package org.exploit.crypto.key.secp256k1.tweak;

import at.favre.lib.bytes.Bytes;
import java.math.BigInteger;
import org.bouncycastle.math.ec.ECPoint;
import org.bouncycastle.util.BigIntegers;
import org.exploit.crypto.Hash;
import org.exploit.crypto.curve.Secp256k1Provider;
import org.exploit.crypto.key.secp256k1.Secp256k1PublicKey;
import org.exploit.crypto.utils.Schnorr;

/* loaded from: input_file:org/exploit/crypto/key/secp256k1/tweak/TweakedPublicKey.class */
public class TweakedPublicKey extends Secp256k1PublicKey {
    private final Secp256k1PublicKey originalPublicKey;
    private final int parity;
    private final byte[] h;

    public TweakedPublicKey(Secp256k1PublicKey secp256k1PublicKey, byte[] bArr) {
        super(taprootTweakPubkey(secp256k1PublicKey, bArr));
        this.originalPublicKey = secp256k1PublicKey;
        this.h = bArr;
        this.parity = computeParity(secp256k1PublicKey, bArr);
    }

    /* JADX WARN: Type inference failed for: r0v4, types: [byte[], byte[][]] */
    private static byte[] taprootTweakPubkey(Secp256k1PublicKey secp256k1PublicKey, byte[] bArr) {
        byte[] x = secp256k1PublicKey.x();
        BigInteger curveOrder = Secp256k1Provider.getCurveOrder();
        BigInteger mod = new BigInteger(1, Hash.taggedHash(Bytes.from((byte[][]) new byte[]{x, bArr}).array(), "TapTweak")).mod(curveOrder);
        if (mod.compareTo(curveOrder) >= 0) {
            throw new IllegalArgumentException("t >= SECP256K1_ORDER");
        }
        ECPoint liftX = Schnorr.liftX(new BigInteger(1, x));
        if (liftX == null) {
            throw new IllegalArgumentException("Invalid public key, point not on curve");
        }
        return BigIntegers.asUnsignedByteArray(32, liftX.add(Secp256k1Provider.CURVE.getG().multiply(mod)).normalize().getAffineXCoord().toBigInteger());
    }

    @Override // org.exploit.crypto.key.secp256k1.Secp256k1PublicKey, org.exploit.crypto.key.ECPublicKey
    public byte[] encoded() {
        return this.encoded;
    }

    @Override // org.exploit.crypto.key.ECPublicKey
    public byte[] x() {
        return this.encoded;
    }

    @Override // org.exploit.crypto.key.secp256k1.Secp256k1PublicKey, org.exploit.crypto.key.ECPublicKey
    public ECPoint point() {
        return Schnorr.liftX(new BigInteger(1, encoded()));
    }

    /* JADX WARN: Type inference failed for: r0v4, types: [byte[], byte[][]] */
    private static int computeParity(Secp256k1PublicKey secp256k1PublicKey, byte[] bArr) {
        byte[] x = secp256k1PublicKey.x();
        BigInteger mod = new BigInteger(1, Hash.taggedHash(Bytes.from((byte[][]) new byte[]{x, bArr}).array(), "TapTweak")).mod(Secp256k1Provider.getCurveOrder());
        ECPoint liftX = Schnorr.liftX(new BigInteger(1, x));
        if (liftX == null) {
            throw new IllegalArgumentException("Invalid public key, point not on curve");
        }
        return liftX.add(Secp256k1Provider.CURVE.getG().multiply(mod)).normalize().getAffineYCoord().toBigInteger().testBit(0) ? 1 : 0;
    }

    public Secp256k1PublicKey getOriginalPublicKey() {
        return this.originalPublicKey;
    }

    public int getParity() {
        return this.parity;
    }

    public byte[] getH() {
        return this.h;
    }
}
