Example 6 with Ed25519EncodedGroupElement
use of io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement in project nem2-sdk-java by nemtech.
the class Ed25519DsaSigner method sign.
@Override
public Signature sign(final byte[] data) {
if (!this.getKeyPair().hasPrivateKey()) {
throw new CryptoException("cannot sign without private key");
}
// Hash the private key to improve randomness.
final byte[] hash = Hashes.sha3_512(this.getKeyPair().getPrivateKey().getBytes());
// r = H(hash_b,...,hash_2b-1, data) where b=256.
final Ed25519EncodedFieldElement r = new Ed25519EncodedFieldElement(Hashes.sha3_512(// only include the last 32 bytes of the private key hash
Arrays.copyOfRange(hash, 32, 64), data));
// Reduce size of r since we are calculating mod group order anyway
final Ed25519EncodedFieldElement rModQ = r.modQ();
// R = rModQ * base point.
final Ed25519GroupElement R = Ed25519Group.BASE_POINT.scalarMultiply(rModQ);
final Ed25519EncodedGroupElement encodedR = R.encode();
// S = (r + H(encodedR, encodedA, data) * a) mod group order where
// encodedR and encodedA are the little endian encodings of the group element R and the public key A and
// a is the lower 32 bytes of hash after clamping.
final Ed25519EncodedFieldElement h = new Ed25519EncodedFieldElement(Hashes.sha3_512(encodedR.getRaw(), this.getKeyPair().getPublicKey().getRaw(), data));
final Ed25519EncodedFieldElement hModQ = h.modQ();
final Ed25519EncodedFieldElement encodedS = hModQ.multiplyAndAddModQ(Ed25519Utils.prepareForScalarMultiply(this.getKeyPair().getPrivateKey()), rModQ);
// Signature is (encodedR, encodedS)
final Signature signature = new Signature(encodedR.getRaw(), encodedS.getRaw());
if (!this.isCanonicalSignature(signature)) {
throw new CryptoException("Generated signature is not canonical");
}
return signature;
}
Also used :
Ed25519EncodedFieldElement(io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedFieldElement)
Ed25519GroupElement(io.nem.core.crypto.ed25519.arithmetic.Ed25519GroupElement)
Ed25519EncodedGroupElement(io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement)
Example 7 with Ed25519EncodedGroupElement
use of io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement in project nem-library by rosklyar.
the class Ed25519DsaSigner method sign.
@Override
public Signature sign(final byte[] data) {
if (!this.getKeyPair().hasPrivateKey()) {
throw new CryptoException("cannot sign without private key");
}
// Hash the private key to improve randomness.
final byte[] hash = Hashes.sha3_512(ArrayUtils.toByteArray(this.getKeyPair().getPrivateKey().getRaw(), 32));
// r = H(hash_b,...,hash_2b-1, data) where b=256.
final Ed25519EncodedFieldElement r = new Ed25519EncodedFieldElement(Hashes.sha3_512(// only include the last 32 bytes of the private key hash
Arrays.copyOfRange(hash, 32, 64), data));
// Reduce size of r since we are calculating mod group order anyway
final Ed25519EncodedFieldElement rModQ = r.modQ();
// R = rModQ * base point.
final Ed25519GroupElement R = Ed25519Group.BASE_POINT.scalarMultiply(rModQ);
final Ed25519EncodedGroupElement encodedR = R.encode();
// S = (r + H(encodedR, encodedA, data) * a) mod group order where
// encodedR and encodedA are the little endian encodings of the group element R and the public key A and
// a is the lower 32 bytes of hash after clamping.
final Ed25519EncodedFieldElement h = new Ed25519EncodedFieldElement(Hashes.sha3_512(encodedR.getRaw(), this.getKeyPair().getPublicKey().getRaw(), data));
final Ed25519EncodedFieldElement hModQ = h.modQ();
final Ed25519EncodedFieldElement encodedS = hModQ.multiplyAndAddModQ(Ed25519Utils.prepareForScalarMultiply(this.getKeyPair().getPrivateKey()), rModQ);
// Signature is (encodedR, encodedS)
final Signature signature = new Signature(encodedR.getRaw(), encodedS.getRaw());
if (!this.isCanonicalSignature(signature)) {
throw new CryptoException("Generated signature is not canonical");
}
return signature;
}
Also used :
Signature(com.github.rosklyar.crypto.Signature)
Ed25519EncodedFieldElement(com.github.rosklyar.crypto.ed25519.arithmetic.Ed25519EncodedFieldElement)
Ed25519GroupElement(com.github.rosklyar.crypto.ed25519.arithmetic.Ed25519GroupElement)
CryptoException(com.github.rosklyar.crypto.CryptoException)
Ed25519EncodedGroupElement(com.github.rosklyar.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement)
Example 8 with Ed25519EncodedGroupElement
use of io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement in project nem2-sdk-java by nemtech.
the class Ed25519BlockCipher method getSharedSecret.
public static byte[] getSharedSecret(final PrivateKey privateKey, final PublicKey publicKey) {
final Ed25519GroupElement senderA = new Ed25519EncodedGroupElement(publicKey.getBytes()).decode();
senderA.precomputeForScalarMultiplication();
return senderA.scalarMultiply(Ed25519Utils.prepareForScalarMultiply(privateKey)).encode().getRaw();
}
Also used :
Ed25519GroupElement(io.nem.symbol.core.crypto.ed25519.arithmetic.Ed25519GroupElement)
Ed25519EncodedGroupElement(io.nem.symbol.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement)
Example 9 with Ed25519EncodedGroupElement
use of io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement in project nem2-sdk-java by nemtech.
the class Ed25519KeyGeneratorTest method derivedPublicKeyIsValidPointOnCurve.
@Test
public void derivedPublicKeyIsValidPointOnCurve() {
// Arrange:
final KeyGenerator generator = this.getKeyGenerator();
for (int i = 0; i < 100; i++) {
final KeyPair kp = generator.generateKeyPair();
// Act:
final PublicKey publicKey = generator.derivePublicKey(kp.getPrivateKey());
// Assert (throws if not on the curve):
Ed25519GroupElement decode = new Ed25519EncodedGroupElement(publicKey.getBytes()).decode();
Assertions.assertNotNull(decode);
}
}
Also used :
KeyPair(io.nem.symbol.core.crypto.KeyPair)
PublicKey(io.nem.symbol.core.crypto.PublicKey)
Ed25519GroupElement(io.nem.symbol.core.crypto.ed25519.arithmetic.Ed25519GroupElement)
KeyGenerator(io.nem.symbol.core.crypto.KeyGenerator)
Ed25519EncodedGroupElement(io.nem.symbol.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement)
Test(org.junit.jupiter.api.Test)
KeyGeneratorTest(io.nem.symbol.core.crypto.KeyGeneratorTest)
Aggregations
Ed25519EncodedGroupElement (io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement)4
Ed25519EncodedGroupElement (io.nem.symbol.core.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement)4
Ed25519GroupElement (io.nem.symbol.core.crypto.ed25519.arithmetic.Ed25519GroupElement)4
Ed25519GroupElement (io.nem.core.crypto.ed25519.arithmetic.Ed25519GroupElement)3
Ed25519EncodedFieldElement (io.nem.core.crypto.ed25519.arithmetic.Ed25519EncodedFieldElement)2
Hasher (io.nem.symbol.core.crypto.Hasher)2
Ed25519EncodedFieldElement (io.nem.symbol.core.crypto.ed25519.arithmetic.Ed25519EncodedFieldElement)2
CryptoException (com.github.rosklyar.crypto.CryptoException)1
Signature (com.github.rosklyar.crypto.Signature)1
Ed25519EncodedFieldElement (com.github.rosklyar.crypto.ed25519.arithmetic.Ed25519EncodedFieldElement)1
Ed25519EncodedGroupElement (com.github.rosklyar.crypto.ed25519.arithmetic.Ed25519EncodedGroupElement)1
Ed25519GroupElement (com.github.rosklyar.crypto.ed25519.arithmetic.Ed25519GroupElement)1
CryptoException (io.nem.symbol.core.crypto.CryptoException)1
KeyGenerator (io.nem.symbol.core.crypto.KeyGenerator)1
KeyGeneratorTest (io.nem.symbol.core.crypto.KeyGeneratorTest)1
KeyPair (io.nem.symbol.core.crypto.KeyPair)1
PublicKey (io.nem.symbol.core.crypto.PublicKey)1
Signature (io.nem.symbol.core.crypto.Signature)1
Test (org.junit.Test)1
Test (org.junit.jupiter.api.Test)1
