You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@milagro.apache.org by br...@apache.org on 2018/11/07 23:50:04 UTC
[27/51] [partial] incubator-milagro-crypto git commit: update code
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/java/MPIN.java
----------------------------------------------------------------------
diff --git a/java/MPIN.java b/java/MPIN.java
deleted file mode 100755
index 0c517f1..0000000
--- a/java/MPIN.java
+++ /dev/null
@@ -1,746 +0,0 @@
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* MPIN API Functions */
-
-import java.util.Date;
-
-public class MPIN
-{
- public static final int EFS=ROM.MODBYTES;
- public static final int EGS=ROM.MODBYTES;
- public static final int PAS=16;
- public static final int INVALID_POINT=-14;
- public static final int BAD_PARAMS=-11;
- public static final int WRONG_ORDER=-18;
- public static final int BAD_PIN=-19;
-
-/* Configure your PIN here */
-
- public static final int MAXPIN=10000; /* PIN less than this */
- public static final int PBLEN=14; /* Number of bits in PIN */
- public static final int TS=10; /* 10 for 4 digit PIN, 14 for 6-digit PIN - 2^TS/TS approx = sqrt(MAXPIN) */
- public static final int TRAP=200; /* 200 for 4 digit PIN, 2000 for 6-digit PIN - approx 2*sqrt(MAXPIN) */
-
-/* Hash number (optional) and string to point on curve */
-
- public static byte[] hashit(int n,byte[] ID)
- {
- HASH H=new HASH();
- if (n!=0) H.process_num(n);
- H.process_array(ID);
- byte[] h=H.hash();
- return h;
- }
-
- public static ECP mapit(byte[] h)
- {
- BIG q=new BIG(ROM.Modulus);
- BIG x=BIG.fromBytes(h);
- x.mod(q);
- ECP P;
- while (true)
- {
- P=new ECP(x,0);
- if (!P.is_infinity()) break;
- x.inc(1); x.norm();
- }
- return P;
- }
-
-/* needed for SOK */
- public static ECP2 mapit2(byte[] h)
- {
- BIG q=new BIG(ROM.Modulus);
- BIG x=BIG.fromBytes(h);
- BIG one=new BIG(1);
- FP2 X;
- ECP2 Q,T,K;
- x.mod(q);
- while (true)
- {
- X=new FP2(one,x);
- Q=new ECP2(X);
- if (!Q.is_infinity()) break;
- x.inc(1); x.norm();
- }
-/* Fast Hashing to G2 - Fuentes-Castaneda, Knapp and Rodriguez-Henriquez */
- BIG Fra=new BIG(ROM.CURVE_Fra);
- BIG Frb=new BIG(ROM.CURVE_Frb);
- X=new FP2(Fra,Frb);
- x=new BIG(ROM.CURVE_Bnx);
-
- T=new ECP2(); T.copy(Q);
- T.mul(x); T.neg();
- K=new ECP2(); K.copy(T);
- K.dbl(); K.add(T); K.affine();
-
- K.frob(X);
- Q.frob(X); Q.frob(X); Q.frob(X);
- Q.add(T); Q.add(K);
- T.frob(X); T.frob(X);
- Q.add(T);
- Q.affine();
- return Q;
- }
-
-/* return time in slots since epoch */
- public static int today() {
- Date date=new Date();
- return (int) (date.getTime()/(1000*60*1440));
- }
-
-/* these next two functions help to implement elligator squared - http://eprint.iacr.org/2014/043 */
-/* maps a random u to a point on the curve */
- public static ECP map(BIG u,int cb)
- {
- ECP P;
- BIG x=new BIG(u);
- BIG p=new BIG(ROM.Modulus);
- x.mod(p);
- while (true)
- {
- P=new ECP(x,cb);
- if (!P.is_infinity()) break;
- x.inc(1); x.norm();
- }
- return P;
- }
-
-/* returns u derived from P. Random value in range 1 to return value should then be added to u */
- public static int unmap(BIG u,ECP P)
- {
- int s=P.getS();
- ECP R;
- int r=0;
- BIG x=P.getX();
- u.copy(x);
- while (true)
- {
- u.dec(1); u.norm();
- r++;
- R=new ECP(u,s);
- if (!R.is_infinity()) break;
- }
- return r;
- }
-
- public static byte[] HASH_ID(byte[] ID)
- {
- return hashit(0,ID);
- }
-
-
-/* these next two functions implement elligator squared - http://eprint.iacr.org/2014/043 */
-/* Elliptic curve point E in format (0x04,x,y} is converted to form {0x0-,u,v} */
-/* Note that u and v are indistinguisible from random strings */
- public static int ENCODING(RAND rng,byte[] E)
- {
- int rn,m,su,sv;
- byte[] T=new byte[EFS];
-
- for (int i=0;i<EFS;i++) T[i]=E[i+1];
- BIG u=BIG.fromBytes(T);
- for (int i=0;i<EFS;i++) T[i]=E[i+EFS+1];
- BIG v=BIG.fromBytes(T);
-
- ECP P=new ECP(u,v);
- if (P.is_infinity()) return INVALID_POINT;
-
- BIG p=new BIG(ROM.Modulus);
- u=BIG.randomnum(p,rng);
-
- su=rng.getByte(); /*if (su<0) su=-su;*/ su%=2;
-
- ECP W=map(u,su);
- P.sub(W);
- sv=P.getS();
- rn=unmap(v,P);
- m=rng.getByte(); /*if (m<0) m=-m;*/ m%=rn;
- v.inc(m+1);
- E[0]=(byte)(su+2*sv);
- u.toBytes(T);
- for (int i=0;i<EFS;i++) E[i+1]=T[i];
- v.toBytes(T);
- for (int i=0;i<EFS;i++) E[i+EFS+1]=T[i];
-
- return 0;
- }
-
- public static int DECODING(byte[] D)
- {
- int su,sv;
- byte[] T=new byte[EFS];
-
- if ((D[0]&0x04)!=0) return INVALID_POINT;
-
- for (int i=0;i<EFS;i++) T[i]=D[i+1];
- BIG u=BIG.fromBytes(T);
- for (int i=0;i<EFS;i++) T[i]=D[i+EFS+1];
- BIG v=BIG.fromBytes(T);
-
- su=D[0]&1;
- sv=(D[0]>>1)&1;
- ECP W=map(u,su);
- ECP P=map(v,sv);
- P.add(W);
- u=P.getX();
- v=P.getY();
- D[0]=0x04;
- u.toBytes(T);
- for (int i=0;i<EFS;i++) D[i+1]=T[i];
- v.toBytes(T);
- for (int i=0;i<EFS;i++) D[i+EFS+1]=T[i];
-
- return 0;
- }
-
-/* R=R1+R2 in group G1 */
- public static int RECOMBINE_G1(byte[] R1,byte[] R2,byte[] R)
- {
- ECP P=ECP.fromBytes(R1);
- ECP Q=ECP.fromBytes(R2);
-
- if (P.is_infinity() || Q.is_infinity()) return INVALID_POINT;
-
- P.add(Q);
-
- P.toBytes(R);
- return 0;
- }
-
-/* W=W1+W2 in group G2 */
- public static int RECOMBINE_G2(byte[] W1,byte[] W2,byte[] W)
- {
- ECP2 P=ECP2.fromBytes(W1);
- ECP2 Q=ECP2.fromBytes(W2);
-
- if (P.is_infinity() || Q.is_infinity()) return INVALID_POINT;
-
- P.add(Q);
-
- P.toBytes(W);
- return 0;
- }
-
-/* create random secret S */
- public static int RANDOM_GENERATE(RAND rng,byte[] S)
- {
- BIG s;
- BIG r=new BIG(ROM.CURVE_Order);
- s=BIG.randomnum(r,rng);
-
- s.toBytes(S);
- return 0;
- }
-
-/* Extract PIN from TOKEN for identity CID */
- public static int EXTRACT_PIN(byte[] CID,int pin,byte[] TOKEN)
- {
- ECP P=ECP.fromBytes(TOKEN);
- if (P.is_infinity()) return INVALID_POINT;
- byte[] h=hashit(0,CID);
- ECP R=mapit(h);
-
-
- pin%=MAXPIN;
-
- R=R.pinmul(pin,PBLEN);
- P.sub(R);
-
- P.toBytes(TOKEN);
-
- return 0;
- }
-
-/* Implement step 2 on client side of MPin protocol */
- public static int CLIENT_2(byte[] X,byte[] Y,byte[] SEC)
- {
- BIG r=new BIG(ROM.CURVE_Order);
- ECP P=ECP.fromBytes(SEC);
- if (P.is_infinity()) return INVALID_POINT;
-
- BIG px=BIG.fromBytes(X);
- BIG py=BIG.fromBytes(Y);
- px.add(py);
- px.mod(r);
- px.rsub(r);
-
- PAIR.G1mul(P,px).toBytes(SEC);
- return 0;
- }
-
-/* Implement step 1 on client side of MPin protocol */
- public static int CLIENT_1(int date,byte[] CLIENT_ID,RAND rng,byte[] X,int pin,byte[] TOKEN,byte[] SEC,byte[] xID,byte[] xCID,byte[] PERMIT)
- {
- BIG r=new BIG(ROM.CURVE_Order);
-// BIG q=new BIG(ROM.Modulus);
- BIG x;
-// BIG m=new BIG(0);
- if (rng!=null)
- {
- x=BIG.randomnum(r,rng);
- x.toBytes(X);
- }
- else
- {
- x=BIG.fromBytes(X);
- }
- ECP P,T,W;
- BIG px;
-// byte[] t=new byte[EFS];
-
- byte[] h=hashit(0,CLIENT_ID);
- P=mapit(h);
-
- T=ECP.fromBytes(TOKEN);
- if (T.is_infinity()) return INVALID_POINT;
-
- pin%=MAXPIN;
- W=P.pinmul(pin,PBLEN);
- T.add(W);
- if (date!=0)
- {
- W=ECP.fromBytes(PERMIT);
- if (W.is_infinity()) return INVALID_POINT;
- T.add(W);
- h=hashit(date,h);
- W=mapit(h);
- if (xID!=null)
- {
- P=PAIR.G1mul(P,x);
- P.toBytes(xID);
- W=PAIR.G1mul(W,x);
- P.add(W);
- }
- else
- {
- P.add(W);
- P=PAIR.G1mul(P,x);
- }
- if (xCID!=null) P.toBytes(xCID);
- }
- else
- {
- if (xID!=null)
- {
- P=PAIR.G1mul(P,x);
- P.toBytes(xID);
- }
- }
-
-
- T.toBytes(SEC);
- return 0;
- }
-
-/* Extract Server Secret SST=S*Q where Q is fixed generator in G2 and S is master secret */
- public static int GET_SERVER_SECRET(byte[] S,byte[] SST)
- {
- ECP2 Q=new ECP2(new FP2(new BIG(ROM.CURVE_Pxa),new BIG(ROM.CURVE_Pxb)),new FP2(new BIG(ROM.CURVE_Pya),new BIG(ROM.CURVE_Pyb)));
-
- BIG s=BIG.fromBytes(S);
- Q=PAIR.G2mul(Q,s);
- Q.toBytes(SST);
- return 0;
- }
-
-/*
- W=x*H(G);
- if RNG == NULL then X is passed in
- if RNG != NULL the X is passed out
- if type=0 W=x*G where G is point on the curve, else W=x*M(G), where M(G) is mapping of octet G to point on the curve
-*/
- public static int GET_G1_MULTIPLE(RAND rng, int type,byte[] X,byte[] G,byte[] W)
- {
- BIG x;
- BIG r=new BIG(ROM.CURVE_Order);
- if (rng!=null)
- {
- x=BIG.randomnum(r,rng);
- x.toBytes(X);
- }
- else
- {
- x=BIG.fromBytes(X);
- }
- ECP P;
- if (type==0)
- {
- P=ECP.fromBytes(G);
- if (P.is_infinity()) return INVALID_POINT;
- }
- else
- P=mapit(G);
-
- PAIR.G1mul(P,x).toBytes(W);
- return 0;
- }
-
-/* Client secret CST=S*H(CID) where CID is client ID and S is master secret */
-/* CID is hashed externally */
- public static int GET_CLIENT_SECRET(byte[] S,byte[] CID,byte[] CST)
- {
- return GET_G1_MULTIPLE(null,1,S,CID,CST);
- }
-
-/* Time Permit CTT=S*(date|H(CID)) where S is master secret */
- public static int GET_CLIENT_PERMIT(int date,byte[] S,byte[] CID,byte[] CTT)
- {
- byte[] h=hashit(date,CID);
- ECP P=mapit(h);
-
- BIG s=BIG.fromBytes(S);
- PAIR.G1mul(P,s).toBytes(CTT);
- return 0;
- }
-
-/* Outputs H(CID) and H(T|H(CID)) for time permits. If no time permits set HID=HTID */
- public static void SERVER_1(int date,byte[] CID,byte[] HID,byte[] HTID)
- {
- byte[] h=hashit(0,CID);
- ECP R,P=mapit(h);
-
- if (date!=0)
- {
- if (HID!=null) P.toBytes(HID);
- h=hashit(date,h);
- R=mapit(h);
- P.add(R);
- P.toBytes(HTID);
- }
- else P.toBytes(HID);
- }
-
-/* Implement step 2 of MPin protocol on server side */
- public static int SERVER_2(int date,byte[] HID,byte[] HTID,byte[] Y,byte[] SST,byte[] xID,byte[] xCID,byte[] mSEC,byte[] E,byte[] F)
- {
- BIG q=new BIG(ROM.Modulus);
- ECP2 Q=new ECP2(new FP2(new BIG(ROM.CURVE_Pxa),new BIG(ROM.CURVE_Pxb)),new FP2(new BIG(ROM.CURVE_Pya),new BIG(ROM.CURVE_Pyb)));
- ECP2 sQ=ECP2.fromBytes(SST);
- if (sQ.is_infinity()) return INVALID_POINT;
-
- ECP R;
- if (date!=0)
- R=ECP.fromBytes(xCID);
- else
- {
- if (xID==null) return BAD_PARAMS;
- R=ECP.fromBytes(xID);
- }
- if (R.is_infinity()) return INVALID_POINT;
-
- BIG y=BIG.fromBytes(Y);
- ECP P;
- if (date!=0) P=ECP.fromBytes(HTID);
- else
- {
- if (HID==null) return BAD_PARAMS;
- P=ECP.fromBytes(HID);
- }
-
- if (P.is_infinity()) return INVALID_POINT;
-
- P=PAIR.G1mul(P,y);
- P.add(R);
- R=ECP.fromBytes(mSEC);
- if (R.is_infinity()) return INVALID_POINT;
-
- FP12 g;
-// FP12 g1=new FP12(0);
-
- g=PAIR.ate2(Q,R,sQ,P);
- g=PAIR.fexp(g);
-
- if (!g.isunity())
- {
- if (HID!=null && xID!=null && E!=null && F!=null)
- {
- g.toBytes(E);
- if (date!=0)
- {
- P=ECP.fromBytes(HID);
- if (P.is_infinity()) return INVALID_POINT;
- R=ECP.fromBytes(xID);
- if (R.is_infinity()) return INVALID_POINT;
-
- P=PAIR.G1mul(P,y);
- P.add(R);
- }
- g=PAIR.ate(Q,P);
- g=PAIR.fexp(g);
- g.toBytes(F);
- }
- return BAD_PIN;
- }
-
- return 0;
- }
-
-/* Pollards kangaroos used to return PIN error */
- public static int KANGAROO(byte[] E,byte[] F)
- {
- FP12 ge=FP12.fromBytes(E);
- FP12 gf=FP12.fromBytes(F);
- int[] distance = new int[TS];
- FP12 t=new FP12(gf);
- FP12[] table=new FP12[TS];
- int i,j,m,s,dn,dm,res,steps;
-
- s=1;
- for (m=0;m<TS;m++)
- {
- distance[m]=s;
- table[m]=new FP12(t);
- s*=2;
- t.usqr();
- }
- t.one();
- dn=0;
- for (j=0;j<TRAP;j++)
- {
- i=t.geta().geta().getA().lastbits(8)%TS;
- t.mul(table[i]);
- dn+=distance[i];
- }
- gf.copy(t); gf.conj();
- steps=0; dm=0;
- res=0;
- while (dm-dn<MAXPIN)
- {
- steps++;
- if (steps>4*TRAP) break;
- i=ge.geta().geta().getA().lastbits(8)%TS;
- ge.mul(table[i]);
- dm+=distance[i];
- if (ge.equals(t))
- {
- res=dm-dn;
- break;
- }
- if (ge.equals(gf))
- {
- res=dn-dm;
- break;
- }
-
- }
- if (steps>4*TRAP || dm-dn>=MAXPIN) {res=0; } // Trap Failed - probable invalid token
- return res;
- }
-
-/* Functions to support M-Pin Full */
-
- public static int PRECOMPUTE(byte[] TOKEN,byte[] CID,byte[] G1,byte[] G2)
- {
- ECP P,T;
- FP12 g;
-
- T=ECP.fromBytes(TOKEN);
- if (T.is_infinity()) return INVALID_POINT;
-
- P=mapit(CID);
-
- ECP2 Q=new ECP2(new FP2(new BIG(ROM.CURVE_Pxa),new BIG(ROM.CURVE_Pxb)),new FP2(new BIG(ROM.CURVE_Pya),new BIG(ROM.CURVE_Pyb)));
-
- g=PAIR.ate(Q,T);
- g=PAIR.fexp(g);
- g.toBytes(G1);
-
- g=PAIR.ate(Q,P);
- g=PAIR.fexp(g);
- g.toBytes(G2);
-
- return 0;
- }
-
-/* calculate common key on client side */
-/* wCID = w.(A+AT) */
- public static int CLIENT_KEY(byte[] G1,byte[] G2,int pin,byte[] R,byte[] X,byte[] wCID,byte[] CK)
- {
- HASH H=new HASH();
- byte[] t=new byte[EFS];
-
- FP12 g1=FP12.fromBytes(G1);
- FP12 g2=FP12.fromBytes(G2);
- BIG z=BIG.fromBytes(R);
- BIG x=BIG.fromBytes(X);
-
- ECP W=ECP.fromBytes(wCID);
- if (W.is_infinity()) return INVALID_POINT;
-
- W=PAIR.G1mul(W,x);
-
- FP2 f=new FP2(new BIG(ROM.CURVE_Fra),new BIG(ROM.CURVE_Frb));
- BIG r=new BIG(ROM.CURVE_Order);
- BIG q=new BIG(ROM.Modulus);
-
- BIG m=new BIG(q);
- m.mod(r);
-
- BIG a=new BIG(z);
- a.mod(m);
-
- BIG b=new BIG(z);
- b.div(m);
-
- g2.pinpow(pin,PBLEN);
- g1.mul(g2);
-
- FP4 c=g1.trace();
- g2.copy(g1);
- g2.frob(f);
- FP4 cp=g2.trace();
- g1.conj();
- g2.mul(g1);
- FP4 cpm1=g2.trace();
- g2.mul(g1);
- FP4 cpm2=g2.trace();
-
- c=c.xtr_pow2(cp,cpm1,cpm2,a,b);
-
- c.geta().getA().toBytes(t);
- H.process_array(t);
- c.geta().getB().toBytes(t);
- H.process_array(t);
- c.getb().getA().toBytes(t);
- H.process_array(t);
- c.getb().getB().toBytes(t);
- H.process_array(t);
-
- W.getX().toBytes(t);
- H.process_array(t);
- W.getY().toBytes(t);
- H.process_array(t);
-
- t=H.hash();
- for (int i=0;i<PAS;i++) CK[i]=t[i];
-
- return 0;
- }
-
-/* calculate common key on server side */
-/* Z=r.A - no time permits involved */
-
- public static int SERVER_KEY(byte[] Z,byte[] SST,byte[] W,byte[] xID,byte[] xCID,byte[] SK)
- {
- HASH H=new HASH();
- byte[] t=new byte[EFS];
-
- ECP2 sQ=ECP2.fromBytes(SST);
- if (sQ.is_infinity()) return INVALID_POINT;
- ECP R=ECP.fromBytes(Z);
- if (R.is_infinity()) return INVALID_POINT;
-
- ECP U;
- if (xCID!=null)
- U=ECP.fromBytes(xCID);
- else
- U=ECP.fromBytes(xID);
- if (U.is_infinity()) return INVALID_POINT;
-
- BIG w=BIG.fromBytes(W);
- U=PAIR.G1mul(U,w);
- FP12 g=PAIR.ate(sQ,R);
- g=PAIR.fexp(g);
-
- FP4 c=g.trace();
- c.geta().getA().toBytes(t);
- H.process_array(t);
- c.geta().getB().toBytes(t);
- H.process_array(t);
- c.getb().getA().toBytes(t);
- H.process_array(t);
- c.getb().getB().toBytes(t);
- H.process_array(t);
-
- U.getX().toBytes(t);
- H.process_array(t);
- U.getY().toBytes(t);
- H.process_array(t);
-
- t=H.hash();
- for (int i=0;i<PAS;i++) SK[i]=t[i];
-
- return 0;
- }
-
-/* return time since epoch */
- public static int GET_TIME() {
- Date date=new Date();
- return (int) (date.getTime()/1000);
- }
-
-/* Generate Y = H(epoch, xCID/xID) */
- public static void GET_Y(int TimeValue,byte[] xCID,byte[] Y)
- {
- byte[] h = hashit(TimeValue,xCID);
- BIG y = BIG.fromBytes(h);
- BIG q=new BIG(ROM.CURVE_Order);
- y.mod(q);
- y.toBytes(Y);
- }
-
-/* One pass MPIN Client */
- public static int CLIENT(int date,byte[] CLIENT_ID,RAND RNG,byte[] X,int pin,byte[] TOKEN,byte[] SEC,byte[] xID,byte[] xCID,byte[] PERMIT, int TimeValue, byte[] Y)
- {
- int rtn=0;
-
- byte[] pID;
- if (date == 0)
- pID = xID;
- else
- pID = xCID;
-
- rtn = CLIENT_1(date,CLIENT_ID,RNG,X,pin,TOKEN,SEC,xID,xCID,PERMIT);
- if (rtn != 0)
- return rtn;
-
- GET_Y(TimeValue,pID,Y);
-
- rtn = CLIENT_2(X,Y,SEC);
- if (rtn != 0)
- return rtn;
-
- return 0;
- }
-
-/* One pass MPIN Server */
- public static int SERVER(int date,byte[] HID,byte[] HTID,byte[] Y,byte[] SST,byte[] xID,byte[] xCID,byte[] SEC,byte[] E,byte[] F,byte[] CID, int TimeValue)
- {
- int rtn=0;
-
- byte[] pID;
- if (date == 0)
- pID = xID;
- else
- pID = xCID;
-
- SERVER_1(date,CID,HID,HTID);
-
- GET_Y(TimeValue,pID,Y);
-
- rtn = SERVER_2(date,HID,HTID,Y,SST,xID,xCID,SEC,E,F);
- if (rtn != 0)
- return rtn;
-
- return 0;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/java/PAIR.java
----------------------------------------------------------------------
diff --git a/java/PAIR.java b/java/PAIR.java
deleted file mode 100755
index ad93b61..0000000
--- a/java/PAIR.java
+++ /dev/null
@@ -1,539 +0,0 @@
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* AMCL BN Curve Pairing functions */
-
-public final class PAIR {
-
-/* Line function */
- public static FP12 line(ECP2 A,ECP2 B,FP Qx,FP Qy)
- {
- ECP2 P=new ECP2();
-
- FP4 a,b,c;
- P.copy(A);
- FP2 ZZ=new FP2(P.getz());
- ZZ.sqr();
- int D;
- if (A==B) D=A.dbl(); /* Check this return value in amcl_ec2.c */
- else D=A.add(B);
- if (D<0)
- return new FP12(1);
- FP2 Z3=new FP2(A.getz());
- c=new FP4(0);
- if (D==0)
- { /* Addition */
- FP2 X=new FP2(B.getx());
- FP2 Y=new FP2(B.gety());
- FP2 T=new FP2(P.getz());
- T.mul(Y);
- ZZ.mul(T);
-
- FP2 NY=new FP2(P.gety()); NY.neg();
- ZZ.add(NY);
- Z3.pmul(Qy);
- T.mul(P.getx());
- X.mul(NY);
- T.add(X);
- a=new FP4(Z3,T);
- ZZ.neg();
- ZZ.pmul(Qx);
- b=new FP4(ZZ);
- }
- else
- { /* Doubling */
- FP2 X=new FP2(P.getx());
- FP2 Y=new FP2(P.gety());
- FP2 T=new FP2(P.getx());
- T.sqr();
- T.imul(3);
-
- Y.sqr();
- Y.add(Y);
- Z3.mul(ZZ);
- Z3.pmul(Qy);
-
- X.mul(T);
- X.sub(Y);
- a=new FP4(Z3,X);
- T.neg();
- ZZ.mul(T);
- ZZ.pmul(Qx);
- b=new FP4(ZZ);
- }
- return new FP12(a,b,c);
- }
-
-/* Optimal R-ate pairing */
- public static FP12 ate(ECP2 P,ECP Q)
- {
- FP2 f=new FP2(new BIG(ROM.CURVE_Fra),new BIG(ROM.CURVE_Frb));
- BIG x=new BIG(ROM.CURVE_Bnx);
- BIG n=new BIG(x);
- ECP2 K=new ECP2();
- FP12 lv;
- n.pmul(6); n.dec(2); n.norm();
- P.affine();
- Q.affine();
- FP Qx=new FP(Q.getx());
- FP Qy=new FP(Q.gety());
-
- ECP2 A=new ECP2();
- FP12 r=new FP12(1);
-
- A.copy(P);
- int nb=n.nbits();
-
- for (int i=nb-2;i>=1;i--)
- {
- lv=line(A,A,Qx,Qy);
- r.smul(lv);
-
- if (n.bit(i)==1)
- {
- lv=line(A,P,Qx,Qy);
-
- r.smul(lv);
- }
- r.sqr();
- }
-
- lv=line(A,A,Qx,Qy);
- r.smul(lv);
-
-/* R-ate fixup */
-
- r.conj();
-
- K.copy(P);
- K.frob(f);
- A.neg();
- lv=line(A,K,Qx,Qy);
- r.smul(lv);
- K.frob(f);
- K.neg();
- lv=line(A,K,Qx,Qy);
- r.smul(lv);
-
- return r;
- }
-
-/* Optimal R-ate double pairing e(P,Q).e(R,S) */
- public static FP12 ate2(ECP2 P,ECP Q,ECP2 R,ECP S)
- {
- FP2 f=new FP2(new BIG(ROM.CURVE_Fra),new BIG(ROM.CURVE_Frb));
- BIG x=new BIG(ROM.CURVE_Bnx);
- BIG n=new BIG(x);
- ECP2 K=new ECP2();
- FP12 lv;
- n.pmul(6); n.dec(2); n.norm();
- P.affine();
- Q.affine();
- R.affine();
- S.affine();
-
- FP Qx=new FP(Q.getx());
- FP Qy=new FP(Q.gety());
- FP Sx=new FP(S.getx());
- FP Sy=new FP(S.gety());
-
- ECP2 A=new ECP2();
- ECP2 B=new ECP2();
- FP12 r=new FP12(1);
-
- A.copy(P);
- B.copy(R);
- int nb=n.nbits();
-
- for (int i=nb-2;i>=1;i--)
- {
- lv=line(A,A,Qx,Qy);
- r.smul(lv);
- lv=line(B,B,Sx,Sy);
- r.smul(lv);
-
- if (n.bit(i)==1)
- {
- lv=line(A,P,Qx,Qy);
- r.smul(lv);
- lv=line(B,R,Sx,Sy);
- r.smul(lv);
- }
- r.sqr();
- }
-
- lv=line(A,A,Qx,Qy);
- r.smul(lv);
-
- lv=line(B,B,Sx,Sy);
- r.smul(lv);
-
-/* R-ate fixup */
- r.conj();
-
- K.copy(P);
- K.frob(f);
- A.neg();
- lv=line(A,K,Qx,Qy);
- r.smul(lv);
- K.frob(f);
- K.neg();
- lv=line(A,K,Qx,Qy);
- r.smul(lv);
-
- K.copy(R);
- K.frob(f);
- B.neg();
- lv=line(B,K,Sx,Sy);
- r.smul(lv);
- K.frob(f);
- K.neg();
- lv=line(B,K,Sx,Sy);
- r.smul(lv);
-
- return r;
- }
-
-/* final exponentiation - keep separate for multi-pairings and to avoid thrashing stack */
- public static FP12 fexp(FP12 m)
- {
- FP2 f=new FP2(new BIG(ROM.CURVE_Fra),new BIG(ROM.CURVE_Frb));
- BIG x=new BIG(ROM.CURVE_Bnx);
- FP12 r=new FP12(m);
- FP12 x0,x1,x2,x3,x4,x5;
-
-/* Easy part of final exp */
- FP12 lv=new FP12(r);
- lv.inverse();
- r.conj();
-
- r.mul(lv);
- lv.copy(r);
- r.frob(f);
- r.frob(f);
- r.mul(lv);
-/* Hard part of final exp */
- lv.copy(r);
- lv.frob(f);
- x0=new FP12(lv);
- x0.frob(f);
- lv.mul(r);
- x0.mul(lv);
- x0.frob(f);
- x1=new FP12(r);
- x1.conj();
- x4=r.pow(x);
-
- x3=new FP12(x4);
- x3.frob(f);
-
- x2=x4.pow(x);
-
- x5=new FP12(x2); x5.conj();
- lv=x2.pow(x);
-
- x2.frob(f);
- r.copy(x2); r.conj();
-
- x4.mul(r);
- x2.frob(f);
-
- r.copy(lv);
- r.frob(f);
- lv.mul(r);
-
- lv.usqr();
- lv.mul(x4);
- lv.mul(x5);
- r.copy(x3);
- r.mul(x5);
- r.mul(lv);
- lv.mul(x2);
- r.usqr();
- r.mul(lv);
- r.usqr();
- lv.copy(r);
- lv.mul(x1);
- r.mul(x0);
- lv.usqr();
- r.mul(lv);
- r.reduce();
- return r;
- }
-
-/* GLV method */
- public static BIG[] glv(BIG e)
- {
- int i,j;
- BIG t=new BIG(0);
- BIG q=new BIG(ROM.CURVE_Order);
- BIG[] u=new BIG[2];
- BIG[] v=new BIG[2];
- for (i=0;i<2;i++)
- {
- t.copy(new BIG(ROM.CURVE_W[i])); // why not just t=new BIG(ROM.CURVE_W[i]);
- DBIG d=BIG.mul(t,e);
- v[i]=new BIG(d.div(q));
- u[i]=new BIG(0);
- }
- u[0].copy(e);
- for (i=0;i<2;i++)
- for (j=0;j<2;j++)
- {
- t.copy(new BIG(ROM.CURVE_SB[j][i]));
- t.copy(BIG.modmul(v[j],t,q));
- u[i].add(q);
- u[i].sub(t);
- u[i].mod(q);
- }
- return u;
- }
-
-/* Galbraith & Scott Method */
- public static BIG[] gs(BIG e)
- {
- int i,j;
- BIG t=new BIG(0);
- BIG q=new BIG(ROM.CURVE_Order);
- BIG[] u=new BIG[4];
- BIG[] v=new BIG[4];
- for (i=0;i<4;i++)
- {
- t.copy(new BIG(ROM.CURVE_WB[i]));
- DBIG d=BIG.mul(t,e);
- v[i]=new BIG(d.div(q));
- u[i]=new BIG(0);
- }
- u[0].copy(e);
- for (i=0;i<4;i++)
- for (j=0;j<4;j++)
- {
- t.copy(new BIG(ROM.CURVE_BB[j][i]));
- t.copy(BIG.modmul(v[j],t,q));
- u[i].add(q);
- u[i].sub(t);
- u[i].mod(q);
- }
- return u;
- }
-
-/* Multiply P by e in group G1 */
- public static ECP G1mul(ECP P,BIG e)
- {
- ECP R;
- if (ROM.USE_GLV)
- {
- P.affine();
- R=new ECP();
- R.copy(P);
- int i,np,nn;
- ECP Q=new ECP();
- Q.copy(P);
- BIG q=new BIG(ROM.CURVE_Order);
- FP cru=new FP(new BIG(ROM.CURVE_Cru));
- BIG t=new BIG(0);
- BIG[] u=glv(e);
- Q.getx().mul(cru);
-
- np=u[0].nbits();
- t.copy(BIG.modneg(u[0],q));
- nn=t.nbits();
- if (nn<np)
- {
- u[0].copy(t);
- R.neg();
- }
-
- np=u[1].nbits();
- t.copy(BIG.modneg(u[1],q));
- nn=t.nbits();
- if (nn<np)
- {
- u[1].copy(t);
- Q.neg();
- }
-
- R=R.mul2(u[0],Q,u[1]);
-
- }
- else
- {
- R=P.mul(e);
- }
- return R;
- }
-
-/* Multiply P by e in group G2 */
- public static ECP2 G2mul(ECP2 P,BIG e)
- {
- ECP2 R;
- if (ROM.USE_GS_G2)
- {
- ECP2[] Q=new ECP2[4];
- FP2 f=new FP2(new BIG(ROM.CURVE_Fra),new BIG(ROM.CURVE_Frb));
- BIG q=new BIG(ROM.CURVE_Order);
- BIG[] u=gs(e);
-
-
-
- BIG t=new BIG(0);
- int i,np,nn;
- P.affine();
- Q[0]=new ECP2(); Q[0].copy(P);
- for (i=1;i<4;i++)
- {
- Q[i]=new ECP2(); Q[i].copy(Q[i-1]);
- Q[i].frob(f);
- }
- for (i=0;i<4;i++)
- {
- np=u[i].nbits();
- t.copy(BIG.modneg(u[i],q));
- nn=t.nbits();
- if (nn<np)
- {
- u[i].copy(t);
- Q[i].neg();
- }
- }
-
- R=ECP2.mul4(Q,u);
- }
- else
- {
- R=P.mul(e);
- }
- return R;
- }
-
-/* f=f^e */
-/* Note that this method requires a lot of RAM! Better to use compressed XTR method, see FP4.java */
- public static FP12 GTpow(FP12 d,BIG e)
- {
- FP12 r;
- if (ROM.USE_GS_GT)
- {
- FP12[] g=new FP12[4];
- FP2 f=new FP2(new BIG(ROM.CURVE_Fra),new BIG(ROM.CURVE_Frb));
- BIG q=new BIG(ROM.CURVE_Order);
- BIG t=new BIG(0);
- int i,np,nn;
- BIG[] u=gs(e);
-
- g[0]=new FP12(d);
- for (i=1;i<4;i++)
- {
- g[i]=new FP12(0); g[i].copy(g[i-1]);
- g[i].frob(f);
- }
- for (i=0;i<4;i++)
- {
- np=u[i].nbits();
- t.copy(BIG.modneg(u[i],q));
- nn=t.nbits();
- if (nn<np)
- {
- u[i].copy(t);
- g[i].conj();
- }
- }
- r=FP12.pow4(g,u);
- }
- else
- {
- r=d.pow(e);
- }
- return r;
- }
-
-/* test group membership */
-/* with GT-Strong curve, now only check that m!=1, conj(m)*m==1, and m.m^{p^4}=m^{p^2} */
- public static boolean GTmember(FP12 m)
- {
- if (m.isunity()) return false;
- FP12 r=new FP12(m);
- r.conj();
- r.mul(m);
- if (!r.isunity()) return false;
-
- FP2 f=new FP2(new BIG(ROM.CURVE_Fra),new BIG(ROM.CURVE_Frb));
-
- r.copy(m); r.frob(f); r.frob(f);
- FP12 w=new FP12(r); w.frob(f); w.frob(f);
- w.mul(m);
- if (!ROM.GT_STRONG)
- {
- if (!w.equals(r)) return false;
- BIG x=new BIG(ROM.CURVE_Bnx);
- r.copy(m); w=r.pow(x); w=w.pow(x);
- r.copy(w); r.sqr(); r.mul(w); r.sqr();
- w.copy(m); w.frob(f);
- }
- return w.equals(r);
- }
-/*
- public static void main(String[] args) {
- ECP Q=new ECP(new BIG(ROM.CURVE_Gx),new BIG(ROM.CURVE_Gy));
- ECP2 P=new ECP2(new FP2(new BIG(ROM.CURVE_Pxa),new BIG(ROM.CURVE_Pxb)),new FP2(new BIG(ROM.CURVE_Pya),new BIG(ROM.CURVE_Pyb)));
-
- BIG r=new BIG(ROM.CURVE_Order);
- BIG xa=new BIG(ROM.CURVE_Pxa);
-
- System.out.println("P= "+P.toString());
- System.out.println("Q= "+Q.toString());
-
- BIG m=new BIG(17);
-
- FP12 e=ate(P,Q);
- System.out.println("\ne= "+e.toString());
-
- e=fexp(e);
- // e=GTpow(e,m);
-
- System.out.println("\ne= "+e.toString());
-
- BIG [] GLV=glv(r);
-
- System.out.println("GLV[0]= "+GLV[0].toString());
- System.out.println("GLV[0]= "+GLV[1].toString());
-
- ECP G=new ECP(); G.copy(Q);
- ECP2 R=new ECP2(); R.copy(P);
-
-
- e=ate(R,Q);
- e=fexp(e);
-
- e=GTpow(e,xa);
- System.out.println("\ne= "+e.toString());
-
-
- R=G2mul(R,xa);
- e=ate(R,G);
- e=fexp(e);
-
- System.out.println("\ne= "+e.toString());
-
- G=G1mul(G,xa);
- e=ate(P,G);
- e=fexp(e);
- System.out.println("\ne= "+e.toString());
- } */
-}
-
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/java/RAND.java
----------------------------------------------------------------------
diff --git a/java/RAND.java b/java/RAND.java
deleted file mode 100755
index 1bf6be2..0000000
--- a/java/RAND.java
+++ /dev/null
@@ -1,161 +0,0 @@
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/*
- * Cryptographic strong random number generator
- *
- * Unguessable seed -> SHA -> PRNG internal state -> SHA -> random numbers
- * Slow - but secure
- *
- * See ftp://ftp.rsasecurity.com/pub/pdfs/bull-1.pdf for a justification
- */
-
-/* Marsaglia & Zaman Random number generator constants */
-
-
-public class RAND {
-/* Cryptographically strong pseudo-random number generator */
-
- private static final int NK=21;
- private static final int NJ=6;
- private static final int NV=8;
- private int[] ira=new int[NK]; /* random number... */
- private int rndptr; /* ...array & pointer */
- private int borrow;
- private int pool_ptr;
- private byte[] pool=new byte[32]; /* random pool */
-
- public RAND()
- {
- clean();
- }
-
- private int sbrand()
- { /* Marsaglia & Zaman random number generator */
- int i,k;
- long pdiff,t;
-
- rndptr++;
- if (rndptr<NK) return ira[rndptr];
- rndptr=0;
- for (i=0,k=NK-NJ;i<NK;i++,k++)
- { /* calculate next NK values */
- if (k==NK) k=0;
- t=((long)ira[k])&0xffffffffL;
- pdiff=(t - (((long)ira[i])&0xffffffffL) - (long)borrow)&0xffffffffL;
- if (pdiff<t) borrow=0;
- if (pdiff>t) borrow=1;
- ira[i]=(int)(pdiff&0xffffffffL);
- }
-
- return ira[0];
- }
-
- public void sirand(int seed)
- {
- int i,in;
- int t,m=1;
- borrow=0;
- rndptr=0;
- ira[0]^=seed;
- for (i=1;i<NK;i++)
- { /* fill initialisation vector */
- in=(NV*i)%NK;
- ira[in]^=m; /* note XOR */
- t=m;
- m=seed-m;
- seed=t;
- }
- for (i=0;i<10000;i++) sbrand(); /* "warm-up" & stir the generator */
- }
-
- private void fill_pool()
- {
- HASH sh=new HASH();
- for (int i=0;i<128;i++) sh.process(sbrand());
- pool=sh.hash();
- pool_ptr=0;
- }
-
- private static int pack(byte[] b)
- { /* pack 4 bytes into a 32-bit Word */
- return ((((int)b[3])&0xff)<<24)|(((int)b[2]&0xff)<<16)|(((int)b[1]&0xff)<<8)|((int)b[0]&0xff);
- }
-
-/* Initialize RNG with some real entropy from some external source */
- public void seed(int rawlen,byte[] raw)
- { /* initialise from at least 128 byte string of raw random entropy */
- int i;
- byte [] digest;
- byte [] b=new byte[4];
- HASH sh=new HASH();
- pool_ptr=0;
- for (i=0;i<NK;i++) ira[i]=0;
- if (rawlen>0)
- {
- for (i=0;i<rawlen;i++)
- sh.process(raw[i]);
- digest=sh.hash();
-
-/* initialise PRNG from distilled randomness */
-
- for (i=0;i<8;i++)
- {
- b[0]=digest[4*i]; b[1]=digest[4*i+1]; b[2]=digest[4*i+2]; b[3]=digest[4*i+3];
- sirand(pack(b));
- }
- }
- fill_pool();
- }
-
-/* Terminate and clean up */
- public void clean()
- { /* kill internal state */
- int i;
- pool_ptr=rndptr=0;
- for (i=0;i<32;i++) pool[i]=0;
- for (i=0;i<NK;i++) ira[i]=0;
- borrow=0;
- }
-
-/* get random byte */
- public int getByte()
- {
- int r;
- r=pool[pool_ptr++];
- if (pool_ptr>=32) fill_pool();
- return (r&0xff);
- }
-
-/* test main program */
-/*
- public static void main(String[] args) {
- int i;
- byte[] raw=new byte[100];
- RAND rng=new RAND();
-
- rng.clean();
- for (i=0;i<100;i++) raw[i]=(byte)i;
-
- rng.seed(100,raw);
-
- for (i=0;i<1000;i++)
- System.out.format("%03d ",rng.getByte());
- } */
-}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/java/ROM.java
----------------------------------------------------------------------
diff --git a/java/ROM.java b/java/ROM.java
deleted file mode 100755
index ec833d7..0000000
--- a/java/ROM.java
+++ /dev/null
@@ -1,385 +0,0 @@
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* Fixed Data in ROM - Field and Curve parameters */
-
-public class ROM
-{
-/* Don't Modify from here... */
- public static final int NOT_SPECIAL=0;
- public static final int PSEUDO_MERSENNE=1;
- public static final int MONTGOMERY_FRIENDLY=2;
- public static final int WEIERSTRASS=0;
- public static final int EDWARDS=1;
- public static final int MONTGOMERY=2;
-/* ...to here */
-
-/*** Enter Some Field details here ***/
-// BN Curve
- public static final int MODBITS=254; /* Number of bits in Modulus */
- public static final int MOD8=3; /* Modulus mod 8 */
-// Curve 25519
-// public static final int MODBITS=255;
-// public static final int MOD8=5;
-// NIST256 or Brainpool
-// public static final int MODBITS=256;
-// public static final int MOD8=7;
-// MF254
-// public static final int MODBITS=254;
-// public static final int MOD8=7;
-// MS255
-//public static final int MODBITS= 255;
-//public static final int MOD8= 3;
-// MF256
-// public static final int MODBITS=256;
-// public static final int MOD8=7;
-// MS256
-//public static final int MODBITS= 256;
-//public static final int MOD8= 3;
-// ANSSI
-// public static final int MODBITS= 256;
-// public static final int MOD8= 3;
-
-/* Don't Modify from here... */
- public static final int NLEN=9;
- public static final int CHUNK=32;
- public static final int DNLEN=2*NLEN;
- public static final int BASEBITS=29;
- public static final int MASK=(((int)1<<BASEBITS)-1);
- public static final int MODBYTES=32;
- public static final int NEXCESS =((int)1<<(CHUNK-BASEBITS-1));
- public static final int FEXCESS =((int)1<<(BASEBITS*NLEN-MODBITS));
- public static final int OMASK=(int)(-1)<<(MODBITS%BASEBITS);
- public static final int TBITS=MODBITS%BASEBITS; // Number of active bits in top word
- public static final int TMASK=((int)1<<TBITS)-1;
-/* ...to here */
-
-
-/* Finite field support - for RSA, DH etc. */
- public static final int FF_BITS=2048; /* Finite Field Size in bits - must be 256.2^n */
- public static final int FFLEN=(FF_BITS/256);
- public static final int HFLEN=(FFLEN/2); /* Useful for half-size RSA private key operations */
-
-
-// START SPECIFY FIELD DETAILS HERE
-//*********************************************************************************
-// Curve25519 Modulus
-// public static final int MODTYPE=PSEUDO_MERSENNE;
-// public static final int[] Modulus={0x1FFFFFED,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x7FFFFF};
-// public static final int MConst=19;
-
-// NIST-256 Modulus
-// public static final int MODTYPE=NOT_SPECIAL;
-// public static final int[] Modulus={0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FF,0x0,0x0,0x40000,0x1FE00000,0xFFFFFF};
-// public static final int MConst=1;
-
-// MF254 Modulus
-// public static final int MODTYPE=MONTGOMERY_FRIENDLY;
-// public static final int[] Modulus={0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x3F80FF};
-// public static final int MConst=0x3F8100;
-
-// MS255 Modulus
-//public static final int MODTYPE= 1;
-//public static final int[] Modulus= {0x1FFFFD03,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x7FFFFF};
-//public static final int MConst=0x2FD;
-
-// MS256 Modulus
-//public static final int MODTYPE= 1;
-//public static final int[] Modulus= {0x1FFFFF43,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0xFFFFFF};
-//public static final int MConst=0xBD;
-
-// MF256 Modulus
-//public static final int MODTYPE= 2;
-//public static final int[] Modulus= {0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0xFFA7FF};
-//public static final int MConst=0xFFA800;
-
-// Brainpool Modulus
-// public static final int MODTYPE= 0;
-// public static final int[] Modulus= {0x1F6E5377,0x9A40E8,0x9880A08,0x17EC47AA,0x18D726E3,0x5484EC1,0x6F0F998,0x1B743DD5,0xA9FB57};
-// public static final int MConst=0xEFD89B9;
-
-// ANSSI Modulus
-// public static final int MODTYPE= 0;
-// public static final int[] Modulus= {0x186E9C03,0x7E79A9E,0x12329B7A,0x35B7957,0x435B396,0x16F46721,0x163C4049,0x1181675A,0xF1FD17};
-// public static final int MConst=0x164E1155;
-
-
-// BNCX Curve Modulus
- public static final int MODTYPE=NOT_SPECIAL;
- public static final int[] Modulus= {0x1C1B55B3,0x13311F7A,0x24FB86F,0x1FADDC30,0x166D3243,0xFB23D31,0x836C2F7,0x10E05,0x240000};
- public static final int MConst=0x19789E85;
-
-// BN Curve Modulus
-//public static final int MODTYPE=NOT_SPECIAL;
-//public static final int[] Modulus= {0x13,0x18000000,0x4E9,0x2000000,0x8612,0x6C00000,0x6E8D1,0x10480000,0x252364};
-//public static final int MConst=0x179435E5;
-
-// BNT Curve Modulus
-//public static final int MODTYPE=NOT_SPECIAL;
-//public static final int[] Modulus= {0xEB4A713,0x14EDDFF7,0x1D192EAF,0x14AAAC29,0xD5F06E8,0x159B4B7C,0x53BE82E,0x1B6CA2E0,0x240120};
-//public static final int MConst=0x1914C4E5;
-
-// BNT2 Curve Modulus
-// public static final int MODTYPE=NOT_SPECIAL;
-// public static final int[] Modulus= {0x1460A48B,0x596E15D,0x1C35947A,0x1F27C851,0x1D00081C,0x10079DC4,0xAB6DD38,0x104821EB,0x240004};
-// public static final int MConst=0x6505CDD;
-
-// START SPECIFY CURVE DETAILS HERE
-//*********************************************************************************
-// Original Curve25519
-// public static final int CURVETYPE=MONTGOMERY;
-// public static final int CURVE_A =486662;
-// public static final int[] CURVE_B = {0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0}; // not used
-// public static final int[] CURVE_Order={0x1CF5D3ED,0x9318D2,0x1DE73596,0x1DF3BD45,0x14D,0x0,0x0,0x0,0x100000};
-// public static final int[] CURVE_Gx ={0x9,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-// public static final int[] CURVE_Gy ={0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0}; // not used
-
-
-// Ed25519 Curve
-// public static final int CURVETYPE=EDWARDS;
-// public static final int CURVE_A = -1;
-// public static final int[] CURVE_B = {0x135978A3,0xF5A6E50,0x10762ADD,0x149A82,0x1E898007,0x3CBBBC,0x19CE331D,0x1DC56DFF,0x52036C};
-// public static final int[] CURVE_Order={0x1CF5D3ED,0x9318D2,0x1DE73596,0x1DF3BD45,0x14D,0x0,0x0,0x0,0x100000};
-// public static final int[] CURVE_Gx ={0xF25D51A,0xAB16B04,0x969ECB2,0x198EC12A,0xDC5C692,0x1118FEEB,0xFFB0293,0x1A79ADCA,0x216936};
-// public static final int[] CURVE_Gy={0x6666658,0x13333333,0x19999999,0xCCCCCCC,0x6666666,0x13333333,0x19999999,0xCCCCCCC,0x666666};
-
-// WS25519 Curve
-// public static final int CURVETYPE=WEIERSTRASS;
-// public static final int CURVE_A = -3;
-// public static final int[] CURVE_B = {0x28,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-// public static final int[] CURVE_Order = {0x1728ACA1,0x8E7230C,0x10E8DCDB,0x1C1FC966,0x5D5,0x0,0x0,0x0,0x800000};
-// public static final int[] CURVE_Gx={0x14D8261F,0x23A9C3B,0x1E392613,0xE9D560D,0x19BD0F9A,0x1A9EF052,0xCFB499,0x4242BE1,0x67E3F5};
-// public static final int[] CURVE_Gy={0x1DEEF38,0x1A31963F,0x4871D5,0x16572E70,0x1DEA014C,0x1AE6A722,0x165D7907,0x1903CD0B,0x36856};
-
-// NIST-256 Curve
-// public static final int CURVETYPE=WEIERSTRASS;
-// public static final int CURVE_A = -3;
-// public static final int[] CURVE_B={0x7D2604B,0x1E71E1F1,0x14EC3D8E,0x1A0D6198,0x86BC651,0x1EAABB4C,0xF9ECFAE,0x1B154752,0x5AC635};
-// public static final int[] CURVE_Order={0x1C632551,0x1DCE5617,0x5E7A13C,0xDF55B4E,0x1FFFFBCE,0x1FFFFFFF,0x3FFFF,0x1FE00000,0xFFFFFF};
-// public static final int[] CURVE_Gx={0x1898C296,0x509CA2E,0x1ACCE83D,0x6FB025B,0x40F2770,0x1372B1D2,0x91FE2F3,0x1E5C2588,0x6B17D1};
-// public static final int[] CURVE_Gy={0x17BF51F5,0x1DB20341,0xC57B3B2,0x1C66AED6,0x19E162BC,0x15A53E07,0x1E6E3B9F,0x1C5FC34F,0x4FE342};
-//
-// MF254 Modulus, Weierstrass Curve w-254-mont
-//public static final int CURVETYPE= 0;
-//public static final int CURVE_A = -3;
-//public static final int[] CURVE_B = {0x1FFFD08D,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x3F80FF};
-//public static final int[] CURVE_Order={0xF8DF83F,0x1D20CE25,0x8DD701B,0x317D41B,0x1FFFFEB8,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x3F80FF};
-//public static final int[] CURVE_Gx ={0x2,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-//public static final int[] CURVE_Gy ={0x190D4EBC,0xB2EF9BF,0x14464C6B,0xE71C7F0,0x18AEBDFB,0xD3ADEBB,0x18052B85,0x1A6765CA,0x140E3F};
-
-// MF254 Modulus, Edwards Curve ed-254-mont
-//public static final int CURVETYPE= 1;
-//public static final int CURVE_A = -1;
-//public static final int[] CURVE_B = {0x367B,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-//public static final int[] CURVE_Order={0x46E98C7,0x179E9FF6,0x158BEC3A,0xA60D917,0x1FFFFEB9,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0xFE03F};
-//public static final int[] CURVE_Gx ={0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-//public static final int[] CURVE_Gy ={0xF2701E5,0x29687ED,0xC84861F,0x535081C,0x3F4E363,0x6A811B,0xCD65474,0x121AD498,0x19F0E6};
-
-// MF254 Modulus, Montgomery Curve
-// public static final int CURVETYPE=MONTGOMERY;
-// public static final int CURVE_A =-55790;
-// public static final int[] CURVE_B = {0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0}; // not used
-// public static final int[] CURVE_Order={0x46E98C7,0x179E9FF6,0x158BEC3A,0xA60D917,0x1FFFFEB9,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0xFE03F};
-// public static final int[] CURVE_Gx ={0x3,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-// public static final int[] CURVE_Gy ={0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0}; // not used
-
-// MS255 Modulus, Weierstrass Curve
-//public static final int CURVETYPE= 0;
-//public static final int CURVE_A = -3;
-//public static final int[] CURVE_B = {0x1FFFAB46,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x7FFFFF};
-//public static final int[] CURVE_Order={0x1C594AEB,0x1C7D64C1,0x14ACF7EA,0x14705075,0x1FFFF864,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x7FFFFF};
-//public static final int[] CURVE_Gx ={0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-//public static final int[] CURVE_Gy ={0x9CB44BA,0x199FFB3B,0x1F698345,0xD8F19BB,0x17D177DB,0x1FFCD97F,0xCE487A,0x181DB74F,0x6F7A6A};
-
-// MS255 Modulus, Edwards Curve
-//public static final int CURVETYPE= 1;
-//public static final int CURVE_A = -1;
-//public static final int[] CURVE_B = {0xEA97,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-//public static final int[] CURVE_Order={0x436EB75,0x24E8F68,0x9A0CBAB,0x34F0BDB,0x1FFFFDCF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFF};
-//public static final int[] CURVE_Gx ={0x4,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-//public static final int[] CURVE_Gy ={0x108736A0,0x11512ADE,0x1116916E,0x29715DA,0x47E5529,0x66EC706,0x1517B095,0xA694F76,0x26CB78};
-
-// MS255 Modulus, Montgomery Curve
-// public static final int CURVETYPE=MONTGOMERY;
-// public static final int CURVE_A =-240222;
-// public static final int[] CURVE_B = {0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0}; // not used
-// public static final int[] CURVE_Order={0x436EB75,0x24E8F68,0x9A0CBAB,0x34F0BDB,0x1FFFFDCF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFF};
-// public static final int[] CURVE_Gx ={0x4,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-// public static final int[] CURVE_Gy ={0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0}; // not used
-
-// MS256, Weierstrass Curve
-//public static final int CURVETYPE= 0;
-//public static final int CURVE_A = -3;
-//public static final int[] CURVE_B = {0x25581,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-//public static final int[] CURVE_Order={0x751A825,0x559014A,0x9971808,0x1904EBD4,0x1FFFFE43,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0xFFFFFF};
-//public static final int[] CURVE_Gx ={0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-//public static final int[] CURVE_Gy ={0x2B56C77,0x1FA31836,0x253B042,0x185F26EB,0xDD6BD02,0x4B66777,0x1B5FF20B,0xA783C8C,0x696F18};
-
-// MS256, Edwards Curve
-//public static final int CURVETYPE= 1;
-//public static final int CURVE_A = -1;
-//public static final int[] CURVE_B = {0x3BEE,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-//public static final int[] CURVE_Order={0x1122B4AD,0xDC27378,0x9AF1939,0x154AB5A1,0x1FFFFBE6,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x3FFFFF};
-//public static final int[] CURVE_Gx ={0xD,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-//public static final int[] CURVE_Gy ={0x131CADBA,0x3FB7DA9,0x134C0FDC,0x14DAC704,0x46BFBE2,0x1859CFD0,0x1B6E8F4C,0x3C5424E,0x7D0AB4};
-
-// MS256 Modulus, Montgomery Curve
-// public static final int CURVETYPE=MONTGOMERY;
-// public static final int CURVE_A =-61370;
-// public static final int[] CURVE_B = {0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0}; // not used
-// public static final int[] CURVE_Order={0x1122B4AD,0xDC27378,0x9AF1939,0x154AB5A1,0x1FFFFBE6,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x3FFFFF};
-// public static final int[] CURVE_Gx ={0xb,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-// public static final int[] CURVE_Gy ={0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0}; // not used
-
-// MF256 Modulus, Weierstrass Curve
-//public static final int CURVETYPE= 0;
-//public static final int CURVE_A = -3;
-//public static final int[] CURVE_B = {0x14E6A,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-//public static final int[] CURVE_Order={0x79857EB,0x8862F0D,0x1941D2E7,0x2EA27CD,0x1FFFFFC5,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0xFFA7FF};
-//public static final int[] CURVE_Gx ={0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-//public static final int[] CURVE_Gy ={0xB724D2A,0x3CAA61,0x5371984,0x128FD71B,0x1AE28956,0x1D13091E,0x339EEAE,0x10F7C301,0x20887C};
-
-// MF256, Edwards Curve
-//public static final int CURVETYPE= 1;
-//public static final int CURVE_A = -1;
-//public static final int[] CURVE_B = {0x350A,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-//public static final int[] CURVE_Order={0x18EC7BAB,0x16C976F6,0x19CCF259,0x9775F70,0x1FFFFB15,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x3FE9FF};
-//public static final int[] CURVE_Gx ={0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-//public static final int[] CURVE_Gy ={0x12F3C908,0xF553917,0x1FA9A35F,0xBCC91B,0x1AACA0C,0x1779ED96,0x156BABAF,0x1F1F1989,0xDAD8D4};
-
-// MF256 Modulus, Montgomery Curve
-// public static final int CURVETYPE=MONTGOMERY;
-// public static final int CURVE_A =-54314;
-// public static final int[] CURVE_B = {0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0}; // not used
-// public static final int[] CURVE_Order={0x18EC7BAB,0x16C976F6,0x19CCF259,0x9775F70,0x1FFFFB15,0x1FFFFFFF,0x1FFFFFFF,0x1FFFFFFF,0x3FE9FF};
-// public static final int[] CURVE_Gx ={0x8,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-// public static final int[] CURVE_Gy ={0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0}; // not used
-
-// Brainpool
-// public static final int CURVETYPE= 0;
-// public static final int CURVE_A = -3;
-// public static final int[] CURVE_B = {0x1EE92B04,0x172C080F,0xBD2495A,0x7D7895E,0x176B7BF9,0x13B99E85,0x1A93F99A,0x18861B09,0x662C61};
-// public static final int[] CURVE_Order={0x174856A7,0xF07414,0x1869BDE4,0x12F5476A,0x18D718C3,0x5484EC1,0x6F0F998,0x1B743DD5,0xA9FB57};
-// public static final int[] CURVE_Gx ={0xE1305F4,0xD0C8AB1,0xBEF0ADE,0x28588F5,0x16149AFA,0x9D91D32,0x1EDDCC88,0x79839FC,0xA3E8EB};
-// public static final int[] CURVE_Gy ={0x1B25C9BE,0xD5F479A,0x1409C007,0x196DBC73,0x417E69B,0x1170A322,0x15B5FDEC,0x10468738,0x2D996C};
-
-// ANSSI
-// public static final int CURVETYPE= 0;
-// public static final int CURVE_A = -3;
-// public static final int[] CURVE_B = {0x1B7BB73F,0x3AF6CB3,0xC68600C,0x181935C9,0xC00FDFE,0x1D3AA522,0x4C0352A,0x194A8515,0xEE353F};
-// public static final int[] CURVE_Order={0x6D655E1,0x1FEEA2CE,0x14AFE507,0x18CFC281,0x435B53D,0x16F46721,0x163C4049,0x1181675A,0xF1FD17};
-// public static final int[] CURVE_Gx ={0x198F5CFF,0x64BD16E,0x62DC059,0xFA5B95F,0x23958C2,0x1EA3A4EA,0x7ACC460,0x186AD827,0xB6B3D4};
-// public static final int[] CURVE_Gy ={0x14062CFB,0x188AD0AA,0x19327860,0x3860FD1,0xEF8C270,0x18F879F6,0x12447E49,0x1EF91640,0x6142E0};
-
-// BNCX Curve
-
- public static final int CURVETYPE=WEIERSTRASS;
- public static final int CURVE_A = 0;
- public static final int[] CURVE_B = {0x2,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
- public static final int[] CURVE_Order={0x16EB1F6D,0x108E0531,0x1241B3AF,0x1FADDC19,0x166D2C43,0xFB23D31,0x836C2F7,0x10E05,0x240000};
- public static final int[] CURVE_Bnx={0x3C012B1,0x0,0x10,0x0,0x0,0x0,0x0,0x0,0x0};
- public static final int[] CURVE_Cru={0x14235C97,0xF0498BC,0x1BE1D58C,0x1BBEC8E3,0x3F1440B,0x654,0x12000,0x0,0x0};
- public static final int[] CURVE_Fra={0x15C80EA3,0x1EC8419A,0x1CFE0856,0xEE64DE2,0x11898686,0x5C55653,0x592BF86,0x5F4C740,0x135908};
- public static final int[] CURVE_Frb={0x6534710,0x1468DDE0,0x551B018,0x10C78E4D,0x4E3ABBD,0x9ECE6DE,0x2A40371,0x1A0C46C5,0x10A6F7};
- public static final int[] CURVE_Pxa={0x4D2EC74,0x428E777,0xF89C9B0,0x190B7F40,0x14BBB907,0x12807AE1,0x958D62C,0x58E0A76,0x19682D};
- public static final int[] CURVE_Pxb={0xE29CFE1,0x1D2C7459,0x270C3D1,0x172F6184,0x19743F81,0x49BD474,0x192A8047,0x1D87C33E,0x1466B9};
- public static final int[] CURVE_Pya={0xF0BE09F,0x7DFE75E,0x1FB06CC3,0x3667B08,0xE209636,0x110ABED7,0xE376078,0x1B2E4665,0xA79ED};
- public static final int[] CURVE_Pyb={0x898EE9D,0xC825914,0x14BB7AFB,0xC9D4AD3,0x13461C28,0x122896C6,0x240D71B,0x73D9898,0x6160C};
- public static final int[] CURVE_Gx ={0x1C1B55B2,0x13311F7A,0x24FB86F,0x1FADDC30,0x166D3243,0xFB23D31,0x836C2F7,0x10E05,0x240000};
- public static final int[] CURVE_Gy ={0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
- public static final int[][] CURVE_W={{0x162FEB83,0x2A31A48,0x100E0480,0x16,0x600,0x0,0x0,0x0,0x0},{0x7802561,0x0,0x20,0x0,0x0,0x0,0x0,0x0,0x0}};
- public static final int[][][] CURVE_SB={{{0x1DB010E4,0x2A31A48,0x100E04A0,0x16,0x600,0x0,0x0,0x0,0x0},{0x7802561,0x0,0x20,0x0,0x0,0x0,0x0,0x0,0x0}},{{0x7802561,0x0,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0xBB33EA,0xDEAEAE9,0x233AF2F,0x1FADDC03,0x166D2643,0xFB23D31,0x836C2F7,0x10E05,0x240000}}};
- public static final int[][] CURVE_WB={{0x167A84B0,0xE108C2,0x1004AC10,0x7,0x200,0x0,0x0,0x0,0x0},{0x1E220475,0x166FCCAD,0x129FE68D,0x1D29DB51,0x2A0DC07,0x438,0xC000,0x0,0x0},{0xF10B93,0x1B37E657,0x194FF34E,0x1E94EDA8,0x1506E03,0x21C,0x6000,0x0,0x0},{0x1DFAAA11,0xE108C2,0x1004AC30,0x7,0x200,0x0,0x0,0x0,0x0}};
- public static final int[][][] CURVE_BB={{{0x132B0CBD,0x108E0531,0x1241B39F,0x1FADDC19,0x166D2C43,0xFB23D31,0x836C2F7,0x10E05,0x240000},{0x132B0CBC,0x108E0531,0x1241B39F,0x1FADDC19,0x166D2C43,0xFB23D31,0x836C2F7,0x10E05,0x240000},{0x132B0CBC,0x108E0531,0x1241B39F,0x1FADDC19,0x166D2C43,0xFB23D31,0x836C2F7,0x10E05,0x240000},{0x7802562,0x0,0x20,0x0,0x0,0x0,0x0,0x0,0x0}},{{0x7802561,0x0,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0x132B0CBC,0x108E0531,0x1241B39F,0x1FADDC19,0x166D2C43,0xFB23D31,0x836C2F7,0x10E05,0x240000},{0x132B0CBD,0x108E0531,0x1241B39F,0x1FADDC19,0x166D2C43,0xFB23D31,0x836C2F7,0x10E05,0x240000},{0x132B0CBC,0x108E0531,0x1241B39F,0x1FADDC19,0x166D2C43,0xFB23D31,0x836C2F7,0x10E05,0x240000}},{{0x7802562,0x0,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0x7802561,0x0,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0x7802561,0x0,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0x7802561,0x0,0x20,0x0,0x0,0x0,0x0,0x0,0x0}},{{0x3C012B2,0x0,0x10,0x0,0x0,0x0,0x0,0x0,0x0},{0xF004AC2,0x0,0x40,0x0,0x0,0x0,0x0,0x0,0x0},{0xF6AFA0A,0x108E0531,0x1
241B38F,0x1FADDC19,0x166D2C43,0xFB23D31,0x836C2F7,0x10E05,0x240000},{0x3C012B2,0x0,0x10,0x0,0x0,0x0,0x0,0x0,0x0}}};
-
- public static final boolean USE_GLV =true;
- public static final boolean USE_GS_G2 =true;
- public static final boolean USE_GS_GT =true;
- public static final boolean GT_STRONG=true;
-
-// BNT2 Curve
-/*
- public static final int CURVETYPE=WEIERSTRASS;
- public static final int CURVE_A = 0;
- public static final int[] CURVE_B = {0x2,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
- public static final int[] CURVE_Order={0x11AA2BF5,0x1FDB8D28,0xDCE0CF5,0x1F1BC24F,0x1D00021C,0x10079DC4,0xAB6DD38,0x104821EB,0x240004};
- public static final int[] CURVE_Bnx={0x608205,0x1008,0x10,0x0,0x0,0x0,0x0,0x0,0x0};
- public static final int[] CURVE_Cru={0x866BD33,0x1A813A22,0x591C3BE,0xAB6EE60,0x1ECF2367,0x361B0BD,0x12000,0x0,0x0};
- public static final int[] CURVE_Fra={0x13AEF062,0x1593464B,0x10EF3924,0x198D3667,0x17F195BB,0xFB3FD1,0xADAF429,0x11A53D19,0x124E0B};
- public static final int[] CURVE_Frb={0xB1B429,0x10039B12,0xB465B55,0x59A91EA,0x50E7261,0xF0C5DF3,0x1FDBE90F,0x1EA2E4D1,0x11B1F8};
- public static final int[] CURVE_Pxa={0x1F40A3C8,0x166491CC,0x19845E12,0xB9B49D2,0x161706B3,0xBBD82B4,0x18C609E7,0x19F2D278,0x16FC17};
- public static final int[] CURVE_Pxb={0x18549540,0x2ABD456,0x1D944184,0x16DEF7CD,0x1A95D17D,0x42B2C83,0x16427206,0x17AB2E,0x1EB5B5};
- public static final int[] CURVE_Pya={0x14220513,0x3DF6628,0x39CDEC5,0x894F10C,0x135F1268,0x1D28DC1C,0xAAA7537,0x130EC284,0x1E8EE4};
- public static final int[] CURVE_Pyb={0x177CE78E,0x1DC9947A,0x1BE95E07,0x1D6E8DC4,0x1FB8E27,0x1B549EDE,0xF6E8A75,0x19B75C67,0x23CEF4};
- public static final int[] CURVE_Gx ={0x1460A48A,0x596E15D,0x1C35947A,0x1F27C851,0x1D00081C,0x10079DC4,0xAB6DD38,0x104821EB,0x240004};
- public static final int[] CURVE_Gy ={0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
- public static final int[][] CURVE_W={{0x1347083,0x5BB1415,0xE678744,0xC0602,0x600,0x0,0x0,0x0,0x0},{0xC10409,0x2010,0x20,0x0,0x0,0x0,0x0,0x0,0x0}};
- public static final int[][][] CURVE_SB={{{0x1F5748C,0x5BB3425,0xE678764,0xC0602,0x600,0x0,0x0,0x0,0x0},{0xC10409,0x2010,0x20,0x0,0x0,0x0,0x0,0x0,0x0}},{{0xC10409,0x2010,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0x1075BB72,0x1A207913,0x1F6685B1,0x1F0FBC4C,0x1CFFFC1C,0x10079DC4,0xAB6DD38,0x104821EB,0x240004}}};
- public static final int[][] CURVE_WB={{0xA70A224,0xC9396A4,0x1A228251,0x40200,0x200,0x0,0x0,0x0,0x0},{0x1030EF19,0xAD2B967,0xD50DC87,0x72CA2EC,0x148A1B9A,0x241207E,0xC000,0x0,0x0},{0x1848B88F,0x156964B7,0x6A86E4B,0x3965176,0xA450DCD,0x120903F,0x6000,0x0,0x0},{0xB31A62D,0xC93B6B4,0x1A228271,0x40200,0x200,0x0,0x0,0x0,0x0}};
- public static final int[][][] CURVE_BB={{{0x1149A9F1,0x1FDB7D20,0xDCE0CE5,0x1F1BC24F,0x1D00021C,0x10079DC4,0xAB6DD38,0x104821EB,0x240004},{0x1149A9F0,0x1FDB7D20,0xDCE0CE5,0x1F1BC24F,0x1D00021C,0x10079DC4,0xAB6DD38,0x104821EB,0x240004},{0x1149A9F0,0x1FDB7D20,0xDCE0CE5,0x1F1BC24F,0x1D00021C,0x10079DC4,0xAB6DD38,0x104821EB,0x240004},{0xC1040A,0x2010,0x20,0x0,0x0,0x0,0x0,0x0,0x0}},{{0xC10409,0x2010,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0x1149A9F0,0x1FDB7D20,0xDCE0CE5,0x1F1BC24F,0x1D00021C,0x10079DC4,0xAB6DD38,0x104821EB,0x240004},{0x1149A9F1,0x1FDB7D20,0xDCE0CE5,0x1F1BC24F,0x1D00021C,0x10079DC4,0xAB6DD38,0x104821EB,0x240004},{0x1149A9F0,0x1FDB7D20,0xDCE0CE5,0x1F1BC24F,0x1D00021C,0x10079DC4,0xAB6DD38,0x104821EB,0x240004}},{{0xC1040A,0x2010,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0xC10409,0x2010,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0xC10409,0x2010,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0xC10409,0x2010,0x20,0x0,0x0,0x0,0x0,0x0,0x0}},{{0x608206,0x1008,0x10,0x0,0x0,0x0,0x0,0x0,0x0},{0x1820812,0x4020,0x40,0x0,0x0,0x0,0x0
,0x0,0x0},{0x10E927EA,0x1FDB6D18,0xDCE0CD5,0x1F1BC24F,0x1D00021C,0x10079DC4,0xAB6DD38,0x104821EB,0x240004},{0x608206,0x1008,0x10,0x0,0x0,0x0,0x0,0x0,0x0}}};
-*/
-
-// BN Curve
-/*
-public static final int CURVETYPE=WEIERSTRASS;
-public static final int CURVE_A = 0;
-public static final int[] CURVE_B = {0x2,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-public static final int[] CURVE_Order={0xD,0x8000000,0x428,0x1F000000,0x7FF9,0x6C00000,0x6E8D1,0x10480000,0x252364};
-public static final int[] CURVE_Bnx={0x1,0x4000000,0x10,0x0,0x0,0x0,0x0,0x0,0x0};
-public static final int[] CURVE_Cru={0x7,0xC000000,0x1B3,0x12000000,0x2490,0x11200000,0x126CD,0x0,0x0};
-public static final int[] CURVE_Fra={0xF2A6DE9,0xBEF3603,0xFDDF0B8,0x12E9249A,0x953F850,0xDA85423,0x1232D926,0x32425CF,0x1B3776};
-public static final int[] CURVE_Frb={0x10D5922A,0xC10C9FC,0x10221431,0xF16DB65,0x16AC8DC1,0x1917ABDC,0xDD40FAA,0xD23DA30,0x9EBEE};
-public static final int[] CURVE_Pxa={0x15FD0CB4,0x1D5963C9,0x1F315F0A,0xBC633C9,0x1763B05A,0x1B927B6F,0x1FA8CD7E,0x1A9EABD4,0x95B04};
-public static final int[] CURVE_Pxb={0x10962455,0x503E83C,0x9EA978E,0x1B0D7C7A,0x147F39D6,0x1FC4F02B,0x1ED2750A,0x14F81068,0x5D4D8};
-public static final int[] CURVE_Pya={0x1A08A46C,0xD6E7343,0x290647E,0x105661D3,0xB1F1690,0xE261BC2,0x4FE85B4,0x17E4BCA6,0xABF2A};
-public static final int[] CURVE_Pyb={0x5F306EC,0x16FC46A0,0x1744E839,0x9040ED5,0x19D6A5C0,0x138F23C0,0xAF6CE18,0x10FCCF3B,0x18769A};
-public static final int[] CURVE_Gx ={0x12,0x18000000,0x4E9,0x2000000,0x8612,0x6C00000,0x6E8D1,0x10480000,0x252364};
-public static final int[] CURVE_Gy ={0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-public static final int[][] CURVE_W={{0x3,0x0,0x81,0x3000000,0x618,0x0,0x0,0x0,0x0},{0x1,0x8000000,0x20,0x0,0x0,0x0,0x0,0x0,0x0}};
-public static final int[][][] CURVE_SB={{{0x4,0x8000000,0xA1,0x3000000,0x618,0x0,0x0,0x0,0x0},{0x1,0x8000000,0x20,0x0,0x0,0x0,0x0,0x0,0x0}},{{0x1,0x8000000,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0xA,0x8000000,0x3A7,0x1C000000,0x79E1,0x6C00000,0x6E8D1,0x10480000,0x252364}}};
-public static final int[][] CURVE_WB={{0x0,0x4000000,0x10,0x1000000,0x208,0x0,0x0,0x0,0x0},{0x5,0x14000000,0x152,0xE000000,0x1C70,0xC00000,0xC489,0x0,0x0},{0x3,0xC000000,0xB1,0x7000000,0xE38,0x10600000,0x6244,0x0,0x0},{0x1,0xC000000,0x30,0x1000000,0x208,0x0,0x0,0x0,0x0}};
-public static final int[][][] CURVE_BB={{{0xD,0x4000000,0x418,0x1F000000,0x7FF9,0x6C00000,0x6E8D1,0x10480000,0x252364},{0xC,0x4000000,0x418,0x1F000000,0x7FF9,0x6C00000,0x6E8D1,0x10480000,0x252364},{0xC,0x4000000,0x418,0x1F000000,0x7FF9,0x6C00000,0x6E8D1,0x10480000,0x252364},{0x2,0x8000000,0x20,0x0,0x0,0x0,0x0,0x0,0x0}},{{0x1,0x8000000,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0xC,0x4000000,0x418,0x1F000000,0x7FF9,0x6C00000,0x6E8D1,0x10480000,0x252364},{0xD,0x4000000,0x418,0x1F000000,0x7FF9,0x6C00000,0x6E8D1,0x10480000,0x252364},{0xC,0x4000000,0x418,0x1F000000,0x7FF9,0x6C00000,0x6E8D1,0x10480000,0x252364}},{{0x2,0x8000000,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0x1,0x8000000,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0x1,0x8000000,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0x1,0x8000000,0x20,0x0,0x0,0x0,0x0,0x0,0x0}},{{0x2,0x4000000,0x10,0x0,0x0,0x0,0x0,0x0,0x0},{0x2,0x10000000,0x40,0x0,0x0,0x0,0x0,0x0,0x0},{0xA,0x0,0x408,0x1F000000,0x7FF9,0x6C00000,0x6E8D1,0x10480000,0x252364},{0x2,0x4000000,0x10,0x0,0x0,0x0,0x0,0x0,0x0}}};
-
-*/
-
-// BNT Curve
-/*
-public static final int CURVETYPE=WEIERSTRASS;
-public static final int CURVE_A = 0;
-public static final int[] CURVE_B = {0x2,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-public static final int[] CURVE_Order={0xD30210D,0x13ABBBF4,0xCB2CD8E,0x11A86925,0xD5F00E8,0x159B4B7C,0x53BE82E,0x1B6CA2E0,0x240120};
-public static final int[] CURVE_Bnx={0x4081,0x40300,0x10,0x0,0x0,0x0,0x0,0x0,0x0};
-public static final int[] CURVE_Cru={0xB4FCD87,0xF5A9EAD,0xEAC47EB,0x19054BE5,0x104C9764,0x18A3B28A,0x12006,0x0,0x0};
-public static final int[] CURVE_Fra={0xDC80022,0xFAE8A75,0x1EB338D6,0x189209AD,0x13211BE6,0x4F8C850,0x10E53D94,0x12593778,0x1328A2};
-public static final int[] CURVE_Frb={0xECA6F1,0x53F5582,0x1E65F5D9,0x1C18A27B,0x1A3DEB01,0x10A2832B,0x1456AA9A,0x9136B67,0x10D87E};
-public static final int[] CURVE_Pxa={0x88E65BB,0x144C3F11,0xA98C4EF,0x18015A39,0x1548B7CC,0xA992820,0xE7AF301,0x19A09826,0x14483F};
-public static final int[] CURVE_Pxb={0x8DBE2C0,0x133C4440,0x78D214E,0xAFFC3F0,0x51B57B9,0x285318D,0xC0B68FF,0x166709D8,0x87F46};
-public static final int[] CURVE_Pya={0x20CA1D,0x101623F,0xE67CDB,0x19682CFD,0x19F72C94,0x14E372A1,0xF5D28B1,0x13820561,0x14E8C2};
-public static final int[] CURVE_Pyb={0x116628F2,0x1EC21BE3,0xF2DF71A,0x144FC2CF,0x172681D0,0xC54163A,0xF47B7B0,0x148C48A9,0x17AFE2};
-public static final int[] CURVE_Gx ={0xEB4A712,0x14EDDFF7,0x1D192EAF,0x14AAAC29,0xD5F06E8,0x159B4B7C,0x53BE82E,0x1B6CA2E0,0x240120};
-public static final int[] CURVE_Gy ={0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x0};
-public static final int[][] CURVE_W={{0x1838403,0x1321803,0x106660E1,0x3024304,0x600,0x0,0x0,0x0,0x0},{0x8101,0x80600,0x20,0x0,0x0,0x0,0x0,0x0,0x0}};
-public static final int[][][] CURVE_SB={{{0x1840504,0x13A1E03,0x10666101,0x3024304,0x600,0x0,0x0,0x0,0x0},{0x8101,0x80600,0x20,0x0,0x0,0x0,0x0,0x0,0x0}},{{0x8101,0x80600,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0xBAC9D0A,0x1279A3F1,0x1C4C6CAD,0xEA62620,0xD5EFAE8,0x159B4B7C,0x53BE82E,0x1B6CA2E0,0x240120}}};
-public static final int[][] CURVE_WB={{0x80C080,0xB0A0301,0x10222030,0x100C101,0x200,0x0,0x0,0x0,0x0},{0x88C4A85,0x15A9C820,0x14B71B0D,0x1D5A5F46,0x158868ED,0x106D21B1,0xC004,0x0,0x0},{0x4464583,0x1AD6E590,0xA5B8D8E,0x1EAD2FA3,0x1AC43476,0x83690D8,0x6002,0x0,0x0},{0x814181,0xB120901,0x10222050,0x100C101,0x200,0x0,0x0,0x0,0x0}};
-public static final int[][][] CURVE_BB={{{0xD2FE08D,0x13A7B8F4,0xCB2CD7E,0x11A86925,0xD5F00E8,0x159B4B7C,0x53BE82E,0x1B6CA2E0,0x240120},{0xD2FE08C,0x13A7B8F4,0xCB2CD7E,0x11A86925,0xD5F00E8,0x159B4B7C,0x53BE82E,0x1B6CA2E0,0x240120},{0xD2FE08C,0x13A7B8F4,0xCB2CD7E,0x11A86925,0xD5F00E8,0x159B4B7C,0x53BE82E,0x1B6CA2E0,0x240120},{0x8102,0x80600,0x20,0x0,0x0,0x0,0x0,0x0,0x0}},{{0x8101,0x80600,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0xD2FE08C,0x13A7B8F4,0xCB2CD7E,0x11A86925,0xD5F00E8,0x159B4B7C,0x53BE82E,0x1B6CA2E0,0x240120},{0xD2FE08D,0x13A7B8F4,0xCB2CD7E,0x11A86925,0xD5F00E8,0x159B4B7C,0x53BE82E,0x1B6CA2E0,0x240120},{0xD2FE08C,0x13A7B8F4,0xCB2CD7E,0x11A86925,0xD5F00E8,0x159B4B7C,0x53BE82E,0x1B6CA2E0,0x240120}},{{0x8102,0x80600,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0x8101,0x80600,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0x8101,0x80600,0x20,0x0,0x0,0x0,0x0,0x0,0x0},{0x8101,0x80600,0x20,0x0,0x0,0x0,0x0,0x0,0x0}},{{0x4082,0x40300,0x10,0x0,0x0,0x0,0x0,0x0,0x0},{0x10202,0x100C00,0x40,0x0,0x0,0x0,0x0,0x0,0x0},{0xD2FA00A
,0x13A3B5F4,0xCB2CD6E,0x11A86925,0xD5F00E8,0x159B4B7C,0x53BE82E,0x1B6CA2E0,0x240120},{0x4082,0x40300,0x10,0x0,0x0,0x0,0x0,0x0,0x0}}};
-
-*/
- //public static boolean debug=false;
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/java/RSA.java
----------------------------------------------------------------------
diff --git a/java/RSA.java b/java/RSA.java
deleted file mode 100755
index 53549c5..0000000
--- a/java/RSA.java
+++ /dev/null
@@ -1,318 +0,0 @@
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* RSA API high-level functions */
-
-final class rsa_private_key
-{
- public FF p,q,dp,dq,c;
-
- public rsa_private_key(int n)
- {
- p=new FF(n);
- q=new FF(n);
- dp=new FF(n);
- dq=new FF(n);
- c=new FF(n);
- }
-}
-
-final class rsa_public_key
-{
- public int e;
- public FF n;
-
- public rsa_public_key(int m)
- {
- e=0;
- n=new FF(m);
- }
-}
-
-public final class RSA {
-
- public static final int RFS=ROM.MODBYTES*ROM.FFLEN;
-
-/* generate an RSA key pair */
-
- public static void KEY_PAIR(RAND rng,int e,rsa_private_key PRIV,rsa_public_key PUB)
- { /* IEEE1363 A16.11/A16.12 more or less */
-
- int n=PUB.n.getlen()/2;
- FF t = new FF(n);
- FF p1=new FF(n);
- FF q1=new FF(n);
-
- for (;;)
- {
-
- PRIV.p.random(rng);
- while (PRIV.p.lastbits(2)!=3) PRIV.p.inc(1);
- while (!FF.prime(PRIV.p,rng)) PRIV.p.inc(4);
-
- p1.copy(PRIV.p);
- p1.dec(1);
-
- if (p1.cfactor(e)) continue;
- break;
- }
-
- for (;;)
- {
- PRIV.q.random(rng);
- while (PRIV.q.lastbits(2)!=3) PRIV.q.inc(1);
- while (!FF.prime(PRIV.q,rng)) PRIV.q.inc(4);
-
- q1.copy(PRIV.q);
- q1.dec(1);
-
- if (q1.cfactor(e)) continue;
-
- break;
- }
-
- PUB.n=FF.mul(PRIV.p,PRIV.q);
- PUB.e=e;
-
- t.copy(p1);
- t.shr();
- PRIV.dp.set(e);
- PRIV.dp.invmodp(t);
- if (PRIV.dp.parity()==0) PRIV.dp.add(t);
- PRIV.dp.norm();
-
- t.copy(q1);
- t.shr();
- PRIV.dq.set(e);
- PRIV.dq.invmodp(t);
- if (PRIV.dq.parity()==0) PRIV.dq.add(t);
- PRIV.dq.norm();
-
- PRIV.c.copy(PRIV.p);
- PRIV.c.invmodp(PRIV.q);
-
- return;
- }
-
-/* Mask Generation Function */
-
- public static void MGF1(byte[] Z,int olen,byte[] K)
- {
- HASH H=new HASH();
- int hlen=HASH.len;
- byte[] B=new byte[hlen];
-
- int counter,cthreshold,k=0;
- for (int i=0;i<K.length;i++) K[i]=0;
-
- cthreshold=olen/hlen; if (olen%hlen!=0) cthreshold++;
- for (counter=0;counter<cthreshold;counter++)
- {
- H.process_array(Z); H.process_num(counter);
- B=H.hash();
-
- if (k+hlen>olen) for (int i=0;i<olen%hlen;i++) K[k++]=B[i];
- else for (int i=0;i<hlen;i++) K[k++]=B[i];
- }
- }
-
- public static void printBinary(byte[] array)
- {
- int i;
- for (i=0;i<array.length;i++)
- {
- System.out.printf("%02x", array[i]);
- }
- System.out.println();
- }
-
- /* OAEP Message Encoding for Encryption */
- public static byte[] OAEP_ENCODE(byte[] m,RAND rng,byte[] p)
- {
- int i,slen,olen=RFS-1;
- int mlen=m.length;
- int hlen,seedlen;
- byte[] f=new byte[RFS];
-
- HASH H=new HASH();
- hlen=HASH.len;
- byte[] SEED=new byte[hlen];
- seedlen=hlen;
- if (mlen>olen-hlen-seedlen-1) return new byte[0];
-
- byte[] DBMASK=new byte[olen-seedlen];
-
- if (p!=null) H.process_array(p);
- byte[] h=H.hash();
- for (i=0;i<hlen;i++) f[i]=h[i];
-
- slen=olen-mlen-hlen-seedlen-1;
-
- for (i=0;i<slen;i++) f[hlen+i]=0;
- f[hlen+slen]=1;
- for (i=0;i<mlen;i++) f[hlen+slen+1+i]=m[i];
-
- for (i=0;i<seedlen;i++) SEED[i]=(byte)rng.getByte();
- MGF1(SEED,olen-seedlen,DBMASK);
-
- for (i=0;i<olen-seedlen;i++) DBMASK[i]^=f[i];
- MGF1(DBMASK,seedlen,f);
-
- for (i=0;i<seedlen;i++) f[i]^=SEED[i];
-
- for (i=0;i<olen-seedlen;i++) f[i+seedlen]=DBMASK[i];
-
- /* pad to length RFS */
- int d=1;
- for (i=RFS-1;i>=d;i--)
- f[i]=f[i-d];
- for (i=d-1;i>=0;i--)
- f[i]=0;
-
- return f;
- }
-
- /* OAEP Message Decoding for Decryption */
- public static byte[] OAEP_DECODE(byte[] p,byte[] f)
- {
- int x,t;
- boolean comp;
- int i,k,olen=RFS-1;
- int hlen,seedlen;
-
- HASH H=new HASH();
- hlen=HASH.len;
- byte[] SEED=new byte[hlen];
- seedlen=hlen;
- byte[] CHASH=new byte[hlen];
-
- if (olen<seedlen+hlen+1) return new byte[0];
- byte[] DBMASK=new byte[olen-seedlen];
- for (i=0;i<olen-seedlen;i++) DBMASK[i]=0;
-
- if (f.length<RFS)
- {
- int d=RFS-f.length;
- for (i=RFS-1;i>=d;i--)
- f[i]=f[i-d];
- for (i=d-1;i>=0;i--)
- f[i]=0;
-
- }
-
- if (p!=null) H.process_array(p);
- byte[] h=H.hash();
- for (i=0;i<hlen;i++) CHASH[i]=h[i];
-
- x=f[0];
-
- for (i=seedlen;i<olen;i++)
- DBMASK[i-seedlen]=f[i+1];
-
- MGF1(DBMASK,seedlen,SEED);
- for (i=0;i<seedlen;i++) SEED[i]^=f[i+1];
- MGF1(SEED,olen-seedlen,f);
- for (i=0;i<olen-seedlen;i++) DBMASK[i]^=f[i];
-
- comp=true;
- for (i=0;i<hlen;i++)
- {
- if (CHASH[i]!=DBMASK[i]) comp=false;
- }
-
- for (i=0;i<olen-seedlen-hlen;i++)
- DBMASK[i]=DBMASK[i+hlen];
-
- for (i=0;i<hlen;i++)
- SEED[i]=CHASH[i]=0;
-
- for (k=0;;k++)
- {
- if (k>=olen-seedlen-hlen) return new byte[0];
- if (DBMASK[k]!=0) break;
- }
-
- t=DBMASK[k];
- if (!comp || x!=0 || t!=0x01)
- {
- for (i=0;i<olen-seedlen;i++) DBMASK[i]=0;
- return new byte[0];
- }
-
- byte[] r=new byte[olen-seedlen-hlen-k-1];
-
- for (i=0;i<olen-seedlen-hlen-k-1;i++)
- r[i]=DBMASK[i+k+1];
-
- for (i=0;i<olen-seedlen;i++) DBMASK[i]=0;
-
- return r;
- }
-
- /* destroy the Private Key structure */
- public static void PRIVATE_KEY_KILL(rsa_private_key PRIV)
- {
- PRIV.p.zero();
- PRIV.q.zero();
- PRIV.dp.zero();
- PRIV.dq.zero();
- PRIV.c.zero();
- }
-
- /* RSA encryption with the public key */
- public static void ENCRYPT(rsa_public_key PUB,byte[] F,byte[] G)
- {
- int n=PUB.n.getlen();
- FF f=new FF(n);
-
- FF.fromBytes(f,F);
- f.power(PUB.e,PUB.n);
- f.toBytes(G);
- }
-
- /* RSA decryption with the private key */
- public static void DECRYPT(rsa_private_key PRIV,byte[] G,byte[] F)
- {
- int n=PRIV.p.getlen();
- FF g=new FF(2*n);
-
- FF.fromBytes(g,G);
- FF jp=g.dmod(PRIV.p);
- FF jq=g.dmod(PRIV.q);
-
- jp.skpow(PRIV.dp,PRIV.p);
- jq.skpow(PRIV.dq,PRIV.q);
-
- g.zero();
- g.dscopy(jp);
- jp.mod(PRIV.q);
- if (FF.comp(jp,jq)>0) jq.add(PRIV.q);
- jq.sub(jp);
- jq.norm();
-
- FF t=FF.mul(PRIV.c,jq);
- jq=t.dmod(PRIV.q);
-
- t=FF.mul(jq,PRIV.p);
- g.add(t);
- g.norm();
-
- g.toBytes(F);
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/java/TestECDH.java
----------------------------------------------------------------------
diff --git a/java/TestECDH.java b/java/TestECDH.java
deleted file mode 100755
index 3027f12..0000000
--- a/java/TestECDH.java
+++ /dev/null
@@ -1,175 +0,0 @@
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* test driver and function exerciser for ECDH/ECIES/ECDSA API Functions */
-
-public class TestECDH
-{
- public static void printBinary(byte[] array)
- {
- int i;
- for (i=0;i<array.length;i++)
- {
- System.out.printf("%02x", array[i]);
- }
- System.out.println();
- }
-
- public static void main(String[] args)
- {
- int i,j=0,res;
- int result;
- String pp=new String("M0ng00se");
-
- int EGS=ECDH.EGS;
- int EFS=ECDH.EFS;
- int EAS=AES.KS;
-
- byte[] S1=new byte[EGS];
- byte[] W0=new byte[2*EFS+1];
- byte[] W1=new byte[2*EFS+1];
- byte[] Z0=new byte[EFS];
- byte[] Z1=new byte[EFS];
- byte[] RAW=new byte[100];
- byte[] SALT=new byte[8];
- byte[] P1=new byte[3];
- byte[] P2=new byte[4];
- byte[] V=new byte[2*EFS+1];
- byte[] M=new byte[17];
- byte[] T=new byte[12];
- byte[] CS=new byte[EGS];
- byte[] DS=new byte[EGS];
-
- RAND rng=new RAND();
-
- rng.clean();
- for (i=0;i<100;i++) RAW[i]=(byte)(i);
-
- rng.seed(100,RAW);
-
-//for (j=0;j<100;j++)
-//{
-
- for (i=0;i<8;i++) SALT[i]=(byte)(i+1); // set Salt
-
- System.out.println("Alice's Passphrase= "+pp);
- byte[] PW=pp.getBytes();
-
-/* private key S0 of size EGS bytes derived from Password and Salt */
-
- byte[] S0=ECDH.PBKDF2(PW,SALT,1000,EGS);
-
- System.out.print("Alice's private key= 0x");
- printBinary(S0);
-
-/* Generate Key pair S/W */
- ECDH.KEY_PAIR_GENERATE(null,S0,W0);
-
- System.out.print("Alice's public key= 0x");
- printBinary(W0);
-
- res=ECDH.PUBLIC_KEY_VALIDATE(true,W0);
- if (res!=0)
- {
- System.out.println("ECP Public Key is invalid!\n");
- return;
- }
-/* Random private key for other party */
- ECDH.KEY_PAIR_GENERATE(rng,S1,W1);
-
- System.out.print("Servers private key= 0x");
- printBinary(S1);
-
- System.out.print("Servers public key= 0x");
- printBinary(W1);
-
-
- res=ECDH.PUBLIC_KEY_VALIDATE(true,W1);
- if (res!=0)
- {
- System.out.print("ECP Public Key is invalid!\n");
- return;
- }
-
-/* Calculate common key using DH - IEEE 1363 method */
-
- ECDH.ECPSVDP_DH(S0,W1,Z0);
- ECDH.ECPSVDP_DH(S1,W0,Z1);
-
- boolean same=true;
- for (i=0;i<EFS;i++)
- if (Z0[i]!=Z1[i]) same=false;
-
- if (!same)
- {
- System.out.println("*** ECPSVDP-DH Failed");
- return;
- }
-
- byte[] KEY=ECDH.KDF1(Z0,EAS);
-
- System.out.print("Alice's DH Key= 0x"); printBinary(KEY);
- System.out.print("Servers DH Key= 0x"); printBinary(KEY);
-
- System.out.println("Testing ECIES");
-
- P1[0]=0x0; P1[1]=0x1; P1[2]=0x2;
- P2[0]=0x0; P2[1]=0x1; P2[2]=0x2; P2[3]=0x3;
-
- for (i=0;i<=16;i++) M[i]=(byte)i;
-
- byte[] C=ECDH.ECIES_ENCRYPT(P1,P2,rng,W1,M,V,T);
-
- System.out.println("Ciphertext= ");
- System.out.print("V= 0x"); printBinary(V);
- System.out.print("C= 0x"); printBinary(C);
- System.out.print("T= 0x"); printBinary(T);
-
-
- M=ECDH.ECIES_DECRYPT(P1,P2,V,C,T,S1);
- if (M.length==0)
- {
- System.out.println("*** ECIES Decryption Failed\n");
- return;
- }
- else System.out.println("Decryption succeeded");
-
- System.out.print("Message is 0x"); printBinary(M);
-
- System.out.println("Testing ECDSA");
-
- if (ECDH.ECPSP_DSA(rng,S0,M,CS,DS)!=0)
- {
- System.out.println("***ECDSA Signature Failed");
- return;
- }
- System.out.println("Signature= ");
- System.out.print("C= 0x"); printBinary(CS);
- System.out.print("D= 0x"); printBinary(DS);
-
- if (ECDH.ECPVP_DSA(W0,M,CS,DS)!=0)
- {
- System.out.println("***ECDSA Verification Failed");
- return;
- }
- else System.out.println("ECDSA Signature/Verification succeeded "+j);
-//}
-//System.out.println("Test Completed Successfully");
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/java/TestECM.java
----------------------------------------------------------------------
diff --git a/java/TestECM.java b/java/TestECM.java
deleted file mode 100755
index b0a07a1..0000000
--- a/java/TestECM.java
+++ /dev/null
@@ -1,126 +0,0 @@
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* test driver and function exerciser for ECDH API Function only - for use with Montgomery curves */
-
-public class TestECM
-{
- public static void printBinary(byte[] array)
- {
- int i;
- for (i=0;i<array.length;i++)
- {
- System.out.printf("%02x", array[i]);
- }
- System.out.println();
- }
-
- public static void main(String[] args)
- {
- int i,j=0,res;
- int result;
- String pp=new String("M0ng00se");
-
- int EGS=ECDH.EGS;
- int EFS=ECDH.EFS;
- int EAS=AES.KS;
-
- byte[] S1=new byte[EGS];
- byte[] W0=new byte[2*EFS+1];
- byte[] W1=new byte[2*EFS+1];
- byte[] Z0=new byte[EFS];
- byte[] Z1=new byte[EFS];
- byte[] RAW=new byte[100];
- byte[] SALT=new byte[8];
-
- RAND rng=new RAND();
-
- rng.clean();
- for (i=0;i<100;i++) RAW[i]=(byte)(i);
-
- rng.seed(100,RAW);
-
-//for (j=0;j<100;j++)
-//{
-
- for (i=0;i<8;i++) SALT[i]=(byte)(i+1); // set Salt
-
- System.out.println("Alice's Passphrase= "+pp);
- byte[] PW=pp.getBytes();
-
-/* private key S0 of size EGS bytes derived from Password and Salt */
-
- byte[] S0=ECDH.PBKDF2(PW,SALT,1000,EGS);
-
- System.out.print("Alice's private key= 0x");
- printBinary(S0);
-
-/* Generate Key pair S/W */
- ECDH.KEY_PAIR_GENERATE(null,S0,W0);
-
- System.out.print("Alice's public key= 0x");
- printBinary(W0);
-
- res=ECDH.PUBLIC_KEY_VALIDATE(true,W0);
- if (res!=0)
- {
- System.out.println("Alice's public Key is invalid!\n");
- return;
- }
-/* Random private key for other party */
- ECDH.KEY_PAIR_GENERATE(rng,S1,W1);
-
- System.out.print("Servers private key= 0x");
- printBinary(S1);
-
- System.out.print("Servers public key= 0x");
- printBinary(W1);
-
-
- res=ECDH.PUBLIC_KEY_VALIDATE(true,W1);
- if (res!=0)
- {
- System.out.print("Server's public Key is invalid!\n");
- return;
- }
-
-/* Calculate common key using DH - IEEE 1363 method */
-
- ECDH.ECPSVDP_DH(S0,W1,Z0);
- ECDH.ECPSVDP_DH(S1,W0,Z1);
-
- boolean same=true;
- for (i=0;i<EFS;i++)
- if (Z0[i]!=Z1[i]) same=false;
-
- if (!same)
- {
- System.out.println("*** ECPSVDP-DH Failed");
- return;
- }
-
- byte[] KEY=ECDH.KDF1(Z0,EAS);
-
- System.out.print("Alice's DH Key= 0x"); printBinary(KEY);
- System.out.print("Servers DH Key= 0x"); printBinary(KEY);
-
-//}
-//System.out.println("Test Completed Successfully");
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/java/TestMPIN.java
----------------------------------------------------------------------
diff --git a/java/TestMPIN.java b/java/TestMPIN.java
deleted file mode 100755
index 4d4090c..0000000
--- a/java/TestMPIN.java
+++ /dev/null
@@ -1,262 +0,0 @@
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* test driver and function exerciser for MPIN API Functions */
-
-import java.util.Date;
-import java.util.Scanner;
-
-public class TestMPIN
-{
- static boolean PERMITS=true;
- static boolean PINERROR=true;
- static boolean FULL=false;
- static boolean SINGLE_PASS=false;
-
- static void printBinary(byte[] array)
- {
- int i;
- for (i=0;i<array.length;i++)
- {
- System.out.printf("%02x", array[i]);
- }
- System.out.println();
- }
-
- public static void main(String[] args) {
- RAND rng=new RAND();
- byte[] raw=new byte[100];
- for (int i=0;i<100;i++) raw[i]=(byte)(i+1);
- rng.seed(100,raw);
-
- int EGS=MPIN.EGS;
- int EFS=MPIN.EFS;
- int G1S=2*EFS+1; /* Group 1 Size */
- int G2S=4*EFS; /* Group 2 Size */
- int EAS=16;
-
- byte[] S=new byte[EGS];
- byte[] SST = new byte[G2S];
- byte[] TOKEN = new byte[G1S];
- byte[] PERMIT = new byte[G1S];
- byte[] SEC = new byte[G1S];
- byte[] xID = new byte[G1S];
- byte[] xCID = new byte[G1S];
- byte[] X= new byte[EGS];
- byte[] Y= new byte[EGS];
- byte[] E=new byte[12*EFS];
- byte[] F=new byte[12*EFS];
- byte[] HID=new byte[G1S];
- byte[] HTID=new byte[G1S];
-
- byte[] G1=new byte[12*EFS];
- byte[] G2=new byte[12*EFS];
- byte[] R=new byte[EGS];
- byte[] Z=new byte[G1S];
- byte[] W=new byte[EGS];
- byte[] T=new byte[G1S];
- byte[] CK=new byte[EAS];
- byte[] SK=new byte[EAS];
-
-/* Trusted Authority set-up */
-
- MPIN.RANDOM_GENERATE(rng,S);
- System.out.print("Master Secret s: 0x"); printBinary(S);
-
- /* Create Client Identity */
- String IDstr = "testUser@miracl.com";
- byte[] CLIENT_ID = IDstr.getBytes();
-
- byte[] HCID=MPIN.HASH_ID(CLIENT_ID); /* Either Client or TA calculates Hash(ID) - you decide! */
-
- System.out.print("Client ID= "); printBinary(CLIENT_ID);
-
-/* Client and Server are issued secrets by DTA */
- MPIN.GET_SERVER_SECRET(S,SST);
- System.out.print("Server Secret SS: 0x"); printBinary(SST);
-
- MPIN.GET_CLIENT_SECRET(S,HCID,TOKEN);
- System.out.print("Client Secret CS: 0x");
- printBinary(TOKEN);
-
-/* Client extracts PIN from secret to create Token */
- int pin=1234;
- System.out.println("Client extracts PIN= "+pin);
- int rtn=MPIN.EXTRACT_PIN(CLIENT_ID,pin,TOKEN);
- if (rtn != 0)
- System.out.println("FAILURE: EXTRACT_PIN rtn: " + rtn);
-
- System.out.print("Client Token TK: 0x");
- printBinary(TOKEN);
-
- if (FULL)
- {
- MPIN.PRECOMPUTE(TOKEN,HCID,G1,G2);
- }
- int date;
- if (PERMITS)
- {
- date=MPIN.today();
-/* Client gets "Time Token" permit from DTA */
- MPIN.GET_CLIENT_PERMIT(date,S,HCID,PERMIT);
- System.out.print("Time Permit TP: 0x"); printBinary(PERMIT);
-
-/* This encoding makes Time permit look random - Elligator squared */
- MPIN.ENCODING(rng,PERMIT);
- System.out.print("Encoded Time Permit TP: 0x"); printBinary(PERMIT);
- MPIN.DECODING(PERMIT);
- System.out.print("Decoded Time Permit TP: 0x"); printBinary(PERMIT);
- }
- else date=0;
-
- System.out.print("\nPIN= ");
- Scanner scan=new Scanner(System.in);
- pin=scan.nextInt();
-
-/* Set date=0 and PERMIT=null if time permits not in use
-
-Client First pass: Inputs CLIENT_ID, optional RNG, pin, TOKEN and PERMIT. Output xID =x .H(CLIENT_ID) and re-combined secret SEC
-If PERMITS are is use, then date!=0 and PERMIT is added to secret and xCID = x.(H(CLIENT_ID)+H(date|H(CLIENT_ID)))
-Random value x is supplied externally if RNG=null, otherwise generated and passed out by RNG
-
-IMPORTANT: To save space and time..
-If Time Permits OFF set xCID = null, HTID=null and use xID and HID only
-If Time permits are ON, AND pin error detection is required then all of xID, xCID, HID and HTID are required
-If Time permits are ON, AND pin error detection is NOT required, set xID=null, HID=null and use xCID and HTID only.
-
-
-*/
-
- byte[] pxID=xID;
- byte[] pxCID=xCID;
- byte[] pHID=HID;
- byte[] pHTID=HTID;
- byte[] pE=E;
- byte[] pF=F;
- byte[] pPERMIT=PERMIT;
- byte[] prHID;
-
- if (date!=0)
- {
-
- prHID=pHTID;
- if (!PINERROR)
- {
- pxID=null;
- pHID=null;
- }
- }
- else
- {
- prHID=pHID;
- pPERMIT=null;
- pxCID=null;
- pHTID=null;
- }
- if (!PINERROR)
- {
- pE=null;
- pF=null;
- }
-
- if (SINGLE_PASS)
- {
- System.out.println("MPIN Single Pass");
- int timeValue = MPIN.GET_TIME();
- rtn=MPIN.CLIENT(date,CLIENT_ID,rng,X,pin,TOKEN,SEC,pxID,pxCID,pPERMIT,timeValue,Y);
- if (rtn != 0)
- System.out.println("FAILURE: CLIENT rtn: " + rtn);
-
- if (FULL)
- {
- HCID=MPIN.HASH_ID(CLIENT_ID);
- MPIN.GET_G1_MULTIPLE(rng,1,R,HCID,Z); /* Also Send Z=r.ID to Server, remember random r */
- }
-
- rtn=MPIN.SERVER(date,pHID,pHTID,Y,SST,pxID,pxCID,SEC,pE,pF,CLIENT_ID,timeValue);
- if (rtn != 0)
- System.out.println("FAILURE: SERVER rtn: " + rtn);
-
- if (FULL)
- {
- MPIN.GET_G1_MULTIPLE(rng,0,W,prHID,T); /* Also send T=w.ID to client, remember random w */
- }
- }
- else
- {
- System.out.println("MPIN Multi Pass");
- /* Send U=x.ID to server, and recreate secret from token and pin */
- rtn=MPIN.CLIENT_1(date,CLIENT_ID,rng,X,pin,TOKEN,SEC,pxID,pxCID,pPERMIT);
- if (rtn != 0)
- System.out.println("FAILURE: CLIENT_1 rtn: " + rtn);
-
- if (FULL)
- {
- HCID=MPIN.HASH_ID(CLIENT_ID);
- MPIN.GET_G1_MULTIPLE(rng,1,R,HCID,Z); /* Also Send Z=r.ID to Server, remember random r */
- }
-
- /* Server calculates H(ID) and H(T|H(ID)) (if time permits enabled), and maps them to points on the curve HID and HTID resp. */
- MPIN.SERVER_1(date,CLIENT_ID,pHID,pHTID);
-
- /* Server generates Random number Y and sends it to Client */
- MPIN.RANDOM_GENERATE(rng,Y);
-
- if (FULL)
- {
- MPIN.GET_G1_MULTIPLE(rng,0,W,prHID,T); /* Also send T=w.ID to client, remember random w */
- }
-
- /* Client Second Pass: Inputs Client secret SEC, x and y. Outputs -(x+y)*SEC */
- rtn=MPIN.CLIENT_2(X,Y,SEC);
- if (rtn != 0)
- System.out.println("FAILURE: CLIENT_2 rtn: " + rtn);
-
- /* Server Second pass. Inputs hashed client id, random Y, -(x+y)*SEC, xID and xCID and Server secret SST. E and F help kangaroos to find error. */
- /* If PIN error not required, set E and F = null */
-
- rtn=MPIN.SERVER_2(date,pHID,pHTID,Y,SST,pxID,pxCID,SEC,pE,pF);
-
- if (rtn != 0)
- System.out.println("FAILURE: SERVER_1 rtn: " + rtn);
- }
-
- if (rtn == MPIN.BAD_PIN)
- {
- System.out.println("Server says - Bad Pin. I don't know you. Feck off.\n");
- if (PINERROR)
- {
- int err=MPIN.KANGAROO(E,F);
- if (err!=0) System.out.format("(Client PIN is out by %d)\n",err);
- }
- return;
- }
- else System.out.println("Server says - PIN is good! You really are "+IDstr);
-
-
- if (FULL)
- {
- MPIN.CLIENT_KEY(G1,G2,pin,R,X,T,CK);
- System.out.print("Client Key = 0x"); printBinary(CK);
-
- MPIN.SERVER_KEY(Z,SST,W,pxID,pxCID,SK);
- System.out.print("Server Key = 0x"); printBinary(SK);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/java/TestRSA.java
----------------------------------------------------------------------
diff --git a/java/TestRSA.java b/java/TestRSA.java
deleted file mode 100755
index 414e596..0000000
--- a/java/TestRSA.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
-*/
-
-/* test driver and function exerciser for RSA API Functions */
-
-public class TestRSA
-{
- public static void main(String[] args)
- {
- int i;
- int RFS=RSA.RFS;
-
- String message="Hello World\n";
-
- rsa_public_key pub=new rsa_public_key(ROM.FFLEN);
- rsa_private_key priv=new rsa_private_key(ROM.HFLEN);
-
- byte[] ML=new byte[RFS];
- byte[] C=new byte[RFS];
- byte[] RAW=new byte[100];
-
- RAND rng=new RAND();
-
- rng.clean();
- for (i=0;i<100;i++) RAW[i]=(byte)(i);
-
- rng.seed(100,RAW);
-
-//for (i=0;i<10;i++)
-//{
- System.out.println("Generating public/private key pair");
- RSA.KEY_PAIR(rng,65537,priv,pub);
-
- byte[] M=message.getBytes();
- System.out.print("Encrypting test string\n");
- byte[] E=RSA.OAEP_ENCODE(M,rng,null); /* OAEP encode message M to E */
-
- RSA.ENCRYPT(pub,E,C); /* encrypt encoded message */
- System.out.print("Ciphertext= 0x"); RSA.printBinary(C);
-
- System.out.print("Decrypting test string\n");
- RSA.DECRYPT(priv,C,ML);
- byte[] MS=RSA.OAEP_DECODE(null,ML); /* OAEP decode message */
-
- message=new String(MS);
- System.out.print(message);
-//}
- RSA.PRIVATE_KEY_KILL(priv);
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-milagro-crypto/blob/70e3a3a3/java/readme.txt
----------------------------------------------------------------------
diff --git a/java/readme.txt b/java/readme.txt
deleted file mode 100644
index fbe1866..0000000
--- a/java/readme.txt
+++ /dev/null
@@ -1,32 +0,0 @@
-AMCL is very simple to build for Java. This version is optimal for a 32-bit
-(or less) Virtual Machine.
-
-First - decide the modulus type and curve type you want to use. Edit ROM.java
-where indicated. You might want to use one of the curves whose details are
-already in there.
-
-Three example API files are provided, MPIN.java which
-supports our M-Pin (tm) protocol, ECDH.java which supports elliptic
-curve key exchange, digital signature and public key crypto, and RSA.java
-which supports the RSA method. The first can be tested using the
-TestMPIN.java driver programs, the second can be tested using TestECDH.java
-and TestECM.java, and the third with TestRSA.java
-
-In the ROM.java file you must provide the curve constants. Several examples
-are provided there, if you are willing to use one of these.
-
-To help generate the ROM constants for your own curve some MIRACL helper
-programs are included. The program bngen.cpp generates the ROM details for a
-BN curve, and the program ecgen.cpp generates the ROM for EC curves.
-
-The program bigtobig.cpp converts a big number to the AMCL
-BIG format.
-
-Don't forget to delete all .class files before rebuilding projects.
-
-For a quick jumpstart:-
-
-del *.class
-javac TestMPIN.java
-java TestMPIN
-