public bool VerifySignature(ECPublicKeyParameters publicKey, byte[] signedBytes, byte[] signature) { if (publicKey == null) { throw new ArgumentNullException(nameof(publicKey)); } if (signedBytes == null) { throw new ArgumentNullException(nameof(signedBytes)); } if (signature == null) { throw new ArgumentNullException(nameof(signature)); } try { var ecdsaSignature = SignerUtilities.GetSigner("SHA-256withECDSA"); ecdsaSignature.Init(false, publicKey); ecdsaSignature.BlockUpdate(signedBytes, 0, signedBytes.Length); return ecdsaSignature.VerifySignature(signature); } catch (SecurityUtilityException e) { throw new U2FException("Error when verifying signature", e); } catch (CryptoException e) { throw new U2FException("Error when verifying signature", e); } }
public MqvPublicParameters( ECPublicKeyParameters staticPublicKey, ECPublicKeyParameters ephemeralPublicKey) { this.staticPublicKey = staticPublicKey; this.ephemeralPublicKey = ephemeralPublicKey; }
public ECDsaBouncyCastle(byte[] encodedPublicKey) { ContractsCommon.NotNull(encodedPublicKey, "encodedPublicKey"); var secp256k1 = SecP256k1; _publicKey = new ECPublicKeyParameters(secp256k1.Curve.DecodePoint(encodedPublicKey), secp256k1); }
public virtual void Exchange(byte[] clientEcdhPubkey, byte[] cRandomUnused, byte[] sRandomUnused, object privateParameters) { // "TLS1.3 ciphersuite does not include KeyExchange methods" // just for shared_secret calculation here var shared_secret = new byte[32]; if (privateParameters is Parameters.X25519PrivateKeyParameters x25519Prv) { var clientPub = new Parameters.X25519PublicKeyParameters(clientEcdhPubkey, 0); x25519Prv.GenerateSecret(clientPub, shared_secret, 0); } else if (privateParameters is Parameters.X448PrivateKeyParameters x448Prv) { var clientPub = new Parameters.X448PublicKeyParameters(clientEcdhPubkey, 0); x448Prv.GenerateSecret(clientPub, shared_secret, 0); } else if (privateParameters is Parameters.ECPrivateKeyParameters serverPrv) { var ecDomainParam = serverPrv.Parameters; var clientQ = TlsEccUtilities.DeserializeECPoint(new byte[] { 0x04 }, ecDomainParam.Curve, clientEcdhPubkey); var clientPub = new Parameters.ECPublicKeyParameters(clientQ, ecDomainParam); shared_secret = TlsEccUtilities.CalculateECDHBasicAgreement(clientPub, serverPrv); } else { throw new NotSupportedException("Unsupported KeyShare Group"); } SharedSecret = shared_secret; }
public static Transaction CreateCoinbaseTransaction(ECPublicKeyParameters publicKey, byte[] coinbase) { var tx = new Transaction ( version: 1, inputs: ImmutableArray.Create ( new TxInput ( previousTxOutputKey: new TxOutputKey ( txHash: 0, txOutputIndex: 0 ), scriptSignature: ImmutableArray.Create(coinbase), sequence: 0 ) ), outputs: ImmutableArray.Create ( new TxOutput ( value: 50L * (100 * 1000 * 1000), scriptPublicKey: ImmutableArray.Create(CreatePublicKeyScript(publicKey)) ) ), lockTime: 0 ); return tx; }
private static bool VerifySignature(string message, byte[] public_key_bytes, string signature) { var curve = SecNamedCurves.GetByName("secp256r1"); var domain = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H); //var publicKeyBytes = Base58Encoding.Decode(publicKey); //var publicKeyBytes = Base58Encoding.DecodeWithCheckSum(publicKey); //var publicKeyBytes = Base58Encoding.DecodePublicKey(publicKey); var q = curve.Curve.DecodePoint(public_key_bytes); var keyParameters = new Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters(q, domain); ISigner signer = SignerUtilities.GetSigner("SHA-256withECDSA"); signer.Init(false, keyParameters); signer.BlockUpdate(Encoding.UTF8.GetBytes(message), 0, message.Length); var signatureBytes = Base58Encoding.Decode(signature); var derSign = SignatureHelper.derSign(signatureBytes); return(signer.VerifySignature(derSign)); }
// The ECMQV Primitive as described in SEC-1, 3.4 private static ECPoint CalculateMqvAgreement( ECDomainParameters parameters, ECPrivateKeyParameters d1U, ECPrivateKeyParameters d2U, ECPublicKeyParameters q2U, ECPublicKeyParameters q1V, ECPublicKeyParameters q2V) { var n = parameters.N; var e = (n.BitLength + 1) / 2; var powE = BigInteger.One.ShiftLeft(e); // The Q2U public key is optional var q = q2U == null ? parameters.G.Multiply(d2U.D) : q2U.Q; var x = q.X.ToBigInteger(); var xBar = x.Mod(powE); var q2UBar = xBar.SetBit(e); var s = d1U.D.Multiply(q2UBar).Mod(n).Add(d2U.D).Mod(n); var xPrime = q2V.Q.X.ToBigInteger(); var xPrimeBar = xPrime.Mod(powE); var q2VBar = xPrimeBar.SetBit(e); var hs = parameters.H.Multiply(s).Mod(n); //ECPoint p = Q1V.Q.Multiply(Q2VBar).Add(Q2V.Q).Multiply(hs); var p = ECAlgorithms.SumOfTwoMultiplies( q1V.Q, q2VBar.Multiply(hs).Mod(n), q2V.Q, hs); if (p.IsInfinity) throw new InvalidOperationException("Infinity is not a valid agreement value for MQV"); return p; }
public void TestECNR239bitPrime() { BigInteger r = new BigInteger("308636143175167811492623515537541734843573549327605293463169625072911693"); BigInteger s = new BigInteger("852401710738814635664888632022555967400445256405412579597015412971797143"); byte[] kData = new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655").ToByteArrayUnsigned(); SecureRandom k = FixedSecureRandom.From(kData); ECCurve curve = new FpCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECDomainParameters spec = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d spec); ECPublicKeyParameters pubKey = new ECPublicKeyParameters( curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q spec); ISigner sgr = SignerUtilities.GetSigner("SHA1withECNR"); byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; checkSignature(239, priKey, pubKey, sgr, k, message, r, s); }
public void TestECNR192bitPrime() { IBigInteger r = new BigInteger("2474388605162950674935076940284692598330235697454145648371"); IBigInteger s = new BigInteger("2997192822503471356158280167065034437828486078932532073836"); byte[] kData = new BigInteger("dcc5d1f1020906df2782360d36b2de7a17ece37d503784af", 16).ToByteArrayUnsigned(); SecureRandom k = FixedSecureRandom.From(kData); FPCurve curve = new FPCurve( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q (or p) new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", 16), // a new BigInteger("64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1", 16)); // b ECDomainParameters spec = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("03188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012")), // G new BigInteger("6277101735386680763835789423176059013767194773182842284081")); // n ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d spec); ECPublicKeyParameters pubKey = new ECPublicKeyParameters( curve.DecodePoint(Hex.Decode("0262B12D60690CDCF330BABAB6E69763B471F994DD702D16A5")), // Q spec); ISigner sgr = SignerUtilities.GetSigner("SHA1withECNR"); byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; checkSignature(192, priKey, pubKey, sgr, k, message, r, s); }
public void TestECNR239bitPrime() { BigInteger r = new BigInteger("308636143175167811492623515537541734843573549327605293463169625072911693"); BigInteger s = new BigInteger("852401710738814635664888632022555967400445256405412579597015412971797143"); byte[] kData = new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655").ToByteArrayUnsigned(); SecureRandom k = FixedSecureRandom.From(kData); X9ECParameters p = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime239v1); ECDomainParameters spec = new ECDomainParameters(p.Curve, p.G, p.N, p.H); ECCurve curve = spec.Curve; ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d spec); ECPublicKeyParameters pubKey = new ECPublicKeyParameters( curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q spec); ISigner sgr = SignerUtilities.GetSigner("SHA1withECNR"); byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; checkSignature(239, priKey, pubKey, sgr, k, message, r, s); }
public MemoryBlockchain(Block? genesisBlock = null) { this.shutdownToken = new CancellationToken(); this.random = new Random(); // create the key pair that block rewards will be sent to var keyPair = TransactionManager.CreateKeyPair(); this._coinbasePrivateKey = keyPair.Item1; this._coinbasePublicKey = keyPair.Item2; // initialize unit test storage this._storageContext = new MemoryStorageContext(); this._cacheContext = new CacheContext(this._storageContext); // initialize unit test rules this._rules = new UnitTestRules(this._cacheContext); // initialize blockchain calculator this._calculator = new BlockchainCalculator(this._rules, this._cacheContext, this.shutdownToken); // create and mine the genesis block this._genesisBlock = genesisBlock ?? MineEmptyBlock(0); // update genesis blockchain and add to storage this._rules.SetGenesisBlock(this._genesisBlock); this._currentBlockchain = this._rules.GenesisBlockchain; this._genesisChainedBlock = AddBlock(this._genesisBlock, null).Item2; }
protected void SetVerifier(ECPoint pub) { Verifier = new ECDsaSigner(); ECPublicKeyParameters parameters = new ECPublicKeyParameters( pub, Secp256K1.Parameters()); Verifier.Init(false, parameters); }
public MqvPrivateParameters( ECPrivateKeyParameters staticPrivateKey, ECPrivateKeyParameters ephemeralPrivateKey, ECPublicKeyParameters ephemeralPublicKey) { if (staticPrivateKey == null) throw new ArgumentNullException("staticPrivateKey"); if (ephemeralPrivateKey == null) throw new ArgumentNullException("ephemeralPrivateKey"); ECDomainParameters parameters = staticPrivateKey.Parameters; if (!parameters.Equals(ephemeralPrivateKey.Parameters)) throw new ArgumentException("Static and ephemeral private keys have different domain parameters"); if (ephemeralPublicKey == null) { ephemeralPublicKey = new ECPublicKeyParameters( parameters.G.Multiply(ephemeralPrivateKey.D), parameters); } else if (!parameters.Equals(ephemeralPublicKey.Parameters)) { throw new ArgumentException("Ephemeral public key has different domain parameters"); } this.staticPrivateKey = staticPrivateKey; this.ephemeralPrivateKey = ephemeralPrivateKey; this.ephemeralPublicKey = ephemeralPublicKey; }
public ECDiffieHellmanBc(Int32 keySize) { Org.BouncyCastle.Asn1.X9.X9ECParameters ecParams; switch (keySize) { case 256: ecParams = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256r1"); break; case 384: ecParams = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp384r1"); break; case 521: ecParams = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp521r1"); break; default: throw new ArgumentException("ECDiffieHellman key size " + keySize + " not supported"); } _keySize = keySize; _domainParameters = new ECDomainParameters(ecParams.Curve, ecParams.G, ecParams.N, ecParams.H, ecParams.GetSeed()); // Initialize key generation parameters with new SecureRandom Org.BouncyCastle.Security.SecureRandom secureRandom = new Org.BouncyCastle.Security.SecureRandom(); ECKeyGenerationParameters keyGenParams = new ECKeyGenerationParameters(_domainParameters, secureRandom); // Generate key pair from domain parameters Org.BouncyCastle.Crypto.Generators.ECKeyPairGenerator generator = new Org.BouncyCastle.Crypto.Generators.ECKeyPairGenerator(); generator.Init(keyGenParams); Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair keyPair = generator.GenerateKeyPair(); // Save the private and public key parameters _privateKeyParameters = (ECPrivateKeyParameters) keyPair.Private; _publicKeyParameters = (ECPublicKeyParameters) keyPair.Public; _kdf = ECDiffieHellmanKeyDerivationFunction.Hash; _hashAlgorithm = CngAlgorithm.Sha256; }
public void TestECDsa192bitPrime() { BigInteger r = new BigInteger("3342403536405981729393488334694600415596881826869351677613"); BigInteger s = new BigInteger("5735822328888155254683894997897571951568553642892029982342"); byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("6140507067065001063065065565667405560006161556565665656654")); SecureRandom k = FixedSecureRandom.From(kData); FpCurve curve = new FpCurve( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b ECDomainParameters parameters = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G new BigInteger("6277101735386680763835789423176059013767194773182842284081")); // n ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( "ECDSA", new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d parameters); ParametersWithRandom param = new ParametersWithRandom(priKey, k); ECDsaSigner ecdsa = new ECDsaSigner(); ecdsa.Init(true, param); byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray(); BigInteger[] sig = ecdsa.GenerateSignature(message); if (!r.Equals(sig[0])) { Fail("r component wrong." + SimpleTest.NewLine + " expecting: " + r + SimpleTest.NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + SimpleTest.NewLine + " expecting: " + s + SimpleTest.NewLine + " got : " + sig[1]); } // Verify the signature ECPublicKeyParameters pubKey = new ECPublicKeyParameters( "ECDSA", curve.DecodePoint(Hex.Decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q parameters); ecdsa.Init(false, pubKey); if (!ecdsa.VerifySignature(message, sig[0], sig[1])) { Fail("verification fails"); } }
private static Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters getPublicKeyFromPemFile(string pemFilename) { StreamReader fileStream = System.IO.File.OpenText(pemFilename); PemReader pemReader = new PemReader(fileStream); Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters ss = (Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters)pemReader.ReadObject(); return(ss); }
public void GenerateEphemeralKey() { EllipticCurveParameters = EllipticCurveFactory.GetEllipticCurveParameters(Curve); ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator(); SecureRandom random = new SecureRandom(); keyPairGenerator.Init(new ECKeyGenerationParameters(EllipticCurveParameters, random)); AsymmetricCipherKeyPair keys = keyPairGenerator.GenerateKeyPair(); PrivateKey = (ECPrivateKeyParameters)keys.Private; PublicKey = (ECPublicKeyParameters)keys.Public; }
public byte[] CreatePublicAddress(ECPublicKeyParameters publicKey) { var publicAddress = new byte[] { 0x04 } .Concat(publicKey.Q.X.ToBigInteger().ToByteArrayUnsigned()) .Concat(publicKey.Q.Y.ToBigInteger().ToByteArrayUnsigned()); //Debug.WriteLine("Public Address: {0}".Format2(publicAddress.ToHexDataString())); return publicAddress; }
public TestBlocks(TestBlocks parent) { this.random = parent.random; this.txManager = parent.txManager; this.coinbasePrivateKey = parent.coinbasePrivateKey; this.coinbasePublicKey = parent.coinbasePublicKey; this.miner = parent.miner; this.rules = parent.rules; this.blocks = parent.blocks.ToImmutable().ToBuilder(); this.chain = parent.chain.ToImmutable().ToBuilder(); }
public MqvPublicParameters( ECPublicKeyParameters staticPublicKey, ECPublicKeyParameters ephemeralPublicKey) { if (staticPublicKey == null) throw new ArgumentNullException("staticPublicKey"); if (ephemeralPublicKey == null) throw new ArgumentNullException("ephemeralPublicKey"); if (!staticPublicKey.Parameters.Equals(ephemeralPublicKey.Parameters)) throw new ArgumentException("Static and ephemeral public keys have different domain parameters"); this.staticPublicKey = staticPublicKey; this.ephemeralPublicKey = ephemeralPublicKey; }
private void ecNR239bitPrime() { BigInteger n = new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"); FpCurve curve = new FpCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b n, BigInteger.One); ECDomainParameters parameters = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G n); ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d parameters); ECNRSigner ecnr = new ECNRSigner(); ParametersWithRandom param = new ParametersWithRandom(priKey, k); ecnr.Init(true, param); byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray(); BigInteger[] sig = ecnr.GenerateSignature(message); if (!r.Equals(sig[0])) { Fail("r component wrong.", r, sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong.", s, sig[1]); } // Verify the signature ECPublicKeyParameters pubKey = new ECPublicKeyParameters( curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q parameters); ecnr.Init(false, pubKey); if (!ecnr.VerifySignature(message, sig[0], sig[1])) { Fail("signature fails"); } }
public static bool Verify(byte[] data, byte[] sigBytes, BigInteger pub) { EcdsaSignature signature = EcdsaSignature.DecodeFromDer(sigBytes); var signer = new ECDsaSigner(); ECPoint pubPoint = Secp256K1.Curve().DecodePoint(pub.ToByteArray()); var parameters = new ECPublicKeyParameters(pubPoint, Secp256K1.Params()); signer.Init(false, parameters); try { return signer.VerifySignature(data, signature.R, signature.S); } catch (Exception) { return false; } }
public ECDsaBouncyCastle(byte[] encodedKey, bool isPrivateKey) { ContractsCommon.NotNull(encodedKey, "encodedKey"); var secp256k1 = SecP256k1; if (isPrivateKey) { var d = new BigInteger(encodedKey); _publicKey = new ECPublicKeyParameters(secp256k1.G.Multiply(d), secp256k1); _privateKey = new ECPrivateKeyParameters(d, secp256k1); } else { _publicKey = new ECPublicKeyParameters(secp256k1.Curve.DecodePoint(encodedKey), secp256k1); } }
public virtual void ProcessServerCertificate(Certificate serverCertificate) { X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0); SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo; try { this.serverPublicKey = PublicKeyFactory.CreateKey(keyInfo); } catch (Exception) { throw new TlsFatalAlert(AlertDescription.unsupported_certificate); } if (tlsSigner == null) { try { this.ecAgreeServerPublicKey = ValidateECPublicKey((ECPublicKeyParameters)this.serverPublicKey); } catch (InvalidCastException) { throw new TlsFatalAlert(AlertDescription.certificate_unknown); } TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement); } else { if (!tlsSigner.IsValidPublicKey(this.serverPublicKey)) { throw new TlsFatalAlert(AlertDescription.certificate_unknown); } TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature); } // TODO /* * Perform various checks per RFC2246 7.4.2: "Unless otherwise specified, the * signing algorithm for the certificate must be the same as the algorithm for the * certificate key." */ }
public byte[] CreatePrivateKeyScript(Transaction tx, int inputIndex, byte hashType, ECPrivateKeyParameters privateKey, ECPublicKeyParameters publicKey) { //TODO var scriptEngine = new ScriptEngine(); var publicAddress = CreatePublicAddress(publicKey); var publicKeyScript = CreatePublicKeyScript(publicAddress); var txSignature = scriptEngine.TxSignature(publicKeyScript, tx, inputIndex, hashType); var txSignatureHash = SHA256Static.ComputeDoubleHash(txSignature); //Debug.WriteLine("Signing Tx: {0}".Format2(txSignature.ToHexDataString())); //Debug.WriteLine("Signing Tx Hash: {0}".Format2(txSignatureHash.ToHexDataString())); var signer = new ECDsaSigner(); signer.Init(forSigning: true, parameters: privateKey); var signature = signer.GenerateSignature(txSignatureHash); var r = signature[0]; var s = signature[1]; byte[] sigEncoded; using (var stream = new MemoryStream()) { using (var asn1Stream = new Asn1OutputStream(stream)) { asn1Stream.WriteObject(new DerSequence(new DerInteger(r), new DerInteger(s))); } sigEncoded = stream.ToArray().Concat(hashType); } //Debug.WriteLine("Sig R: {0}".Format2(r.ToHexNumberStringUnsigned())); //Debug.WriteLine("Sig S: {0}".Format2(s.ToHexNumberStringUnsigned())); //Debug.WriteLine("Sig Encoded: {0}".Format2(sigEncoded.ToHexDataString())); using (var privateKeyScript = new ScriptBuilder()) { privateKeyScript.WritePushData(sigEncoded); privateKeyScript.WritePushData(publicAddress); //Debug.WriteLine("Private Script: {0}".Format2(privateKeyScript.GetScript().ToHexDataString())); return privateKeyScript.GetScript(); } }
public string GetPublicKey(byte[] privKey) { var privHex = BitConverter.ToString(privKey).Replace("-", ""); privHex = privHex.Substring(104, (privHex.Length - 104)); privKey = StringToByteArray(privHex); Org.BouncyCastle.Math.BigInteger d = new Org.BouncyCastle.Math.BigInteger(privKey); this.privateKeyParameters = new Org.BouncyCastle.Crypto.Parameters.ECPrivateKeyParameters(d, domain); Org.BouncyCastle.Math.EC.ECPoint q = domain.G.Multiply(d); this.pubKeyParameters = new Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters(q, domain); //strip first byte var pubBytes = this.pubKeyParameters.Q.GetEncoded(); var pubHex = BitConverter.ToString(pubBytes).Replace("-", ""); var strippedPubBytes = StringToByteArray(pubHex.Substring(2, (pubHex.Length - 2))); return("MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAE" + Convert.ToBase64String(strippedPubBytes)); }
// Method to verify transaction signature when server receives new blockchain from connected nodes public static bool VerifySignature(string message, string publicKey, string signature) { var curve = SecNamedCurves.GetByName("secp256k1"); var domain = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H); var publicKeyBytes = Base58Encoding.Decode(publicKey); var q = curve.Curve.DecodePoint(publicKeyBytes); var keyParameters = new Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters(q, domain); ISigner signer = SignerUtilities.GetSigner("SHA-256withECDSA"); signer.Init(false, keyParameters); signer.BlockUpdate(Encoding.ASCII.GetBytes(message), 0, message.Length); var signatureBytes = Base58Encoding.Decode(signature); return(signer.VerifySignature(signatureBytes)); }
public MqvPublicParameters( ECPublicKeyParameters staticPublicKey, ECPublicKeyParameters ephemeralPublicKey) { if (staticPublicKey == null) { throw new ArgumentNullException("staticPublicKey"); } if (ephemeralPublicKey == null) { throw new ArgumentNullException("ephemeralPublicKey"); } if (!staticPublicKey.Parameters.Equals(ephemeralPublicKey.Parameters)) { throw new ArgumentException("Static and ephemeral public keys have different domain parameters"); } this.staticPublicKey = staticPublicKey; this.ephemeralPublicKey = ephemeralPublicKey; }
public ECDsaBouncyCastle() { var secp256k1 = SecP256k1; var privateKey = new byte[secp256k1.N.BitLength]; BigInteger d; using (var cryptoRng = RandomNumberGenerator.Create()) { do { cryptoRng.GetBytes(privateKey); d = new BigInteger(1, privateKey); } while (d.SignValue == 0 || (d.CompareTo(secp256k1.N) >= 0)); } _publicKey = new ECPublicKeyParameters(secp256k1.G.Multiply(d), secp256k1); _privateKey = new ECPrivateKeyParameters(d, secp256k1); }
public void TestEC() { BigInteger ECParraGX = new BigInteger(Base64.Decode("D/qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqv")); BigInteger ECParraGY = new BigInteger(Base64.Decode("AhQXGxb1olGRv6s1LPRfuatMF+cx3ZTGgzSE/Q5R")); BigInteger ECParraH = new BigInteger(Base64.Decode("AQ==")); BigInteger ECParraN = new BigInteger(Base64.Decode("f///////////////f///nl6an12QcfvRUiaIkJ0L")); BigInteger ECPubQX = new BigInteger(Base64.Decode("HWWi17Yb+Bm3PYr/DMjLOYNFhyOwX1QY7ZvqqM+l")); BigInteger ECPubQY = new BigInteger(Base64.Decode("JrlJfxu3WGhqwtL/55BOs/wsUeiDFsvXcGhB8DGx")); BigInteger ECPrivD = new BigInteger(Base64.Decode("GYQmd/NF1B+He1iMkWt3by2Az6Eu07t0ynJ4YCAo")); FpCurve curve = new FpCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b ECDomainParameters ecDomain = new ECDomainParameters( curve, new FpPoint(curve, curve.FromBigInteger(ECParraGX), curve.FromBigInteger(ECParraGY)), ECParraN); ECPublicKeyParameters ecPub = new ECPublicKeyParameters( new FpPoint( curve, curve.FromBigInteger(ECPubQX), curve.FromBigInteger(ECPubQY)), ecDomain); ECPrivateKeyParameters ecPriv = new ECPrivateKeyParameters(ECPrivD, ecDomain); SubjectPublicKeyInfo subinfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(ecPub); PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(ecPriv); ECPublicKeyParameters tecPub = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(subinfo); ECPrivateKeyParameters tecPriv = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(privInfo); Assert.IsTrue(tecPub.Equals(ecPub), "EC: public key to info back to public key"); Assert.IsTrue(tecPriv.Equals(ecPriv), "EC: private key to info back to private key"); }
public override void ProcessServerCertificate(Certificate serverCertificate) { if (serverCertificate.IsEmpty) throw new TlsFatalAlert(AlertDescription.bad_certificate); X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0); SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo; try { this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo); } catch (Exception e) { throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e); } if (mTlsSigner == null) { try { this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey((ECPublicKeyParameters) this.mServerPublicKey); } catch (InvalidCastException e) { throw new TlsFatalAlert(AlertDescription.certificate_unknown, e); } TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement); } else { if (!mTlsSigner.IsValidPublicKey(this.mServerPublicKey)) throw new TlsFatalAlert(AlertDescription.certificate_unknown); TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature); } base.ProcessServerCertificate(serverCertificate); }
// The ECMQV Primitive as described in SEC-1, 3.4 private static ECPoint CalculateMqvAgreement( ECDomainParameters parameters, ECPrivateKeyParameters d1U, ECPrivateKeyParameters d2U, ECPublicKeyParameters Q2U, ECPublicKeyParameters Q1V, ECPublicKeyParameters Q2V) { BigInteger n = parameters.N; int e = (n.BitLength + 1) / 2; BigInteger powE = BigInteger.One.ShiftLeft(e); ECCurve curve = parameters.Curve; ECPoint[] points = new ECPoint[]{ // The Q2U public key is optional - but will be calculated for us if it wasn't present ECAlgorithms.ImportPoint(curve, Q2U.Q), ECAlgorithms.ImportPoint(curve, Q1V.Q), ECAlgorithms.ImportPoint(curve, Q2V.Q) }; curve.NormalizeAll(points); ECPoint q2u = points[0], q1v = points[1], q2v = points[2]; BigInteger x = q2u.AffineXCoord.ToBigInteger(); BigInteger xBar = x.Mod(powE); BigInteger Q2UBar = xBar.SetBit(e); BigInteger s = d1U.D.Multiply(Q2UBar).Add(d2U.D).Mod(n); BigInteger xPrime = q2v.AffineXCoord.ToBigInteger(); BigInteger xPrimeBar = xPrime.Mod(powE); BigInteger Q2VBar = xPrimeBar.SetBit(e); BigInteger hs = parameters.H.Multiply(s).Mod(n); return ECAlgorithms.SumOfTwoMultiplies( q1v, Q2VBar.Multiply(hs).Mod(n), q2v, hs); }
public TestBlocks(Block genesisBlock = null) { // create the key pair that block rewards will be sent to var keyPair = txManager.CreateKeyPair(); coinbasePrivateKey = keyPair.Item1; coinbasePublicKey = keyPair.Item2; // create and mine the genesis block genesisBlock = genesisBlock ?? MineEmptyBlock(UInt256.Zero); // initialize unit test rules rules = new UnitTestRules() { // disable execution of rules validation ValidateTransactionAction = (_, __) => { }, ValidationTransactionScriptAction = (_, __, ___, ____, _____) => { } }; ChainParams.SetGenesisBlock(genesisBlock); blocks.Add(genesisBlock); chain.AddBlock(ChainParams.GenesisChainedHeader); }
public MqvPrivateParameters( ECPrivateKeyParameters staticPrivateKey, ECPrivateKeyParameters ephemeralPrivateKey, ECPublicKeyParameters ephemeralPublicKey) { if (staticPrivateKey == null) { throw new ArgumentNullException("staticPrivateKey"); } if (ephemeralPrivateKey == null) { throw new ArgumentNullException("ephemeralPrivateKey"); } ECDomainParameters parameters = staticPrivateKey.Parameters; if (!parameters.Equals(ephemeralPrivateKey.Parameters)) { throw new ArgumentException("Static and ephemeral private keys have different domain parameters"); } if (ephemeralPublicKey == null) { ephemeralPublicKey = new ECPublicKeyParameters( parameters.G.Multiply(ephemeralPrivateKey.D), parameters); } else if (!parameters.Equals(ephemeralPublicKey.Parameters)) { throw new ArgumentException("Ephemeral public key has different domain parameters"); } this.staticPrivateKey = staticPrivateKey; this.ephemeralPrivateKey = ephemeralPrivateKey; this.ephemeralPublicKey = ephemeralPublicKey; }
protected override void GenerateMasterSecret(byte[] clientEcdhPubkey, byte[] clientRandom, byte[] serverRandom, object privateParameters) { var pre_master = new byte[32]; if (privateParameters is Parameters.X25519PrivateKeyParameters x25519Prv) { var clientPub = new Parameters.X25519PublicKeyParameters(clientEcdhPubkey, 0); x25519Prv.GenerateSecret(clientPub, pre_master, 0); } else if (privateParameters is Parameters.X448PrivateKeyParameters x448Prv) { var clientPub = new Parameters.X448PublicKeyParameters(clientEcdhPubkey, 0); x448Prv.GenerateSecret(clientPub, pre_master, 0); } else if (privateParameters is Parameters.ECPrivateKeyParameters serverPrv) { var ecDomainParam = serverPrv.Parameters; var clientQ = TlsEccUtilities.DeserializeECPoint(new byte[] { 0x04 }, ecDomainParam.Curve, clientEcdhPubkey); var clientPub = new Parameters.ECPublicKeyParameters(clientQ, ecDomainParam); pre_master = TlsEccUtilities.CalculateECDHBasicAgreement(clientPub, serverPrv); } MasterSecret = RandomFunction.PRF.GetBytes_HMACSHA256(pre_master, "master secret", clientRandom.Concat(serverRandom).ToArray(), 48); }
private ECPublicKeyParameters SetPublicUncompressed( ECPublicKeyParameters key) { ECPoint p = key.Q.Normalize(); return new ECPublicKeyParameters( key.AlgorithmName, p.Curve.CreatePoint(p.XCoord.ToBigInteger(), p.YCoord.ToBigInteger()), key.Parameters); }
private void StaticTest() { FpCurve curve = new FpCurve( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b ECDomainParameters parameters = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G new BigInteger("6277101735386680763835789423176059013767194773182842284081")); // n ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( "ECDH", new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d parameters); ECPublicKeyParameters pubKey = new ECPublicKeyParameters( "ECDH", curve.DecodePoint(Hex.Decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q parameters); AsymmetricCipherKeyPair p1 = new AsymmetricCipherKeyPair(pubKey, priKey); AsymmetricCipherKeyPair p2 = new AsymmetricCipherKeyPair(pubKey, priKey); // // stream test // IesEngine i1 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest())); IesEngine i2 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest())); byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; IesParameters p = new IesParameters(d, e, 64); i1.Init(true, p1.Private, p2.Public, p); i2.Init(false, p2.Private, p1.Public, p); byte[] message = Hex.Decode("1234567890abcdef"); byte[] out1 = i1.ProcessBlock(message, 0, message.Length); if (!AreEqual(out1, Hex.Decode("468d89877e8238802403ec4cb6b329faeccfa6f3a730f2cdb3c0a8e8"))) { Fail("stream cipher test failed on enc"); } byte[] out2 = i2.ProcessBlock(out1, 0, out1.Length); if (!AreEqual(out2, message)) { Fail("stream cipher test failed"); } // // twofish with CBC // BufferedBlockCipher c1 = new PaddedBufferedBlockCipher( new CbcBlockCipher(new TwofishEngine())); BufferedBlockCipher c2 = new PaddedBufferedBlockCipher( new CbcBlockCipher(new TwofishEngine())); i1 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest()), c1); i2 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest()), c2); d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; p = new IesWithCipherParameters(d, e, 64, 128); i1.Init(true, p1.Private, p2.Public, p); i2.Init(false, p2.Private, p1.Public, p); message = Hex.Decode("1234567890abcdef"); out1 = i1.ProcessBlock(message, 0, message.Length); if (!AreEqual(out1, Hex.Decode("b8a06ea5c2b9df28b58a0a90a734cde8c9c02903e5c220021fe4417410d1e53a32a71696"))) { Fail("twofish cipher test failed on enc"); } out2 = i2.ProcessBlock(out1, 0, out1.Length); if (!AreEqual(out2, message)) { Fail("twofish cipher test failed"); } }
private void button2_Click(object sender, EventArgs ea) { ECGost3410Signer signer = new ECGost3410Signer(); ECPublicKeyParameters pubKey = new ECPublicKeyParameters( "ECGOST3410", new FpPoint(curve, new FpFieldElement(mod_p, TextBoxToBigInteger16(tbValPublicX)), // x new FpFieldElement(mod_p, TextBoxToBigInteger16(tbValPublicY))), // y parameters); BigInteger H = TextBoxToBigInteger16(tbH); BigInteger rs = TextBoxToBigInteger16(tbrs); BigInteger ss = TextBoxToBigInteger16(tbss); BigInteger q = parameters.N; //FpPoint G = (FpPoint)parameters.G; //FpPoint Q = new FpPoint(curve, new FpFieldElement(mod_p, TextBoxToBigInteger16(tbValPublicX)), new FpFieldElement(mod_p, TextBoxToBigInteger16(tbValPublicY))); BigInteger e = H.Mod(q); byte[] ee = e.ToByteArray(); byte[] message = H.ToByteArray(); Array.Reverse(message); signer.Init(false, pubKey); MessageBox.Show(signer.VerifySignature(message, rs, ss).ToString(), "Проверка подписи"); //FpPoint C = (FpPoint)(G.Multiply(e.ModInverse(q).Multiply(ss).Mod(q)).Subtract(Q.Multiply(e.ModInverse(q).Multiply(rs).Mod(q)))); //BigInteger x = C.X.ToBigInteger(); }
protected bool Equals(ECPublicKeyParameters other) { return(this.q.Equals(other.q) && base.Equals(other)); }
public MqvPrivateParameters(ECPrivateKeyParameters staticPrivateKey, ECPrivateKeyParameters ephemeralPrivateKey, ECPublicKeyParameters ephemeralPublicKey) { this.staticPrivateKey = staticPrivateKey; this.ephemeralPrivateKey = ephemeralPrivateKey; this.ephemeralPublicKey = ephemeralPublicKey; }
protected bool Equals(ECPublicKeyParameters other) => (this.q.Equals(other.q) && base.Equals((ECKeyParameters)other));
protected bool Equals(ECPublicKeyParameters other) { return(q.Equals(other.q) && Equals((ECKeyParameters)other)); }