public ECPoint Add(ECPoint other)
{
if (this.IsInifinity())
{
return(other);
}
if (other.IsInifinity())
{
return(this);
}
Number z1p2 = this._z2, z2p2 = other._z2, z1p3 = this._z3, z2p3 = other._z3;
if (z1p2 == null)
{
this._z2 = z1p2 = _field.Multiply(_z, _z);
}
if (z2p2 == null)
{
other._z2 = z2p2 = _field.Multiply(other._z, other._z);
}
if (z1p3 == null)
{
this._z3 = z1p3 = _field.Multiply(z1p2, this._z);
}
if (z2p3 == null)
{
other._z3 = z2p3 = _field.Multiply(z2p2, other._z);
}
Number u1 = _field.Multiply(_x, z2p2);
Number u2 = _field.Multiply(other._x, z1p2);
Number H = _field.Subtract(u2, u1);
Number s1 = _field.Multiply(_y, z2p3);
Number s2 = _field.Multiply(other._y, z1p3);
Number r = _field.Subtract(s2, s1);
if (H.IsZero())
{
if (r.IsZero())
{
return(Double());
}
return(_field.GetInfinityPoint(_group));
}
Number H2 = _field.Multiply(H, H);
Number H3 = _field.Multiply(H2, H);
Number X = _field.Subtract(_field.Subtract(_field.Multiply(r, r), H3), _field.Multiply(_field.Add(u1, u1), H2));
Number Y = _field.Subtract(_field.Multiply(r, _field.Subtract(_field.Multiply(u1, H2), X)), _field.Multiply(s1, H3));
Number Z = _field.Multiply(_field.Multiply(_z, other._z), H);
return(new ECPoint(_group, X, Y, Z));
}
public void ToByteArrayTest ()
{
ECDomainParameters domain = ECDomains.GetDomainParameter (ECDomainNames.secp192r1);
ECGroup group = domain.Group;
ECPoint p = domain.Group.FiniteField.GetInfinityPoint (group);
ECPoint g = domain.G.Export ();
byte[] tmp = p.ToByteArray (true);
Assert.IsTrue (tmp.Length == 1, "#1");
Assert.IsTrue (tmp[0] == 0, "#2");
p = new ECPoint (group, tmp);
Assert.IsTrue (p.IsInifinity (), "#3");
tmp = domain.G.ToByteArray (false);
Assert.IsTrue (tmp.Length == ((domain.Bits >> 3) + ((domain.Bits & 7) == 0 ? 0 : 1)) * 2 + 1, "#4");
p = new ECPoint (group, tmp).Export ();
Assert.IsTrue (p.X.CompareTo (g.X) == 0, "#5");
Assert.IsTrue (p.Y.CompareTo (g.Y) == 0, "#6");
tmp = domain.G.ToByteArray (true);
Assert.IsTrue (tmp.Length == ((domain.Bits >> 3) + ((domain.Bits & 7) == 0 ? 0 : 1)) + 1, "#7");
p = new ECPoint (group, tmp).Export ();
Assert.IsTrue (p.X.CompareTo (g.X) == 0, "#8");
Assert.IsTrue (p.Y.CompareTo (g.Y) == 0, "#9");
}
/// <summary>
/// TODO: 未実装のValidationステップを実装する
/// </summary>
public bool Validate()
{
IFiniteField ff = _group.FiniteField;
// Step1: Check that p is an odd prime
// Step2: Check that a,b,Gx and Gy are integers in the interval [0, p - 1]
ECPoint ExportedG = _G.Export();
Number Gx = ff.ToElement(ExportedG.X);
Number Gy = ff.ToElement(ExportedG.Y);
if (A > P || B > P || Gx > P || Gy > P)
{
return(false);
}
// Step3: Check that 4*a^3 + 27*b^2 != 0 (mod p)
Number Apow3 = ff.Multiply(A, ff.Multiply(A, A));
Number Bpow2 = ff.Multiply(B, B);
Number ret = ff.Add(ff.Multiply(ff.ToElement(Number.Four), ff.ToElement(Apow3)), ff.Multiply(ff.ToElement(Number.TwentySeven), Bpow2));
if (ret.IsZero())
{
return(false);
}
// Step4: Gy^2 = Gx^3 + a*Gx + b
Number aGx = ff.Multiply(A, Gx);
Number Xpow3 = ff.Multiply(Gx, ff.Multiply(Gx, Gx));
Number Ypow2 = ff.Multiply(Gy, Gy);
ret = ff.Add(Xpow3, ff.Add(aGx, B));
if (ret.CompareTo(Ypow2) != 0)
{
return(false);
}
// Step5: Check that n is prime.
// Step6: Check that h <= 4, and that h = (sqrt(p)+1)^2 / n
// Step7: Check that nG = O
ECPoint nG = _G.Multiply(N).Export();
if (!nG.IsInifinity())
{
return(false);
}
// Step8: Check that q^B != 1 (mod n) for any 1 <= B <= 20, and that nh != p
Number p = Number.One;
Classical c = new Classical(N);
for (int i = 0; i <= 20; i++)
{
p = c.Multiply(p, P);
if (p.IsOne())
{
return(false);
}
}
if (c.Multiply(N, new Number(new uint[] { H }, 1)).CompareTo(P) == 0)
{
return(false);
}
return(true);
}
public ECPoint Add (ECPoint other)
{
if (this.IsInifinity ())
return other;
if (other.IsInifinity ())
return this;
Number z1p2 = this._z2, z2p2 = other._z2, z1p3 = this._z3, z2p3 = other._z3;
if (z1p2 == null) this._z2 = z1p2 = _field.Multiply (_z, _z);
if (z2p2 == null) other._z2 = z2p2 = _field.Multiply (other._z, other._z);
if (z1p3 == null) this._z3 = z1p3 = _field.Multiply (z1p2, this._z);
if (z2p3 == null) other._z3 = z2p3 = _field.Multiply (z2p2, other._z);
Number u1 = _field.Multiply (_x, z2p2);
Number u2 = _field.Multiply (other._x, z1p2);
Number H = _field.Subtract (u2, u1);
Number s1 = _field.Multiply (_y, z2p3);
Number s2 = _field.Multiply (other._y, z1p3);
Number r = _field.Subtract (s2, s1);
if (H.IsZero ()) {
if (r.IsZero ())
return Double ();
return _field.GetInfinityPoint (_group);
}
Number H2 = _field.Multiply (H, H);
Number H3 = _field.Multiply (H2, H);
Number X = _field.Subtract (_field.Subtract (_field.Multiply (r, r), H3), _field.Multiply (_field.Add (u1, u1), H2));
Number Y = _field.Subtract (_field.Multiply (r, _field.Subtract (_field.Multiply (u1, H2), X)), _field.Multiply (s1, H3));
Number Z = _field.Multiply (_field.Multiply (_z, other._z), H);
return new ECPoint (_group, X, Y, Z);
}