public virtual BigInteger[] GenerateSignature(byte[] message)
{
DsaParameters parameters = key.Parameters;
BigInteger q = parameters.Q;
BigInteger bigInteger = CalculateE(q, message);
BigInteger x = ((DsaPrivateKeyParameters)key).X;
if (kCalculator.IsDeterministic)
{
kCalculator.Init(q, x, message);
}
else
{
kCalculator.Init(q, random);
}
BigInteger bigInteger2 = kCalculator.NextK();
BigInteger bigInteger3 = parameters.G.ModPow(bigInteger2, parameters.P).Mod(q);
bigInteger2 = bigInteger2.ModInverse(q).Multiply(bigInteger.Add(x.Multiply(bigInteger3)));
BigInteger bigInteger4 = bigInteger2.Mod(q);
return(new BigInteger[2] {
bigInteger3, bigInteger4
});
}
/**
* Generate a signature for the given message using the key we were
* initialised with. For conventional DSA the message should be a SHA-1
* hash of the message of interest.
*
* @param message the message that will be verified later.
*/
public virtual BigInteger[] GenerateSignature(byte[] message)
{
DsaParameters parameters = key.Parameters;
BigInteger q = parameters.Q;
BigInteger m = CalculateE(q, message);
BigInteger x = ((DsaPrivateKeyParameters)key).X;
if (kCalculator.IsDeterministic)
{
kCalculator.Init(q, x, message);
}
else
{
kCalculator.Init(q, random);
}
BigInteger k = kCalculator.NextK();
BigInteger r = parameters.G.ModPow(k, parameters.P).Mod(q);
k = k.ModInverse(q).Multiply(m.Add(x.Multiply(r)));
BigInteger s = k.Mod(q);
return(new BigInteger[] { r, s });
}
/// <inheritdoc />
public void GenerateSignature(byte[] message, out BigInteger r, out BigInteger s)
{
BigInteger n = _ecDomain.N;
BigInteger e = CalculateE(n, message);
var d = new BigInteger(_privateKey.EncodedKey);
if (_kCalculator.IsDeterministic)
{
_kCalculator.Init(n, d, message);
}
else
{
_kCalculator.Init(n, _random);
}
// 5.3.2
// Generate s
do
{
BigInteger k;
// Generate r
do
{
k = _kCalculator.NextK();
ECPoint p = EcBasePointMultiplier.Multiply(_ecDomain.G, k).Normalize();
// 5.3.3
r = p.AffineXCoord.ToBigInteger().Mod(n);
} while (r.SignValue == 0);
s = k.ModInverse(n).Multiply(e.Add(d.Multiply(r))).Mod(n);
} while (s.SignValue == 0);
}
public uint256 BlindMessage(uint256 message, PubKey rpubkey, PubKey signerPubKey)
{
var P = signerPubKey.ECKey.GetPublicKeyParameters().Q;
var R = rpubkey.ECKey.GetPublicKeyParameters().Q;
var t = BigInteger.Zero;
while (t.SignValue == 0)
{
_v = _k.NextK();
_w = _k.NextK();
var A1 = Secp256k1.G.Multiply(_v);
var A2 = P.Multiply(_w);
var A = R.Add(A1.Add(A2)).Normalize();
t = A.AffineXCoord.ToBigInteger().Mod(Secp256k1.N);
}
_c = new BigInteger(1, Hashes.SHA256(message.ToBytes(false).Concat(Utils.BigIntegerToBytes(t, 32))));
var cp = _c.Subtract(_w).Mod(Secp256k1.N); // this is sent to the signer (blinded message)
return(new uint256(Utils.BigIntegerToBytes(cp, 32)));
}
public virtual byte[] GenerateSignature()
{
byte[] eHash = DigestUtilities.DoFinal(digest);
BigInteger n = ecParams.N;
BigInteger e = CalculateE(n, eHash);
BigInteger d = ((ECPrivateKeyParameters)ecKey).D;
BigInteger r, s;
ECMultiplier basePointMultiplier = CreateBasePointMultiplier();
// 5.2.1 Draft RFC: SM2 Public Key Algorithms
do // generate s
{
BigInteger k;
do // generate r
{
// A3
k = kCalculator.NextK();
// A4
ECPoint p = basePointMultiplier.Multiply(ecParams.G, k).Normalize();
// A5
r = e.Add(p.AffineXCoord.ToBigInteger()).Mod(n);
}while (r.SignValue == 0 || r.Add(k).Equals(n));
// A6
BigInteger dPlus1ModN = d.Add(BigInteger.One).ModInverse(n);
s = k.Subtract(r.Multiply(d)).Mod(n);
s = dPlus1ModN.Multiply(s).Mod(n);
}while (s.SignValue == 0);
// A7
try
{
return(encoding.Encode(ecParams.N, r, s));
}
catch (Exception ex)
{
throw new CryptoException("unable to encode signature: " + ex.Message, ex);
}
}
// 5.3 pg 28
/**
* Generate a signature for the given message using the key we were
* initialised with. For conventional DSA the message should be a SHA-1
* hash of the message of interest.
*
* @param message the message that will be verified later.
*/
public virtual BigInteger[] GenerateSignature(byte[] message)
{
ECDomainParameters ec = key.Parameters;
BigInteger n = ec.N;
BigInteger e = CalculateE(n, message);
BigInteger d = ((ECPrivateKeyParameters)key).D;
if (kCalculator.IsDeterministic)
{
kCalculator.Init(n, d, message);
}
else
{
kCalculator.Init(n, random);
}
BigInteger r, s;
ECMultiplier basePointMultiplier = CreateBasePointMultiplier();
// 5.3.2
do // Generate s
{
BigInteger k;
byte[] rBytes = null;
do // Generate r
{
do
{
k = kCalculator.NextK();
ECPoint p = basePointMultiplier.Multiply(ec.G, k).Normalize();
// 5.3.3
r = p.AffineXCoord.ToBigInteger().Mod(n);
}while(r.SignValue == 0);
}while(forceLowR && r.ToByteArrayUnsigned()[0] >= 0x80);
s = k.ModInverse(n).Multiply(e.Add(d.Multiply(r))).Mod(n);
}while(s.SignValue == 0);
return(new BigInteger[] { r, s });
}
public virtual BigInteger[] GenerateSignature(byte[] message)
{
ECDomainParameters parameters = key.Parameters;
BigInteger n = parameters.N;
BigInteger bigInteger = CalculateE(n, message);
BigInteger d = ((ECPrivateKeyParameters)key).D;
if (kCalculator.IsDeterministic)
{
kCalculator.Init(n, d, message);
}
else
{
kCalculator.Init(n, random);
}
ECMultiplier eCMultiplier = CreateBasePointMultiplier();
BigInteger bigInteger3;
BigInteger bigInteger4;
while (true)
{
BigInteger bigInteger2 = kCalculator.NextK();
ECPoint eCPoint = eCMultiplier.Multiply(parameters.G, bigInteger2).Normalize();
bigInteger3 = eCPoint.AffineXCoord.ToBigInteger().Mod(n);
if (bigInteger3.SignValue != 0)
{
bigInteger4 = bigInteger2.ModInverse(n).Multiply(bigInteger.Add(d.Multiply(bigInteger3))).Mod(n);
if (bigInteger4.SignValue != 0)
{
break;
}
}
}
return(new BigInteger[2]
{
bigInteger3,
bigInteger4
});
}