package org.ofdrw.sign.signContainer;

import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Signature;
import java.security.cert.Certificate;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
import org.bouncycastle.jcajce.provider.digest.SM3;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Base64;
import org.jetbrains.annotations.NotNull;
import org.ofdrw.core.signatures.SigType;
import org.ofdrw.gm.sm2strut.ContentInfo;
import org.ofdrw.gm.sm2strut.OIDs;
import org.ofdrw.gm.sm2strut.builder.SignedDataBuilder;
import org.ofdrw.sign.ExtendSignatureContainer;

/* loaded from: input_file:org/ofdrw/sign/signContainer/GBT35275DSContainer.class */
public class GBT35275DSContainer implements ExtendSignatureContainer {
    private final PrivateKey prvKey;
    private final Certificate cert;
    private boolean enableFileHashBase64;

    public GBT35275DSContainer(@NotNull Certificate certificate, @NotNull PrivateKey privateKey) {
        if (certificate == null) {
            throw new IllegalArgumentException("签名使用证书（cert）不能为空");
        }
        if (privateKey == null) {
            throw new IllegalArgumentException("签名使用私钥（prvKey）不能为空");
        }
        this.cert = certificate;
        this.prvKey = privateKey;
        this.enableFileHashBase64 = false;
    }

    @Override // org.ofdrw.sign.ExtendSignatureContainer
    public MessageDigest getDigestFnc() {
        return new SM3.Digest();
    }

    @Override // org.ofdrw.sign.ExtendSignatureContainer
    public ASN1ObjectIdentifier getSignAlgOID() {
        return GMObjectIdentifiers.sm2sign_with_sm3;
    }

    @Override // org.ofdrw.sign.ExtendSignatureContainer
    public byte[] sign(InputStream inputStream, String str) throws GeneralSecurityException, IOException {
        byte[] digest = new SM3.Digest().digest(IOUtils.toByteArray(inputStream));
        if (this.enableFileHashBase64) {
            digest = Base64.encode(digest);
        }
        Signature signature = Signature.getInstance(GMObjectIdentifiers.sm2sign_with_sm3.toString(), (Provider) new BouncyCastleProvider());
        signature.initSign(this.prvKey);
        signature.update(digest);
        return new ContentInfo(OIDs.signedData, SignedDataBuilder.signedData(digest, signature.sign(), this.cert)).getEncoded();
    }

    @Override // org.ofdrw.sign.ExtendSignatureContainer
    public byte[] getSeal() throws IOException {
        return null;
    }

    @Override // org.ofdrw.sign.ExtendSignatureContainer
    public SigType getSignType() {
        return SigType.Sign;
    }

    public void setEnableFileHashBase64(boolean z) {
        this.enableFileHashBase64 = z;
    }
}
