package sigmastate.basics;

import java.math.BigInteger;
import org.bouncycastle.math.ec.custom.sec.SecP256K1Point;
import org.bouncycastle.util.BigIntegers;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Tuple2;
import sigmastate.interpreter.CryptoConstants$;

/* compiled from: DiffieHellmanTupleProtocol.scala */
/* loaded from: input_file:sigmastate/basics/DiffieHellmanTupleInteractiveProver$.class */
public final class DiffieHellmanTupleInteractiveProver$ {
    public static final DiffieHellmanTupleInteractiveProver$ MODULE$ = null;

    static {
        new DiffieHellmanTupleInteractiveProver$();
    }

    public Tuple2<BigInteger, FirstDiffieHellmanTupleProverMessage> firstMessage(ProveDHTuple proveDHTuple) {
        BigInteger createRandomInRange = BigIntegers.createRandomInRange(BigInteger.ZERO, CryptoConstants$.MODULE$.dlogGroup().order().subtract(BigInteger.ONE), CryptoConstants$.MODULE$.dlogGroup().secureRandom());
        return Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(createRandomInRange), new FirstDiffieHellmanTupleProverMessage(CryptoConstants$.MODULE$.dlogGroup().exponentiate(proveDHTuple.g(), createRandomInRange), CryptoConstants$.MODULE$.dlogGroup().exponentiate(proveDHTuple.h(), createRandomInRange)));
    }

    public SecondDiffieHellmanTupleProverMessage secondMessage(DiffieHellmanTupleProverInput diffieHellmanTupleProverInput, BigInteger bigInteger, byte[] bArr) {
        BigInteger order = CryptoConstants$.MODULE$.dlogGroup().order();
        return new SecondDiffieHellmanTupleProverMessage(bigInteger.add(new BigInteger(1, bArr).multiply(diffieHellmanTupleProverInput.w()).mod(order)).mod(order));
    }

    public Tuple2<FirstDiffieHellmanTupleProverMessage, SecondDiffieHellmanTupleProverMessage> simulate(ProveDHTuple proveDHTuple, byte[] bArr) {
        BigInteger createRandomInRange = BigIntegers.createRandomInRange(BigInteger.ZERO, CryptoConstants$.MODULE$.dlogGroup().order().subtract(BigInteger.ONE), CryptoConstants$.MODULE$.dlogGroup().secureRandom());
        BigInteger subtract = CryptoConstants$.MODULE$.dlogGroup().order().subtract(new BigInteger(1, bArr));
        SecP256K1Point exponentiate = CryptoConstants$.MODULE$.dlogGroup().exponentiate(proveDHTuple.h(), createRandomInRange);
        SecP256K1Point exponentiate2 = CryptoConstants$.MODULE$.dlogGroup().exponentiate(proveDHTuple.g(), createRandomInRange);
        SecP256K1Point exponentiate3 = CryptoConstants$.MODULE$.dlogGroup().exponentiate(proveDHTuple.u(), subtract);
        SecP256K1Point exponentiate4 = CryptoConstants$.MODULE$.dlogGroup().exponentiate(proveDHTuple.v(), subtract);
        return Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(new FirstDiffieHellmanTupleProverMessage(CryptoConstants$.MODULE$.dlogGroup().multiplyGroupElements(exponentiate2, exponentiate3), CryptoConstants$.MODULE$.dlogGroup().multiplyGroupElements(exponentiate, exponentiate4))), new SecondDiffieHellmanTupleProverMessage(createRandomInRange));
    }

    public Tuple2<SecP256K1Point, SecP256K1Point> computeCommitment(ProveDHTuple proveDHTuple, byte[] bArr, SecondDiffieHellmanTupleProverMessage secondDiffieHellmanTupleProverMessage) {
        SecP256K1Point g = proveDHTuple.g();
        SecP256K1Point h = proveDHTuple.h();
        SecP256K1Point u = proveDHTuple.u();
        SecP256K1Point v = proveDHTuple.v();
        BigInteger z = secondDiffieHellmanTupleProverMessage.z();
        BigInteger bigInteger = new BigInteger(1, bArr);
        SecP256K1Point exponentiate = CryptoConstants$.MODULE$.dlogGroup().exponentiate(g, z);
        SecP256K1Point exponentiate2 = CryptoConstants$.MODULE$.dlogGroup().exponentiate(h, z);
        SecP256K1Point exponentiate3 = CryptoConstants$.MODULE$.dlogGroup().exponentiate(u, bigInteger);
        SecP256K1Point exponentiate4 = CryptoConstants$.MODULE$.dlogGroup().exponentiate(v, bigInteger);
        SecP256K1Point multiplyGroupElements = CryptoConstants$.MODULE$.dlogGroup().multiplyGroupElements(exponentiate, CryptoConstants$.MODULE$.dlogGroup().inverseOf(exponentiate3));
        return Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc(multiplyGroupElements), CryptoConstants$.MODULE$.dlogGroup().multiplyGroupElements(exponentiate2, CryptoConstants$.MODULE$.dlogGroup().inverseOf(exponentiate4)));
    }

    private DiffieHellmanTupleInteractiveProver$() {
        MODULE$ = this;
    }
}
