package com.ibm.security.certclient.util;

import com.ibm.misc.Debug;
import com.ibm.security.certclient.base.PkAttrs;
import com.ibm.security.certclient.base.PkCertConstants;
import com.ibm.security.certclient.base.PkConstants;
import com.ibm.security.certclient.base.PkException;
import com.ibm.security.certclient.base.PkNLSConstants;
import com.ibm.security.certclient.base.PkRejectionException;
import com.ibm.security.pkcs10.CertificationRequest;
import com.ibm.security.pkcs10.CertificationRequestInfo;
import com.ibm.security.pkcsutil.PKCSAttribute;
import com.ibm.security.pkcsutil.PKCSAttributes;
import com.ibm.security.pkcsutil.PKCSException;
import com.ibm.security.pkcsutil.PKCSOID;
import com.ibm.security.util.DerOutputStream;
import com.ibm.security.x509.AlgorithmId;
import com.ibm.security.x509.CertificateExtensions;
import com.ibm.security.x509.DNSName;
import com.ibm.security.x509.ExtKeyUsageExtension;
import com.ibm.security.x509.GeneralNames;
import com.ibm.security.x509.IPAddressName;
import com.ibm.security.x509.KeyUsageExtension;
import com.ibm.security.x509.PKIXExtensions;
import com.ibm.security.x509.RFC822Name;
import com.ibm.security.x509.SubjectAlternativeNameExtension;
import com.ibm.security.x509.SubjectKeyIdentifierExtension;
import com.ibm.security.x509.URIName;
import com.ibm.security.x509.X500Name;
import com.ibm.security.x509.X509Key;
import java.io.IOException;
import java.security.InvalidParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Vector;

/* loaded from: input_file:wlp/lib/com.ibm.crypto.ibmkeycert_1.0.20.jar:com/ibm/security/certclient/util/Pk10CertReqFactory.class */
public final class Pk10CertReqFactory implements PkConstants {

    /* loaded from: input_file:wlp/lib/com.ibm.crypto.ibmkeycert_1.0.20.jar:com/ibm/security/certclient/util/Pk10CertReqFactory$CertRequestImpl.class */
    private static final class CertRequestImpl implements Pk10CertificateRequest {
        private static Debug debug = Debug.getInstance("keycertmanage");
        private String subject;
        private int keySize;
        private int numValidDays;
        private String provider;
        private String keyType;
        private String signatureAlgorithm;
        private boolean iskIdShortForm;
        private KeyPair keypair;
        private CertificationRequest certreq;
        private final Object className = toString();
        private ArrayList<String> keyUsage = new ArrayList<>(10);
        private ArrayList<String> extKeyUsage = new ArrayList<>(10);
        private ArrayList<String> subjectAltNames = new ArrayList<>(5);

        CertRequestImpl(String str, String str2) throws PkException {
            setSubject(str);
            setKeyType("RSA");
            setKeySize(1024);
            setValidity(365);
            setkIdform(false);
            setSignatureAlgorithm(PkConstants.SHA1_WITH_RSA);
            setSubjectAltNames(null);
            setKeyUsage(null);
            setExtKeyUsage(null);
            setProvider(str2);
            generatePKCS10CertReq();
        }

        CertRequestImpl(int i, String str, int i2, String str2, String str3, boolean z, List<String> list, List<String> list2, List<String> list3, String str4, KeyPair keyPair) throws PkException {
            setKeyType(str2);
            setKeySize(i);
            setSubject(str);
            setValidity(i2);
            setSignatureAlgorithm(str3);
            setkIdform(z);
            setSubjectAltNames(list);
            setKeyUsage(list2);
            setExtKeyUsage(list3);
            setKeyPair(keyPair);
            setProvider(str4);
            generatePKCS10CertReq();
        }

        protected void setSubject(String str) throws PkException {
            if (str == null || str.length() == 0) {
                throw new PkException(PkNLSConstants.INVALID_SUBJECT_NAME);
            }
            this.subject = str;
        }

        protected void setKeySize(int i) throws PkException {
            if (PkConstants.DSA_KEY_TYPE.equalsIgnoreCase(this.keyType)) {
                if (i != 512 && i != 1024 && i != 2048) {
                    throw new PkRejectionException(PkNLSConstants.INVALID_KEY_SIZE + i);
                }
            } else if ("EC".equalsIgnoreCase(this.keyType)) {
                if (i != 192 && i != 224 && i != 256 && i != 384 && i != 521) {
                    throw new PkRejectionException(PkNLSConstants.INVALID_KEY_SIZE + i);
                }
            } else if ("RSA".equalsIgnoreCase(this.keyType) && i < 512) {
                throw new PkRejectionException(PkNLSConstants.INVALID_KEY_SIZE + i);
            }
            this.keySize = i;
        }

        protected void setValidity(int i) throws PkException {
            if (i <= 0) {
                throw new PkRejectionException(PkNLSConstants.CERT_BAD_CERT_VALIDITY + i);
            }
            this.numValidDays = i;
        }

        protected void setKeyType(String str) {
            this.keyType = str;
        }

        protected void setProvider(String str) {
            this.provider = str;
        }

        protected void setSignatureAlgorithm(String str) throws PkException {
            boolean z = false;
            if ("RSA".equalsIgnoreCase(this.keyType)) {
                if (str.indexOf("RSA") < 0) {
                    z = true;
                }
            } else if (PkConstants.DSA_KEY_TYPE.equalsIgnoreCase(this.keyType)) {
                if (str.indexOf(PkConstants.DSA_KEY_TYPE) < 0) {
                    z = true;
                }
            } else if ("EC".equalsIgnoreCase(this.keyType) && str.indexOf("EC") < 0) {
                z = true;
            }
            if (z) {
                throw new PkRejectionException(PkNLSConstants.INCORRECT_SIGNATURE_ALGORITHM + str);
            }
            this.signatureAlgorithm = str;
        }

        protected void setkIdform(boolean z) {
            this.iskIdShortForm = z;
        }

        protected void setKeyUsage(List<String> list) {
            if (list == null || list.size() <= 0) {
                return;
            }
            this.keyUsage.addAll(list);
        }

        protected void setKeyPair(KeyPair keyPair) {
            if (keyPair != null) {
                this.keypair = keyPair;
            }
        }

        protected void setExtKeyUsage(List<String> list) {
            if (list == null || list.size() <= 0) {
                return;
            }
            this.extKeyUsage.addAll(list);
        }

        protected void setSubjectAltNames(List<String> list) {
            if (list == null || list.size() <= 0) {
                return;
            }
            this.subjectAltNames = new ArrayList<>(list);
        }

        private KeyPair generateLocalKey(String str, int i, String str2, String str3) throws PkRejectionException {
            String str4 = (str == null || str.length() == 0) ? "RSA" : str;
            String str5 = (str3 == null || str3.length() == 0) ? "IBMJCE" : str3;
            int i2 = i == 0 ? 1024 : i;
            if (debug != null) {
                debug.text(0L, this.className, "generateLocalKey", "Keytype is {0}", str4);
                debug.text(0L, this.className, "generateLocalKey", "Provider is {0}", str5);
                debug.text(0L, this.className, "generateLocalKey", "KeySize is {0}", new Integer(i2));
            }
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str4, str3);
                SecureRandom secureRandom = (str2 == null || str2.length() == 0) ? SecureRandom.getInstance(str5) : SecureRandom.getInstance(str2, str5);
                if (debug != null) {
                    debug.text(0L, this.className, "generateLocalKey", "RNG is {0}", secureRandom);
                }
                keyPairGenerator.initialize(i, secureRandom);
                return keyPairGenerator.generateKeyPair();
            } catch (InvalidParameterException e) {
                throw new PkRejectionException(PkNLSConstants.INVALID_KEY_SIZE + i, e);
            } catch (NoSuchAlgorithmException e2) {
                throw new PkRejectionException(PkNLSConstants.NO_SUCH_ALGORITHM_EXCEPTION, e2);
            } catch (NoSuchProviderException e3) {
                throw new PkRejectionException(PkNLSConstants.INVALID_PROVIDER, e3);
            }
        }

        private PkAttrs initialCertRequest(String[] strArr, String[] strArr2, String[] strArr3, String[] strArr4, PublicKey publicKey, PrivateKey privateKey, String str) throws Exception {
            if (strArr == null || strArr.length < 4) {
                throw new PkRejectionException(PkNLSConstants.INVALID_PARMS_ARRAY_SIZE_WRONG);
            }
            if (debug != null) {
                for (String str2 : strArr) {
                    debug.text(1L, this.className, "initialCertRequest", "Processing {0}", str2);
                }
            }
            for (int i = 0; i < strArr.length; i++) {
                if (strArr[i] == null) {
                    throw new PkRejectionException("" + i + " " + PkNLSConstants.INVALID_PARMS_VALUE_CANNOT_BE_NULL);
                }
            }
            if (publicKey == null) {
                throw new PkRejectionException(PkNLSConstants.INVALID_PARMS_VALUE_CANNOT_BE_NULL);
            }
            if (strArr3 != null) {
                for (String str3 : strArr3) {
                    if (debug != null) {
                        debug.text(1L, this.className, "initialCertRequest", "Processing {0}", str3);
                    }
                }
            }
            if (strArr4 != null && debug != null) {
                for (String str4 : strArr4) {
                    debug.text(1L, this.className, "initialCertRequest", "Processing {0}", str4);
                }
            }
            X509Key x509Key = (X509Key) publicKey;
            String str5 = strArr[0];
            if (new Integer(strArr[1]).intValue() != 3) {
                throw new PkRejectionException(PkNLSConstants.X509_CERT_VERSION_MUST_BE3);
            }
            Integer num = PkCertConstants.CERT_VERSION_3;
            PkAttrs pkAttrs = new PkAttrs();
            if (strArr3 != null && strArr3.length > 0) {
                KeyUsageExtension keyUsageExt = setKeyUsageExt(strArr3);
                ExtKeyUsageExtension extKeyUsageExtension = strArr4 != null ? setextKeyUsageExt(strArr4) : null;
                pkAttrs.add("x509.info.extensions.KeyUsage", 3, keyUsageExt);
                if (extKeyUsageExtension != null) {
                    pkAttrs.add("x509.info.extensions.ExtKeyUsage", 3, extKeyUsageExtension);
                }
            }
            pkAttrs.add("x509.info.version", 3, num);
            pkAttrs.add("x509.info.algorithmID", 3, AlgorithmId.get(str));
            pkAttrs.add(PkCertConstants.CERT_ALGORITHM_NAME, 2, str);
            pkAttrs.add(PkCertConstants.CERT_PROVIDER, 2, this.provider);
            Date date = new Date(new Long(strArr[2]).longValue());
            pkAttrs.add(PkCertConstants.CERT_NOT_BEFORE, 3, date);
            Date date2 = new Date();
            date2.setTime(date.getTime());
            date2.setTime(new Long(strArr[3]).longValue() + date2.getTime());
            if (debug != null) {
                debug.text(1L, this.className, "initialCertRequest", "notAfter {0}", date2);
            }
            pkAttrs.add(PkCertConstants.CERT_NOT_AFTER, 3, date2);
            pkAttrs.add("x509.info.subject", 3, new X500Name(str5));
            pkAttrs.add("x509.info.key", 3, x509Key);
            SubjectAlternativeNameExtension createSubjectAltName = createSubjectAltName(strArr2);
            if (createSubjectAltName != null) {
                pkAttrs.add("x509.info.extensions.SubjectAlternativeName", 3, createSubjectAltName);
            }
            if (debug != null) {
                debug.text(1L, this.className, "initialCertRequest", "process complete attrs {0}", pkAttrs);
            }
            return pkAttrs;
        }

        private boolean keyUsageWrong(boolean z, KeyUsageExtension keyUsageExtension) throws Exception {
            boolean[] bits = keyUsageExtension.getBits();
            boolean z2 = false;
            if (z) {
                for (boolean z3 : bits) {
                    if (debug != null) {
                        debug.text(1L, this.className, "keyUsageWrong", "ba ={0}", new Boolean(z3));
                    }
                }
                if (bits.length > 5) {
                    int length = bits.length >= 7 ? 7 : bits.length;
                    for (int i = 5; i < length; i++) {
                        z2 = z2 || bits[i];
                    }
                }
            } else {
                for (boolean z4 : bits) {
                    if (debug != null) {
                        debug.text(1L, this.className, "keyUsageWrong", "ba ={0}", new Boolean(z4));
                    }
                }
                if (bits.length > 2) {
                    for (int i2 = 2; i2 < bits.length; i2++) {
                        z2 = z2 || bits[i2];
                    }
                }
            }
            return z2;
        }

        private SubjectAlternativeNameExtension createSubjectAltName(String[] strArr) throws Exception {
            SubjectAlternativeNameExtension subjectAlternativeNameExtension = null;
            if (strArr != null) {
                GeneralNames generalNames = new GeneralNames();
                boolean z = false;
                int length = strArr.length;
                if (strArr[0] != null) {
                    generalNames.addElement(new RFC822Name(strArr[0]));
                    z = true;
                }
                if (length > 1 && strArr[1] != null) {
                    generalNames.addElement(new DNSName(strArr[1]));
                    z = true;
                }
                if (length > 2 && strArr[2] != null) {
                    generalNames.addElement(new URIName(strArr[2]));
                    z = true;
                }
                if (length > 3 && strArr[3] != null) {
                    generalNames.addElement(new IPAddressName(getIPAddress(strArr[3])));
                    z = true;
                }
                if (z) {
                    subjectAlternativeNameExtension = new SubjectAlternativeNameExtension(generalNames);
                }
            }
            return subjectAlternativeNameExtension;
        }

        private byte[] getIPAddress(String str) {
            String[] split = PkString.split(str, ".");
            return new byte[]{new Integer(split[0]).byteValue(), new Integer(split[1]).byteValue(), new Integer(split[2]).byteValue(), new Integer(split[3]).byteValue()};
        }

        private KeyUsageExtension setKeyUsageExt(String[] strArr) throws IOException, PkRejectionException {
            KeyUsageExtension keyUsageExtension = new KeyUsageExtension();
            for (int i = 0; i < strArr.length && strArr[i] != null; i++) {
                if (strArr[i].equalsIgnoreCase(KeyUsageExtension.DIGITAL_SIGNATURE)) {
                    keyUsageExtension.set(KeyUsageExtension.DIGITAL_SIGNATURE, Boolean.TRUE);
                } else if (strArr[i].equalsIgnoreCase(KeyUsageExtension.DATA_ENCIPHERMENT)) {
                    keyUsageExtension.set(KeyUsageExtension.DATA_ENCIPHERMENT, Boolean.TRUE);
                } else if (strArr[i].equalsIgnoreCase(KeyUsageExtension.ENCIPHER_ONLY)) {
                    keyUsageExtension.set(KeyUsageExtension.ENCIPHER_ONLY, Boolean.TRUE);
                } else if (strArr[i].equalsIgnoreCase(KeyUsageExtension.DECIPHER_ONLY)) {
                    keyUsageExtension.set(KeyUsageExtension.DECIPHER_ONLY, Boolean.TRUE);
                } else if (strArr[i].equalsIgnoreCase(KeyUsageExtension.NON_REPUDIATION)) {
                    keyUsageExtension.set(KeyUsageExtension.NON_REPUDIATION, Boolean.TRUE);
                } else if (strArr[i].equalsIgnoreCase(KeyUsageExtension.KEY_ENCIPHERMENT)) {
                    keyUsageExtension.set(KeyUsageExtension.KEY_ENCIPHERMENT, Boolean.TRUE);
                } else {
                    if (!strArr[i].equalsIgnoreCase(KeyUsageExtension.KEY_AGREEMENT)) {
                        if (debug != null) {
                            debug.text(1L, this.className, "setKeyUsageExt", "Key usage {0} is not valid", strArr[i]);
                        }
                        throw new PkRejectionException(PkNLSConstants.CERT_BAD_KEY_USAGE);
                    }
                    keyUsageExtension.set(KeyUsageExtension.KEY_AGREEMENT, Boolean.TRUE);
                }
            }
            return keyUsageExtension;
        }

        private ExtKeyUsageExtension setextKeyUsageExt(String[] strArr) throws IOException, PkRejectionException {
            Vector vector = new Vector();
            for (int i = 0; i < strArr.length && strArr[i] != null; i++) {
                if (strArr[i].equalsIgnoreCase("ServerAuth_Id")) {
                    vector.add(i, PKIXExtensions.ServerAuth_Id);
                } else if (strArr[i].equalsIgnoreCase("ClientAuth_Id")) {
                    vector.add(i, PKIXExtensions.ClientAuth_Id);
                } else if (strArr[i].equalsIgnoreCase("CodeSigning_Id")) {
                    vector.add(i, PKIXExtensions.CodeSigning_Id);
                } else if (strArr[i].equalsIgnoreCase("EmailProtection_Id")) {
                    vector.add(i, PKIXExtensions.EmailProtection_Id);
                } else if (strArr[i].equalsIgnoreCase("IPSecEndSystem_Id")) {
                    vector.add(i, PKIXExtensions.IPSecEndSystem_Id);
                } else if (strArr[i].equalsIgnoreCase("IPSecTunnel_Id")) {
                    vector.add(i, PKIXExtensions.IPSecTunnel_Id);
                } else if (strArr[i].equalsIgnoreCase("IPSecUser_Id")) {
                    vector.add(i, PKIXExtensions.IPSecUser_Id);
                } else {
                    if (!strArr[i].equalsIgnoreCase("TimeStamping_Id")) {
                        if (debug != null) {
                            debug.text(1L, this.className, "extsetKeyUsageExt", "Key usage {0} is not valid", strArr[i]);
                        }
                        throw new PkRejectionException(PkNLSConstants.CERT_BAD_KEY_USAGE);
                    }
                    vector.add(i, PKIXExtensions.TimeStamping_Id);
                }
            }
            return vector.size() > 0 ? new ExtKeyUsageExtension(vector) : null;
        }

        private PkAttrs getAttrs() throws PkRejectionException {
            String l = new Long(new Date().getTime()).toString();
            String l2 = new Long(this.numValidDays * 24 * 60 * 60 * 1000).toString();
            if (debug != null) {
                debug.text(1L, this.className, "makeCertReq", "issuedCertValidity {0}", l2);
            }
            if (this.keypair == null) {
                if (debug != null) {
                    debug.text(1L, this.className, "getAttrs", "keyPair is null");
                }
                try {
                    this.keypair = generateLocalKey(this.keyType, this.keySize, "IBMSecureRandom", this.provider);
                } catch (Exception e) {
                    if (debug != null) {
                        debug.exception(4L, this.className, "getAttrs", e);
                    }
                    throw new PkRejectionException(PkNLSConstants.KEY_PAIR_CREATION_FAILED, e);
                }
            }
            new PkAttrs();
            String[] strArr = {this.subject, "3", l, l2};
            try {
                String[] strArr2 = null;
                String[] strArr3 = null;
                String[] strArr4 = null;
                this.subjectAltNames.trimToSize();
                this.keyUsage.trimToSize();
                this.extKeyUsage.trimToSize();
                if (this.subjectAltNames.size() > 0) {
                    strArr2 = (String[]) this.subjectAltNames.toArray(new String[0]);
                }
                if (this.keyUsage.size() > 0) {
                    strArr3 = (String[]) this.keyUsage.toArray(new String[0]);
                }
                if (this.extKeyUsage.size() > 0) {
                    strArr4 = (String[]) this.extKeyUsage.toArray(new String[0]);
                }
                PkAttrs initialCertRequest = initialCertRequest(strArr, strArr2, strArr3, strArr4, this.keypair.getPublic(), this.keypair.getPrivate(), this.signatureAlgorithm);
                initialCertRequest.repOrAdd("x509.info.extensions.SubjectKeyIdentifier", 3, new SubjectKeyIdentifierExtension(PkUtils.computeKID(this.keypair.getPublic(), this.iskIdShortForm)));
                return initialCertRequest;
            } catch (Exception e2) {
                if (debug != null) {
                    debug.exception(4L, this.className, "getAttrs", e2);
                }
                throw new PkRejectionException(PkNLSConstants.CREATE_CERTREQ_FAILED, e2);
            }
        }

        private void generatePKCS10CertReq() throws PkRejectionException {
            try {
                PkAttrs attrs = getAttrs();
                X500Name x500Name = (X500Name) attrs.get("x509.info.subject").getValue();
                PublicKey publicKey = (PublicKey) attrs.get("x509.info.key").getValue();
                CertificateExtensions certificateExtensions = new CertificateExtensions();
                if (attrs.has("x509.info.extensions.KeyUsage")) {
                    certificateExtensions.set("x509.info.extensions.KeyUsage", (KeyUsageExtension) attrs.get("x509.info.extensions.KeyUsage").getValue());
                }
                if (attrs.has("x509.info.extensions.ExtKeyUsage")) {
                    certificateExtensions.set("x509.info.extensions.ExtKeyUsage", (ExtKeyUsageExtension) attrs.get("x509.info.extensions.ExtKeyUsage").getValue());
                }
                if (attrs.has("x509.info.extensions.SubjectAlternativeName")) {
                    certificateExtensions.set("x509.info.extensions.SubjectAlternativeName", (SubjectAlternativeNameExtension) attrs.get("x509.info.extensions.SubjectAlternativeName").getValue());
                }
                if (attrs.has("x509.info.extensions.SubjectKeyIdentifier")) {
                    certificateExtensions.set("x509.info.extensions.SubjectKeyIdentifier", (SubjectKeyIdentifierExtension) attrs.get("x509.info.extensions.SubjectKeyIdentifier").getValue());
                }
                DerOutputStream derOutputStream = new DerOutputStream();
                certificateExtensions.encode(derOutputStream, true);
                PKCSAttributes pKCSAttributes = null;
                if (derOutputStream.size() > 0) {
                    pKCSAttributes = new PKCSAttributes(new PKCSAttribute[]{new PKCSAttribute(PKCSOID.EXTENSION_REQUEST_OID, certificateExtensions)});
                }
                this.certreq = new CertificationRequest(new CertificationRequestInfo(x500Name, publicKey, pKCSAttributes, this.provider), this.keypair.getPrivate(), this.signatureAlgorithm, this.provider);
            } catch (PKCSException e) {
                if (debug != null) {
                    debug.exception(4L, this.className, "getPKCS10CertReq", e);
                }
                throw new PkRejectionException(PkNLSConstants.CREATE_PKCS10_FROM_CERTREQ_FAILED, e);
            } catch (IOException e2) {
                if (debug != null) {
                    debug.exception(4L, this.className, "getPKCS10CertReq", e2);
                }
                throw new PkRejectionException(PkNLSConstants.CREATE_PKCS10_FROM_CERTREQ_FAILED, e2);
            } catch (NoSuchAlgorithmException e3) {
                if (debug != null) {
                    debug.exception(4L, this.className, "getPKCS10CertReq", e3);
                }
                throw new PkRejectionException(PkNLSConstants.CREATE_PKCS10_FROM_CERTREQ_FAILED, e3);
            } catch (CertificateException e4) {
                if (debug != null) {
                    debug.exception(4L, this.className, "getPKCS10CertReq", e4);
                }
                throw new PkRejectionException(PkNLSConstants.CREATE_PKCS10_FROM_CERTREQ_FAILED, e4);
            }
        }

        @Override // com.ibm.security.certclient.util.Pk10CertificateRequest
        public PrivateKey getPrivateKey() {
            return this.keypair.getPrivate();
        }

        @Override // com.ibm.security.certclient.util.Pk10CertificateRequest
        public PublicKey getPublicKey() {
            return this.keypair.getPublic();
        }

        @Override // com.ibm.security.certclient.util.Pk10CertificateRequest
        public byte[] getPKCS10CertReq() throws IOException {
            return this.certreq.encode();
        }
    }

    private Pk10CertReqFactory() {
        throw new UnsupportedOperationException();
    }

    public static Pk10CertificateRequest newCertRequest(int i, String str, int i2, String str2, String str3, boolean z, List<String> list, List<String> list2, List<String> list3, String str4) throws PkException {
        return new CertRequestImpl(i, str, i2, str2, str3, z, list, list2, list3, str4, null);
    }

    public static Pk10CertificateRequest newCertRequest(int i, String str, int i2, String str2, String str3, boolean z, List<String> list, List<String> list2, List<String> list3, String str4, KeyPair keyPair) throws PkException {
        return new CertRequestImpl(i, str, i2, str2, str3, z, list, list2, list3, str4, keyPair);
    }

    public static Pk10CertificateRequest newCertRequest(String str, String str2) throws PkException {
        return new CertRequestImpl(str, str2);
    }
}
