public KeyAgreement() { _curve = new FpCurve( new BigInteger("BDB6F4FE3E8B1D9E0DA8C0D46F4C318CEFE4AFE3B6B8551F", 16), // q new BigInteger("BB8E5E8FBC115E139FE6A814FE48AAA6F0ADA1AA5DF91985", 16), // a new BigInteger("1854BEBDC31B21B7AEFC80AB0ECD10D5B1B3308E6DBF11C1", 16) // b ); _ecSpec = new ECDomainParameters( _curve, new FpPoint(_curve, new FpFieldElement( _curve.Q, new BigInteger("4AD5F7048DE709AD51236DE65E4D4B482C836DC6E4106640", 16) ), new FpFieldElement( _curve.Q, new BigInteger("02BB3A02D4AAADACAE24817A4CA3A1B014B5270432DB27D2", 16)) ), // G new BigInteger("BDB6F4FE3E8B1D9E0DA8C0D40FC962195DFAE76F56564677", 16), // n BigInteger.One// h ); _keyGen = GeneratorUtilities.GetKeyPairGenerator("ECDH"); _keyGen.Init(new ECKeyGenerationParameters(_ecSpec, new SecureRandom())); }
public void TestDecode() { FpCurve curve = new FpCurve( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b ECPoint p = curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")); if (!p.X.ToBigInteger().Equals(new BigInteger("188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", 16))) { Fail("x uncompressed incorrectly"); } if (!p.Y.ToBigInteger().Equals(new BigInteger("7192b95ffc8da78631011ed6b24cdd573f977a11e794811", 16))) { Fail("y uncompressed incorrectly"); } byte[] encoding = p.GetEncoded(); if (!AreEqual(encoding, Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012"))) { Fail("point compressed incorrectly"); } }
public void TestECNR239bitPrime() { BigInteger r = new BigInteger("308636143175167811492623515537541734843573549327605293463169625072911693"); BigInteger s = new BigInteger("852401710738814635664888632022555967400445256405412579597015412971797143"); byte[] kData = new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655").ToByteArrayUnsigned(); SecureRandom k = FixedSecureRandom.From(kData); ECCurve curve = new FpCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECDomainParameters spec = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d spec); ECPublicKeyParameters pubKey = new ECPublicKeyParameters( curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q spec); ISigner sgr = SignerUtilities.GetSigner("SHA1withECNR"); byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; checkSignature(239, priKey, pubKey, sgr, k, message, r, s); }
public override void PerformTest() { IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECIES"); ECCurve curve = new FpCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECDomainParameters ecSpec = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n g.Init( new ECKeyGenerationParameters( ecSpec, new SecureRandom())); IBufferedCipher c1 = CipherUtilities.GetCipher("ECIES"); IBufferedCipher c2 = CipherUtilities.GetCipher("ECIES"); doTest(g, c1, c2); g = GeneratorUtilities.GetKeyPairGenerator("ECIES"); g.Init(new KeyGenerationParameters(new SecureRandom(), 192)); doTest(g, c1, c2); g = GeneratorUtilities.GetKeyPairGenerator("ECIES"); g.Init(new KeyGenerationParameters(new SecureRandom(), 239)); doTest(g, c1, c2); g = GeneratorUtilities.GetKeyPairGenerator("ECIES"); g.Init(new KeyGenerationParameters(new SecureRandom(), 256)); doTest(g, c1, c2); doDefTest(g, c1, c2); c1 = CipherUtilities.GetCipher("IES"); c2 = CipherUtilities.GetCipher("IES"); g = GeneratorUtilities.GetKeyPairGenerator("DH"); // DHParameterSpec dhParams = new DHParameterSpec(p512, g512); // g.initialize(dhParams); g.Init( new DHKeyGenerationParameters( new SecureRandom(), new DHParameters(p512, g512))); doTest(g, c1, c2); doDefTest(g, c1, c2); }
public void TestECNR192bitPrime() { BigInteger r = new BigInteger("2474388605162950674935076940284692598330235697454145648371"); BigInteger s = new BigInteger("2997192822503471356158280167065034437828486078932532073836"); byte[] kData = new BigInteger("dcc5d1f1020906df2782360d36b2de7a17ece37d503784af", 16).ToByteArrayUnsigned(); SecureRandom k = FixedSecureRandom.From(kData); FpCurve curve = new FpCurve( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q (or p) new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", 16), // a new BigInteger("64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1", 16)); // b ECDomainParameters spec = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("03188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012")), // G new BigInteger("6277101735386680763835789423176059013767194773182842284081")); // n ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d spec); ECPublicKeyParameters pubKey = new ECPublicKeyParameters( curve.DecodePoint(Hex.Decode("0262B12D60690CDCF330BABAB6E69763B471F994DD702D16A5")), // Q spec); ISigner sgr = SignerUtilities.GetSigner("SHA1withECNR"); byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; checkSignature(192, priKey, pubKey, sgr, k, message, r, s); }
public void DecodeTest() { // EllipticCurve curve = new EllipticCurve( // new ECFieldFp(new BigInteger("6277101735386680763835789423207666416083908700390324961279")), // q // new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a // new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b ECCurve curve = new FpCurve( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b // ECPoint p = ECPointUtil.DecodePoint(curve, Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")); ECPoint p = curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")); BigInteger x = p.XCoord.ToBigInteger(); //p.getAffineX(); if (!x.Equals(new BigInteger("188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", 16))) { Fail("x uncompressed incorrectly"); } BigInteger y = p.YCoord.ToBigInteger(); //p.getAffineX(); if (!y.Equals(new BigInteger("7192b95ffc8da78631011ed6b24cdd573f977a11e794811", 16))) { Fail("y uncompressed incorrectly"); } }
public void TestECDsa192bitPrime() { BigInteger r = new BigInteger("3342403536405981729393488334694600415596881826869351677613"); BigInteger s = new BigInteger("5735822328888155254683894997897571951568553642892029982342"); byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("6140507067065001063065065565667405560006161556565665656654")); SecureRandom k = FixedSecureRandom.From(kData); FpCurve curve = new FpCurve( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b ECDomainParameters parameters = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G new BigInteger("6277101735386680763835789423176059013767194773182842284081")); // n ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( "ECDSA", new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d parameters); ParametersWithRandom param = new ParametersWithRandom(priKey, k); ECDsaSigner ecdsa = new ECDsaSigner(); ecdsa.Init(true, param); byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray(); BigInteger[] sig = ecdsa.GenerateSignature(message); if (!r.Equals(sig[0])) { Fail("r component wrong." + SimpleTest.NewLine + " expecting: " + r + SimpleTest.NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + SimpleTest.NewLine + " expecting: " + s + SimpleTest.NewLine + " got : " + sig[1]); } // Verify the signature ECPublicKeyParameters pubKey = new ECPublicKeyParameters( "ECDSA", curve.DecodePoint(Hex.Decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q parameters); ecdsa.Init(false, pubKey); if (!ecdsa.VerifySignature(message, sig[0], sig[1])) { Fail("verification fails"); } }
public Encrypt(string id, FpPoint tocka, FpPoint Ppublic, BigInteger prost, FpCurve curve, BigInteger stp) { ID = id; P = tocka; Ppub = Ppublic; prim = prost; E = curve; k = stp; }
protected override X9ECParameters CreateParameters() { ECCurve curve = new FpCurve( new BigInteger("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", 16), // q new BigInteger("6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF", 16), // a new BigInteger("469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9", 16)); // b return new X9ECParameters( curve, curve.DecodePoint(Hex.Decode("04C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD614B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F")), // G new BigInteger("C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", 16), //n new BigInteger("01", 16)); // h }
protected override X9ECParameters CreateParameters() { ECCurve curve = new FpCurve( new BigInteger("E95E4A5F737059DC60DFC7AD95B3D8139515620F", 16), // q new BigInteger("340E7BE2A280EB74E2BE61BADA745D97E8F7C300", 16), // a new BigInteger("1E589A8595423412134FAA2DBDEC95C8D8675E58", 16)); // b return new X9ECParameters( curve, curve.DecodePoint(Hex.Decode("04BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC31667CB477A1A8EC338F94741669C976316DA6321")), // G new BigInteger("E95E4A5F737059DC60DF5991D45029409E60FC09", 16), //n new BigInteger("01", 16)); // h }
protected override X9ECParameters CreateParameters() { ECCurve curve = new FpCurve( // new BigInteger("24DBFF5DEC9B986BBFE5295A29BFBAE45E0F5D0B", 16), // Z new BigInteger("E95E4A5F737059DC60DFC7AD95B3D8139515620F", 16), // q new BigInteger("E95E4A5F737059DC60DFC7AD95B3D8139515620C", 16), // a' new BigInteger("7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380", 16)); // b' return new X9ECParameters( curve, curve.DecodePoint(Hex.Decode("04B199B13B9B34EFC1397E64BAEB05ACC265FF2378ADD6718B7C7C1961F0991B842443772152C9E0AD")), // G new BigInteger("E95E4A5F737059DC60DF5991D45029409E60FC09", 16), //n new BigInteger("01", 16)); // h }
protected override X9ECParameters CreateParameters() { ECCurve cFp192v3 = new FpCurve( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), new BigInteger("22123dc2395a05caa7423daeccc94760a7d462256bd56916", 16)); return new X9ECParameters( cFp192v3, cFp192v3.DecodePoint( Hex.Decode("027d29778100c65a1da1783716588dce2b8b4aee8e228f1896")), new BigInteger("ffffffffffffffffffffffff7a62d031c83f4294f640ec13", 16), BigInteger.One, Hex.Decode("c469684435deb378c4b65ca9591e2a5763059a2e")); }
protected override X9ECParameters CreateParameters() { ECCurve cFp192v2 = new FpCurve( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), new BigInteger("cc22d6dfb95c6b25e49c0d6364a4e5980c393aa21668d953", 16)); return new X9ECParameters( cFp192v2, cFp192v2.DecodePoint( Hex.Decode("03eea2bae7e1497842f2de7769cfe9c989c072ad696f48034a")), new BigInteger("fffffffffffffffffffffffe5fb1a724dc80418648d8dd31", 16), BigInteger.One, Hex.Decode("31a92ee2029fd10d901b113e990710f0d21ac6b6")); }
protected override X9ECParameters CreateParameters() { ECCurve cFp192v1 = new FpCurve( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); return new X9ECParameters( cFp192v1, cFp192v1.DecodePoint( Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), new BigInteger("ffffffffffffffffffffffff99def836146bc9b1b4d22831", 16), BigInteger.One, Hex.Decode("3045AE6FC8422f64ED579528D38120EAE12196D5")); }
private void ecNR239bitPrime() { BigInteger n = new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"); FpCurve curve = new FpCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b n, BigInteger.One); ECDomainParameters parameters = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G n); ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d parameters); ECNRSigner ecnr = new ECNRSigner(); ParametersWithRandom param = new ParametersWithRandom(priKey, k); ecnr.Init(true, param); byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray(); BigInteger[] sig = ecnr.GenerateSignature(message); if (!r.Equals(sig[0])) { Fail("r component wrong.", r, sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong.", s, sig[1]); } // Verify the signature ECPublicKeyParameters pubKey = new ECPublicKeyParameters( curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q parameters); ecnr.Init(false, pubKey); if (!ecnr.VerifySignature(message, sig[0], sig[1])) { Fail("signature fails"); } }
protected override X9ECParameters CreateParameters() { // p = (2^128 - 3) / 76439 BigInteger p = FromHex("DB7C2ABF62E35E668076BEAD208B"); BigInteger a = FromHex("DB7C2ABF62E35E668076BEAD2088"); BigInteger b = FromHex("659EF8BA043916EEDE8911702B22"); byte[] S = Hex.Decode("00F50B028E4D696E676875615175290472783FB1"); BigInteger n = FromHex("DB7C2ABF62E35E7628DFAC6561C5"); BigInteger h = BigInteger.ValueOf(1); ECCurve curve = new FpCurve(p, a, b); //ECPoint G = curve.DecodePoint(Hex.Decode("02" //+ "09487239995A5EE76B55F9C2F098")); ECPoint G = curve.DecodePoint(Hex.Decode("04" + "09487239995A5EE76B55F9C2F098" + "A89CE5AF8724C0A23E0E0FF77500")); return new X9ECParameters(curve, G, n, h, S); }
protected override X9ECParameters CreateParameters() { // p = (2^128 - 3) / 76439 BigInteger p = FromHex("DB7C2ABF62E35E668076BEAD208B"); BigInteger a = FromHex("6127C24C05F38A0AAAF65C0EF02C"); BigInteger b = FromHex("51DEF1815DB5ED74FCC34C85D709"); byte[] S = Hex.Decode("002757A1114D696E6768756151755316C05E0BD4"); BigInteger n = FromHex("36DF0AAFD8B8D7597CA10520D04B"); BigInteger h = BigInteger.ValueOf(4); ECCurve curve = new FpCurve(p, a, b); //ECPoint G = curve.DecodePoint(Hex.Decode("03" //+ "4BA30AB5E892B4E1649DD0928643")); ECPoint G = curve.DecodePoint(Hex.Decode("04" + "4BA30AB5E892B4E1649DD0928643" + "ADCD46F5882E3747DEF36E956E97")); return new X9ECParameters(curve, G, n, h, S); }
/** * Test Sign and Verify with A parameters * see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt * gostR3410-2001-CryptoPro-A-ParamSet P.47 */ public void ecGOST3410_AParam() { SecureRandom random = new SecureRandom(); BigInteger mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319"); //p FpCurve curve = new FpCurve( mod_p, // p new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), // a new BigInteger("166")); // b ECDomainParameters parameters = new ECDomainParameters( curve, new FpPoint(curve, new FpFieldElement(mod_p, new BigInteger("1")), // x new FpFieldElement(mod_p, new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612"))), // y new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323")); // q ECKeyPairGenerator pGen = new ECKeyPairGenerator("ECGOST3410"); ECKeyGenerationParameters genParam = new ECKeyGenerationParameters( parameters, random); pGen.Init(genParam); AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair(); ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); ECGost3410Signer ecgost3410 = new ECGost3410Signer(); ecgost3410.Init(true, param); BigInteger[] sig = ecgost3410.GenerateSignature(hashmessage); ecgost3410.Init(false, pair.Public); if (!ecgost3410.VerifySignature(hashmessage, sig[0], sig[1])) { Fail("signature fails"); } }
public void TestEC() { BigInteger ECParraGX = new BigInteger(Base64.Decode("D/qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqv")); BigInteger ECParraGY = new BigInteger(Base64.Decode("AhQXGxb1olGRv6s1LPRfuatMF+cx3ZTGgzSE/Q5R")); BigInteger ECParraH = new BigInteger(Base64.Decode("AQ==")); BigInteger ECParraN = new BigInteger(Base64.Decode("f///////////////f///nl6an12QcfvRUiaIkJ0L")); BigInteger ECPubQX = new BigInteger(Base64.Decode("HWWi17Yb+Bm3PYr/DMjLOYNFhyOwX1QY7ZvqqM+l")); BigInteger ECPubQY = new BigInteger(Base64.Decode("JrlJfxu3WGhqwtL/55BOs/wsUeiDFsvXcGhB8DGx")); BigInteger ECPrivD = new BigInteger(Base64.Decode("GYQmd/NF1B+He1iMkWt3by2Az6Eu07t0ynJ4YCAo")); FpCurve curve = new FpCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECDomainParameters ecDomain = new ECDomainParameters( curve, new FpPoint(curve, curve.FromBigInteger(ECParraGX), curve.FromBigInteger(ECParraGY)), ECParraN); ECPublicKeyParameters ecPub = new ECPublicKeyParameters( new FpPoint( curve, curve.FromBigInteger(ECPubQX), curve.FromBigInteger(ECPubQY)), ecDomain); ECPrivateKeyParameters ecPriv = new ECPrivateKeyParameters(ECPrivD, ecDomain); SubjectPublicKeyInfo subinfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(ecPub); PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(ecPriv); ECPublicKeyParameters tecPub = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(subinfo); ECPrivateKeyParameters tecPriv = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(privInfo); Assert.IsTrue(tecPub.Equals(ecPub), "EC: public key to info back to public key"); Assert.IsTrue(tecPriv.Equals(ecPriv), "EC: private key to info back to private key"); }
public static Tuple <byte[], byte[]> GetSecp256k1PublicKey(byte[] privateKey) { //Secp256k1 curve variables - https://en.bitcoin.it/wiki/Secp256k1 var privKeyInt = new BigInteger(+1, privateKey); var a = new BigInteger("0"); var b = new BigInteger("7"); var GX = new BigInteger(+1, HexStringToByteArray("79BE667E F9DCBBAC 55A06295 CE870B07 029BFCDB 2DCE28D9 59F2815B 16F81798")); var GY = new BigInteger(+1, HexStringToByteArray("483ADA77 26A3C465 5DA4FBFC 0E1108A8 FD17B448 A6855419 9C47D08F FB10D4B8")); //var n = new BigInteger(+1, HexStringToByteArray("FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141")); //var h = new BigInteger("1"); var p = new BigInteger(+1, HexStringToByteArray("FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE FFFFFC2F")); //var q = h.Multiply(n).Mod(p); //Is this right??? //- http://en.wikipedia.org/wiki/Elliptic_curve_cryptography ECCurve curve = new Org.BouncyCastle.Math.EC.FpCurve(p, a, b); ECPoint G = new Org.BouncyCastle.Math.EC.FpPoint(curve, new FpFieldElement(p, GX), new FpFieldElement(p, GY)); var Qa = G.Multiply(privKeyInt); byte[] PubKeyX = Qa.X.ToBigInteger().ToByteArrayUnsigned(); byte[] PubKeyY = Qa.Y.ToBigInteger().ToByteArrayUnsigned(); return(Tuple.Create(PubKeyX, PubKeyY)); }
public override void PerformTest() { StaticTest(); FpCurve curve = new FpCurve( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b ECDomainParameters parameters = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G new BigInteger("6277101735386680763835789423176059013767194773182842284081")); // n ECKeyPairGenerator eGen = new ECKeyPairGenerator(); KeyGenerationParameters gParam = new ECKeyGenerationParameters(parameters, new SecureRandom()); eGen.Init(gParam); AsymmetricCipherKeyPair p1 = eGen.GenerateKeyPair(); AsymmetricCipherKeyPair p2 = eGen.GenerateKeyPair(); DoTest(p1, p2); }
public Setup() { n = 3; do { Random r = new Random(); s = r.Next(1, int.MaxValue - 1); } while (s == 0); // p i q p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007908834671663", 10); //q = p.Pow(n); q = p; k = new BigInteger("115792089237316195423570985008687907852837564279074904382605163141518161494337", 10); // E - krivulja secp256k1 - y ^ 2 = x ^ 3 + 0*x + 7 BigInteger a = new BigInteger("0", 10); BigInteger b = new BigInteger("7", 10); E = new FpCurve(q, a, b); // P BigInteger x1 = new BigInteger("55066263022277343669578718895168534326250603453777594175500187360389116729240", 10); BigInteger y1 = new BigInteger("32670510020758816978083085130507043184471273380659243275938904335757337482424", 10); FpFieldElement x = (FpFieldElement)E.FromBigInteger(x1); // new FpFieldElement(q, x1); FpFieldElement y = (FpFieldElement)E.FromBigInteger(y1); // new FpFieldElement(q, y1); P = new FpPoint(E, x, y); BigInteger mtp = new BigInteger(s.ToString(), 10); Ppub = (FpPoint)P.Multiply(mtp); File.WriteAllText("mk", s.ToString() + Environment.NewLine); }
private void Init() { random = new SecureRandom(); mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); //p curve = new FpCurve( mod_p, // p new BigInteger("7"), // a new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414")); // b parameters = new ECDomainParameters( curve, new FpPoint(curve, new FpFieldElement(mod_p, new BigInteger("2")), // x new FpFieldElement(mod_p, new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280"))), // y new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619")); // q string message = "Бюллетень"; tbH.Text = GetDigest(System.Text.Encoding.Default.GetBytes(message)).ToString(16); //tbH.Text = (new BigInteger("20798893674476452017134061561508270130637142515379653289952617252661468872421")).ToString(16); }
private void StaticTest() { FpCurve curve = new FpCurve( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b ECDomainParameters parameters = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G new BigInteger("6277101735386680763835789423176059013767194773182842284081")); // n ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( "ECDH", new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d parameters); ECPublicKeyParameters pubKey = new ECPublicKeyParameters( "ECDH", curve.DecodePoint(Hex.Decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q parameters); AsymmetricCipherKeyPair p1 = new AsymmetricCipherKeyPair(pubKey, priKey); AsymmetricCipherKeyPair p2 = new AsymmetricCipherKeyPair(pubKey, priKey); // // stream test // IesEngine i1 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest())); IesEngine i2 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest())); byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; IesParameters p = new IesParameters(d, e, 64); i1.Init(true, p1.Private, p2.Public, p); i2.Init(false, p2.Private, p1.Public, p); byte[] message = Hex.Decode("1234567890abcdef"); byte[] out1 = i1.ProcessBlock(message, 0, message.Length); if (!AreEqual(out1, Hex.Decode("468d89877e8238802403ec4cb6b329faeccfa6f3a730f2cdb3c0a8e8"))) { Fail("stream cipher test failed on enc"); } byte[] out2 = i2.ProcessBlock(out1, 0, out1.Length); if (!AreEqual(out2, message)) { Fail("stream cipher test failed"); } // // twofish with CBC // BufferedBlockCipher c1 = new PaddedBufferedBlockCipher( new CbcBlockCipher(new TwofishEngine())); BufferedBlockCipher c2 = new PaddedBufferedBlockCipher( new CbcBlockCipher(new TwofishEngine())); i1 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest()), c1); i2 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest()), c2); d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; p = new IesWithCipherParameters(d, e, 64, 128); i1.Init(true, p1.Private, p2.Public, p); i2.Init(false, p2.Private, p1.Public, p); message = Hex.Decode("1234567890abcdef"); out1 = i1.ProcessBlock(message, 0, message.Length); if (!AreEqual(out1, Hex.Decode("b8a06ea5c2b9df28b58a0a90a734cde8c9c02903e5c220021fe4417410d1e53a32a71696"))) { Fail("twofish cipher test failed on enc"); } out2 = i2.ProcessBlock(out1, 0, out1.Length); if (!AreEqual(out2, message)) { Fail("twofish cipher test failed"); } }
/** * we Generate a self signed certificate for the sake of testing - ECDSA */ internal void checkCreation3() { ECCurve curve = new FpCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECDomainParameters spec = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n ECPrivateKeyParameters privKey = new ECPrivateKeyParameters( "ECDSA", new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d spec); ECPublicKeyParameters pubKey = new ECPublicKeyParameters( "ECDSA", curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q spec); // // set up the keys // // AsymmetricKeyParameter privKey; // AsymmetricKeyParameter pubKey; // // try // { // KeyFactory fact = KeyFactory.GetInstance("ECDSA"); // // privKey = fact.generatePrivate(privKeySpec); // pubKey = fact.generatePublic(pubKeySpec); // } // catch (Exception e) // { // Fail("error setting up keys - " + e.ToString()); // return; // } // // distinguished name table. // IDictionary attrs = new Hashtable(); IList order = new ArrayList(); attrs.Add(X509Name.C, "AU"); attrs.Add(X509Name.O, "The Legion of the Bouncy Castle"); attrs.Add(X509Name.L, "Melbourne"); attrs.Add(X509Name.ST, "Victoria"); attrs.Add(X509Name.E, "*****@*****.**"); order.Add(X509Name.C); order.Add(X509Name.O); order.Add(X509Name.L); order.Add(X509Name.ST); order.Add(X509Name.E); // // ToString test // X509Name p = new X509Name(order, attrs); string s = p.ToString(); if (!s.Equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne,ST=Victoria,[email protected]")) { Fail("ordered X509Principal test failed - s = " + s + "."); } // // create the certificate - version 3 // X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); certGen.SetSerialNumber(BigInteger.One); certGen.SetIssuerDN(new X509Name(order, attrs)); certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(order, attrs)); certGen.SetPublicKey(pubKey); certGen.SetSignatureAlgorithm("SHA1withECDSA"); try { X509Certificate cert = certGen.Generate(privKey); cert.CheckValidity(DateTime.UtcNow); cert.Verify(pubKey); X509CertificateParser fact = new X509CertificateParser(); cert = fact.ReadCertificate(cert.GetEncoded()); // // try with point compression turned off // // ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED"); ECPoint q = pubKey.Q.Normalize(); pubKey = new ECPublicKeyParameters( pubKey.AlgorithmName, q.Curve.CreatePoint(q.XCoord.ToBigInteger(), q.YCoord.ToBigInteger()), pubKey.Parameters); certGen.SetPublicKey(pubKey); cert = certGen.Generate(privKey); cert.CheckValidity(DateTime.UtcNow); cert.Verify(pubKey); cert = fact.ReadCertificate(cert.GetEncoded()); // Console.WriteLine(cert); } catch (Exception e) { Fail("error setting generating cert - " + e.ToString()); } X509Name pr = new X509Name("O=\"The Bouncy Castle, The Legion of\",[email protected],ST=Victoria,L=Melbourne,C=AU"); if (!pr.ToString().Equals("O=The Bouncy Castle\\, The Legion of,[email protected],ST=Victoria,L=Melbourne,C=AU")) { Fail("string based X509Principal test failed."); } pr = new X509Name("O=The Bouncy Castle\\, The Legion of,[email protected],ST=Victoria,L=Melbourne,C=AU"); if (!pr.ToString().Equals("O=The Bouncy Castle\\, The Legion of,[email protected],ST=Victoria,L=Melbourne,C=AU")) { Fail("string based X509Principal test failed."); } }
/** * we Generate a self signed certificate for the sake of testing - SHA224withECDSA */ private void createECCert( string algorithm, DerObjectIdentifier algOid) { FpCurve curve = new FpCurve( new BigInteger("6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057151"), // q (or p) new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC", 16), // a new BigInteger("0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", 16)); // b ECDomainParameters spec = new ECDomainParameters( curve, // curve.DecodePoint(Hex.Decode("02C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66")), // G curve.DecodePoint(Hex.Decode("0200C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66")), // G new BigInteger("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", 16)); // n ECPrivateKeyParameters privKey = new ECPrivateKeyParameters( "ECDSA", new BigInteger("5769183828869504557786041598510887460263120754767955773309066354712783118202294874205844512909370791582896372147797293913785865682804434049019366394746072023"), // d spec); ECPublicKeyParameters pubKey = new ECPublicKeyParameters( "ECDSA", // curve.DecodePoint(Hex.Decode("026BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q curve.DecodePoint(Hex.Decode("02006BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q spec); // // // // set up the keys // // // AsymmetricKeyParameter privKey; // AsymmetricKeyParameter pubKey; // // KeyFactory fact = KeyFactory.GetInstance("ECDSA"); // // privKey = fact.generatePrivate(privKeySpec); // pubKey = fact.generatePublic(pubKeySpec); // // distinguished name table. // IDictionary attrs = new Hashtable(); IList order = new ArrayList(); attrs.Add(X509Name.C, "AU"); attrs.Add(X509Name.O, "The Legion of the Bouncy Castle"); attrs.Add(X509Name.L, "Melbourne"); attrs.Add(X509Name.ST, "Victoria"); attrs.Add(X509Name.E, "*****@*****.**"); order.Add(X509Name.C); order.Add(X509Name.O); order.Add(X509Name.L); order.Add(X509Name.ST); order.Add(X509Name.E); // // create the certificate - version 3 // X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); certGen.SetSerialNumber(BigInteger.One); certGen.SetIssuerDN(new X509Name(order, attrs)); certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(order, attrs)); certGen.SetPublicKey(pubKey); certGen.SetSignatureAlgorithm(algorithm); X509Certificate cert = certGen.Generate(privKey); cert.CheckValidity(DateTime.UtcNow); cert.Verify(pubKey); X509CertificateParser fact = new X509CertificateParser(); cert = fact.ReadCertificate(cert.GetEncoded()); // // try with point compression turned off // // ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED"); ECPoint q = pubKey.Q.Normalize(); pubKey = new ECPublicKeyParameters( pubKey.AlgorithmName, q.Curve.CreatePoint(q.XCoord.ToBigInteger(), q.YCoord.ToBigInteger()), pubKey.Parameters); certGen.SetPublicKey(pubKey); cert = certGen.Generate(privKey); cert.CheckValidity(DateTime.UtcNow); cert.Verify(pubKey); cert = fact.ReadCertificate(cert.GetEncoded()); if (!cert.SigAlgOid.Equals(algOid.ToString())) { Fail("ECDSA oid incorrect."); } if (cert.GetSigAlgParams() != null) { Fail("sig parameters present"); } ISigner sig = SignerUtilities.GetSigner(algorithm); sig.Init(false, pubKey); byte[] b = cert.GetTbsCertificate(); sig.BlockUpdate(b, 0, b.Length); if (!sig.VerifySignature(cert.GetSignature())) { Fail("EC certificate signature not mapped correctly."); } // Console.WriteLine(cert); }
public void TestECMqv() { IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECMQV"); // EllipticCurve curve = new EllipticCurve( // new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q // new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a // new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECCurve curve = new FpCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECDomainParameters ecSpec = new ECDomainParameters( curve, // ECPointUtil.DecodePoint(curve, Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n BigInteger.One); //1); // h // g.initialize(ecSpec, new SecureRandom()); g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); // // U side // AsymmetricCipherKeyPair U1 = g.GenerateKeyPair(); AsymmetricCipherKeyPair U2 = g.GenerateKeyPair(); IBasicAgreement uAgree = AgreementUtilities.GetBasicAgreement("ECMQV"); uAgree.Init(new MqvPrivateParameters( (ECPrivateKeyParameters)U1.Private, (ECPrivateKeyParameters)U2.Private, (ECPublicKeyParameters)U2.Public)); // // V side // AsymmetricCipherKeyPair V1 = g.GenerateKeyPair(); AsymmetricCipherKeyPair V2 = g.GenerateKeyPair(); IBasicAgreement vAgree = AgreementUtilities.GetBasicAgreement("ECMQV"); vAgree.Init(new MqvPrivateParameters( (ECPrivateKeyParameters)V1.Private, (ECPrivateKeyParameters)V2.Private, (ECPublicKeyParameters)V2.Public)); // // agreement // BigInteger ux = uAgree.CalculateAgreement(new MqvPublicParameters( (ECPublicKeyParameters)V1.Public, (ECPublicKeyParameters)V2.Public)); BigInteger vx = vAgree.CalculateAgreement(new MqvPublicParameters( (ECPublicKeyParameters)U1.Public, (ECPublicKeyParameters)U2.Public)); if (!ux.Equals(vx)) { Fail("Agreement failed"); } }
static ECGost3410NamedCurves() { BigInteger mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319"); BigInteger mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323"); FpCurve curve = new FpCurve( mod_p, // p new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), // a new BigInteger("166")); // b ECDomainParameters ecParams = new ECDomainParameters( curve, curve.CreatePoint( BigInteger.One, // x new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612"), // y false), mod_q); parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProA] = ecParams; mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319"); mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323"); curve = new FpCurve( mod_p, // p new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), new BigInteger("166")); ecParams = new ECDomainParameters( curve, curve.CreatePoint( BigInteger.One, // x new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612"), // y false), mod_q); parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA] = ecParams; mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823193"); //p mod_q = new BigInteger("57896044618658097711785492504343953927102133160255826820068844496087732066703"); //q curve = new FpCurve( mod_p, // p new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823190"), // a new BigInteger("28091019353058090096996979000309560759124368558014865957655842872397301267595")); // b ecParams = new ECDomainParameters( curve, curve.CreatePoint( BigInteger.One, // x new BigInteger("28792665814854611296992347458380284135028636778229113005756334730996303888124"), // y false), mod_q); // q parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProB] = ecParams; mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619"); mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601"); curve = new FpCurve( mod_p, // p new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), new BigInteger("32858")); ecParams = new ECDomainParameters( curve, curve.CreatePoint( BigInteger.Zero, // x new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247"), // y false), mod_q); parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB] = ecParams; mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619"); //p mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601"); //q curve = new FpCurve( mod_p, // p new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), // a new BigInteger("32858")); // b ecParams = new ECDomainParameters( curve, curve.CreatePoint( BigInteger.Zero, // x new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247"), // y false), mod_q); // q parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProC] = ecParams; objIds["GostR3410-2001-CryptoPro-A"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProA; objIds["GostR3410-2001-CryptoPro-B"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProB; objIds["GostR3410-2001-CryptoPro-C"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProC; objIds["GostR3410-2001-CryptoPro-XchA"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA; objIds["GostR3410-2001-CryptoPro-XchB"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB; names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProA] = "GostR3410-2001-CryptoPro-A"; names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProB] = "GostR3410-2001-CryptoPro-B"; names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProC] = "GostR3410-2001-CryptoPro-C"; names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA] = "GostR3410-2001-CryptoPro-XchA"; names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB] = "GostR3410-2001-CryptoPro-XchB"; }
public static byte[] recoverPubBytesFromSignature(int recId, ECDSASignature sig, byte[] messageHash) { check(recId >= 0, "recId must be positive"); check(sig.r.SignValue >= 0, "r must be positive"); check(sig.s.SignValue >= 0, "s must be positive"); check(messageHash != null, "messageHash must not be null"); // 1.0 For j from 0 to h (h == recId here and the loop is outside // this function) // 1.1 Let x = r + jn BigInteger n = ECKey.Curve.N; // Curve order. BigInteger i = BigInteger.ValueOf((long)recId / 2); BigInteger x = sig.r.Add(i.Multiply(n)); // 1.2. Convert the integer x to an octet string X of length mlen // using the conversion routine // specified in Section 2.3.7, where mlen = ⌈(log2 p)/8⌉ or // mlen = ⌈m/8⌉. // 1.3. Convert the octet string (16 set binary digits)||X to an // elliptic curve point R using the // conversion routine specified in Section 2.3.4. If this // conversion routine outputs “invalid”, then // do another iteration of Step 1. // // More concisely, what these points mean is to use X as a compressed // public key. Org.BouncyCastle.Math.EC.FpCurve curve = (Org.BouncyCastle.Math.EC.FpCurve)ECKey.Curve.Curve; BigInteger prime = curve.Q; // Bouncy Castle is not consistent // about the letter it uses for the prime. if (x.CompareTo(prime) >= 0) { // Cannot have point co-ordinates larger than this as everything // takes place modulo Q. return(null); } // Compressed allKeys require you to know an extra bit of data about the // y-coord as there are two possibilities. // So it's encoded in the recId. ECPoint R = decompressKey(x, (recId & 1) == 1); // 1.4. If nR != point at infinity, then do another iteration of // Step 1 (callers responsibility). if (!R.Multiply(n).IsInfinity) { return(null); } // 1.5. Compute e from M using Steps 2 and 3 of ECDSA signature // verification. BigInteger e = new BigInteger(1, messageHash); // 1.6. For k from 1 to 2 do the following. (loop is outside this // function via iterating recId) // 1.6.1. Compute a candidate public key as: // Q = mi(r) * (sR - eG) // // Where mi(x) is the modular multiplicative inverse. We transform // this into the following: // Q = (mi(r) * s ** R) + (mi(r) * -e ** G) // Where -e is the modular additive inverse of e, that is z such that // z + e = 0 (mod n). In the above equation // ** is point multiplication and + is point addition (the EC group // operator). // // We can find the additive inverse by subtracting e from zero then // taking the mod. For example the additive // inverse of 3 modulo 11 is 8 because 3 + 8 mod 11 = 0, and -3 mod // 11 = 8. BigInteger eInv = BigInteger.Zero.Subtract(e).Mod(n); BigInteger rInv = sig.r.ModInverse(n); BigInteger srInv = rInv.Multiply(sig.s).Mod(n); BigInteger eInvrInv = rInv.Multiply(eInv).Mod(n); FpPoint q = (FpPoint)ECAlgorithms.SumOfTwoMultiplies(ECKey.Params.G, eInvrInv, R, srInv); return(q.GetEncoded(/* compressed */ false)); }
protected override X9ECParameters CreateParameters() { ECCurve curve = new FpCurve( //new BigInteger("1B6F5CC8DB4DC7AF19458A9CB80DC2295E5EB9C3732104CB") //Z new BigInteger("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", 16), // q new BigInteger("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294", 16), // a' new BigInteger("13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79", 16)); // b' return new X9ECParameters( curve, curve.DecodePoint(Hex.Decode("043AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129097E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9")), // G' new BigInteger("C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", 16), //n new BigInteger("01", 16)); // h }
protected bool Equals( FpCurve other) { return(base.Equals(other) && q.Equals(other.q)); }
protected override X9ECParameters CreateParameters() { ECCurve curve = new FpCurve( new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", 16), // q new BigInteger("7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA", 16), // a new BigInteger("3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723", 16)); // b return new X9ECParameters( curve, curve.DecodePoint(Hex.Decode("0481AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F8227DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892")), // G new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", 16), //n new BigInteger("01", 16)); // h }
protected override X9ECParameters CreateParameters() { ECCurve curve = new FpCurve( //new BigInteger("12EE58E6764838B69782136F0F2D3BA06E27695716054092E60A80BEDB212B64E585D90BCE13761F85C3F1D2A64E3BE8FEA2220F01EBA5EEB0F35DBD29D922AB") //Z new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", 16), // q new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0", 16), // a' new BigInteger("7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E", 16)); // b' return new X9ECParameters( curve, curve.DecodePoint(Hex.Decode("04640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332")), // G' new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", 16), //n new BigInteger("01", 16)); // h }