/** * generate a signature for the given message using the key we were * initialised with. For conventional GOST3410 the message should be a GOST3411 * hash of the message of interest. * * @param message the message that will be verified later. */ public BigInteger[] GenerateSignature( byte[] message) { byte[] mRev = new byte[message.Length]; // conversion is little-endian for (int i = 0; i != mRev.Length; i++) { mRev[i] = message[mRev.Length - 1 - i]; } BigInteger e = new BigInteger(1, mRev); ECDomainParameters ec = key.Parameters; BigInteger n = ec.N; BigInteger d = ((ECPrivateKeyParameters)key).D; BigInteger r, s = null; ECMultiplier basePointMultiplier = new FixedPointCombMultiplier(); do // generate s { BigInteger k; do // generate r { do { k = new BigInteger(n.BitLength, random); } while (k.SignValue == 0); ECPoint p = basePointMultiplier.Multiply(ec.G, k).Normalize(); r = p.AffineXCoord.ToBigInteger().Mod(n); } while (r.SignValue == 0); s = (k.Multiply(e)).Add(d.Multiply(r)).Mod(n); } while (s.SignValue == 0); return new BigInteger[]{ r, s }; }
// 5.3 pg 28 /** * Generate a signature for the given message using the key we were * initialised with. For conventional DSA the message should be a SHA-1 * hash of the message of interest. * * @param message the message that will be verified later. */ public BigInteger[] GenerateSignature(byte[] message) { ECDomainParameters ec = key.Parameters; BigInteger n = ec.N; BigInteger e = calculateE(n, message); BigInteger d = ((ECPrivateKeyParameters)key).D; BigInteger r, s; ECMultiplier basePointMultiplier = new FixedPointCombMultiplier(); // 5.3.2 do // Generate s { BigInteger k; do // Generate r { do { k = new BigInteger(n.BitLength, random); } while (k.SignValue == 0 || k.CompareTo(n) >= 0); ECPoint p = basePointMultiplier.Multiply(ec.G, k).Normalize(); // 5.3.3 r = p.AffineXCoord.ToBigInteger().Mod(n); } while (r.SignValue == 0); s = k.ModInverse(n).Multiply(e.Add(d.Multiply(r))).Mod(n); } while (s.SignValue == 0); return new BigInteger[]{ r, s }; }
internal static ECPublicKeyParameters GetCorrespondingPublicKey( ECPrivateKeyParameters privKey) { ECDomainParameters ec = privKey.Parameters; ECPoint q = new FixedPointCombMultiplier().Multiply(ec.G, privKey.D); if (privKey.PublicKeyParamSet != null) { return new ECPublicKeyParameters(privKey.AlgorithmName, q, privKey.PublicKeyParamSet); } return new ECPublicKeyParameters(privKey.AlgorithmName, q, ec); }
/** * Given the domain parameters this routine generates an EC key * pair in accordance with X9.62 section 5.2.1 pages 26, 27. */ public AsymmetricCipherKeyPair GenerateKeyPair() { BigInteger n = parameters.N; BigInteger d; do { d = new BigInteger(n.BitLength, random); } while (d.SignValue == 0 || (d.CompareTo(n) >= 0)); ECPoint q = new FixedPointCombMultiplier().Multiply(parameters.G, d); if (publicKeyParamSet != null) { return new AsymmetricCipherKeyPair( new ECPublicKeyParameters(algorithm, q, publicKeyParamSet), new ECPrivateKeyParameters(algorithm, d, publicKeyParamSet)); } return new AsymmetricCipherKeyPair( new ECPublicKeyParameters(algorithm, q, parameters), new ECPrivateKeyParameters(algorithm, d, parameters)); }