using System;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Math.EC;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Parameters;
namespace Org.BouncyCastle.Crypto.Agreement{
/**
* P1363 7.2.2 ECSVDP-DHC
*
* ECSVDP-DHC is Elliptic Curve Secret Value Derivation Primitive,
* Diffie-Hellman version with cofactor multiplication. It is based on
* the work of [DH76], [Mil86], [Kob87], [LMQ98] and [Kal98a]. This
* primitive derives a shared secret value from one party's private key
* and another party's public key, where both have the same set of EC
* domain parameters. If two parties correctly execute this primitive,
* they will produce the same output. This primitive can be invoked by a
* scheme to derive a shared secret key; specifically, it may be used
* with the schemes ECKAS-DH1 and DL/ECKAS-DH2. It does not assume the
* validity of the input public key (see also Section 7.2.1).
* <p>
* Note: As stated P1363 compatibility mode with ECDH can be preset, and
* in this case the implementation doesn't have a ECDH compatibility mode
* (if you want that just use ECDHBasicAgreement and note they both implement
* BasicAgreement!).</p>
*/
public class ECDHCBasicAgreement
: IBasicAgreement
{
private ECPrivateKeyParameters key;
public void Init(
ICipherParameters parameters)
{
if (parameters is ParametersWithRandom)
{
parameters = ((ParametersWithRandom) parameters).Parameters;
}
this.key = (ECPrivateKeyParameters)parameters;
}
public BigInteger CalculateAgreement(
ICipherParameters pubKey)
{
ECPublicKeyParameters pub = (ECPublicKeyParameters) pubKey;
ECDomainParameters parameters = pub.Parameters;
ECPoint P = pub.Q.Multiply(parameters.H.Multiply(key.D));
// if ( p.IsInfinity ) throw new Exception("Invalid public key");
return P.X.ToBigInteger();
}
}
}
|