FileDocCategorySizeDatePackage
ECDSASigner.javaAPI DocAzureus 3.0.3.43466Mon Mar 20 04:56:46 GMT 2006org.bouncycastle.crypto.signers

ECDSASigner

public class ECDSASigner extends Object implements org.bouncycastle.math.ec.ECConstants, org.bouncycastle.crypto.DSA
EC-DSA as described in X9.62

Fields Summary
org.bouncycastle.crypto.params.ECKeyParameters
key
SecureRandom
random
Constructors Summary
Methods Summary
public java.math.BigInteger[]generateSignature(byte[] message)
generate a signature for the given message using the key we were initialised with. For conventional DSA the message should be a SHA-1 hash of the message of interest.

param
message the message that will be verified later.

		BigInteger e = new BigInteger(1, message);
		BigInteger n = key.getParameters().getN();

		BigInteger r = null;
		BigInteger s = null;

		// 5.3.2
		do // generate s
		{
			BigInteger k = null;
			int			nBitLength = n.bitLength();

			do // generate r
			{
				do
				{
					k = new BigInteger(nBitLength, random);
				}
				while (k.equals(ZERO));

				ECPoint p = key.getParameters().getG().multiply(k);

				// 5.3.3
				BigInteger x = p.getX().toBigInteger();

				r = x.mod(n);
			}
			while ( r.equals(ZERO) );

			BigInteger d = ((ECPrivateKeyParameters)key).getD();

			s = k.modInverse(n).multiply(e.add(d.multiply(r))).mod(n);
		}
		while ( s.equals(ZERO) );

        BigInteger[]  res = new BigInteger[2];

        res[0] = r;
        res[1] = s;

        return res;
public voidinit(boolean forSigning, org.bouncycastle.crypto.CipherParameters param)

        if (forSigning)
        {
            if (param instanceof ParametersWithRandom)
            {
                ParametersWithRandom    rParam = (ParametersWithRandom)param;

                this.random = rParam.getRandom();
                this.key = (ECPrivateKeyParameters)rParam.getParameters();
            }
            else
            {
                this.random = new SecureRandom();
                this.key = (ECPrivateKeyParameters)param;
            }
        }
        else
        {
		    this.key = (ECPublicKeyParameters)param;
        }
public booleanverifySignature(byte[] message, java.math.BigInteger r, java.math.BigInteger s)
return true if the value r and s represent a DSA signature for the passed in message (for standard DSA the message should be a SHA-1 hash of the real message to be verified).

		BigInteger e = new BigInteger(1, message);
		BigInteger n = key.getParameters().getN();

		// r in the range [1,n-1]
		if ( r.compareTo(ONE) < 0 || r.compareTo(n) >= 0 )
		{
			return false;
		}

		// s in the range [1,n-1]
		if ( s.compareTo(ONE) < 0 || s.compareTo(n) >= 0 )
		{
			return false;
		}

		BigInteger c = s.modInverse(n);

		BigInteger u1 = e.multiply(c).mod(n);
		BigInteger u2 = r.multiply(c).mod(n);

		ECPoint G = key.getParameters().getG();
		ECPoint Q = ((ECPublicKeyParameters)key).getQ();

		ECPoint point = G.multiply(u1).add(Q.multiply(u2));

		BigInteger v = point.getX().toBigInteger().mod(n);

		return v.equals(r);