public F2mCurve(int m, int k1, int k2, int k3, BigInteger a, BigInteger b, BigInteger order, BigInteger cofactor) : base(m, k1, k2, k3) { //IL_004e: Unknown result type (might be due to invalid IL or missing references) //IL_0060: Unknown result type (might be due to invalid IL or missing references) //IL_006f: Unknown result type (might be due to invalid IL or missing references) //IL_007f: Unknown result type (might be due to invalid IL or missing references) this.m = m; this.k1 = k1; this.k2 = k2; this.k3 = k3; m_order = order; m_cofactor = cofactor; m_infinity = new F2mPoint(this, null, null); if (k1 == 0) { throw new ArgumentException("k1 must be > 0"); } if (k2 == 0) { if (k3 != 0) { throw new ArgumentException("k3 must be 0 if k2 == 0"); } } else { if (k2 <= k1) { throw new ArgumentException("k2 must be > k1"); } if (k3 <= k2) { throw new ArgumentException("k3 must be > k2"); } } m_a = FromBigInteger(a); m_b = FromBigInteger(b); m_coord = 6; }
/** * Constructor for Pentanomial Polynomial Basis (PPB). * @param m The exponent <code>m</code> of * <code>F<sub>2<sup>m</sup></sub></code>. * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> + * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code> * represents the reduction polynomial <code>f(z)</code>. * @param k2 The integer <code>k2</code> where <code>x<sup>m</sup> + * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code> * represents the reduction polynomial <code>f(z)</code>. * @param k3 The integer <code>k3</code> where <code>x<sup>m</sup> + * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code> * represents the reduction polynomial <code>f(z)</code>. * @param a The coefficient <code>a</code> in the Weierstrass equation * for non-supersingular elliptic curves over * <code>F<sub>2<sup>m</sup></sub></code>. * @param b The coefficient <code>b</code> in the Weierstrass equation * for non-supersingular elliptic curves over * <code>F<sub>2<sup>m</sup></sub></code>. * @param n The order of the main subgroup of the elliptic curve. * @param h The cofactor of the elliptic curve, i.e. * <code>#E<sub>a</sub>(F<sub>2<sup>m</sup></sub>) = h * n</code>. */ public F2mCurve( int m, int k1, int k2, int k3, BigInteger a, BigInteger b, BigInteger n, BigInteger h) { this.m = m; this.k1 = k1; this.k2 = k2; this.k3 = k3; this.n = n; this.h = h; this.infinity = new F2mPoint(this, null, null); if (k1 == 0) throw new ArgumentException("k1 must be > 0"); if (k2 == 0) { if (k3 != 0) throw new ArgumentException("k3 must be 0 if k2 == 0"); } else { if (k2 <= k1) throw new ArgumentException("k2 must be > k1"); if (k3 <= k2) throw new ArgumentException("k3 must be > k2"); } this.a = FromBigInteger(a); this.b = FromBigInteger(b); }
internal F2mPoint AddSimple(F2mPoint b) { if (this.IsInfinity) { return(b); } if (b.IsInfinity) { return(this); } F2mFieldElement x2 = (F2mFieldElement)b.X; F2mFieldElement y2 = (F2mFieldElement)b.Y; if (this.x.Equals(x2)) { if (this.y.Equals(y2)) { return((F2mPoint)this.Twice()); } return((F2mPoint)this.curve.Infinity); } ECFieldElement xSum = this.x.Add(x2); F2mFieldElement lambda = (F2mFieldElement)(this.y.Add(y2)).Divide(xSum); F2mFieldElement x3 = (F2mFieldElement)lambda.Square().Add(lambda).Add(xSum).Add(this.curve.A); F2mFieldElement y3 = (F2mFieldElement)lambda.Multiply(this.x.Add(x3)).Add(x3).Add(this.y); return(new F2mPoint(curve, x3, y3, withCompression)); }
public F2mCurve(int m, int k1, int k2, int k3, BigInteger a, BigInteger b, BigInteger order, BigInteger cofactor) : base(m, k1, k2, k3) { this.m = m; this.k1 = k1; this.k2 = k2; this.k3 = k3; m_order = order; m_cofactor = cofactor; m_infinity = new F2mPoint(this, null, null); if (k1 == 0) { throw new ArgumentException("k1 must be > 0"); } if (k2 == 0) { if (k3 != 0) { throw new ArgumentException("k3 must be 0 if k2 == 0"); } } else { if (k2 <= k1) { throw new ArgumentException("k2 must be > k1"); } if (k3 <= k2) { throw new ArgumentException("k3 must be > k2"); } } m_a = FromBigInteger(a); m_b = FromBigInteger(b); m_coord = 6; }
/** * Constructor for Pentanomial Polynomial Basis (PPB). * @param m The exponent <code>m</code> of * <code>F<sub>2<sup>m</sup></sub></code>. * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> + * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code> * represents the reduction polynomial <code>f(z)</code>. * @param k2 The integer <code>k2</code> where <code>x<sup>m</sup> + * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code> * represents the reduction polynomial <code>f(z)</code>. * @param k3 The integer <code>k3</code> where <code>x<sup>m</sup> + * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code> * represents the reduction polynomial <code>f(z)</code>. * @param a The coefficient <code>a</code> in the Weierstrass equation * for non-supersingular elliptic curves over * <code>F<sub>2<sup>m</sup></sub></code>. * @param b The coefficient <code>b</code> in the Weierstrass equation * for non-supersingular elliptic curves over * <code>F<sub>2<sup>m</sup></sub></code>. */ public F2mCurve( int m, int k1, int k2, int k3, BigInteger a, BigInteger b) { this.m = m; this.k1 = k1; this.k2 = k2; this.k3 = k3; this.infinity = new F2mPoint(this, null, null); if (k1 == 0) throw new ArgumentException("k1 must be > 0"); if (k2 == 0) { if (k3 != 0) throw new ArgumentException("k3 must be 0 if k2 == 0"); } else { if (k2 <= k1) throw new ArgumentException("k2 must be > k1"); if (k3 <= k2) throw new ArgumentException("k3 must be > k2"); } this.a = FromBigInteger(a); this.b = FromBigInteger(b); }
/* (non-Javadoc) * @see Org.BouncyCastle.Math.EC.ECCurve#decodePoint(byte[]) */ public override ECPoint DecodePoint(byte[] encoded) { ECPoint p = null; switch (encoded[0]) { // compressed case 0x02: case 0x03: byte[] enc = new byte[encoded.Length - 1]; Array.Copy(encoded, 1, enc, 0, enc.Length); if (encoded[0] == 0x02) { p = decompressPoint(enc, 0); } else { p = decompressPoint(enc, 1); } break; case 0x04: byte[] xEnc = new byte[(encoded.Length - 1) / 2]; byte[] yEnc = new byte[(encoded.Length - 1) / 2]; Array.Copy(encoded, 1, xEnc, 0, xEnc.Length); Array.Copy(encoded, xEnc.Length + 1, yEnc, 0, yEnc.Length); p = new F2mPoint(this, new F2mFieldElement(this.m, this.k1, this.k2, this.k3, new BigInteger(1, xEnc)), new F2mFieldElement(this.m, this.k1, this.k2, this.k3, new BigInteger(1, yEnc)), false); break; default: throw new FormatException("Invalid point encoding " + encoded[0]); } return p; }
public static AsymmetricKeyParameter CreateKey( SubjectPublicKeyInfo keyInfo) { AlgorithmIdentifier algID = keyInfo.AlgorithmID; if (algID.ObjectID.Equals(PkcsObjectIdentifiers.RsaEncryption) || algID.ObjectID.Equals(X509ObjectIdentifiers.IdEARsa)) { RsaPublicKeyStructure pubKey = RsaPublicKeyStructure.GetInstance(keyInfo.GetPublicKey()); return new RsaKeyParameters(false, pubKey.Modulus, pubKey.PublicExponent); } else if (algID.ObjectID.Equals(PkcsObjectIdentifiers.DhKeyAgreement) || algID.ObjectID.Equals(X9ObjectIdentifiers.DHPublicNumber)) { DHParameter para = new DHParameter((Asn1Sequence)keyInfo.AlgorithmID.Parameters); DerInteger derY = (DerInteger)keyInfo.GetPublicKey(); return new DHPublicKeyParameters(derY.Value, new DHParameters(para.P, para.G)); } else if (algID.ObjectID.Equals(OiwObjectIdentifiers.ElGamalAlgorithm)) { ElGamalParameter para = new ElGamalParameter((Asn1Sequence)keyInfo.AlgorithmID.Parameters); DerInteger derY = (DerInteger)keyInfo.GetPublicKey(); return new ElGamalPublicKeyParameters(derY.Value, new ElGamalParameters(para.P, para.G)); } else if (algID.ObjectID.Equals(X9ObjectIdentifiers.IdDsa) || algID.ObjectID.Equals(OiwObjectIdentifiers.DsaWithSha1)) { DsaParameter para = DsaParameter.GetInstance(keyInfo.AlgorithmID.Parameters); DerInteger derY = (DerInteger)keyInfo.GetPublicKey(); return new DsaPublicKeyParameters(derY.Value, new DsaParameters(para.P, para.Q, para.G)); } else if (algID.ObjectID.Equals(X9ObjectIdentifiers.IdECPublicKey)) { X962Parameters para = new X962Parameters((Asn1Object)keyInfo.AlgorithmID.Parameters); ECDomainParameters dParams = null; if (para.IsNamedCurve) { DerObjectIdentifier oid = (DerObjectIdentifier)para.Parameters; X9ECParameters ecP = X962NamedCurves.GetByOid(oid); if (ecP == null) { ecP = SecNamedCurves.GetByOid(oid); if (ecP == null) { ecP = NistNamedCurves.GetByOid(oid); } } dParams = new ECDomainParameters( ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed()); } else { X9ECParameters ecP = new X9ECParameters((Asn1Sequence)para.Parameters.ToAsn1Object()); dParams = new ECDomainParameters( ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed()); } DerBitString bits = keyInfo.PublicKeyData; byte[] data = bits.GetBytes(); Asn1OctetString key = new DerOctetString(data); X9ECPoint derQ = new X9ECPoint(dParams.Curve, key); return new ECPublicKeyParameters(derQ.Point, dParams); } else if (algID.ObjectID.Equals(CryptoProObjectIdentifiers.GostR3410x2001)) { Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters( (Asn1Sequence) algID.Parameters); Asn1OctetString key; try { key = (Asn1OctetString) keyInfo.GetPublicKey(); } catch (IOException) { throw new ArgumentException("invalid info structure in GOST3410 public key"); } byte[] keyEnc = key.GetOctets(); byte[] x = new byte[32]; byte[] y = new byte[32]; for (int i = 0; i != y.Length; i++) { x[i] = keyEnc[32 - 1 - i]; } for (int i = 0; i != x.Length; i++) { y[i] = keyEnc[64 - 1 - i]; } ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet); if (ecP == null) return null; ECCurve curve = ecP.Curve; ECPoint q; if (curve is FpCurve) { FpCurve curveFp = (FpCurve) curve; q = new FpPoint( curveFp, new FpFieldElement(curveFp.Q, new BigInteger(1, x)), new FpFieldElement(curveFp.Q, new BigInteger(1, y))); } else { F2mCurve curveF2m = (F2mCurve) curve; q = new F2mPoint( curveF2m, new F2mFieldElement(curveF2m.M, curveF2m.K1, curveF2m.K2, curveF2m.K3, new BigInteger(1, x)), new F2mFieldElement(curveF2m.M, curveF2m.K1, curveF2m.K2, curveF2m.K3, new BigInteger(1, y)), false); } return new ECPublicKeyParameters(q, gostParams.PublicKeyParamSet); } else if (algID.ObjectID.Equals(CryptoProObjectIdentifiers.GostR3410x94)) { Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters( (Asn1Sequence) algID.Parameters); DerOctetString derY; try { derY = (DerOctetString) keyInfo.GetPublicKey(); } catch (IOException) { throw new ArgumentException("invalid info structure in GOST3410 public key"); } byte[] keyEnc = derY.GetOctets(); byte[] keyBytes = new byte[keyEnc.Length]; for (int i = 0; i != keyEnc.Length; i++) { keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // was little endian } BigInteger y = new BigInteger(1, keyBytes); return new Gost3410PublicKeyParameters(y, algParams.PublicKeyParamSet); } else { throw new SecurityUtilityException("algorithm identifier in key not recognised: " + algID.ObjectID); } }
protected override X9ECParameters CreateParameters() { // a = 1 BigInteger sect163r2a = BigInteger.One; // b = 20a601907b8c953ca1481eb10512f78744a3205fd BigInteger sect163r2b = new BigInteger("20a601907b8c953ca1481eb10512f78744a3205fd", 16); ECCurve sect163r2Curve = new F2mCurve(sect163r2m, sect163r2k1, sect163r2k2, sect163r2k3, sect163r2a, sect163r2b); // x = 3f0eba16286a2d57ea0991168d4994637e8343e36 ECFieldElement sect163r2x = new F2mFieldElement( sect163r2m, sect163r2k1, sect163r2k2, sect163r2k3, new BigInteger("3f0eba16286a2d57ea0991168d4994637e8343e36", 16)); // y = 0d51fbc6c71a0094fa2cdd545b11c5c0c797324f1 ECFieldElement sect163r2y = new F2mFieldElement( sect163r2m, sect163r2k1, sect163r2k2, sect163r2k3, new BigInteger("0d51fbc6c71a0094fa2cdd545b11c5c0c797324f1", 16)); ECPoint sect163r2BasePoint = new F2mPoint( sect163r2Curve, sect163r2x, sect163r2y, false); BigInteger sect163r2n = new BigInteger("5846006549323611672814742442876390689256843201587"); BigInteger sect163r2h = BigInteger.Two; byte[] sect163r2Seed = null; return new X9ECParameters( sect163r2Curve, sect163r2BasePoint, sect163r2n, sect163r2h, sect163r2Seed); }
/** * Test encoding with and without point compression. * * @param p * The point to be encoded and decoded. */ private void implTestEncoding(ECPoint p) { // Not Point Compression ECPoint unCompP; // Point compression ECPoint compP; if (p is FpPoint) { unCompP = new FpPoint(p.Curve, p.X, p.Y, false); compP = new FpPoint(p.Curve, p.X, p.Y, true); } else { unCompP = new F2mPoint(p.Curve, p.X, p.Y, false); compP = new F2mPoint(p.Curve, p.X, p.Y, true); } byte[] unCompBarr = unCompP.GetEncoded(); ECPoint decUnComp = p.Curve.DecodePoint(unCompBarr); Assert.AreEqual(p, decUnComp, "Error decoding uncompressed point"); byte[] compBarr = compP.GetEncoded(); ECPoint decComp = p.Curve.DecodePoint(compBarr); Assert.AreEqual(p, decComp, "Error decoding compressed point"); }
/** * Creates the points on the curve with literature values. */ internal static void createPoints() { for (int i = 0; i < pointSource.Length / 2; i++) { F2mFieldElement x = new F2mFieldElement(m, k1, new BigInteger(pointSource[2 * i], 16)); F2mFieldElement y = new F2mFieldElement(m, k1, new BigInteger(pointSource[2 * i + 1], 16)); p[i] = new F2mPoint(curve, x, y); } }
/** * Adds another <code>ECPoints.F2m</code> to <code>this</code> without * checking if both points are on the same curve. Used by multiplication * algorithms, because there all points are a multiple of the same point * and hence the checks can be omitted. * @param b The other <code>ECPoints.F2m</code> to add to * <code>this</code>. * @return <code>this + b</code> */ internal F2mPoint AddSimple(F2mPoint b) { if (this.IsInfinity) return b; if (b.IsInfinity) return this; ECCurve curve = this.Curve; int coord = curve.CoordinateSystem; ECFieldElement X1 = this.RawXCoord; ECFieldElement X2 = b.RawXCoord; switch (coord) { case ECCurve.COORD_AFFINE: { ECFieldElement Y1 = this.RawYCoord; ECFieldElement Y2 = b.RawYCoord; ECFieldElement dx = X1.Add(X2), dy = Y1.Add(Y2); if (dx.IsZero) { if (dy.IsZero) { return (F2mPoint)Twice(); } return (F2mPoint)curve.Infinity; } ECFieldElement L = dy.Divide(dx); ECFieldElement X3 = L.Square().Add(L).Add(dx).Add(curve.A); ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); return new F2mPoint(curve, X3, Y3, IsCompressed); } case ECCurve.COORD_HOMOGENEOUS: { ECFieldElement Y1 = this.RawYCoord, Z1 = this.RawZCoords[0]; ECFieldElement Y2 = b.RawYCoord, Z2 = b.RawZCoords[0]; bool Z1IsOne = Z1.IsOne; ECFieldElement U1 = Y2, V1 = X2; if (!Z1IsOne) { U1 = U1.Multiply(Z1); V1 = V1.Multiply(Z1); } bool Z2IsOne = Z2.IsOne; ECFieldElement U2 = Y1, V2 = X1; if (!Z2IsOne) { U2 = U2.Multiply(Z2); V2 = V2.Multiply(Z2); } ECFieldElement U = U1.Add(U2); ECFieldElement V = V1.Add(V2); if (V.IsZero) { if (U.IsZero) { return (F2mPoint)Twice(); } return (F2mPoint)curve.Infinity; } ECFieldElement VSq = V.Square(); ECFieldElement VCu = VSq.Multiply(V); ECFieldElement W = Z1IsOne ? Z2 : Z2IsOne ? Z1 : Z1.Multiply(Z2); ECFieldElement uv = U.Add(V); ECFieldElement A = uv.MultiplyPlusProduct(U, VSq, curve.A).Multiply(W).Add(VCu); ECFieldElement X3 = V.Multiply(A); ECFieldElement VSqZ2 = Z2IsOne ? VSq : VSq.Multiply(Z2); ECFieldElement Y3 = U.MultiplyPlusProduct(X1, V, Y1).MultiplyPlusProduct(VSqZ2, uv, A); ECFieldElement Z3 = VCu.Multiply(W); return new F2mPoint(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed); } case ECCurve.COORD_LAMBDA_PROJECTIVE: { if (X1.IsZero) { if (X2.IsZero) return (F2mPoint)curve.Infinity; return b.AddSimple(this); } ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; bool Z1IsOne = Z1.IsOne; ECFieldElement U2 = X2, S2 = L2; if (!Z1IsOne) { U2 = U2.Multiply(Z1); S2 = S2.Multiply(Z1); } bool Z2IsOne = Z2.IsOne; ECFieldElement U1 = X1, S1 = L1; if (!Z2IsOne) { U1 = U1.Multiply(Z2); S1 = S1.Multiply(Z2); } ECFieldElement A = S1.Add(S2); ECFieldElement B = U1.Add(U2); if (B.IsZero) { if (A.IsZero) { return (F2mPoint)Twice(); } return (F2mPoint)curve.Infinity; } ECFieldElement X3, L3, Z3; if (X2.IsZero) { // TODO This can probably be optimized quite a bit ECPoint p = this.Normalize(); X1 = p.RawXCoord; ECFieldElement Y1 = p.YCoord; ECFieldElement Y2 = L2; ECFieldElement L = Y1.Add(Y2).Divide(X1); X3 = L.Square().Add(L).Add(X1).Add(curve.A); if (X3.IsZero) { return new F2mPoint(curve, X3, curve.B.Sqrt(), IsCompressed); } ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); L3 = Y3.Divide(X3).Add(X3); Z3 = curve.FromBigInteger(BigInteger.One); } else { B = B.Square(); ECFieldElement AU1 = A.Multiply(U1); ECFieldElement AU2 = A.Multiply(U2); X3 = AU1.Multiply(AU2); if (X3.IsZero) { return new F2mPoint(curve, X3, curve.B.Sqrt(), IsCompressed); } ECFieldElement ABZ2 = A.Multiply(B); if (!Z2IsOne) { ABZ2 = ABZ2.Multiply(Z2); } L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); Z3 = ABZ2; if (!Z1IsOne) { Z3 = Z3.Multiply(Z1); } } return new F2mPoint(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); } default: { throw new InvalidOperationException("unsupported coordinate system"); } } }
/** * Adds another <code>ECPoints.F2m</code> to <code>this</code> without * checking if both points are on the same curve. Used by multiplication * algorithms, because there all points are a multiple of the same point * and hence the checks can be omitted. * @param b The other <code>ECPoints.F2m</code> to add to * <code>this</code>. * @return <code>this + b</code> */ internal F2mPoint AddSimple(F2mPoint b) { if (this.IsInfinity) return b; if (b.IsInfinity) return this; F2mFieldElement x2 = (F2mFieldElement) b.X; F2mFieldElement y2 = (F2mFieldElement) b.Y; // Check if b == this or b == -this if (this.x.Equals(x2)) { // this == b, i.e. this must be doubled if (this.y.Equals(y2)) return (F2mPoint) this.Twice(); // this = -other, i.e. the result is the point at infinity return (F2mPoint) this.curve.Infinity; } ECFieldElement xSum = this.x.Add(x2); F2mFieldElement lambda = (F2mFieldElement)(this.y.Add(y2)).Divide(xSum); F2mFieldElement x3 = (F2mFieldElement)lambda.Square().Add(lambda).Add(xSum).Add(this.curve.A); F2mFieldElement y3 = (F2mFieldElement)lambda.Multiply(this.x.Add(x3)).Add(x3).Add(this.y); return new F2mPoint(curve, x3, y3, withCompression); }
/** * Constructor for Pentanomial Polynomial Basis (PPB). * @param m The exponent <code>m</code> of * <code>F<sub>2<sup>m</sup></sub></code>. * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> + * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code> * represents the reduction polynomial <code>f(z)</code>. * @param k2 The integer <code>k2</code> where <code>x<sup>m</sup> + * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code> * represents the reduction polynomial <code>f(z)</code>. * @param k3 The integer <code>k3</code> where <code>x<sup>m</sup> + * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code> * represents the reduction polynomial <code>f(z)</code>. * @param a The coefficient <code>a</code> in the Weierstrass equation * for non-supersingular elliptic curves over * <code>F<sub>2<sup>m</sup></sub></code>. * @param b The coefficient <code>b</code> in the Weierstrass equation * for non-supersingular elliptic curves over * <code>F<sub>2<sup>m</sup></sub></code>. * @param order The order of the main subgroup of the elliptic curve. * @param cofactor The cofactor of the elliptic curve, i.e. * <code>#E<sub>a</sub>(F<sub>2<sup>m</sup></sub>) = h * n</code>. */ public F2mCurve( int m, int k1, int k2, int k3, BigInteger a, BigInteger b, BigInteger order, BigInteger cofactor) : base(m, k1, k2, k3) { this.m = m; this.k1 = k1; this.k2 = k2; this.k3 = k3; this.m_order = order; this.m_cofactor = cofactor; this.m_infinity = new F2mPoint(this, null, null); if (k1 == 0) throw new ArgumentException("k1 must be > 0"); if (k2 == 0) { if (k3 != 0) throw new ArgumentException("k3 must be 0 if k2 == 0"); } else { if (k2 <= k1) throw new ArgumentException("k2 must be > k1"); if (k3 <= k2) throw new ArgumentException("k3 must be > k2"); } this.m_a = FromBigInteger(a); this.m_b = FromBigInteger(b); this.m_coord = F2M_DEFAULT_COORDS; }
protected override X9ECParameters CreateParameters() { // a = 1 BigInteger sect571r1a = BigInteger.One; // b = 2f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a BigInteger sect571r1b = new BigInteger("2f40e7e2221f295de297117b7f3d62f5c6a97ffcb8ceff1cd6ba8ce4a9a18ad84ffabbd8efa59332be7ad6756a66e294afd185a78ff12aa520e4de739baca0c7ffeff7f2955727a", 16); ECCurve sect571r1Curve = new F2mCurve(sect571r1m, sect571r1k1, sect571r1k2, sect571r1k3, sect571r1a, sect571r1b); // x = 303001d34b856296c16c0d40d3cd7750a93d1d2955fa80aa5f40fc8db7b2abdbde53950f4c0d293cdd711a35b67fb1499ae60038614f1394abfa3b4c850d927e1e7769c8eec2d19 ECFieldElement sect571r1x = new F2mFieldElement( sect571r1m, sect571r1k1, sect571r1k2, sect571r1k3, new BigInteger("303001d34b856296c16c0d40d3cd7750a93d1d2955fa80aa5f40fc8db7b2abdbde53950f4c0d293cdd711a35b67fb1499ae60038614f1394abfa3b4c850d927e1e7769c8eec2d19", 16)); // y = 37bf27342da639b6dccfffeb73d69d78c6c27a6009cbbca1980f8533921e8a684423e43bab08a576291af8f461bb2a8b3531d2f0485c19b16e2f1516e23dd3c1a4827af1b8ac15b ECFieldElement sect571r1y = new F2mFieldElement( sect571r1m, sect571r1k1, sect571r1k2, sect571r1k3, new BigInteger("37bf27342da639b6dccfffeb73d69d78c6c27a6009cbbca1980f8533921e8a684423e43bab08a576291af8f461bb2a8b3531d2f0485c19b16e2f1516e23dd3c1a4827af1b8ac15b", 16)); ECPoint sect571r1BasePoint = new F2mPoint( sect571r1Curve, sect571r1x, sect571r1y, false); BigInteger sect571r1n = new BigInteger("3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285703"); BigInteger sect571r1h = BigInteger.Two; byte[] sect571r1Seed = null; return new X9ECParameters( sect571r1Curve, sect571r1BasePoint, sect571r1n, sect571r1h, sect571r1Seed); }
protected override X9ECParameters CreateParameters() { // a = 1 BigInteger sect409r1a = BigInteger.One; // b = 21a5c2c8ee9feb5c4b9a753b7b476b7fd6422ef1f3dd674761fa99d6ac27c8a9a197b272822f6cd57a55aa4f50ae317b13545f BigInteger sect409r1b = new BigInteger("21a5c2c8ee9feb5c4b9a753b7b476b7fd6422ef1f3dd674761fa99d6ac27c8a9a197b272822f6cd57a55aa4f50ae317b13545f", 16); ECCurve sect409r1Curve = new F2mCurve(sect409r1m, sect409r1k1, sect409r1k2, sect409r1k3, sect409r1a, sect409r1b); // x = 15d4860d088ddb3496b0c6064756260441cde4af1771d4db01ffe5b34e59703dc255a868a1180515603aeab60794e54bb7996a7 ECFieldElement sect409r1x = new F2mFieldElement( sect409r1m, sect409r1k1, sect409r1k2, sect409r1k3, new BigInteger("15d4860d088ddb3496b0c6064756260441cde4af1771d4db01ffe5b34e59703dc255a868a1180515603aeab60794e54bb7996a7", 16)); // y = 61b1cfab6be5f32bbfa78324ed106a7636b9c5a7bd198d0158aa4f5488d08f38514f1fdf4b4f40d2181b3681c364ba0273c706 ECFieldElement sect409r1y = new F2mFieldElement( sect409r1m, sect409r1k1, sect409r1k2, sect409r1k3, new BigInteger("61b1cfab6be5f32bbfa78324ed106a7636b9c5a7bd198d0158aa4f5488d08f38514f1fdf4b4f40d2181b3681c364ba0273c706", 16)); ECPoint sect409r1BasePoint = new F2mPoint( sect409r1Curve, sect409r1x, sect409r1y, false); BigInteger sect409r1n = new BigInteger("661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526771"); BigInteger sect409r1h = BigInteger.Two; byte[] sect409r1Seed = null; return new X9ECParameters( sect409r1Curve, sect409r1BasePoint, sect409r1n, sect409r1h, sect409r1Seed); }
protected override X9ECParameters CreateParameters() { // a = 1 BigInteger sect283r1a = BigInteger.One; // b = 27b680ac8b8596da5a4af8a19a0303fca97fd7645309fa2a581485af6263e313b79a2f5 BigInteger sect283r1b = new BigInteger("27b680ac8b8596da5a4af8a19a0303fca97fd7645309fa2a581485af6263e313b79a2f5", 16); ECCurve sect283r1Curve = new F2mCurve(sect283r1m, sect283r1k1, sect283r1k2, sect283r1k3, sect283r1a, sect283r1b); // x = 5f939258db7dd90e1934f8c70b0dfec2eed25b8557eac9c80e2e198f8cdbecd86b12053 ECFieldElement sect283r1x = new F2mFieldElement( sect283r1m, sect283r1k1, sect283r1k2, sect283r1k3, new BigInteger("5f939258db7dd90e1934f8c70b0dfec2eed25b8557eac9c80e2e198f8cdbecd86b12053", 16)); // y = 3676854fe24141cb98fe6d4b20d02b4516ff702350eddb0826779c813f0df45be8112f4 ECFieldElement sect283r1y = new F2mFieldElement( sect283r1m, sect283r1k1, sect283r1k2, sect283r1k3, new BigInteger("3676854fe24141cb98fe6d4b20d02b4516ff702350eddb0826779c813f0df45be8112f4", 16)); ECPoint sect283r1BasePoint = new F2mPoint( sect283r1Curve, sect283r1x, sect283r1y, false); BigInteger sect283r1n = new BigInteger("7770675568902916283677847627294075626569625924376904889109196526770044277787378692871"); BigInteger sect283r1h = BigInteger.Two; byte[] sect283r1Seed = null; return new X9ECParameters( sect283r1Curve, sect283r1BasePoint, sect283r1n, sect283r1h, sect283r1Seed); }
protected override X9ECParameters CreateParameters() { // a = 1 BigInteger sect233r1a = BigInteger.One; // b = 066647ede6c332c7f8c0923bb58213b333b20e9ce4281fe115f7d8f90ad BigInteger sect233r1b = new BigInteger("066647ede6c332c7f8c0923bb58213b333b20e9ce4281fe115f7d8f90ad", 16); ECCurve sect233r1Curve = new F2mCurve(sect233r1m, sect233r1k1, sect233r1k2, sect233r1k3, sect233r1a, sect233r1b); // x = 0fac9dfcbac8313bb2139f1bb755fef65bc391f8b36f8f8eb7371fd558b ECFieldElement sect233r1x = new F2mFieldElement( sect233r1m, sect233r1k1, sect233r1k2, sect233r1k3, new BigInteger("0fac9dfcbac8313bb2139f1bb755fef65bc391f8b36f8f8eb7371fd558b", 16)); // y = 1006a08a41903350678e58528bebf8a0beff867a7ca36716f7e01f81052 ECFieldElement sect233r1y = new F2mFieldElement( sect233r1m, sect233r1k1, sect233r1k2, sect233r1k3, new BigInteger("1006a08a41903350678e58528bebf8a0beff867a7ca36716f7e01f81052", 16)); ECPoint sect233r1BasePoint = new F2mPoint( sect233r1Curve, sect233r1x, sect233r1y, false); BigInteger sect233r1n = new BigInteger("6901746346790563787434755862277025555839812737345013555379383634485463"); BigInteger sect233r1h = BigInteger.Two; byte[] sect233r1Seed = null; return new X9ECParameters( sect233r1Curve, sect233r1BasePoint, sect233r1n, sect233r1h, sect233r1Seed); }
protected F2mCurve(int m, int k1, int k2, int k3, ECFieldElement a, ECFieldElement b, BigInteger order, BigInteger cofactor) : base(m, k1, k2, k3) { this.m = m; this.k1 = k1; this.k2 = k2; this.k3 = k3; this.m_order = order; this.m_cofactor = cofactor; this.m_infinity = new F2mPoint(this, null, null); this.m_a = a; this.m_b = b; this.m_coord = F2M_DEFAULT_COORDS; }
public void TestPointCreationConsistency() { try { FpPoint bad = new FpPoint(Fp.curve, new FpFieldElement( Fp.q, new BigInteger("12")), null); Assert.Fail(); } catch (ArgumentException) { // Expected } try { FpPoint bad = new FpPoint(Fp.curve, null, new FpFieldElement(Fp.q, new BigInteger("12"))); Assert.Fail(); } catch (ArgumentException) { // Expected } try { F2mPoint bad = new F2mPoint(F2m.curve, new F2mFieldElement( F2m.m, F2m.k1, new BigInteger("1011")), null); Assert.Fail(); } catch (ArgumentException) { // Expected } try { F2mPoint bad = new F2mPoint(F2m.curve, null, new F2mFieldElement(F2m.m, F2m.k1, new BigInteger("1011"))); Assert.Fail(); } catch (ArgumentException) { // Expected } }
/** * Subtracts another <code>ECPoints.F2m</code> from <code>this</code> * without checking if both points are on the same curve. Used by * multiplication algorithms, because there all points are a multiple * of the same point and hence the checks can be omitted. * @param b The other <code>ECPoints.F2m</code> to subtract from * <code>this</code>. * @return <code>this - b</code> */ internal F2mPoint SubtractSimple( F2mPoint b) { if (b.IsInfinity) return this; // Add -b return AddSimple((F2mPoint) b.Negate()); }
/* (non-Javadoc) * @see Org.BouncyCastle.Math.EC.ECPoint#subtract(Org.BouncyCastle.Math.EC.ECPoint) */ public override ECPoint Subtract( ECPoint b) { if (b.IsInfinity) return this; // Add -b F2mPoint minusB = new F2mPoint(this.curve, b.x, b.x.Add(b.y), this.withCompression); return Add(minusB); }