package com.xdja.pki.issue;

import com.xdja.pki.asn1.issue.TBSIssue;
import com.xdja.pki.gmssl.crypto.sdf.SdfCryptoType;
import com.xdja.pki.gmssl.crypto.utils.GMSSLSM2SignUtils;
import com.xdja.pki.ldap.X509Utils;
import java.security.KeyPair;
import java.security.cert.X509Certificate;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
import org.bouncycastle.asn1.ocsp.Signature;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.Certificate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/xdja/pki/issue/BasicPkixIssueBuilder.class */
public class BasicPkixIssueBuilder {
    protected KeyPair keyPair;
    protected X509Certificate certificate;
    protected int privateKeyIndex;
    protected String privateKeyPassword;
    protected SdfCryptoType sdfCryptoType;
    private Logger logger = LoggerFactory.getLogger(BasicPkixIssue.class);
    protected boolean isSignByBC = true;

    public BasicPkixIssueBuilder(KeyPair keyPair, X509Certificate x509Certificate) {
        this.keyPair = keyPair;
        this.certificate = x509Certificate;
    }

    public BasicPkixIssueBuilder(int i, String str, X509Certificate x509Certificate, SdfCryptoType sdfCryptoType) {
        this.privateKeyIndex = i;
        this.privateKeyPassword = str;
        this.certificate = x509Certificate;
        this.sdfCryptoType = sdfCryptoType;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Signature getSignature(TBSIssue tBSIssue) throws Exception {
        return this.isSignByBC ? getSignatureByBC(tBSIssue) : getSignatureBySdf(tBSIssue);
    }

    protected Signature getSignatureByBC(TBSIssue tBSIssue) throws Exception {
        this.logger.debug(" getSignatureByBC    certificate.getSigAlgOID()" + this.certificate.getSigAlgOID());
        return new Signature(new AlgorithmIdentifier(GMObjectIdentifiers.sm2sign_with_sm3), new DERBitString(GMSSLSM2SignUtils.signByBC(this.keyPair.getPrivate(), tBSIssue.getEncoded("DER"))), X509Utils.toSequence(new Certificate[]{X509Utils.convertCertificate(this.certificate)}));
    }

    protected Signature getSignatureBySdf(TBSIssue tBSIssue) throws Exception {
        this.logger.debug(" getSignatureBySdf    " + this.sdfCryptoType.name());
        return new Signature(new AlgorithmIdentifier(GMObjectIdentifiers.sm2sign_with_sm3), new DERBitString(GMSSLSM2SignUtils.signBySdf(this.sdfCryptoType, this.privateKeyIndex, this.privateKeyPassword, tBSIssue.getEncoded("DER"))), X509Utils.toSequence(new Certificate[]{X509Utils.convertCertificate(this.certificate)}));
    }
}
