org.bouncycastle.math.ec.ECFieldElement Java Examples
The following examples show how to use
org.bouncycastle.math.ec.ECFieldElement.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: ECPointsCompact.java From InflatableDonkey with MIT License | 6 votes |
|
@Deprecated
public static ECPoint decompressFPPoint(ECCurve curve, BigInteger X) {
// See Andrey Jivsov https://www.ietf.org/archive/id/draft-jivsov-ecc-compact-05.txt.
ECFieldElement x = curve.fromBigInteger(X);
ECFieldElement rhs = x.square().add(curve.getA()).multiply(x).add(curve.getB());
// y' = sqrt( C(x) ), where y'>0
ECFieldElement yTilde = rhs.sqrt();
if (yTilde == null) {
throw new IllegalArgumentException("invalid point compression");
}
// y = min(y',p-y')
BigInteger yT = yTilde.toBigInteger();
BigInteger yTn = yTilde.negate().toBigInteger();
BigInteger y = yT.compareTo(yTn) == -1 ? yT : yTn;
// Q=(x,y) is the canonical representation of the point
ECPoint Q = curve.createPoint(X, y);
return Q;
}
Example #2
| Source File: Signature.java From etherjar with Apache License 2.0 | 6 votes |
|
/**
* Decompress a compressed public key (x coordinate and low-bit of y-coordinate).
*
* @param xBN X-coordinate
* @param yBit Sign of Y-coordinate
* @return Uncompressed public key
*/
private static ECPoint decompressKey(BigInteger xBN, boolean yBit) {
SecP256K1Curve curve = (SecP256K1Curve)ecParams.getCurve();
ECFieldElement x = curve.fromBigInteger(xBN);
ECFieldElement alpha = x.multiply(x.square().add(curve.getA())).add(curve.getB());
ECFieldElement beta = alpha.sqrt();
if (beta == null)
throw new IllegalArgumentException("Invalid point compression");
ECPoint ecPoint;
BigInteger nBeta = beta.toBigInteger();
if (nBeta.testBit(0) == yBit) {
ecPoint = curve.createPoint(x.toBigInteger(), nBeta);
} else {
ECFieldElement y = curve.fromBigInteger(curve.getQ().subtract(nBeta));
ecPoint = curve.createPoint(x.toBigInteger(), y.toBigInteger());
}
return ecPoint;
}
Example #3
| Source File: ECPointUtil.java From besu with Apache License 2.0 | 5 votes |
|
public static ECPoint fromBouncyCastleECPoint(
final org.bouncycastle.math.ec.ECPoint bouncyCastleECPoint) {
final ECFieldElement xCoord = bouncyCastleECPoint.getAffineXCoord();
final ECFieldElement yCoord = bouncyCastleECPoint.getAffineYCoord();
final Bytes32 xEncoded = Bytes32.wrap(xCoord.getEncoded());
final Bytes32 yEncoded = Bytes32.wrap(yCoord.getEncoded());
final BigInteger x = xEncoded.toUnsignedBigInteger();
final BigInteger y = yEncoded.toUnsignedBigInteger();
return new ECPoint(x, y);
}
Example #4
| Source File: LazyECPoint.java From nuls-v2 with MIT License | 4 votes |
|
public ECFieldElement getY() {
return this.normalize().getYCoord();
}
Example #5
| Source File: GMUtil.java From xipki with Apache License 2.0 | 4 votes |
|
private static void addFieldElement(Digest digest, ECFieldElement element) {
byte[] encoded = element.getEncoded();
digest.update(encoded, 0, encoded.length);
}
Example #6
| Source File: ECDSASigner.java From web3sdk with Apache License 2.0 | 4 votes |
|
/**
* return true if the value r and s represent a DSA signature for the passed in message (for
* standard DSA the message should be a SHA-1 hash of the real message to be verified).
*/
@Override
public boolean verifySignature(byte[] message, BigInteger r, BigInteger s) {
ECDomainParameters ec = key.getParameters();
BigInteger n = ec.getN();
BigInteger e = calculateE(n, message);
// r in the range [1,n-1]
if (r.compareTo(ONE) < 0 || r.compareTo(n) >= 0) {
return false;
}
// s in the range [1,n-1]
if (s.compareTo(ONE) < 0 || s.compareTo(n) >= 0) {
return false;
}
BigInteger c = s.modInverse(n);
BigInteger u1 = e.multiply(c).mod(n);
BigInteger u2 = r.multiply(c).mod(n);
ECPoint G = ec.getG();
ECPoint Q = ((ECPublicKeyParameters) key).getQ();
ECPoint point = ECAlgorithms.sumOfTwoMultiplies(G, u1, Q, u2);
// components must be bogus.
if (point.isInfinity()) {
return false;
}
/*
* If possible, avoid normalizing the point (to save a modular inversion in the curve field).
*
* There are ~cofactor elements of the curve field that reduce (modulo the group order) to 'r'.
* If the cofactor is known and small, we generate those possible field values and project each
* of them to the same "denominator" (depending on the particular projective coordinates in use)
* as the calculated point.X. If any of the projected values matches point.X, then we have:
* (point.X / Denominator mod p) mod n == r
* as required, and verification succeeds.
*
* Based on an original idea by Gregory Maxwell (https://github.com/gmaxwell), as implemented in
* the libsecp256k1 project (https://github.com/bitcoin/secp256k1).
*/
ECCurve curve = point.getCurve();
if (curve != null) {
BigInteger cofactor = curve.getCofactor();
if (cofactor != null && cofactor.compareTo(EIGHT) <= 0) {
ECFieldElement D = getDenominator(curve.getCoordinateSystem(), point);
if (D != null && !D.isZero()) {
ECFieldElement X = point.getXCoord();
while (curve.isValidFieldElement(r)) {
ECFieldElement R = curve.fromBigInteger(r).multiply(D);
if (R.equals(X)) {
return true;
}
r = r.add(n);
}
return false;
}
}
}
BigInteger v = point.normalize().getAffineXCoord().toBigInteger().mod(n);
return v.equals(r);
}
Example #7
| Source File: SM2Signer.java From web3sdk with Apache License 2.0 | 4 votes |
|
private void addFieldElement(Digest digest, ECFieldElement v) {
byte[] p = v.getEncoded();
digest.update(p, 0, p.length);
}
Example #8
| Source File: LazyECPoint.java From nuls-v2 with MIT License | 4 votes |
|
public ECFieldElement getX() {
return this.normalize().getXCoord();
}
Example #9
| Source File: LazyECPoint.java From nuls-v2 with MIT License | 4 votes |
|
public ECFieldElement getAffineXCoord() {
return get().getAffineXCoord();
}
Example #10
| Source File: LazyECPoint.java From nuls-v2 with MIT License | 4 votes |
|
public ECFieldElement getAffineYCoord() {
return get().getAffineYCoord();
}
Example #11
| Source File: LazyECPoint.java From nuls-v2 with MIT License | 4 votes |
|
public ECFieldElement getZCoord(int index) {
return get().getZCoord(index);
}
Example #12
| Source File: LazyECPoint.java From nuls-v2 with MIT License | 4 votes |
|
public ECPoint scaleX(ECFieldElement scale) {
return get().scaleX(scale);
}
Example #13
| Source File: LazyECPoint.java From nuls-v2 with MIT License | 4 votes |
|
public ECFieldElement getXCoord() {
return get().getXCoord();
}
Example #14
| Source File: LazyECPoint.java From nuls-v2 with MIT License | 4 votes |
|
public ECPoint scaleY(ECFieldElement scale) {
return get().scaleY(scale);
}
Example #15
| Source File: LazyECPoint.java From nuls-v2 with MIT License | 4 votes |
|
public ECFieldElement[] getZCoords() {
return get().getZCoords();
}
Example #16
| Source File: LazyECPoint.java From nuls-v2 with MIT License | 4 votes |
|
public ECFieldElement getYCoord() {
return get().getYCoord();
}
Example #17
| Source File: SM2PreprocessSigner.java From gmhelper with Apache License 2.0 | 4 votes |
|
private void addFieldElement(Digest digest, ECFieldElement v) {
byte[] p = v.getEncoded();
digest.update(p, 0, p.length);
}
