public X9ECParameters( ECCurve curve, ECPoint g, BigInteger n) : this(curve, g, n, BigInteger.One, null) { }
private static ECPoint ImplShamirsTrick(ECPoint P, BigInteger k, ECPoint Q, BigInteger l) { int m = System.Math.Max(k.BitLength, l.BitLength); ECPoint Z = P.Add(Q); ECPoint R = P.Curve.Infinity; for (int i = m - 1; i >= 0; --i) { R = R.Twice(); if (k.TestBit(i)) { if (l.TestBit(i)) { R = R.Add(Z); } else { R = R.Add(P); } } else { if (l.TestBit(i)) { R = R.Add(Q); } } } return R; }
public ECDomainParameters( ECCurve curve, ECPoint g, BigInteger n) : this(curve, g, n, BigInteger.One) { }
public ECDomainParameters( ECCurve curve, ECPoint g, BigInteger n, BigInteger h) : this(curve, g, n, h, null) { }
public ECPublicKeyParameters( ECPoint q, DerObjectIdentifier publicKeyParamSet) : base("ECGOST3410", false, publicKeyParamSet) { if (q == null) throw new ArgumentNullException("q"); this.q = q; }
public ECPublicKeyParameters( string algorithm, ECPoint q, ECDomainParameters parameters) : base(algorithm, false, parameters) { if (q == null) throw new ArgumentNullException("q"); this.q = q; }
public ECPublicKeyParameters( string algorithm, ECPoint q, DerObjectIdentifier publicKeyParamSet) : base(algorithm, false, publicKeyParamSet) { if (q == null) throw new ArgumentNullException("q"); this.q = q; }
/* * "Shamir's Trick", originally due to E. G. Straus * (Addition chains of vectors. American Mathematical Monthly, * 71(7):806-808, Aug./Sept. 1964) * * Input: The points P, Q, scalar k = (km?, ... , k1, k0) * and scalar l = (lm?, ... , l1, l0). * Output: R = k * P + l * Q. * 1: Z <- P + Q * 2: R <- O * 3: for i from m-1 down to 0 do * 4: R <- R + R {point doubling} * 5: if (ki = 1) and (li = 0) then R <- R + P end if * 6: if (ki = 0) and (li = 1) then R <- R + Q end if * 7: if (ki = 1) and (li = 1) then R <- R + Z end if * 8: end for * 9: return R */ public static ECPoint ShamirsTrick( ECPoint P, BigInteger k, ECPoint Q, BigInteger l) { if (!P.Curve.Equals(Q.Curve)) throw new ArgumentException("P and Q must be on same curve"); return ImplShamirsTrick(P, k, Q, l); }
public static ECPoint SumOfTwoMultiplies(ECPoint P, BigInteger a, ECPoint Q, BigInteger b) { ECCurve c = P.Curve; if (!c.Equals(Q.Curve)) throw new ArgumentException("P and Q must be on same curve"); // Point multiplication for Koblitz curves (using WTNAF) beats Shamir's trick if (c is F2mCurve) { F2mCurve f2mCurve = (F2mCurve) c; if (f2mCurve.IsKoblitz) { return P.Multiply(a).Add(Q.Multiply(b)); } } return ImplShamirsTrick(P, a, Q, b); }
public X9ECParameters( Asn1Sequence seq) { if (!(seq[0] is DerInteger) || !((DerInteger) seq[0]).Value.Equals(BigInteger.One)) { throw new ArgumentException("bad version in X9ECParameters"); } X9Curve x9c = null; if (seq[2] is X9Curve) { x9c = (X9Curve) seq[2]; } else { x9c = new X9Curve( new X9FieldID( (Asn1Sequence) seq[1]), (Asn1Sequence) seq[2]); } this.curve = x9c.Curve; if (seq[3] is X9ECPoint) { this.g = ((X9ECPoint) seq[3]).Point; } else { this.g = new X9ECPoint(curve, (Asn1OctetString) seq[3]).Point; } this.n = ((DerInteger) seq[4]).Value; this.seed = x9c.GetSeed(); if (seq.Count == 6) { this.h = ((DerInteger) seq[5]).Value; } }
public ECDomainParameters( ECCurve curve, ECPoint g, BigInteger n, BigInteger h, byte[] seed) { if (curve == null) throw new ArgumentNullException("curve"); if (g == null) throw new ArgumentNullException("g"); if (n == null) throw new ArgumentNullException("n"); if (h == null) throw new ArgumentNullException("h"); this.curve = curve; this.g = g; this.n = n; this.h = h; this.seed = Arrays.Clone(seed); }
public X9ECParameters( ECCurve curve, ECPoint g, BigInteger n, BigInteger h, byte[] seed) { this.curve = curve; this.g = g; this.n = n; this.h = h; this.seed = seed; if (curve is FpCurve) { this.fieldID = new X9FieldID(((FpCurve) curve).Q); } else if (curve is F2mCurve) { F2mCurve curveF2m = (F2mCurve) curve; this.fieldID = new X9FieldID(curveF2m.M, curveF2m.K1, curveF2m.K2, curveF2m.K3); } }
/* (non-Javadoc) * @see org.bouncycastle.math.ec.ECPoint#add(org.bouncycastle.math.ec.ECPoint) */ public override ECPoint Add(ECPoint b) { CheckPoints(this, b); return AddSimple((F2mPoint) b); }
public abstract ECPoint Subtract(ECPoint b);
public abstract ECPoint Add(ECPoint b);
public X9ECPoint( ECCurve c, Asn1OctetString s) { this.p = c.DecodePoint(s.GetOctets()); }
public ECPublicKeyParameters( ECPoint q, ECDomainParameters parameters) : this("EC", q, parameters) { }
public X9ECPoint( ECPoint p) { this.p = p; }
/* (non-Javadoc) * @see org.bouncycastle.math.ec.ECPoint#subtract(org.bouncycastle.math.ec.ECPoint) */ public override ECPoint Subtract( ECPoint b) { CheckPoints(this, b); return SubtractSimple((F2mPoint) b); }
// B.3 pg 62 public override ECPoint Add( ECPoint b) { if (this.IsInfinity) return b; if (b.IsInfinity) return this; // Check if b = this or b = -this if (this.x.Equals(b.x)) { if (this.y.Equals(b.y)) { // this = b, i.e. this must be doubled return this.Twice(); } Debug.Assert(this.y.Equals(b.y.Negate())); // this = -b, i.e. the result is the point at infinity return this.curve.Infinity; } ECFieldElement gamma = b.y.Subtract(this.y).Divide(b.x.Subtract(this.x)); ECFieldElement x3 = gamma.Square().Subtract(this.x).Subtract(b.x); ECFieldElement y3 = gamma.Multiply(this.x.Subtract(x3)).Subtract(this.y); return new FpPoint(curve, x3, y3); }
/** * Check, if two <code>ECPoint</code>s can be added or subtracted. * @param a The first <code>ECPoint</code> to check. * @param b The second <code>ECPoint</code> to check. * @throws IllegalArgumentException if <code>a</code> and <code>b</code> * cannot be added. */ private static void CheckPoints( ECPoint a, ECPoint b) { // Check, if points are on the same curve if (!a.curve.Equals(b.curve)) throw new ArgumentException("Only points on the same curve can be added or subtracted"); // F2mFieldElement.CheckFieldElements(a.x, b.x); }
// D.3.2 pg 102 (see Note:) public override ECPoint Subtract( ECPoint b) { if (b.IsInfinity) return this; // Add -b return Add(b.Negate()); }