package dk.alexandra.fresco.suite.spdz.maccheck;

import dk.alexandra.fresco.framework.DRes;
import dk.alexandra.fresco.framework.builder.Computation;
import dk.alexandra.fresco.framework.builder.numeric.ProtocolBuilderNumeric;
import dk.alexandra.fresco.framework.builder.numeric.field.FieldDefinition;
import dk.alexandra.fresco.framework.builder.numeric.field.FieldElement;
import dk.alexandra.fresco.framework.util.AesCtrDrbg;
import dk.alexandra.fresco.framework.util.Drbg;
import dk.alexandra.fresco.framework.util.Pair;
import dk.alexandra.fresco.suite.spdz.datatypes.SpdzSInt;
import dk.alexandra.fresco.tools.commitment.CoinTossingComputation;
import dk.alexandra.fresco.tools.commitment.CommitmentComputation;
import dk.alexandra.fresco.tools.commitment.HashBasedCommitmentSerializer;
import dk.alexandra.fresco.tools.commitment.MaliciousCommitmentComputation;
import java.math.BigInteger;
import java.util.Iterator;
import java.util.List;

/* loaded from: input_file:dk/alexandra/fresco/suite/spdz/maccheck/MaliciousSpdzMacCheckComputation.class */
public class MaliciousSpdzMacCheckComputation implements Computation<Void, ProtocolBuilderNumeric> {
    private final BigInteger modulus;
    private final List<SpdzSInt> closedValues;
    private final List<FieldElement> openedValues;
    private final FieldElement alpha;
    private Drbg jointDrbg;
    public static boolean corruptCommitRound = false;
    public static boolean corruptOpenCommitRound = false;

    /* JADX INFO: Access modifiers changed from: package-private */
    public MaliciousSpdzMacCheckComputation(Pair<List<SpdzSInt>, List<FieldElement>> pair, BigInteger bigInteger, Drbg drbg, FieldElement fieldElement) {
        this.closedValues = (List) pair.getFirst();
        this.openedValues = (List) pair.getSecond();
        this.modulus = bigInteger;
        this.jointDrbg = drbg;
        this.alpha = fieldElement;
    }

    public DRes<Void> buildComputation(ProtocolBuilderNumeric protocolBuilderNumeric) {
        int noOfParties = protocolBuilderNumeric.getBasicNumericContext().getNoOfParties();
        AesCtrDrbg aesCtrDrbg = new AesCtrDrbg();
        HashBasedCommitmentSerializer hashBasedCommitmentSerializer = new HashBasedCommitmentSerializer();
        FieldDefinition fieldDefinition = protocolBuilderNumeric.getBasicNumericContext().getFieldDefinition();
        return protocolBuilderNumeric.seq(new CoinTossingComputation(32, hashBasedCommitmentSerializer, aesCtrDrbg)).seq((protocolBuilderNumeric2, bArr) -> {
            this.jointDrbg = new AesCtrDrbg(bArr);
            FieldDefinition fieldDefinition2 = protocolBuilderNumeric.getBasicNumericContext().getFieldDefinition();
            FieldElement[] sampleRandomCoefficients = sampleRandomCoefficients(this.openedValues.size(), fieldDefinition);
            FieldElement createElement = fieldDefinition.createElement(0L);
            int i = 0;
            Iterator<FieldElement> it = this.openedValues.iterator();
            while (it.hasNext()) {
                int i2 = i;
                i++;
                createElement = (FieldElement) createElement.add(it.next().multiply(sampleRandomCoefficients[i2]));
            }
            FieldElement createElement2 = fieldDefinition.createElement(0L);
            int i3 = 0;
            Iterator<SpdzSInt> it2 = this.closedValues.iterator();
            while (it2.hasNext()) {
                int i4 = i3;
                i3++;
                createElement2 = (FieldElement) createElement2.add(sampleRandomCoefficients[i4].multiply(it2.next().getMac()));
            }
            FieldElement subtract = createElement2.subtract(this.alpha.multiply(createElement));
            if (corruptCommitRound) {
                subtract = (FieldElement) subtract.add(fieldDefinition2.createElement(1L));
            }
            return corruptOpenCommitRound ? protocolBuilderNumeric2.seq(new MaliciousCommitmentComputation(hashBasedCommitmentSerializer, fieldDefinition2.serialize(subtract), noOfParties, aesCtrDrbg)) : protocolBuilderNumeric2.seq(new CommitmentComputation(hashBasedCommitmentSerializer, fieldDefinition2.serialize(subtract), aesCtrDrbg));
        }).seq((protocolBuilderNumeric3, list) -> {
            return null;
        });
    }

    private FieldElement[] sampleRandomCoefficients(int i, FieldDefinition fieldDefinition) {
        FieldElement[] fieldElementArr = new FieldElement[i];
        for (int i2 = 0; i2 < i; i2++) {
            byte[] bArr = new byte[this.modulus.bitLength() / 8];
            this.jointDrbg.nextBytes(bArr);
            fieldElementArr[i2] = fieldDefinition.createElement(new BigInteger(bArr));
        }
        return fieldElementArr;
    }
}
