01: package org.bouncycastle.crypto.agreement;
02:
03: import java.math.BigInteger;
04:
05: import org.bouncycastle.math.ec.ECPoint;
06:
07: import org.bouncycastle.crypto.BasicAgreement;
08: import org.bouncycastle.crypto.CipherParameters;
09: import org.bouncycastle.crypto.params.ECPublicKeyParameters;
10: import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
11:
12: /**
13: * P1363 7.2.1 ECSVDP-DH
14: *
15: * ECSVDP-DH is Elliptic Curve Secret Value Derivation Primitive,
16: * Diffie-Hellman version. It is based on the work of [DH76], [Mil86],
17: * and [Kob87]. This primitive derives a shared secret value from one
18: * party's private key and another party's public key, where both have
19: * the same set of EC domain parameters. If two parties correctly
20: * execute this primitive, they will produce the same output. This
21: * primitive can be invoked by a scheme to derive a shared secret key;
22: * specifically, it may be used with the schemes ECKAS-DH1 and
23: * DL/ECKAS-DH2. It assumes that the input keys are valid (see also
24: * Section 7.2.2).
25: */
26: public class ECDHBasicAgreement implements BasicAgreement {
27: private ECPrivateKeyParameters key;
28:
29: public void init(CipherParameters key) {
30: this .key = (ECPrivateKeyParameters) key;
31: }
32:
33: public BigInteger calculateAgreement(CipherParameters pubKey) {
34: ECPublicKeyParameters pub = (ECPublicKeyParameters) pubKey;
35: ECPoint P = pub.getQ().multiply(key.getD());
36:
37: // if (p.isInfinity()) throw new RuntimeException("d*Q == infinity");
38:
39: return P.getX().toBigInteger();
40: }
41: }
|