package cfca.com.itextpdf.text.pdf.security;

import cfca.com.itextpdf.text.pdf.security.pkcs7.Constants;
import cfca.sadk.algorithm.common.Mechanism;
import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.algorithm.sm2.SM2HashZValue;
import cfca.sadk.algorithm.sm2.SM2PublicKey;
import cfca.sadk.lib.crypto.bcsoft.BCSoftLib;
import cfca.seal.sadk.PrePdfSeal;
import cfca.seal.sadk.cert.PdfX509Certificate;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.Certificate;

/* loaded from: input_file:cfca/com/itextpdf/text/pdf/security/PrivateKeySignature.class */
public class PrivateKeySignature implements ExternalSignature {
    private PrivateKey privateKey;
    private String hashAlgorithm;
    private String encryptionAlgorithm;
    private String provider;
    private Certificate[] chain;

    public PrivateKeySignature(PrivateKey privateKey, Certificate[] certificateArr, String str, String str2, String str3) {
        this.privateKey = privateKey;
        this.chain = certificateArr;
        this.provider = str3;
        this.encryptionAlgorithm = str;
        this.hashAlgorithm = DigestAlgorithms.getDigest(DigestAlgorithms.getAllowedDigests(str2));
    }

    @Override // cfca.com.itextpdf.text.pdf.security.ExternalSignature
    public String getHashAlgorithm() {
        return this.hashAlgorithm;
    }

    @Override // cfca.com.itextpdf.text.pdf.security.ExternalSignature
    public String getEncryptionAlgorithm() {
        return this.encryptionAlgorithm;
    }

    @Override // cfca.com.itextpdf.text.pdf.security.ExternalSignature
    public byte[] sign(byte[] bArr) throws GeneralSecurityException {
        String str = this.hashAlgorithm + "with" + this.encryptionAlgorithm;
        byte[] bArr2 = null;
        if ("RSA".equals(this.encryptionAlgorithm)) {
            Signature signature = this.provider == null ? Signature.getInstance(str) : Signature.getInstance(str, this.provider);
            signature.initSign(this.privateKey);
            signature.update(bArr);
            bArr2 = signature.sign();
        } else if (PrePdfSeal.EncryptionAlgorithm.SM2.equals(this.encryptionAlgorithm)) {
            try {
                MessageDigest messageDigest = new BouncyCastleDigest().getMessageDigest(this.hashAlgorithm);
                byte[] bytes = "1234567812345678".getBytes(Constants.DEFAULT_CHARSET);
                SM2PublicKey publicKey = ((PdfX509Certificate) this.chain[0]).getX509Cert().getPublicKey();
                byte[] za = SM2HashZValue.getZa(publicKey.getPubXByInt(), publicKey.getPubYByInt(), bytes);
                messageDigest.update(za, 0, za.length);
                messageDigest.update(bArr);
                bArr2 = new BCSoftLib().signByHash(new Mechanism("sm3WithSM2Encryption"), this.privateKey, messageDigest.digest());
            } catch (UnsupportedEncodingException e) {
                throw new GeneralSecurityException("create sm2 signature failed!");
            } catch (PKIException e2) {
                throw new GeneralSecurityException("create sm2 signature failed!");
            }
        }
        return bArr2;
    }

    @Override // cfca.com.itextpdf.text.pdf.security.ExternalSignature
    public PrivateKey getPrivateKey() {
        return this.privateKey;
    }

    @Override // cfca.com.itextpdf.text.pdf.security.ExternalSignature
    public Certificate[] getCertificateChain() {
        return this.chain;
    }
}
