package com.xdja.pki.issue;

import com.xdja.pki.asn1.issue.TBSIssue;
import com.xdja.pki.gmssl.crypto.sdf.SdfCryptoType;
import com.xdja.pki.gmssl.crypto.utils.GMSSLSM2SignUtils;
import java.security.KeyPair;
import java.security.cert.X509Certificate;
import java.util.List;
import org.bouncycastle.asn1.ASN1Encoding;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
import org.bouncycastle.asn1.ocsp.Signature;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/ldap-manager-0.0.2-SNAPSHOT.jar:com/xdja/pki/issue/BasicPkixIssueBuilder.class */
public class BasicPkixIssueBuilder {
    protected KeyPair keyPair;
    protected List<X509Certificate> caCerts;
    protected int privateKeyIndex;
    protected String privateKeyPassword;
    protected SdfCryptoType sdfCryptoType;
    private Logger logger = LoggerFactory.getLogger((Class<?>) BasicPkixIssue.class);
    protected boolean isSignByBC = true;

    public BasicPkixIssueBuilder(KeyPair keyPair, List<X509Certificate> list) {
        this.keyPair = keyPair;
        this.caCerts = list;
    }

    public BasicPkixIssueBuilder(int i, String str, List<X509Certificate> list, SdfCryptoType sdfCryptoType) {
        this.privateKeyIndex = i;
        this.privateKeyPassword = str;
        this.caCerts = list;
        this.sdfCryptoType = sdfCryptoType;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Signature getSignature(TBSIssue tBSIssue) throws Exception {
        return this.isSignByBC ? getSignatureByBC(tBSIssue) : getSignatureBySdf(tBSIssue);
    }

    protected Signature getSignatureByBC(TBSIssue tBSIssue) throws Exception {
        this.logger.debug(" getSignatureByBC");
        return new Signature(new AlgorithmIdentifier(GMObjectIdentifiers.sm2sign_with_sm3), new DERBitString(GMSSLSM2SignUtils.signByBC(this.keyPair.getPrivate(), tBSIssue.getEncoded(ASN1Encoding.DER))));
    }

    protected Signature getSignatureBySdf(TBSIssue tBSIssue) throws Exception {
        this.logger.debug(" getSignatureBySdf {}", this.sdfCryptoType.name());
        return new Signature(new AlgorithmIdentifier(GMObjectIdentifiers.sm2sign_with_sm3), new DERBitString(GMSSLSM2SignUtils.signBySdf(this.sdfCryptoType, this.privateKeyIndex, this.privateKeyPassword, tBSIssue.getEncoded(ASN1Encoding.DER))));
    }
}
