package org.cryptimeleon.craco.sig.ps18;

import java.util.Objects;
import java.util.stream.IntStream;
import org.cryptimeleon.craco.common.plaintexts.MessageBlock;
import org.cryptimeleon.craco.common.plaintexts.PlainText;
import org.cryptimeleon.craco.common.plaintexts.RingElementPlainText;
import org.cryptimeleon.craco.sig.Signature;
import org.cryptimeleon.craco.sig.SignatureKeyPair;
import org.cryptimeleon.craco.sig.SignatureScheme;
import org.cryptimeleon.craco.sig.SigningKey;
import org.cryptimeleon.craco.sig.VerificationKey;
import org.cryptimeleon.craco.sig.ps.PSPublicParameters;
import org.cryptimeleon.math.serialization.Representation;
import org.cryptimeleon.math.serialization.annotations.ReprUtil;
import org.cryptimeleon.math.serialization.annotations.Represented;
import org.cryptimeleon.math.structures.groups.Group;
import org.cryptimeleon.math.structures.groups.GroupElement;
import org.cryptimeleon.math.structures.groups.cartesian.GroupElementVector;
import org.cryptimeleon.math.structures.rings.RingElement;
import org.cryptimeleon.math.structures.rings.cartesian.RingElementVector;
import org.cryptimeleon.math.structures.rings.zn.Zp;

/* loaded from: input_file:org/cryptimeleon/craco/sig/ps18/PS18SignatureScheme.class */
public class PS18SignatureScheme implements SignatureScheme {

    @Represented
    PSPublicParameters pp;

    public PS18SignatureScheme(PSPublicParameters pSPublicParameters) {
        this.pp = pSPublicParameters;
    }

    public PS18SignatureScheme(Representation representation) {
        new ReprUtil(this).deserialize(representation);
    }

    public Representation getRepresentation() {
        return ReprUtil.serialize(this);
    }

    public SignatureKeyPair<PS18VerificationKey, PS18SigningKey> generateKeyPair(int i) {
        Group g2 = this.pp.getBilinearMap().getG2();
        Zp zp = this.pp.getZp();
        GroupElement compute = g2.getUniformlyRandomNonNeutral().compute();
        Zp.ZpElement uniformlyRandomUnit = zp.getUniformlyRandomUnit();
        RingElementVector fromStream = RingElementVector.fromStream(IntStream.range(0, i + 1).mapToObj(i2 -> {
            return zp.getUniformlyRandomUnit();
        }));
        GroupElement compute2 = compute.pow(uniformlyRandomUnit).compute();
        GroupElementVector groupElementVector = new GroupElementVector(fromStream.map(ringElement -> {
            return compute.pow((Zp.ZpElement) ringElement).compute();
        }));
        compute2.precomputePow();
        groupElementVector.precomputePow();
        return new SignatureKeyPair<>(new PS18VerificationKey(compute, compute2, groupElementVector), new PS18SigningKey(uniformlyRandomUnit, fromStream));
    }

    @Override // org.cryptimeleon.craco.sig.SignatureScheme
    public Signature sign(PlainText plainText, SigningKey signingKey) {
        if (plainText instanceof RingElementPlainText) {
            plainText = new MessageBlock(plainText);
        }
        if (!(plainText instanceof MessageBlock)) {
            throw new IllegalArgumentException("Plaintext is not a 'MessageBlock' instance.");
        }
        if (!(signingKey instanceof PS18SigningKey)) {
            throw new IllegalArgumentException("Signing key is not a 'PS18SigningKey' instance.");
        }
        MessageBlock messageBlock = (MessageBlock) plainText;
        PS18SigningKey pS18SigningKey = (PS18SigningKey) signingKey;
        if (messageBlock.length() != pS18SigningKey.getNumberOfMessages()) {
            throw new IllegalArgumentException("Message length does not match length supported by signing key.");
        }
        Zp zp = this.pp.getZp();
        GroupElement uniformlyRandomNonNeutral = this.pp.getBilinearMap().getG1().getUniformlyRandomNonNeutral();
        Zp.ZpElement uniformlyRandomElement = zp.getUniformlyRandomElement();
        return new PS18Signature(uniformlyRandomElement, uniformlyRandomNonNeutral, computeSigma2(messageBlock, pS18SigningKey, uniformlyRandomElement, uniformlyRandomNonNeutral));
    }

    @Override // org.cryptimeleon.craco.sig.SignatureScheme
    public Boolean verify(PlainText plainText, Signature signature, VerificationKey verificationKey) {
        if (plainText instanceof RingElementPlainText) {
            plainText = new MessageBlock(plainText);
        }
        if (!(plainText instanceof MessageBlock)) {
            throw new IllegalArgumentException("Plaintext is not a 'MessageBlock' instance.");
        }
        if (!(signature instanceof PS18Signature)) {
            throw new IllegalArgumentException("Signature is not a 'PS18Signature' instance.");
        }
        if (!(verificationKey instanceof PS18VerificationKey)) {
            throw new IllegalArgumentException("Public key is not a 'PS18VerificationKey' instance.");
        }
        MessageBlock messageBlock = (MessageBlock) plainText;
        PS18VerificationKey pS18VerificationKey = (PS18VerificationKey) verificationKey;
        PS18Signature pS18Signature = (PS18Signature) signature;
        if (pS18Signature.getGroup1ElementSigma1().isNeutralElement()) {
            return false;
        }
        return Boolean.valueOf(computeLeftHandSide(messageBlock, pS18VerificationKey, pS18Signature.getExponentPrimeM(), pS18Signature.getGroup1ElementSigma1()).equals(this.pp.getBilinearMap().apply(pS18Signature.getGroup1ElementSigma2(), pS18VerificationKey.getGroup2ElementTildeG())));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public GroupElement computeSigma2(MessageBlock messageBlock, PS18SigningKey pS18SigningKey, Zp.ZpElement zpElement, GroupElement groupElement) {
        Zp.ZpElement exponentX = pS18SigningKey.getExponentX();
        for (int i = 0; i < pS18SigningKey.getNumberOfMessages(); i++) {
            if (messageBlock.get(i) == null) {
                throw new IllegalArgumentException(String.format("%d'th message element is null.", Integer.valueOf(i)));
            }
            PlainText plainText = (PlainText) messageBlock.get(i);
            if (!(plainText instanceof RingElementPlainText)) {
                throw new IllegalArgumentException(String.format("%d'th message element is not a 'RingElementPlainText' instance.", Integer.valueOf(i)));
            }
            RingElementPlainText ringElementPlainText = (RingElementPlainText) plainText;
            if (!ringElementPlainText.getRingElement().getStructure().equals(this.pp.getZp())) {
                throw new IllegalArgumentException(String.format("%d'th message element is not an element of Zp.", Integer.valueOf(i)));
            }
            exponentX = exponentX.add(((RingElement) pS18SigningKey.getExponentsYi().get(i)).mul(ringElementPlainText.getRingElement()));
        }
        return groupElement.pow(exponentX.add(((RingElement) pS18SigningKey.getExponentsYi().get(pS18SigningKey.getNumberOfMessages())).mul(zpElement)).getInteger());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public GroupElement computeLeftHandSide(MessageBlock messageBlock, PS18VerificationKey pS18VerificationKey, Zp.ZpElement zpElement, GroupElement groupElement) {
        GroupElement group2ElementTildeX = pS18VerificationKey.getGroup2ElementTildeX();
        for (int i = 0; i < pS18VerificationKey.getNumberOfMessages(); i++) {
            if (messageBlock.get(i) == null) {
                throw new IllegalArgumentException(String.format("%d'th message element is null.", Integer.valueOf(i)));
            }
            PlainText plainText = (PlainText) messageBlock.get(i);
            if (!(plainText instanceof RingElementPlainText)) {
                throw new IllegalArgumentException(String.format("%d'th message element is not a 'RingElementPlainText' instance.", Integer.valueOf(i)));
            }
            RingElementPlainText ringElementPlainText = (RingElementPlainText) plainText;
            if (!ringElementPlainText.getRingElement().getStructure().equals(this.pp.getZp())) {
                throw new IllegalArgumentException(String.format("%d'th message element is not an element of Zp.", Integer.valueOf(i)));
            }
            group2ElementTildeX = group2ElementTildeX.op(((GroupElement) pS18VerificationKey.getGroup2ElementsTildeYi().get(i)).pow(ringElementPlainText.getRingElement()));
        }
        return this.pp.getBilinearMap().apply(groupElement, group2ElementTildeX.op(((GroupElement) pS18VerificationKey.getGroup2ElementsTildeYi().get(pS18VerificationKey.getNumberOfMessages())).pow(zpElement)));
    }

    @Override // org.cryptimeleon.craco.sig.SignatureScheme
    public PlainText mapToPlaintext(byte[] bArr, SigningKey signingKey) {
        return mapToPlaintext(bArr, ((PS18SigningKey) signingKey).getNumberOfMessages());
    }

    @Override // org.cryptimeleon.craco.sig.SignatureScheme
    public PlainText mapToPlaintext(byte[] bArr, VerificationKey verificationKey) {
        return mapToPlaintext(bArr, ((PS18VerificationKey) verificationKey).getNumberOfMessages());
    }

    @Override // org.cryptimeleon.craco.sig.SignatureScheme
    public int getMaxNumberOfBytesForMapToPlaintext() {
        return (this.pp.getZp().size().bitLength() - 1) / 8;
    }

    protected MessageBlock mapToPlaintext(byte[] bArr, int i) {
        return (MessageBlock) new RingElementVector(new RingElement[]{this.pp.getZp().injectiveValueOf(bArr)}).pad(this.pp.getZp().getZeroElement(), i).map(RingElementPlainText::new, MessageBlock::new);
    }

    @Override // org.cryptimeleon.craco.sig.SignatureScheme
    public PlainText restorePlainText(Representation representation) {
        return new MessageBlock(representation, RingElementPlainText::new);
    }

    @Override // org.cryptimeleon.craco.sig.SignatureScheme
    public Signature restoreSignature(Representation representation) {
        return new PS18Signature(representation, this.pp.getZp(), this.pp.getBilinearMap().getG1());
    }

    @Override // org.cryptimeleon.craco.sig.SignatureScheme
    public SigningKey restoreSigningKey(Representation representation) {
        return new PS18SigningKey(representation, this.pp.getZp());
    }

    @Override // org.cryptimeleon.craco.sig.SignatureScheme
    public VerificationKey restoreVerificationKey(Representation representation) {
        return new PS18VerificationKey(representation, this.pp.getBilinearMap().getG2());
    }

    public PSPublicParameters getPp() {
        return this.pp;
    }

    public int hashCode() {
        return this.pp.hashCode();
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj != null && getClass() == obj.getClass()) {
            return Objects.equals(this.pp, ((PS18SignatureScheme) obj).pp);
        }
        return false;
    }
}
