package com.pingan.b2bic.Sign.sign.signcfca;

import com.cfca.util.pki.PKIException;
import com.cfca.util.pki.api.CertUtil;
import com.cfca.util.pki.api.KeyUtil;
import com.cfca.util.pki.cert.X509Cert;
import com.cfca.util.pki.cipher.JCrypto;
import com.cfca.util.pki.cipher.Session;
import com.cfca.util.pki.cipher.lib.JSoftLib;
import com.pingan.b2bic.Sign.sign.AbstractSign;
import com.pingan.b2bic.Util.DNUtil;
import com.pingan.b2bic.Util.StringTool;
import java.security.Security;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:com/pingan/b2bic/Sign/sign/signcfca/CfcaSign.class */
public class CfcaSign extends AbstractSign {
    private static final Log log = LogFactory.getLog(CfcaSign.class);
    private Session pkiSession;
    private IbpsSigner signerTool;
    private String pfxPath;
    private String pfxPwd;

    public void init() throws Exception {
        log.debug("Signature tool is initializing...");
        if (Security.getProvider(JSoftLib.PROVIDER) == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
        try {
            JCrypto jCrypto = JCrypto.getInstance();
            jCrypto.initialize(JCrypto.JSOFT_LIB, null);
            this.pkiSession = jCrypto.openSession(JCrypto.JSOFT_LIB);
            if (this.pfxPath != null) {
                X509Cert cert = CertUtil.getCert(this.pfxPath, this.pfxPwd);
                this.signerTool = new IbpsSigner(this.pkiSession, KeyUtil.getPriKey(this.pfxPath, this.pfxPwd), cert);
                log.info("private certificate: " + cert.getSubject());
                if (DNUtil.isSM2DN(cert.getSubject())) {
                    throw new RuntimeException("请使用正确的RSA证书");
                }
            } else {
                log.info("Soft signature certificate is not set");
            }
            log.debug("Initialization of signature tool is finished.");
        } catch (PKIException e) {
            log.error("Initialization exception:" + StringTool.getErrorStack(e));
            throw e;
        }
    }

    @Override // com.pingan.b2bic.Sign.sign.ISign
    public byte[] getCert() throws Exception {
        checkSignInit();
        return this.signerTool.getCert().getEncoded();
    }

    @Override // com.pingan.b2bic.Sign.sign.ISign
    public String getSubjectDN() throws Exception {
        checkSignInit();
        return this.signerTool.getCert().getSubject();
    }

    @Override // com.pingan.b2bic.Sign.sign.ISign
    public byte[] sign(byte[] bArr) throws Exception {
        checkSignInit();
        return this.signerTool.signMsg(bArr, true);
    }

    @Override // com.pingan.b2bic.Sign.sign.ISign
    public boolean verify(byte[] bArr, byte[] bArr2) throws Exception {
        throw new RuntimeException("Operationg is unsupported");
    }

    private void checkSignInit() {
        if (this.signerTool == null) {
            log.error("Soft signature object not initialized");
            throw new RuntimeException();
        }
    }

    public String getPfxPath() {
        return this.pfxPath;
    }

    public void setPfxPath(String str) {
        this.pfxPath = str;
    }

    public String getPfxPwd() {
        return this.pfxPwd;
    }

    public void setPfxPwd(String str) {
        this.pfxPwd = str;
    }
}
