package com.itrus.util;

import com.itrus.cert.CertNames;
import com.itrus.cert.Names;
import com.itrus.cert.PKCS10CertificationRequest;
import com.itrus.cert.X509Certificate;
import java.io.ByteArrayInputStream;
import java.io.CharArrayReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Vector;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.lang.StringUtils;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DERIA5String;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.x509.CRLDistPoint;
import org.bouncycastle.asn1.x509.DistributionPoint;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.X509DefaultEntryConverter;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.asn1.x509.X509Name;
import org.bouncycastle.asn1.x509.X509NameEntryConverter;
import org.bouncycastle.asn1.x509.X509NameTokenizer;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMReader;
import org.bouncycastle.x509.extension.X509ExtensionUtil;

/* loaded from: classes.dex */
public class CertUtils {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class BasicX509NameTokenizer {
        private StringBuffer buf = new StringBuffer();
        private int index = -1;
        private String oid;

        public BasicX509NameTokenizer(String str) {
            this.oid = str;
        }

        public boolean hasMoreTokens() {
            return this.index != this.oid.length();
        }

        public String nextToken() {
            if (this.index == this.oid.length()) {
                return null;
            }
            int i = this.index + 1;
            boolean z = false;
            boolean z2 = false;
            this.buf.setLength(0);
            while (i != this.oid.length()) {
                char charAt = this.oid.charAt(i);
                if (charAt != '\"') {
                    if (!z2 && !z) {
                        if (charAt != '\\') {
                            if (charAt == ',' && !z2) {
                                break;
                            }
                            this.buf.append(charAt);
                        } else {
                            this.buf.append(charAt);
                            z2 = true;
                        }
                    } else {
                        this.buf.append(charAt);
                        z2 = false;
                    }
                } else {
                    if (z2) {
                        this.buf.append(charAt);
                    } else {
                        this.buf.append(charAt);
                        z = !z;
                    }
                    z2 = false;
                }
                i++;
            }
            this.index = i;
            return this.buf.toString().trim();
        }
    }

    static {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }

    public static void JKSToPKCS12(String str, char[] cArr, String str2, char[] cArr2, String str3, char[] cArr3) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        FileInputStream fileInputStream = new FileInputStream(str);
        keyStore.load(fileInputStream, cArr);
        fileInputStream.close();
        KeyStore keyStore2 = KeyStore.getInstance("PKCS12");
        keyStore2.load(null, cArr3);
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement) && nextElement.equals(str2)) {
                keyStore2.setKeyEntry(str2, keyStore.getKey(nextElement, cArr2), cArr3, keyStore.getCertificateChain(nextElement));
            }
        }
        FileOutputStream fileOutputStream = new FileOutputStream(str3);
        keyStore2.store(fileOutputStream, cArr3);
        fileOutputStream.close();
    }

    public static void PKCS12ToJKS(String str, char[] cArr, String str2, char[] cArr2) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException {
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        FileInputStream fileInputStream = new FileInputStream(str);
        keyStore.load(fileInputStream, cArr);
        fileInputStream.close();
        KeyStore keyStore2 = KeyStore.getInstance("JKS");
        keyStore2.load(null, cArr2);
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                Key key = keyStore.getKey(nextElement, cArr);
                Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
                Names subjectNames = X509Certificate.getInstance((java.security.cert.X509Certificate) certificateChain[0]).getSubjectNames();
                keyStore2.setKeyEntry(subjectNames.getItem("CN") != null ? subjectNames.getItem("CN") : (String) subjectNames.getItems((String) subjectNames.keys().nextElement()).elementAt(0), key, cArr2, certificateChain);
                for (int i = 0; i < certificateChain.length; i++) {
                    if (i != 0) {
                        Names subjectNames2 = X509Certificate.getInstance((java.security.cert.X509Certificate) certificateChain[i]).getSubjectNames();
                        keyStore2.setCertificateEntry(subjectNames2.getItem("CN") != null ? subjectNames2.getItem("CN") : (String) subjectNames2.getItems((String) subjectNames2.keys().nextElement()).elementAt(0), certificateChain[i]);
                    }
                }
            }
        }
        FileOutputStream fileOutputStream = new FileOutputStream(str2);
        keyStore2.store(fileOutputStream, cArr2);
        fileOutputStream.close();
    }

    public static String X509CertificateToPEM(java.security.cert.X509Certificate x509Certificate) throws CertificateEncodingException {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("-----BEGIN CERTIFICATE-----\n");
        stringBuffer.append(new String(Base64.encode(x509Certificate.getEncoded(), true)));
        stringBuffer.append("\n-----END CERTIFICATE-----");
        return stringBuffer.toString();
    }

    public static java.security.cert.X509Certificate changeProvider(java.security.cert.X509Certificate x509Certificate, String str) throws CertificateException, NoSuchProviderException {
        return (java.security.cert.X509Certificate) (str == null ? CertificateFactory.getInstance("X.509") : CertificateFactory.getInstance("X.509", str)).generateCertificate(new ByteArrayInputStream(x509Certificate.getEncoded()));
    }

    public static String getAlias(String str) {
        CertNames parseCertDistinguishName = parseCertDistinguishName(str, null);
        String item = parseCertDistinguishName.getItem("CN");
        if (item != null) {
            return item;
        }
        Iterator it = parseCertDistinguishName.keySet().iterator();
        return it.hasNext() ? (String) parseCertDistinguishName.getItems((String) it.next()).get(0) : item;
    }

    public static String getCRLDistributionPointURL(java.security.cert.X509Certificate x509Certificate) throws IOException {
        String str = null;
        byte[] extensionValue = x509Certificate.getExtensionValue(X509Extensions.CRLDistributionPoints.getId());
        if (extensionValue == null) {
            return null;
        }
        for (DistributionPoint distributionPoint : CRLDistPoint.getInstance(X509ExtensionUtil.fromExtensionValue(extensionValue)).getDistributionPoints()) {
            GeneralName[] names = ((GeneralNames) distributionPoint.getDistributionPoint().getName()).getNames();
            DEREncodable name = names[0].getName();
            switch (names[0].getTagNo()) {
                case 2:
                    System.out.println("本函数不支持dNSName");
                    break;
                case 3:
                    System.out.println("本函数不支持LDAP，x400Address=" + new X509Principal(((DERSequence) name).getEncoded()).getName());
                    break;
                case 4:
                case 5:
                default:
                    System.out.println("不可识别的CRLDistributionPoint，TagNo=" + names[0].getTagNo());
                    break;
                case 6:
                    str = DERIA5String.getInstance(name).getString();
                    break;
            }
        }
        return str;
    }

    public static String getCertID(java.security.cert.X509Certificate x509Certificate) {
        try {
            return CipherUtils.sha1(x509Certificate.getEncoded()).toUpperCase();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static CertificateFactory getCertificateFactory() {
        try {
            return CertificateFactory.getInstance("X.509", "BC");
        } catch (NoSuchProviderException | CertificateException e) {
            return null;
        }
    }

    private static String getDN(java.security.cert.X509Certificate x509Certificate, int i) {
        if (x509Certificate == null) {
            return null;
        }
        try {
            java.security.cert.X509Certificate x509Certificate2 = (java.security.cert.X509Certificate) getCertificateFactory().generateCertificate(new ByteArrayInputStream(x509Certificate.getEncoded()));
            return stringToBCDNString(i == 1 ? x509Certificate2.getSubjectDN().toString() : x509Certificate2.getIssuerDN().toString());
        } catch (CertificateException e) {
            return null;
        }
    }

    private static Vector getDefaultX509FieldOrder() {
        Vector vector = new Vector();
        for (String str : DnComponents.getDnObjects()) {
            vector.add(DnComponents.getOid(str));
        }
        return vector;
    }

    public static byte[] getExtensionValue(java.security.cert.X509Certificate x509Certificate, String str) {
        byte[] extensionValue = x509Certificate.getExtensionValue(str);
        if (extensionValue == null) {
            return null;
        }
        byte[] bArr = new byte[extensionValue.length - 2];
        System.arraycopy(extensionValue, 2, bArr, 0, extensionValue.length - 2);
        return bArr;
    }

    public static String getICAValidSerialNumber(String str) {
        if (str == null) {
            return null;
        }
        if (str.length() % 2 == 1) {
            str = "0" + str;
        }
        return str.startsWith("00") ? str.substring(2).toUpperCase() : str.toUpperCase();
    }

    public static String getIEValidSerialNumber(String str) {
        if (str == null) {
            return null;
        }
        if (str.length() == 0) {
            return str;
        }
        String lowerCase = str.toLowerCase();
        if (lowerCase.length() % 2 == 1) {
            lowerCase = "0" + lowerCase;
        }
        try {
            return Integer.parseInt(lowerCase.substring(0, 1), 16) >= 8 ? "00" + lowerCase : lowerCase;
        } catch (Exception e) {
            return lowerCase;
        }
    }

    public static IssuerAndSerialNumber getIssuerAndSerialNumber(java.security.cert.X509Certificate x509Certificate) {
        try {
            return new IssuerAndSerialNumber(X509Name.getInstance((DERSequence) new ASN1InputStream(x509Certificate.getIssuerX500Principal().getEncoded()).readObject()), x509Certificate.getSerialNumber());
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    public static String getIssuerDN(java.security.cert.X509Certificate x509Certificate) {
        return getDN(x509Certificate, 2);
    }

    public static Names getIssuerNames(java.security.cert.X509Certificate x509Certificate) {
        return parseDistinguishName(x509Certificate.getIssuerDN().getName(), null);
    }

    public static Names getIssuerNames(java.security.cert.X509Certificate x509Certificate, String str) {
        return parseDistinguishName(x509Certificate.getIssuerDN().getName(), str);
    }

    private static com.itrus.cert.X509Name getOrderedX509Name(com.itrus.cert.X509Name x509Name, Vector vector, X509NameEntryConverter x509NameEntryConverter) {
        Vector x509NameFields;
        Vector x509NameFields2;
        if (vector == null) {
            vector = new Vector();
        }
        Vector vector2 = new Vector();
        Vector vector3 = new Vector();
        Hashtable hashtable = new Hashtable();
        Iterator it = vector.iterator();
        while (it.hasNext()) {
            DERObjectIdentifier dERObjectIdentifier = (DERObjectIdentifier) it.next();
            if (!hashtable.containsKey(dERObjectIdentifier) && (x509NameFields2 = getX509NameFields(x509Name, dERObjectIdentifier)) != null) {
                Iterator it2 = x509NameFields2.iterator();
                while (it2.hasNext()) {
                    Object next = it2.next();
                    hashtable.put(dERObjectIdentifier, next);
                    vector2.add(dERObjectIdentifier);
                    vector3.add(next);
                }
            }
        }
        Vector oIDs = x509Name.getOIDs();
        for (int i = 0; i < oIDs.size(); i++) {
            DERObjectIdentifier dERObjectIdentifier2 = (DERObjectIdentifier) oIDs.get(i);
            if (!hashtable.containsKey(dERObjectIdentifier2) && (x509NameFields = getX509NameFields(x509Name, dERObjectIdentifier2)) != null) {
                Iterator it3 = x509NameFields.iterator();
                while (it3.hasNext()) {
                    Object next2 = it3.next();
                    hashtable.put(dERObjectIdentifier2, next2);
                    vector2.add(dERObjectIdentifier2);
                    vector3.add(next2);
                    new StringBuffer().append("added --> ").append(dERObjectIdentifier2).append(" val: ").append(next2).toString();
                }
            }
        }
        return new com.itrus.cert.X509Name(vector2, vector3, x509NameEntryConverter);
    }

    public static String getPartFromDN(String str, String str2) {
        if (str == null || str2 == null) {
            return null;
        }
        String str3 = String.valueOf(str2) + "=";
        X509NameTokenizer x509NameTokenizer = new X509NameTokenizer(str);
        while (x509NameTokenizer.hasMoreTokens()) {
            String nextToken = x509NameTokenizer.nextToken();
            if (nextToken.length() > str3.length() && nextToken.substring(0, str3.length()).equalsIgnoreCase(str3)) {
                return nextToken.substring(str3.length());
            }
        }
        return null;
    }

    public static ArrayList getPartsFromDN(String str, String str2) {
        ArrayList arrayList = new ArrayList();
        if (str != null && str2 != null) {
            String stringBuffer = new StringBuffer().append(str2).append("=").toString();
            X509NameTokenizer x509NameTokenizer = new X509NameTokenizer(str);
            while (x509NameTokenizer.hasMoreTokens()) {
                String nextToken = x509NameTokenizer.nextToken();
                if (nextToken.length() > stringBuffer.length() && nextToken.substring(0, stringBuffer.length()).equalsIgnoreCase(stringBuffer)) {
                    arrayList.add(nextToken.substring(stringBuffer.length()));
                }
            }
        }
        return arrayList;
    }

    public static String getSubjectDN(java.security.cert.X509Certificate x509Certificate) {
        return getDN(x509Certificate, 1);
    }

    public static Names getSubjectNames(java.security.cert.X509Certificate x509Certificate) {
        return parseDistinguishName(x509Certificate.getSubjectDN().getName(), null);
    }

    public static Names getSubjectNames(java.security.cert.X509Certificate x509Certificate, String str) {
        return parseDistinguishName(x509Certificate.getSubjectDN().getName(), str);
    }

    public static X509CRL getX509CRLFromBytes(byte[] bArr, String str) throws CertificateException, NoSuchProviderException, CRLException {
        return (X509CRL) (str == null ? CertificateFactory.getInstance("X.509") : CertificateFactory.getInstance("X.509", str)).generateCRL(new ByteArrayInputStream(bArr));
    }

    public static java.security.cert.X509Certificate getX509CertificateFromBase64(String str) throws CertificateException {
        if (str == null) {
            return null;
        }
        return (java.security.cert.X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(str)));
    }

    public static java.security.cert.X509Certificate getX509CertificateFromBytes(byte[] bArr) throws CertificateException {
        if (bArr == null) {
            return null;
        }
        return (java.security.cert.X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
    }

    public static java.security.cert.X509Certificate getX509CertificateFromFile(String str) throws CertificateException, IOException {
        if (str == null) {
            return null;
        }
        FileInputStream fileInputStream = new FileInputStream(str);
        java.security.cert.X509Certificate x509Certificate = (java.security.cert.X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(fileInputStream);
        fileInputStream.close();
        return x509Certificate;
    }

    private static Vector getX509NameFields(com.itrus.cert.X509Name x509Name, DERObjectIdentifier dERObjectIdentifier) {
        Vector oIDs = x509Name.getOIDs();
        Vector values = x509Name.getValues();
        Vector vector = null;
        for (int i = 0; i < oIDs.size(); i++) {
            if (dERObjectIdentifier.equals(oIDs.elementAt(i))) {
                if (vector == null) {
                    vector = new Vector();
                }
                vector.add(values.get(i));
            }
        }
        return vector;
    }

    public static String getX509NameString(X500Principal x500Principal) {
        return getX509NameString(x500Principal.getEncoded());
    }

    public static String getX509NameString(byte[] bArr) {
        try {
            return com.itrus.cert.X509Name.getInstance((DERSequence) new ASN1InputStream(bArr).readObject()).toString();
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    protected static boolean isDNReversed(String str) {
        if (str == null) {
            return false;
        }
        String str2 = null;
        X509NameTokenizer x509NameTokenizer = new X509NameTokenizer(str);
        String nextToken = x509NameTokenizer.hasMoreTokens() ? x509NameTokenizer.nextToken() : null;
        while (x509NameTokenizer.hasMoreTokens()) {
            str2 = x509NameTokenizer.nextToken();
        }
        String[] dnObjects = DnComponents.getDnObjects();
        if (nextToken == null || str2 == null) {
            return false;
        }
        String substring = nextToken.substring(0, nextToken.indexOf(61));
        String substring2 = str2.substring(0, str2.indexOf(61));
        int i = 0;
        int i2 = 0;
        for (int i3 = 0; i3 < dnObjects.length; i3++) {
            if (substring.toLowerCase().equals(dnObjects[i3])) {
                i = i3;
            }
            if (substring2.toLowerCase().equals(dnObjects[i3])) {
                i2 = i3;
            }
        }
        return i2 < i;
    }

    public static boolean isOnValidPeriod(java.security.cert.X509Certificate x509Certificate) {
        Date notBefore = x509Certificate.getNotBefore();
        Date notAfter = x509Certificate.getNotAfter();
        Date date = new Date();
        return (date.before(notBefore) || date.after(notAfter)) ? false : true;
    }

    public static boolean isSelfSigned(java.security.cert.X509Certificate x509Certificate) {
        new StringBuffer().append(">isSelfSigned: cert: ").append(getIssuerDN(x509Certificate)).append("\n").append(getSubjectDN(x509Certificate)).toString();
        boolean equals = getSubjectDN(x509Certificate).equals(getIssuerDN(x509Certificate));
        new StringBuffer().append("<isSelfSigned:").append(equals).toString();
        return equals;
    }

    public static boolean isValid(java.security.cert.X509Certificate x509Certificate) {
        return isOnValidPeriod(x509Certificate);
    }

    public static PKCS10CertificationRequest loadCSR(String str) throws com.itrus.cryptorole.CryptoException, IOException {
        PEMReader pEMReader = new PEMReader(new InputStreamReader(new FileInputStream(new File(str))));
        try {
            try {
                PKCS10CertificationRequest pKCS10CertificationRequest = new PKCS10CertificationRequest(((org.bouncycastle.jce.PKCS10CertificationRequest) pEMReader.readObject()).getEncoded());
                if (pKCS10CertificationRequest.verify()) {
                    return pKCS10CertificationRequest;
                }
                throw new com.itrus.cryptorole.CryptoException("Could not verify certification request.");
            } catch (ClassCastException e) {
                throw new com.itrus.cryptorole.CryptoException("Could not load certification request.", e);
            } catch (GeneralSecurityException e2) {
                throw new com.itrus.cryptorole.CryptoException("Could not load certification request.", e2);
            }
        } finally {
            try {
                pEMReader.close();
            } catch (IOException e3) {
            }
        }
    }

    public static PKCS10CertificationRequest loadCSRString(String str) throws com.itrus.cryptorole.CryptoException, IOException {
        PEMReader pEMReader = new PEMReader(new CharArrayReader(str.toCharArray()));
        try {
            try {
                try {
                    PKCS10CertificationRequest pKCS10CertificationRequest = new PKCS10CertificationRequest(((org.bouncycastle.jce.PKCS10CertificationRequest) pEMReader.readObject()).getEncoded());
                    if (pKCS10CertificationRequest.verify()) {
                        return pKCS10CertificationRequest;
                    }
                    throw new com.itrus.cryptorole.CryptoException("Could not verify certification request.");
                } catch (GeneralSecurityException e) {
                    throw new com.itrus.cryptorole.CryptoException("Could not load certification request.", e);
                }
            } catch (ClassCastException e2) {
                throw new com.itrus.cryptorole.CryptoException("Could not load certification request.", e2);
            }
        } finally {
            try {
                pEMReader.close();
            } catch (IOException e3) {
            }
        }
    }

    public static CertNames parseCertDistinguishName(String str, String str2) {
        String str3 = ", ";
        if (str2 != null && str2.equals("BC")) {
            str3 = ",";
        }
        CertNames certNames = new CertNames();
        String[] split = str.split(str3);
        String str4 = "";
        for (int length = split.length - 1; length >= 0; length--) {
            String str5 = !str4.equals("") ? String.valueOf(split[length]) + str4 : split[length];
            int indexOf = str5.indexOf("=");
            if (-1 == indexOf) {
                str4 = String.valueOf(str3) + str5;
            } else {
                String substring = str5.substring(0, indexOf);
                String substring2 = str5.substring(indexOf + 1, str5.length());
                if (substring2.indexOf("\"") == 0 && substring2.length() - 1 == substring2.lastIndexOf("\"")) {
                    substring2 = substring2.substring(1, substring2.length()).substring(0, r7.length() - 1);
                }
                if (certNames.containsKey(substring)) {
                    ((Vector) certNames.get(substring)).add(substring2);
                } else {
                    Vector vector = new Vector();
                    vector.add(substring2);
                    certNames.put(substring, vector);
                }
                str4 = "";
            }
        }
        return certNames;
    }

    public static Names parseDistinguishName(String str, String str2) {
        String str3 = ", ";
        if (str2 != null && str2.equals("BC")) {
            str3 = ",";
        }
        Names names = new Names();
        String[] split = str.split(str3);
        String str4 = "";
        for (int length = split.length - 1; length >= 0; length--) {
            String str5 = !str4.equals("") ? String.valueOf(split[length]) + str4 : split[length];
            int indexOf = str5.indexOf("=");
            if (-1 == indexOf) {
                str4 = String.valueOf(str3) + str5;
            } else {
                String substring = str5.substring(0, indexOf);
                String substring2 = str5.substring(indexOf + 1, str5.length());
                if (substring2.indexOf("\"") == 0 && substring2.length() - 1 == substring2.lastIndexOf("\"")) {
                    substring2 = substring2.substring(1, substring2.length()).substring(0, r7.length() - 1);
                }
                if (names.containsKey(substring)) {
                    ((Vector) names.get(substring)).add(substring2);
                } else {
                    Vector vector = new Vector();
                    vector.add(substring2);
                    names.put(substring, vector);
                }
                str4 = "";
            }
        }
        return names;
    }

    public static String reverseDN(String str) {
        if (str == null) {
            return null;
        }
        BasicX509NameTokenizer basicX509NameTokenizer = new BasicX509NameTokenizer(str);
        StringBuffer stringBuffer = new StringBuffer();
        boolean z = true;
        while (basicX509NameTokenizer.hasMoreTokens()) {
            String nextToken = basicX509NameTokenizer.nextToken();
            if (z) {
                z = false;
            } else {
                stringBuffer.insert(0, ",");
            }
            stringBuffer.insert(0, nextToken);
        }
        if (stringBuffer.length() > 0) {
            return stringBuffer.toString();
        }
        return null;
    }

    public static String stringToBCDNString(String str) {
        if (isDNReversed(str)) {
            str = reverseDN(str);
        }
        com.itrus.cert.X509Name stringToBcX509Name = stringToBcX509Name(str);
        String x509Name = stringToBcX509Name != null ? stringToBcX509Name.toString() : null;
        if (x509Name != null && x509Name.length() > 250) {
            new StringBuffer().append("Warning! DN is more than 250 characters long. Some databases have only 250 characters in the database for SubjectDN. Clipping may occur! DN (").append(x509Name.length()).append(" chars): ").append(x509Name).toString();
        }
        return x509Name;
    }

    public static com.itrus.cert.X509Name stringToBcX509Name(String str) {
        return stringToBcX509Name(str, new X509DefaultEntryConverter());
    }

    private static com.itrus.cert.X509Name stringToBcX509Name(String str, X509NameEntryConverter x509NameEntryConverter) {
        return stringToBcX509Name(str, x509NameEntryConverter, getDefaultX509FieldOrder());
    }

    public static com.itrus.cert.X509Name stringToBcX509Name(String str, X509NameEntryConverter x509NameEntryConverter, Vector vector) {
        if (str == null) {
            return null;
        }
        Vector vector2 = new Vector();
        Vector vector3 = new Vector();
        X509NameTokenizer x509NameTokenizer = new X509NameTokenizer(str);
        while (x509NameTokenizer.hasMoreTokens()) {
            String nextToken = x509NameTokenizer.nextToken();
            int indexOf = nextToken.indexOf("=");
            if (indexOf != -1) {
                String trim = nextToken.substring(0, indexOf).toLowerCase().trim();
                String substring = nextToken.substring(indexOf + 1);
                if (substring != null) {
                    substring = StringUtils.stripStart(substring, (String) null);
                }
                DERObjectIdentifier oid = DnComponents.getOid(trim);
                if (oid == null) {
                    try {
                        oid = new DERObjectIdentifier(trim);
                    } catch (IllegalArgumentException e) {
                    }
                }
                vector2.add(oid);
                vector3.add(substring);
            }
        }
        return getOrderedX509Name(new com.itrus.cert.X509Name(vector2, vector3, x509NameEntryConverter), vector, x509NameEntryConverter);
    }
}
