package com.xdja.pki.oer.gbt.asn1.data;

import com.xdja.pki.oer.core.calculate.CalculateFactory;
import com.xdja.pki.oer.core.calculate.CalculateService;
import com.xdja.pki.oer.gbt.asn1.Certificate;
import com.xdja.pki.oer.gbt.asn1.CipherText;
import com.xdja.pki.oer.gbt.asn1.EcSignature;
import com.xdja.pki.oer.gbt.asn1.EncryptedData;
import com.xdja.pki.oer.gbt.asn1.HashAlgorithm;
import com.xdja.pki.oer.gbt.asn1.HashedId8;
import com.xdja.pki.oer.gbt.asn1.PKRecipientInfo;
import com.xdja.pki.oer.gbt.asn1.Payload;
import com.xdja.pki.oer.gbt.asn1.RecipientInfo;
import com.xdja.pki.oer.gbt.asn1.SecuredMessage;
import com.xdja.pki.oer.gbt.asn1.SequenceOfRecipientInfo;
import com.xdja.pki.oer.gbt.asn1.SymmetricCipherText;
import com.xdja.pki.oer.gbt.asn1.bean.PKRecipientInfoType;
import com.xdja.pki.oer.gbt.asn1.utils.KekBuilder;

/* loaded from: input_file:com/xdja/pki/oer/gbt/asn1/data/EcSignatureBuilder.class */
public class EcSignatureBuilder {
    private static CalculateService calculateService = CalculateFactory.getInstance();

    public static EcSignature build(SecuredMessage securedMessage, byte[] bArr, Certificate certificate) throws Exception {
        EncryptedData encryptedData = new EncryptedData();
        byte[] sm4Encrypt = calculateService.sm4Encrypt(bArr, securedMessage.getEncode());
        CipherText cipherText = new CipherText();
        cipherText.setString(sm4Encrypt);
        encryptedData.setCipherText(new SymmetricCipherText(cipherText));
        SequenceOfRecipientInfo sequenceOfRecipientInfo = new SequenceOfRecipientInfo();
        PKRecipientInfo pKRecipientInfo = new PKRecipientInfo();
        pKRecipientInfo.setHashAlg(new HashAlgorithm(HashAlgorithm.SGD_SM3));
        byte[] sm3Hash = calculateService.sm3Hash(certificate.getEncode());
        byte[] bArr2 = new byte[8];
        System.arraycopy(sm3Hash, sm3Hash.length - bArr2.length, bArr2, 0, bArr2.length);
        pKRecipientInfo.setRecipientId(new HashedId8(bArr2));
        pKRecipientInfo.setKek(KekBuilder.build(certificate.getTbsCert().getSubjectAttribute().getEncryptionKey().getPublicKey(), bArr));
        sequenceOfRecipientInfo.addRecipientInfo(new RecipientInfo(pKRecipientInfo, PKRecipientInfoType.CERT_RECIPINFO));
        encryptedData.setRecipients(sequenceOfRecipientInfo);
        Payload payload = new Payload(encryptedData);
        EcSignature ecSignature = new EcSignature();
        ecSignature.setPayload(payload);
        return ecSignature;
    }
}
