protected virtual bool Equals(
ECDomainParameters other)
{
return(curve.Equals(other.curve) &&
g.Equals(other.g) &&
n.Equals(other.n));
}
protected bool Equals(ECPublicKeyParameters other)
{
if (q.Equals(other.q))
{
return(Equals((ECKeyParameters)other));
}
return(false);
}
protected bool Equals(ECDomainParameters other)
{
if (curve.Equals(other.curve) && g.Equals(other.g) && n.Equals(other.n) && h.Equals(other.h))
{
return(Arrays.AreEqual(seed, other.seed));
}
return(false);
}
protected bool Equals(ECDomainParameters other)
{
return(_curve.Equals(other.Curve) &&
_g.Equals(other.G) &&
_n.Equals(other.N) &&
_h.Equals(other.H) &&
Arrays.AreEqual(_seed, other._seed));
}
protected bool Equals(
ECDomainParameters other)
{
return(curve.Equals(other.curve) &&
g.Equals(other.g) &&
n.Equals(other.n) &&
h.Equals(other.h) &&
Arrays.AreSame(seed, other.seed));
}
protected bool Equals(
ECDomainParameters other)
{
return(_curve.Equals(other._curve) &&
_g.Equals(other._g) &&
_n.Equals(other._n) &&
_h.Equals(other._h) &&
_seed.SequenceEqualShortCircuiting(other._seed));
}
public bool Equals(ValidatorState other)
{
if (ReferenceEquals(this, other))
{
return(true);
}
if (ReferenceEquals(null, other))
{
return(false);
}
return(PublicKey.Equals(other.PublicKey));
}
public bool Equals(KeyPair other)
{
if (ReferenceEquals(this, other))
{
return(true);
}
if (ReferenceEquals(null, other))
{
return(false);
}
return(PublicKey.Equals(other.PublicKey));
}
internal override void Evaluate()
{
X9ECParameters p = NistNamedCurves.GetByName("P-256");
Org.BouncyCastle.Crypto.Internal.Parameters.EcDomainParameters parameters = new Org.BouncyCastle.Crypto.Internal.Parameters.EcDomainParameters(p.Curve, p.G, p.N, p.H);
BigInteger dValue = new BigInteger(1, FipsKats.Values[FipsKats.Vec.ECPrimitiveStartupVec]);
ECPoint Q = parameters.Curve.DecodePoint(Hex.Decode("03596375E6CE57E0F20294FC46BDFCFD19A39F8161B58695B3EC5B3D16427C274D"));
if (!Q.Equals(parameters.G.Multiply(dValue)))
{
Fail("EC primitive 'Z' computation failed");
}
}
/**
* Goes through all points on an elliptic curve and checks, if adding a
* point <code>k</code>-times is the same as multiplying the point by
* <code>k</code>, for all <code>k</code>. Should be called for points
* on very small elliptic curves only.
*
* @param p
* The base point on the elliptic curve.
* @param infinity
* The point at infinity on the elliptic curve.
*/
private void ImplTestAllPoints(ECPoint p, ECPoint infinity)
{
ECPoint adder = infinity;
ECPoint multiplier = infinity;
BigInteger i = BigInteger.One;
do
{
adder = adder.Add(p);
multiplier = p.Multiply(i);
AssertPointsEqual("Results of Add() and Multiply() are inconsistent " + i, adder, multiplier);
i = i.Add(BigInteger.One);
}while (!(adder.Equals(infinity)));
}
public static void KeyRecover(ECCurve Curve)
{
byte[] privateKey = generatekey(32);
ECPoint publicKey = Curve.G * privateKey;
ECDsa ecdsa = new ECDsa(privateKey, Curve);
byte[] message = System.Text.Encoding.Default.GetBytes("HelloWorld");
BigInteger[] signatures = ecdsa.GenerateSignature(message);
BigInteger r = signatures[0];
BigInteger s = signatures[1];
bool v;
if (signatures[2] == 0)
{
v = true;
}
else
{
v = false;
}
ECPoint recoverKey = ECDsa.KeyRecover(Curve, r, s, message, v);
Assert.IsTrue(recoverKey.Equals(publicKey));
//wrong r part
r = new BigInteger(generatekey(32));
s = new BigInteger(generatekey(32));
try
{
recoverKey = ECDsa.KeyRecover(Curve, r, s, message, v);
Assert.IsFalse(recoverKey.Equals(publicKey));
}
catch (Exception e)
{
Assert.IsTrue(e.GetType() == typeof(ArithmeticException));
}
}
/**
* Goes through all points on an elliptic curve and checks, if adding a
* point <code>k</code>-times is the same as multiplying the point by
* <code>k</code>, for all <code>k</code>. Should be called for points
* on very small elliptic curves only.
*
* @param p
* The base point on the elliptic curve.
* @param infinity
* The point at infinity on the elliptic curve.
*/
private void implTestAllPoints(ECPoint p, ECPoint infinity)
{
ECPoint adder = infinity;
ECPoint multiplier = infinity;
int i = 1;
do
{
adder = adder.Add(p);
multiplier = p.Multiply(new BigInteger(i.ToString()));
Assert.AreEqual(adder, multiplier,
"Results of add() and multiply() are inconsistent " + i);
i++;
}while (!(adder.Equals(infinity)));
}
public override bool Equals(object obj)
{
if (obj is ECDomainParameters)
{
if (seed != null && !seed.Equals(((ECDomainParameters)obj).getSeed()))
{
return(false);
}
if (h != null && !h.Equals(((ECDomainParameters)obj).getH()))
{
return(false);
}
return(curve.Equals(((ECDomainParameters)obj).getCurve()) && G.Equals(((ECDomainParameters)obj).getG()) && n.Equals(((ECDomainParameters)obj).getN()));
}
return(base.Equals(obj));
}
public override bool Equals(object obj)
{
if (obj == null)
{
return(false);
}
if (this == obj)
{
return(true);
}
if (!(obj is EncryptedVerifier))
{
return(false);
}
var encryptedVerifier = (EncryptedVerifier)obj;
return(publicKey.Equals(encryptedVerifier.publicKey) &&
verificationPoint.Equals(encryptedVerifier.verificationPoint));
}
protected bool Equals(
ECPublicKeyParameters other)
{
return(q.Equals(other.q) && base.Equals(other));
}
public void Comparisons(ECPoint point, object other, bool expected)
{
Assert.AreEqual(expected, point.Equals(other));
}
public static CertificateQueryResult Query(ECPoint pubkey)
{
if (pubkey.Equals(Blockchain.AntShare.Issuer) || pubkey.Equals(Blockchain.AntCoin.Issuer))
{
return new CertificateQueryResult {
Type = CertificateQueryResultType.System
}
}
;
Directory.CreateDirectory(Settings.Default.CertCachePath);
string path = Path.Combine(Settings.Default.CertCachePath, $"{pubkey}.cer");
if (!File.Exists(path))
{
//TODO: 本地缓存中找不到证书的情况下,去公共服务器上查询
}
if (!File.Exists(path))
{
return new CertificateQueryResult {
Type = CertificateQueryResultType.Missing
}
}
;
X509Certificate2 cert;
try
{
cert = new X509Certificate2(path);
}
catch (CryptographicException)
{
return(new CertificateQueryResult {
Type = CertificateQueryResultType.Missing
});
}
if (cert.PublicKey.Oid.Value != "1.2.840.10045.2.1")
{
return new CertificateQueryResult {
Type = CertificateQueryResultType.Missing
}
}
;
if (!pubkey.Equals(ECPoint.DecodePoint(cert.PublicKey.EncodedKeyValue.RawData, ECCurve.Secp256r1)))
{
return new CertificateQueryResult {
Type = CertificateQueryResultType.Missing
}
}
;
using (X509Chain chain = new X509Chain())
{
CertificateQueryResult result = new CertificateQueryResult {
Certificate = cert
};
if (chain.Build(cert))
{
result.Type = CertificateQueryResultType.Good;
}
else if (chain.ChainStatus.Length == 1 && chain.ChainStatus[0].Status == X509ChainStatusFlags.NotTimeValid)
{
result.Type = CertificateQueryResultType.Expired;
}
else
{
result.Type = CertificateQueryResultType.Invalid;
}
return(result);
}
}
}
}
public static CertificateQueryResult Query(ECPoint pubkey, string url)
{
if (pubkey.Equals(Blockchain.AntShare.Issuer) || pubkey.Equals(Blockchain.AntCoin.Issuer))
{
return new CertificateQueryResult {
Type = CertificateQueryResultType.System
}
}
;
Directory.CreateDirectory(Settings.Default.CertCachePath);
string path = Path.Combine(Settings.Default.CertCachePath, $"{pubkey}.cer");
if (!File.Exists(path))
{
if (string.IsNullOrEmpty(url))
{
url = $"http://cert.onchain.com/antshares/{pubkey}.cer";
}
using (WebClient web = new WebClient())
{
try
{
web.DownloadFile(url, path);
}
catch (WebException) { }
}
}
if (!File.Exists(path))
{
return new CertificateQueryResult {
Type = CertificateQueryResultType.Missing
}
}
;
X509Certificate2 cert;
try
{
cert = new X509Certificate2(path);
}
catch (CryptographicException)
{
return(new CertificateQueryResult {
Type = CertificateQueryResultType.Missing
});
}
if (cert.PublicKey.Oid.Value != "1.2.840.10045.2.1")
{
return new CertificateQueryResult {
Type = CertificateQueryResultType.Missing
}
}
;
if (!pubkey.Equals(ECPoint.DecodePoint(cert.PublicKey.EncodedKeyValue.RawData, ECCurve.Secp256r1)))
{
return new CertificateQueryResult {
Type = CertificateQueryResultType.Missing
}
}
;
using (X509Chain chain = new X509Chain())
{
CertificateQueryResult result = new CertificateQueryResult {
Certificate = cert
};
if (chain.Build(cert))
{
result.Type = CertificateQueryResultType.Good;
}
else if (chain.ChainStatus.Length == 1 && chain.ChainStatus[0].Status == X509ChainStatusFlags.NotTimeValid)
{
result.Type = CertificateQueryResultType.Expired;
}
else
{
result.Type = CertificateQueryResultType.Invalid;
}
return(result);
}
}
}
}
private void doTestECDH(
string algorithm)
{
IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator(algorithm);
// EllipticCurve curve = new EllipticCurve(
// new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q
// new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
// new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
ECCurve curve = new FpCurve(
new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
ECDomainParameters ecSpec = new ECDomainParameters(
curve,
// ECPointUtil.DecodePoint(curve, Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n
BigInteger.One); //1); // h
// g.initialize(ecSpec, new SecureRandom());
g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom()));
//
// a side
//
AsymmetricCipherKeyPair aKeyPair = g.GenerateKeyPair();
IBasicAgreement aKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algorithm);
aKeyAgreeBasic.Init(aKeyPair.Private);
//
// b side
//
AsymmetricCipherKeyPair bKeyPair = g.GenerateKeyPair();
IBasicAgreement bKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algorithm);
bKeyAgreeBasic.Init(bKeyPair.Private);
//
// agreement
//
// aKeyAgreeBasic.doPhase(bKeyPair.Public, true);
// bKeyAgreeBasic.doPhase(aKeyPair.Public, true);
//
// BigInteger k1 = new BigInteger(aKeyAgreeBasic.generateSecret());
// BigInteger k2 = new BigInteger(bKeyAgreeBasic.generateSecret());
BigInteger k1 = aKeyAgreeBasic.CalculateAgreement(bKeyPair.Public);
BigInteger k2 = bKeyAgreeBasic.CalculateAgreement(aKeyPair.Public);
if (!k1.Equals(k2))
{
Fail(algorithm + " 2-way test failed");
}
//
// public key encoding test
//
// byte[] pubEnc = aKeyPair.Public.GetEncoded();
byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(aKeyPair.Public).GetDerEncoded();
// KeyFactory keyFac = KeyFactory.getInstance(algorithm);
// X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc);
// ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509);
ECPublicKeyParameters pubKey = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(pubEnc);
ECDomainParameters ecDP = pubKey.Parameters;
// if (!pubKey.getW().Equals(((ECPublicKeyParameters)aKeyPair.Public).getW()))
ECPoint pq1 = pubKey.Q.Normalize(), pq2 = ((ECPublicKeyParameters)aKeyPair.Public).Q.Normalize();
if (!pq1.Equals(pq2))
{
// Console.WriteLine(" expected " + pubKey.getW().getAffineX() + " got " + ((ECPublicKey)aKeyPair.Public).getW().getAffineX());
// Console.WriteLine(" expected " + pubKey.getW().getAffineY() + " got " + ((ECPublicKey)aKeyPair.Public).getW().getAffineY());
// Fail(algorithm + " public key encoding (W test) failed");
Console.WriteLine(" expected " + pq1.AffineXCoord.ToBigInteger()
+ " got " + pq2.AffineXCoord.ToBigInteger());
Console.WriteLine(" expected " + pq1.AffineYCoord.ToBigInteger()
+ " got " + pq2.AffineYCoord.ToBigInteger());
Fail(algorithm + " public key encoding (Q test) failed");
}
// if (!pubKey.Parameters.getGenerator().Equals(((ECPublicKeyParameters)aKeyPair.Public).Parameters.getGenerator()))
if (!pubKey.Parameters.G.Equals(((ECPublicKeyParameters)aKeyPair.Public).Parameters.G))
{
Fail(algorithm + " public key encoding (G test) failed");
}
//
// private key encoding test
//
// byte[] privEnc = aKeyPair.Private.GetEncoded();
byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(aKeyPair.Private).GetDerEncoded();
// PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
// ECPrivateKey privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8);
ECPrivateKeyParameters privKey = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(privEnc);
// if (!privKey.getS().Equals(((ECPrivateKey)aKeyPair.Private).getS()))
if (!privKey.D.Equals(((ECPrivateKeyParameters)aKeyPair.Private).D))
{
// Fail(algorithm + " private key encoding (S test) failed");
Fail(algorithm + " private key encoding (D test) failed");
}
// if (!privKey.Parameters.getGenerator().Equals(((ECPrivateKey)aKeyPair.Private).Parameters.getGenerator()))
if (!privKey.Parameters.G.Equals(((ECPrivateKeyParameters)aKeyPair.Private).Parameters.G))
{
Fail(algorithm + " private key encoding (G test) failed");
}
}
private void DoTestECDH(string algorithm)
{
IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator(algorithm);
X9ECParameters x9 = ECNamedCurveTable.GetByName("prime239v1");
ECDomainParameters ecSpec = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H);
g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom()));
//
// a side
//
AsymmetricCipherKeyPair aKeyPair = g.GenerateKeyPair();
IBasicAgreement aKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algorithm);
aKeyAgreeBasic.Init(aKeyPair.Private);
//
// b side
//
AsymmetricCipherKeyPair bKeyPair = g.GenerateKeyPair();
IBasicAgreement bKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algorithm);
bKeyAgreeBasic.Init(bKeyPair.Private);
//
// agreement
//
BigInteger k1 = aKeyAgreeBasic.CalculateAgreement(bKeyPair.Public);
BigInteger k2 = bKeyAgreeBasic.CalculateAgreement(aKeyPair.Public);
if (!k1.Equals(k2))
{
Fail(algorithm + " 2-way test failed");
}
//
// public key encoding test
//
// byte[] pubEnc = aKeyPair.Public.GetEncoded();
byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(aKeyPair.Public).GetDerEncoded();
// KeyFactory keyFac = KeyFactory.getInstance(algorithm);
// X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc);
// ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509);
ECPublicKeyParameters pubKey = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(pubEnc);
ECDomainParameters ecDP = pubKey.Parameters;
// if (!pubKey.getW().Equals(((ECPublicKeyParameters)aKeyPair.Public).getW()))
ECPoint pq1 = pubKey.Q.Normalize(), pq2 = ((ECPublicKeyParameters)aKeyPair.Public).Q.Normalize();
if (!pq1.Equals(pq2))
{
// Console.WriteLine(" expected " + pubKey.getW().getAffineX() + " got " + ((ECPublicKey)aKeyPair.Public).getW().getAffineX());
// Console.WriteLine(" expected " + pubKey.getW().getAffineY() + " got " + ((ECPublicKey)aKeyPair.Public).getW().getAffineY());
// Fail(algorithm + " public key encoding (W test) failed");
Console.WriteLine(" expected " + pq1.AffineXCoord.ToBigInteger()
+ " got " + pq2.AffineXCoord.ToBigInteger());
Console.WriteLine(" expected " + pq1.AffineYCoord.ToBigInteger()
+ " got " + pq2.AffineYCoord.ToBigInteger());
Fail(algorithm + " public key encoding (Q test) failed");
}
// if (!pubKey.Parameters.getGenerator().Equals(((ECPublicKeyParameters)aKeyPair.Public).Parameters.getGenerator()))
if (!pubKey.Parameters.G.Equals(((ECPublicKeyParameters)aKeyPair.Public).Parameters.G))
{
Fail(algorithm + " public key encoding (G test) failed");
}
//
// private key encoding test
//
// byte[] privEnc = aKeyPair.Private.GetEncoded();
byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(aKeyPair.Private).GetDerEncoded();
// PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
// ECPrivateKey privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8);
ECPrivateKeyParameters privKey = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(privEnc);
// if (!privKey.getS().Equals(((ECPrivateKey)aKeyPair.Private).getS()))
if (!privKey.D.Equals(((ECPrivateKeyParameters)aKeyPair.Private).D))
{
// Fail(algorithm + " private key encoding (S test) failed");
Fail(algorithm + " private key encoding (D test) failed");
}
// if (!privKey.Parameters.getGenerator().Equals(((ECPrivateKey)aKeyPair.Private).Parameters.getGenerator()))
if (!privKey.Parameters.G.Equals(((ECPrivateKeyParameters)aKeyPair.Private).Parameters.G))
{
Fail(algorithm + " private key encoding (G test) failed");
}
}
public void TestSetValue()
{
ContractParameter contractParameter1 = new(ContractParameterType.Signature);
byte[] expectedArray1 = new byte[64];
contractParameter1.SetValue(new byte[64].ToHexString());
Assert.AreEqual(Encoding.Default.GetString(expectedArray1), Encoding.Default.GetString((byte[])contractParameter1.Value));
Action action1 = () => contractParameter1.SetValue(new byte[50].ToHexString());
action1.Should().Throw <FormatException>();
ContractParameter contractParameter2 = new(ContractParameterType.Boolean);
contractParameter2.SetValue("true");
Assert.AreEqual(true, contractParameter2.Value);
ContractParameter contractParameter3 = new(ContractParameterType.Integer);
contractParameter3.SetValue("11");
Assert.AreEqual(new BigInteger(11), contractParameter3.Value);
ContractParameter contractParameter4 = new(ContractParameterType.Hash160);
contractParameter4.SetValue("0x0000000000000000000000000000000000000001");
Assert.AreEqual(UInt160.Parse("0x0000000000000000000000000000000000000001"), contractParameter4.Value);
ContractParameter contractParameter5 = new(ContractParameterType.Hash256);
contractParameter5.SetValue("0x0000000000000000000000000000000000000000000000000000000000000000");
Assert.AreEqual(UInt256.Parse("0x0000000000000000000000000000000000000000000000000000000000000000"), contractParameter5.Value);
ContractParameter contractParameter6 = new(ContractParameterType.ByteArray);
contractParameter6.SetValue("2222");
byte[] expectedArray6 = new byte[2];
expectedArray6[0] = 0x22;
expectedArray6[1] = 0x22;
Assert.AreEqual(Encoding.Default.GetString(expectedArray6), Encoding.Default.GetString((byte[])contractParameter6.Value));
ContractParameter contractParameter7 = new(ContractParameterType.PublicKey);
Random random7 = new();
byte[] privateKey7 = new byte[32];
for (int j = 0; j < privateKey7.Length; j++)
{
privateKey7[j] = (byte)random7.Next(256);
}
ECPoint publicKey7 = ECCurve.Secp256r1.G * privateKey7;
contractParameter7.SetValue(publicKey7.ToString());
Assert.AreEqual(true, publicKey7.Equals(contractParameter7.Value));
ContractParameter contractParameter8 = new(ContractParameterType.String);
contractParameter8.SetValue("AAA");
Assert.AreEqual("AAA", contractParameter8.Value);
ContractParameter contractParameter9 = new(ContractParameterType.Array);
Action action9 = () => contractParameter9.SetValue("AAA");
action9.Should().Throw <ArgumentException>();
}
/// <summary>
/// Verifies a zero knowledge proof.
/// </summary>
/// <returns><c>true</c>, if zero knowledge proof is valid/correct, <c>false</c> otherwise.</returns>
private bool ZeroKnowledgeProofValid(ECPoint generator, ECPoint X, ECPoint V, BigInteger r,
string participantId)
{
// ZKP: { V=G*v, r }
BigInteger h = Hash(generator, V, X, participantId);
// Public key validation based on p. 25
// http://cs.ucsb.edu/~koc/ccs130h/notes/ecdsa-cert.pdf
// 1. X != infinity
if (X.IsInfinity)
{
return(false);
}
BigInteger xCoord = X.AffineXCoord.ToBigInteger();
BigInteger yCoord = X.AffineYCoord.ToBigInteger();
BigInteger qSub1 = _q.Subtract(BigInteger.One);
// 2. Check x and y coordinates are in Fq, i.e., x, y in [0, q-1]
if (xCoord.CompareTo(BigInteger.Zero) == -1 || xCoord.CompareTo(qSub1) == 1 ||
yCoord.CompareTo(BigInteger.Zero) == -1 || yCoord.CompareTo(qSub1) == 1)
{
Debug.WriteLine("Point X coordinates not in Fq.");
return(false);
}
// 3. Check X lies on the curve
try {
if (X.IsValid() == false)
{
Debug.WriteLine("Point X not valid.");
return(false);
}
} catch (Exception e) {
Debug.WriteLine("Check that point X is on curve failed.\n" + e.StackTrace);
return(false);
}
// 4. Check that nX = infinity.
// It is equivalent - but more more efficient - to check the cofactor*X is not infinity.
if (X.Multiply(_domain.Curve.Cofactor).IsInfinity)
{
Debug.WriteLine("X mult H (cofactor) == infinity");
return(false);
}
// Now check if V = G*r + X*h.
// Given that {G, X} are valid points on curve, the equality implies that V is also a point on curve.
ECPoint Gr = BasePointMultiplier.Multiply(generator, r);
ECPoint Xh = BasePointMultiplier.Multiply(X, h.Mod(_domain.Curve.Order));
if (V.Equals(Gr.Add(Xh)) == false)
{
return(false);
}
// ZKP is valid
return(true);
}
