package com.ibm.oti.security.provider;

import com.ibm.oti.util.ASN1Decoder;
import com.ibm.oti.util.ASN1Encoder;
import com.ibm.oti.util.ASN1Exception;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Set;

/* loaded from: input_file:fixed/ive-2.2/runtimes/zaurus/arm/ppro10/lib/jclPPro10/classes.zip:com/ibm/oti/security/provider/X509Certificate.class */
public class X509Certificate extends java.security.cert.X509Certificate {
    private byte[] encoded;
    private int originalOffsetIntoRawBytes;
    private ASN1Decoder.Node tbsNode;
    private int version;
    private BigInteger serialNumber;
    private X509Principal issuer;
    private X509Principal subject;
    private Date notBefore;
    private Date notAfter;
    private String sigAlgOID;
    private byte[] sigAlgParams;
    private byte[] rawSignature;
    private String signatureName;
    private String signatureProviderName;
    private String subjectAlgOID;
    private ASN1Decoder.Node subjectPublicKeyASN1DER;
    private PublicKey subjectPublicKey;
    private boolean[] subjectUniqueID;
    private boolean[] issuerUniqueID;
    private Hashtable extensions;
    public static final Hashtable OID_DATABASE = new Hashtable(5);
    private static final String OID_BasicConstraints = "2.5.29.19";
    private static final String OID_KeyUsage = "2.5.29.15";
    private static final String[] SUPPORTED_CRITICAL_EXTENSIONS;
    protected static final ASN1Decoder.TypeMapper X509_MAPPER;
    private static final Hashtable KEYALGORITHM_OID;
    private static final Hashtable SIGNALGORITHM_OID;

    static {
        OID_DATABASE.put("1.2.840.113549.1.1.2", "MD2withRSA");
        OID_DATABASE.put("1.2.840.113549.1.1.4", "MD5withRSA");
        OID_DATABASE.put("1.2.840.113549.1.1.5", "SHA1withRSA");
        OID_DATABASE.put("1.2.840.10040.4.3", "SHA1withDSA");
        OID_DATABASE.put("1.3.14.3.2.26", "SHA");
        OID_DATABASE.put("1.2.840.113549.2.5", "MD5");
        OID_DATABASE.put("1.2.840.113549.1.1.1", "RSA");
        OID_DATABASE.put("1.2.840.10040.4.1", "DSA");
        OID_DATABASE.put("1.3.14.3.2.12", "DSA");
        OID_DATABASE.put("1.2.840.10046.2.1", "DiffieHellman");
        SUPPORTED_CRITICAL_EXTENSIONS = new String[]{OID_BasicConstraints, OID_KeyUsage};
        X509_MAPPER = new ASN1Decoder.TypeMapper() { // from class: com.ibm.oti.security.provider.X509Certificate.1
            @Override // com.ibm.oti.util.ASN1Decoder.TypeMapper
            public int map(int i, int i2, int i3) {
                switch (i) {
                    case 0:
                    case 3:
                        return 16;
                    case 1:
                    case 2:
                        return 2;
                    default:
                        return i;
                }
            }
        };
        KEYALGORITHM_OID = new Hashtable(7);
        KEYALGORITHM_OID.put("RSA", "1.2.840.113549.1.1.1");
        KEYALGORITHM_OID.put("DSA", "1.2.840.10040.4.1");
        KEYALGORITHM_OID.put("DiffieHellman", "1.2.840.10046.2.1");
        SIGNALGORITHM_OID = new Hashtable(7);
        SIGNALGORITHM_OID.put("MD2withRSA", "1.2.840.113549.1.1.2");
        SIGNALGORITHM_OID.put("MD5withRSA", "1.2.840.113549.1.1.4");
        SIGNALGORITHM_OID.put("SHA1withRSA", "1.2.840.113549.1.1.5");
        SIGNALGORITHM_OID.put("SHA1withDSA", "1.2.840.10040.4.3");
    }

    protected X509Certificate() {
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
        checkValidity(new Date());
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
        if (date.getTime() < this.notBefore.getTime() || date.getTime() > this.notAfter.getTime()) {
            throw new CertificateExpiredException();
        }
    }

    @Override // java.security.cert.X509Certificate
    public int getBasicConstraints() {
        X509Extension x509Extension;
        byte[] value;
        ASN1Decoder.Node subnode;
        if (this.extensions == null || (x509Extension = (X509Extension) this.extensions.get(OID_BasicConstraints)) == null || (value = x509Extension.value()) == null) {
            return -1;
        }
        try {
            ASN1Decoder.Node readContents = new ASN1Decoder(new ByteArrayInputStream(value)).readContents();
            ASN1Decoder.Node subnode2 = readContents.subnode(0);
            boolean z = false;
            if (subnode2 == null) {
                return -1;
            }
            if (subnode2.type == 1) {
                z = ((Boolean) subnode2.data).booleanValue();
            }
            if (!z || (subnode = readContents.subnode(Integer.MAX_VALUE)) == null) {
                return -1;
            }
            if (subnode.type != 2) {
                return -2;
            }
            return ((BigInteger) subnode.data).intValue();
        } catch (ASN1Exception unused) {
            return -1;
        } catch (ArrayIndexOutOfBoundsException unused2) {
            return -1;
        } catch (ClassCastException unused3) {
            return -1;
        }
    }

    @Override // java.security.cert.X509Certificate
    public Principal getIssuerDN() {
        return this.issuer;
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getIssuerUniqueID() {
        return this.issuerUniqueID;
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getKeyUsage() {
        X509Extension x509Extension;
        byte[] value;
        if (this.extensions == null || (x509Extension = (X509Extension) this.extensions.get(OID_KeyUsage)) == null || (value = x509Extension.value()) == null || value.length < 1) {
            return null;
        }
        try {
            ASN1Decoder.Node readContents = new ASN1Decoder(new ByteArrayInputStream(value)).readContents();
            if (readContents.type != 3) {
                return null;
            }
            ASN1Decoder.BitString bitString = (ASN1Decoder.BitString) readContents.data;
            boolean[] zArr = new boolean[bitString.bitLength()];
            for (int i = 0; i < zArr.length; i++) {
                zArr[i] = bitString.bitAt(i);
            }
            return zArr;
        } catch (ASN1Exception unused) {
            return null;
        } catch (ArrayIndexOutOfBoundsException unused2) {
            return null;
        } catch (ClassCastException unused3) {
            return null;
        }
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotAfter() {
        return this.notAfter;
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotBefore() {
        return this.notBefore;
    }

    @Override // java.security.cert.X509Certificate
    public BigInteger getSerialNumber() {
        return this.serialNumber;
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgName() {
        return this.signatureName;
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgOID() {
        return this.sigAlgOID;
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSigAlgParams() {
        return this.sigAlgParams;
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSignature() {
        return this.rawSignature;
    }

    @Override // java.security.cert.X509Certificate
    public Principal getSubjectDN() {
        return this.subject;
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getSubjectUniqueID() {
        return this.subjectUniqueID;
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getTBSCertificate() throws CertificateEncodingException {
        byte[] bArr = new byte[(this.tbsNode.endPosition - this.tbsNode.startPosition) + 1];
        System.arraycopy(this.encoded, this.tbsNode.startPosition - this.originalOffsetIntoRawBytes, bArr, 0, bArr.length);
        return bArr;
    }

    @Override // java.security.cert.X509Certificate
    public int getVersion() {
        return this.version;
    }

    @Override // java.security.cert.X509Certificate, java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        Set criticalExtensionOIDs = getCriticalExtensionOIDs();
        if (criticalExtensionOIDs == null) {
            return false;
        }
        if (criticalExtensionOIDs.size() > SUPPORTED_CRITICAL_EXTENSIONS.length) {
            return true;
        }
        for (int i = 0; i < SUPPORTED_CRITICAL_EXTENSIONS.length; i++) {
            criticalExtensionOIDs.remove(SUPPORTED_CRITICAL_EXTENSIONS[i]);
        }
        return criticalExtensionOIDs.size() != 0;
    }

    @Override // java.security.cert.X509Certificate, java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        return getExtensionOIDs(true);
    }

    @Override // java.security.cert.X509Certificate, java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        return getExtensionOIDs(false);
    }

    @Override // java.security.cert.X509Certificate, java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        X509Extension x509Extension;
        if (this.extensions == null || (x509Extension = (X509Extension) this.extensions.get(str)) == null) {
            return null;
        }
        if (x509Extension.value() == null) {
            byte[] bArr = new byte[0];
        }
        ASN1Decoder.Node node = new ASN1Decoder.Node();
        node.type = 4;
        node.data = x509Extension.value();
        return ASN1Encoder.encodeNode(node);
    }

    @Override // java.security.cert.Certificate
    public byte[] getEncoded() throws CertificateEncodingException {
        return this.encoded;
    }

    @Override // java.security.cert.Certificate
    public PublicKey getPublicKey() {
        return this.subjectPublicKey;
    }

    private byte[] getSubjectPublicKeyInfoAsBytes() {
        byte[] bArr = new byte[(this.subjectPublicKeyASN1DER.endPosition - this.subjectPublicKeyASN1DER.startPosition) + 1];
        System.arraycopy(this.encoded, this.subjectPublicKeyASN1DER.startPosition - this.originalOffsetIntoRawBytes, bArr, 0, bArr.length);
        return bArr;
    }

    private byte[] getSubjectPublicKeyBitStringAsBytes() {
        return ((ASN1Decoder.BitString) ((ASN1Decoder.Node[]) this.subjectPublicKeyASN1DER.data)[1].data).data;
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        if (this.signatureProviderName != null) {
            verify(publicKey, this.signatureProviderName);
        } else {
            if (this.signatureName == null) {
                throw new NoSuchAlgorithmException(this.sigAlgOID);
            }
            verify(publicKey, Signature.getInstance(this.signatureName));
        }
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey, String str) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        if (this.signatureName == null) {
            throw new NoSuchAlgorithmException(this.sigAlgOID);
        }
        verify(publicKey, Signature.getInstance(this.signatureName, str));
    }

    private void verify(PublicKey publicKey, Signature signature) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        signature.initVerify(publicKey);
        signature.update(getTBSCertificate());
        if (!signature.verify(getSignature())) {
            throw new SignatureException();
        }
    }

    @Override // java.security.cert.Certificate
    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("X.509 Certificate v");
        stringBuffer.append(getVersion());
        stringBuffer.append("\nSubjectDN: ");
        stringBuffer.append(getSubjectDN());
        stringBuffer.append("\n\tNot Before: ");
        stringBuffer.append(getNotBefore());
        stringBuffer.append("\n\tNot After: ");
        stringBuffer.append(getNotAfter());
        stringBuffer.append("\nIssuerDN: ");
        stringBuffer.append(getIssuerDN());
        stringBuffer.append("\nSerialNumber: ");
        stringBuffer.append(getSerialNumber().toString(16));
        stringBuffer.append("\nSigAlgName: ");
        stringBuffer.append(getSigAlgName());
        stringBuffer.append(", SigAlgOID: ");
        stringBuffer.append(getSigAlgOID());
        return stringBuffer.toString();
    }

    private void configureSignature(ASN1Decoder.Node[] nodeArr) {
        ASN1Decoder.Node[] nodeArr2 = (ASN1Decoder.Node[]) nodeArr[1].data;
        this.rawSignature = ((ASN1Decoder.BitString) nodeArr[2].data).data;
        this.sigAlgOID = ASN1OID.OIDToString((int[]) nodeArr2[0].data);
        String[] strArr = new String[1];
        this.signatureName = getAlias("Alg.Alias.Signature.", this.sigAlgOID, strArr);
        this.signatureProviderName = strArr[0];
        ASN1Decoder.Node node = null;
        if (nodeArr2.length > 1) {
            node = nodeArr2[1];
        }
        if (node == null || node.type == 5) {
            return;
        }
        this.sigAlgParams = new byte[(node.endPosition - node.startPosition) + 1];
        System.arraycopy(this.encoded, node.startPosition - this.originalOffsetIntoRawBytes, this.sigAlgParams, 0, this.sigAlgParams.length);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getAlias(String str, String str2, String[] strArr) {
        String stringBuffer = new StringBuffer(String.valueOf(str)).append(str2).toString();
        for (Provider provider : Security.getProviders()) {
            String str3 = (String) provider.get(stringBuffer);
            if (str3 != null) {
                if (strArr != null) {
                    strArr[0] = provider.getName();
                }
                return str3;
            }
        }
        return (String) OID_DATABASE.get(str2);
    }

    private void configureSubjectPublicKeyInfo(ASN1Decoder.Node[] nodeArr, int i) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException {
        ASN1Decoder.Node node = nodeArr[i + 6];
        this.subjectAlgOID = ASN1OID.OIDToString((int[]) ((ASN1Decoder.Node[]) ((ASN1Decoder.Node[]) node.data)[0].data)[0].data);
        this.subjectPublicKeyASN1DER = node;
        String alias = getAlias("Alg.Alias.KeyFactory.", this.subjectAlgOID, null);
        byte[] subjectPublicKeyInfoAsBytes = getSubjectPublicKeyInfoAsBytes();
        KeyFactory keyFactory = null;
        if (alias != null) {
            try {
                keyFactory = KeyFactory.getInstance(alias);
            } catch (NoSuchAlgorithmException unused) {
            }
        }
        if (keyFactory != null) {
            this.subjectPublicKey = keyFactory.generatePublic(new X509EncodedKeySpec(subjectPublicKeyInfoAsBytes));
            return;
        }
        UnparsedX509PublicKey unparsedX509PublicKey = new UnparsedX509PublicKey(subjectPublicKeyInfoAsBytes);
        unparsedX509PublicKey.algorithm = alias == null ? this.subjectAlgOID : alias;
        this.subjectPublicKey = unparsedX509PublicKey;
    }

    private Set getExtensionOIDs(boolean z) {
        if (this.extensions == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        Enumeration elements = this.extensions.elements();
        while (elements.hasMoreElements()) {
            X509Extension x509Extension = (X509Extension) elements.nextElement();
            if (x509Extension.isCritical() == z) {
                hashSet.add(x509Extension.name());
            }
        }
        return hashSet;
    }

    private boolean[] computeUniqueID(ASN1Decoder.Node node) {
        byte[] byteArray = node.data instanceof ASN1Decoder.BitString ? ((ASN1Decoder.BitString) node.data).data : ((BigInteger) node.data).toByteArray();
        boolean[] zArr = new boolean[byteArray.length * 8];
        for (int i = 0; i < byteArray.length * 8; i++) {
            zArr[i] = (byteArray[i / 8] & (128 >> (i % 8))) != 0;
        }
        return zArr;
    }

    private void configureExtensions(ASN1Decoder.Node node) {
        ASN1Decoder.Node[] nodeArr = (ASN1Decoder.Node[]) ((ASN1Decoder.Node[]) node.data)[0].data;
        this.extensions = new Hashtable();
        for (ASN1Decoder.Node node2 : nodeArr) {
            ASN1Decoder.Node[] nodeArr2 = (ASN1Decoder.Node[]) node2.data;
            boolean z = false;
            if (nodeArr2.length > 2) {
                z = ((Boolean) nodeArr2[1].data).booleanValue();
            }
            X509Extension x509Extension = new X509Extension(new ASN1OID((int[]) nodeArr2[0].data), (byte[]) nodeArr2[nodeArr2.length - 1].data, z);
            this.extensions.put(x509Extension.name(), x509Extension);
        }
    }

    private void configureOptionalParts(ASN1Decoder.Node[] nodeArr, int i) {
        int i2 = i + 7;
        while (i2 < nodeArr.length) {
            ASN1Decoder.Node node = nodeArr[i2];
            i2++;
            switch (node.originalType) {
                case 1:
                    this.issuerUniqueID = computeUniqueID(node);
                    break;
                case 2:
                    this.subjectUniqueID = computeUniqueID(node);
                    break;
                case 3:
                    configureExtensions(node);
                    break;
            }
        }
    }

    public static X509Certificate certificateFromASN1Object(byte[] bArr) throws CertificateException {
        return certificateFromASN1Object(new ByteArrayInputStream(bArr));
    }

    public static X509Certificate certificateFromASN1Object(ASN1Decoder.Node node, byte[] bArr) throws CertificateException {
        int i;
        try {
            X509Certificate x509Certificate = new X509Certificate();
            ASN1Decoder.Node[] nodeArr = (ASN1Decoder.Node[]) node.data;
            int i2 = node.startPosition;
            int i3 = node.endPosition;
            if (i2 == 0 && i3 == bArr.length - 1) {
                x509Certificate.encoded = bArr;
            } else {
                x509Certificate.encoded = new byte[(i3 - i2) + 1];
                System.arraycopy(bArr, i2, x509Certificate.encoded, 0, x509Certificate.encoded.length);
            }
            x509Certificate.originalOffsetIntoRawBytes = i2;
            x509Certificate.configureSignature(nodeArr);
            ASN1Decoder.Node node2 = nodeArr[0];
            ASN1Decoder.Node[] nodeArr2 = (ASN1Decoder.Node[]) node2.data;
            x509Certificate.tbsNode = node2;
            if (nodeArr2[0].originalType == 0) {
                x509Certificate.version = ((BigInteger) ((ASN1Decoder.Node[]) nodeArr2[0].data)[0].data).intValue() + 1;
                i = 0;
            } else {
                x509Certificate.version = 1;
                i = -1;
            }
            x509Certificate.serialNumber = (BigInteger) nodeArr2[i + 1].data;
            ASN1Decoder.Node[] nodeArr3 = (ASN1Decoder.Node[]) nodeArr2[i + 4].data;
            x509Certificate.notBefore = (Date) nodeArr3[0].data;
            x509Certificate.notAfter = (Date) nodeArr3[1].data;
            X509Principal x509Principal = new X509Principal();
            x509Principal.initFrom(nodeArr2[i + 3]);
            x509Certificate.issuer = x509Principal;
            X509Principal x509Principal2 = new X509Principal();
            x509Principal2.initFrom(nodeArr2[i + 5]);
            x509Certificate.subject = x509Principal2;
            x509Certificate.configureSubjectPublicKeyInfo(nodeArr2, i);
            x509Certificate.configureOptionalParts(nodeArr2, i);
            return x509Certificate;
        } catch (ClassCastException unused) {
            throw new CertificateException();
        } catch (NoSuchAlgorithmException unused2) {
            throw new CertificateException();
        } catch (NoSuchProviderException unused3) {
            throw new CertificateException();
        } catch (InvalidKeySpecException unused4) {
            throw new CertificateException();
        }
    }

    public static X509Certificate certificateFromASN1Object(InputStream inputStream) throws CertificateException {
        try {
            ASN1Decoder aSN1Decoder = new ASN1Decoder(inputStream);
            aSN1Decoder.configureTypeRedirection(2, X509_MAPPER);
            aSN1Decoder.collectBytes(true);
            return certificateFromASN1Object(aSN1Decoder.readContents(), aSN1Decoder.collectedBytes());
        } catch (ASN1Exception unused) {
            throw new CertificateException();
        }
    }

    public static Certificate certificateFromData(PublicKey publicKey, String str, Date date, Date date2) throws CertificateException {
        try {
            X509Certificate x509Certificate = new X509Certificate();
            x509Certificate.encoded = null;
            x509Certificate.subjectPublicKey = publicKey;
            x509Certificate.notBefore = date;
            x509Certificate.notAfter = date2;
            x509Certificate.version = 1;
            x509Certificate.serialNumber = new BigInteger(String.valueOf(x509Certificate.notBefore.getTime() / 1000));
            if (str != null) {
                X509Principal x509Principal = new X509Principal();
                x509Principal.initFrom(str);
                x509Certificate.issuer = x509Principal;
                X509Principal x509Principal2 = new X509Principal();
                x509Principal2.initFrom(str);
                x509Certificate.subject = x509Principal2;
            }
            return x509Certificate;
        } catch (ClassCastException e) {
            throw new CertificateException(e.getMessage());
        }
    }

    private int[] parseOID(String str) {
        return null;
    }

    public byte[] getSignedAndEncoded(String str, PrivateKey privateKey) throws CertificateException {
        try {
            Object[] objArr = new Object[(-1) + 7];
            objArr[(-1) + 1] = this.serialNumber;
            Object[] objArr2 = new Object[2];
            objArr2[0] = ASN1OID.stringToIntOID((String) SIGNALGORITHM_OID.get(str));
            objArr2[1] = null;
            objArr[(-1) + 2] = objArr2;
            objArr[(-1) + 3] = this.issuer.getASN1Structure();
            Object[] objArr3 = new Object[2];
            objArr3[0] = new ASN1Decoder.UTCTime(this.notBefore);
            objArr3[1] = new ASN1Decoder.UTCTime(this.notAfter);
            objArr[(-1) + 4] = objArr3;
            objArr[(-1) + 5] = this.subject.getASN1Structure();
            objArr[(-1) + 6] = new ASN1Decoder.Data(this.subjectPublicKey.getEncoded());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new ASN1Encoder(byteArrayOutputStream).writeObject(objArr);
            Signature signature = Signature.getInstance(str);
            signature.initSign(privateKey);
            signature.update(byteArrayOutputStream.toByteArray());
            Object[] objArr4 = {new ASN1Decoder.Data(byteArrayOutputStream.toByteArray()), new Object[]{ASN1OID.stringToIntOID((String) SIGNALGORITHM_OID.get(str)), null}, new ASN1Decoder.BitString(0, signature.sign())};
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            new ASN1Encoder(byteArrayOutputStream2).writeObject(objArr4);
            return byteArrayOutputStream2.toByteArray();
        } catch (ASN1Exception e) {
            throw new CertificateException(e.getMessage());
        } catch (InvalidKeyException e2) {
            throw new CertificateException(e2.getMessage());
        } catch (NoSuchAlgorithmException e3) {
            throw new CertificateException(e3.getMessage());
        } catch (SignatureException e4) {
            throw new CertificateException(e4.getMessage());
        }
    }

    public void setIssuerDN(Principal principal) {
        this.issuer = new X509Principal();
        this.issuer.initFrom(principal.getName());
    }

    public void setSubjectDN(Principal principal) {
        this.subject = new X509Principal();
        this.subject.initFrom(principal.getName());
    }
}
