public String toString() { StringBuffer buf = new StringBuffer(); String nl = Strings.lineSeparator(); buf.append("EC Public Key").append(nl); buf.append(" X: ").append(this.q.getAffineXCoord().toBigInteger().toString(16)).append(nl); buf.append(" Y: ").append(this.q.getAffineYCoord().toBigInteger().toString(16)).append(nl); return buf.toString(); }
public static String publicKeyToString(String algorithm, org.bouncycastle.math.ec.ECPoint q, org.bouncycastle.jce.spec.ECParameterSpec spec) { StringBuffer buf = new StringBuffer(); String nl = Strings.lineSeparator(); buf.append(algorithm); buf.append(" Public Key [").append(ECUtil.generateKeyFingerprint(q, spec)).append("]").append(nl); buf.append(" X: ").append(q.getAffineXCoord().toBigInteger().toString(16)).append(nl); buf.append(" Y: ").append(q.getAffineYCoord().toBigInteger().toString(16)).append(nl); return buf.toString(); }
public static String privateKeyToString(String algorithm, BigInteger d, org.bouncycastle.jce.spec.ECParameterSpec spec) { StringBuffer buf = new StringBuffer(); String nl = Strings.lineSeparator(); org.bouncycastle.math.ec.ECPoint q = calculateQ(d, spec); buf.append(algorithm); buf.append(" Private Key [").append(ECUtil.generateKeyFingerprint(q, spec)).append("]").append(nl); buf.append(" X: ").append(q.getAffineXCoord().toBigInteger().toString(16)).append(nl); buf.append(" Y: ").append(q.getAffineYCoord().toBigInteger().toString(16)).append(nl); return buf.toString(); }
private static String createSigningAlgorithm(KeyPair keyPair) { switch (keyPair.getPublic().getAlgorithm()) { case "RSA": return "SHA256withRSA"; case "EC": return "SHA256withECDSA"; case "DH": return "SHA256withDSA"; case "ECGOST3410": return "GOST3411WITHECGOST3410"; case "ECGOST3410-2012": BigInteger x = ((BCECGOST3410_2012PublicKey) keyPair.getPublic()).getQ().getAffineXCoord() .toBigInteger(); if (x.bitLength() > 256) { return "GOST3411-2012-512WITHGOST3410-2012-512"; } else { return "GOST3411-2012-256WITHGOST3410-2012-256"; } default: throw new UnsupportedOperationException("Algorithm " + keyPair.getPublic().getAlgorithm() + " not supported"); } }
private BigInteger getScalarMultipleXCoord(ECPoint p, BigInteger s) { return _fixedPointMultiplier.multiply(p, s).normalize().getAffineXCoord().toBigInteger(); } }
public byte[] agreement(BigInteger d) { // TODO thread safety of ECPoint unclear. synchronized (lock) { ECPoint P = Q.multiply(d).normalize(); if (P.isInfinity()) { throw new IllegalStateException("invalid EDCH: infinity"); } return P.getAffineXCoord().getEncoded(); } }
private BigInteger getScalarMultipleXCoord(ECPoint p, BigInteger s) { return _fixedPointMultiplier.multiply(p, s).normalize().getAffineXCoord().toBigInteger(); } }
private byte[] calculateInnerHash(Digest digest, ECPoint u, byte[] za, byte[] zb, ECPoint p1, ECPoint p2) { addFieldElement(digest, u.getAffineXCoord()); digest.update(za, 0, za.length); digest.update(zb, 0, zb.length); addFieldElement(digest, p1.getAffineXCoord()); addFieldElement(digest, p1.getAffineYCoord()); addFieldElement(digest, p2.getAffineXCoord()); addFieldElement(digest, p2.getAffineYCoord()); return digestDoFinal(); }
public BigInteger calculateAgreement( CipherParameters pubKey) { ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey; ECPoint P = pub.getQ().multiply(key.getD()).normalize(); if (P.isInfinity()) { throw new IllegalStateException("Infinity is not a valid agreement value for ECDH"); } return P.getAffineXCoord().toBigInteger(); } }
private ECPoint calculateU(SM2KeyExchangePublicParameters otherPub) { ECDomainParameters params = staticKey.getParameters(); ECPoint p1 = ECAlgorithms.cleanPoint(params.getCurve(), otherPub.getStaticPublicKey().getQ()); ECPoint p2 = ECAlgorithms.cleanPoint(params.getCurve(), otherPub.getEphemeralPublicKey().getQ()); BigInteger x1 = reduce(ephemeralPubPoint.getAffineXCoord().toBigInteger()); BigInteger x2 = reduce(p2.getAffineXCoord().toBigInteger()); BigInteger tA = staticKey.getD().add(x1.multiply(ephemeralKey.getD())); BigInteger k1 = ecParams.getH().multiply(tA).mod(ecParams.getN()); BigInteger k2 = k1.multiply(x2).mod(ecParams.getN()); return ECAlgorithms.sumOfTwoMultiplies(p1, k1, p2, k2).normalize(); }
public BigInteger calculateAgreement( CipherParameters pubKey) { ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey; ECDomainParameters params = pub.getParameters(); BigInteger hd = params.getH().multiply(key.getD()).mod(params.getN()); ECPoint P = pub.getQ().multiply(hd).normalize(); if (P.isInfinity()) { throw new IllegalStateException("Infinity is not a valid agreement value for ECDHC"); } return P.getAffineXCoord().toBigInteger(); } }
private static boolean isP256(ECParameterSpec params) { ECNamedCurveParameterSpec p256 = ECNamedCurveTable.getParameterSpec("P-256"); return (Objects.equals(p256.getN(), params.getOrder()) && Objects.equals(p256.getG().getAffineXCoord().toBigInteger(), params.getGenerator().getAffineX()) && Objects.equals(p256.getG().getAffineYCoord().toBigInteger(), params.getGenerator().getAffineY()) && Objects.equals(p256.getH(), BigInteger.valueOf(params.getCofactor())) ); }
public static ECPoint convertPoint(org.bouncycastle.math.ec.ECPoint point) { point = point.normalize(); return new ECPoint( point.getAffineXCoord().toBigInteger(), point.getAffineYCoord().toBigInteger()); } }
public BigInteger calculateAgreement(CipherParameters pubKey) { MQVPublicParameters pubParams = (MQVPublicParameters)pubKey; ECPrivateKeyParameters staticPrivateKey = privParams.getStaticPrivateKey(); ECPoint agreement = calculateMqvAgreement(staticPrivateKey.getParameters(), staticPrivateKey, privParams.getEphemeralPrivateKey(), privParams.getEphemeralPublicKey(), pubParams.getStaticPublicKey(), pubParams.getEphemeralPublicKey()).normalize(); if (agreement.isInfinity()) { throw new IllegalStateException("Infinity is not a valid agreement value for MQV"); } return agreement.getAffineXCoord().toBigInteger(); }
private byte[] getZ(Digest digest, byte[] userID, ECPoint pubPoint) { addUserID(digest, userID); addFieldElement(digest, ecParams.getCurve().getA()); addFieldElement(digest, ecParams.getCurve().getB()); addFieldElement(digest, ecParams.getG().getAffineXCoord()); addFieldElement(digest, ecParams.getG().getAffineYCoord()); addFieldElement(digest, pubPoint.getAffineXCoord()); addFieldElement(digest, pubPoint.getAffineYCoord()); return digestDoFinal(); }
public byte[] generateSignatureForMessage(byte[] userId, byte[] message) throws CryptoException { // CHECKSTYLE:SKIP byte[] z; if (userId == null) { // use default userId z = GMUtil.getSM2Z(GMObjectIdentifiers.sm2p256v1, pubPoint.getAffineXCoord().toBigInteger(), pubPoint.getAffineYCoord().toBigInteger()); } else { z = GMUtil.getSM2Z(userId, GMObjectIdentifiers.sm2p256v1, pubPoint.getAffineXCoord().toBigInteger(), pubPoint.getAffineYCoord().toBigInteger()); } digest.reset(); digest.update(z, 0, z.length); digest.update(message, 0, message.length); byte[] hash = new byte[digest.getDigestSize()]; digest.doFinal(hash, 0); return generateSignatureForHash(hash); }
private byte[] getZ(byte[] userID) { digest.reset(); addUserID(digest, userID); addFieldElement(digest, ecParams.getCurve().getA()); addFieldElement(digest, ecParams.getCurve().getB()); addFieldElement(digest, ecParams.getG().getAffineXCoord()); addFieldElement(digest, ecParams.getG().getAffineYCoord()); addFieldElement(digest, pubPoint.getAffineXCoord()); addFieldElement(digest, pubPoint.getAffineYCoord()); byte[] result = new byte[digest.getDigestSize()]; digest.doFinal(result, 0); return result; }
public byte[] apply(ECPoint S, byte[] fingerprint) throws IOException { // RFC Sections 7, 8 byte[] ZB = S.getAffineXCoord().getEncoded(); Digest digest = digestFactory.get(); digest.update((byte) 0x00); // 00 digest.update((byte) 0x00); // 00 digest.update((byte) 0x00); // 00 digest.update((byte) 0x01); // 01 digest.update(ZB, 0, ZB.length); // ZB // Params digest.update(formattedOid, 0, formattedOid.length); // curve_OID_len || curve_OID digest.update(publicKeyAlgID); // public_key_alg_ID digest.update((byte) 0x03); // 03 digest.update((byte) 0x01); // 01 digest.update(kdfHashID); // KDF_hash_ID digest.update(symAlgID); // KEK_alg_ID for AESKeyWrap digest.update(ANONYMOUS_SENDER, 0, ANONYMOUS_SENDER.length); // "Anonymous Sender " digest.update(fingerprint, 0, fingerprint.length); // recipient_fingerprint byte[] hash = new byte[digest.getDigestSize()]; digest.doFinal(hash, 0); return hash; }
public static byte[] getSM2Z(byte[] userID, ASN1ObjectIdentifier curveOid, BigInteger pubPointX, BigInteger pubPointY) { SM3Digest digest = new SM3Digest(); addUserId(digest, userID); X9ECParameters ecParams = GMNamedCurves.getByOID(curveOid); addFieldElement(digest, ecParams.getCurve().getA()); addFieldElement(digest, ecParams.getCurve().getB()); addFieldElement(digest, ecParams.getG().getAffineXCoord()); addFieldElement(digest, ecParams.getG().getAffineYCoord()); int fieldSize = (ecParams.getCurve().getFieldSize() + 7) / 8; byte[] bytes = BigIntegers.asUnsignedByteArray(fieldSize, pubPointX); digest.update(bytes, 0, fieldSize); bytes = BigIntegers.asUnsignedByteArray(fieldSize, pubPointY); digest.update(bytes, 0, fieldSize); byte[] result = new byte[digest.getDigestSize()]; digest.doFinal(result, 0); return result; }
public BCECGOST3410PublicKey( org.bouncycastle.jce.spec.ECPublicKeySpec spec, ProviderConfiguration configuration) { if (spec.getParams() != null) // can be null if implictlyCa { ECCurve curve = spec.getParams().getCurve(); EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed()); // this may seem a little long-winded but it's how we pick up the custom curve. this.ecPublicKey = new ECPublicKeyParameters( spec.getQ(), ECUtil.getDomainParameters(configuration, spec.getParams())); this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams()); } else { org.bouncycastle.jce.spec.ECParameterSpec s = configuration.getEcImplicitlyCa(); this.ecPublicKey = new ECPublicKeyParameters(s.getCurve().createPoint(spec.getQ().getAffineXCoord().toBigInteger(), spec.getQ().getAffineYCoord().toBigInteger()), EC5Util.getDomainParameters(configuration, (ECParameterSpec)null)); this.ecSpec = null; } }