Search in sources :

Example 6 with Ed25519EncodedGroupElement

use of io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement in project nem2-sdk-java by nemtech.

the class Ed25519DsaSigner method sign.

@Override
public Signature sign(final byte[] data) {
    if (!this.getKeyPair().hasPrivateKey()) {
        throw new CryptoException("cannot sign without private key");
    }
    // Hash the private key to improve randomness.
    final byte[] hash = Hashes.sha3_512(this.getKeyPair().getPrivateKey().getBytes());
    // r = H(hash_b,...,hash_2b-1, data) where b=256.
    final Ed25519EncodedFieldElement r = new Ed25519EncodedFieldElement(Hashes.sha3_512(// only include the last 32 bytes of the private key hash
    Arrays.copyOfRange(hash, 32, 64), data));
    // Reduce size of r since we are calculating mod group order anyway
    final Ed25519EncodedFieldElement rModQ = r.modQ();
    // R = rModQ * base point.
    final Ed25519GroupElement R = Ed25519Group.BASE_POINT.scalarMultiply(rModQ);
    final Ed25519EncodedGroupElement encodedR = R.encode();
    // S = (r + H(encodedR, encodedA, data) * a) mod group order where
    // encodedR and encodedA are the little endian encodings of the group element R and the public key A and
    // a is the lower 32 bytes of hash after clamping.
    final Ed25519EncodedFieldElement h = new Ed25519EncodedFieldElement(Hashes.sha3_512(encodedR.getRaw(), this.getKeyPair().getPublicKey().getRaw(), data));
    final Ed25519EncodedFieldElement hModQ = h.modQ();
    final Ed25519EncodedFieldElement encodedS = hModQ.multiplyAndAddModQ(Ed25519Utils.prepareForScalarMultiply(this.getKeyPair().getPrivateKey()), rModQ);
    // Signature is (encodedR, encodedS)
    final Signature signature = new Signature(encodedR.getRaw(), encodedS.getRaw());
    if (!this.isCanonicalSignature(signature)) {
        throw new CryptoException("Generated signature is not canonical");
    }
    return signature;
}
Also used : Ed25519EncodedFieldElement(io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedFieldElement) Ed25519GroupElement(io.nem.core.crypto.ed25519.arithmetic.Ed25519GroupElement) Ed25519EncodedGroupElement(io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement)

Example 7 with Ed25519EncodedGroupElement

use of io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement in project nem-library by rosklyar.

the class Ed25519DsaSigner method sign.

@Override
public Signature sign(final byte[] data) {
    if (!this.getKeyPair().hasPrivateKey()) {
        throw new CryptoException("cannot sign without private key");
    }
    // Hash the private key to improve randomness.
    final byte[] hash = Hashes.sha3_512(ArrayUtils.toByteArray(this.getKeyPair().getPrivateKey().getRaw(), 32));
    // r = H(hash_b,...,hash_2b-1, data) where b=256.
    final Ed25519EncodedFieldElement r = new Ed25519EncodedFieldElement(Hashes.sha3_512(// only include the last 32 bytes of the private key hash
    Arrays.copyOfRange(hash, 32, 64), data));
    // Reduce size of r since we are calculating mod group order anyway
    final Ed25519EncodedFieldElement rModQ = r.modQ();
    // R = rModQ * base point.
    final Ed25519GroupElement R = Ed25519Group.BASE_POINT.scalarMultiply(rModQ);
    final Ed25519EncodedGroupElement encodedR = R.encode();
    // S = (r + H(encodedR, encodedA, data) * a) mod group order where
    // encodedR and encodedA are the little endian encodings of the group element R and the public key A and
    // a is the lower 32 bytes of hash after clamping.
    final Ed25519EncodedFieldElement h = new Ed25519EncodedFieldElement(Hashes.sha3_512(encodedR.getRaw(), this.getKeyPair().getPublicKey().getRaw(), data));
    final Ed25519EncodedFieldElement hModQ = h.modQ();
    final Ed25519EncodedFieldElement encodedS = hModQ.multiplyAndAddModQ(Ed25519Utils.prepareForScalarMultiply(this.getKeyPair().getPrivateKey()), rModQ);
    // Signature is (encodedR, encodedS)
    final Signature signature = new Signature(encodedR.getRaw(), encodedS.getRaw());
    if (!this.isCanonicalSignature(signature)) {
        throw new CryptoException("Generated signature is not canonical");
    }
    return signature;
}
Also used : Signature(com.github.rosklyar.crypto.Signature) Ed25519EncodedFieldElement(com.github.rosklyar.crypto.ed25519.arithmetic.Ed25519EncodedFieldElement) Ed25519GroupElement(com.github.rosklyar.crypto.ed25519.arithmetic.Ed25519GroupElement) CryptoException(com.github.rosklyar.crypto.CryptoException) Ed25519EncodedGroupElement(com.github.rosklyar.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement)

Example 8 with Ed25519EncodedGroupElement

use of io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement in project nem2-sdk-java by nemtech.

the class Ed25519BlockCipher method getSharedSecret.

public static byte[] getSharedSecret(final PrivateKey privateKey, final PublicKey publicKey) {
    final Ed25519GroupElement senderA = new Ed25519EncodedGroupElement(publicKey.getBytes()).decode();
    senderA.precomputeForScalarMultiplication();
    return senderA.scalarMultiply(Ed25519Utils.prepareForScalarMultiply(privateKey)).encode().getRaw();
}
Also used : Ed25519GroupElement(io.nem.symbol.core.crypto.ed25519.arithmetic.Ed25519GroupElement) Ed25519EncodedGroupElement(io.nem.symbol.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement)

Example 9 with Ed25519EncodedGroupElement

use of io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement in project nem2-sdk-java by nemtech.

the class Ed25519KeyGeneratorTest method derivedPublicKeyIsValidPointOnCurve.

@Test
public void derivedPublicKeyIsValidPointOnCurve() {
    // Arrange:
    final KeyGenerator generator = this.getKeyGenerator();
    for (int i = 0; i < 100; i++) {
        final KeyPair kp = generator.generateKeyPair();
        // Act:
        final PublicKey publicKey = generator.derivePublicKey(kp.getPrivateKey());
        // Assert (throws if not on the curve):
        Ed25519GroupElement decode = new Ed25519EncodedGroupElement(publicKey.getBytes()).decode();
        Assertions.assertNotNull(decode);
    }
}
Also used : KeyPair(io.nem.symbol.core.crypto.KeyPair) PublicKey(io.nem.symbol.core.crypto.PublicKey) Ed25519GroupElement(io.nem.symbol.core.crypto.ed25519.arithmetic.Ed25519GroupElement) KeyGenerator(io.nem.symbol.core.crypto.KeyGenerator) Ed25519EncodedGroupElement(io.nem.symbol.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement) Test(org.junit.jupiter.api.Test) KeyGeneratorTest(io.nem.symbol.core.crypto.KeyGeneratorTest)

Aggregations

Ed25519EncodedGroupElement (io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement)4 Ed25519EncodedGroupElement (io.nem.symbol.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement)4 Ed25519GroupElement (io.nem.symbol.core.crypto.ed25519.arithmetic.Ed25519GroupElement)4 Ed25519GroupElement (io.nem.core.crypto.ed25519.arithmetic.Ed25519GroupElement)3 Ed25519EncodedFieldElement (io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedFieldElement)2 Hasher (io.nem.symbol.core.crypto.Hasher)2 Ed25519EncodedFieldElement (io.nem.symbol.core.crypto.ed25519.arithmetic.Ed25519EncodedFieldElement)2 CryptoException (com.github.rosklyar.crypto.CryptoException)1 Signature (com.github.rosklyar.crypto.Signature)1 Ed25519EncodedFieldElement (com.github.rosklyar.crypto.ed25519.arithmetic.Ed25519EncodedFieldElement)1 Ed25519EncodedGroupElement (com.github.rosklyar.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement)1 Ed25519GroupElement (com.github.rosklyar.crypto.ed25519.arithmetic.Ed25519GroupElement)1 CryptoException (io.nem.symbol.core.crypto.CryptoException)1 KeyGenerator (io.nem.symbol.core.crypto.KeyGenerator)1 KeyGeneratorTest (io.nem.symbol.core.crypto.KeyGeneratorTest)1 KeyPair (io.nem.symbol.core.crypto.KeyPair)1 PublicKey (io.nem.symbol.core.crypto.PublicKey)1 Signature (io.nem.symbol.core.crypto.Signature)1 Test (org.junit.Test)1 Test (org.junit.jupiter.api.Test)1