// The ECMQV Primitive as described in SEC-1, 3.4 private static ECPoint CalculateMqvAgreement( ECDomainParameters parameters, ECPrivateKeyParameters d1U, ECPrivateKeyParameters d2U, ECPublicKeyParameters Q2U, ECPublicKeyParameters Q1V, ECPublicKeyParameters Q2V) { BigInteger n = parameters.N; int e = (n.BitLength + 1) / 2; BigInteger powE = BigInteger.One.ShiftLeft(e); ECCurve curve = parameters.Curve; ECPoint q2u = ECAlgorithms.CleanPoint(curve, Q2U.Q); ECPoint q1v = ECAlgorithms.CleanPoint(curve, Q1V.Q); ECPoint q2v = ECAlgorithms.CleanPoint(curve, Q2V.Q); BigInteger x = q2u.AffineXCoord.ToBigInteger(); BigInteger xBar = x.Mod(powE); BigInteger Q2UBar = xBar.SetBit(e); BigInteger s = d1U.D.Multiply(Q2UBar).Add(d2U.D).Mod(n); BigInteger xPrime = q2v.AffineXCoord.ToBigInteger(); BigInteger xPrimeBar = xPrime.Mod(powE); BigInteger Q2VBar = xPrimeBar.SetBit(e); BigInteger hs = parameters.H.Multiply(s).Mod(n); return(ECAlgorithms.SumOfTwoMultiplies( q1v, Q2VBar.Multiply(hs).Mod(n), q2v, hs)); }
private ECPoint CalculatePoint(ECPublicKeyParameters pubKeyParams) { var dp = keyParam.Parameters; if (!dp.Equals(pubKeyParams.Parameters)) { throw new InvalidOperationException("ECDH public key has wrong domain parameters"); } var d = keyParam.D; ECPoint Q = ECAlgorithms.CleanPoint(dp.Curve, pubKeyParams.Q); if (Q.IsInfinity) { throw new InvalidOperationException("Infinity is not a valid public key for ECDH"); } BigInteger h = dp.H; if (!h.Equals(BigInteger.One)) { d = dp.HInv.Multiply(d).Mod(dp.N); Q = ECAlgorithms.ReferenceMultiply(Q, h); } ECPoint P = Q.Multiply(d).Normalize(); if (P.IsInfinity) { throw new InvalidOperationException("Infinity is not a valid agreement value for ECDH"); } return(P); }
public virtual BigInteger CalculateAgreement( ICipherParameters pubKey) { ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey; ECDomainParameters dp = privKey.Parameters; if (!dp.Equals(pub.Parameters)) { throw new InvalidOperationException("ECDHC public key has wrong domain parameters"); } BigInteger hd = dp.H.Multiply(privKey.D).Mod(dp.N); // Always perform calculations on the exact curve specified by our private key's parameters ECPoint pubPoint = ECAlgorithms.CleanPoint(dp.Curve, pub.Q); if (pubPoint.IsInfinity) { throw new InvalidOperationException("Infinity is not a valid public key for ECDHC"); } ECPoint P = pubPoint.Multiply(hd).Normalize(); if (P.IsInfinity) { throw new InvalidOperationException("Infinity is not a valid agreement value for ECDHC"); } return(P.AffineXCoord.ToBigInteger()); }
protected virtual ECPoint CalculateU(SM2KeyExchangePublicParameters otherPub) { ECDomainParameters dp = mStaticKey.Parameters; ECPoint p1 = ECAlgorithms.CleanPoint(dp.Curve, otherPub.StaticPublicKey.Q); ECPoint p2 = ECAlgorithms.CleanPoint(dp.Curve, otherPub.EphemeralPublicKey.Q); BigInteger x1 = Reduce(mEphemeralPubPoint.AffineXCoord.ToBigInteger()); BigInteger x2 = Reduce(p2.AffineXCoord.ToBigInteger()); BigInteger tA = mStaticKey.D.Add(x1.Multiply(mEphemeralKey.D)); BigInteger k1 = mECParams.H.Multiply(tA).Mod(mECParams.N); BigInteger k2 = k1.Multiply(x2).Mod(mECParams.N); return(ECAlgorithms.SumOfTwoMultiplies(p1, k1, p2, k2).Normalize()); }