public void Inv(GXBigInteger value)
{
if (!IsZero)
{
GXBigInteger lm = new GXBigInteger(1);
GXBigInteger hm = new GXBigInteger(0);
GXBigInteger low = new GXBigInteger(this);
low.Mod(value);
GXBigInteger high = new GXBigInteger(value);
while (!(low.IsZero || low.IsOne))
{
GXBigInteger r = new GXBigInteger(high);
r.Div(low);
GXBigInteger tmp = new GXBigInteger(lm);
tmp.Multiply(r);
GXBigInteger nm = new GXBigInteger(hm);
nm.Sub(tmp);
tmp = new GXBigInteger(low);
tmp.Multiply(r);
high.Sub(tmp);
// lm, low, hm, high = nm, new, lm, low
tmp = low;
low = new GXBigInteger(high);
high = tmp;
hm = new GXBigInteger(lm);
lm = new GXBigInteger(nm);
}
Data = lm.Data;
negative = lm.negative;
Mod(value);
}
}
public GXBigInteger(GXBigInteger value)
{
AddRange(value.Data);
Count = value.Count;
negative = value.negative;
changed = true;
}
/// <summary>
/// Modulus.
/// </summary>
/// <param name="mod">Modulus.</param>
public void Mod(GXBigInteger mod)
{
/*
* //value = value - (mod * (value / mod) )
* GXBigInteger tmp = new GXBigInteger(this);
* tmp.Div(mod);
* tmp.Multiply(mod);
* Sub(tmp);
* changed = true;
*/
GXBigInteger current = new GXBigInteger(1);
GXBigInteger denom = new GXBigInteger(mod);
bool neq = negative;
negative = false;
// while denom < this.
while (denom.Compare(this) == -1)
{
current.Lshift(1);
denom.Lshift(1);
}
//If overflow.
if (denom.Compare(this) == 1)
{
if (current.IsOne)
{
if (neq)
{
Sub(mod);
negative = false;
}
return;
}
current.Rshift(1);
denom.Rshift(1);
while (!current.IsZero)
{
int r = Compare(denom);
if (r == 1)
{
Sub(denom);
}
else if (r == 0)
{
break;
}
current.Rshift(1);
denom.Rshift(1);
}
}
else
{
Clear();
}
if (neq)
{
Sub(mod);
negative = false;
}
}
/// <summary>
/// Check that this is correct public key.
/// </summary>
/// <remarks>
/// This method can be used to verify that public and private key are on the curve.
/// </remarks>
public static void Validate(GXPublicKey publicKey)
{
if (publicKey == null)
{
throw new ArgumentNullException("Invalid public key.");
}
GXByteBuffer bb = new GXByteBuffer();
bb.Set(publicKey.RawValue);
int size = SchemeSize(publicKey.Scheme);
GXBigInteger x = new GXBigInteger(bb.SubArray(1, size));
GXBigInteger y = new GXBigInteger(bb.SubArray(1 + size, size));
GXCurve curve = new GXCurve(publicKey.Scheme);
y.Multiply(y);
y.Mod(curve.P);
GXBigInteger tmpX = new GXBigInteger(x);
tmpX.Multiply(x);
tmpX.Mod(curve.P);
tmpX.Add(curve.A);
tmpX.Multiply(x);
tmpX.Add(curve.B);
tmpX.Mod(curve.P);
if (y.Compare(tmpX) != 0)
{
throw new ArgumentException("Public key validate failed. Public key is not valid ECDSA public key.");
}
}
/// <summary>
/// Multily elliptic curve point and scalar.
/// </summary>
/// <remarks>
/// Y^2 = X^3 + A*X + B (mod p)
/// </remarks>
/// <param name="eccSize"></param>
/// <param name="p">Point to multiply</param>
/// <param name="n">Scalar to multiply</param>
/// <param name="N">Elliptic curve order.</param>
/// <param name="A"></param>
/// <param name="P">Prime number</param>
internal static GXEccPoint JacobianMultiply(GXEccPoint p, GXBigInteger n, GXBigInteger N, GXBigInteger A, GXBigInteger P)
{
GXBigInteger tmp;
if (p.y.IsZero || n.IsZero)
{
return(new GXEccPoint(0, 0, 1));
}
if (n.IsOne)
{
return(p);
}
if (n.Compare(0) == -1 || n.Compare(N) != -1)
{
tmp = new GXBigInteger(n);
tmp.Mod(N);
return(JacobianMultiply(p, tmp, N, A, P));
}
if (n.IsEven)
{
tmp = new GXBigInteger(n);
tmp.Rshift(1);
return(JacobianDouble(JacobianMultiply(p, tmp, N, A, P), A, P));
}
tmp = new GXBigInteger(n);
tmp.Rshift(1);
GXEccPoint p2 = JacobianDouble(JacobianMultiply(p, tmp, N, A, P), A, P);
JacobianAdd(p2, p, A, P);
return(p2);
}
private static void Multiply(GXEccPoint p, GXBigInteger n, GXBigInteger N, GXBigInteger A, GXBigInteger P)
{
GXEccPoint p2 = JacobianMultiply(p, n, N, A, P);
p.x = p2.x;
p.y = p2.y;
p.z = p2.z;
FromJacobian(p, P);
}
public void Multiply(GXBigInteger value)
{
if (value.IsZero || IsZero)
{
Count = 0;
changed = true;
}
else if (!value.IsOne)
{
UInt32[] ret = new UInt32[1 + value.Count + Count];
UInt32 overflow = 0;
int index = 0;
for (int i = 0; i != value.Count; ++i)
{
overflow = 0;
for (int j = 0; j != Count; ++j)
{
UInt64 result = value.Data[i];
result *= Data[j];
result += overflow;
overflow = (UInt32)(result >> 32);
index = i + j;
AddValue(ret, (UInt32)result, index);
}
if (overflow > 0)
{
AddValue(ret, overflow, 1 + index);
}
}
if (overflow != 0)
{
index = ret.Length;
}
else
{
index = ret.Length - 1;
}
Array.Copy(ret, Data, index);
Count = (UInt16)index;
changed = true;
}
if (value.IsNegative != IsNegative)
{
if (!negative)
{
negative = true;
}
}
else if (IsNegative)
{
//If both values are negative.
negative = false;
}
}
public void Div(GXBigInteger value)
{
GXBigInteger current = new GXBigInteger(1);
GXBigInteger denom = new GXBigInteger(value);
GXBigInteger tmp = new GXBigInteger(this);
bool neq = negative;
negative = false;
try
{
// while denom < this.
while (denom.Compare(this) == -1)
{
current.Lshift(1);
denom.Lshift(1);
}
//If overflow.
if (denom.Compare(this) == 1)
{
if (current.IsOne)
{
Clear();
return;
}
Clear();
current.Rshift(1);
denom.Rshift(1);
while (!current.IsZero)
{
int r = tmp.Compare(denom);
if (r == 1)
{
tmp.Sub(denom);
Add(current);
}
else if (r == 0)
{
Add(current);
break;
}
current.Rshift(1);
denom.Rshift(1);
}
current.Data = Data;
}
}
finally
{
negative = neq;
}
Data = current.Data;
changed = true;
}
/// <summary>
/// Verify that signature matches the data.
/// </summary>
/// <param name="signature">Generated signature.</param>
/// <param name="data">Data to valuate.</param>
/// <returns></returns>
public bool Verify(byte[] signature, byte[] data)
{
GXBigInteger msg;
if (PublicKey == null)
{
if (PrivateKey == null)
{
throw new ArgumentNullException("Invalid private key.");
}
PublicKey = PrivateKey.GetPublicKey();
}
if (PublicKey.Scheme == Ecc.P256)
{
using (SHA256 sha = new SHA256CryptoServiceProvider())
{
msg = new GXBigInteger(sha.ComputeHash(data));
}
}
else
{
using (SHA384 sha = new SHA384CryptoServiceProvider())
{
msg = new GXBigInteger(sha.ComputeHash(data));
}
}
GXByteBuffer pk = new GXByteBuffer(PublicKey.RawValue);
GXByteBuffer bb = new GXByteBuffer(signature);
int size = SchemeSize(PublicKey.Scheme);
GXBigInteger sigR = new GXBigInteger(bb.SubArray(0, size));
GXBigInteger sigS = new GXBigInteger(bb.SubArray(size, size));
GXBigInteger inv = sigS;
inv.Inv(curve.N);
// Calculate u1 and u2.
GXEccPoint u1 = new GXEccPoint(curve.G.x, curve.G.y, new GXBigInteger(1));
GXEccPoint u2 = new GXEccPoint(new GXBigInteger(pk.SubArray(1, size)),
new GXBigInteger(pk.SubArray(1 + size, size)), new GXBigInteger(1));
GXBigInteger n = msg;
n.Multiply(inv);
n.Mod(curve.N);
Multiply(u1, n, curve.N, curve.A, curve.P);
n = new GXBigInteger(sigR);
n.Multiply(inv);
n.Mod(curve.N);
Multiply(u2, n, curve.N, curve.A, curve.P);
u1.z = new GXBigInteger(1);
u2.z = new GXBigInteger(1);
JacobianAdd(u1, u2, curve.A, curve.P);
FromJacobian(u1, curve.P);
return(sigR.Compare(u1.x) == 0);
}
/// <summary>
/// Get ECC point from Jacobian coordinates.
/// </summary>
/// <param name="p"></param>
/// <param name="P"></param>
internal static void FromJacobian(GXEccPoint p, GXBigInteger P)
{
p.z.Inv(P);
p.x.Multiply(p.z);
p.x.Multiply(p.z);
p.x.Mod(P);
p.y.Multiply(p.z);
p.y.Multiply(p.z);
p.y.Multiply(p.z);
p.y.Mod(P);
p.z.Clear();
}
public void Or(GXBigInteger value)
{
int pos;
while (Count < value.Count)
{
Add(0);
}
for (pos = 0; pos < value.Count; ++pos)
{
Data[pos] |= value.Data[pos];
}
changed = true;
}
/// <summary>
/// Sign given data using public and private key.
/// </summary>
/// <param name="data">Data to sign.</param>
/// <returns>Signature</returns>
public byte[] Sign(byte[] data)
{
if (PrivateKey == null)
{
throw new ArgumentException("Invalid private key.");
}
GXBigInteger msg;
if (PrivateKey.Scheme == Ecc.P256)
{
using (SHA256 sha = new SHA256CryptoServiceProvider())
{
msg = new GXBigInteger(sha.ComputeHash(data));
}
}
else
{
using (SHA384 sha = new SHA384CryptoServiceProvider())
{
msg = new GXBigInteger(sha.ComputeHash(data));
}
}
GXBigInteger pk = new GXBigInteger(PrivateKey.RawValue);
GXEccPoint p;
GXBigInteger n;
GXBigInteger r;
GXBigInteger s;
do
{
n = GetRandomNumber(PrivateKey.Scheme);
p = new GXEccPoint(curve.G.x, curve.G.y, new GXBigInteger(1));
Multiply(p, n, curve.N, curve.A, curve.P);
r = p.x;
r.Mod(curve.N);
n.Inv(curve.N);
//s
s = new GXBigInteger(r);
s.Multiply(pk);
s.Add(msg);
s.Multiply(n);
s.Mod(curve.N);
} while (r.IsZero || s.IsZero);
GXByteBuffer signature = new GXByteBuffer();
signature.Set(r.ToArray());
signature.Set(s.ToArray());
return(signature.Array());
}
/// <summary>
/// Convert ECC point to Jacobian.
/// </summary>
/// <param name="p">ECC point.</param>
/// <param name="A"></param>
/// <param name="P">Prime number.</param>
/// <returns></returns>
private static GXEccPoint JacobianDouble(GXEccPoint p, GXBigInteger A, GXBigInteger P)
{
GXBigInteger ysq = new GXBigInteger(p.y);
ysq.Multiply(p.y);
ysq.Mod(P);
GXBigInteger S = new GXBigInteger(p.x);
S.Multiply(new GXBigInteger(4));
S.Multiply(ysq);
S.Mod(P);
GXBigInteger M = new GXBigInteger(p.x);
M.Multiply(p.x);
M.Multiply(new GXBigInteger(3));
GXBigInteger tmp = new GXBigInteger(p.z);
tmp.Multiply(p.z);
tmp.Multiply(p.z);
tmp.Multiply(p.z);
tmp.Multiply(A);
M.Add(tmp);
M.Mod(P);
//nx
GXBigInteger nx = new GXBigInteger(M);
nx.Multiply(M);
tmp = new GXBigInteger(S);
tmp.Multiply(new GXBigInteger(2));
nx.Sub(tmp);
nx.Mod(P);
//ny
GXBigInteger ny = new GXBigInteger(S);
ny.Sub(nx);
ny.Multiply(M);
tmp = new GXBigInteger(ysq);
tmp.Multiply(ysq);
tmp.Multiply(new GXBigInteger(8));
ny.Sub(tmp);
ny.Mod(P);
//nz
GXBigInteger nz = new GXBigInteger(p.y);
nz.Multiply(p.z);
nz.Multiply(new GXBigInteger(2));
nz.Mod(P);
return(new GXEccPoint(nx, ny, nz));
}
/// <summary>
/// Get public key from private key.
/// </summary>
/// <param name="scheme">Used scheme.</param>
/// <param name="privateKey">Private key bytes.</param>
/// <returns>Public key.</returns>
public GXPublicKey GetPublicKey()
{
GXBigInteger secret = new GXBigInteger(RawValue);
GXCurve curve = new GXCurve(Scheme);
GXEccPoint p = new GXEccPoint(curve.G.x, curve.G.y, new GXBigInteger(1));
p = GXEcdsa.JacobianMultiply(p, secret, curve.N, curve.A, curve.P);
GXEcdsa.FromJacobian(p, curve.P);
GXByteBuffer key = new GXByteBuffer(65);
//Public key is un-compressed format.
key.SetUInt8(4);
byte[] tmp = p.x.ToArray();
key.Set(tmp, tmp.Length % 32, 32);
tmp = p.y.ToArray();
key.Set(tmp, tmp.Length % 32, 32);
return(GXPublicKey.FromRawBytes(key.Array()));
}
/// <summary>
/// Constructor.
/// </summary>
/// <param name="a">ECC curve a value.</param>
/// <param name="b">ECC curve b parameter.</param>
/// <param name="p">ECC curve p value.</param>
/// <param name="g">x and y-coordinate of base point G</param>
/// <param name="n">Order of point G in ECC curve.</param>
public GXCurve(Ecc scheme)
{
if (scheme == Ecc.P256)
{
//Table A. 1 – ECC_P256_Domain_Parameters
A = new GXBigInteger(new UInt32[] { 0xFFFFFFFF, 0x00000001, 0x00000000, 0x00000000,
0x00000000, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFC });
G = new GXEccPoint(new GXBigInteger(new UInt32[] { 0x6B17D1F2, 0xE12C4247, 0xF8BCE6E5, 0x63A440F2,
0x77037D81, 0x2DEB33A0, 0xF4A13945, 0xD898C296 }),
new GXBigInteger(new UInt32[] { 0x4FE342E2, 0xFE1A7F9B, 0x8EE7EB4A, 0x7C0F9E16,
0x2BCE3357, 0x6B315ECE, 0xCBB64068, 0x37BF51F5 }), new GXBigInteger(1));
N = new GXBigInteger(new UInt32[] { 0xFFFFFFFF, 0x00000000, 0xFFFFFFFF,
0xFFFFFFFF, 0xBCE6FAAD, 0xA7179E84, 0xF3B9CAC2, 0xFC632551 });
P = new GXBigInteger(new UInt32[] { 0xFFFFFFFF, 0x00000001, 0x00000000,
0x00000000, 0x00000000, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF });
B = new GXBigInteger(new UInt32[] { 0x5AC635D8, 0xAA3A93E7, 0xB3EBBD55, 0x769886BC,
0x651D06B0, 0xCC53B0F6, 0x3BCE3C3E, 0x27D2604B });
}
else if (scheme == Ecc.P384)
{
//Table A. 2 – ECC_P384_Domain_Parameters
A = new GXBigInteger(new UInt32[] { 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFE,
0xFFFFFFFF, 0x00000000, 0x00000000, 0xFFFFFFFC });
G = new GXEccPoint(new GXBigInteger(new UInt32[] { 0xAA87CA22, 0xBE8B0537, 0x8EB1C71E, 0xF320AD74,
0x6E1D3B62, 0x8BA79B98, 0x59F741E0, 0x82542A38,
0x5502F25D, 0xBF55296C, 0x3A545E38, 0x72760AB7 }),
new GXBigInteger(new UInt32[] { 0x3617DE4A, 0x96262C6F, 0x5D9E98BF, 0x9292DC29,
0xF8F41DBD, 0x289A147C, 0xE9DA3113, 0xB5F0B8C0,
0x0A60B1CE, 0x1D7E819D, 0x7A431D7C, 0x90EA0E5F }), new GXBigInteger(1));
N = new GXBigInteger(new UInt32[] { 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
0xFFFFFFFF, 0xFFFFFFFF, 0xC7634D81, 0xF4372DDF,
0x581A0DB2, 0x48B0A77A, 0xECEC196A, 0xCCC52973 });
P = new GXBigInteger(new UInt32[] { 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFE,
0xFFFFFFFF, 0x00000000, 0x00000000, 0xFFFFFFFF });
B = new GXBigInteger(new UInt32[] { 0xB3312FA7, 0xE23EE7E4, 0x988E056B, 0xE3F82D19, 0x181D9C6E,
0xFE814112, 0x0314088F, 0x5013875A, 0xC656398D, 0x8A2ED19D, 0x2A85C8ED, 0xD3EC2AEF });
}
else
{
throw new ArgumentOutOfRangeException("Invalid scheme.");
}
}
/// <summary>
/// Get public key from private key.
/// </summary>
/// <param name="scheme">Used scheme.</param>
/// <param name="privateKey">Private key bytes.</param>
/// <returns>Public key.</returns>
public GXPublicKey GetPublicKey()
{
if (publicKey == null)
{
GXBigInteger pk = new GXBigInteger(RawValue);
GXCurve curve = new GXCurve(Scheme);
GXEccPoint p = new GXEccPoint(curve.G.x, curve.G.y, new GXBigInteger(1));
p = GXEcdsa.JacobianMultiply(p, pk, curve.N, curve.A, curve.P);
GXEcdsa.FromJacobian(p, curve.P);
GXByteBuffer key = new GXByteBuffer(65);
//Public key is un-compressed format.
key.SetUInt8(4);
byte[] tmp = p.x.ToArray();
int size = Scheme == Ecc.P256 ? 32 : 48;
key.Set(tmp, tmp.Length % size, size);
tmp = p.y.ToArray();
key.Set(tmp, tmp.Length % size, size);
publicKey = GXPublicKey.FromRawBytes(key.Array());
}
return(publicKey);
}
public void Multiply(GXBigInteger value)
{
if (!value.IsOne)
{
List <UInt32> ret = new List <UInt32>();
UInt32 overflow;
int index = 0;
for (int i = 0; i != value.Data.Count; ++i)
{
overflow = 0;
for (int j = 0; j != Data.Count; ++j)
{
UInt64 result = value.Data[i];
result *= Data[j];
result += overflow;
overflow = (UInt32)(result >> 32);
index = i + j;
AddValue(ret, (UInt32)result, index);
}
if (overflow > 0)
{
AddValue(ret, overflow, 1 + index);
}
}
Data = ret;
changed = true;
}
if (value.IsNegative != IsNegative)
{
if (!negative)
{
negative = true;
}
}
else if (IsNegative)
{
//If both values are negative.
negative = false;
}
}
public void Add(GXBigInteger value)
{
if (value.negative)
{
value.negative = false;
try
{
Sub(value);
}
finally
{
value.negative = true;
}
}
else
{
while (Count < value.Count)
{
Add(0);
}
UInt64 overflow = 0;
for (int pos = 0; pos != Count; ++pos)
{
UInt64 tmp = Data[pos];
if (pos < value.Count)
{
tmp += value.Data[pos];
}
tmp += overflow;
Data[pos] = (UInt32)(tmp);
overflow = tmp >> 32;
}
if (overflow != 0)
{
Add((UInt32)overflow);
}
changed = true;
}
}
/// <summary>
/// Verify that signature matches the data.
/// </summary>
/// <param name="signature">Generated signature.</param>
/// <param name="data">Data to valuate.</param>
/// <returns></returns>
public bool Verify(byte[] signature, byte[] data)
{
GXBigInteger msg;
using (SHA256 sha = new SHA256CryptoServiceProvider())
{
msg = new GXBigInteger(sha.ComputeHash(data));
}
if (PublicKey == null)
{
PublicKey = PrivateKey.GetPublicKey();
}
GXByteBuffer pk = new GXByteBuffer(PublicKey.RawValue);
GXByteBuffer bb = new GXByteBuffer(signature);
GXBigInteger sigR = new GXBigInteger(bb.SubArray(0, 32));
GXBigInteger sigS = new GXBigInteger(bb.SubArray(32, 32));
GXBigInteger inv = sigS;
inv.Inv(curve.N);
// Calculate u1 and u2.
GXEccPoint u1 = new GXEccPoint(curve.G.x, curve.G.y, new GXBigInteger(1));
GXEccPoint u2 = new GXEccPoint(new GXBigInteger(pk.SubArray(1, 32)), new GXBigInteger(pk.SubArray(33, 32)), new GXBigInteger(1));
GXBigInteger n = msg;
n.Multiply(inv);
n.Mod(curve.N);
Multiply(u1, n, curve.N, curve.A, curve.P);
n = new GXBigInteger(sigR);
n.Multiply(inv);
n.Mod(curve.N);
Multiply(u2, n, curve.N, curve.A, curve.P);
// add = Math.add(u1, u2, P = curve.P, A = curve.A)
u1.z = new GXBigInteger(1);
u2.z = new GXBigInteger(1);
JacobianAdd(u1, u2, curve.A, curve.P);
FromJacobian(u1, curve.P);
return(sigR.Compare(u1.x) == 0);
}
/// <summary>
/// Generate shared secret from public and private key.
/// </summary>
/// <param name="publicKey">Public key.</param>
/// <returns>Generated secret.</returns>
public byte[] GenerateSecret(GXPublicKey publicKey)
{
if (PrivateKey == null)
{
throw new ArgumentNullException("Invalid private key.");
}
if (PrivateKey.Scheme != publicKey.Scheme)
{
throw new ArgumentNullException("Private key scheme is different than public key.");
}
GXByteBuffer bb = new GXByteBuffer();
bb.Set(publicKey.RawValue);
int size = SchemeSize(PrivateKey.Scheme);
GXBigInteger x = new GXBigInteger(bb.SubArray(1, size));
GXBigInteger y = new GXBigInteger(bb.SubArray(1 + size, size));
GXBigInteger pk = new GXBigInteger(PrivateKey.RawValue);
GXCurve curve = new GXCurve(PrivateKey.Scheme);
GXEccPoint p = new GXEccPoint(x, y, new GXBigInteger(1));
p = JacobianMultiply(p, pk, curve.N, curve.A, curve.P);
FromJacobian(p, curve.P);
return(p.x.ToArray());
}
public GXBigInteger(GXBigInteger value) : this()
{
Data = new List <UInt32>(value.Data);
negative = value.negative;
changed = true;
}
/// <summary>
/// Modulus.
/// </summary>
/// <param name="mod">Modulus.</param>
public void Mod(GXBigInteger mod)
{
GXBigInteger current = new GXBigInteger(1);
GXBigInteger denom = new GXBigInteger(mod);
//Shift UInt32 values to make this faster.
if (denom.Count < Count - 1)
{
UInt32[] tmp = new UInt32[Count - denom.Count - 1];
//Append UInt32 values.
current.InsertRange(0, tmp);
denom.InsertRange(0, tmp);
current.changed = denom.changed = true;
}
bool neq = negative;
negative = false;
// while denom < this.
while (denom.Compare(this) == -1)
{
current.Lshift(1);
denom.Lshift(1);
}
//If overflow.
if (denom.Compare(this) == 1)
{
if (current.IsOne)
{
if (neq)
{
Sub(mod);
negative = false;
}
return;
}
current.Rshift(1);
denom.Rshift(1);
while (!current.IsZero)
{
int r = Compare(denom);
if (r == 1)
{
Sub(denom);
}
else if (r == 0)
{
break;
}
current.Rshift(1);
denom.Rshift(1);
}
}
else
{
Clear();
}
if (neq)
{
Sub(mod);
negative = false;
}
changed = true;
}
public void Div(GXBigInteger value)
{
GXBigInteger current = new GXBigInteger(1);
GXBigInteger denom = new GXBigInteger(value);
GXBigInteger tmp = new GXBigInteger(this);
bool neq = negative;
negative = false;
try
{
//Shift UInt32 values to make this faster.
if (denom.Count < Count - 1)
{
UInt32[] tmp2 = new UInt32[Count - denom.Count - 1];
//Append UInt32 values.
current.InsertRange(0, tmp2);
denom.InsertRange(0, tmp2);
current.changed = denom.changed = true;
}
// while denom < this.
while (denom.Compare(this) == -1)
{
current.Lshift(1);
denom.Lshift(1);
}
//If overflow.
if (denom.Compare(this) == 1)
{
if (current.IsOne)
{
Clear();
return;
}
Clear();
current.Rshift(1);
denom.Rshift(1);
while (!current.IsZero)
{
int r = tmp.Compare(denom);
if (r == 1)
{
tmp.Sub(denom);
Add(current);
}
else if (r == 0)
{
Add(current);
break;
}
current.Rshift(1);
denom.Rshift(1);
}
current.Data = Data;
}
}
finally
{
negative = neq;
}
Data = current.Data;
changed = true;
}
public int Compare(GXBigInteger value)
{
int ret = 0;
if (negative != value.negative)
{
//If other value is negative.
if (negative)
{
ret = -1;
}
else
{
ret = 1;
}
}
else if (IsZero && value.IsZero)
{
ret = 0;
}
else
{
int cntA = Count - 1;
//Skip zero values.
while (cntA != -1 && Data[cntA] == 0)
{
--cntA;
}
int cntB = value.Count - 1;
//Skip zero values.
while (cntB != -1 && value.Data[cntB] == 0)
{
--cntB;
}
if (cntA > cntB)
{
ret = 1;
}
else if (cntA < cntB)
{
ret = -1;
}
else
{
do
{
if (Data[cntA] > value.Data[cntA])
{
ret = 1;
break;
}
else if (Data[cntA] < value.Data[cntA])
{
ret = -1;
break;
}
cntA -= 1;
}while (cntA != -1);
}
}
return(ret);
}
public void Sub(GXBigInteger value)
{
int c = Compare(value);
if (c == 0)
{
Clear();
}
else if (value.negative || c == -1)
{
if (!value.negative && !negative)
{
//If biger value is decreased from smaller value.
GXBigInteger tmp = new GXBigInteger(value);
tmp.Sub(this);
Clear();
AddRange(tmp.Data);
Count = tmp.Count;
negative = true;
changed = true;
}
else
{
//If negative value is decreased from the value.
bool ret = value.negative;
value.negative = false;
try
{
Add(value);
}
finally
{
value.negative = ret;
negative = !ret;
}
}
}
else
{
if (!value.IsZero)
{
if (IsZero)
{
negative = true;
Clear();
AddRange(value.Data);
Count = value.Count;
}
else
{
while (Count < value.Count)
{
Add(0);
}
byte borrow = 0;
UInt64 tmp;
int pos;
for (pos = 0; pos != value.Count; ++pos)
{
tmp = Data[pos];
tmp += 0x100000000;
tmp -= value.Data[pos];
tmp -= borrow;
Data[pos] = (UInt32)tmp;
borrow = (byte)((tmp < 0x100000000) ? 1 : 0);
}
if (borrow != 0)
{
for (; pos != Count; ++pos)
{
tmp = Data[pos];
tmp += 0x100000000;
tmp -= borrow;
Data[pos] = (UInt32)tmp;
borrow = (byte)((tmp < 0x100000000) ? 1 : 0);
if (borrow == 0)
{
break;
}
}
}
}
changed = true;
}
}
}
/// <summary>
/// Y^2 = X^3 + A*X + B (mod p)
/// </summary>
/// <param name="p"></param>
/// <param name="q"></param>
/// <param name="A"></param>
/// <param name="P">Prime number</param>
private static void JacobianAdd(GXEccPoint p, GXEccPoint q, GXBigInteger A, GXBigInteger P)
{
if (!(p.y.IsZero || q.y.IsZero))
{
GXBigInteger U1 = new GXBigInteger(p.x);
U1.Multiply(q.z);
U1.Multiply(q.z);
U1.Mod(P);
GXBigInteger U2 = new GXBigInteger(p.z);
U2.Multiply(p.z);
U2.Multiply(q.x);
U2.Mod(P);
GXBigInteger S1 = new GXBigInteger(p.y);
S1.Multiply(q.z);
S1.Multiply(q.z);
S1.Multiply(q.z);
S1.Mod(P);
GXBigInteger S2 = new GXBigInteger(q.y);
S2.Multiply(p.z);
S2.Multiply(p.z);
S2.Multiply(p.z);
S2.Mod(P);
if (U1.Compare(U2) == 0)
{
if (S1.Compare(S2) != 0)
{
p.x = p.y = new GXBigInteger(0);
p.z = new GXBigInteger(1);
}
else
{
p.x = A;
p.y = P;
}
}
//H
GXBigInteger H = U2;
H.Sub(U1);
//R
GXBigInteger R = S2;
R.Sub(S1);
GXBigInteger H2 = new GXBigInteger(H);
H2.Multiply(H);
H2.Mod(P);
GXBigInteger H3 = new GXBigInteger(H);
H3.Multiply(H2);
H3.Mod(P);
GXBigInteger U1H2 = new GXBigInteger(U1);
U1H2.Multiply(H2);
U1H2.Mod(P);
GXBigInteger tmp = new GXBigInteger(2);
tmp.Multiply(U1H2);
//nx
GXBigInteger nx = new GXBigInteger(R);
nx.Multiply(R);
nx.Sub(H3);
nx.Sub(tmp);
nx.Mod(P);
//ny
GXBigInteger ny = R;
tmp = new GXBigInteger(U1H2);
tmp.Sub(nx);
ny.Multiply(tmp);
tmp = new GXBigInteger(S1);
tmp.Multiply(H3);
ny.Sub(tmp);
ny.Mod(P);
//nz
GXBigInteger nz = H;
nz.Multiply(p.z);
nz.Multiply(q.z);
nz.Mod(P);
p.x = nx;
p.y = ny;
p.z = nz;
}
}
/// <summary>
/// Constructor.
/// </summary>
/// <param name="xValue"></param>
/// <param name="yValue"></param>
public GXEccPoint(int xValue, int yValue, int zValue)
{
x = new GXBigInteger(xValue);
y = new GXBigInteger(yValue);
z = new GXBigInteger(zValue);
}
/// <summary>
/// Constructor.
/// </summary>
/// <param name="xValue"></param>
/// <param name="yValue"></param>
public GXEccPoint(GXBigInteger xValue, GXBigInteger yValue, GXBigInteger zValue)
{
x = xValue;
y = yValue;
z = zValue;
}
/// <summary>
/// Sign given data using public and private key.
/// </summary>
/// <param name="data">Data to sign.</param>
/// <returns>Signature</returns>
public byte[] Sign(byte[] data)
{
if (PrivateKey == null)
{
throw new ArgumentException("Invalid private key.");
}
GXBigInteger msg;
using (SHA256 sha = new SHA256CryptoServiceProvider())
{
msg = new GXBigInteger(sha.ComputeHash(data));
}
GXBigInteger pk = new GXBigInteger(PrivateKey.RawValue);
GXEccPoint p;
GXBigInteger n = new GXBigInteger(10);
GXBigInteger r;
GXBigInteger s;
do
{
if (CustomRandomNumber != null)
{
n = CustomRandomNumber;
}
else
{
n = GetRandomNumber(PrivateKey.Scheme);
}
p = new GXEccPoint(curve.G.x, curve.G.y, new GXBigInteger(1));
Multiply(p, n, curve.N, curve.A, curve.P);
r = p.x;
r.Mod(curve.N);
n.Inv(curve.N);
//s
s = new GXBigInteger(r);
s.Multiply(pk);
s.Add(msg);
s.Multiply(n);
s.Mod(curve.N);
} while (r.IsZero || s.IsZero);
byte recoveryId;
if (p.y.IsOne)
{
recoveryId = 1;
}
else
{
recoveryId = 0;
}
if (p.y.Compare(curve.N) == 1)
{
recoveryId += 2;
}
GXByteBuffer signature = new GXByteBuffer();
signature.Set(r.ToArray());
signature.Set(s.ToArray());
return(signature.Array());
}