package com.xdja.pki.oer.gbt.asn1.utils;

import com.xdja.pki.gmssl.crypto.sdf.SdfPrivateKey;
import com.xdja.pki.oer.base.Null;
import com.xdja.pki.oer.core.ByteArrayUtils;
import com.xdja.pki.oer.core.TimeUtils;
import com.xdja.pki.oer.core.calculate.CalculateFactory;
import com.xdja.pki.oer.core.calculate.CalculateService;
import com.xdja.pki.oer.gbt.asn1.Certificate;
import com.xdja.pki.oer.gbt.asn1.HashAlgorithm;
import com.xdja.pki.oer.gbt.asn1.HeaderInfo;
import com.xdja.pki.oer.gbt.asn1.ItsAidInt;
import com.xdja.pki.oer.gbt.asn1.Payload;
import com.xdja.pki.oer.gbt.asn1.SecuredMessage;
import com.xdja.pki.oer.gbt.asn1.SequenceOfCertificate;
import com.xdja.pki.oer.gbt.asn1.Signature;
import com.xdja.pki.oer.gbt.asn1.SignedData;
import com.xdja.pki.oer.gbt.asn1.SignerInfo;
import com.xdja.pki.oer.gbt.asn1.TBSData;
import com.xdja.pki.oer.gbt.asn1.Time64;
import java.security.PrivateKey;
import org.bouncycastle.util.BigIntegers;

/* loaded from: input_file:com/xdja/pki/oer/gbt/asn1/utils/SecureMessageUtils.class */
public class SecureMessageUtils {
    public static CalculateService calculateService = CalculateFactory.getInstance();

    public static SecuredMessage buildSignSecuredMessage(Certificate certificate, HashAlgorithm hashAlgorithm, ItsAidInt itsAidInt, int i, String str, byte[] bArr) throws Exception {
        SignerInfo signerInfo;
        SecuredMessage securedMessage = new SecuredMessage();
        SignedData signedData = new SignedData();
        if (null == certificate) {
            signerInfo = new SignerInfo(new Null());
        } else {
            SequenceOfCertificate sequenceOfCertificate = new SequenceOfCertificate();
            sequenceOfCertificate.addCertificate(certificate);
            signerInfo = new SignerInfo(sequenceOfCertificate);
        }
        TBSData tBSData = new TBSData();
        HeaderInfo headerInfo = new HeaderInfo();
        headerInfo.setItsAid(itsAidInt);
        headerInfo.setGenTime(new Time64(TimeUtils.getNowTime() * 1000));
        headerInfo.setHashAlg(hashAlgorithm);
        tBSData.setHeaderInfo(headerInfo);
        tBSData.setData(bArr);
        Signature build = SignatureBuilder.build((PrivateKey) new SdfPrivateKey(i, str.getBytes()), null == certificate ? buildSignData(tBSData.getEncode(), null, hashAlgorithm) : buildSignData(tBSData.getEncode(), certificate, hashAlgorithm));
        signedData.setSignerInfo(signerInfo);
        signedData.setTbs(tBSData);
        signedData.setSign(build);
        securedMessage.setPayload(new Payload(signedData));
        return securedMessage;
    }

    private static byte[] buildSignData(byte[] bArr, Certificate certificate, HashAlgorithm hashAlgorithm) throws Exception {
        byte[] sm3Hash = calculateService.sm3Hash(bArr);
        return BigIntegers.fromUnsignedByteArray(hashAlgorithm.getEncode(), 0, 1).intValue() == HashAlgorithm.SGD_SM3.getIndex() ? null == certificate ? ByteArrayUtils.buildUpByte(sm3Hash, calculateService.sm3Hash("".getBytes())) : ByteArrayUtils.buildUpByte(sm3Hash, calculateService.sm3Hash(certificate.getEncode())) : null == certificate ? ByteArrayUtils.buildUpByte(sm3Hash, calculateService.sha256Hash("".getBytes())) : ByteArrayUtils.buildUpByte(sm3Hash, calculateService.sha256Hash(certificate.getEncode()));
    }
}
