private void btnSign_Click(object sender, EventArgs e) { BInteger p = new BInteger("6277101735386680763835789423207666416083908700390324961279", 10); BInteger a = new BInteger("-3", 10); BInteger b = new BInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16); byte[] xG = FromHexStringToByte("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012"); BInteger n = new BInteger("ffffffffffffffffffffffff99def836146bc9b1b4d22831", 16); DSGost DS = new DSGost(p, a, b, n, xG); d = DS.GenPrivateKey(192); Q = DS.GenPublicKey(d); GOST hash = new GOST(256); byte[] H = hash.GetHash(System.Text.Encoding.Default.GetBytes(textBoxText.Text)); string sign = DS.SingGen(H, d); textBox2Hash.Text = sign; bool result = DS.SingVer(H, sign, Q); }
private void btnTest_Click(object sender, EventArgs e) { BInteger p = new BInteger("3623986102229003635907788753683874306021320925534678605086546150450856166624002482588482022271496854025090823603058735163734263822371964987228582907372403", 10); BInteger x = new BInteger("1928356944067022849399309401243137598997786635459507974357075491307766592685835441065557681003184874819658004903212332884252335830250729527632383493573274", 10); BInteger y = new BInteger("2288728693371972859970012155529478416353562327329506180314497425931102860301572814141997072271708807066593850650334152381857347798885864807605098724013854", 10); BInteger a = new BInteger(7); BInteger b = new BInteger("1518655069210828534508950034714043154928747527740206436194018823352809982443793732829756914785974674866041605397883677596626326413990136959047435811826396", 10); BInteger k = new BInteger("175516356025850499540628279921125280333451031747737791650208144243182057075034446102986750962508909227235866126872473516807810541747529710309879958632945", 10); ECPoint P1 = new ECPoint(); P1.a = a; P1.b = b; P1.FieldChar = p; P1.x = x; P1.y = y; ECPoint P3 = ECPoint.multiply(k, P1); BInteger r = P3.x % p; /////// DS forming BInteger q = new BInteger("3623986102229003635907788753683874306021320925534678605086546150450856166623969164898305032863068499961404079437936585455865192212970734808812618120619743", 10); BInteger d = new BInteger("610081804136373098219538153239847583006845519069531562982388135354890606301782255383608393423372379057665527595116827307025046458837440766121180466875860", 10); BInteger E = new BInteger("2897963881682868575562827278553865049173745197871825199562947419041388950970536661109553499954248733088719748844538964641281654463513296973827706272045964", 10); BInteger s = ((r * d) + (k * E)) % q; //////// DS verification BInteger v = E.modInverse(q); BInteger z = (s * v) % q; BInteger z2 = q + ((-(r * v)) % q); BInteger x1 = new BInteger("909546853002536596556690768669830310006929272546556281596372965370312498563182320436892870052842808608262832456858223580713780290717986855863433431150561", 10); BInteger y1 = new BInteger(" 2921457203374425620632449734248415455640700823559488705164895837509539134297327397380287741428246088626609329139441895016863758984106326600572476822372076", 10); ECPoint Q = new ECPoint(); Q.a = a; Q.b = b; Q.x = x1; Q.y = y1; Q.FieldChar = p; ECPoint A = ECPoint.multiply(z, P1); ECPoint B = ECPoint.multiply(z2, Q); ECPoint C = A + B; }
//проверяем подпись public bool SingVer(byte[] H, string sing, ECPoint Q) { string Rvector = sing.Substring(0, n.bitCount() / 4); string Svector = sing.Substring(n.bitCount() / 4, n.bitCount() / 4); BInteger r = new BInteger(Rvector, 16); BInteger s = new BInteger(Svector, 16); if ((r < 1) || (r > (n - 1)) || (s < 1) || (s > (n - 1))) return false; BInteger alpha = new BInteger(H); BInteger e = alpha % n; if (e == 0) e = 1; BInteger v = e.modInverse(n); BInteger z1 = (s * v) % n; BInteger z2 = n + ((-(r * v)) % n); this.G = GDecompression(); ECPoint A = ECPoint.multiply(z1, G); ECPoint B = ECPoint.multiply(z2, Q); ECPoint C = A + B; BInteger R = C.x % n; if (R == r) return true; else return false; }
//подписываем сообщение public string SingGen(byte[] h, BInteger d) { BInteger alpha = new BInteger(h); BInteger e = alpha % n; if (e == 0) e = 1; BInteger k = new BInteger(); ECPoint C = new ECPoint(); BInteger r = new BInteger(); BInteger s = new BInteger(); do { do { k.genRandomBits(n.bitCount(), new Random()); } while ((k < 0) || (k > n)); C = ECPoint.multiply(k, G); r = C.x % n; s = ((r * d) + (k * e)) % n; } while ((r == 0) || (s == 0)); string Rvector = padding(r.ToHexString(), n.bitCount() / 4); string Svector = padding(s.ToHexString(), n.bitCount() / 4); return Rvector + Svector; }
//Восстанавливаем координату y из координаты x и бита четности y private ECPoint GDecompression() { byte y = xG[0]; byte[] x = new byte[xG.Length - 1]; Array.Copy(xG, 1, x, 0, xG.Length - 1); BInteger Xcord = new BInteger(x); BInteger temp = (Xcord * Xcord * Xcord + a * Xcord + b) % p; BInteger beta = ModSqrt(temp, p); BInteger Ycord = new BInteger(); if ((beta % 2) == (y % 2)) Ycord = beta; else Ycord = p - beta; ECPoint G = new ECPoint(); G.a = a; G.b = b; G.FieldChar = p; G.x = Xcord; G.y = Ycord; this.G = G; return G; }
//умножение точки на число x, по сути своей представляет x сложений точки самой с собой public static ECPoint multiply(BInteger x, ECPoint p) { ECPoint temp = p; x = x - 1; while (x != 0) { if ((x % 2) != 0) { if ((temp.x == p.x) || (temp.y == p.y)) temp = Double(temp); else temp = temp + p; x = x - 1; } x = x / 2; p = Double(p); } return temp; }
//сложение точки P c собой же public static ECPoint Double(ECPoint p) { ECPoint p2 = new ECPoint(); p2.a = p.a; p2.b = p.b; p2.FieldChar = p.FieldChar; BInteger dy = 3 * p.x * p.x + p.a; BInteger dx = 2 * p.y; if (dx < 0) dx += p.FieldChar; if (dy < 0) dy += p.FieldChar; BInteger m = (dy * dx.modInverse(p.FieldChar)) % p.FieldChar; p2.x = (m * m - p.x - p.x) % p.FieldChar; p2.y = (m * (p.x - p2.x) - p.y) % p.FieldChar; if (p2.x < 0) p2.x += p.FieldChar; if (p2.y < 0) p2.y += p.FieldChar; return p2; }
//сложение двух точек P1 и P2 public static ECPoint operator +(ECPoint p1, ECPoint p2) { ECPoint p3 = new ECPoint(); p3.a = p1.a; p3.b = p1.b; p3.FieldChar = p1.FieldChar; BInteger dy = p2.y - p1.y; BInteger dx = p2.x - p1.x; if (dx < 0) dx += p1.FieldChar; if (dy < 0) dy += p1.FieldChar; BInteger m = (dy * dx.modInverse(p1.FieldChar)) % p1.FieldChar; if (m < 0) m += p1.FieldChar; p3.x = (m * m - p1.x - p2.x) % p1.FieldChar; p3.y = (m * (p1.x - p3.x) - p1.y) % p1.FieldChar; if (p3.x < 0) p3.x += p1.FieldChar; if (p3.y < 0) p3.y += p1.FieldChar; return p3; }
public ECPoint(ECPoint p) { x = p.x; y = p.y; a = p.a; b = p.b; FieldChar = p.FieldChar; }