package fr.acinq.bitcoin;

import fr.acinq.bitcoin.Crypto;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import org.bitcoin.NativeSecp256k1;
import org.bitcoin.Secp256k1Context;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.spongycastle.asn1.ASN1Integer;
import org.spongycastle.asn1.DERSequenceGenerator;
import org.spongycastle.asn1.sec.SECNamedCurves;
import org.spongycastle.asn1.x9.X9ECParameters;
import org.spongycastle.crypto.Digest;
import org.spongycastle.crypto.digests.RIPEMD160Digest;
import org.spongycastle.crypto.digests.SHA1Digest;
import org.spongycastle.crypto.digests.SHA256Digest;
import org.spongycastle.crypto.digests.SHA512Digest;
import org.spongycastle.crypto.macs.HMac;
import org.spongycastle.crypto.params.ECDomainParameters;
import org.spongycastle.crypto.params.ECPrivateKeyParameters;
import org.spongycastle.crypto.params.ECPublicKeyParameters;
import org.spongycastle.crypto.params.KeyParameter;
import org.spongycastle.crypto.signers.ECDSASigner;
import org.spongycastle.crypto.signers.HMacDSAKCalculator;
import org.spongycastle.math.ec.ECFieldElement;
import org.spongycastle.math.ec.ECPoint;
import scala.Array$;
import scala.Function1;
import scala.MatchError;
import scala.Option;
import scala.Predef$;
import scala.Tuple2;
import scala.collection.Seq;
import scala.collection.SeqLike;
import scala.collection.mutable.ArrayOps;
import scala.reflect.ClassTag$;
import scala.runtime.BoxesRunTime;

/* compiled from: Crypto.scala */
/* loaded from: input_file:fr/acinq/bitcoin/Crypto$.class */
public final class Crypto$ {
    public static Crypto$ MODULE$;
    private final X9ECParameters params;
    private final ECDomainParameters curve;
    private final BigInteger halfCurveOrder;
    private final BigInteger zero;
    private final BigInteger one;
    private final Logger logger;

    static {
        new Crypto$();
    }

    public X9ECParameters params() {
        return this.params;
    }

    public ECDomainParameters curve() {
        return this.curve;
    }

    public BigInteger halfCurveOrder() {
        return this.halfCurveOrder;
    }

    public BigInteger zero() {
        return this.zero;
    }

    public BigInteger one() {
        return this.one;
    }

    private Logger logger() {
        return this.logger;
    }

    public BinaryData fixSize(BinaryData binaryData) {
        int length = binaryData.length();
        switch (length) {
            case 32:
                return binaryData;
            default:
                if (length < 32) {
                    return package$.MODULE$.array2binaryData((byte[]) new ArrayOps.ofByte(Predef$.MODULE$.byteArrayOps((byte[]) Array$.MODULE$.fill(32 - length, () -> {
                        return (byte) 0;
                    }, ClassTag$.MODULE$.Byte()))).$plus$plus(package$.MODULE$.binaryData2Seq(binaryData), Array$.MODULE$.canBuildFrom(ClassTag$.MODULE$.Byte())));
                }
                throw new MatchError(BoxesRunTime.boxToInteger(length));
        }
    }

    public BigInteger scalar2biginteger(Crypto.Scalar scalar) {
        return scalar.value();
    }

    public Crypto.Scalar biginteger2scalar(BigInteger bigInteger) {
        return new Crypto.Scalar(bigInteger);
    }

    public Crypto.Scalar bin2scalar(BinaryData binaryData) {
        return Crypto$Scalar$.MODULE$.apply(binaryData);
    }

    public BinaryData scalar2bin(Crypto.Scalar scalar) {
        return scalar.toBin();
    }

    public Crypto.Scalar privatekey2scalar(Crypto.PrivateKey privateKey) {
        return privateKey.value();
    }

    public ECPoint point2ecpoint(Crypto.Point point) {
        return point.value();
    }

    public Crypto.Point ecpoint2point(ECPoint eCPoint) {
        return new Crypto.Point(eCPoint);
    }

    public Crypto.Point publickey2point(Crypto.PublicKey publicKey) {
        return publicKey.value();
    }

    public BinaryData publickey2bin(Crypto.PublicKey publicKey) {
        return publicKey.toBin();
    }

    public BinaryData ecdh(Crypto.Scalar scalar, Crypto.Point point) {
        return (BinaryData) sha256().apply(Predef$.MODULE$.wrapByteArray(point2ecpoint(point.multiply(scalar)).getEncoded(true)));
    }

    public BinaryData hmac512(Seq<Object> seq, Seq<Object> seq2) {
        HMac hMac = new HMac(new SHA512Digest());
        hMac.init(new KeyParameter((byte[]) seq.toArray(ClassTag$.MODULE$.Byte())));
        hMac.update((byte[]) seq2.toArray(ClassTag$.MODULE$.Byte()), 0, seq2.length());
        byte[] bArr = new byte[64];
        hMac.doFinal(bArr, 0);
        return package$.MODULE$.array2binaryData(bArr);
    }

    public BinaryData hash(Digest digest, Seq<Object> seq) {
        digest.update((byte[]) seq.toArray(ClassTag$.MODULE$.Byte()), 0, seq.length());
        byte[] bArr = new byte[digest.getDigestSize()];
        digest.doFinal(bArr, 0);
        return package$.MODULE$.array2binaryData(bArr);
    }

    public Function1<Seq<Object>, BinaryData> sha1() {
        SHA1Digest sHA1Digest = new SHA1Digest();
        return seq -> {
            return MODULE$.hash(sHA1Digest, seq);
        };
    }

    public Function1<Seq<Object>, BinaryData> sha256() {
        SHA256Digest sHA256Digest = new SHA256Digest();
        return seq -> {
            return MODULE$.hash(sHA256Digest, seq);
        };
    }

    public Function1<Seq<Object>, BinaryData> ripemd160() {
        RIPEMD160Digest rIPEMD160Digest = new RIPEMD160Digest();
        return seq -> {
            return MODULE$.hash(rIPEMD160Digest, seq);
        };
    }

    public BinaryData hash160(Seq<Object> seq) {
        return (BinaryData) ripemd160().apply(package$.MODULE$.binaryData2Seq((BinaryData) sha256().apply(seq)));
    }

    public BinaryData hash256(Seq<Object> seq) {
        return (BinaryData) sha256().apply(package$.MODULE$.binaryData2Seq((BinaryData) sha256().apply(seq)));
    }

    public BinaryData encodeSignature(BigInteger bigInteger, BigInteger bigInteger2) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(72);
        DERSequenceGenerator dERSequenceGenerator = new DERSequenceGenerator(byteArrayOutputStream);
        dERSequenceGenerator.addObject(new ASN1Integer(bigInteger));
        dERSequenceGenerator.addObject(new ASN1Integer(bigInteger2));
        dERSequenceGenerator.close();
        return package$.MODULE$.array2binaryData(byteArrayOutputStream.toByteArray());
    }

    public BinaryData encodeSignature(Tuple2<BigInteger, BigInteger> tuple2) {
        return encodeSignature((BigInteger) tuple2._1(), (BigInteger) tuple2._2());
    }

    public boolean isDERSignature(Seq<Object> seq) {
        if (seq.size() < 9 || seq.size() > 73 || BoxesRunTime.unboxToByte(seq.apply(0)) != ((byte) 48) || BoxesRunTime.unboxToByte(seq.apply(1)) != seq.size() - 3) {
            return false;
        }
        byte unboxToByte = BoxesRunTime.unboxToByte(seq.apply(3));
        if (5 + unboxToByte >= seq.size()) {
            return false;
        }
        byte unboxToByte2 = BoxesRunTime.unboxToByte(seq.apply(5 + unboxToByte));
        if (unboxToByte + unboxToByte2 + 7 != seq.size() || BoxesRunTime.unboxToByte(seq.apply(2)) != 2 || unboxToByte == 0 || ((byte) (BoxesRunTime.unboxToByte(seq.apply(4)) & ((byte) 128))) != 0) {
            return false;
        }
        if (!(unboxToByte > 1 && BoxesRunTime.unboxToByte(seq.apply(4)) == 0 && (BoxesRunTime.unboxToByte(seq.apply(5)) & 128) == 0) && BoxesRunTime.unboxToByte(seq.apply(unboxToByte + 4)) == ((byte) 2) && unboxToByte2 != 0 && (BoxesRunTime.unboxToByte(seq.apply(unboxToByte + 6)) & 128) == 0) {
            return (unboxToByte2 > 1 && BoxesRunTime.unboxToByte(seq.apply(unboxToByte + 6)) == 0 && (BoxesRunTime.unboxToByte(seq.apply(unboxToByte + 7)) & 128) == 0) ? false : true;
        }
        return false;
    }

    public boolean isLowDERSignature(Seq<Object> seq) {
        if (isDERSignature(seq)) {
            Tuple2<BigInteger, BigInteger> decodeSignature = decodeSignature(seq);
            if (decodeSignature == null) {
                throw new MatchError(decodeSignature);
            }
            if (((BigInteger) decodeSignature._2()).compareTo(halfCurveOrder()) <= 0) {
                return true;
            }
        }
        return false;
    }

    public Tuple2<BigInteger, BigInteger> normalizeSignature(BigInteger bigInteger, BigInteger bigInteger2) {
        return new Tuple2<>(bigInteger, bigInteger2.compareTo(halfCurveOrder()) > 0 ? curve().getN().subtract(bigInteger2) : bigInteger2);
    }

    public BinaryData normalizeSignature(BinaryData binaryData) {
        Tuple2<BigInteger, BigInteger> decodeSignature = decodeSignature(package$.MODULE$.binaryData2Seq(binaryData));
        if (decodeSignature == null) {
            throw new MatchError(decodeSignature);
        }
        Tuple2 tuple2 = new Tuple2((BigInteger) decodeSignature._1(), (BigInteger) decodeSignature._2());
        return encodeSignature(normalizeSignature((BigInteger) tuple2._1(), (BigInteger) tuple2._2()));
    }

    public boolean checkSignatureEncoding(Seq<Object> seq, int i) {
        if (seq.isEmpty()) {
            return true;
        }
        if ((i & (ScriptFlags$.MODULE$.SCRIPT_VERIFY_DERSIG() | ScriptFlags$.MODULE$.SCRIPT_VERIFY_LOW_S() | ScriptFlags$.MODULE$.SCRIPT_VERIFY_STRICTENC())) != 0 && !isDERSignature(seq)) {
            return false;
        }
        if ((i & ScriptFlags$.MODULE$.SCRIPT_VERIFY_LOW_S()) == 0 || isLowDERSignature(seq)) {
            return (i & ScriptFlags$.MODULE$.SCRIPT_VERIFY_STRICTENC()) == 0 || isDefinedHashtypeSignature(seq);
        }
        return false;
    }

    public boolean checkPubKeyEncoding(Seq<Object> seq, int i, int i2) {
        if ((i & ScriptFlags$.MODULE$.SCRIPT_VERIFY_STRICTENC()) != 0) {
            Predef$.MODULE$.require(isPubKeyCompressedOrUncompressed(seq), () -> {
                return "invalid public key";
            });
        }
        if ((i & ScriptFlags$.MODULE$.SCRIPT_VERIFY_WITNESS_PUBKEYTYPE()) == 0 || i2 != package$SigVersion$.MODULE$.SIGVERSION_WITNESS_V0()) {
            return true;
        }
        Predef$.MODULE$.require(isPubKeyCompressed(seq), () -> {
            return "public key must be compressed in segwit";
        });
        return true;
    }

    public boolean isPubKeyValid(Seq<Object> seq) {
        switch (seq.length()) {
            case 33:
                return BoxesRunTime.unboxToByte(seq.apply(0)) == 2 || BoxesRunTime.unboxToByte(seq.apply(0)) == 3;
            case 65:
                return BoxesRunTime.unboxToByte(seq.apply(0)) == 4 || BoxesRunTime.unboxToByte(seq.apply(0)) == 6 || BoxesRunTime.unboxToByte(seq.apply(0)) == 7;
            default:
                return false;
        }
    }

    public boolean isPubKeyCompressedOrUncompressed(Seq<Object> seq) {
        switch (seq.length()) {
            case 33:
                return BoxesRunTime.unboxToByte(seq.apply(0)) == 2 || BoxesRunTime.unboxToByte(seq.apply(0)) == 3;
            case 65:
                return BoxesRunTime.unboxToByte(seq.apply(0)) == 4;
            default:
                return false;
        }
    }

    public boolean isPubKeyCompressed(Seq<Object> seq) {
        switch (seq.length()) {
            case 33:
                return BoxesRunTime.unboxToByte(seq.apply(0)) == 2 || BoxesRunTime.unboxToByte(seq.apply(0)) == 3;
            default:
                return false;
        }
    }

    public boolean isPrivateKeyCompressed(Crypto.PrivateKey privateKey) {
        return privateKey.compressed();
    }

    public boolean isDefinedHashtypeSignature(Seq<Object> seq) {
        int unboxToByte;
        return !seq.isEmpty() && (unboxToByte = (BoxesRunTime.unboxToByte(seq.last()) & 255) & (package$.MODULE$.SIGHASH_ANYONECANPAY() ^ (-1))) >= package$.MODULE$.SIGHASH_ALL() && unboxToByte <= package$.MODULE$.SIGHASH_SINGLE();
    }

    public Tuple2<BigInteger, BigInteger> decodeSignature(Seq<Object> seq) {
        return decodeSignatureLax(package$.MODULE$.seq2binaryData(seq));
    }

    public Tuple2<BigInteger, BigInteger> decodeSignatureLax(ByteArrayInputStream byteArrayInputStream) {
        Predef$.MODULE$.require(byteArrayInputStream.read() == 48);
        readLength$1(byteArrayInputStream);
        Predef$.MODULE$.require(byteArrayInputStream.read() == 2);
        byte[] bArr = new byte[readLength$1(byteArrayInputStream)];
        byteArrayInputStream.read(bArr);
        Predef$.MODULE$.require(byteArrayInputStream.read() == 2);
        byte[] bArr2 = new byte[readLength$1(byteArrayInputStream)];
        byteArrayInputStream.read(bArr2);
        return new Tuple2<>(new BigInteger(1, bArr), new BigInteger(1, bArr2));
    }

    public Tuple2<BigInteger, BigInteger> decodeSignatureLax(BinaryData binaryData) {
        return decodeSignatureLax(new ByteArrayInputStream(package$.MODULE$.binaryData2array(binaryData)));
    }

    public boolean verifySignature(Seq<Object> seq, Tuple2<BigInteger, BigInteger> tuple2, Crypto.PublicKey publicKey) {
        return verifySignature(package$.MODULE$.seq2binaryData(seq), encodeSignature(tuple2), publicKey);
    }

    public boolean verifySignature(BinaryData binaryData, BinaryData binaryData2, Crypto.PublicKey publicKey) {
        if (Secp256k1Context.isEnabled()) {
            return NativeSecp256k1.verify(package$.MODULE$.binaryData2array(binaryData), package$.MODULE$.binaryData2array(normalizeSignature(binaryData2)), package$.MODULE$.binaryData2array(publicKey.toBin()));
        }
        Tuple2<BigInteger, BigInteger> decodeSignature = decodeSignature(package$.MODULE$.binaryData2Seq(binaryData2));
        if (decodeSignature == null) {
            throw new MatchError(decodeSignature);
        }
        Tuple2 tuple2 = new Tuple2((BigInteger) decodeSignature._1(), (BigInteger) decodeSignature._2());
        BigInteger bigInteger = (BigInteger) tuple2._1();
        BigInteger bigInteger2 = (BigInteger) tuple2._2();
        Predef$.MODULE$.require(bigInteger.compareTo(one()) >= 0, () -> {
            return "r must be >= 1";
        });
        Predef$.MODULE$.require(bigInteger.compareTo(curve().getN()) < 0, () -> {
            return "r must be < N";
        });
        Predef$.MODULE$.require(bigInteger2.compareTo(one()) >= 0, () -> {
            return "s must be >= 1";
        });
        Predef$.MODULE$.require(bigInteger2.compareTo(curve().getN()) < 0, () -> {
            return "s must be < N";
        });
        ECDSASigner eCDSASigner = new ECDSASigner();
        eCDSASigner.init(false, new ECPublicKeyParameters(point2ecpoint(publicKey.value()), curve()));
        return eCDSASigner.verifySignature((byte[]) package$.MODULE$.binaryData2Seq(binaryData).toArray(ClassTag$.MODULE$.Byte()), bigInteger, bigInteger2);
    }

    public Crypto.PublicKey publicKeyFromPrivateKey(BinaryData binaryData) {
        return Crypto$PrivateKey$.MODULE$.apply(binaryData).publicKey();
    }

    public Tuple2<BigInteger, BigInteger> sign(BinaryData binaryData, Crypto.PrivateKey privateKey) {
        if (Secp256k1Context.isEnabled()) {
            return decodeSignature(Predef$.MODULE$.wrapByteArray(NativeSecp256k1.sign(package$.MODULE$.binaryData2array(binaryData), package$.MODULE$.binaryData2array(privateKey.value().toBin()))));
        }
        ECDSASigner eCDSASigner = new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest()));
        eCDSASigner.init(true, new ECPrivateKeyParameters(scalar2biginteger(privateKey.value()), curve()));
        BigInteger[] generateSignature = eCDSASigner.generateSignature((byte[]) package$.MODULE$.binaryData2Seq(binaryData).toArray(ClassTag$.MODULE$.Byte()));
        Option unapplySeq = Array$.MODULE$.unapplySeq(generateSignature);
        if (unapplySeq.isEmpty() || unapplySeq.get() == null || ((SeqLike) unapplySeq.get()).lengthCompare(2) != 0) {
            throw new MatchError(generateSignature);
        }
        Tuple2 tuple2 = new Tuple2((BigInteger) ((SeqLike) unapplySeq.get()).apply(0), (BigInteger) ((SeqLike) unapplySeq.get()).apply(1));
        BigInteger bigInteger = (BigInteger) tuple2._1();
        BigInteger bigInteger2 = (BigInteger) tuple2._2();
        return bigInteger2.compareTo(halfCurveOrder()) > 0 ? new Tuple2<>(bigInteger, curve().getN().subtract(bigInteger2)) : new Tuple2<>(bigInteger, bigInteger2);
    }

    public Tuple2<Crypto.Point, Crypto.Point> recoverPoint(BigInteger bigInteger) {
        ECFieldElement fromBigInteger = curve().getCurve().fromBigInteger(bigInteger);
        ECFieldElement sqrt = fromBigInteger.square().add(curve().getCurve().getA()).multiply(fromBigInteger).add(curve().getCurve().getB()).sqrt();
        ECFieldElement negate = sqrt.negate();
        ECPoint normalize = curve().getCurve().createPoint(fromBigInteger.toBigInteger(), sqrt.toBigInteger()).normalize();
        ECPoint normalize2 = curve().getCurve().createPoint(fromBigInteger.toBigInteger(), negate.toBigInteger()).normalize();
        return sqrt.testBitZero() ? new Tuple2<>(ecpoint2point(normalize2), ecpoint2point(normalize)) : new Tuple2<>(ecpoint2point(normalize), ecpoint2point(normalize2));
    }

    public Tuple2<Crypto.PublicKey, Crypto.PublicKey> recoverPublicKey(Tuple2<BigInteger, BigInteger> tuple2, BinaryData binaryData) {
        if (tuple2 == null) {
            throw new MatchError(tuple2);
        }
        Tuple2 tuple22 = new Tuple2((BigInteger) tuple2._1(), (BigInteger) tuple2._2());
        BigInteger bigInteger = (BigInteger) tuple22._1();
        BigInteger bigInteger2 = (BigInteger) tuple22._2();
        BigInteger bigInteger3 = new BigInteger(1, package$.MODULE$.binaryData2array(binaryData));
        Tuple2<Crypto.Point, Crypto.Point> recoverPoint = recoverPoint(bigInteger);
        if (recoverPoint == null) {
            throw new MatchError(recoverPoint);
        }
        Tuple2 tuple23 = new Tuple2((Crypto.Point) recoverPoint._1(), (Crypto.Point) recoverPoint._2());
        Crypto.Point point = (Crypto.Point) tuple23._1();
        Crypto.Point point2 = (Crypto.Point) tuple23._2();
        return new Tuple2<>(new Crypto.PublicKey(ecpoint2point(point2ecpoint(point.multiply(biginteger2scalar(bigInteger2))).subtract(curve().getG().multiply(bigInteger3)).multiply(bigInteger.modInverse(curve().getN()))), Crypto$PublicKey$.MODULE$.apply$default$2()), new Crypto.PublicKey(ecpoint2point(point2ecpoint(point2.multiply(biginteger2scalar(bigInteger2))).subtract(curve().getG().multiply(bigInteger3)).multiply(bigInteger.modInverse(curve().getN()))), Crypto$PublicKey$.MODULE$.apply$default$2()));
    }

    public Tuple2<Crypto.PublicKey, Crypto.PublicKey> recoverPublicKey(BinaryData binaryData, BinaryData binaryData2) {
        return recoverPublicKey(decodeSignature(package$.MODULE$.binaryData2Seq(binaryData)), binaryData2);
    }

    private static final int readLength$1(ByteArrayInputStream byteArrayInputStream) {
        int read = byteArrayInputStream.read();
        if ((read & 128) == 0) {
            return read;
        }
        int i = 0;
        for (int i2 = read - 128; i2 > 0; i2--) {
            i = (i << 8) + byteArrayInputStream.read();
        }
        return i;
    }

    private Crypto$() {
        MODULE$ = this;
        this.params = SECNamedCurves.getByName("secp256k1");
        this.curve = new ECDomainParameters(params().getCurve(), params().getG(), params().getN(), params().getH());
        this.halfCurveOrder = params().getN().shiftRight(1);
        this.zero = BigInteger.valueOf(0L);
        this.one = BigInteger.valueOf(1L);
        this.logger = LoggerFactory.getLogger(Secp256k1Context.class);
        if (Secp256k1Context.isEnabled()) {
            logger().info("secp256k1 library successfully loaded");
        } else {
            logger().info("couldn't find secp256k1 library, defaulting to spongycastle");
        }
    }
}
