private void doTestPointCompression() { ECCurve curve = new F2MCurve(m, k1, k2, k3, a, b); curve.DecodePoint(enc); int[] ks = new int[3]; ks[0] = k3; ks[1] = k2; ks[2] = k1; }
/** * Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint} * by an element <code>λ</code> of <code><b>Z</b>[τ]</code> * using the <code>τ</code>-adic NAF (TNAF) method. * @param p The F2mPoint to Multiply. * @param lambda The element <code>λ</code> of * <code><b>Z</b>[τ]</code>. * @return <code>λ * p</code> */ public static F2MPoint MultiplyTnaf(F2MPoint p, ZTauElement lambda) { F2MCurve curve = (F2MCurve)p.Curve; sbyte mu = curve.GetMu(); sbyte[] u = TauAdicNaf(mu, lambda); F2MPoint q = MultiplyFromTnaf(p, u); return(q); }
private void DoTestECDsa239BitBinary( string algorithm, DerObjectIdentifier oid) { IBigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552"); IBigInteger s = new BigInteger("197030374000731686738334997654997227052849804072198819102649413465737174"); byte[] kData = BigIntegers.AsUnsignedByteArray( new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363")); SecureRandom k = FixedSecureRandom.From(kData); ECCurve curve = new F2MCurve( 239, // m 36, // k new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b ECDomainParameters parameters = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n BigInteger.ValueOf(4)); // h ECPrivateKeyParameters sKey = new ECPrivateKeyParameters( new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d parameters); ECPublicKeyParameters vKey = new ECPublicKeyParameters( curve.DecodePoint(Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q parameters); ISigner sgr = SignerUtilities.GetSigner(algorithm); byte[] message = Encoding.ASCII.GetBytes("abc"); sgr.Init(true, new ParametersWithRandom(sKey, k)); sgr.BlockUpdate(message, 0, message.Length); byte[] sigBytes = sgr.GenerateSignature(); sgr = SignerUtilities.GetSigner(oid.Id); sgr.Init(false, vKey); sgr.BlockUpdate(message, 0, message.Length); if (!sgr.VerifySignature(sigBytes)) { Fail("239 Bit EC RIPEMD160 verification failed"); } }
/** * Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint} * by a <code>BigInteger</code> using the reduced <code>τ</code>-adic * NAF (RTNAF) method. * @param p The F2mPoint to Multiply. * @param k The <code>BigInteger</code> by which to Multiply <code>p</code>. * @return <code>k * p</code> */ public static F2MPoint MultiplyRTnaf(F2MPoint p, IBigInteger k) { F2MCurve curve = (F2MCurve)p.Curve; int m = curve.M; sbyte a = (sbyte)curve.A.ToBigInteger().IntValue; sbyte mu = curve.GetMu(); IBigInteger[] s = curve.GetSi(); ZTauElement rho = PartModReduction(k, m, a, s, mu, (sbyte)10); return(MultiplyTnaf(p, rho)); }
/** * Computes the auxiliary values <code>s<sub>0</sub></code> and * <code>s<sub>1</sub></code> used for partial modular reduction. * @param curve The elliptic curve for which to compute * <code>s<sub>0</sub></code> and <code>s<sub>1</sub></code>. * @throws ArgumentException if <code>curve</code> is not a * Koblitz curve (Anomalous Binary Curve, ABC). */ public static IBigInteger[] GetSi(F2MCurve curve) { if (!curve.IsKoblitz) { throw new ArgumentException("si is defined for Koblitz curves only"); } int m = curve.M; int a = curve.A.ToBigInteger().IntValue; sbyte mu = curve.GetMu(); int h = curve.H.IntValue; int index = m + 3 - a; IBigInteger[] ui = GetLucas(mu, index, false); IBigInteger dividend0; IBigInteger dividend1; if (mu == 1) { dividend0 = BigInteger.One.Subtract(ui[1]); dividend1 = BigInteger.One.Subtract(ui[0]); } else if (mu == -1) { dividend0 = BigInteger.One.Add(ui[1]); dividend1 = BigInteger.One.Add(ui[0]); } else { throw new ArgumentException("mu must be 1 or -1"); } IBigInteger[] si = new IBigInteger[2]; if (h == 2) { si[0] = dividend0.ShiftRight(1); si[1] = dividend1.ShiftRight(1).Negate(); } else if (h == 4) { si[0] = dividend0.ShiftRight(2); si[1] = dividend1.ShiftRight(2).Negate(); } else { throw new ArgumentException("h (Cofactor) must be 2 or 4"); } return(si); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("03FFFFFFFFFFFFFFFFFFFE1AEE140F110AFF961309", 16); IBigInteger h = BigInteger.ValueOf(2); ECCurve c2m163v3 = new F2MCurve( 163, 1, 2, 8, new BigInteger("07A526C63D3E25A256A007699F5447E32AE456B50E", 16), new BigInteger("03F7061798EB99E238FD6F1BF95B48FEEB4854252B", 16), n, h); return(new X9ECParameters( c2m163v3, c2m163v3.DecodePoint(Hex.Decode("0202F9F87B7C574D0BDECF8A22E6524775F98CDEBDCB")), n, h, null)); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("03FFFFFFFFFFFFFFFFFFFDF64DE1151ADBB78F10A7", 16); IBigInteger h = BigInteger.ValueOf(2); ECCurve c2m163v2 = new F2MCurve( 163, 1, 2, 8, new BigInteger("0108B39E77C4B108BED981ED0E890E117C511CF072", 16), new BigInteger("0667ACEB38AF4E488C407433FFAE4F1C811638DF20", 16), n, h); return(new X9ECParameters( c2m163v2, c2m163v2.DecodePoint( Hex.Decode("030024266E4EB5106D0A964D92C4860E2671DB9B6CC5")), n, h, null)); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("0340340340340340340340340340340340340340340340340340340323C313FAB50589703B5EC68D3587FEC60D161CC149C1AD4A91", 16); IBigInteger h = BigInteger.ValueOf(0x2760); ECCurve c2m431r1 = new F2MCurve( 431, 120, new BigInteger("1A827EF00DD6FC0E234CAF046C6A5D8A85395B236CC4AD2CF32A0CADBDC9DDF620B0EB9906D0957F6C6FEACD615468DF104DE296CD8F", 16), new BigInteger("10D9B4A3D9047D8B154359ABFB1B7F5485B04CEB868237DDC9DEDA982A679A5A919B626D4E50A8DD731B107A9962381FB5D807BF2618", 16), n, h); return(new X9ECParameters( c2m431r1, c2m431r1.DecodePoint( Hex.Decode("02120FC05D3C67A99DE161D2F4092622FECA701BE4F50F4758714E8A87BBF2A658EF8C21E7C5EFE965361F6C2999C0C247B0DBD70CE6B7")), n, h, null)); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("010090512DA9AF72B08349D98A5DD4C7B0532ECA51CE03E2D10F3B7AC579BD87E909AE40A6F131E9CFCE5BD967", 16); IBigInteger h = BigInteger.ValueOf(0xFF70); ECCurve c2m368w1 = new F2MCurve( 368, 1, 2, 85, new BigInteger("00E0D2EE25095206F5E2A4F9ED229F1F256E79A0E2B455970D8D0D865BD94778C576D62F0AB7519CCD2A1A906AE30D", 16), new BigInteger("00FC1217D4320A90452C760A58EDCD30C8DD069B3C34453837A34ED50CB54917E1C2112D84D164F444F8F74786046A", 16), n, h); return(new X9ECParameters( c2m368w1, c2m368w1.DecodePoint( Hex.Decode("021085E2755381DCCCE3C1557AFA10C2F0C0C2825646C5B34A394CBCFA8BC16B22E7E789E927BE216F02E1FB136A5F")), n, h, null)); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("01AF286BCA1AF286BCA1AF286BCA1AF286BCA1AF286BC9FB8F6B85C556892C20A7EB964FE7719E74F490758D3B", 16); IBigInteger h = BigInteger.ValueOf(0x4C); ECCurve c2m359v1 = new F2MCurve( 359, 68, new BigInteger("5667676A654B20754F356EA92017D946567C46675556F19556A04616B567D223A5E05656FB549016A96656A557", 16), new BigInteger("2472E2D0197C49363F1FE7F5B6DB075D52B6947D135D8CA445805D39BC345626089687742B6329E70680231988", 16), n, h); return(new X9ECParameters( c2m359v1, c2m359v1.DecodePoint( Hex.Decode("033C258EF3047767E7EDE0F1FDAA79DAEE3841366A132E163ACED4ED2401DF9C6BDCDE98E8E707C07A2239B1B097")), n, h, null)); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("0101D556572AABAC800101D556572AABAC8001022D5C91DD173F8FB561DA6899164443051D", 16); IBigInteger h = BigInteger.ValueOf(0xFE2E); ECCurve c2m304w1 = new F2MCurve( 304, 1, 2, 11, new BigInteger("00FD0D693149A118F651E6DCE6802085377E5F882D1B510B44160074C1288078365A0396C8E681", 16), new BigInteger("00BDDB97E555A50A908E43B01C798EA5DAA6788F1EA2794EFCF57166B8C14039601E55827340BE", 16), n, h); return(new X9ECParameters( c2m304w1, c2m304w1.DecodePoint( Hex.Decode("02197B07845E9BE2D96ADB0F5F3C7F2CFFBD7A3EB8B6FEC35C7FD67F26DDF6285A644F740A2614")), n, h, null)); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("40000000000000000000000004A20E90C39067C893BBB9A5", 16); IBigInteger h = BigInteger.ValueOf(2); ECCurve c2m191v1 = new F2MCurve( 191, 9, new BigInteger("2866537B676752636A68F56554E12640276B649EF7526267", 16), new BigInteger("2E45EF571F00786F67B0081B9495A3D95462F5DE0AA185EC", 16), n, h); return(new X9ECParameters( c2m191v1, c2m191v1.DecodePoint( Hex.Decode("0236B3DAF8A23206F9C4F299D7B21A9C369137F2C84AE1AA0D")), n, h, Hex.Decode("4E13CA542744D696E67687561517552F279A8C84"))); }
/** * Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint} * by an element <code>λ</code> of <code><b>Z</b>[τ]</code> * using the <code>τ</code>-adic NAF (TNAF) method, given the TNAF * of <code>λ</code>. * @param p The F2mPoint to Multiply. * @param u The the TNAF of <code>λ</code>.. * @return <code>λ * p</code> */ public static F2MPoint MultiplyFromTnaf(F2MPoint p, sbyte[] u) { F2MCurve curve = (F2MCurve)p.Curve; F2MPoint q = (F2MPoint)curve.Infinity; for (int i = u.Length - 1; i >= 0; i--) { q = Tau(q); if (u[i] == 1) { q = (F2MPoint)q.AddSimple(p); } else if (u[i] == -1) { q = (F2MPoint)q.SubtractSimple(p); } } return(q); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("1555555555555555555555555555553C6F2885259C31E3FCDF154624522D", 16); IBigInteger h = BigInteger.ValueOf(6); ECCurve c2m239v2 = new F2MCurve( 239, 36, new BigInteger("4230017757A767FAE42398569B746325D45313AF0766266479B75654E65F", 16), new BigInteger("5037EA654196CFF0CD82B2C14A2FCF2E3FF8775285B545722F03EACDB74B", 16), n, h); return(new X9ECParameters( c2m239v2, c2m239v2.DecodePoint( Hex.Decode("0228F9D04E900069C8DC47A08534FE76D2B900B7D7EF31F5709F200C4CA205")), n, h, null)); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("2000000000000000000000000000000F4D42FFE1492A4993F1CAD666E447", 16); IBigInteger h = BigInteger.ValueOf(4); ECCurve c2m239v1 = new F2MCurve( 239, 36, new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16), n, h); return(new X9ECParameters( c2m239v1, c2m239v1.DecodePoint( Hex.Decode("0257927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D")), n, h, null)); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("0101BAF95C9723C57B6C21DA2EFF2D5ED588BDD5717E212F9D", 16); IBigInteger h = BigInteger.ValueOf(0xFE48); ECCurve c2m208w1 = new F2MCurve( 208, 1, 2, 83, new BigInteger("0", 16), new BigInteger("00C8619ED45A62E6212E1160349E2BFA844439FAFC2A3FD1638F9E", 16), n, h); return(new X9ECParameters( c2m208w1, c2m208w1.DecodePoint( Hex.Decode("0289FDFBE4ABE193DF9559ECF07AC0CE78554E2784EB8C1ED1A57A")), n, h, null)); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("155555555555555555555555610C0B196812BFB6288A3EA3", 16); IBigInteger h = BigInteger.ValueOf(6); ECCurve c2m191v3 = new F2MCurve( 191, 9, new BigInteger("6C01074756099122221056911C77D77E77A777E7E7E77FCB", 16), new BigInteger("71FE1AF926CF847989EFEF8DB459F66394D90F32AD3F15E8", 16), n, h); return(new X9ECParameters( c2m191v3, c2m191v3.DecodePoint( Hex.Decode("03375D4CE24FDE434489DE8746E71786015009E66E38A926DD")), n, h, null)); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("20000000000000000000000050508CB89F652824E06B8173", 16); IBigInteger h = BigInteger.ValueOf(4); ECCurve c2m191v2 = new F2MCurve( 191, 9, new BigInteger("401028774D7777C7B7666D1366EA432071274F89FF01E718", 16), new BigInteger("0620048D28BCBD03B6249C99182B7C8CD19700C362C46A01", 16), n, h); return(new X9ECParameters( c2m191v2, c2m191v2.DecodePoint( Hex.Decode("023809B2B7CC1B28CC5A87926AAD83FD28789E81E2C9E3BF10")), n, h, null)); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("0CCCCCCCCCCCCCCCCCCCCCCCCCCCCCAC4912D2D9DF903EF9888B8A0E4CFF", 16); IBigInteger h = BigInteger.ValueOf(10); ECCurve c2m239v3 = new F2MCurve( 239, 36, new BigInteger("01238774666A67766D6676F778E676B66999176666E687666D8766C66A9F", 16), new BigInteger("6A941977BA9F6A435199ACFC51067ED587F519C5ECB541B8E44111DE1D40", 16), n, h); return(new X9ECParameters( c2m239v3, c2m239v3.DecodePoint( Hex.Decode("0370F6E9D04D289C4E89913CE3530BFDE903977D42B146D539BF1BDE4E9C92")), n, h, null)); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("010092537397ECA4F6145799D62B0A19CE06FE26AD", 16); IBigInteger h = BigInteger.ValueOf(0xFF6E); ECCurve c2m176w1 = new F2MCurve( 176, 1, 2, 43, new BigInteger("00E4E6DB2995065C407D9D39B8D0967B96704BA8E9C90B", 16), new BigInteger("005DDA470ABE6414DE8EC133AE28E9BBD7FCEC0AE0FFF2", 16), n, h); return(new X9ECParameters( c2m176w1, c2m176w1.DecodePoint( Hex.Decode("038D16C2866798B600F9F08BB4A8E860F3298CE04A5798")), n, h, null)); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("0100FAF51354E0E39E4892DF6E319C72C8161603FA45AA7B998A167B8F1E629521", 16); IBigInteger h = BigInteger.ValueOf(0xFF06); ECCurve c2m272w1 = new F2MCurve( 272, 1, 3, 56, new BigInteger("0091A091F03B5FBA4AB2CCF49C4EDD220FB028712D42BE752B2C40094DBACDB586FB20", 16), new BigInteger("7167EFC92BB2E3CE7C8AAAFF34E12A9C557003D7C73A6FAF003F99F6CC8482E540F7", 16), n, h); return(new X9ECParameters( c2m272w1, c2m272w1.DecodePoint( Hex.Decode("026108BABB2CEEBCF787058A056CBE0CFE622D7723A289E08A07AE13EF0D10D171DD8D")), n, h, null)); }
protected override X9ECParameters CreateParameters() { IBigInteger n = new BigInteger("0400000000000000000001E60FC8821CC74DAEAFC1", 16); IBigInteger h = BigInteger.ValueOf(2); ECCurve c2m163v1 = new F2MCurve( 163, 1, 2, 8, new BigInteger("072546B5435234A422E0789675F432C89435DE5242", 16), new BigInteger("00C9517D06D5240D3CFF38C74B20B6CD4D6F9DD4D9", 16), n, h); return(new X9ECParameters( c2m163v1, c2m163v1.DecodePoint( Hex.Decode("0307AF69989546103D79329FCC3D74880F33BBE803CB")), n, h, Hex.Decode("D2COFB15760860DEF1EEF4D696E6768756151754"))); }
/** * Returns the parameter <code>μ</code> of the elliptic curve. * @param curve The elliptic curve from which to obtain <code>μ</code>. * The curve must be a Koblitz curve, i.e. <code>a</code> Equals * <code>0</code> or <code>1</code> and <code>b</code> Equals * <code>1</code>. * @return <code>μ</code> of the elliptic curve. * @throws ArgumentException if the given ECCurve is not a Koblitz * curve. */ public static sbyte GetMu(F2MCurve curve) { IBigInteger a = curve.A.ToBigInteger(); sbyte mu; if (a.SignValue == 0) { mu = -1; } else if (a.Equals(BigInteger.One)) { mu = 1; } else { throw new ArgumentException("No Koblitz curve (ABC), TNAF multiplication not possible"); } return(mu); }
/** * Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint} * by <code>k</code> using the reduced <code>τ</code>-adic NAF (RTNAF) * method. * @param p The F2mPoint to multiply. * @param k The integer by which to multiply <code>k</code>. * @return <code>p</code> multiplied by <code>k</code>. */ public ECPoint Multiply(ECPoint point, IBigInteger k, IPreCompInfo preCompInfo) { if (!(point is F2MPoint)) { throw new ArgumentException("Only F2mPoint can be used in WTauNafMultiplier"); } F2MPoint p = (F2MPoint)point; F2MCurve curve = (F2MCurve)p.Curve; int m = curve.M; sbyte a = (sbyte)curve.A.ToBigInteger().IntValue; sbyte mu = curve.GetMu(); IBigInteger[] s = curve.GetSi(); ZTauElement rho = Tnaf.PartModReduction(k, m, a, s, mu, (sbyte)10); return(MultiplyWTnaf(p, rho, preCompInfo, a, mu)); }
/** * Multiplies a {@link org.bouncycastle.math.ec.F2mPoint F2mPoint} * by an element <code>λ</code> of <code><b>Z</b>[τ]</code> * using the window <code>τ</code>-adic NAF (TNAF) method, given the * WTNAF of <code>λ</code>. * @param p The F2mPoint to multiply. * @param u The the WTNAF of <code>λ</code>.. * @return <code>λ * p</code> */ private static F2MPoint MultiplyFromWTnaf(F2MPoint p, sbyte[] u, IPreCompInfo preCompInfo) { F2MCurve curve = (F2MCurve)p.Curve; sbyte a = (sbyte)curve.A.ToBigInteger().IntValue; F2MPoint[] pu; if ((preCompInfo == null) || !(preCompInfo is WTauNafPreCompInfo)) { pu = Tnaf.GetPreComp(p, a); p.PreCompInfo = new WTauNafPreCompInfo(pu); } else { pu = ((WTauNafPreCompInfo)preCompInfo).GetPreComp(); } // q = infinity F2MPoint q = (F2MPoint)p.Curve.Infinity; for (int i = u.Length - 1; i >= 0; i--) { q = Tnaf.Tau(q); if (u[i] != 0) { if (u[i] > 0) { q = q.AddSimple(pu[u[i]]); } else { // u[i] < 0 q = q.SubtractSimple(pu[-u[i]]); } } } return(q); }
public X9ECParameters( ECCurve curve, ECPoint g, IBigInteger n, IBigInteger h, byte[] seed) { this.curve = curve; this.g = g; this.n = n; this.h = h; this.seed = seed; if (curve is FPCurve) { this.fieldID = new X9FieldID(((FPCurve)curve).Q); } else if (curve is F2MCurve) { F2MCurve curveF2m = (F2MCurve)curve; this.fieldID = new X9FieldID(curveF2m.M, curveF2m.K1, curveF2m.K2, curveF2m.K3); } }
/** * Computes the auxiliary values <code>s<sub>0</sub></code> and * <code>s<sub>1</sub></code> used for partial modular reduction. * @param curve The elliptic curve for which to compute * <code>s<sub>0</sub></code> and <code>s<sub>1</sub></code>. * @throws ArgumentException if <code>curve</code> is not a * Koblitz curve (Anomalous Binary Curve, ABC). */ public static IBigInteger[] GetSi(F2MCurve curve) { if (!curve.IsKoblitz) throw new ArgumentException("si is defined for Koblitz curves only"); int m = curve.M; int a = curve.A.ToBigInteger().IntValue; sbyte mu = curve.GetMu(); int h = curve.H.IntValue; int index = m + 3 - a; IBigInteger[] ui = GetLucas(mu, index, false); IBigInteger dividend0; IBigInteger dividend1; if (mu == 1) { dividend0 = BigInteger.One.Subtract(ui[1]); dividend1 = BigInteger.One.Subtract(ui[0]); } else if (mu == -1) { dividend0 = BigInteger.One.Add(ui[1]); dividend1 = BigInteger.One.Add(ui[0]); } else { throw new ArgumentException("mu must be 1 or -1"); } IBigInteger[] si = new IBigInteger[2]; if (h == 2) { si[0] = dividend0.ShiftRight(1); si[1] = dividend1.ShiftRight(1).Negate(); } else if (h == 4) { si[0] = dividend0.ShiftRight(2); si[1] = dividend1.ShiftRight(2).Negate(); } else { throw new ArgumentException("h (Cofactor) must be 2 or 4"); } return si; }
/** * Returns the parameter <code>μ</code> of the elliptic curve. * @param curve The elliptic curve from which to obtain <code>μ</code>. * The curve must be a Koblitz curve, i.e. <code>a</code> Equals * <code>0</code> or <code>1</code> and <code>b</code> Equals * <code>1</code>. * @return <code>μ</code> of the elliptic curve. * @throws ArgumentException if the given ECCurve is not a Koblitz * curve. */ public static sbyte GetMu(F2MCurve curve) { IBigInteger a = curve.A.ToBigInteger(); sbyte mu; if (a.SignValue == 0) { mu = -1; } else if (a.Equals(BigInteger.One)) { mu = 1; } else { throw new ArgumentException("No Koblitz curve (ABC), TNAF multiplication not possible"); } return mu; }
public void TestECDsa239BitBinaryAndLargeDigest() { IBigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552"); IBigInteger s = new BigInteger("144940322424411242416373536877786566515839911620497068645600824084578597"); byte[] kData = BigIntegers.AsUnsignedByteArray( new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363")); SecureRandom k = FixedSecureRandom.From(kData); var curve = new F2MCurve( 239, // m 36, //k new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b var parameters = new ECDomainParameters( curve, curve.DecodePoint( Hex.Decode( "0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n BigInteger.ValueOf(4)); // h var priKey = new ECPrivateKeyParameters( "ECDSA", new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d parameters); var ecdsa = new ECDsaSigner(); var param = new ParametersWithRandom(priKey, k); ecdsa.Init(true, param); byte[] message = new BigInteger( "968236873715988614170569073515315707566766479517968236873715988614170569073515315707566766479517968236873715988614170569073515315707566766479517") .ToByteArray(); IBigInteger[] sig = ecdsa.GenerateSignature(message); if (!r.Equals(sig[0])) { Fail("r component wrong." + NewLine + " expecting: " + r + NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + NewLine + " expecting: " + s + NewLine + " got : " + sig[1]); } // Verify the signature var pubKey = new ECPublicKeyParameters( "ECDSA", curve.DecodePoint( Hex.Decode( "045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q parameters); ecdsa.Init(false, pubKey); if (!ecdsa.VerifySignature(message, sig[0], sig[1])) { Fail("signature fails"); } }
public void TestECDsa191BitBinary() { IBigInteger r = new BigInteger("87194383164871543355722284926904419997237591535066528048"); IBigInteger s = new BigInteger("308992691965804947361541664549085895292153777025772063598"); byte[] kData = BigIntegers.AsUnsignedByteArray( new BigInteger("1542725565216523985789236956265265265235675811949404040041")); SecureRandom k = FixedSecureRandom.From(kData); var curve = new F2MCurve( 191, // m 9, //k new BigInteger("2866537B676752636A68F56554E12640276B649EF7526267", 16), // a new BigInteger("2E45EF571F00786F67B0081B9495A3D95462F5DE0AA185EC", 16)); // b var parameters = new ECDomainParameters( curve, curve.DecodePoint( Hex.Decode( "0436B3DAF8A23206F9C4F299D7B21A9C369137F2C84AE1AA0D765BE73433B3F95E332932E70EA245CA2418EA0EF98018FB")), // G new BigInteger("1569275433846670190958947355803350458831205595451630533029"), // n BigInteger.Two); // h var priKey = new ECPrivateKeyParameters( "ECDSA", new BigInteger("1275552191113212300012030439187146164646146646466749494799"), // d parameters); var ecdsa = new ECDsaSigner(); var param = new ParametersWithRandom(priKey, k); ecdsa.Init(true, param); byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray(); IBigInteger[] sig = ecdsa.GenerateSignature(message); if (!r.Equals(sig[0])) { Fail("r component wrong." + NewLine + " expecting: " + r + NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + NewLine + " expecting: " + s + NewLine + " got : " + sig[1]); } // Verify the signature var pubKey = new ECPublicKeyParameters( "ECDSA", curve.DecodePoint( Hex.Decode( "045DE37E756BD55D72E3768CB396FFEB962614DEA4CE28A2E755C0E0E02F5FB132CAF416EF85B229BBB8E1352003125BA1")), // Q parameters); ecdsa.Init(false, pubKey); if (!ecdsa.VerifySignature(message, sig[0], sig[1])) { Fail("signature fails"); } }
public void TestGeneration() { ISigner s = SignerUtilities.GetSigner("DSA"); byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; SecureRandom rand = new SecureRandom(); // KeyPairGenerator g = KeyPairGenerator.GetInstance("DSA"); IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA"); // test exception // doTestBadStrength(513); doTestBadStrength(510); doTestBadStrength(1025); //g.initialize(512, rand); { DsaParametersGenerator pGen = new DsaParametersGenerator(); pGen.Init(512, 80, rand); g.Init(new DsaKeyGenerationParameters(rand, pGen.GenerateParameters())); } IAsymmetricCipherKeyPair p = g.GenerateKeyPair(); IAsymmetricKeyParameter sKey = p.Private; IAsymmetricKeyParameter vKey = p.Public; s.Init(true, sKey); s.BlockUpdate(data, 0, data.Length); byte[] sigBytes = s.GenerateSignature(); s = SignerUtilities.GetSigner("DSA"); s.Init(false, vKey); s.BlockUpdate(data, 0, data.Length); if (!s.VerifySignature(sigBytes)) { Fail("DSA verification failed"); } // // ECDSA Fp generation test // s = SignerUtilities.GetSigner("ECDSA"); ECCurve curve = new FPCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECDomainParameters ecSpec = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n g = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); g.Init(new ECKeyGenerationParameters(ecSpec, rand)); p = g.GenerateKeyPair(); sKey = p.Private; vKey = p.Public; s.Init(true, sKey); s.BlockUpdate(data, 0, data.Length); sigBytes = s.GenerateSignature(); s = SignerUtilities.GetSigner("ECDSA"); s.Init(false, vKey); s.BlockUpdate(data, 0, data.Length); if (!s.VerifySignature(sigBytes)) { Fail("ECDSA verification failed"); } // // ECDSA F2m generation test // s = SignerUtilities.GetSigner("ECDSA"); curve = new F2MCurve( 239, // m 36, // k new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b ecSpec = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n BigInteger.ValueOf(4)); // h g = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); g.Init(new ECKeyGenerationParameters(ecSpec, rand)); p = g.GenerateKeyPair(); sKey = p.Private; vKey = p.Public; s.Init(true, sKey); s.BlockUpdate(data, 0, data.Length); sigBytes = s.GenerateSignature(); s = SignerUtilities.GetSigner("ECDSA"); s.Init(false, vKey); s.BlockUpdate(data, 0, data.Length); if (!s.VerifySignature(sigBytes)) { Fail("ECDSA verification failed"); } }
public void TestECDsa239BitBinary() { IBigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552"); IBigInteger s = new BigInteger("197030374000731686738334997654997227052849804072198819102649413465737174"); byte[] kData = new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363").ToByteArrayUnsigned(); SecureRandom k = FixedSecureRandom.From(kData); // EllipticCurve curve = new EllipticCurve( // new ECFieldF2m(239, // m // new int[] { 36 }), // k // new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a // new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b ECCurve curve = new F2MCurve( 239, // m 36, // k new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b ECDomainParameters parameters = new ECDomainParameters( curve, // ECPointUtil.DecodePoint(curve, Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G curve.DecodePoint(Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n BigInteger.ValueOf(4)); //4); // h ECPrivateKeyParameters sKey = new ECPrivateKeyParameters( "ECDSA", new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d parameters); ECPublicKeyParameters vKey = new ECPublicKeyParameters( "ECDSA", // ECPointUtil.DecodePoint(curve, Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q curve.DecodePoint(Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q parameters); ISigner sgr = SignerUtilities.GetSigner("ECDSA"); // KeyFactory f = KeyFactory.getInstance("ECDSA"); // IAsymmetricKeyParameter sKey = f.generatePrivate(priKeySpec); // IAsymmetricKeyParameter vKey = f.generatePublic(pubKeySpec); byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; sgr.Init(true, new ParametersWithRandom(sKey, k)); sgr.BlockUpdate(message, 0, message.Length); byte[] sigBytes = sgr.GenerateSignature(); sgr.Init(false, vKey); sgr.BlockUpdate(message, 0, message.Length); if (!sgr.VerifySignature(sigBytes)) { Fail("239 Bit EC verification failed"); } IBigInteger[] sig = derDecode(sigBytes); if (!r.Equals(sig[0])) { Fail("r component wrong." + SimpleTest.NewLine + " expecting: " + r + SimpleTest.NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + SimpleTest.NewLine + " expecting: " + s + SimpleTest.NewLine + " got : " + sig[1]); } }