Package com.google.crypto.tink.internal
Class EllipticCurvesUtil
- java.lang.Object
-
- com.google.crypto.tink.internal.EllipticCurvesUtil
-
public final class EllipticCurvesUtil extends java.lang.ObjectUtility functions for elliptic curve crypto, used in ECDSA and ECDH.
-
-
Field Summary
Fields Modifier and Type Field Description static java.security.spec.ECParameterSpecNIST_P256_PARAMSstatic java.security.spec.ECParameterSpecNIST_P384_PARAMSstatic java.security.spec.ECParameterSpecNIST_P521_PARAMS
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static voidcheckPointOnCurve(java.security.spec.ECPoint point, java.security.spec.EllipticCurve ec)Checks that a point is on a given elliptic curve.static java.math.BigIntegergetModulus(java.security.spec.EllipticCurve curve)Returns the modulus of the field used by the curve specified in ecParams.static booleanisNistEcParameterSpec(java.security.spec.ECParameterSpec spec)Returns whetherspecis aECParameterSpecof one of the NIST curves.static booleanisSameEcParameterSpec(java.security.spec.ECParameterSpec one, java.security.spec.ECParameterSpec two)Returns whetheroneis the sameECParameterSpecastwo.static java.security.spec.ECPointmultiplyByGenerator(java.math.BigInteger x, java.security.spec.ECParameterSpec spec)Calculates x times the generator of the give elliptic curve spec using the Montgomery ladder.
-
-
-
Method Detail
-
checkPointOnCurve
public static void checkPointOnCurve(java.security.spec.ECPoint point, java.security.spec.EllipticCurve ec) throws java.security.GeneralSecurityExceptionChecks that a point is on a given elliptic curve.This method implements the partial public key validation routine from Section 5.6.2.6 of NIST SP 800-56A. A partial public key validation is sufficient for curves with cofactor 1. See Section B.3 of http://www.nsa.gov/ia/_files/SuiteB_Implementer_G-113808.pdf.
The point validations above are taken from recommendations for ECDH, because parameter checks in ECDH are much more important than for the case of ECDSA. Performing this test for ECDSA keys is mainly a sanity check.
- Parameters:
point- the point that needs verificationec- the elliptic curve. This must be a curve over a prime order field.- Throws:
java.security.GeneralSecurityException- if the field is binary or if the point is not on the curve.
-
isNistEcParameterSpec
public static boolean isNistEcParameterSpec(java.security.spec.ECParameterSpec spec)
Returns whetherspecis aECParameterSpecof one of the NIST curves.
-
isSameEcParameterSpec
public static boolean isSameEcParameterSpec(java.security.spec.ECParameterSpec one, java.security.spec.ECParameterSpec two)Returns whetheroneis the sameECParameterSpecastwo.
-
getModulus
public static java.math.BigInteger getModulus(java.security.spec.EllipticCurve curve) throws java.security.GeneralSecurityExceptionReturns the modulus of the field used by the curve specified in ecParams.- Parameters:
curve- must be a prime order elliptic curve- Returns:
- the order of the finite field over which curve is defined.
- Throws:
java.security.GeneralSecurityException
-
multiplyByGenerator
public static java.security.spec.ECPoint multiplyByGenerator(java.math.BigInteger x, java.security.spec.ECParameterSpec spec) throws java.security.GeneralSecurityExceptionCalculates x times the generator of the give elliptic curve spec using the Montgomery ladder.This should only be used to validate keys, and not to sign or verify messages.
- Parameters:
x- must be larger than 0 and smaller than the order of the generator.- Returns:
- the ECPoint that is x times the generator.
- Throws:
java.security.GeneralSecurityException
-
-