com.google.crypto.tink.internal

Class EllipticCurvesUtil

java.lang.Object

com.google.crypto.tink.internal.EllipticCurvesUtil

public final class EllipticCurvesUtil
extends Object

Utility functions for elliptic curve crypto, used in ECDSA and ECDH.

Field Summary

Fields

Modifier and Type	Field and Description
static ECParameterSpec	NIST_P256_PARAMS
static ECParameterSpec	NIST_P384_PARAMS
static ECParameterSpec	NIST_P521_PARAMS

Method Summary

Modifier and Type	Method and Description
static void	checkPointOnCurve(ECPoint point, EllipticCurve ec) Checks that a point is on a given elliptic curve.
static BigInteger	getModulus(EllipticCurve curve) Returns the modulus of the field used by the curve specified in ecParams.
static boolean	isNistEcParameterSpec(ECParameterSpec spec) Returns whether spec is a ECParameterSpec of one of the NIST curves.
static boolean	isSameEcParameterSpec(ECParameterSpec one, ECParameterSpec two) Returns whether one is the same ECParameterSpec as two.
static ECPoint	multiplyByGenerator(BigInteger x, ECParameterSpec spec) Calculates x times the generator of the give elliptic curve spec using the Montgomery ladder.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

NIST_P256_PARAMS

public static final ECParameterSpec NIST_P256_PARAMS

NIST_P384_PARAMS

public static final ECParameterSpec NIST_P384_PARAMS

NIST_P521_PARAMS

public static final ECParameterSpec NIST_P521_PARAMS

Method Detail

checkPointOnCurve

public static void checkPointOnCurve(ECPoint point,
                                     EllipticCurve ec)
                              throws GeneralSecurityException

Checks that a point is on a given elliptic curve.

This method implements the partial public key validation routine from Section 5.6.2.6 of NIST SP 800-56A. A partial public key validation is sufficient for curves with cofactor 1. See Section B.3 of http://www.nsa.gov/ia/_files/SuiteB_Implementer_G-113808.pdf.

The point validations above are taken from recommendations for ECDH, because parameter checks in ECDH are much more important than for the case of ECDSA. Performing this test for ECDSA keys is mainly a sanity check.

Parameters:

point - the point that needs verification

ec - the elliptic curve. This must be a curve over a prime order field.

Throws:

GeneralSecurityException - if the field is binary or if the point is not on the curve.

isNistEcParameterSpec

public static boolean isNistEcParameterSpec(ECParameterSpec spec)

Returns whether spec is a ECParameterSpec of one of the NIST curves.

isSameEcParameterSpec

public static boolean isSameEcParameterSpec(ECParameterSpec one,
                                            ECParameterSpec two)

Returns whether one is the same ECParameterSpec as two.

getModulus

public static BigInteger getModulus(EllipticCurve curve)
                             throws GeneralSecurityException

Returns the modulus of the field used by the curve specified in ecParams.

Parameters:

curve - must be a prime order elliptic curve

Returns:

the order of the finite field over which curve is defined.

Throws:

GeneralSecurityException

multiplyByGenerator

public static ECPoint multiplyByGenerator(BigInteger x,
                                          ECParameterSpec spec)
                                   throws GeneralSecurityException

Calculates x times the generator of the give elliptic curve spec using the Montgomery ladder.

This should only be used to validate keys, and not to sign or verify messages.

See: Elliptic curve point multiplication.

Parameters:

x - must be larger than 0 and smaller than the order of the generator.

Returns:

the ECPoint that is x times the generator.

Throws:

GeneralSecurityException