/// <summary>
/// Initialise for ECDSA signature generation and verification.
/// </summary>
/// <param name="publicKey">Public EC key (used for verifying) Null if not required.</param>
/// <param name="privateKey">Private EC key (used for signing). Null if not required.</param>
/// <param name="random">
/// Supplier of random numbers (null for default is <see cref="StratCom.EntropySupplier"/>).
/// </param>
/// <param name="kCalculator">Calculator utility for generating k value in signature generation.</param>
/// <seealso cref="HmacDsaKCalculator"/>
public ECDsaSigner(ECKey publicKey, ECKey privateKey, CsRng random = null, IDsaKCalculator kCalculator = null)
{
if (publicKey != null && privateKey != null)
{
throw new ArgumentNullException();
}
if (publicKey != null)
{
if (publicKey.PublicComponent == false)
{
throw new ArgumentException("Not a public EC key.", "publicKey");
}
}
if (privateKey != null)
{
if (privateKey.PublicComponent)
{
throw new ArgumentException("Not a private EC key.", "privateKey");
}
}
_publicKey = publicKey;
_privateKey = privateKey;
_kCalculator = kCalculator ?? new RandomDsaKCalculator();
if (_kCalculator.IsDeterministic == false)
{
_random = random ?? StratCom.EntropySupplier;
}
SetupECDomain();
}
/// <summary>
/// Initialise for (either) ECDSA signature generation or verification.
/// </summary>
/// <param name="forSigning">
/// If <c>true</c>, the instance will be used for signing.
/// If <c>false</c>, it will be used for verification.
/// </param>
/// <param name="key">Individual EC key.</param>
/// <param name="random">
/// Supplier of random numbers (null for default is <see cref="StratCom.EntropySupplier"/>).
/// </param>
/// <param name="kCalculator">Calculator utility for generating k value in signature generation.</param>
/// <seealso cref="HmacDsaKCalculator"/>
public ECDsaSigner(bool forSigning, ECKey key, CsRng random = null, IDsaKCalculator kCalculator = null)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
if (forSigning)
{
if (key.PublicComponent)
{
throw new ArgumentException("EC private key required for signing.");
}
_privateKey = key;
}
else
{
if (key.PublicComponent == false)
{
throw new ArgumentException("EC public key required for verification.");
}
}
_kCalculator = kCalculator ?? new RandomDsaKCalculator();
if (forSigning && _kCalculator.IsDeterministic == false)
{
_random = random ?? StratCom.EntropySupplier;
}
SetupECDomain();
}
public ECKeyGenerationParameters(
ECDomainParameters domainParameters,
CsRng random)
: base(random, domainParameters.N.BitLength)
{
this.domainParams = domainParameters;
}
/// <summary>
/// Initialise for ECDSA signature generation.
/// </summary>
/// <param name="privateKey">
/// Private EC key used for signing (verification performed with corresponding public key).
/// </param>
/// <param name="random">
/// Supplier of random numbers (null for default is <see cref="StratCom.EntropySupplier"/>).
/// Not used if <paramref name="kCalculator"/> is deterministic.
/// </param>
/// <param name="kCalculator">Calculator utility for generating k value in signature generation.</param>
/// <seealso cref="HmacDsaKCalculator"/>
public ECDsaSigner(ECKey privateKey, CsRng random = null, IDsaKCalculator kCalculator = null)
{
if (privateKey.PublicComponent)
{
throw new ArgumentException("EC private key required for signing.");
}
_privateKey = privateKey;
_kCalculator = kCalculator ?? new RandomDsaKCalculator();
if (_kCalculator.IsDeterministic == false)
{
_random = random ?? StratCom.EntropySupplier;
}
}
public ReversedRandomWindowRng(
CsRng csRng,
int maxWindowSize)
{
if (csRng == null)
{
throw new ArgumentNullException("csRng");
}
if (maxWindowSize < 2)
{
throw new ArgumentException("Maximum window size must be at least 2", "maxWindowSize");
}
_csRng = csRng;
_maxWindowSize = maxWindowSize;
}
public ReversedWindowCsRng(
CsRng csRng,
int windowSize)
{
if (csRng == null)
{
throw new ArgumentNullException("csRng");
}
if (windowSize < 2)
{
throw new ArgumentException("Window size must be at least 2", "windowSize");
}
_csRng = csRng;
_window = new byte[windowSize];
}
/**
* initialise the generator with a source of randomness
* and a strength (in bits).
*
* @param random the random byte source.
* @param strength the size, in bits, of the keys we want to produce.
*/
public KeyGenerationParameters(
CsRng random,
int strength)
{
if (random == null)
{
throw new ArgumentNullException("random");
}
if (strength < 1)
{
throw new ArgumentException("strength must be a positive value", "strength");
}
this.random = random;
this.strength = strength;
}
static StratCom()
{
var digest = AuthenticatorFactory.CreateHashPrimitive(EntropyHashFunction);
var digestRng = new DigestCsRng(digest);
digestRng.AddSeedMaterial(((UInt64)DateTime.UtcNow.Ticks).ToLittleEndian());
var seed = new byte[InitialSeedSize];
new ThreadedSeedRng().NextBytes(seed, 0, InitialSeedSize / 2);
var rrwRng = new ReversedRandomWindowRng(digestRng,
Athena.Cryptography.HashFunctions[EntropyHashFunction].OutputSizeBits.BitsToBytes());
rrwRng.NextBytes(seed, InitialSeedSize / 2, InitialSeedSize / 2);
rrwRng.AddSeedMaterial(seed);
rrwRng.NextBytes(seed);
digestRng.AddSeedMaterial(seed);
EntropySupplier = digestRng;
}
public virtual void Init(BigInteger n, CsRng random)
{
this._q = n;
this._random = random;
}
/**
* Initialise the padder.
*
* @param random a CsRng if one is available.
*/
public void Init(
CsRng random)
{
this.random = random;
}
public virtual void Init(BigInteger n, CsRng random)
{
throw new InvalidOperationException("Operation not supported/appropriate.");
}
private BigInteger _x2; // Private key - x1 is not stored, as it is only ephemeral
#endregion
/// <summary>
/// Start a new or resume a previous J-PAKE key agreement session.
/// If resuming, call RestoreState() method immediately after construction.
/// </summary>
/// <param name="participantId">Participant identifier.</param>
/// <param name="passphrase">Passphrase believed to be known to both parties.</param>
/// <param name="group">Elliptic curve group/domain (must be over F(<sub>p</sub>).</param>
/// <param name="digest">Digest/hash function.</param>
/// <param name="random">Random data generator/source.</param>
public ECJpakeSession(string participantId, string passphrase, ECDomainParameters group, IHash digest,
CsRng random)
{
Contract.Requires <ArgumentException>(String.IsNullOrEmpty(participantId) == false,
"Participant ID must not be null/empty.");
Contract.Requires <ArgumentException>(String.IsNullOrEmpty(passphrase) == false,
"Passphrase must not be null/empty.");
Contract.Requires(group != null);
Contract.Requires(digest != null);
Contract.Requires(random != null);
ECCurve curve = group.Curve;
var curveAsFp = group.Curve as FpCurve;
if (curveAsFp == null)
{
if (curve is SecP192K1Curve)
{
_q = ((SecP192K1Curve)curve).Q;
}
else if (curve is SecP192R1Curve)
{
_q = ((SecP192R1Curve)curve).Q;
}
else if (curve is SecP224K1Curve)
{
_q = ((SecP224K1Curve)curve).Q;
}
else if (curve is SecP224R1Curve)
{
_q = ((SecP224R1Curve)curve).Q;
}
else if (curve is SecP256K1Curve)
{
_q = ((SecP256K1Curve)curve).Q;
}
else if (curve is SecP256R1Curve)
{
_q = ((SecP256R1Curve)curve).Q;
}
else if (curve is SecP384R1Curve)
{
_q = ((SecP384R1Curve)curve).Q;
}
else if (curve is SecP521R1Curve)
{
_q = ((SecP521R1Curve)curve).Q;
}
else
{
throw new ArgumentException("Curve in EC domain parameters must be over F(p)", "group");
}
}
else
{
_q = curveAsFp.Q;
}
ParticipantId = participantId;
_passwordBytes = Encoding.UTF8.GetBytes(passphrase);
_domain = group;
_digest = digest;
EntropySupply = random;
ProtocolState = State.Initialised;
}
/// <summary> Initialise the padder.</summary>
/// <param name="random">- a CsRng if available.
/// </param>
public virtual void Init(CsRng random)
{
// nothing to do.
}
public void Init(CsRng random)
{
this._random = random ?? StratCom.EntropySupplier;
}
