X9Curve.cs
4.81 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
using System;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Math.EC;
using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Asn1.X9
{
/**
* ASN.1 def for Elliptic-Curve Curve structure. See
* X9.62, for further details.
*/
public class X9Curve
: Asn1Encodable
{
private readonly ECCurve curve;
private readonly byte[] seed;
private readonly DerObjectIdentifier fieldIdentifier;
public X9Curve(
ECCurve curve)
: this(curve, null)
{
}
public X9Curve(
ECCurve curve,
byte[] seed)
{
if (curve == null)
throw new ArgumentNullException("curve");
this.curve = curve;
this.seed = Arrays.Clone(seed);
if (ECAlgorithms.IsFpCurve(curve))
{
this.fieldIdentifier = X9ObjectIdentifiers.PrimeField;
}
else if (ECAlgorithms.IsF2mCurve(curve))
{
this.fieldIdentifier = X9ObjectIdentifiers.CharacteristicTwoField;
}
else
{
throw new ArgumentException("This type of ECCurve is not implemented");
}
}
public X9Curve(
X9FieldID fieldID,
Asn1Sequence seq)
{
if (fieldID == null)
throw new ArgumentNullException("fieldID");
if (seq == null)
throw new ArgumentNullException("seq");
this.fieldIdentifier = fieldID.Identifier;
if (fieldIdentifier.Equals(X9ObjectIdentifiers.PrimeField))
{
BigInteger q = ((DerInteger) fieldID.Parameters).Value;
X9FieldElement x9A = new X9FieldElement(q, (Asn1OctetString) seq[0]);
X9FieldElement x9B = new X9FieldElement(q, (Asn1OctetString) seq[1]);
curve = new FpCurve(q, x9A.Value.ToBigInteger(), x9B.Value.ToBigInteger());
}
else
{
if (fieldIdentifier.Equals(X9ObjectIdentifiers.CharacteristicTwoField))
{
// Characteristic two field
DerSequence parameters = (DerSequence)fieldID.Parameters;
int m = ((DerInteger)parameters[0]).Value.IntValue;
DerObjectIdentifier representation
= (DerObjectIdentifier)parameters[1];
int k1 = 0;
int k2 = 0;
int k3 = 0;
if (representation.Equals(X9ObjectIdentifiers.TPBasis))
{
// Trinomial basis representation
k1 = ((DerInteger)parameters[2]).Value.IntValue;
}
else
{
// Pentanomial basis representation
DerSequence pentanomial = (DerSequence) parameters[2];
k1 = ((DerInteger) pentanomial[0]).Value.IntValue;
k2 = ((DerInteger) pentanomial[1]).Value.IntValue;
k3 = ((DerInteger) pentanomial[2]).Value.IntValue;
}
X9FieldElement x9A = new X9FieldElement(m, k1, k2, k3, (Asn1OctetString)seq[0]);
X9FieldElement x9B = new X9FieldElement(m, k1, k2, k3, (Asn1OctetString)seq[1]);
// TODO Is it possible to get the order (n) and cofactor(h) too?
curve = new F2mCurve(m, k1, k2, k3, x9A.Value.ToBigInteger(), x9B.Value.ToBigInteger());
}
}
if (seq.Count == 3)
{
seed = ((DerBitString) seq[2]).GetBytes();
}
}
public ECCurve Curve
{
get { return curve; }
}
public byte[] GetSeed()
{
return Arrays.Clone(seed);
}
/**
* Produce an object suitable for an Asn1OutputStream.
* <pre>
* Curve ::= Sequence {
* a FieldElement,
* b FieldElement,
* seed BIT STRING OPTIONAL
* }
* </pre>
*/
public override Asn1Object ToAsn1Object()
{
Asn1EncodableVector v = new Asn1EncodableVector();
if (fieldIdentifier.Equals(X9ObjectIdentifiers.PrimeField)
|| fieldIdentifier.Equals(X9ObjectIdentifiers.CharacteristicTwoField))
{
v.Add(new X9FieldElement(curve.A).ToAsn1Object());
v.Add(new X9FieldElement(curve.B).ToAsn1Object());
}
if (seed != null)
{
v.Add(new DerBitString(seed));
}
return new DerSequence(v);
}
}
}