package ru.rutoken.openvpnpluginservice.businessrules.sign;

import java.security.cert.X509Certificate;
import java.util.Objects;
import ru.rutoken.openvpnpluginservice.businessrules.RsaKeyFinder;
import ru.rutoken.openvpnpluginservice.businessrules.exception.BusinessRuleException;
import ru.rutoken.openvpnpluginservice.pkcs11.session.SessionWrapper;
import ru.rutoken.pkcs11wrapper.manager.Pkcs11SignManager;
import ru.rutoken.pkcs11wrapper.object.key.Pkcs11RsaPrivateKeyObject;

/* loaded from: classes5.dex */
public class RsaSigner {
    private static final int MAX_SIGNATURE_LENGTH = 2048;
    private final X509Certificate mCertForKey;
    private final SessionWrapper mSession;

    public RsaSigner(SessionWrapper sessionWrapper, X509Certificate x509Certificate) {
        this.mSession = (SessionWrapper) Objects.requireNonNull(sessionWrapper);
        this.mCertForKey = (X509Certificate) Objects.requireNonNull(x509Certificate);
    }

    public byte[] signData(byte[] bArr, RsaSignParams rsaSignParams) throws BusinessRuleException {
        try {
            this.mSession.login();
            byte[] digest = rsaSignParams.getDigest(bArr);
            Pkcs11RsaPrivateKeyObject pkcs11RsaPrivateKeyByCertificate = RsaKeyFinder.getPkcs11RsaPrivateKeyByCertificate(this.mSession, this.mCertForKey);
            Pkcs11SignManager signManager = this.mSession.getSession().getSignManager();
            signManager.signInit(rsaSignParams.getSignMechanism(), pkcs11RsaPrivateKeyByCertificate);
            return signManager.sign(digest, 2048);
        } catch (Exception e) {
            throw new BusinessRuleException(e);
        }
    }
}
