package ru.wildberries.domain.biometric;

import android.security.keystore.KeyGenParameterSpec;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.spec.ECGenParameterSpec;
import kotlin.Lazy;
import kotlin.LazyKt__LazyJVMKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: src */
/* loaded from: classes2.dex */
public final class SignatureManager {
    private final String keyAlias;
    private final Lazy keyStore$delegate;

    public SignatureManager(String keyAlias) {
        Lazy lazy;
        Intrinsics.checkParameterIsNotNull(keyAlias, "keyAlias");
        this.keyAlias = keyAlias;
        lazy = LazyKt__LazyJVMKt.lazy(new Function0<KeyStore>() { // from class: ru.wildberries.domain.biometric.SignatureManager$keyStore$2
            @Override // kotlin.jvm.functions.Function0
            public final KeyStore invoke() {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                return keyStore;
            }
        });
        this.keyStore$delegate = lazy;
    }

    private final KeyPair create() {
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(this.keyAlias, 12).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setDigests("SHA-256").setUserAuthenticationRequired(true).build();
        Intrinsics.checkExpressionValueIsNotNull(build, "KeyGenParameterSpec.Buil…an 0\n            .build()");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        Intrinsics.checkExpressionValueIsNotNull(generateKeyPair, "keyPairGenerator.generateKeyPair()");
        return generateKeyPair;
    }

    private final KeyPair get() {
        PrivateKey privateKey = (PrivateKey) getKeyStore().getKey(this.keyAlias, null);
        if (privateKey == null) {
            return null;
        }
        Certificate certificate = getKeyStore().getCertificate(this.keyAlias);
        Intrinsics.checkExpressionValueIsNotNull(certificate, "keyStore.getCertificate(keyAlias)");
        PublicKey publicKey = certificate.getPublicKey();
        if (publicKey != null) {
            return new KeyPair(publicKey, privateKey);
        }
        return null;
    }

    private final KeyStore getKeyStore() {
        return (KeyStore) this.keyStore$delegate.getValue();
    }

    public final byte[] createPublicKeyForRegistration() {
        PublicKey publicKey = create().getPublic();
        Intrinsics.checkExpressionValueIsNotNull(publicKey, "publicKey");
        byte[] encoded = publicKey.getEncoded();
        Intrinsics.checkExpressionValueIsNotNull(encoded, "publicKey.encoded");
        return encoded;
    }

    public final Signature createSignature() {
        KeyPair keyPair = get();
        if (keyPair == null) {
            Intrinsics.throwNpe();
            throw null;
        }
        Signature sign = Signature.getInstance("SHA256withECDSA");
        sign.initSign(keyPair.getPrivate());
        Intrinsics.checkExpressionValueIsNotNull(sign, "sign");
        return sign;
    }

    public final void delete() {
        getKeyStore().deleteEntry(this.keyAlias);
    }

    public final boolean isKeyValid() {
        try {
            createSignature();
            return true;
        } catch (Exception unused) {
            return false;
        }
    }
}
