null) {
            BasicX509NameTokenizer basicX509NameTokenizer = new BasicX509NameTokenizer(str);
            StringBuffer stringBuffer = new StringBuffer();
            boolean z = true;
            while (basicX509NameTokenizer.hasMoreTokens()) {
                String nextToken = basicX509NameTokenizer.nextToken();
                if (z) {
                    z = false;
                } else {
                    stringBuffer.insert(0, StringArrayPropertyEditor.DEFAULT_SEPARATOR);
                }
                stringBuffer.insert(0, nextToken);
            }
            if (stringBuffer.length() > 0) {
                str2 = stringBuffer.toString();
            }
        }
        log.debug("<reverseDN: resulting DN=" + str2);
        return str2;
    }

    public static X509Certificate signCACert(PKCS10CertificationRequest pKCS10CertificationRequest, String str, String str2, Date date, Date date2, PrivateKey privateKey, boolean z, String[] strArr, String[] strArr2, boolean[] zArr) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.setSerialNumber(new BigInteger(str));
        x509V3CertificateGenerator.setNotBefore(date2);
        x509V3CertificateGenerator.setNotAfter(date);
        x509V3CertificateGenerator.setSignatureAlgorithm("SHA1WithRSA");
        x509V3CertificateGenerator.setSubjectDN(pKCS10CertificationRequest.getCertificationRequestInfo().getSubject());
        x509V3CertificateGenerator.setIssuerDN(stringToBcX509Name(str2));
        PublicKey publicKey = null;
        try {
            publicKey = pKCS10CertificationRequest.getPublicKey();
        } catch (NoSuchProviderException e) {
            e.printStackTrace();
        }
        x509V3CertificateGenerator.setPublicKey(publicKey);
        x509V3CertificateGenerator.addExtension(X509Extensions.BasicConstraints.getId(), true, (DEREncodable) new BasicConstraints(z));
        if (strArr != null && strArr2 != null) {
            for (int i = 0; i < strArr.length; i++) {
                if (strArr2[i] != null) {
                    x509V3CertificateGenerator.addExtension(strArr[i], zArr[i], strArr2[i].getBytes());
                }
            }
        }
        if (z) {
            x509V3CertificateGenerator.addExtension(X509Extensions.KeyUsage.getId(), true, (DEREncodable) new X509KeyUsage(6));
        }
        return x509V3CertificateGenerator.generateX509Certificate(privateKey);
    }

    public static X509Certificate signCert(PKCS10CertificationRequest pKCS10CertificationRequest, String str, String str2, Date date, Date date2, String[] strArr, String[] strArr2, boolean[] zArr, PrivateKey privateKey) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        X509Name subject = pKCS10CertificationRequest.getCertificationRequestInfo().getSubject();
        PublicKey publicKey = null;
        try {
            publicKey = pKCS10CertificationRequest.getPublicKey();
        } catch (NoSuchProviderException e) {
            e.printStackTrace();
        }
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.setSerialNumber(new BigInteger(str));
        x509V3CertificateGenerator.setNotBefore(date);
        x509V3CertificateGenerator.setNotAfter(date2);
        x509V3CertificateGenerator.setSignatureAlgorithm("SHA1WithRSA");
        x509V3CertificateGenerator.setSubjectDN(subject);
        x509V3CertificateGenerator.setIssuerDN(stringToBcX509Name(str2));
        x509V3CertificateGenerator.setPublicKey(publicKey);
        x509V3CertificateGenerator.addExtension(X509Extensions.BasicConstraints.getId(), true, (DEREncodable) new BasicConstraints(false));
        if (strArr != null && strArr2 != null) {
            for (int i = 0; i < strArr.length; i++) {
                if (strArr2[i] != null) {
                    x509V3CertificateGenerator.addExtension(strArr[i], zArr[i], strArr2[i].getBytes());
                }
            }
        }
        return x509V3CertificateGenerator.generateX509Certificate(privateKey);
    }

    public static X509Certificate signRootCACert(PKCS10CertificationRequest pKCS10CertificationRequest, String str, String str2, Date date, Date date2, PrivateKey privateKey, boolean z, String[] strArr, String[] strArr2, boolean[] zArr) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.setSerialNumber(new BigInteger(str));
        x509V3CertificateGenerator.setNotBefore(date2);
        x509V3CertificateGenerator.setNotAfter(date);
        x509V3CertificateGenerator.setSignatureAlgorithm("SHA1WithRSA");
        x509V3CertificateGenerator.setSubjectDN(pKCS10CertificationRequest.getCertificationRequestInfo().getSubject());
        x509V3CertificateGenerator.setIssuerDN(stringToBcX509Name(str2));
        PublicKey publicKey = null;
        try {
            publicKey = pKCS10CertificationRequest.getPublicKey();
        } catch (NoSuchProviderException e) {
            e.printStackTrace();
        }
        x509V3CertificateGenerator.setPublicKey(publicKey);
        x509V3CertificateGenerator.addExtension(X509Extensions.BasicConstraints.getId(), true, (DEREncodable) new BasicConstraints(z));
        if (strArr != null && strArr2 != null) {
            for (int i = 0; i < strArr.length; i++) {
                if (strArr2[i] != null) {
                    x509V3CertificateGenerator.addExtension(strArr[i], zArr[i], strArr2[i].getBytes());
                }
            }
        }
        if (z) {
            x509V3CertificateGenerator.addExtension(X509Extensions.KeyUsage.getId(), true, (DEREncodable) new X509KeyUsage(6));
        }
        if (z) {
            try {
                SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifier(new SubjectPublicKeyInfo((ASN1Sequence) new DERInputStream(new ByteArrayInputStream(publicKey.getEncoded())).readObject()));
                AuthorityKeyIdentifier authorityKeyIdentifier = new AuthorityKeyIdentifier(new SubjectPublicKeyInfo((ASN1Sequence) new DERInputStream(new ByteArrayInputStream(publicKey.getEncoded())).readObject()));
                x509V3CertificateGenerator.addExtension(X509Extensions.SubjectKeyIdentifier.getId(), false, (DEREncodable) subjectKeyIdentifier);
                x509V3CertificateGenerator.addExtension(X509Extensions.AuthorityKeyIdentifier.getId(), false, (DEREncodable) authorityKeyIdentifier);
            } catch (IOException e2) {
            }
        }
        return x509V3CertificateGenerator.generateX509Certificate(privateKey);
    }

    public static String stringToBCDNString(String str) {
        if (isDNReversed(str)) {
            str = reverseDN(str);
        }
        return stringToBcX509Name(str).toString();
    }

    public static X509Name stringToBcX509Name(String str) {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        X509NameTokenizer x509NameTokenizer = new X509NameTokenizer(str);
        while (x509NameTokenizer.hasMoreTokens()) {
            String nextToken = x509NameTokenizer.nextToken();
            int indexOf = nextToken.indexOf("=");
            if (indexOf != -1) {
                arrayList.add(nextToken.substring(0, indexOf).toLowerCase());
                arrayList2.add(nextToken.substring(indexOf + 1));
            }
        }
        Vector vector = new Vector();
        Vector vector2 = new Vector();
        for (int i = 0; i < dNObjects.length; i++) {
            String str2 = dNObjects[i];
            while (true) {
                int indexOf2 = arrayList.indexOf(str2);
                if (indexOf2 == -1) {
                    break;
                }
                DERObjectIdentifier oid = getOid(str2);
                if (oid != null) {
                    vector.add(oid);
                    vector2.add(arrayList2.remove(indexOf2));
                    arrayList.remove(indexOf2);
                }
            }
        }
        return new X509Name(vector, vector2);
    }

    public static PKCS10CertificationRequest testCrteatPKCS10() {
        installBCProvider();
        KeyPairGenerator keyPairGenerator = null;
        try {
            keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
        keyPairGenerator.initialize(1024);
        KeyPair genKeyPair = keyPairGenerator.genKeyPair();
        try {
            return new PKCS10CertificationRequest("SHA1withRSA", (X509Name) null, genKeyPair.getPublic(), new DERSet(new Attribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, new DERSet())), genKeyPair.getPrivate());
        } catch (InvalidKeyException e2) {
            e2.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
            return null;
        } catch (NoSuchProviderException e4) {
            e4.printStackTrace();
            return null;
        } catch (SignatureException e5) {
            e5.printStackTrace();
            return null;
        }
    }

    public static X509Certificate testSignCACert(String str, Date date, Date date2, boolean z, String[] strArr, String[] strArr2, boolean[] zArr) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        PKIEquit pKIEquit = new PKIEquit();
        PKCS10CertificationRequest crteatPKCS10 = crteatPKCS10("C=USER,CN=USER_1", "SHA1WithRSA", PKIEquit.genRSAPublicKey("1", "CA2"), PKIEquit.genRSAPrivateKey("1", "USER"));
        byte[] bArr = (byte[]) null;
        try {
            bArr = new BASE64Decoder().decodeBuffer(FileCopyUtils.copyToString(new FileReader("C:\\keys\\ca2.cer")));
        } catch (IOException e) {
            e.printStackTrace();
        }
        X509Certificate x509Certificate = pKIEquit.getX509Certificate(bArr);
        System.out.println(x509Certificate);
        return signCert(crteatPKCS10, "12345", x509Certificate.getSubjectDN().toString(), date2, date, strArr, null, zArr, PKIEquit.genRSAPrivateKey("1", "CA2"));
    }

    public byte[] createCertPath(List list) {
        new PKIXCertPathValidatorSpi();
        new PKIXCertPathBuilderSpi();
        return null;
    }

    public byte[] createPKCS7(String str, ArrayList arrayList) {
        byte[] bArr = (byte[]) null;
        try {
            CMSProcessableByteArray cMSProcessableByteArray = new CMSProcessableByteArray(str.getBytes());
            CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList), "BC");
            CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
            cMSSignedDataGenerator.addSigner((PrivateKey) null, (X509Certificate) null, CertificateID.HASH_SHA1);
            cMSSignedDataGenerator.addCertificatesAndCRLs(certStore);
            Security.addProvider(new BouncyCastleProvider());
            return cMSSignedDataGenerator.generate((CMSProcessable) cMSProcessableByteArray, true, "seeer").getEncoded();
        } catch (Exception e) {
            e.printStackTrace();
            return bArr;
        }
    }
}
