/// <summary>
/// Modulus.
/// </summary>
/// <param name="mod">Modulus.</param>
public void Mod(GXBigInteger mod)
{
/*
* //value = value - (mod * (value / mod) )
* GXBigInteger tmp = new GXBigInteger(this);
* tmp.Div(mod);
* tmp.Multiply(mod);
* Sub(tmp);
* changed = true;
*/
GXBigInteger current = new GXBigInteger(1);
GXBigInteger denom = new GXBigInteger(mod);
bool neq = negative;
negative = false;
// while denom < this.
while (denom.Compare(this) == -1)
{
current.Lshift(1);
denom.Lshift(1);
}
//If overflow.
if (denom.Compare(this) == 1)
{
if (current.IsOne)
{
if (neq)
{
Sub(mod);
negative = false;
}
return;
}
current.Rshift(1);
denom.Rshift(1);
while (!current.IsZero)
{
int r = Compare(denom);
if (r == 1)
{
Sub(denom);
}
else if (r == 0)
{
break;
}
current.Rshift(1);
denom.Rshift(1);
}
}
else
{
Clear();
}
if (neq)
{
Sub(mod);
negative = false;
}
}
/// <summary>
/// Multily elliptic curve point and scalar.
/// </summary>
/// <remarks>
/// Y^2 = X^3 + A*X + B (mod p)
/// </remarks>
/// <param name="eccSize"></param>
/// <param name="p">Point to multiply</param>
/// <param name="n">Scalar to multiply</param>
/// <param name="N">Elliptic curve order.</param>
/// <param name="A"></param>
/// <param name="P">Prime number</param>
internal static GXEccPoint JacobianMultiply(GXEccPoint p, GXBigInteger n, GXBigInteger N, GXBigInteger A, GXBigInteger P)
{
GXBigInteger tmp;
if (p.y.IsZero || n.IsZero)
{
return(new GXEccPoint(0, 0, 1));
}
if (n.IsOne)
{
return(p);
}
if (n.Compare(0) == -1 || n.Compare(N) != -1)
{
tmp = new GXBigInteger(n);
tmp.Mod(N);
return(JacobianMultiply(p, tmp, N, A, P));
}
if (n.IsEven)
{
tmp = new GXBigInteger(n);
tmp.Rshift(1);
return(JacobianDouble(JacobianMultiply(p, tmp, N, A, P), A, P));
}
tmp = new GXBigInteger(n);
tmp.Rshift(1);
GXEccPoint p2 = JacobianDouble(JacobianMultiply(p, tmp, N, A, P), A, P);
JacobianAdd(p2, p, A, P);
return(p2);
}
public void Div(GXBigInteger value)
{
GXBigInteger current = new GXBigInteger(1);
GXBigInteger denom = new GXBigInteger(value);
GXBigInteger tmp = new GXBigInteger(this);
bool neq = negative;
negative = false;
try
{
// while denom < this.
while (denom.Compare(this) == -1)
{
current.Lshift(1);
denom.Lshift(1);
}
//If overflow.
if (denom.Compare(this) == 1)
{
if (current.IsOne)
{
Clear();
return;
}
Clear();
current.Rshift(1);
denom.Rshift(1);
while (!current.IsZero)
{
int r = tmp.Compare(denom);
if (r == 1)
{
tmp.Sub(denom);
Add(current);
}
else if (r == 0)
{
Add(current);
break;
}
current.Rshift(1);
denom.Rshift(1);
}
current.Data = Data;
}
}
finally
{
negative = neq;
}
Data = current.Data;
changed = true;
}
/// <summary>
/// Check that this is correct public key.
/// </summary>
/// <remarks>
/// This method can be used to verify that public and private key are on the curve.
/// </remarks>
public static void Validate(GXPublicKey publicKey)
{
if (publicKey == null)
{
throw new ArgumentNullException("Invalid public key.");
}
GXByteBuffer bb = new GXByteBuffer();
bb.Set(publicKey.RawValue);
int size = SchemeSize(publicKey.Scheme);
GXBigInteger x = new GXBigInteger(bb.SubArray(1, size));
GXBigInteger y = new GXBigInteger(bb.SubArray(1 + size, size));
GXCurve curve = new GXCurve(publicKey.Scheme);
y.Multiply(y);
y.Mod(curve.P);
GXBigInteger tmpX = new GXBigInteger(x);
tmpX.Multiply(x);
tmpX.Mod(curve.P);
tmpX.Add(curve.A);
tmpX.Multiply(x);
tmpX.Add(curve.B);
tmpX.Mod(curve.P);
if (y.Compare(tmpX) != 0)
{
throw new ArgumentException("Public key validate failed. Public key is not valid ECDSA public key.");
}
}
/// <summary>
/// Verify that signature matches the data.
/// </summary>
/// <param name="signature">Generated signature.</param>
/// <param name="data">Data to valuate.</param>
/// <returns></returns>
public bool Verify(byte[] signature, byte[] data)
{
GXBigInteger msg;
if (PublicKey == null)
{
if (PrivateKey == null)
{
throw new ArgumentNullException("Invalid private key.");
}
PublicKey = PrivateKey.GetPublicKey();
}
if (PublicKey.Scheme == Ecc.P256)
{
using (SHA256 sha = new SHA256CryptoServiceProvider())
{
msg = new GXBigInteger(sha.ComputeHash(data));
}
}
else
{
using (SHA384 sha = new SHA384CryptoServiceProvider())
{
msg = new GXBigInteger(sha.ComputeHash(data));
}
}
GXByteBuffer pk = new GXByteBuffer(PublicKey.RawValue);
GXByteBuffer bb = new GXByteBuffer(signature);
int size = SchemeSize(PublicKey.Scheme);
GXBigInteger sigR = new GXBigInteger(bb.SubArray(0, size));
GXBigInteger sigS = new GXBigInteger(bb.SubArray(size, size));
GXBigInteger inv = sigS;
inv.Inv(curve.N);
// Calculate u1 and u2.
GXEccPoint u1 = new GXEccPoint(curve.G.x, curve.G.y, new GXBigInteger(1));
GXEccPoint u2 = new GXEccPoint(new GXBigInteger(pk.SubArray(1, size)),
new GXBigInteger(pk.SubArray(1 + size, size)), new GXBigInteger(1));
GXBigInteger n = msg;
n.Multiply(inv);
n.Mod(curve.N);
Multiply(u1, n, curve.N, curve.A, curve.P);
n = new GXBigInteger(sigR);
n.Multiply(inv);
n.Mod(curve.N);
Multiply(u2, n, curve.N, curve.A, curve.P);
u1.z = new GXBigInteger(1);
u2.z = new GXBigInteger(1);
JacobianAdd(u1, u2, curve.A, curve.P);
FromJacobian(u1, curve.P);
return(sigR.Compare(u1.x) == 0);
}
/// <summary>
/// Verify that signature matches the data.
/// </summary>
/// <param name="signature">Generated signature.</param>
/// <param name="data">Data to valuate.</param>
/// <returns></returns>
public bool Verify(byte[] signature, byte[] data)
{
GXBigInteger msg;
using (SHA256 sha = new SHA256CryptoServiceProvider())
{
msg = new GXBigInteger(sha.ComputeHash(data));
}
if (PublicKey == null)
{
PublicKey = PrivateKey.GetPublicKey();
}
GXByteBuffer pk = new GXByteBuffer(PublicKey.RawValue);
GXByteBuffer bb = new GXByteBuffer(signature);
GXBigInteger sigR = new GXBigInteger(bb.SubArray(0, 32));
GXBigInteger sigS = new GXBigInteger(bb.SubArray(32, 32));
GXBigInteger inv = sigS;
inv.Inv(curve.N);
// Calculate u1 and u2.
GXEccPoint u1 = new GXEccPoint(curve.G.x, curve.G.y, new GXBigInteger(1));
GXEccPoint u2 = new GXEccPoint(new GXBigInteger(pk.SubArray(1, 32)), new GXBigInteger(pk.SubArray(33, 32)), new GXBigInteger(1));
GXBigInteger n = msg;
n.Multiply(inv);
n.Mod(curve.N);
Multiply(u1, n, curve.N, curve.A, curve.P);
n = new GXBigInteger(sigR);
n.Multiply(inv);
n.Mod(curve.N);
Multiply(u2, n, curve.N, curve.A, curve.P);
// add = Math.add(u1, u2, P = curve.P, A = curve.A)
u1.z = new GXBigInteger(1);
u2.z = new GXBigInteger(1);
JacobianAdd(u1, u2, curve.A, curve.P);
FromJacobian(u1, curve.P);
return(sigR.Compare(u1.x) == 0);
}
/// <summary>
/// Modulus.
/// </summary>
/// <param name="mod">Modulus.</param>
public void Mod(GXBigInteger mod)
{
GXBigInteger current = new GXBigInteger(1);
GXBigInteger denom = new GXBigInteger(mod);
//Shift UInt32 values to make this faster.
if (denom.Count < Count - 1)
{
UInt32[] tmp = new UInt32[Count - denom.Count - 1];
//Append UInt32 values.
current.InsertRange(0, tmp);
denom.InsertRange(0, tmp);
current.changed = denom.changed = true;
}
bool neq = negative;
negative = false;
// while denom < this.
while (denom.Compare(this) == -1)
{
current.Lshift(1);
denom.Lshift(1);
}
//If overflow.
if (denom.Compare(this) == 1)
{
if (current.IsOne)
{
if (neq)
{
Sub(mod);
negative = false;
}
return;
}
current.Rshift(1);
denom.Rshift(1);
while (!current.IsZero)
{
int r = Compare(denom);
if (r == 1)
{
Sub(denom);
}
else if (r == 0)
{
break;
}
current.Rshift(1);
denom.Rshift(1);
}
}
else
{
Clear();
}
if (neq)
{
Sub(mod);
negative = false;
}
changed = true;
}
public void Div(GXBigInteger value)
{
GXBigInteger current = new GXBigInteger(1);
GXBigInteger denom = new GXBigInteger(value);
GXBigInteger tmp = new GXBigInteger(this);
bool neq = negative;
negative = false;
try
{
//Shift UInt32 values to make this faster.
if (denom.Count < Count - 1)
{
UInt32[] tmp2 = new UInt32[Count - denom.Count - 1];
//Append UInt32 values.
current.InsertRange(0, tmp2);
denom.InsertRange(0, tmp2);
current.changed = denom.changed = true;
}
// while denom < this.
while (denom.Compare(this) == -1)
{
current.Lshift(1);
denom.Lshift(1);
}
//If overflow.
if (denom.Compare(this) == 1)
{
if (current.IsOne)
{
Clear();
return;
}
Clear();
current.Rshift(1);
denom.Rshift(1);
while (!current.IsZero)
{
int r = tmp.Compare(denom);
if (r == 1)
{
tmp.Sub(denom);
Add(current);
}
else if (r == 0)
{
Add(current);
break;
}
current.Rshift(1);
denom.Rshift(1);
}
current.Data = Data;
}
}
finally
{
negative = neq;
}
Data = current.Data;
changed = true;
}
/// <summary>
/// Y^2 = X^3 + A*X + B (mod p)
/// </summary>
/// <param name="p"></param>
/// <param name="q"></param>
/// <param name="A"></param>
/// <param name="P">Prime number</param>
private static void JacobianAdd(GXEccPoint p, GXEccPoint q, GXBigInteger A, GXBigInteger P)
{
if (!(p.y.IsZero || q.y.IsZero))
{
GXBigInteger U1 = new GXBigInteger(p.x);
U1.Multiply(q.z);
U1.Multiply(q.z);
U1.Mod(P);
GXBigInteger U2 = new GXBigInteger(p.z);
U2.Multiply(p.z);
U2.Multiply(q.x);
U2.Mod(P);
GXBigInteger S1 = new GXBigInteger(p.y);
S1.Multiply(q.z);
S1.Multiply(q.z);
S1.Multiply(q.z);
S1.Mod(P);
GXBigInteger S2 = new GXBigInteger(q.y);
S2.Multiply(p.z);
S2.Multiply(p.z);
S2.Multiply(p.z);
S2.Mod(P);
if (U1.Compare(U2) == 0)
{
if (S1.Compare(S2) != 0)
{
p.x = p.y = new GXBigInteger(0);
p.z = new GXBigInteger(1);
}
else
{
p.x = A;
p.y = P;
}
}
//H
GXBigInteger H = U2;
H.Sub(U1);
//R
GXBigInteger R = S2;
R.Sub(S1);
GXBigInteger H2 = new GXBigInteger(H);
H2.Multiply(H);
H2.Mod(P);
GXBigInteger H3 = new GXBigInteger(H);
H3.Multiply(H2);
H3.Mod(P);
GXBigInteger U1H2 = new GXBigInteger(U1);
U1H2.Multiply(H2);
U1H2.Mod(P);
GXBigInteger tmp = new GXBigInteger(2);
tmp.Multiply(U1H2);
//nx
GXBigInteger nx = new GXBigInteger(R);
nx.Multiply(R);
nx.Sub(H3);
nx.Sub(tmp);
nx.Mod(P);
//ny
GXBigInteger ny = R;
tmp = new GXBigInteger(U1H2);
tmp.Sub(nx);
ny.Multiply(tmp);
tmp = new GXBigInteger(S1);
tmp.Multiply(H3);
ny.Sub(tmp);
ny.Mod(P);
//nz
GXBigInteger nz = H;
nz.Multiply(p.z);
nz.Multiply(q.z);
nz.Mod(P);
p.x = nx;
p.y = ny;
p.z = nz;
}
}