internal byte[] SignHash(byte[] hash, byte[] randomK) #endif { if (hash == null) { throw new ArgumentNullException(); } if (hash.Length == 0) { throw new ArgumentException(); } if (_params.D == null && _params.Q == null) { _params.CreateNewPrivateKey(); } if (_params.D == null) { throw new CryptographicException(); } Number r, s, k; IFiniteField field = _params.Domain.FieldN; int keyBytes = (int)((_params.Domain.Bits >> 3) + ((_params.Domain.Bits & 7) == 0 ? 0U : 1U)); byte[] raw = new byte[keyBytes << 1]; Number e = HashToNumber(hash); do { do { // Step.1 #if TEST k = randomK == null ? k = Number.CreateRandomElement(_params.Domain.N) : new Number(randomK, false); #else k = Number.CreateRandomElement(_params.Domain.N); #endif // Step.2 ECPoint tmp = _params.Domain.G.Multiply(k).Export(); // Step.3 r = tmp.X % _params.Domain.N; if (!r.IsZero()) { r.CopyToBigEndian(raw, 0, keyBytes); break; } } while (true); // Step.4 k = field.Invert(field.ToElement(k)); // Step.6 r = field.ToElement(r); e = field.ToElement(e); s = field.Multiply(k, field.Add(e, field.Multiply(r, field.ToElement(_params.D)))); if (!s.IsZero()) { s = field.ToNormal(s); s.CopyToBigEndian(raw, raw.Length >> 1, keyBytes); break; } } while (true); return(raw); }
public bool VerifyHash(byte[] hash, byte[] sig) { if (sig.Length != (_params.Domain.Bits >> 2) + ((_params.Domain.Bits & 7) == 0 ? 0 : 2)) { throw new ArgumentException(); } if (hash.Length == 0) { throw new ArgumentException(); } if (_params.Q == null && _params.D != null) { _params.CreatePublicKeyFromPrivateKey(); } if (_params.Q == null) { throw new CryptographicException(); } int halfLen = sig.Length >> 1; Number r = new Number(sig, 0, halfLen, false); Number s = new Number(sig, halfLen, halfLen, false); Number e = HashToNumber(hash); IFiniteField field = _params.Domain.FieldN; if (r >= _params.Domain.N || s >= _params.Domain.N) { return(false); } // Step.1 e = field.ToElement(e); s = field.ToElement(s); Number r2 = field.ToElement(r); // Step.2 Number w = field.Invert(s); // Step.3 Number u1 = field.ToNormal(field.Multiply(e, w)); Number u2 = field.ToNormal(field.Multiply(r2, w)); // Step.4 //ECPoint X = _params.Domain.G.Multiply (u1).Add (_params.Q.Multiply (u2)); ECPoint X; if (u1.IsZero()) { X = _params.Domain.FieldN.GetInfinityPoint(_params.Domain.Group).Add(_params.Q.Multiply(u2)); } else { X = ECPoint.MultiplyAndAdd(_params.Domain.G, u1, _params.Q, u2); } // Step.5 if (X.IsInifinity()) { return(false); } X = X.Export(); // Step.6 Number v = X.X % _params.Domain.N; return(r.CompareTo(v) == 0); }