package org.bitcoins.crypto;

import scala.MatchError;
import scala.Tuple2;
import scala.package$;
import scodec.bits.ByteVector;

/* compiled from: BouncyCastleUtil.scala */
/* loaded from: input_file:org/bitcoins/crypto/AdaptorStuff$.class */
public final class AdaptorStuff$ {
    public static final AdaptorStuff$ MODULE$ = new AdaptorStuff$();

    private FieldElement adaptorSignHelper(ByteVector byteVector, FieldElement fieldElement, ECPublicKey eCPublicKey, ECPrivateKey eCPrivateKey) {
        FieldElement apply = FieldElement$.MODULE$.apply(eCPublicKey.toPoint().getXCoord().toBigInteger());
        FieldElement fieldElement2 = eCPrivateKey.fieldElement();
        FieldElement apply2 = FieldElement$.MODULE$.apply(byteVector);
        return apply.multiply(fieldElement2).add(apply2).multiply(fieldElement.inverse());
    }

    public ECAdaptorSignature adaptorSign(ECPrivateKey eCPrivateKey, ECPublicKey eCPublicKey, ByteVector byteVector) {
        FieldElement dleqNonceFunc = DLEQStuff$.MODULE$.dleqNonceFunc(CryptoUtil$.MODULE$.sha256(byteVector.$plus$plus(ECAdaptorSignature$.MODULE$.serializePoint(eCPublicKey))).bytes(), eCPrivateKey.fieldElement(), "ECDSAAdaptorNon");
        if (dleqNonceFunc.isZero()) {
            throw new RuntimeException("Nonce cannot be zero.");
        }
        ECPublicKey publicKey = dleqNonceFunc.getPublicKey();
        ECPublicKey tweakMultiply = eCPublicKey.tweakMultiply(dleqNonceFunc);
        Tuple2<FieldElement, FieldElement> dleqProve = DLEQStuff$.MODULE$.dleqProve(dleqNonceFunc, eCPublicKey, "ECDSAAdaptorSig");
        if (dleqProve == null) {
            throw new MatchError(dleqProve);
        }
        Tuple2 tuple2 = new Tuple2((FieldElement) dleqProve._1(), (FieldElement) dleqProve._2());
        FieldElement fieldElement = (FieldElement) tuple2._1();
        FieldElement fieldElement2 = (FieldElement) tuple2._2();
        return ECAdaptorSignature$.MODULE$.apply(tweakMultiply, adaptorSignHelper(byteVector, dleqNonceFunc, tweakMultiply, eCPrivateKey), publicKey, fieldElement, fieldElement2);
    }

    private FieldElement adaptorVerifyHelper(FieldElement fieldElement, FieldElement fieldElement2, ECPublicKey eCPublicKey, ByteVector byteVector) {
        return FieldElement$.MODULE$.apply(FieldElement$.MODULE$.apply(byteVector).getPublicKey().add(eCPublicKey.tweakMultiply(fieldElement)).tweakMultiply(fieldElement2.inverse()).bytes().tail());
    }

    public boolean adaptorVerify(ECAdaptorSignature eCAdaptorSignature, ECPublicKey eCPublicKey, ByteVector byteVector, ECPublicKey eCPublicKey2) {
        ECPublicKey deserializePoint = ECAdaptorSignature$.MODULE$.deserializePoint(eCAdaptorSignature.dleqProof().take(33L));
        FieldElement apply = FieldElement$.MODULE$.apply(eCAdaptorSignature.dleqProof().drop(33L).take(32L));
        FieldElement apply2 = FieldElement$.MODULE$.apply(eCAdaptorSignature.dleqProof().drop(65L));
        ECPublicKey deserializePoint2 = ECAdaptorSignature$.MODULE$.deserializePoint(eCAdaptorSignature.adaptedSig().take(33L));
        FieldElement apply3 = FieldElement$.MODULE$.apply(eCAdaptorSignature.adaptedSig().drop(33L));
        if (!DLEQStuff$.MODULE$.dleqVerify("ECDSAAdaptorSig", apply, apply2, deserializePoint, eCPublicKey2, deserializePoint2)) {
            return false;
        }
        FieldElement apply4 = FieldElement$.MODULE$.apply(deserializePoint2.bytes().tail());
        FieldElement apply5 = FieldElement$.MODULE$.apply(deserializePoint.bytes().tail());
        if (apply4.isZero() || apply5.isZero()) {
            return false;
        }
        FieldElement adaptorVerifyHelper = adaptorVerifyHelper(apply4, apply3, eCPublicKey, byteVector);
        return adaptorVerifyHelper != null ? adaptorVerifyHelper.equals(apply5) : apply5 == null;
    }

    public ECDigitalSignature adaptorComplete(ECPrivateKey eCPrivateKey, ByteVector byteVector) {
        return DERSignatureUtil$.MODULE$.lowS(ECDigitalSignature$.MODULE$.fromRS(package$.MODULE$.BigInt().apply(FieldElement$.MODULE$.apply(ECAdaptorSignature$.MODULE$.deserializePoint(byteVector.take(33L)).bytes().tail()).toBigInteger()), package$.MODULE$.BigInt().apply(FieldElement$.MODULE$.apply(byteVector.drop(33L)).multInv(eCPrivateKey.fieldElement()).toBigInteger())));
    }

    public ECPrivateKey extractAdaptorSecret(ECDigitalSignature eCDigitalSignature, ECAdaptorSignature eCAdaptorSignature, ECPublicKey eCPublicKey) {
        FieldElement multInv = eCAdaptorSignature.adaptedS().multInv(FieldElement$.MODULE$.apply(eCDigitalSignature.s()));
        ECPublicKey publicKey = multInv.getPublicKey();
        return (publicKey != null ? !publicKey.equals(eCPublicKey) : eCPublicKey != null) ? multInv.negate().toPrivateKey() : multInv.toPrivateKey();
    }

    private AdaptorStuff$() {
    }
}
