/** * 取得用户标识字节数组 * * @param IDA * @param aPublicKey * @return */ private static byte[] ZA(String IDA, ECPoint aPublicKey) { byte[] idaBytes = IDA.getBytes(); int entlenA = idaBytes.length * 8; byte[] ENTLA = new byte[]{(byte) (entlenA & 0xFF00), (byte) (entlenA & 0x00FF)}; byte[] ZA = sm3hash(ENTLA, idaBytes, a.toByteArray(), b.toByteArray(), gx.toByteArray(), gy.toByteArray(), aPublicKey.getXCoord().toBigInteger().toByteArray(), aPublicKey.getYCoord().toBigInteger().toByteArray()); return ZA; }
/** * 判断生成的公钥是否合法 * * @param publicKey * @return */ private boolean checkPublicKey(ECPoint publicKey) { if (!publicKey.isInfinity()) { BigInteger x = publicKey.getXCoord().toBigInteger(); BigInteger y = publicKey.getYCoord().toBigInteger(); if (between(x, new BigInteger("0"), p) && between(y, new BigInteger("0"), p)) { BigInteger xResult = x.pow(3).add(a.multiply(x)).add(b).mod(p); BigInteger yResult = y.pow(2).mod(p); return yResult.equals(xResult) && publicKey.multiply(n).isInfinity(); } } return false; }
/** * 密钥确认最后一步 * * @param entity 传输实体 */ public void keyExchange_4(TransportEntity entity) { byte[] xV = V.getXCoord().toBigInteger().toByteArray(); byte[] yV = V.getYCoord().toBigInteger().toByteArray(); ECPoint RA = curve.decodePoint(entity.R).normalize(); byte[] s2 = sm3hash(new byte[]{0x03}, yV, sm3hash(xV, entity.Z, this.Z, RA.getXCoord().toBigInteger().toByteArray(), RA.getYCoord().toBigInteger().toByteArray(), this.RA.getXCoord().toBigInteger().toByteArray(), this.RA.getYCoord().toBigInteger().toByteArray())); if (Arrays.equals(entity.S, s2)) System.out.println("A->B 密钥确认成功"); else System.out.println("A->B 密钥确认失败"); } }
/** * 签名 * * @param M 签名信息 * @param IDA 签名方唯一标识 * @param keyPair 签名方密钥对 * @return 签名 */ public Signature sign(String M, String IDA, SM2KeyPair keyPair) { byte[] ZA = ZA(IDA, keyPair.getPublicKey()); byte[] M_ = join(ZA, M.getBytes()); BigInteger e = new BigInteger(1, sm3hash(M_)); // BigInteger k = new BigInteger( // "6CB28D99 385C175C 94F94E93 4817663F C176D925 DD72B727 260DBAAE // 1FB2F96F".replace(" ", ""), 16); BigInteger k; BigInteger r; do { k = random(n); ECPoint p1 = G.multiply(k).normalize(); BigInteger x1 = p1.getXCoord().toBigInteger(); r = e.add(x1); r = r.mod(n); } while (r.equals(BigInteger.ZERO) || r.add(k).equals(n)); BigInteger s = ((keyPair.getPrivateKey().add(BigInteger.ONE).modInverse(n)) .multiply((k.subtract(r.multiply(keyPair.getPrivateKey()))).mod(n))).mod(n); return new Signature(r, s); }
BigInteger x1 = RA.getXCoord().toBigInteger(); x1 = _2w.add(x1.and(_2w.subtract(BigInteger.ONE))); ECPoint RB = curve.decodePoint(entity.R).normalize(); BigInteger x2 = RB.getXCoord().toBigInteger(); x2 = _2w.add(x2.and(_2w.subtract(BigInteger.ONE))); this.V = U; byte[] xU = U.getXCoord().toBigInteger().toByteArray(); byte[] yU = U.getYCoord().toBigInteger().toByteArray(); byte[] KA = KDF(join(xU, yU, printHexString(KA); byte[] s1 = sm3hash(new byte[]{0x02}, yU, sm3hash(xU, this.Z, entity.Z, RA.getXCoord().toBigInteger().toByteArray(), RA.getYCoord().toBigInteger().toByteArray(), RB.getXCoord().toBigInteger().toByteArray(), RB.getYCoord().toBigInteger().toByteArray())); if (Arrays.equals(entity.S, s1)) System.out.println("B->A 密钥确认失败"); byte[] sA = sm3hash(new byte[]{0x03}, yU, sm3hash(xU, this.Z, entity.Z, RA.getXCoord().toBigInteger().toByteArray(), RA.getYCoord().toBigInteger().toByteArray(), RB.getXCoord().toBigInteger().toByteArray(), RB.getYCoord().toBigInteger().toByteArray()));
this.RA = RB; BigInteger x2 = RB.getXCoord().toBigInteger(); x2 = _2w.add(x2.and(_2w.subtract(BigInteger.ONE))); ECPoint RA = curve.decodePoint(entity.R).normalize(); BigInteger x1 = RA.getXCoord().toBigInteger(); x1 = _2w.add(x1.and(_2w.subtract(BigInteger.ONE))); this.V = V; byte[] xV = V.getXCoord().toBigInteger().toByteArray(); byte[] yV = V.getYCoord().toBigInteger().toByteArray(); byte[] KB = KDF(join(xV, yV, entity.Z, this.Z), 16); printHexString(KB); byte[] sB = sm3hash(new byte[]{0x02}, yV, sm3hash(xV, entity.Z, this.Z, RA.getXCoord().toBigInteger().toByteArray(), RA.getYCoord().toBigInteger().toByteArray(), RB.getXCoord().toBigInteger().toByteArray(), RB.getYCoord().toBigInteger().toByteArray())); return new TransportEntity(RB.getEncoded(false), sB, this.Z, keyPair.getPublicKey());
/** * 验签 * * @param M 签名信息 * @param signature 签名 * @param IDA 签名方唯一标识 * @param aPublicKey 签名方公钥 * @return true or false */ public boolean verify(String M, Signature signature, String IDA, ECPoint aPublicKey) { if (!between(signature.r, BigInteger.ONE, n)) return false; if (!between(signature.s, BigInteger.ONE, n)) return false; byte[] M_ = join(ZA(IDA, aPublicKey), M.getBytes()); BigInteger e = new BigInteger(1, sm3hash(M_)); BigInteger t = signature.r.add(signature.s).mod(n); if (t.equals(BigInteger.ZERO)) return false; ECPoint p1 = G.multiply(signature.s).normalize(); ECPoint p2 = aPublicKey.multiply(t).normalize(); BigInteger x1 = p1.add(p2).normalize().getXCoord().toBigInteger(); BigInteger R = e.add(x1).mod(n); if (R.equals(signature.r)) return true; return false; }
byte[] u = sm3hash(dBC1.getXCoord().toBigInteger().toByteArray(), M, dBC1.getYCoord().toBigInteger().toByteArray()); if (Arrays.equals(u, C3)) {
byte[] C3 = sm3hash(kpb.getXCoord().toBigInteger().toByteArray(), inputBuffer, kpb.getYCoord().toBigInteger().toByteArray());
/** * Normalizes this point, and then returns the affine x-coordinate. * * Note: normalization can be expensive, this method is deprecated in favour * of caller-controlled normalization. * * @deprecated Use getAffineXCoord(), or normalize() and getXCoord(), instead */ public ECFieldElement getX() { return normalize().getXCoord(); }
/** * Returns the affine x-coordinate after checking that this point is normalized. * * @return The affine x-coordinate of this point * @throws IllegalStateException if the point is not normalized */ public ECFieldElement getAffineXCoord() { checkNormalized(); return getXCoord(); }
/** * Returns the affine x-coordinate after checking that this point is normalized. * * @return The affine x-coordinate of this point * @throws IllegalStateException if the point is not normalized */ public ECFieldElement getAffineXCoord() { checkNormalized(); return getXCoord(); }
@Override protected void serializeExclusiveData(BinaryWriter writer) throws IOException { writer.writeVarBytes(Helper.removePrevZero(pubKey.getXCoord().toBigInteger().toByteArray())); writer.writeVarBytes(Helper.removePrevZero(pubKey.getYCoord().toBigInteger().toByteArray())); } }
@Override protected void serializeExclusiveData(BinaryWriter writer) throws IOException { writer.writeVarBytes(Helper.removePrevZero(pubKey.getXCoord().toBigInteger().toByteArray())); writer.writeVarBytes(Helper.removePrevZero(pubKey.getYCoord().toBigInteger().toByteArray())); } }
@Override protected void serializeExclusiveData(BinaryWriter writer) throws IOException { writer.writeInt(pubKeys.length); for (ECPoint pubkey : pubKeys) { writer.writeVarBytes(Helper.removePrevZero(pubkey.getXCoord().toBigInteger().toByteArray())); writer.writeVarBytes(Helper.removePrevZero(pubkey.getYCoord().toBigInteger().toByteArray())); } writer.writeSerializable(account); } }
@Override protected void serializeExclusiveData(BinaryWriter writer) throws IOException { writer.writeVarBytes(Helper.removePrevZero(issuer.getXCoord().toBigInteger().toByteArray())); writer.writeVarBytes(Helper.removePrevZero(issuer.getYCoord().toBigInteger().toByteArray())); writer.writeByte(action.value()); writer.writeVarBytes(cert); } }
@Override protected void serializeExclusiveData(BinaryWriter writer) throws IOException { writer.writeVarBytes(Helper.removePrevZero(issuer.getXCoord().toBigInteger().toByteArray())); writer.writeVarBytes(Helper.removePrevZero(issuer.getYCoord().toBigInteger().toByteArray())); writer.writeByte(action.value()); writer.writeVarBytes(cert); } }
@Override public ECPoint getW() { return new ECPoint( delegate.getQ().normalize().getXCoord().toBigInteger(), delegate.getQ().normalize().getYCoord().toBigInteger()); }
/** @return EC domain parameters. */ public ECParameterSpec getParams() { final ECDomainParameters params = delegate.getParameters(); return new ECParameterSpec( EC5Util.convertCurve(params.getCurve(), params.getSeed()), new ECPoint( params.getG().normalize().getXCoord().toBigInteger(), params.getG().normalize().getYCoord().toBigInteger()), params.getN(), params.getH().intValue()); }