package edu.biu.scapi.interactiveMidProtocols.sigmaProtocol.pedersenCmtKnowledge;

import edu.biu.scapi.exceptions.InvalidDlogGroupException;
import edu.biu.scapi.interactiveMidProtocols.sigmaProtocol.DlogBasedSigma;
import edu.biu.scapi.interactiveMidProtocols.sigmaProtocol.SigmaVerifierComputation;
import edu.biu.scapi.interactiveMidProtocols.sigmaProtocol.utility.SigmaCommonInput;
import edu.biu.scapi.interactiveMidProtocols.sigmaProtocol.utility.SigmaGroupElementMsg;
import edu.biu.scapi.interactiveMidProtocols.sigmaProtocol.utility.SigmaProtocolMsg;
import edu.biu.scapi.primitives.dlog.DlogGroup;
import edu.biu.scapi.primitives.dlog.GroupElement;
import java.math.BigInteger;
import java.security.SecureRandom;

/* loaded from: input_file:edu/biu/scapi/interactiveMidProtocols/sigmaProtocol/pedersenCmtKnowledge/SigmaPedersenCmtKnowledgeVerifierComputation.class */
public class SigmaPedersenCmtKnowledgeVerifierComputation implements SigmaVerifierComputation, DlogBasedSigma {
    private DlogGroup dlog;
    private int t;
    private byte[] e;
    private SecureRandom random;

    public SigmaPedersenCmtKnowledgeVerifierComputation(DlogGroup dlogGroup, int i, SecureRandom secureRandom) throws InvalidDlogGroupException {
        if (!dlogGroup.validateGroup()) {
            throw new InvalidDlogGroupException();
        }
        this.dlog = dlogGroup;
        this.t = i;
        if (!checkSoundnessParam()) {
            throw new IllegalArgumentException("soundness parameter t does not satisfy 2^t<q");
        }
        this.random = secureRandom;
    }

    private boolean checkSoundnessParam() {
        return new BigInteger("2").pow(this.t).compareTo(this.dlog.getOrder()) < 0;
    }

    @Override // edu.biu.scapi.interactiveMidProtocols.sigmaProtocol.SigmaVerifierComputation
    public int getSoundnessParam() {
        return this.t;
    }

    @Override // edu.biu.scapi.interactiveMidProtocols.sigmaProtocol.SigmaVerifierComputation
    public void sampleChallenge() {
        this.e = new byte[this.t / 8];
        this.random.nextBytes(this.e);
    }

    @Override // edu.biu.scapi.interactiveMidProtocols.sigmaProtocol.SigmaVerifierComputation
    public void setChallenge(byte[] bArr) {
        this.e = bArr;
    }

    @Override // edu.biu.scapi.interactiveMidProtocols.sigmaProtocol.SigmaVerifierComputation
    public byte[] getChallenge() {
        return this.e;
    }

    @Override // edu.biu.scapi.interactiveMidProtocols.sigmaProtocol.SigmaVerifierComputation
    public boolean verify(SigmaCommonInput sigmaCommonInput, SigmaProtocolMsg sigmaProtocolMsg, SigmaProtocolMsg sigmaProtocolMsg2) {
        if (!(sigmaCommonInput instanceof SigmaPedersenCmtKnowledgeCommonInput)) {
            throw new IllegalArgumentException("the given input must be an instance of SigmaPedersenCTKnowledgeCommonInput");
        }
        if (!(sigmaProtocolMsg instanceof SigmaGroupElementMsg)) {
            throw new IllegalArgumentException("first message must be an instance of SigmaGroupElementMsg");
        }
        if (!(sigmaProtocolMsg2 instanceof SigmaPedersenCmtKnowledgeMsg)) {
            throw new IllegalArgumentException("second message must be an instance of SigmaPedersenCTKnowledgeMsg");
        }
        SigmaPedersenCmtKnowledgeCommonInput sigmaPedersenCmtKnowledgeCommonInput = (SigmaPedersenCmtKnowledgeCommonInput) sigmaCommonInput;
        GroupElement h = sigmaPedersenCmtKnowledgeCommonInput.getH();
        boolean z = 1 != 0 && this.dlog.isMember(h);
        SigmaPedersenCmtKnowledgeMsg sigmaPedersenCmtKnowledgeMsg = (SigmaPedersenCmtKnowledgeMsg) sigmaProtocolMsg2;
        boolean z2 = z && this.dlog.multiplyGroupElements(this.dlog.exponentiate(h, sigmaPedersenCmtKnowledgeMsg.getU()), this.dlog.exponentiate(this.dlog.getGenerator(), sigmaPedersenCmtKnowledgeMsg.getV())).equals(this.dlog.multiplyGroupElements(this.dlog.reconstructElement(true, ((SigmaGroupElementMsg) sigmaProtocolMsg).getElement()), this.dlog.exponentiate(sigmaPedersenCmtKnowledgeCommonInput.getCommitment(), new BigInteger(1, this.e))));
        this.e = null;
        return z2;
    }
}
