ECCurve curve = //... ECFieldElement x = //... ECFieldElement y = //... ECFieldElement a = curve.getA(); ECFieldElement b = curve.getB(); ECFieldElement lhs = y.multiply(y); ECFieldElement rhs = x.multiply(x).multiply(x).add(a.multiply(x)).add(b); boolean pointIsOnCurve = lhs.equals(rhs);
public int hashCode() { return getField().hashCode() ^ Integers.rotateLeft(getA().toBigInteger().hashCode(), 8) ^ Integers.rotateLeft(getB().toBigInteger().hashCode(), 16); }
public int hashCode() { return getField().hashCode() ^ Integers.rotateLeft(getA().toBigInteger().hashCode(), 8) ^ Integers.rotateLeft(getB().toBigInteger().hashCode(), 16); }
public static void discoverEndomorphisms(X9ECParameters x9) { if (x9 == null) { throw new NullPointerException("x9"); } ECCurve c = x9.getCurve(); if (ECAlgorithms.isFpCurve(c)) { BigInteger characteristic = c.getField().getCharacteristic(); if (c.getA().isZero() && characteristic.mod(ECConstants.THREE).equals(ECConstants.ONE)) { System.out.println("Curve has a 'GLV Type B' endomorphism with these parameters:"); printGLVTypeBParameters(x9); } } }
private static void discoverEndomorphisms(String curveName) { X9ECParameters x9 = ECNamedCurveTable.getByName(curveName); if (x9 == null) { System.err.println("Unknown curve: " + curveName); return; } ECCurve c = x9.getCurve(); if (ECAlgorithms.isFpCurve(c)) { BigInteger characteristic = c.getField().getCharacteristic(); if (c.getA().isZero() && characteristic.mod(ECConstants.THREE).equals(ECConstants.ONE)) { System.out.println("Curve '" + curveName + "' has a 'GLV Type B' endomorphism with these parameters:"); printGLVTypeBParameters(x9); } } }
private static void discoverEndomorphism(String curveName) { X9ECParameters x9 = ECNamedCurveTable.getByName(curveName); if (x9 == null) { System.err.println("Unknown curve: " + curveName); return; } ECCurve c = x9.getCurve(); if (ECAlgorithms.isFpCurve(c)) { BigInteger characteristic = c.getField().getCharacteristic(); if (c.getA().isZero() && characteristic.mod(ECConstants.THREE).equals(ECConstants.ONE)) { System.out.println("Curve '" + curveName + "' has a 'GLV Type B' endomorphism with these parameters: "); printGLVTypeBParameters(x9); } } }
private static EllipticCurve convertCurve( ECCurve curve, byte[] seed) { ECField field = convertField(curve.getField()); BigInteger a = curve.getA().toBigInteger(), b = curve.getB().toBigInteger(); return new EllipticCurve(field, a, b, seed); }
public static EllipticCurve convertCurve( ECCurve curve, byte[] seed) { ECField field = convertField(curve.getField()); BigInteger a = curve.getA().toBigInteger(), b = curve.getB().toBigInteger(); // TODO: the Sun EC implementation doesn't currently handle the seed properly // so at the moment it's set to null. Should probably look at making this configurable return new EllipticCurve(field, a, b, null); }
@Deprecated public static ECPoint decompressFPPoint(ECCurve curve, BigInteger X) { // See Andrey Jivsov https://www.ietf.org/archive/id/draft-jivsov-ecc-compact-05.txt. ECFieldElement x = curve.fromBigInteger(X); ECFieldElement rhs = x.square().add(curve.getA()).multiply(x).add(curve.getB()); // y' = sqrt( C(x) ), where y'>0 ECFieldElement yTilde = rhs.sqrt(); if (yTilde == null) { throw new IllegalArgumentException("invalid point compression"); } // y = min(y',p-y') BigInteger yT = yTilde.toBigInteger(); BigInteger yTn = yTilde.negate().toBigInteger(); BigInteger y = yT.compareTo(yTn) == -1 ? yT : yTn; // Q=(x,y) is the canonical representation of the point ECPoint Q = curve.createPoint(X, y); return Q; }
public static BigInteger y(ECCurve curve, BigInteger x) { // Andrey Jivsov https://www.ietf.org/archive/id/draft-jivsov-ecc-compact-05.txt. ECFieldElement X = curve.fromBigInteger(x); ECFieldElement rhs = X.square().add(curve.getA()).multiply(X).add(curve.getB()); // y' = sqrt( C(x) ), where y'>0 ECFieldElement yTilde = rhs.sqrt(); if (yTilde == null) { throw new IllegalArgumentException("invalid point compression"); } // y = min(y',p-y') BigInteger yT = yTilde.toBigInteger(); BigInteger yTn = yTilde.negate().toBigInteger(); BigInteger y = yT.compareTo(yTn) == -1 ? yT : yTn; return y; }
protected Curve25519FieldElement calculateJacobianModifiedW(Curve25519FieldElement Z, int[] ZSquared) { Curve25519FieldElement a4 = (Curve25519FieldElement)this.getCurve().getA(); if (Z.isOne()) { return a4; } Curve25519FieldElement W = new Curve25519FieldElement(); if (ZSquared == null) { ZSquared = W.x; Curve25519Field.square(Z.x, ZSquared); } Curve25519Field.square(ZSquared, W.x); Curve25519Field.multiply(W.x, a4.x, W.x); return W; }
protected Curve25519FieldElement calculateJacobianModifiedW(Curve25519FieldElement Z, int[] ZSquared) { Curve25519FieldElement a4 = (Curve25519FieldElement)this.getCurve().getA(); if (Z.isOne()) { return a4; } Curve25519FieldElement W = new Curve25519FieldElement(); if (ZSquared == null) { ZSquared = W.x; Curve25519Field.square(Z.x, ZSquared); } Curve25519Field.square(ZSquared, W.x); Curve25519Field.multiply(W.x, a4.x, W.x); return W; }
public static String generateKeyFingerprint(ECPoint publicPoint, org.bouncycastle.jce.spec.ECParameterSpec spec) { ECCurve curve = spec.getCurve(); ECPoint g = spec.getG(); if (curve != null) { return new Fingerprint(Arrays.concatenate(publicPoint.getEncoded(false), curve.getA().getEncoded(), curve.getB().getEncoded(), g.getEncoded(false))).toString(); } return new Fingerprint(publicPoint.getEncoded(false)).toString(); } }
protected ECFieldElement calculateJacobianModifiedW(ECFieldElement Z, ECFieldElement ZSquared) { ECFieldElement a4 = this.getCurve().getA(); if (a4.isZero() || Z.isOne()) { return a4; } if (ZSquared == null) { ZSquared = Z.square(); } ECFieldElement W = ZSquared.square(); ECFieldElement a4Neg = a4.negate(); if (a4Neg.bitLength() < a4.bitLength()) { W = W.multiply(a4Neg).negate(); } else { W = W.multiply(a4); } return W; }
protected ECFieldElement calculateJacobianModifiedW(ECFieldElement Z, ECFieldElement ZSquared) { ECFieldElement a4 = this.getCurve().getA(); if (a4.isZero() || Z.isOne()) { return a4; } if (ZSquared == null) { ZSquared = Z.square(); } ECFieldElement W = ZSquared.square(); ECFieldElement a4Neg = a4.negate(); if (a4Neg.bitLength() < a4.bitLength()) { W = W.multiply(a4Neg).negate(); } else { W = W.multiply(a4); } return W; }
private byte[] getZ(Digest digest, byte[] userID, ECPoint pubPoint) { addUserID(digest, userID); addFieldElement(digest, ecParams.getCurve().getA()); addFieldElement(digest, ecParams.getCurve().getB()); addFieldElement(digest, ecParams.getG().getAffineXCoord()); addFieldElement(digest, ecParams.getG().getAffineYCoord()); addFieldElement(digest, pubPoint.getAffineXCoord()); addFieldElement(digest, pubPoint.getAffineYCoord()); return digestDoFinal(); }
private byte[] getZ(byte[] userID) { digest.reset(); addUserID(digest, userID); addFieldElement(digest, ecParams.getCurve().getA()); addFieldElement(digest, ecParams.getCurve().getB()); addFieldElement(digest, ecParams.getG().getAffineXCoord()); addFieldElement(digest, ecParams.getG().getAffineYCoord()); addFieldElement(digest, pubPoint.getAffineXCoord()); addFieldElement(digest, pubPoint.getAffineYCoord()); byte[] result = new byte[digest.getDigestSize()]; digest.doFinal(result, 0); return result; }
public static byte[] getSM2Z(byte[] userID, ASN1ObjectIdentifier curveOid, BigInteger pubPointX, BigInteger pubPointY) { SM3Digest digest = new SM3Digest(); addUserId(digest, userID); X9ECParameters ecParams = GMNamedCurves.getByOID(curveOid); addFieldElement(digest, ecParams.getCurve().getA()); addFieldElement(digest, ecParams.getCurve().getB()); addFieldElement(digest, ecParams.getG().getAffineXCoord()); addFieldElement(digest, ecParams.getG().getAffineYCoord()); int fieldSize = (ecParams.getCurve().getFieldSize() + 7) / 8; byte[] bytes = BigIntegers.asUnsignedByteArray(fieldSize, pubPointX); digest.update(bytes, 0, fieldSize); bytes = BigIntegers.asUnsignedByteArray(fieldSize, pubPointY); digest.update(bytes, 0, fieldSize); byte[] result = new byte[digest.getDigestSize()]; digest.doFinal(result, 0); return result; }