136 lines
3.6 KiB
C#
136 lines
3.6 KiB
C#
using System;
|
|
using BigInt;
|
|
using System.Text;
|
|
using sharp.extensions;
|
|
|
|
namespace Crypto.EC
|
|
{
|
|
public class EllipticCurve
|
|
{
|
|
public Integer a { get; private set; }
|
|
public Integer b { get; private set; }
|
|
public Integer n { get; private set; }
|
|
public int h { get; private set; }
|
|
|
|
public CurvePoint G { get; private set; }
|
|
public IntField Fp { get; private set; }
|
|
|
|
public EllipticCurve(Integer p,Integer a,Integer b,Integer xG,Integer yG,Integer n,int h)
|
|
{
|
|
this.Fp = new IntField(p);
|
|
this.a = a;
|
|
this.b = b;
|
|
this.n = n;
|
|
this.h = h;
|
|
this.G = new CurvePoint(this, xG, yG);
|
|
|
|
if (!isOnCurve(this.G)){
|
|
throw new ArgumentException("G is not part of the curve");
|
|
}
|
|
}
|
|
|
|
public Integer Y2(Integer x){
|
|
|
|
Integer yy = x;
|
|
|
|
//Console.WriteLine("Y(x): X = {0}",x.toHexString());
|
|
//Console.WriteLine("Y(x): x^2 = {0}",yy.Pow(2).toHexString());
|
|
|
|
yy = yy.Pow(3);
|
|
|
|
//Console.WriteLine("Y(x): x^3 = {0}",yy.toHexString());
|
|
|
|
yy += (a * x);
|
|
|
|
//Console.WriteLine("Y(x): x^3 + ax = {0}",yy.toHexString());
|
|
|
|
yy += b;
|
|
|
|
//Console.WriteLine("Y(x) x^3 + ax + b = {0}",yy.toHexString());
|
|
|
|
yy %= (Integer)this.Fp.FieldModulo;
|
|
|
|
//Console.WriteLine("Y(x) mod p = {0}",yy.toHexString());
|
|
|
|
return yy;
|
|
}
|
|
|
|
public bool isOnCurve(CurvePoint p){
|
|
Integer py2 = this.Fp.Fit(p.Y.Pow(2));
|
|
Integer pcy2 = Y2(p.X);
|
|
|
|
//Console.WriteLine("CHECK A: {0}",py2.toHexString());
|
|
//Console.WriteLine("CHECK B: {0}",pcy2.toHexString());
|
|
|
|
return (py2 == pcy2);
|
|
}
|
|
|
|
public CurvePoint Add(CurvePoint p1, CurvePoint p2)
|
|
{
|
|
if (((object)p1 == null) || ((object)p2 == null))
|
|
{
|
|
throw new ArgumentException("SignedCurvePoints to be added must not be null");
|
|
}
|
|
|
|
if (p1.Curve != p2.Curve)
|
|
{
|
|
throw new ArgumentException("SignedCurvePoints to be added must belong to the same curve!");
|
|
}
|
|
|
|
if ((p1 != p2) && (p1.X == p2.X)){
|
|
return CurvePoint.INFINITY;
|
|
}
|
|
|
|
Integer lambda,divlambda;
|
|
|
|
if (p1 == p2){
|
|
lambda = Fp.Fit(3 * p1.X.Pow(2) + a);
|
|
divlambda = Fp.Fit(2 * p1.Y);
|
|
} else {
|
|
lambda = Fp.Fit(p2.Y - p1.Y);
|
|
divlambda = Fp.Fit(p2.X - p1.X);
|
|
}
|
|
|
|
lambda = lambda * Euclid.inverse(divlambda, Fp.FieldModulo);
|
|
|
|
Integer xR = (lambda.Pow(2) - p1.X - p2.X);
|
|
Integer yR = (lambda * (p1.X - xR)) - p1.Y;
|
|
|
|
xR = Fp.Fit(xR);
|
|
yR = Fp.Fit(yR);
|
|
|
|
return new CurvePoint(this, xR, yR);
|
|
}
|
|
|
|
public override string ToString()
|
|
{
|
|
StringBuilder sb = new StringBuilder();
|
|
sb.AppendFormat("[EllipticCurve] Fp={0}\n",(Fp == null) ? "" : Fp.ToString());
|
|
sb.AppendFormat("[EllipticCurve] a={0}\n",a.toHexString());
|
|
sb.AppendFormat("[EllipticCurve] b={0}\n",b.toHexString());
|
|
sb.AppendFormat("[EllipticCurve] Gx={0}\n",G.X.toHexString());
|
|
sb.AppendFormat("[EllipticCurve] Gy={0}\n",G.Y.toHexString());
|
|
sb.AppendFormat("[EllipticCurve] G on curve? {0}",isOnCurve(G));
|
|
|
|
return sb.ToString();
|
|
}
|
|
|
|
public static EllipticCurve createSecp256k1(){
|
|
Integer p = (Integer.ONE << 256);
|
|
p -= Integer.ONE;
|
|
p -= (Integer.ONE << 32);
|
|
p -= (Integer.ONE << 9);
|
|
p -= (Integer.ONE << 8);
|
|
p -= (Integer.ONE << 7);
|
|
p -= (Integer.ONE << 6);
|
|
p -= (Integer.ONE << 4);
|
|
|
|
Integer xG = Integer.fromHexString("79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798");
|
|
Integer yG = Integer.fromHexString("483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8");
|
|
|
|
Integer n = Integer.fromHexString("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141");
|
|
return new EllipticCurve(p, new Integer(0), new Integer(7), xG, yG, n, 1);
|
|
}
|
|
}
|
|
}
|