package org.adullact.libersign.util.signature;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.util.Date;
import sun.security.pkcs.ContentInfo;
import sun.security.pkcs.PKCS7;
import sun.security.pkcs.PKCS9Attribute;
import sun.security.pkcs.PKCS9Attributes;
import sun.security.pkcs.SignerInfo;
import sun.security.util.DerValue;
import sun.security.x509.AlgorithmId;
import sun.security.x509.X500Name;

/* loaded from: input_file:org/adullact/libersign/util/signature/PadesClientHelper.class */
public class PadesClientHelper {
    private final String OS_NAME = System.getProperty("os.name");
    private final X509Certificate[] certChain;
    private final PrivateKey privateKey;
    private final byte[] hash;

    public PadesClientHelper(X509Certificate[] x509CertificateArr, PrivateKey privateKey, byte[] bArr) {
        this.certChain = x509CertificateArr;
        this.privateKey = privateKey;
        this.hash = bArr;
    }

    public byte[] signHash() throws NoSuchAlgorithmException, NoSuchProviderException, IOException, InvalidKeyException, SignatureException {
        AlgorithmId algorithmId = AlgorithmId.get("SHA1");
        Signature signature = this.privateKey instanceof RSAPrivateKey ? Signature.getInstance("SHA1WithRSA", "BC") : this.OS_NAME.startsWith("Windows") ? Signature.getInstance("SHA1WithRSA", "SunMSCAPI") : Signature.getInstance("SHA1WithRSA", "SunRsaSign");
        PKCS9Attributes pKCS9Attributes = new PKCS9Attributes(new PKCS9Attribute[]{new PKCS9Attribute(PKCS9Attribute.SIGNING_TIME_OID, new Date()), new PKCS9Attribute(PKCS9Attribute.CONTENT_TYPE_OID, ContentInfo.DATA_OID), new PKCS9Attribute(PKCS9Attribute.MESSAGE_DIGEST_OID, this.hash)});
        signature.initSign(this.privateKey);
        signature.update(pKCS9Attributes.getDerEncoding());
        PKCS7 pkcs7 = new PKCS7(new AlgorithmId[]{algorithmId}, new ContentInfo(ContentInfo.DATA_OID, (DerValue) null), this.certChain, new SignerInfo[]{new SignerInfo(X500Name.asX500Name(this.certChain[0].getIssuerX500Principal()), this.certChain[0].getSerialNumber(), algorithmId, pKCS9Attributes, new AlgorithmId(AlgorithmId.RSAEncryption_oid), signature.sign(), (PKCS9Attributes) null)});
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        pkcs7.encodeSignedData(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }
}
