/** * 取得用户标识字节数组 * * @param IDA * @param aPublicKey * @return */ private static byte[] ZA(String IDA, ECPoint aPublicKey) { byte[] idaBytes = IDA.getBytes(); int entlenA = idaBytes.length * 8; byte[] ENTLA = new byte[]{(byte) (entlenA & 0xFF00), (byte) (entlenA & 0x00FF)}; byte[] ZA = sm3hash(ENTLA, idaBytes, a.toByteArray(), b.toByteArray(), gx.toByteArray(), gy.toByteArray(), aPublicKey.getXCoord().toBigInteger().toByteArray(), aPublicKey.getYCoord().toBigInteger().toByteArray()); return ZA; }
/** * 密钥确认最后一步 * * @param entity 传输实体 */ public void keyExchange_4(TransportEntity entity) { byte[] xV = V.getXCoord().toBigInteger().toByteArray(); byte[] yV = V.getYCoord().toBigInteger().toByteArray(); ECPoint RA = curve.decodePoint(entity.R).normalize(); byte[] s2 = sm3hash(new byte[]{0x03}, yV, sm3hash(xV, entity.Z, this.Z, RA.getXCoord().toBigInteger().toByteArray(), RA.getYCoord().toBigInteger().toByteArray(), this.RA.getXCoord().toBigInteger().toByteArray(), this.RA.getYCoord().toBigInteger().toByteArray())); if (Arrays.equals(entity.S, s2)) System.out.println("A->B 密钥确认成功"); else System.out.println("A->B 密钥确认失败"); } }
/** * 判断生成的公钥是否合法 * * @param publicKey * @return */ private boolean checkPublicKey(ECPoint publicKey) { if (!publicKey.isInfinity()) { BigInteger x = publicKey.getXCoord().toBigInteger(); BigInteger y = publicKey.getYCoord().toBigInteger(); if (between(x, new BigInteger("0"), p) && between(y, new BigInteger("0"), p)) { BigInteger xResult = x.pow(3).add(a.multiply(x)).add(b).mod(p); BigInteger yResult = y.pow(2).mod(p); return yResult.equals(xResult) && publicKey.multiply(n).isInfinity(); } } return false; }
BigInteger x1 = RA.getXCoord().toBigInteger(); x1 = _2w.add(x1.and(_2w.subtract(BigInteger.ONE))); ECPoint RB = curve.decodePoint(entity.R).normalize(); BigInteger x2 = RB.getXCoord().toBigInteger(); x2 = _2w.add(x2.and(_2w.subtract(BigInteger.ONE))); this.V = U; byte[] xU = U.getXCoord().toBigInteger().toByteArray(); byte[] yU = U.getYCoord().toBigInteger().toByteArray(); byte[] KA = KDF(join(xU, yU, this.Z, entity.Z), 16); printHexString(KA); byte[] s1 = sm3hash(new byte[]{0x02}, yU, sm3hash(xU, this.Z, entity.Z, RA.getXCoord().toBigInteger().toByteArray(), RA.getYCoord().toBigInteger().toByteArray(), RB.getXCoord().toBigInteger().toByteArray(), RB.getYCoord().toBigInteger().toByteArray())); if (Arrays.equals(entity.S, s1)) System.out.println("B->A 密钥确认成功"); System.out.println("B->A 密钥确认失败"); byte[] sA = sm3hash(new byte[]{0x03}, yU, sm3hash(xU, this.Z, entity.Z, RA.getXCoord().toBigInteger().toByteArray(), RA.getYCoord().toBigInteger().toByteArray(), RB.getXCoord().toBigInteger().toByteArray(), RB.getYCoord().toBigInteger().toByteArray()));
this.RA = RB; BigInteger x2 = RB.getXCoord().toBigInteger(); x2 = _2w.add(x2.and(_2w.subtract(BigInteger.ONE))); ECPoint RA = curve.decodePoint(entity.R).normalize(); BigInteger x1 = RA.getXCoord().toBigInteger(); x1 = _2w.add(x1.and(_2w.subtract(BigInteger.ONE))); this.V = V; byte[] xV = V.getXCoord().toBigInteger().toByteArray(); byte[] yV = V.getYCoord().toBigInteger().toByteArray(); byte[] KB = KDF(join(xV, yV, entity.Z, this.Z), 16); key = KB; printHexString(KB); byte[] sB = sm3hash(new byte[]{0x02}, yV, sm3hash(xV, entity.Z, this.Z, RA.getXCoord().toBigInteger().toByteArray(), RA.getYCoord().toBigInteger().toByteArray(), RB.getXCoord().toBigInteger().toByteArray(), RB.getYCoord().toBigInteger().toByteArray())); return new TransportEntity(RB.getEncoded(false), sB, this.Z, keyPair.getPublicKey());
/** * 签名 * * @param M 签名信息 * @param IDA 签名方唯一标识 * @param keyPair 签名方密钥对 * @return 签名 */ public Signature sign(String M, String IDA, SM2KeyPair keyPair) { byte[] ZA = ZA(IDA, keyPair.getPublicKey()); byte[] M_ = join(ZA, M.getBytes()); BigInteger e = new BigInteger(1, sm3hash(M_)); // BigInteger k = new BigInteger( // "6CB28D99 385C175C 94F94E93 4817663F C176D925 DD72B727 260DBAAE // 1FB2F96F".replace(" ", ""), 16); BigInteger k; BigInteger r; do { k = random(n); ECPoint p1 = G.multiply(k).normalize(); BigInteger x1 = p1.getXCoord().toBigInteger(); r = e.add(x1); r = r.mod(n); } while (r.equals(BigInteger.ZERO) || r.add(k).equals(n)); BigInteger s = ((keyPair.getPrivateKey().add(BigInteger.ONE).modInverse(n)) .multiply((k.subtract(r.multiply(keyPair.getPrivateKey()))).mod(n))).mod(n); return new Signature(r, s); }
/** * 验签 * * @param M 签名信息 * @param signature 签名 * @param IDA 签名方唯一标识 * @param aPublicKey 签名方公钥 * @return true or false */ public boolean verify(String M, Signature signature, String IDA, ECPoint aPublicKey) { if (!between(signature.r, BigInteger.ONE, n)) return false; if (!between(signature.s, BigInteger.ONE, n)) return false; byte[] M_ = join(ZA(IDA, aPublicKey), M.getBytes()); BigInteger e = new BigInteger(1, sm3hash(M_)); BigInteger t = signature.r.add(signature.s).mod(n); if (t.equals(BigInteger.ZERO)) return false; ECPoint p1 = G.multiply(signature.s).normalize(); ECPoint p2 = aPublicKey.multiply(t).normalize(); BigInteger x1 = p1.add(p2).normalize().getXCoord().toBigInteger(); BigInteger R = e.add(x1).mod(n); if (R.equals(signature.r)) return true; return false; }
byte[] u = sm3hash(dBC1.getXCoord().toBigInteger().toByteArray(), M, dBC1.getYCoord().toBigInteger().toByteArray()); if (Arrays.equals(u, C3)) { try {
byte[] C3 = sm3hash(kpb.getXCoord().toBigInteger().toByteArray(), inputBuffer, kpb.getYCoord().toBigInteger().toByteArray());
public ECFieldElement multiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) { BigInteger ax = this.x, bx = b.toBigInteger(), xx = x.toBigInteger(), yx = y.toBigInteger(); BigInteger ab = ax.multiply(bx); BigInteger xy = xx.multiply(yx); return new Fp(q, r, modReduce(ab.add(xy))); }
public ECFieldElement squarePlusProduct(ECFieldElement x, ECFieldElement y) { BigInteger ax = this.x, xx = x.toBigInteger(), yx = y.toBigInteger(); BigInteger aa = ax.multiply(ax); BigInteger xy = xx.multiply(yx); return new Fp(q, r, modReduce(aa.add(xy))); }
public ECFieldElement squareMinusProduct(ECFieldElement x, ECFieldElement y) { BigInteger ax = this.x, xx = x.toBigInteger(), yx = y.toBigInteger(); BigInteger aa = ax.multiply(ax); BigInteger xy = xx.multiply(yx); return new Fp(q, r, modReduce(aa.subtract(xy))); }
public boolean equals(ECCurve other) { return this == other || (null != other && getField().equals(other.getField()) && getA().toBigInteger().equals(other.getA().toBigInteger()) && getB().toBigInteger().equals(other.getB().toBigInteger())); }
@SuppressWarnings("deprecation") public static byte[] getKeyAsRawBytes( org.bouncycastle.jce.interfaces.ECPublicKey pub) throws IOException { byte[] raw; ByteArrayOutputStream bos = new ByteArrayOutputStream(65); bos.write(0x04); bos.write(asUnsignedByteArray(pub.getQ().getX().toBigInteger())); bos.write(asUnsignedByteArray(pub.getQ().getY().toBigInteger())); raw = bos.toByteArray(); logger.info("Raw key length:" + raw.length); return raw; }
public static ECPoint convertPoint(org.bouncycastle.math.ec.ECPoint point) { point = point.normalize(); return new ECPoint( point.getAffineXCoord().toBigInteger(), point.getAffineYCoord().toBigInteger()); } }
private static EllipticCurve convertCurve( ECCurve curve, byte[] seed) { ECField field = convertField(curve.getField()); BigInteger a = curve.getA().toBigInteger(), b = curve.getB().toBigInteger(); return new EllipticCurve(field, a, b, seed); }
public static EllipticCurve convertCurve( ECCurve curve, byte[] seed) { ECField field = convertField(curve.getField()); BigInteger a = curve.getA().toBigInteger(), b = curve.getB().toBigInteger(); // TODO: the Sun EC implementation doesn't currently handle the seed properly // so at the moment it's set to null. Should probably look at making this configurable return new EllipticCurve(field, a, b, null); }
private BigInteger getScalarMultipleXCoord(ECPoint p, BigInteger s) { return _fixedPointMultiplier.multiply(p, s).normalize().getAffineXCoord().toBigInteger(); } }
private ECPoint calculateU(SM2KeyExchangePublicParameters otherPub) { ECDomainParameters params = staticKey.getParameters(); ECPoint p1 = ECAlgorithms.cleanPoint(params.getCurve(), otherPub.getStaticPublicKey().getQ()); ECPoint p2 = ECAlgorithms.cleanPoint(params.getCurve(), otherPub.getEphemeralPublicKey().getQ()); BigInteger x1 = reduce(ephemeralPubPoint.getAffineXCoord().toBigInteger()); BigInteger x2 = reduce(p2.getAffineXCoord().toBigInteger()); BigInteger tA = staticKey.getD().add(x1.multiply(ephemeralKey.getD())); BigInteger k1 = ecParams.getH().multiply(tA).mod(ecParams.getN()); BigInteger k2 = k1.multiply(x2).mod(ecParams.getN()); return ECAlgorithms.sumOfTwoMultiplies(p1, k1, p2, k2).normalize(); }
public void dofinal(byte c3[]) { byte p[] = Util.byteConvert32Bytes(p2.getY().toBigInteger()); this.sm3c3.update(p, 0, p.length); this.sm3c3.doFinal(c3, 0); reset(); } }