Example usage for org.bouncycastle.math.ec ECPoint equals

List of usage examples for org.bouncycastle.math.ec ECPoint equals

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.math.ec.*
  5. ECPoint
  6. equals

Introduction

In this page you can find the example usage for org.bouncycastle.math.ec ECPoint equals.

Prototype

public boolean equals(Object other)

Source Link

Usage

From source file:org.cryptoworkshop.ximix.node.crypto.test.BasicShamirSharingTest.java

License:Apache License

private void doTest(ECDomainParameters domainParams, AsymmetricCipherKeyPair[] kps, int threshold,
        boolean shouldPass, int... missing) {
    int numberOfPeers = kps.length;

    // create the splitter for the peers/threshold over the order of the curve.
    ShamirSecretSplitter secretSplitter = new ShamirSecretSplitter(numberOfPeers, threshold,
            domainParams.getN(), new SecureRandom());

    // Having created a private key the server creates shares of that
    // private key. It would keep one share for itself and sends the others
    // shares to the other servers.
    BigInteger[][] privateKeyShares = new BigInteger[numberOfPeers][];
    BigInteger[] finalPrivateKeyShares = new BigInteger[numberOfPeers];
    for (int i = 0; i < numberOfPeers; i++) {
        privateKeyShares[i] = secretSplitter.split(((ECPrivateKeyParameters) kps[i].getPrivate()).getD())
                .getShares();/* ww  w.j  a  va2 s  .  co m*/
    }

    // Simulates distributing shares and combining them
    for (int i = 0; i < numberOfPeers; i++) {
        finalPrivateKeyShares[i] = privateKeyShares[0][i];
        for (int j = 1; j < numberOfPeers; j++) {
            finalPrivateKeyShares[i] = finalPrivateKeyShares[i].add(privateKeyShares[j][i]);
        }
    }

    ECPoint pubPoint = ((ECPublicKeyParameters) kps[0].getPublic()).getQ();

    for (int i = 1; i < numberOfPeers; i++) {
        pubPoint = pubPoint.add(((ECPublicKeyParameters) kps[i].getPublic()).getQ());
    }

    ECPublicKeyParameters jointPub = new ECPublicKeyParameters(pubPoint, domainParams);

    // Create a random plaintext
    ECPoint plaintext = generatePoint(domainParams, new SecureRandom());

    // Encrypt it using the joint public key
    ECEncryptor enc = new ECElGamalEncryptor();

    enc.init(new ParametersWithRandom(jointPub, new SecureRandom()));

    ECPair cipherText = enc.encrypt(plaintext);

    // do partial decrypts
    ECPoint[] partialDecs = new ECPoint[numberOfPeers];

    for (int i = 0; i < numberOfPeers; i++) {
        partialDecs[i] = cipherText.getX().multiply(finalPrivateKeyShares[i]);
    }

    // simulate missing peers
    for (int i = 0; i != missing.length; i++) {
        partialDecs[missing[i]] = null;
    }

    // decryption step
    LagrangeWeightCalculator lagrangeWeightCalculator = new LagrangeWeightCalculator(numberOfPeers,
            domainParams.getN());

    BigInteger[] weights = lagrangeWeightCalculator.computeWeights(partialDecs);

    // weighting
    ECPoint weightedDecryption = partialDecs[0].multiply(weights[0]);
    for (int i = 1; i < weights.length; i++) {
        if (partialDecs[i] != null) {
            weightedDecryption = weightedDecryption.add(partialDecs[i].multiply(weights[i]));
        }
    }

    // Do final decryption to recover plaintext ECPoint
    ECPoint decrypted = cipherText.getY().add(weightedDecryption.negate());

    Assert.assertEquals(shouldPass, plaintext.equals(decrypted));
}

From source file:org.cryptoworkshop.ximix.node.crypto.test.NewDKGTest.java

License:Apache License

private void doTest(ECDomainParameters domainParams, AsymmetricCipherKeyPair[] kps, int threshold,
        boolean shouldPass, int... missing) {
    int numberOfPeers = kps.length;

    // create the splitter for the peers/threshold over the order of the curve.
    ECPoint hVal = domainParams.getG().multiply(getRandomInteger(domainParams.getN(), new SecureRandom()));
    ECNewDKGSecretSplitter secretSplitter = new ECNewDKGSecretSplitter(numberOfPeers, threshold, hVal,
            domainParams, new SecureRandom());

    // Having created a private key the server creates shares of that
    // private key. It would keep one share for itself and sends the others
    // shares to the other servers.
    ECCommittedSplitSecret[] privateKeyShares = new ECCommittedSplitSecret[numberOfPeers];
    BigInteger[] finalPrivateKeyShares = new BigInteger[numberOfPeers];
    for (int i = 0; i < numberOfPeers; i++) {
        privateKeyShares[i] = secretSplitter.split(((ECPrivateKeyParameters) kps[i].getPrivate()).getD());
    }// w  w  w. j  av a  2  s  .  c o m

    // Simulates distributing shares and combining them
    for (int i = 0; i < numberOfPeers; i++) {
        finalPrivateKeyShares[i] = privateKeyShares[0].getShares()[i];
        for (int j = 1; j < numberOfPeers; j++) {
            finalPrivateKeyShares[i] = finalPrivateKeyShares[i].add(privateKeyShares[j].getShares()[i]);
        }
    }

    //
    // check the commitment values.
    //
    for (int i = 0; i != numberOfPeers; i++) {
        ECCommittedSecretShare[] shares = privateKeyShares[i].getCommittedShares();
        for (int j = 0; j != numberOfPeers; j++) {
            Assert.assertTrue(shares[j].isRevealed(j, domainParams, hVal));
        }
    }

    ECPoint pubPoint = ((ECPublicKeyParameters) kps[0].getPublic()).getQ();

    for (int i = 1; i < numberOfPeers; i++) {
        pubPoint = pubPoint.add(((ECPublicKeyParameters) kps[i].getPublic()).getQ());
    }

    ECPublicKeyParameters jointPub = new ECPublicKeyParameters(pubPoint, domainParams);

    //
    // check the public key commitment values.
    //
    for (int i = 0; i != numberOfPeers; i++) {
        BigInteger[] aCoefficients = privateKeyShares[i].getCoefficients();
        ECPoint[] qCommitments = new ECPoint[aCoefficients.length];

        for (int k = 0; k != qCommitments.length; k++) {
            qCommitments[k] = domainParams.getG().multiply(aCoefficients[k]);
        }

        for (int j = 0; j != numberOfPeers; j++) {
            ECPoint val = qCommitments[0];
            for (int k = 1; k != qCommitments.length; k++) {
                val = val.add(qCommitments[k].multiply(BigInteger.valueOf(j + 1).pow(k)));
            }

            Assert.assertEquals(domainParams.getG().multiply(privateKeyShares[i].getShares()[j]), val);
        }
    }

    // Create a random plaintext
    ECPoint plaintext = generatePoint(domainParams, new SecureRandom());

    // Encrypt it using the joint public key
    ECEncryptor enc = new ECElGamalEncryptor();

    enc.init(new ParametersWithRandom(jointPub, new SecureRandom()));

    ECPair cipherText = enc.encrypt(plaintext);

    // do partial decrypts
    ECPoint[] partialDecs = new ECPoint[numberOfPeers];

    for (int i = 0; i < numberOfPeers; i++) {
        partialDecs[i] = cipherText.getX().multiply(finalPrivateKeyShares[i]);
    }

    // simulate missing peers
    for (int i = 0; i != missing.length; i++) {
        partialDecs[missing[i]] = null;
    }

    // decryption step
    LagrangeWeightCalculator lagrangeWeightCalculator = new LagrangeWeightCalculator(numberOfPeers,
            domainParams.getN());

    BigInteger[] weights = lagrangeWeightCalculator.computeWeights(partialDecs);

    // weighting
    ECPoint weightedDecryption = partialDecs[0].multiply(weights[0]);
    for (int i = 1; i < weights.length; i++) {
        if (partialDecs[i] != null) {
            weightedDecryption = weightedDecryption.add(partialDecs[i].multiply(weights[i]));
        }
    }

    // Do final decryption to recover plaintext ECPoint
    ECPoint decrypted = cipherText.getY().add(weightedDecryption.negate());

    Assert.assertEquals(shouldPass, plaintext.equals(decrypted));
}

From source file:service.ACService.java

License:Open Source License

public AnonymousCertificate proveAttribute(int attrIndex) throws CardServiceException {
    BigInteger N = BigInteger.probablePrime(127, new SecureRandom());
    ECPoint nonce = c.getG().multiply(N);

    byte[][] data = new byte[2][];
    data[0] = new byte[1];
    data[0][0] = a[attrIndex].id;//from  w w  w  .  j  a  v  a 2s  . c  o m
    data[1] = toAPDU(nonce);
    CommandAPDU cmd = APDUprepare(GET_ATTRIBUTE, data, null);

    AnonymousCertificate result = new AnonymousCertificate();
    ResponseAPDU response = transmit(cmd);
    if (response.getSW() != 0x9000) {
        System.err.println("Request failed: " + response.getSW());
        return null;
    } else {
        byte[] resp = response.getData();
        int length, offset = 0;
        length = ((resp[offset] << 8) | (resp[offset + 1] & 0xff));
        result.signedNonce = fromAPDU(resp, offset);
        offset += length + 2;
        System.out.println("signedNonce: " + Hex.toHexString(result.signedNonce.toByteArray()));

        length = ((resp[offset] << 8) | (resp[offset + 1] & 0xff));
        result.blindedKey = fromAPDU(resp, offset);
        offset += length + 2;
        System.out.println("blindedKey:  " + Hex.toHexString(result.blindedKey.toByteArray()));

        length = ((resp[offset] << 8) | (resp[offset + 1] & 0xff));
        result.blindedSignature = fromAPDU(resp, offset);
        offset += length + 2;
        System.out.println("blindedSig:  " + Hex.toHexString(result.blindedSignature.toByteArray()));

        length = ((resp[offset] << 8) | (resp[offset + 1] & 0xff));
        offset += 2;
        result.attributeValue = new byte[length];
        System.arraycopy(resp, offset, result.attributeValue, 0, length);
        System.out.println("attribVal:   " + Hex.toHexString(result.attributeValue));
    }

    System.out.println("signedNonce: " + result.signedNonce);
    System.out.println("blindedKey:  " + result.blindedKey);
    System.out.println("blindedSig:  " + result.blindedSignature);
    System.out.println("attribVal:   " + new String(result.attributeValue));

    // *** NONCE SIGNATURE VERIFICATION ***
    long start = System.nanoTime();
    ECPoint sn = reconstructPoint(c, result.signedNonce, false);
    ECPoint bk = reconstructPoint(c, result.blindedKey, false);

    ECPoint bkn = bk.multiply(N);
    if (!bkn.equals(sn)) {
        if (!bkn.negate().equals(sn)) {
            System.out.println("Nonce verification failed");
            return null;
        } else {
        }
    } else {
    }
    System.out.println("Nonce verification succeeded");

    // *** PAIRING SIGNATURE VERIFICATION ***
    ECFieldElement e1 = c.R_atePairing(bk, saQ[attrIndex]);

    ECPoint bs = reconstructPoint(c, result.blindedSignature, false);
    ECFieldElement e2 = c.R_atePairing(bs, Q);

    ONE = new ECFieldElementFp12(new ECFieldElement.Fp(c.getQ(), BigInteger.valueOf(1)));

    if (!e1.equals(e2)) {
        if (!ONE.equals(e1.multiply(e2))) {
            System.out.println("Signature verification failed");
            return null;
        } else {
        }
    }
    System.out.println("Signature verification succeeded");

    long end = System.nanoTime();
    System.out.format(" d = %.2f ms\n", (end - start) / 1000000.0);
    return result;
}

From source file:terminal.GateClient.java

License:Open Source License

public BigInteger[] proveAttribute(int attrIndex) {
    log.append("---> Get Attributes");
    BigInteger N = BigInteger.probablePrime(127, random);
    ECPoint nonce = c.getG().multiply(N);
    BigInteger[] attr = card.getAttribute(a[attrIndex].id, nonce);
    if (attr == null) {
        return null;
    }//from  www  .  j a  v  a 2s. c  om
    for (BigInteger ti : attr) {
        System.out.println("attr: " + ti);
    }

    // *** NONCE SIGNATURE VERIFICATION ***
    long start = System.nanoTime();
    ECPoint sn = reconstructPoint(c, attr[CardInterface.SIGNED_NONCE], false);
    ECPoint bk = reconstructPoint(c, attr[CardInterface.BLINDED_KEY], false);

    ECPoint bkn = bk.multiply(N);
    if (!bkn.equals(sn)) {
        log.append("Nonce signature verification failed (n.bk != sn)");
        if (!bkn.negate().equals(sn)) {
            log.append("Nonce signature verification failed (-n.bk != sn)");
            return null;
        } else {
            log.append("Nonce signature verification succeeded (-n.bk == sn)");
        }
    } else {
        log.append("Nonce signature verification succeeded (n.bk == sn)");
    }

    // *** PAIRING SIGNATURE VERIFICATION ***
    ECFieldElement e1 = c.R_atePairing(bk, saQ[attrIndex]);

    ECPoint bs = reconstructPoint(c, attr[CardInterface.BLINDED_SIGNATURE], false);
    ECFieldElement e2 = c.R_atePairing(bs, Q);

    ONE = new ECFieldElementFp12(new ECFieldElement.Fp(c.getQ(), BigInteger.valueOf(1)));

    if (!e1.equals(e2)) {
        log.append("Pairing signature verification failed (e1 != e2)");
        if (!ONE.equals(e1.multiply(e2))) {
            log.append("Pairing signature verification failed (!equals ONE)");
            return null;
        } else {
            log.append("Pairing signature verification succeeded (equals ONE)");
        }
    } else {
        log.append("Pairing signature verification succeeded (e1 == e2)");
    }

    long end = System.nanoTime();
    log.append("*** VERIFICATION ***");
    System.out.format(" d = %.2f ms\n", (end - start) / 1000000.0);
    return attr;
}