package fr.acinq.eclair.crypto;

import fr.acinq.bitcoin.ByteVector32;
import fr.acinq.bitcoin.ByteVector32$;
import fr.acinq.bitcoin.Crypto;
import fr.acinq.bitcoin.Crypto$;
import fr.acinq.bitcoin.Crypto$PublicKey$;
import fr.acinq.eclair.crypto.Sphinx;
import fr.acinq.eclair.wire.BadOnion;
import fr.acinq.eclair.wire.InvalidOnionHmac;
import fr.acinq.eclair.wire.InvalidOnionKey;
import fr.acinq.eclair.wire.InvalidOnionVersion;
import fr.acinq.eclair.wire.OnionRoutingCodecs$;
import fr.acinq.eclair.wire.OnionRoutingPacket;
import fr.acinq.eclair.wire.PaymentOnionCodecs$;
import scala.MatchError;
import scala.Option;
import scala.Predef$;
import scala.Tuple2;
import scala.collection.Seq;
import scala.collection.Seq$;
import scala.collection.TraversableOnce;
import scala.math.Numeric$IntIsIntegral$;
import scala.package$;
import scala.runtime.BoxesRunTime;
import scala.util.Either;
import scala.util.Failure;
import scala.util.Left;
import scala.util.Right;
import scala.util.Success;
import scala.util.Try;
import scala.util.Try$;
import scodec.bits.ByteVector;
import scodec.bits.ByteVector$;

/* compiled from: Sphinx.scala */
/* loaded from: classes2.dex */
public final class Sphinx$ {
    public static final Sphinx$ MODULE$ = null;
    private final int MacLength;
    private final int Version;

    static {
        new Sphinx$();
    }

    private Sphinx$() {
        MODULE$ = this;
        this.Version = 0;
        this.MacLength = 32;
    }

    private Tuple2<Seq<Crypto.PublicKey>, Seq<ByteVector32>> computeEphemeralPublicKeysAndSharedSecrets(Crypto.PrivateKey privateKey, Seq<Crypto.PublicKey> seq, Seq<Crypto.PublicKey> seq2, Seq<ByteVector32> seq3, Seq<ByteVector32> seq4) {
        while (!seq.isEmpty()) {
            Crypto.PublicKey blind = blind(seq2.mo29last(), seq3.mo29last());
            ByteVector32 computeSharedSecret = computeSharedSecret(blind(seq.mo28head(), seq3), privateKey);
            ByteVector32 computeBlindingFactor = computeBlindingFactor(blind, ByteVector32$.MODULE$.byteVector32toByteVector(computeSharedSecret));
            seq = (Seq) seq.tail();
            seq2 = (Seq) seq2.$colon$plus(blind, Seq$.MODULE$.canBuildFrom());
            seq3 = (Seq) seq3.$colon$plus(computeBlindingFactor, Seq$.MODULE$.canBuildFrom());
            seq4 = (Seq) seq4.$colon$plus(computeSharedSecret, Seq$.MODULE$.canBuildFrom());
        }
        return new Tuple2<>(seq2, seq4);
    }

    public int MacLength() {
        return this.MacLength;
    }

    public int Version() {
        return this.Version;
    }

    public Crypto.PublicKey blind(Crypto.PublicKey publicKey, ByteVector32 byteVector32) {
        return publicKey.multiply(new Crypto.PrivateKey(byteVector32));
    }

    public Crypto.PublicKey blind(Crypto.PublicKey publicKey, Seq<ByteVector32> seq) {
        return (Crypto.PublicKey) seq.foldLeft(publicKey, new Sphinx$$anonfun$blind$1());
    }

    public ByteVector32 computeBlindingFactor(Crypto.PublicKey publicKey, ByteVector byteVector) {
        return Crypto$.MODULE$.sha256().apply(publicKey.value().$plus$plus(byteVector));
    }

    public Tuple2<Seq<Crypto.PublicKey>, Seq<ByteVector32>> computeEphemeralPublicKeysAndSharedSecrets(Crypto.PrivateKey privateKey, Seq<Crypto.PublicKey> seq) {
        Crypto.PublicKey blind = blind(Crypto$PublicKey$.MODULE$.apply(Crypto$.MODULE$.curve().getG()), privateKey.value());
        ByteVector32 computeSharedSecret = computeSharedSecret(seq.mo28head(), privateKey);
        return computeEphemeralPublicKeysAndSharedSecrets(privateKey, (Seq) seq.tail(), (Seq) Seq$.MODULE$.apply(Predef$.MODULE$.wrapRefArray(new Crypto.PublicKey[]{blind})), (Seq) Seq$.MODULE$.apply(Predef$.MODULE$.wrapRefArray(new ByteVector32[]{computeBlindingFactor(blind, ByteVector32$.MODULE$.byteVector32toByteVector(computeSharedSecret))})), (Seq) Seq$.MODULE$.apply(Predef$.MODULE$.wrapRefArray(new ByteVector32[]{computeSharedSecret})));
    }

    public ByteVector32 computeSharedSecret(Crypto.PublicKey publicKey, Crypto.PrivateKey privateKey) {
        return Crypto$.MODULE$.sha256().apply(publicKey.multiply(privateKey).value());
    }

    public Try<Sphinx.PacketAndSecrets> create(Crypto.PrivateKey privateKey, int i, Seq<Crypto.PublicKey> seq, Seq<ByteVector> seq2, Option<ByteVector32> option) {
        return Try$.MODULE$.apply(new Sphinx$$anonfun$create$1(privateKey, i, seq, seq2, option));
    }

    public ByteVector generateFiller(String str, int i, Seq<ByteVector32> seq, Seq<ByteVector> seq2) {
        Predef$.MODULE$.require(seq.length() == seq2.length(), new Sphinx$$anonfun$generateFiller$1());
        return (ByteVector) ((TraversableOnce) seq.zip(seq2, Seq$.MODULE$.canBuildFrom())).foldLeft(ByteVector$.MODULE$.empty(), new Sphinx$$anonfun$generateFiller$2(str, i));
    }

    public ByteVector32 generateKey(String str, ByteVector32 byteVector32) {
        return generateKey(ByteVector$.MODULE$.view(str.getBytes("UTF-8")), byteVector32);
    }

    public ByteVector32 generateKey(ByteVector byteVector, ByteVector32 byteVector32) {
        return Mac32$.MODULE$.hmac256(byteVector, ByteVector32$.MODULE$.byteVector32toByteVector(byteVector32));
    }

    public ByteVector generateStream(ByteVector byteVector, int i) {
        return ChaCha20$.MODULE$.encrypt(zeroes(i), byteVector, zeroes(12), ChaCha20$.MODULE$.encrypt$default$4());
    }

    public ByteVector32 hash(OnionRoutingPacket onionRoutingPacket) {
        return Crypto$.MODULE$.sha256().apply(OnionRoutingCodecs$.MODULE$.onionRoutingPacketCodec((int) onionRoutingPacket.payload().length()).encode(onionRoutingPacket).require().toByteVector());
    }

    public ByteVector32 mac(ByteVector byteVector, ByteVector byteVector2) {
        return Mac32$.MODULE$.hmac256(byteVector, byteVector2);
    }

    public int peekPayloadLength(ByteVector byteVector) {
        if (byteVector.head() != 0) {
            return MacLength() + ((int) BoxesRunTime.unboxToLong(PaymentOnionCodecs$.MODULE$.payloadLengthDecoder().decode(byteVector.bits()).require().value()));
        }
        return 65;
    }

    public Either<BadOnion, Sphinx.DecryptedPacket> peel(Crypto.PrivateKey privateKey, Option<ByteVector32> option, OnionRoutingPacket onionRoutingPacket) {
        if (onionRoutingPacket.version() != 0) {
            return package$.MODULE$.Left().apply(new InvalidOnionVersion(hash(onionRoutingPacket)));
        }
        Try apply = Try$.MODULE$.apply(new Sphinx$$anonfun$1(onionRoutingPacket));
        if (!(apply instanceof Success)) {
            if (apply instanceof Failure) {
                return package$.MODULE$.Left().apply(new InvalidOnionKey(hash(onionRoutingPacket)));
            }
            throw new MatchError(apply);
        }
        Crypto.PublicKey publicKey = (Crypto.PublicKey) ((Success) apply).value();
        ByteVector32 computeSharedSecret = computeSharedSecret(publicKey, privateKey);
        ByteVector32 mac = mac(ByteVector32$.MODULE$.byteVector32toByteVector(generateKey("mu", computeSharedSecret)), (ByteVector) option.map(new Sphinx$$anonfun$2(onionRoutingPacket)).getOrElse(new Sphinx$$anonfun$3(onionRoutingPacket)));
        ByteVector32 hmac = onionRoutingPacket.hmac();
        if (mac != null ? !mac.equals(hmac) : hmac != null) {
            return package$.MODULE$.Left().apply(new InvalidOnionHmac(hash(onionRoutingPacket)));
        }
        ByteVector xor = onionRoutingPacket.payload().$plus$plus(ByteVector$.MODULE$.fill(onionRoutingPacket.payload().length(), BoxesRunTime.boxToInteger(0), Numeric$IntIsIntegral$.MODULE$)).xor(generateStream(ByteVector32$.MODULE$.byteVector32toByteVector(generateKey("rho", computeSharedSecret)), ((int) onionRoutingPacket.payload().length()) * 2));
        int peekPayloadLength = peekPayloadLength(xor);
        long j = peekPayloadLength;
        return package$.MODULE$.Right().apply(new Sphinx.DecryptedPacket(xor.take(peekPayloadLength - MacLength()), new OnionRoutingPacket(Version(), blind(publicKey, computeBlindingFactor(publicKey, ByteVector32$.MODULE$.byteVector32toByteVector(computeSharedSecret))).value(), xor.drop(j).take(onionRoutingPacket.payload().length()), new ByteVector32(xor.slice(peekPayloadLength - MacLength(), j))), computeSharedSecret));
    }

    public OnionRoutingPacket wrap(ByteVector byteVector, Option<ByteVector32> option, Crypto.PublicKey publicKey, ByteVector32 byteVector32, Either<ByteVector, OnionRoutingPacket> either, ByteVector byteVector2) {
        long length;
        Tuple2 tuple2;
        boolean z = either instanceof Left;
        if (z) {
            length = ((ByteVector) ((Left) either).a()).length();
        } else {
            if (!(either instanceof Right)) {
                throw new MatchError(either);
            }
            length = ((OnionRoutingPacket) ((Right) either).b()).payload().length();
        }
        int i = (int) length;
        Predef$.MODULE$.require(byteVector.length() <= ((long) (i - MacLength())), new Sphinx$$anonfun$wrap$1(i));
        if (z) {
            tuple2 = new Tuple2(ByteVector32$.MODULE$.Zeroes(), (ByteVector) ((Left) either).a());
        } else {
            if (!(either instanceof Right)) {
                throw new MatchError(either);
            }
            OnionRoutingPacket onionRoutingPacket = (OnionRoutingPacket) ((Right) either).b();
            tuple2 = new Tuple2(onionRoutingPacket.hmac(), onionRoutingPacket.payload());
        }
        Tuple2 tuple22 = new Tuple2((ByteVector32) tuple2.mo1568_1(), (ByteVector) tuple2.mo1569_2());
        ByteVector $plus$plus = byteVector.$plus$plus(ByteVector32$.MODULE$.byteVector32toByteVector((ByteVector32) tuple22.mo1568_1())).$plus$plus(((ByteVector) tuple22.mo1569_2()).dropRight(byteVector.length() + MacLength())).xor(generateStream(ByteVector32$.MODULE$.byteVector32toByteVector(generateKey("rho", byteVector32)), i)).dropRight(byteVector2.length()).$plus$plus(byteVector2);
        return new OnionRoutingPacket(Version(), publicKey.value(), $plus$plus, mac(ByteVector32$.MODULE$.byteVector32toByteVector(generateKey("mu", byteVector32)), (ByteVector) option.map(new Sphinx$$anonfun$4($plus$plus)).getOrElse(new Sphinx$$anonfun$5($plus$plus))));
    }

    public ByteVector wrap$default$6() {
        return ByteVector$.MODULE$.empty();
    }

    public ByteVector zeroes(int i) {
        return ByteVector$.MODULE$.fill(i, BoxesRunTime.boxToInteger(0), Numeric$IntIsIntegral$.MODULE$);
    }
}
