net.i2p.crypto.eddsa.Utils Java Examples

The following examples show how to use net.i2p.crypto.eddsa.Utils. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: GroupElement.java    From RipplePower with Apache License 2.0 6 votes vote down vote up
/**
 * Look up $16^i r_i B$ in the precomputed table.
 * <p>
 * No secret array indices, no secret branching.
 * Constant time.
 * <p>
 * Must have previously precomputed.
 * <p>
 * Method is package private only so that tests run.
 *
 * @param pos $= i/2$ for $i$ in $\{0, 2, 4,..., 62\}$
 * @param b $= r_i$
 * @return the GroupElement
 */
GroupElement select(final int pos, final int b) {
    // Is r_i negative?
    final int bnegative = Utils.negative(b);
    // |r_i|
    final int babs = b - (((-bnegative) & b) << 1);

    // 16^i |r_i| B
    final GroupElement t = this.curve.getZero(Representation.PRECOMP)
            .cmov(this.precmp[pos][0], Utils.equal(babs, 1))
            .cmov(this.precmp[pos][1], Utils.equal(babs, 2))
            .cmov(this.precmp[pos][2], Utils.equal(babs, 3))
            .cmov(this.precmp[pos][3], Utils.equal(babs, 4))
            .cmov(this.precmp[pos][4], Utils.equal(babs, 5))
            .cmov(this.precmp[pos][5], Utils.equal(babs, 6))
            .cmov(this.precmp[pos][6], Utils.equal(babs, 7))
            .cmov(this.precmp[pos][7], Utils.equal(babs, 8));
    // -16^i |r_i| B
    final GroupElement tminus = precomp(curve, t.Y, t.X, t.Z.negate());
    // 16^i r_i B
    return t.cmov(tminus, bnegative);
}
 
Example #2
Source File: SLIP0010Ed25519PrivateKeyTest.java    From java-stellar-sdk with Apache License 2.0 5 votes vote down vote up
private static String deriveEd25519PrivateKey(final String seed, final int... indexes) {
  try {
    return Utils.bytesToHex(SLIP10.deriveEd25519PrivateKey(Utils.hexToBytes(seed), indexes));
  } catch (Exception e) {
    throw new RuntimeException(e);
  }
}
 
Example #3
Source File: Ed25519FieldElement.java    From RipplePower with Apache License 2.0 5 votes vote down vote up
@Override
public boolean equals(Object obj) {
    if (!(obj instanceof Ed25519FieldElement))
        return false;
    Ed25519FieldElement fe = (Ed25519FieldElement) obj;
    return 1==Utils.equal(toByteArray(), fe.toByteArray());
}
 
Example #4
Source File: Ed25519FieldElement.java    From RipplePower with Apache License 2.0 4 votes vote down vote up
@Override
public String toString() {
    return "[Ed25519FieldElement val="+Utils.bytesToHex(toByteArray())+"]";
}
 
Example #5
Source File: GroupElement.java    From RipplePower with Apache License 2.0 4 votes vote down vote up
/**
 * Creates a group element for a curve from a given encoded point.
 * <p>
 * A point $(x,y)$ is encoded by storing $y$ in bit 0 to bit 254 and the sign of $x$ in bit 255.
 * $x$ is recovered in the following way:
 * </p><ul>
 * <li>$x = sign(x) * \sqrt{(y^2 - 1) / (d * y^2 + 1)} = sign(x) * \sqrt{u / v}$ with $u = y^2 - 1$ and $v = d * y^2 + 1$.
 * <li>Setting $β = (u * v^3) * (u * v^7)^{((q - 5) / 8)}$ one has $β^2 = \pm(u / v)$.
 * <li>If $v * β = -u$ multiply $β$ with $i=\sqrt{-1}$.
 * <li>Set $x := β$.
 * <li>If $sign(x) \ne$ bit 255 of $s$ then negate $x$.
 * </ul>
 *
 * @param curve The curve.
 * @param s The encoded point.
 */
public GroupElement(final Curve curve, final byte[] s) {
    FieldElement x, y, yy, u, v, v3, vxx, check;
    y = curve.getField().fromByteArray(s);
    yy = y.square();

    // u = y^2-1
    u = yy.subtractOne();

    // v = dy^2+1
    v = yy.multiply(curve.getD()).addOne();

    // v3 = v^3
    v3 = v.square().multiply(v);

    // x = (v3^2)vu, aka x = uv^7
    x = v3.square().multiply(v).multiply(u);

    //  x = (uv^7)^((q-5)/8)
    x = x.pow22523();

    // x = uv^3(uv^7)^((q-5)/8)
    x = v3.multiply(u).multiply(x);

    vxx = x.square().multiply(v);
    check = vxx.subtract(u);            // vx^2-u
    if (check.isNonZero()) {
        check = vxx.add(u);             // vx^2+u

        if (check.isNonZero())
            throw new IllegalArgumentException("not a valid GroupElement");
        x = x.multiply(curve.getI());
    }

    if ((x.isNegative() ? 1 : 0) != Utils.bit(s, curve.getField().getb()-1)) {
        x = x.negate();
    }

    this.curve = curve;
    this.repr = Representation.P3;
    this.X = x;
    this.Y = y;
    this.Z = curve.getField().ONE;
    this.T = this.X.multiply(this.Y);
}
 
Example #6
Source File: Ed25519FieldElement.java    From RipplePower with Apache License 2.0 2 votes vote down vote up
/**
 * Gets a value indicating whether or not the field element is non-zero.
 *
 * @return 1 if it is non-zero, 0 otherwise.
 */
public boolean isNonZero() {
    final byte[] s = toByteArray();
    return Utils.equal(s, ZERO) == 0;
}