diff options
Diffstat (limited to 'src/applets')
| -rw-r--r-- | src/applets/ECKeyGenerator.java | 276 | ||||
| -rw-r--r-- | src/applets/ECKeyTester.java | 177 | ||||
| -rw-r--r-- | src/applets/EC_Consts.java | 2020 | ||||
| -rw-r--r-- | src/applets/SimpleECCApplet.java | 1026 |
4 files changed, 0 insertions, 3499 deletions
diff --git a/src/applets/ECKeyGenerator.java b/src/applets/ECKeyGenerator.java deleted file mode 100644 index 2eb5679..0000000 --- a/src/applets/ECKeyGenerator.java +++ /dev/null @@ -1,276 +0,0 @@ -package applets; - -import javacard.framework.ISO7816; -import javacard.framework.ISOException; -import javacard.framework.Util; -import javacard.security.CryptoException; -import javacard.security.ECPrivateKey; -import javacard.security.ECPublicKey; -import javacard.security.KeyPair; - -/** - * - */ -public class ECKeyGenerator { - - private KeyPair ecKeyPair = null; - private ECPrivateKey ecPrivateKey = null; - private ECPublicKey ecPublicKey = null; - - public static final byte KEY_PUBLIC = 0x01; - public static final byte KEY_PRIVATE = 0x02; - public static final byte KEY_BOTH = KEY_PUBLIC | KEY_PRIVATE; - - - public short allocatePair(byte keyClass, short keyLength) { - short result = ISO7816.SW_NO_ERROR; - try { - ecKeyPair = new KeyPair(keyClass, keyLength); - ecPublicKey = (ECPublicKey) ecKeyPair.getPublic(); - ecPrivateKey = (ECPrivateKey) ecKeyPair.getPrivate(); - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - public boolean isAllocated() { - return ecKeyPair != null; - } - - public short generatePair() { - short result = ISO7816.SW_NO_ERROR; - try { - ecKeyPair.genKeyPair(); - ecPublicKey = (ECPublicKey) ecKeyPair.getPublic(); - ecPrivateKey = (ECPrivateKey) ecKeyPair.getPrivate(); - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - public short setCustomCurve(byte keyClass, short keyLength, byte[] buffer, short offset) { - return setCustomCurve(EC_Consts.getCurve(keyClass, keyLength), buffer, offset); - } - - public short setCustomCurve(byte curve, byte[] buffer, short offset) { - byte alg = EC_Consts.getCurveType(curve); - short sw = ISO7816.SW_NO_ERROR; - short length; - if (alg == KeyPair.ALG_EC_FP) { - length = EC_Consts.getCurveParameter(curve, EC_Consts.PARAMETER_FP, buffer, offset); - sw = setParameter(KEY_BOTH, EC_Consts.PARAMETER_FP, buffer, offset, length); - } else if (alg == KeyPair.ALG_EC_F2M) { - length = EC_Consts.getCurveParameter(curve, EC_Consts.PARAMETER_F2M, buffer, offset); - sw = setParameter(KEY_BOTH, EC_Consts.PARAMETER_F2M, buffer, offset, length); - } - if (sw != ISO7816.SW_NO_ERROR) return sw; - - //go through all params - short param = EC_Consts.PARAMETER_A; - while (param <= EC_Consts.PARAMETER_K) { - length = EC_Consts.getCurveParameter(curve, param, buffer, offset); - sw = setParameter(KEY_BOTH, param, buffer, offset, length); - if (sw != ISO7816.SW_NO_ERROR) break; - param = (short) (param << 1); - } - return sw; - } - - public short setCustomInvalidCurve(short keyClass, short keyLength, byte key, short param, short corruptionType, byte[] buffer, short offset) { - return setCustomInvalidCurve(EC_Consts.getCurve(keyClass, keyLength), key, param, corruptionType, buffer, offset); - } - - public short setCustomInvalidCurve(byte curve, byte key, short param, short corruptionType, byte[] buffer, short offset) { - short sw = setCustomCurve(curve, buffer, offset); - if (sw != ISO7816.SW_NO_ERROR) return sw; - - //go through param bit by bit, and invalidate all selected params - short paramMask = 0x01; - while (paramMask <= EC_Consts.PARAMETER_K) { - short masked = (short) (paramMask & param); - if (masked != 0) { - short length = EC_Consts.getCorruptCurveParameter(curve, masked, buffer, offset, corruptionType); - sw = setParameter(key, masked, buffer, offset, length); - if (sw != ISO7816.SW_NO_ERROR) return sw; - } - paramMask = (short) (paramMask << 1); - } - return sw; - } - - public short setCustomAnomalousCurve(short keyClass, short keyLength, byte[] buffer, short offset) { - return setCustomCurve(EC_Consts.getAnomalousCurve(keyClass, keyLength), buffer, offset); - } - - public short setParameter(byte key, short param, byte[] data, short offset, short length) { - short result = ISO7816.SW_NO_ERROR; - try { - switch (param) { - case EC_Consts.PARAMETER_FP: { - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldFP(data, offset, length); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldFP(data, offset, length); - break; - } - case EC_Consts.PARAMETER_F2M: { - if (length == 2) { - short i = Util.makeShort(data[offset], data[(short) (offset + 1)]); - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i); - } else if (length == 6) { - short i1 = Util.makeShort(data[offset], data[(short) (offset + 1)]); - short i2 = Util.makeShort(data[(short) (offset + 2)], data[(short) (offset + 3)]); - short i3 = Util.makeShort(data[(short) (offset + 4)], data[(short) (offset + 5)]); - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setFieldF2M(i1, i2, i3); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setFieldF2M(i1, i2, i3); - } else { - result = ISO7816.SW_UNKNOWN; - } - break; - } - case EC_Consts.PARAMETER_A: { - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setA(data, offset, length); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setA(data, offset, length); - break; - } - case EC_Consts.PARAMETER_B: { - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setB(data, offset, length); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setB(data, offset, length); - break; - } - case EC_Consts.PARAMETER_G: { - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setG(data, offset, length); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setG(data, offset, length); - break; - } - case EC_Consts.PARAMETER_R: { - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setR(data, offset, length); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setR(data, offset, length); - break; - } - case EC_Consts.PARAMETER_K: { - if (length != 2) { - result = ISO7816.SW_UNKNOWN; - } else { - short k = Util.getShort(data, offset); - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setK(k); - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setK(k); - } - break; - } - case EC_Consts.PARAMETER_S: - if ((key & KEY_PRIVATE) != 0) ecPrivateKey.setS(data, offset, length); - break; - case EC_Consts.PARAMETER_W: - if ((key & KEY_PUBLIC) != 0) ecPublicKey.setW(data, offset, length); - break; - default: { - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - } - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - public short setExternalCurve(byte key, byte keyClass, byte[] buffer, short offset, short fieldLength, short aLength, short bLength, short gxLength, short gyLength, short rLength) { - short sw = ISO7816.SW_NO_ERROR; - if (keyClass == KeyPair.ALG_EC_FP) { - sw = setParameter(key, EC_Consts.PARAMETER_FP, buffer, offset, fieldLength); - } else if (keyClass == KeyPair.ALG_EC_F2M) { - sw = setParameter(key, EC_Consts.PARAMETER_F2M, buffer, offset, fieldLength); - } - if (sw != ISO7816.SW_NO_ERROR) return sw; - - offset += fieldLength; - - //go through all params - sw = setParameter(key, EC_Consts.PARAMETER_A, buffer, offset, aLength); - if (sw != ISO7816.SW_NO_ERROR) return sw; - offset += aLength; - sw = setParameter(key, EC_Consts.PARAMETER_B, buffer, offset, bLength); - if (sw != ISO7816.SW_NO_ERROR) return sw; - offset += bLength; - - sw = setParameter(key, EC_Consts.PARAMETER_G, buffer, offset, (short) (gxLength + gyLength)); - if (sw != ISO7816.SW_NO_ERROR) return sw; - offset += gxLength + gyLength; - - - sw = setParameter(key, EC_Consts.PARAMETER_R, buffer, offset, aLength); - if (sw != ISO7816.SW_NO_ERROR) return sw; - offset += rLength; - - sw = setParameter(key, EC_Consts.PARAMETER_K, buffer, offset, (short) 2); - return sw; - } - - public short exportParameter(byte key, short param, byte[] outputBuffer, short outputOffset) { - if (key == KEY_BOTH) { - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - short length = 0; - try { - switch (param) { - case EC_Consts.PARAMETER_FP: - case EC_Consts.PARAMETER_F2M: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getField(outputBuffer, outputOffset); - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getField(outputBuffer, outputOffset); - break; - case EC_Consts.PARAMETER_A: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getA(outputBuffer, outputOffset); - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getA(outputBuffer, outputOffset); - break; - case EC_Consts.PARAMETER_B: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getB(outputBuffer, outputOffset); - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getB(outputBuffer, outputOffset); - break; - case EC_Consts.PARAMETER_G: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getG(outputBuffer, outputOffset); - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getG(outputBuffer, outputOffset); - break; - case EC_Consts.PARAMETER_R: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getR(outputBuffer, outputOffset); - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getR(outputBuffer, outputOffset); - break; - case EC_Consts.PARAMETER_K: - if ((key & KEY_PUBLIC) != 0) Util.setShort(outputBuffer, outputOffset, ecPublicKey.getK()); - if ((key & KEY_PRIVATE) != 0) Util.setShort(outputBuffer, outputOffset, ecPrivateKey.getK()); - length = 2; - break; - case EC_Consts.PARAMETER_S: - if ((key & KEY_PRIVATE) != 0) length = ecPrivateKey.getS(outputBuffer, outputOffset); - break; - case EC_Consts.PARAMETER_W: - if ((key & KEY_PUBLIC) != 0) length = ecPublicKey.getW(outputBuffer, outputOffset); - default: - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - } catch (CryptoException ce) { - ISOException.throwIt(ce.getReason()); - } catch (Exception e) { - ISOException.throwIt(ISO7816.SW_UNKNOWN); - } - return length; - } - - public ECPrivateKey getPrivateKey() { - return ecPrivateKey; - } - - public ECPublicKey getPublicKey() { - return ecPublicKey; - } - - public KeyPair getKeyPair() { - return ecKeyPair; - } -} diff --git a/src/applets/ECKeyTester.java b/src/applets/ECKeyTester.java deleted file mode 100644 index 9dd0fd5..0000000 --- a/src/applets/ECKeyTester.java +++ /dev/null @@ -1,177 +0,0 @@ -package applets; - - -import javacard.framework.ISO7816; -import javacard.security.*; - -/** - * Class capable of testing ECDH/C and ECDSA. - * Note that ECDH and ECDHC output should equal, only the algorithm is different. - */ -public class ECKeyTester { - private KeyAgreement ecdhKeyAgreement = null; - private KeyAgreement ecdhcKeyAgreement = null; - private Signature ecdsaSignature = null; - - public short allocateECDH() { - short result = ISO7816.SW_NO_ERROR; - try { - ecdhKeyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DH, false); - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - public short allocateECDHC() { - short result = ISO7816.SW_NO_ERROR; - try { - ecdhcKeyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DHC, false); - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - public short allocateECDSA() { - short result = ISO7816.SW_NO_ERROR; - try { - ecdsaSignature = Signature.getInstance(Signature.ALG_ECDSA_SHA, false); - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - private short testKA(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { - short result = ISO7816.SW_NO_ERROR; - try { - ka.init(privateKey); - - short secretLength = ka.generateSecret(pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); - //TODO, figure out how to separate the return value of this method (short) error, and return the secretLenght.. - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - private short testKA_validPoint(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { - return testKA(ka, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); - } - - private short testKA_invalidPoint(KeyAgreement ka, ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { - pubkeyBuffer[(short)(pubkeyLength - 2)] += 0xcc; - pubkeyBuffer[(short)(pubkeyLength - 3)] += 0xcc; - short result = testKA(ka, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); - pubkeyBuffer[(short)(pubkeyLength - 2)] -= 0xcc; - pubkeyBuffer[(short)(pubkeyLength - 3)] -= 0xcc; - return result; - } - - public short testECDH(ECPrivateKey privateKey, byte[] pubkeyBuffer, short pubkeyOffset, short pubkeyLength, byte[] outputBuffer, short outputOffset) { - return testKA(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, pubkeyLength, outputBuffer, outputOffset); - } - - /** - * Tests ECDH secret generation with given {@code privateKey} and {@code publicKey}. - * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. - * Output should equal with ECDHC output. - * @param privateKey - * @param publicKey - * @param pubkeyBuffer - * @param pubkeyOffset - * @param outputBuffer - * @param outputOffset - * @return ISO7816.SW_NO_ERROR on correct operation, - * exception reason otherwise - **/ - public short testECDH_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { - short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testKA_validPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); - } - - public short testECDH_invalidPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { - short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testKA_invalidPoint(ecdhKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); - } - - - /** - * Tests ECDHC secret generation with given {@code privateKey} and {@code publicKey}. - * Uses {@code pubkeyBuffer} at {@code pubkeyOffset} for computations. - * Output should equal to ECDH output. - * @param privateKey - * @param publicKey - * @param pubkeyBuffer - * @param pubkeyOffset - * @param outputBuffer - * @param outputOffset - * @return ISO7816.SW_NO_ERROR on correct operation, - * exception reason otherwise - */ - public short testECDHC_validPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { - short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testKA_validPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); - } - - public short testECDHC_invalidPoint(ECPrivateKey privateKey, ECPublicKey publicKey, byte[] pubkeyBuffer, short pubkeyOffset, byte[] outputBuffer, short outputOffset) { - short length = publicKey.getW(pubkeyBuffer, pubkeyOffset); - return testKA_invalidPoint(ecdhcKeyAgreement, privateKey, pubkeyBuffer, pubkeyOffset, length, outputBuffer, outputOffset); - } - - /** - * Uses {@code signKey} to sign data from {@code inputBuffer} at {@code inputOffset} with {@code inputOffset}. - * Then checks for correct signature length. - * Then tries verifying the data with {@code verifyKey}. - * @param signKey - * @param verifyKey - * @param inputBuffer - * @param inputOffset - * @param inputLength - * @param sigBuffer - * @param sigOffset - * @return ISO7816.SW_NO_ERROR on correct operation, - * SW_SIG_VERIFY_FAIL, - * SW_SIG_LENGTH_MISMATCH - */ - public short testECDSA(ECPrivateKey signKey, ECPublicKey verifyKey, byte[] inputBuffer, short inputOffset, short inputLength, byte[] sigBuffer, short sigOffset) { - short result = ISO7816.SW_NO_ERROR; - try { - ecdsaSignature.init(signKey, Signature.MODE_SIGN); - short sigLength = ecdsaSignature.sign(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset); - - ecdsaSignature.init(verifyKey, Signature.MODE_VERIFY); - boolean correct = ecdsaSignature.verify(inputBuffer, inputOffset, inputLength, sigBuffer, sigOffset, sigLength); - if (!correct) { - result = SimpleECCApplet.SW_SIG_VERIFY_FAIL; - } - } catch (CryptoException ce) { - result = ce.getReason(); - } catch (Exception e) { - result = ISO7816.SW_UNKNOWN; - } - return result; - } - - public KeyAgreement getECDH() { - return ecdhKeyAgreement; - } - - public KeyAgreement getECDHC() { - return ecdhcKeyAgreement; - } - - public Signature getECDSA() { - return ecdsaSignature; - } - -} diff --git a/src/applets/EC_Consts.java b/src/applets/EC_Consts.java deleted file mode 100644 index d1f6842..0000000 --- a/src/applets/EC_Consts.java +++ /dev/null @@ -1,2020 +0,0 @@ -package applets; - -import javacard.framework.ISO7816; -import javacard.framework.ISOException; -import javacard.framework.Util; -import javacard.security.KeyPair; -import javacard.security.RandomData; - -public class EC_Consts { - - private static byte[] EC_FP_P = null; //p - private static byte[] EC_A = null; //a - private static byte[] EC_B = null; //b - private static byte[] EC_G_X = null; //G[x,y] - private static byte[] EC_G_Y = null; // - private static byte[] EC_R = null; //n - private static short EC_K = 1; //h - - private static byte[] EC_W_X = null; //Pubkey[x,y] - private static byte[] EC_W_Y = null; - private static byte[] EC_S = null; //Private - - private static byte[] EC_F2M_F2M = null; //[short i1, short i2, short i3], f = x^m + x^i1 + x^i2 + x^i3 + 1 - - public static final short PARAMETER_FP = 0x0001; - public static final short PARAMETER_F2M = 0x0002; - - public static final short PARAMETER_A = 0x0004; - public static final short PARAMETER_B = 0x0008; - public static final short PARAMETER_G = 0x0010; - public static final short PARAMETER_R = 0x0020; - public static final short PARAMETER_K = 0x0040; - public static final short PARAMETER_S = 0x0080; - public static final short PARAMETER_W = 0x0100; - - public static RandomData m_random = null; - - public static final byte TAG_ECPUBKEY = (byte) 0x41; - public static final byte TAG_ECPRIVKEY = (byte) 0x42; - - - // secp128r1 - public static final byte[] EC128_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFD, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - - public static final byte[] EC128_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFD, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; - - public static final byte[] EC128_FP_B = new byte[]{ - (byte) 0xE8, (byte) 0x75, (byte) 0x79, (byte) 0xC1, - (byte) 0x10, (byte) 0x79, (byte) 0xF4, (byte) 0x3D, - (byte) 0xD8, (byte) 0x24, (byte) 0x99, (byte) 0x3C, - (byte) 0x2C, (byte) 0xEE, (byte) 0x5E, (byte) 0xD3}; - - // G in compressed form / first part of ucompressed - public static final byte[] EC128_FP_G_X = new byte[]{ - (byte) 0x16, (byte) 0x1F, (byte) 0xF7, (byte) 0x52, - (byte) 0x8B, (byte) 0x89, (byte) 0x9B, (byte) 0x2D, - (byte) 0x0C, (byte) 0x28, (byte) 0x60, (byte) 0x7C, - (byte) 0xA5, (byte) 0x2C, (byte) 0x5B, (byte) 0x86}; - - // second part of G uncompressed - public static final byte[] EC128_FP_G_Y = new byte[]{ - (byte) 0xCF, (byte) 0x5A, (byte) 0xC8, (byte) 0x39, - (byte) 0x5B, (byte) 0xAF, (byte) 0xEB, (byte) 0x13, - (byte) 0xC0, (byte) 0x2D, (byte) 0xA2, (byte) 0x92, - (byte) 0xDD, (byte) 0xED, (byte) 0x7A, (byte) 0x83}; - // Order of G - public static final byte[] EC128_FP_R = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x75, (byte) 0xA3, (byte) 0x0D, (byte) 0x1B, - (byte) 0x90, (byte) 0x38, (byte) 0xA1, (byte) 0x15}; - // cofactor of G - public static final short EC128_FP_K = 1; - - // secp160r1 - public static final byte[] EC160_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x7F, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - - public static final byte[] EC160_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x7F, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; - - public static final byte[] EC160_FP_B = new byte[]{ - (byte) 0x1C, (byte) 0x97, (byte) 0xBE, (byte) 0xFC, - (byte) 0x54, (byte) 0xBD, (byte) 0x7A, (byte) 0x8B, - (byte) 0x65, (byte) 0xAC, (byte) 0xF8, (byte) 0x9F, - (byte) 0x81, (byte) 0xD4, (byte) 0xD4, (byte) 0xAD, - (byte) 0xC5, (byte) 0x65, (byte) 0xFA, (byte) 0x45}; - - // G in compressed form / first part of ucompressed - public static final byte[] EC160_FP_G_X = new byte[]{ - (byte) 0x4A, (byte) 0x96, (byte) 0xB5, (byte) 0x68, - (byte) 0x8E, (byte) 0xF5, (byte) 0x73, (byte) 0x28, - (byte) 0x46, (byte) 0x64, (byte) 0x69, (byte) 0x89, - (byte) 0x68, (byte) 0xC3, (byte) 0x8B, (byte) 0xB9, - (byte) 0x13, (byte) 0xCB, (byte) 0xFC, (byte) 0x82}; - - // second part of G uncompressed - public static final byte[] EC160_FP_G_Y = new byte[]{ - (byte) 0x23, (byte) 0xA6, (byte) 0x28, (byte) 0x55, - (byte) 0x31, (byte) 0x68, (byte) 0x94, (byte) 0x7D, - (byte) 0x59, (byte) 0xDC, (byte) 0xC9, (byte) 0x12, - (byte) 0x04, (byte) 0x23, (byte) 0x51, (byte) 0x37, - (byte) 0x7A, (byte) 0xC5, (byte) 0xFB, (byte) 0x32}; - // Order of G - public static final byte[] EC160_FP_R = new byte[]{ - (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x01, (byte) 0xF4, (byte) 0xC8, - (byte) 0xF9, (byte) 0x27, (byte) 0xAE, (byte) 0xD3, - (byte) 0xCA, (byte) 0x75, (byte) 0x22, (byte) 0x57}; - // cofactor of G - public static final short EC160_FP_K = 1; - - - // secp192r1 from http://www.secg.org/sec2-v2.pdf - public static final byte[] EC192_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - public static final byte[] EC192_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; - public static final byte[] EC192_FP_B = new byte[]{ - (byte) 0x64, (byte) 0x21, (byte) 0x05, (byte) 0x19, - (byte) 0xE5, (byte) 0x9C, (byte) 0x80, (byte) 0xE7, - (byte) 0x0F, (byte) 0xA7, (byte) 0xE9, (byte) 0xAB, - (byte) 0x72, (byte) 0x24, (byte) 0x30, (byte) 0x49, - (byte) 0xFE, (byte) 0xB8, (byte) 0xDE, (byte) 0xEC, - (byte) 0xC1, (byte) 0x46, (byte) 0xB9, (byte) 0xB1}; - // G in compressed form / first part of ucompressed - public static final byte[] EC192_FP_G_X = new byte[]{ - (byte) 0x18, (byte) 0x8D, (byte) 0xA8, (byte) 0x0E, - (byte) 0xB0, (byte) 0x30, (byte) 0x90, (byte) 0xF6, - (byte) 0x7C, (byte) 0xBF, (byte) 0x20, (byte) 0xEB, - (byte) 0x43, (byte) 0xA1, (byte) 0x88, (byte) 0x00, - (byte) 0xF4, (byte) 0xFF, (byte) 0x0A, (byte) 0xFD, - (byte) 0x82, (byte) 0xFF, (byte) 0x10, (byte) 0x12}; - // second part of G uncompressed - public static final byte[] EC192_FP_G_Y = new byte[]{ - (byte) 0x07, (byte) 0x19, (byte) 0x2B, (byte) 0x95, - (byte) 0xFF, (byte) 0xC8, (byte) 0xDA, (byte) 0x78, - (byte) 0x63, (byte) 0x10, (byte) 0x11, (byte) 0xED, - (byte) 0x6B, (byte) 0x24, (byte) 0xCD, (byte) 0xD5, - (byte) 0x73, (byte) 0xF9, (byte) 0x77, (byte) 0xA1, - (byte) 0x1E, (byte) 0x79, (byte) 0x48, (byte) 0x11}; - // Order of G - public static final byte[] EC192_FP_R = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x99, (byte) 0xDE, (byte) 0xF8, (byte) 0x36, - (byte) 0x14, (byte) 0x6B, (byte) 0xC9, (byte) 0xB1, - (byte) 0xB4, (byte) 0xD2, (byte) 0x28, (byte) 0x31}; - // cofactor of G - public static final short EC192_FP_K = 1; - - // secp224r1 from http://www.secg.org/sec2-v2.pdf - public static final byte[] EC224_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01}; - - public static final byte[] EC224_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE}; - - public static final byte[] EC224_FP_B = new byte[]{ - (byte) 0xB4, (byte) 0x05, (byte) 0x0A, (byte) 0x85, - (byte) 0x0C, (byte) 0x04, (byte) 0xB3, (byte) 0xAB, - (byte) 0xF5, (byte) 0x41, (byte) 0x32, (byte) 0x56, - (byte) 0x50, (byte) 0x44, (byte) 0xB0, (byte) 0xB7, - (byte) 0xD7, (byte) 0xBF, (byte) 0xD8, (byte) 0xBA, - (byte) 0x27, (byte) 0x0B, (byte) 0x39, (byte) 0x43, - (byte) 0x23, (byte) 0x55, (byte) 0xFF, (byte) 0xB4}; - - // G in compressed form / first part of ucompressed - public static final byte[] EC224_FP_G_X = new byte[]{ - (byte) 0xB7, (byte) 0x0E, (byte) 0x0C, (byte) 0xBD, - (byte) 0x6B, (byte) 0xB4, (byte) 0xBF, (byte) 0x7F, - (byte) 0x32, (byte) 0x13, (byte) 0x90, (byte) 0xB9, - (byte) 0x4A, (byte) 0x03, (byte) 0xC1, (byte) 0xD3, - (byte) 0x56, (byte) 0xC2, (byte) 0x11, (byte) 0x22, - (byte) 0x34, (byte) 0x32, (byte) 0x80, (byte) 0xD6, - (byte) 0x11, (byte) 0x5C, (byte) 0x1D, (byte) 0x21}; - // second part of G uncompressed - public static final byte[] EC224_FP_G_Y = new byte[]{ - (byte) 0xBD, (byte) 0x37, (byte) 0x63, (byte) 0x88, - (byte) 0xB5, (byte) 0xF7, (byte) 0x23, (byte) 0xFB, - (byte) 0x4C, (byte) 0x22, (byte) 0xDF, (byte) 0xE6, - (byte) 0xCD, (byte) 0x43, (byte) 0x75, (byte) 0xA0, - (byte) 0x5A, (byte) 0x07, (byte) 0x47, (byte) 0x64, - (byte) 0x44, (byte) 0xD5, (byte) 0x81, (byte) 0x99, - (byte) 0x85, (byte) 0x00, (byte) 0x7E, (byte) 0x34}; - // Order of G - public static final byte[] EC224_FP_R = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0x16, (byte) 0xA2, - (byte) 0xE0, (byte) 0xB8, (byte) 0xF0, (byte) 0x3E, - (byte) 0x13, (byte) 0xDD, (byte) 0x29, (byte) 0x45, - (byte) 0x5C, (byte) 0x5C, (byte) 0x2A, (byte) 0x3D}; - // cofactor of G - public static final short EC224_FP_K = 1; - - // secp256r1 from http://www.secg.org/sec2-v2.pdf - public static final byte[] EC256_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - public static final byte[] EC256_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; - public static final byte[] EC256_FP_B = new byte[]{ - (byte) 0x5A, (byte) 0xC6, (byte) 0x35, (byte) 0xD8, - (byte) 0xAA, (byte) 0x3A, (byte) 0x93, (byte) 0xE7, - (byte) 0xB3, (byte) 0xEB, (byte) 0xBD, (byte) 0x55, - (byte) 0x76, (byte) 0x98, (byte) 0x86, (byte) 0xBC, - (byte) 0x65, (byte) 0x1D, (byte) 0x06, (byte) 0xB0, - (byte) 0xCC, (byte) 0x53, (byte) 0xB0, (byte) 0xF6, - (byte) 0x3B, (byte) 0xCE, (byte) 0x3C, (byte) 0x3E, - (byte) 0x27, (byte) 0xD2, (byte) 0x60, (byte) 0x4B}; - // G in compressed form / first part of ucompressed - public static final byte[] EC256_FP_G_X = new byte[]{ - (byte) 0x6B, (byte) 0x17, (byte) 0xD1, (byte) 0xF2, - (byte) 0xE1, (byte) 0x2C, (byte) 0x42, (byte) 0x47, - (byte) 0xF8, (byte) 0xBC, (byte) 0xE6, (byte) 0xE5, - (byte) 0x63, (byte) 0xA4, (byte) 0x40, (byte) 0xF2, - (byte) 0x77, (byte) 0x03, (byte) 0x7D, (byte) 0x81, - (byte) 0x2D, (byte) 0xEB, (byte) 0x33, (byte) 0xA0, - (byte) 0xF4, (byte) 0xA1, (byte) 0x39, (byte) 0x45, - (byte) 0xD8, (byte) 0x98, (byte) 0xC2, (byte) 0x96}; - // second part of G uncompressed - public static final byte[] EC256_FP_G_Y = new byte[]{ - (byte) 0x4F, (byte) 0xE3, (byte) 0x42, (byte) 0xE2, - (byte) 0xFE, (byte) 0x1A, (byte) 0x7F, (byte) 0x9B, - (byte) 0x8E, (byte) 0xE7, (byte) 0xEB, (byte) 0x4A, - (byte) 0x7C, (byte) 0x0F, (byte) 0x9E, (byte) 0x16, - (byte) 0x2B, (byte) 0xCE, (byte) 0x33, (byte) 0x57, - (byte) 0x6B, (byte) 0x31, (byte) 0x5E, (byte) 0xCE, - (byte) 0xCB, (byte) 0xB6, (byte) 0x40, (byte) 0x68, - (byte) 0x37, (byte) 0xBF, (byte) 0x51, (byte) 0xF5}; - // Order of G - public static final byte[] EC256_FP_R = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xBC, (byte) 0xE6, (byte) 0xFA, (byte) 0xAD, - (byte) 0xA7, (byte) 0x17, (byte) 0x9E, (byte) 0x84, - (byte) 0xF3, (byte) 0xB9, (byte) 0xCA, (byte) 0xC2, - (byte) 0xFC, (byte) 0x63, (byte) 0x25, (byte) 0x51}; - // cofactor of G - public static final short EC256_FP_K = 1; - - // secp384r1 from http://www.secg.org/sec2-v2.pdf - public static final byte[] EC384_FP_P = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - - public static final byte[] EC384_FP_A = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFE, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; - - public static final byte[] EC384_FP_B = new byte[]{ - (byte) 0xB3, (byte) 0x31, (byte) 0x2F, (byte) 0xA7, - (byte) 0xE2, (byte) 0x3E, (byte) 0xE7, (byte) 0xE4, - (byte) 0x98, (byte) 0x8E, (byte) 0x05, (byte) 0x6B, - (byte) 0xE3, (byte) 0xF8, (byte) 0x2D, (byte) 0x19, - (byte) 0x18, (byte) 0x1D, (byte) 0x9C, (byte) 0x6E, - (byte) 0xFE, (byte) 0x81, (byte) 0x41, (byte) 0x12, - (byte) 0x03, (byte) 0x14, (byte) 0x08, (byte) 0x8F, - (byte) 0x50, (byte) 0x13, (byte) 0x87, (byte) 0x5A, - (byte) 0xC6, (byte) 0x56, (byte) 0x39, (byte) 0x8D, - (byte) 0x8A, (byte) 0x2E, (byte) 0xD1, (byte) 0x9D, - (byte) 0x2A, (byte) 0x85, (byte) 0xC8, (byte) 0xED, - (byte) 0xD3, (byte) 0xEC, (byte) 0x2A, (byte) 0xEF}; - - // G in compressed form / first part of ucompressed - public static final byte[] EC384_FP_G_X = new byte[]{ - (byte) 0xAA, (byte) 0x87, (byte) 0xCA, (byte) 0x22, - (byte) 0xBE, (byte) 0x8B, (byte) 0x05, (byte) 0x37, - (byte) 0x8E, (byte) 0xB1, (byte) 0xC7, (byte) 0x1E, - (byte) 0xF3, (byte) 0x20, (byte) 0xAD, (byte) 0x74, - (byte) 0x6E, (byte) 0x1D, (byte) 0x3B, (byte) 0x62, - (byte) 0x8B, (byte) 0xA7, (byte) 0x9B, (byte) 0x98, - (byte) 0x59, (byte) 0xF7, (byte) 0x41, (byte) 0xE0, - (byte) 0x82, (byte) 0x54, (byte) 0x2A, (byte) 0x38, - (byte) 0x55, (byte) 0x02, (byte) 0xF2, (byte) 0x5D, - (byte) 0xBF, (byte) 0x55, (byte) 0x29, (byte) 0x6C, - (byte) 0x3A, (byte) 0x54, (byte) 0x5E, (byte) 0x38, - (byte) 0x72, (byte) 0x76, (byte) 0x0A, (byte) 0xB7}; - // second part of G uncompressed - public static final byte[] EC384_FP_G_Y = new byte[]{ - (byte) 0x36, (byte) 0x17, (byte) 0xDE, (byte) 0x4A, - (byte) 0x96, (byte) 0x26, (byte) 0x2C, (byte) 0x6F, - (byte) 0x5D, (byte) 0x9E, (byte) 0x98, (byte) 0xBF, - (byte) 0x92, (byte) 0x92, (byte) 0xDC, (byte) 0x29, - (byte) 0xF8, (byte) 0xF4, (byte) 0x1D, (byte) 0xBD, - (byte) 0x28, (byte) 0x9A, (byte) 0x14, (byte) 0x7C, - (byte) 0xE9, (byte) 0xDA, (byte) 0x31, (byte) 0x13, - (byte) 0xB5, (byte) 0xF0, (byte) 0xB8, (byte) 0xC0, - (byte) 0x0A, (byte) 0x60, (byte) 0xB1, (byte) 0xCE, - (byte) 0x1D, (byte) 0x7E, (byte) 0x81, (byte) 0x9D, - (byte) 0x7A, (byte) 0x43, (byte) 0x1D, (byte) 0x7C, - (byte) 0x90, (byte) 0xEA, (byte) 0x0E, (byte) 0x5F}; - - // Order of G - public static final byte[] EC384_FP_R = new byte[]{ - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xC7, (byte) 0x63, (byte) 0x4D, (byte) 0x81, - (byte) 0xF4, (byte) 0x37, (byte) 0x2D, (byte) 0xDF, - (byte) 0x58, (byte) 0x1A, (byte) 0x0D, (byte) 0xB2, - (byte) 0x48, (byte) 0xB0, (byte) 0xA7, (byte) 0x7A, - (byte) 0xEC, (byte) 0xEC, (byte) 0x19, (byte) 0x6A, - (byte) 0xCC, (byte) 0xC5, (byte) 0x29, (byte) 0x73}; - // cofactor of G - public static final short EC384_FP_K = 1; - - - // secp521r1 from http://www.secg.org/sec2-v2.pdf - public static final byte[] EC521_FP_P = new byte[]{ - (byte) 0x01, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF}; - - public static final byte[] EC521_FP_A = new byte[]{ - (byte) 0x01, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFC}; - - public static final byte[] EC521_FP_B = new byte[]{ - (byte) 0x00, (byte) 0x51, (byte) 0x95, (byte) 0x3E, - (byte) 0xB9, (byte) 0x61, (byte) 0x8E, (byte) 0x1C, - (byte) 0x9A, (byte) 0x1F, (byte) 0x92, (byte) 0x9A, - (byte) 0x21, (byte) 0xA0, (byte) 0xB6, (byte) 0x85, - (byte) 0x40, (byte) 0xEE, (byte) 0xA2, (byte) 0xDA, - (byte) 0x72, (byte) 0x5B, (byte) 0x99, (byte) 0xB3, - (byte) 0x15, (byte) 0xF3, (byte) 0xB8, (byte) 0xB4, - (byte) 0x89, (byte) 0x91, (byte) 0x8E, (byte) 0xF1, - (byte) 0x09, (byte) 0xE1, (byte) 0x56, (byte) 0x19, - (byte) 0x39, (byte) 0x51, (byte) 0xEC, (byte) 0x7E, - (byte) 0x93, (byte) 0x7B, (byte) 0x16, (byte) 0x52, - (byte) 0xC0, (byte) 0xBD, (byte) 0x3B, (byte) 0xB1, - (byte) 0xBF, (byte) 0x07, (byte) 0x35, (byte) 0x73, - (byte) 0xDF, (byte) 0x88, (byte) 0x3D, (byte) 0x2C, - (byte) 0x34, (byte) 0xF1, (byte) 0xEF, (byte) 0x45, - (byte) 0x1F, (byte) 0xD4, (byte) 0x6B, (byte) 0x50, - (byte) 0x3F, (byte) 0x00}; - - // G in compressed form / first part of ucompressed - public static final byte[] EC521_FP_G_X = new byte[]{ - (byte) 0x00, (byte) 0xC6, (byte) 0x85, (byte) 0x8E, - (byte) 0x06, (byte) 0xB7, (byte) 0x04, (byte) 0x04, - (byte) 0xE9, (byte) 0xCD, (byte) 0x9E, (byte) 0x3E, - (byte) 0xCB, (byte) 0x66, (byte) 0x23, (byte) 0x95, - (byte) 0xB4, (byte) 0x42, (byte) 0x9C, (byte) 0x64, - (byte) 0x81, (byte) 0x39, (byte) 0x05, (byte) 0x3F, - (byte) 0xB5, (byte) 0x21, (byte) 0xF8, (byte) 0x28, - (byte) 0xAF, (byte) 0x60, (byte) 0x6B, (byte) 0x4D, - (byte) 0x3D, (byte) 0xBA, (byte) 0xA1, (byte) 0x4B, - (byte) 0x5E, (byte) 0x77, (byte) 0xEF, (byte) 0xE7, - (byte) 0x59, (byte) 0x28, (byte) 0xFE, (byte) 0x1D, - (byte) 0xC1, (byte) 0x27, (byte) 0xA2, (byte) 0xFF, - (byte) 0xA8, (byte) 0xDE, (byte) 0x33, (byte) 0x48, - (byte) 0xB3, (byte) 0xC1, (byte) 0x85, (byte) 0x6A, - (byte) 0x42, (byte) 0x9B, (byte) 0xF9, (byte) 0x7E, - (byte) 0x7E, (byte) 0x31, (byte) 0xC2, (byte) 0xE5, - (byte) 0xBD, (byte) 0x66}; - - // second part of G uncompressed - public static final byte[] EC521_FP_G_Y = new byte[]{ - (byte) 0x01, (byte) 0x18, (byte) 0x39, (byte) 0x29, - (byte) 0x6A, (byte) 0x78, (byte) 0x9A, (byte) 0x3B, - (byte) 0xC0, (byte) 0x04, (byte) 0x5C, (byte) 0x8A, - (byte) 0x5F, (byte) 0xB4, (byte) 0x2C, (byte) 0x7D, - (byte) 0x1B, (byte) 0xD9, (byte) 0x98, (byte) 0xF5, - (byte) 0x44, (byte) 0x49, (byte) 0x57, (byte) 0x9B, - (byte) 0x44, (byte) 0x68, (byte) 0x17, (byte) 0xAF, - (byte) 0xBD, (byte) 0x17, (byte) 0x27, (byte) 0x3E, - (byte) 0x66, (byte) 0x2C, (byte) 0x97, (byte) 0xEE, - (byte) 0x72, (byte) 0x99, (byte) 0x5E, (byte) 0xF4, - (byte) 0x26, (byte) 0x40, (byte) 0xC5, (byte) 0x50, - (byte) 0xB9, (byte) 0x01, (byte) 0x3F, (byte) 0xAD, - (byte) 0x07, (byte) 0x61, (byte) 0x35, (byte) 0x3C, - (byte) 0x70, (byte) 0x86, (byte) 0xA2, (byte) 0x72, - (byte) 0xC2, (byte) 0x40, (byte) 0x88, (byte) 0xBE, - (byte) 0x94, (byte) 0x76, (byte) 0x9F, (byte) 0xD1, - (byte) 0x66, (byte) 0x50}; - - // Order of G - public static final byte[] EC521_FP_R = new byte[]{ - (byte) 0x01, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFA, - (byte) 0x51, (byte) 0x86, (byte) 0x87, (byte) 0x83, - (byte) 0xBF, (byte) 0x2F, (byte) 0x96, (byte) 0x6B, - (byte) 0x7F, (byte) 0xCC, (byte) 0x01, (byte) 0x48, - (byte) 0xF7, (byte) 0x09, (byte) 0xA5, (byte) 0xD0, - (byte) 0x3B, (byte) 0xB5, (byte) 0xC9, (byte) 0xB8, - (byte) 0x89, (byte) 0x9C, (byte) 0x47, (byte) 0xAE, - (byte) 0xBB, (byte) 0x6F, (byte) 0xB7, (byte) 0x1E, - (byte) 0x91, (byte) 0x38, (byte) 0x64, (byte) 0x09}; - - // cofactor of G - public static final short EC521_FP_K = 1; - - //sect163r1 from http://www.secg.org/sec2-v2.pdf - // [short i1, short i2, short i3] f = x^163 + x^i1 + x^i2 + x^i3 + 1 - public static final byte[] EC163_F2M_F = new byte[]{ - (byte) 0x00, (byte) 0x07, - (byte) 0x00, (byte) 0x06, - (byte) 0x00, (byte) 0x03 - }; - - public static final byte[] EC163_F2M_A = new byte[]{ - (byte) 0x07, (byte) 0xB6, (byte) 0x88, (byte) 0x2C, - (byte) 0xAA, (byte) 0xEF, (byte) 0xA8, (byte) 0x4F, - (byte) 0x95, (byte) 0x54, (byte) 0xFF, (byte) 0x84, - (byte) 0x28, (byte) 0xBD, (byte) 0x88, (byte) 0xE2, - (byte) 0x46, (byte) 0xD2, (byte) 0x78, (byte) 0x2A, - (byte) 0xE2 - }; - - public static final byte[] EC163_F2M_B = new byte[]{ - (byte) 0x07, (byte) 0x13, (byte) 0x61, (byte) 0x2D, - (byte) 0xCD, (byte) 0xDC, (byte) 0xB4, (byte) 0x0A, - (byte) 0xAB, (byte) 0x94, (byte) 0x6B, (byte) 0xDA, - (byte) 0x29, (byte) 0xCA, (byte) 0x91, (byte) 0xF7, - (byte) 0x3A, (byte) 0xF9, (byte) 0x58, (byte) 0xAF, - (byte) 0xD9 - }; - - // G in compressed form / first part of ucompressed - public static final byte[] EC163_F2M_G_X = new byte[]{ - (byte) 0x03, (byte) 0x69, (byte) 0x97, (byte) 0x96, - (byte) 0x97, (byte) 0xAB, (byte) 0x43, (byte) 0x89, - (byte) 0x77, (byte) 0x89, (byte) 0x56, (byte) 0x67, - (byte) 0x89, (byte) 0x56, (byte) 0x7F, (byte) 0x78, - (byte) 0x7A, (byte) 0x78, (byte) 0x76, (byte) 0xA6, - (byte) 0x54 - }; - - // second part of G uncompressed - public static final byte[] EC163_F2M_G_Y = new byte[]{ - (byte) 0x00, (byte) 0x43, (byte) 0x5E, (byte) 0xDB, - (byte) 0x42, (byte) 0xEF, (byte) 0xAF, (byte) 0xB2, - (byte) 0x98, (byte) 0x9D, (byte) 0x51, (byte) 0xFE, - (byte) 0xFC, (byte) 0xE3, (byte) 0xC8, (byte) 0x09, - (byte) 0x88, (byte) 0xF4, (byte) 0x1F, (byte) 0xF8, - (byte) 0x83 - }; - - // order of G - public static final byte[] EC163_F2M_R = new byte[]{ - (byte) 0x03, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0x48, - (byte) 0xAA, (byte) 0xB6, (byte) 0x89, (byte) 0xC2, - (byte) 0x9C, (byte) 0xA7, (byte) 0x10, (byte) 0x27, - (byte) 0x9B - }; - - // cofactor of G - public static final short EC163_F2M_K = 2; - - //sect233r1 from http://www.secg.org/sec2-v2.pdf - // [short i1, short i2, short i3] f = x^233 + x^i1 + 1 - public static final byte[] EC233_F2M_F = new byte[]{ - (byte) 0x00, (byte) 0x4a - }; - - public static final byte[] EC233_F2M_A = new byte[]{ - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x01 - }; - - public static final byte[] EC233_F2M_B = new byte[]{ - (byte) 0x00, (byte) 0x66, (byte) 0x64, (byte) 0x7E, - (byte) 0xDE, (byte) 0x6C, (byte) 0x33, (byte) 0x2C, - (byte) 0x7F, (byte) 0x8C, (byte) 0x09, (byte) 0x23, - (byte) 0xBB, (byte) 0x58, (byte) 0x21, (byte) 0x3B, - (byte) 0x33, (byte) 0x3B, (byte) 0x20, (byte) 0xE9, - (byte) 0xCE, (byte) 0x42, (byte) 0x81, (byte) 0xFE, - (byte) 0x11, (byte) 0x5F, (byte) 0x7D, (byte) 0x8F, - (byte) 0x90, (byte) 0xAD - }; - - // G in compressed form / first part of ucompressed - public static final byte[] EC233_F2M_G_X = new byte[]{ - (byte) 0x00, (byte) 0xFA, (byte) 0xC9, (byte) 0xDF, - (byte) 0xCB, (byte) 0xAC, (byte) 0x83, (byte) 0x13, - (byte) 0xBB, (byte) 0x21, (byte) 0x39, (byte) 0xF1, - (byte) 0xBB, (byte) 0x75, (byte) 0x5F, (byte) 0xEF, - (byte) 0x65, (byte) 0xBC, (byte) 0x39, (byte) 0x1F, - (byte) 0x8B, (byte) 0x36, (byte) 0xF8, (byte) 0xF8, - (byte) 0xEB, (byte) 0x73, (byte) 0x71, (byte) 0xFD, - (byte) 0x55, (byte) 0x8B - }; - - // second part of G uncompressed - public static final byte[] EC233_F2M_G_Y = new byte[]{ - (byte) 0x01, (byte) 0x00, (byte) 0x6A, (byte) 0x08, - (byte) 0xA4, (byte) 0x19, (byte) 0x03, (byte) 0x35, - (byte) 0x06, (byte) 0x78, (byte) 0xE5, (byte) 0x85, - (byte) 0x28, (byte) 0xBE, (byte) 0xBF, (byte) 0x8A, - (byte) 0x0B, (byte) 0xEF, (byte) 0xF8, (byte) 0x67, - (byte) 0xA7, (byte) 0xCA, (byte) 0x36, (byte) 0x71, - (byte) 0x6F, (byte) 0x7E, (byte) 0x01, (byte) 0xF8, - (byte) 0x10, (byte) 0x52 - }; - - // order of G - public static final byte[] EC233_F2M_R = new byte[]{ - (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x13, - (byte) 0xE9, (byte) 0x74, (byte) 0xE7, (byte) 0x2F, - (byte) 0x8A, (byte) 0x69, (byte) 0x22, (byte) 0x03, - (byte) 0x1D, (byte) 0x26, (byte) 0x03, (byte) 0xCF, - (byte) 0xE0, (byte) 0xD7 - }; - - // cofactor of G - public static final short EC233_F2M_K = 2; - - //sect283r1 from http://www.secg.org/sec2-v2.pdf - // [short i1, short i2, short i3] f = x^283 + x^i1 + x^i2 + x^i3 + 1 - public static final byte[] EC283_F2M_F = new byte[]{ - (byte) 0x00, (byte) 0x0c, - (byte) 0x00, (byte) 0x07, - (byte) 0x00, (byte) 0x05 - }; - - public static final byte[] EC283_F2M_A = new byte[]{ - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01 - }; - - public static final byte[] EC283_F2M_B = new byte[]{ - (byte) 0x02, (byte) 0x7B, (byte) 0x68, (byte) 0x0A, - (byte) 0xC8, (byte) 0xB8, (byte) 0x59, (byte) 0x6D, - (byte) 0xA5, (byte) 0xA4, (byte) 0xAF, (byte) 0x8A, - (byte) 0x19, (byte) 0xA0, (byte) 0x30, (byte) 0x3F, - (byte) 0xCA, (byte) 0x97, (byte) 0xFD, (byte) 0x76, - (byte) 0x45, (byte) 0x30, (byte) 0x9F, (byte) 0xA2, - (byte) 0xA5, (byte) 0x81, (byte) 0x48, (byte) 0x5A, - (byte) 0xF6, (byte) 0x26, (byte) 0x3E, (byte) 0x31, - (byte) 0x3B, (byte) 0x79, (byte) 0xA2, (byte) 0xF5 - }; - - // G in compressed form / first part of ucompressed - public static final byte[] EC283_F2M_G_X = new byte[]{ - (byte) 0x05, (byte) 0xF9, (byte) 0x39, (byte) 0x25, - (byte) 0x8D, (byte) 0xB7, (byte) 0xDD, (byte) 0x90, - (byte) 0xE1, (byte) 0x93, (byte) 0x4F, (byte) 0x8C, - (byte) 0x70, (byte) 0xB0, (byte) 0xDF, (byte) 0xEC, - (byte) 0x2E, (byte) 0xED, (byte) 0x25, (byte) 0xB8, - (byte) 0x55, (byte) 0x7E, (byte) 0xAC, (byte) 0x9C, - (byte) 0x80, (byte) 0xE2, (byte) 0xE1, (byte) 0x98, - (byte) 0xF8, (byte) 0xCD, (byte) 0xBE, (byte) 0xCD, - (byte) 0x86, (byte) 0xB1, (byte) 0x20, (byte) 0x53 - }; - - // second part of G uncompressed - public static final byte[] EC283_F2M_G_Y = new byte[]{ - (byte) 0x03, (byte) 0x67, (byte) 0x68, (byte) 0x54, - (byte) 0xFE, (byte) 0x24, (byte) 0x14, (byte) 0x1C, - (byte) 0xB9, (byte) 0x8F, (byte) 0xE6, (byte) 0xD4, - (byte) 0xB2, (byte) 0x0D, (byte) 0x02, (byte) 0xB4, - (byte) 0x51, (byte) 0x6F, (byte) 0xF7, (byte) 0x02, - (byte) 0x35, (byte) 0x0E, (byte) 0xDD, (byte) 0xB0, - (byte) 0x82, (byte) 0x67, (byte) 0x79, (byte) 0xC8, - (byte) 0x13, (byte) 0xF0, (byte) 0xDF, (byte) 0x45, - (byte) 0xBE, (byte) 0x81, (byte) 0x12, (byte) 0xF4 - }; - - // order of G - public static final byte[] EC283_F2M_R = new byte[]{ - (byte) 0x03, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xEF, (byte) 0x90, - (byte) 0x39, (byte) 0x96, (byte) 0x60, (byte) 0xFC, - (byte) 0x93, (byte) 0x8A, (byte) 0x90, (byte) 0x16, - (byte) 0x5B, (byte) 0x04, (byte) 0x2A, (byte) 0x7C, - (byte) 0xEF, (byte) 0xAD, (byte) 0xB3, (byte) 0x07 - }; - - // cofactor of G - public static final short EC283_F2M_K = 2; - - //sect409r1 from http://www.secg.org/sec2-v2.pdf - // [short i1, short i2, short i3] f = x^409 + x^i1 + 1 - public static final byte[] EC409_F2M_F = new byte[]{ - (byte) 0x00, (byte) 0x57 - }; - - public static final byte[] EC409_F2M_A = new byte[]{ - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01 - }; - - public static final byte[] EC409_F2M_B = new byte[]{ - (byte) 0x00, (byte) 0x21, (byte) 0xA5, (byte) 0xC2, - (byte) 0xC8, (byte) 0xEE, (byte) 0x9F, (byte) 0xEB, - (byte) 0x5C, (byte) 0x4B, (byte) 0x9A, (byte) 0x75, - (byte) 0x3B, (byte) 0x7B, (byte) 0x47, (byte) 0x6B, - (byte) 0x7F, (byte) 0xD6, (byte) 0x42, (byte) 0x2E, - (byte) 0xF1, (byte) 0xF3, (byte) 0xDD, (byte) 0x67, - (byte) 0x47, (byte) 0x61, (byte) 0xFA, (byte) 0x99, - (byte) 0xD6, (byte) 0xAC, (byte) 0x27, (byte) 0xC8, - (byte) 0xA9, (byte) 0xA1, (byte) 0x97, (byte) 0xB2, - (byte) 0x72, (byte) 0x82, (byte) 0x2F, (byte) 0x6C, - (byte) 0xD5, (byte) 0x7A, (byte) 0x55, (byte) 0xAA, - (byte) 0x4F, (byte) 0x50, (byte) 0xAE, (byte) 0x31, - (byte) 0x7B, (byte) 0x13, (byte) 0x54, (byte) 0x5F - }; - - // G in compressed form / first part of ucompressed - public static final byte[] EC409_F2M_G_X = new byte[]{ - (byte) 0x01, (byte) 0x5D, (byte) 0x48, (byte) 0x60, - (byte) 0xD0, (byte) 0x88, (byte) 0xDD, (byte) 0xB3, - (byte) 0x49, (byte) 0x6B, (byte) 0x0C, (byte) 0x60, - (byte) 0x64, (byte) 0x75, (byte) 0x62, (byte) 0x60, - (byte) 0x44, (byte) 0x1C, (byte) 0xDE, (byte) 0x4A, - (byte) 0xF1, (byte) 0x77, (byte) 0x1D, (byte) 0x4D, - (byte) 0xB0, (byte) 0x1F, (byte) 0xFE, (byte) 0x5B, - (byte) 0x34, (byte) 0xE5, (byte) 0x97, (byte) 0x03, - (byte) 0xDC, (byte) 0x25, (byte) 0x5A, (byte) 0x86, - (byte) 0x8A, (byte) 0x11, (byte) 0x80, (byte) 0x51, - (byte) 0x56, (byte) 0x03, (byte) 0xAE, (byte) 0xAB, - (byte) 0x60, (byte) 0x79, (byte) 0x4E, (byte) 0x54, - (byte) 0xBB, (byte) 0x79, (byte) 0x96, (byte) 0xA7 - }; - - // second part of G uncompressed - public static final byte[] EC409_F2M_G_Y = new byte[]{ - (byte) 0x00, (byte) 0x61, (byte) 0xB1, (byte) 0xCF, - (byte) 0xAB, (byte) 0x6B, (byte) 0xE5, (byte) 0xF3, - (byte) 0x2B, (byte) 0xBF, (byte) 0xA7, (byte) 0x83, - (byte) 0x24, (byte) 0xED, (byte) 0x10, (byte) 0x6A, - (byte) 0x76, (byte) 0x36, (byte) 0xB9, (byte) 0xC5, - (byte) 0xA7, (byte) 0xBD, (byte) 0x19, (byte) 0x8D, - (byte) 0x01, (byte) 0x58, (byte) 0xAA, (byte) 0x4F, - (byte) 0x54, (byte) 0x88, (byte) 0xD0, (byte) 0x8F, - (byte) 0x38, (byte) 0x51, (byte) 0x4F, (byte) 0x1F, - (byte) 0xDF, (byte) 0x4B, (byte) 0x4F, (byte) 0x40, - (byte) 0xD2, (byte) 0x18, (byte) 0x1B, (byte) 0x36, - (byte) 0x81, (byte) 0xC3, (byte) 0x64, (byte) 0xBA, - (byte) 0x02, (byte) 0x73, (byte) 0xC7, (byte) 0x06 - }; - - // order of G - public static final byte[] EC409_F2M_R = new byte[]{ - (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x01, (byte) 0xE2, - (byte) 0xAA, (byte) 0xD6, (byte) 0xA6, (byte) 0x12, - (byte) 0xF3, (byte) 0x33, (byte) 0x07, (byte) 0xBE, - (byte) 0x5F, (byte) 0xA4, (byte) 0x7C, (byte) 0x3C, - (byte) 0x9E, (byte) 0x05, (byte) 0x2F, (byte) 0x83, - (byte) 0x81, (byte) 0x64, (byte) 0xCD, (byte) 0x37, - (byte) 0xD9, (byte) 0xA2, (byte) 0x11, (byte) 0x73 - }; - - // cofactor of G - public static final short EC409_F2M_K = 2; - - //sect571r1 from http://www.secg.org/sec2-v2.pdf - // [short i1, short i2, short i3] f = x^571 + x^i1 + x^i2 + x^i3 + 1 - public static final byte[] EC571_F2M_F = new byte[]{ - (byte) 0x00, (byte) 0x0a, - (byte) 0x00, (byte) 0x05, - (byte) 0x00, (byte) 0x02, - }; - - public static final byte[] EC571_F2M_A = new byte[]{ - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, - (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x01 - }; - - public static final byte[] EC571_F2M_B = new byte[]{ - (byte) 0x02, (byte) 0xF4, (byte) 0x0E, (byte) 0x7E, - (byte) 0x22, (byte) 0x21, (byte) 0xF2, (byte) 0x95, - (byte) 0xDE, (byte) 0x29, (byte) 0x71, (byte) 0x17, - (byte) 0xB7, (byte) 0xF3, (byte) 0xD6, (byte) 0x2F, - (byte) 0x5C, (byte) 0x6A, (byte) 0x97, (byte) 0xFF, - (byte) 0xCB, (byte) 0x8C, (byte) 0xEF, (byte) 0xF1, - (byte) 0xCD, (byte) 0x6B, (byte) 0xA8, (byte) 0xCE, - (byte) 0x4A, (byte) 0x9A, (byte) 0x18, (byte) 0xAD, - (byte) 0x84, (byte) 0xFF, (byte) 0xAB, (byte) 0xBD, - (byte) 0x8E, (byte) 0xFA, (byte) 0x59, (byte) 0x33, - (byte) 0x2B, (byte) 0xE7, (byte) 0xAD, (byte) 0x67, - (byte) 0x56, (byte) 0xA6, (byte) 0x6E, (byte) 0x29, - (byte) 0x4A, (byte) 0xFD, (byte) 0x18, (byte) 0x5A, - (byte) 0x78, (byte) 0xFF, (byte) 0x12, (byte) 0xAA, - (byte) 0x52, (byte) 0x0E, (byte) 0x4D, (byte) 0xE7, - (byte) 0x39, (byte) 0xBA, (byte) 0xCA, (byte) 0x0C, - (byte) 0x7F, (byte) 0xFE, (byte) 0xFF, (byte) 0x7F, - (byte) 0x29, (byte) 0x55, (byte) 0x72, (byte) 0x7A - }; - - // G in compressed form / first part of ucompressed - public static final byte[] EC571_F2M_G_X = new byte[]{ - (byte) 0x03, (byte) 0x03, (byte) 0x00, (byte) 0x1D, - (byte) 0x34, (byte) 0xB8, (byte) 0x56, (byte) 0x29, - (byte) 0x6C, (byte) 0x16, (byte) 0xC0, (byte) 0xD4, - (byte) 0x0D, (byte) 0x3C, (byte) 0xD7, (byte) 0x75, - (byte) 0x0A, (byte) 0x93, (byte) 0xD1, (byte) 0xD2, - (byte) 0x95, (byte) 0x5F, (byte) 0xA8, (byte) 0x0A, - (byte) 0xA5, (byte) 0xF4, (byte) 0x0F, (byte) 0xC8, - (byte) 0xDB, (byte) 0x7B, (byte) 0x2A, (byte) 0xBD, - (byte) 0xBD, (byte) 0xE5, (byte) 0x39, (byte) 0x50, - (byte) 0xF4, (byte) 0xC0, (byte) 0xD2, (byte) 0x93, - (byte) 0xCD, (byte) 0xD7, (byte) 0x11, (byte) 0xA3, - (byte) 0x5B, (byte) 0x67, (byte) 0xFB, (byte) 0x14, - (byte) 0x99, (byte) 0xAE, (byte) 0x60, (byte) 0x03, - (byte) 0x86, (byte) 0x14, (byte) 0xF1, (byte) 0x39, - (byte) 0x4A, (byte) 0xBF, (byte) 0xA3, (byte) 0xB4, - (byte) 0xC8, (byte) 0x50, (byte) 0xD9, (byte) 0x27, - (byte) 0xE1, (byte) 0xE7, (byte) 0x76, (byte) 0x9C, - (byte) 0x8E, (byte) 0xEC, (byte) 0x2D, (byte) 0x19 - }; - - // second part of G uncompressed - public static final byte[] EC571_F2M_G_Y = new byte[]{ - (byte) 0x03, (byte) 0x7B, (byte) 0xF2, (byte) 0x73, - (byte) 0x42, (byte) 0xDA, (byte) 0x63, (byte) 0x9B, - (byte) 0x6D, (byte) 0xCC, (byte) 0xFF, (byte) 0xFE, - (byte) 0xB7, (byte) 0x3D, (byte) 0x69, (byte) 0xD7, - (byte) 0x8C, (byte) 0x6C, (byte) 0x27, (byte) 0xA6, - (byte) 0x00, (byte) 0x9C, (byte) 0xBB, (byte) 0xCA, - (byte) 0x19, (byte) 0x80, (byte) 0xF8, (byte) 0x53, - (byte) 0x39, (byte) 0x21, (byte) 0xE8, (byte) 0xA6, - (byte) 0x84, (byte) 0x42, (byte) 0x3E, (byte) 0x43, - (byte) 0xBA, (byte) 0xB0, (byte) 0x8A, (byte) 0x57, - (byte) 0x62, (byte) 0x91, (byte) 0xAF, (byte) 0x8F, - (byte) 0x46, (byte) 0x1B, (byte) 0xB2, (byte) 0xA8, - (byte) 0xB3, (byte) 0x53, (byte) 0x1D, (byte) 0x2F, - (byte) 0x04, (byte) 0x85, (byte) 0xC1, (byte) 0x9B, - (byte) 0x16, (byte) 0xE2, (byte) 0xF1, (byte) 0x51, - (byte) 0x6E, (byte) 0x23, (byte) 0xDD, (byte) 0x3C, - (byte) 0x1A, (byte) 0x48, (byte) 0x27, (byte) 0xAF, - (byte) 0x1B, (byte) 0x8A, (byte) 0xC1, (byte) 0x5B - }; - - // order of G - public static final byte[] EC571_F2M_R = new byte[]{ - (byte) 0x03, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, - (byte) 0xE6, (byte) 0x61, (byte) 0xCE, (byte) 0x18, - (byte) 0xFF, (byte) 0x55, (byte) 0x98, (byte) 0x73, - (byte) 0x08, (byte) 0x05, (byte) 0x9B, (byte) 0x18, - (byte) 0x68, (byte) 0x23, (byte) 0x85, (byte) 0x1E, - (byte) 0xC7, (byte) 0xDD, (byte) 0x9C, (byte) 0xA1, - (byte) 0x16, (byte) 0x1D, (byte) 0xE9, (byte) 0x3D, - (byte) 0x51, (byte) 0x74, (byte) 0xD6, (byte) 0x6E, - (byte) 0x83, (byte) 0x82, (byte) 0xE9, (byte) 0xBB, - (byte) 0x2F, (byte) 0xE8, (byte) 0x4E, (byte) 0x47 - }; - - // cofactor of G - public static final short EC571_F2M_K = 2; - - //Anomalous curve(small-pub-128), with pubkey of order 5 - public static final byte[] ECSP128_FP_P = { - (byte) 0xcf, (byte) 0xba, (byte) 0x21, (byte) 0xfd, - (byte) 0x04, (byte) 0x83, (byte) 0xb1, (byte) 0xf3, - (byte) 0x00, (byte) 0xfa, (byte) 0x25, (byte) 0x06, - (byte) 0xa5, (byte) 0xa5, (byte) 0x66, (byte) 0xef - }; - - public static final byte[] ECSP128_FP_A = { - (byte) 0x36, (byte) 0xd9, (byte) 0xa5, (byte) 0xac, - (byte) 0xac, (byte) 0x27, (byte) 0xa0, (byte) 0x08, - (byte) 0xe3, (byte) 0x6c, (byte) 0xbe, (byte) 0x3e, - (byte) 0x9f, (byte) 0x10, (byte) 0x3f, (byte) 0xde - }; - - public static final byte[] ECSP128_FP_B = { - (byte) 0xa6, (byte) 0x7c, (byte) 0xf5, (byte) 0xfa, - (byte) 0x09, (byte) 0xfb, (byte) 0x1d, (byte) 0xb9, - (byte) 0x02, (byte) 0x06, (byte) 0x8c, (byte) 0x87, - (byte) 0x04, (byte) 0x6a, (byte) 0xe2, (byte) 0x1e - }; - - public static final byte[] ECSP128_FP_G_X = { - (byte) 0x47, (byte) 0xd7, (byte) 0x83, (byte) 0x91, - (byte) 0xa4, (byte) 0xb9, (byte) 0xff, (byte) 0xf6, - (byte) 0xa0, (byte) 0xdb, (byte) 0x12, (byte) 0x92, - (byte) 0xf9, (byte) 0xcd, (byte) 0x0e, (byte) 0x6a - }; - - public static final byte[] ECSP128_FP_G_Y = { - (byte) 0x9a, (byte) 0xed, (byte) 0x9c, (byte) 0x92, - (byte) 0xf8, (byte) 0xbb, (byte) 0x3d, (byte) 0xbd, - (byte) 0x42, (byte) 0x40, (byte) 0x21, (byte) 0x65, - (byte) 0xa2, (byte) 0x70, (byte) 0xbd, (byte) 0x6f - }; - - public static final byte[] ECSP128_FP_R = { - (byte) 0xcf, (byte) 0xba, (byte) 0x21, (byte) 0xfd, - (byte) 0x04, (byte) 0x83, (byte) 0xb1, (byte) 0xf3, - (byte) 0x33, (byte) 0xd6, (byte) 0x1a, (byte) 0x5a, - (byte) 0xf6, (byte) 0xad, (byte) 0xa2, (byte) 0xc7 - }; - - public static final short ECSP128_FP_K = 1; - - public static final byte[] ECSP128_FP_W_X = { - (byte) 0x63, (byte) 0x90, (byte) 0x1e, (byte) 0x12, - (byte) 0x27, (byte) 0x61, (byte) 0xd9, (byte) 0xc1, - (byte) 0x65, (byte) 0x65, (byte) 0xb2, (byte) 0xf3, - (byte) 0x8e, (byte) 0x99, (byte) 0x1f, (byte) 0x71 - }; - - public static final byte[] ECSP128_FP_W_Y = { - (byte) 0xb9, (byte) 0xd9, (byte) 0x9f, (byte) 0xbc, - (byte) 0x31, (byte) 0x54, (byte) 0xa9, (byte) 0x6c, - (byte) 0xa2, (byte) 0x3e, (byte) 0xcf, (byte) 0xf7, - (byte) 0x70, (byte) 0xcb, (byte) 0xbe, (byte) 0x4f - }; - - - //Anomalous curve(small-pub-160), with pubkey of order 3 - public static final byte[] ECSP160_FP_P = { - (byte) 0xdc, (byte) 0x13, (byte) 0x49, (byte) 0x0f, - (byte) 0xf9, (byte) 0x85, (byte) 0x7b, (byte) 0x11, - (byte) 0x1f, (byte) 0x44, (byte) 0xc0, (byte) 0x50, - (byte) 0x07, (byte) 0x70, (byte) 0xa6, (byte) 0x45, - (byte) 0x7e, (byte) 0x68, (byte) 0x32, (byte) 0x23 - }; - - public static final byte[] ECSP160_FP_A = { - (byte) 0xa3, (byte) 0xec, (byte) 0xd7, (byte) 0xd5, - (byte) 0x1e, (byte) 0x79, (byte) 0xd7, (byte) 0x2d, - (byte) 0x27, (byte) 0x00, (byte) 0x18, (byte) 0x4c, - (byte) 0x79, (byte) 0x5a, (byte) 0xa8, (byte) 0xa6, - (byte) 0xb8, (byte) 0xe6, (byte) 0x65, (byte) 0x73 - }; - - public static final byte[] ECSP160_FP_B = { - (byte) 0x8a, (byte) 0xc4, (byte) 0x35, (byte) 0x92, - (byte) 0x90, (byte) 0x5f, (byte) 0x99, (byte) 0x5c, - (byte) 0xb1, (byte) 0x3f, (byte) 0x36, (byte) 0x94, - (byte) 0x31, (byte) 0x7b, (byte) 0xf4, (byte) 0x70, - (byte) 0xad, (byte) 0xaf, (byte) 0xb6, (byte) 0x45 - }; - - public static final byte[] ECSP160_FP_G_X = { - (byte) 0x5f, (byte) 0x8e, (byte) 0x88, (byte) 0xaf, - (byte) 0xc1, (byte) 0x17, (byte) 0xc7, (byte) 0x22, - (byte) 0x85, (byte) 0x9f, (byte) 0xe8, (byte) 0xe5, - (byte) 0x56, (byte) 0x47, (byte) 0xbc, (byte) 0xa6, - (byte) 0x9b, (byte) 0xa8, (byte) 0x21, (byte) 0x50 - }; - - public static final byte[] ECSP160_FP_G_Y = { - (byte) 0x93, (byte) 0xe6, (byte) 0xdc, (byte) 0xae, - (byte) 0xe2, (byte) 0x71, (byte) 0xe9, (byte) 0xf2, - (byte) 0x83, (byte) 0x8c, (byte) 0x98, (byte) 0xb7, - (byte) 0xd0, (byte) 0x6e, (byte) 0xcc, (byte) 0xc5, - (byte) 0xd7, (byte) 0xc8, (byte) 0x00, (byte) 0xe5 - }; - - public static final byte[] ECSP160_FP_R = { - (byte) 0xdc, (byte) 0x13, (byte) 0x49, (byte) 0x0f, - (byte) 0xf9, (byte) 0x85, (byte) 0x7b, (byte) 0x11, - (byte) 0x1f, (byte) 0x44, (byte) 0x6e, (byte) 0xf4, - (byte) 0xa6, (byte) 0xd1, (byte) 0xe1, (byte) 0x71, - (byte) 0x5f, (byte) 0x6a, (byte) 0x6d, (byte) 0xff - }; - - public static final short ECSP160_FP_K = 1; - - public static final byte[] ECSP160_FP_W_X = { - (byte) 0x59, (byte) 0xc9, (byte) 0xc3, (byte) 0xc8, - (byte) 0xae, (byte) 0xf2, (byte) 0x9f, (byte) 0x1c, - (byte) 0x1c, (byte) 0x50, (byte) 0x0c, (byte) 0xaf, - (byte) 0xb4, (byte) 0x72, (byte) 0x6d, (byte) 0xa6, - (byte) 0x08, (byte) 0x6e, (byte) 0x6e, (byte) 0xb0 - }; - - public static final byte[] ECSP160_FP_W_Y = { - (byte) 0xd6, (byte) 0x95, (byte) 0xa7, (byte) 0x60, - (byte) 0x05, (byte) 0xed, (byte) 0xdb, (byte) 0x26, - (byte) 0xaf, (byte) 0xd4, (byte) 0x0e, (byte) 0xe2, - (byte) 0x09, (byte) 0x04, (byte) 0x77, (byte) 0x8b, - (byte) 0xb3, (byte) 0x49, (byte) 0x7b, (byte) 0xb1 - }; - - - //Anomalous curve(small-pub-192), with pubkey of order 4 - public static final byte[] ECSP192_FP_P = { - (byte) 0xce, (byte) 0x71, (byte) 0x4c, (byte) 0xc3, - (byte) 0xa1, (byte) 0x5c, (byte) 0xe7, (byte) 0xe5, - (byte) 0xda, (byte) 0xb0, (byte) 0x68, (byte) 0xc9, - (byte) 0xa1, (byte) 0xf8, (byte) 0xbe, (byte) 0x00, - (byte) 0xaa, (byte) 0xd4, (byte) 0x80, (byte) 0xab, - (byte) 0xcc, (byte) 0xae, (byte) 0xef, (byte) 0xc3 - }; - - public static final byte[] ECSP192_FP_A = { - (byte) 0x59, (byte) 0x7c, (byte) 0x78, (byte) 0x1f, - (byte) 0x64, (byte) 0xc3, (byte) 0x3e, (byte) 0xb8, - (byte) 0xef, (byte) 0x91, (byte) 0x9c, (byte) 0x41, - (byte) 0x59, (byte) 0x11, (byte) 0x51, (byte) 0x8e, - (byte) 0xa3, (byte) 0x23, (byte) 0xbe, (byte) 0x88, - (byte) 0xb9, (byte) 0x43, (byte) 0x7c, (byte) 0xaf - }; - - public static final byte[] ECSP192_FP_B = { - (byte) 0xf8, (byte) 0x15, (byte) 0x85, (byte) 0xa1, - (byte) 0xb1, (byte) 0x8f, (byte) 0x23, (byte) 0x3d, - (byte) 0x70, (byte) 0xad, (byte) 0xd7, (byte) 0xee, - (byte) 0x13, (byte) 0x42, (byte) 0xd2, (byte) 0x03, - (byte) 0x5c, (byte) 0x38, (byte) 0x6a, (byte) 0x92, - (byte) 0xe3, (byte) 0xab, (byte) 0x83, (byte) 0x20 - }; - - public static final byte[] ECSP192_FP_G_X = { - (byte) 0x15, (byte) 0x0f, (byte) 0xf0, (byte) 0xa4, - (byte) 0x0d, (byte) 0xea, (byte) 0xc6, (byte) 0x46, - (byte) 0x2b, (byte) 0x59, (byte) 0x87, (byte) 0x41, - (byte) 0x86, (byte) 0x17, (byte) 0xfd, (byte) 0xee, - (byte) 0xb6, (byte) 0xbf, (byte) 0xd7, (byte) 0x6d, - (byte) 0x4d, (byte) 0x60, (byte) 0xa0, (byte) 0x67 - }; - - public static final byte[] ECSP192_FP_G_Y = { - (byte) 0x84, (byte) 0x3d, (byte) 0x57, (byte) 0x73, - (byte) 0x71, (byte) 0xc5, (byte) 0xdc, (byte) 0xe1, - (byte) 0x22, (byte) 0xc2, (byte) 0xff, (byte) 0x20, - (byte) 0x6b, (byte) 0x2f, (byte) 0x42, (byte) 0xfa, - (byte) 0x0b, (byte) 0x84, (byte) 0x2b, (byte) 0x49, - (byte) 0xbd, (byte) 0xaf, (byte) 0x99, (byte) 0x0f - }; - - public static final byte[] ECSP192_FP_R = { - (byte) 0xce, (byte) 0x71, (byte) 0x4c, (byte) 0xc3, - (byte) 0xa1, (byte) 0x5c, (byte) 0xe7, (byte) 0xe5, - (byte) 0xda, (byte) 0xb0, (byte) 0x68, (byte) 0xc9, - (byte) 0xa3, (byte) 0x0b, (byte) 0xc9, (byte) 0x29, - (byte) 0x15, (byte) 0xbd, (byte) 0x86, (byte) 0x62, - (byte) 0xae, (byte) 0x88, (byte) 0x28, (byte) 0x87 - }; - - public static final short ECSP192_FP_K = 1; - - public static final byte[] ECSP192_FP_W_X = { - (byte) 0x17, (byte) 0x04, (byte) 0x7f, (byte) 0x91, - (byte) 0xdb, (byte) 0xe3, (byte) 0x30, (byte) 0x32, - (byte) 0xc9, (byte) 0xd0, (byte) 0x9b, (byte) 0xd2, - (byte) 0x9c, (byte) 0xea, (byte) 0xdd, (byte) 0x8a, - (byte) 0x09, (byte) 0xcc, (byte) 0xc3, (byte) 0x2a, - (byte) 0xc6, (byte) 0x30, (byte) 0x95, (byte) 0x41 - }; - - public static final byte[] ECSP192_FP_W_Y = { - (byte) 0x6a, (byte) 0x72, (byte) 0x6d, (byte) 0xe5, - (byte) 0x4f, (byte) 0xbd, (byte) 0x59, (byte) 0xcf, - (byte) 0xc3, (byte) 0x52, (byte) 0xe8, (byte) 0x38, - (byte) 0xb3, (byte) 0x37, (byte) 0xfa, (byte) 0x00, - (byte) 0x5a, (byte) 0x97, (byte) 0x18, (byte) 0x08, - (byte) 0x16, (byte) 0x13, (byte) 0x5e, (byte) 0x6a - }; - - - public static final byte[] ECSP224_FP_P = { - (byte) 0xee, (byte) 0xd4, (byte) 0xc3, (byte) 0xd9, - (byte) 0x8f, (byte) 0x1c, (byte) 0x9b, (byte) 0x95, - (byte) 0x18, (byte) 0xf1, (byte) 0x16, (byte) 0x26, - (byte) 0x3d, (byte) 0xb7, (byte) 0x70, (byte) 0x36, - (byte) 0x68, (byte) 0x77, (byte) 0xd1, (byte) 0x2d, - (byte) 0xf6, (byte) 0xa9, (byte) 0xcf, (byte) 0x08, - (byte) 0xb9, (byte) 0x6d, (byte) 0xd4, (byte) 0xbb - }; - - //Anomalous curve(small-pub-224), with pubkey of order 5 - public static final byte[] ECSP224_FP_A = { - (byte) 0x8d, (byte) 0x4d, (byte) 0xdd, (byte) 0xb0, - (byte) 0x31, (byte) 0x7d, (byte) 0x6a, (byte) 0x6b, - (byte) 0xf9, (byte) 0xa4, (byte) 0xdb, (byte) 0xbe, - (byte) 0xd3, (byte) 0xa4, (byte) 0x3f, (byte) 0xa2, - (byte) 0x1f, (byte) 0x79, (byte) 0x86, (byte) 0x9c, - (byte) 0x5a, (byte) 0xb9, (byte) 0x72, (byte) 0x9d, - (byte) 0x23, (byte) 0x9e, (byte) 0x92, (byte) 0x82 - }; - - public static final byte[] ECSP224_FP_B = { - (byte) 0x46, (byte) 0x87, (byte) 0x36, (byte) 0x14, - (byte) 0xbe, (byte) 0x3d, (byte) 0xff, (byte) 0xc9, - (byte) 0x21, (byte) 0x80, (byte) 0x82, (byte) 0x32, - (byte) 0x22, (byte) 0x10, (byte) 0xc0, (byte) 0x61, - (byte) 0x61, (byte) 0x40, (byte) 0x28, (byte) 0x6f, - (byte) 0x2d, (byte) 0x16, (byte) 0x05, (byte) 0x03, - (byte) 0xc1, (byte) 0xa9, (byte) 0x25, (byte) 0x0d - }; - - public static final byte[] ECSP224_FP_G_X = { - (byte) 0x96, (byte) 0x1b, (byte) 0xbb, (byte) 0x1f, - (byte) 0xc9, (byte) 0x95, (byte) 0x5a, (byte) 0x71, - (byte) 0xc9, (byte) 0x1a, (byte) 0x50, (byte) 0xae, - (byte) 0xdc, (byte) 0xd2, (byte) 0xf1, (byte) 0x4f, - (byte) 0xcc, (byte) 0xb6, (byte) 0x60, (byte) 0xaf, - (byte) 0x99, (byte) 0x2b, (byte) 0x00, (byte) 0x30, - (byte) 0xb9, (byte) 0xc9, (byte) 0x0b, (byte) 0x36 - }; - - public static final byte[] ECSP224_FP_G_Y = { - (byte) 0x1c, (byte) 0x00, (byte) 0xf6, (byte) 0xd0, - (byte) 0xbd, (byte) 0x40, (byte) 0x5d, (byte) 0xd7, - (byte) 0xd3, (byte) 0x01, (byte) 0x6f, (byte) 0xb8, - (byte) 0xc0, (byte) 0xc7, (byte) 0x5e, (byte) 0x4e, - (byte) 0xce, (byte) 0xc7, (byte) 0x0f, (byte) 0xe6, - (byte) 0x12, (byte) 0x37, (byte) 0xf6, (byte) 0xd2, - (byte) 0x40, (byte) 0x08, (byte) 0xa5, (byte) 0xfd - }; - - public static final byte[] ECSP224_FP_R = { - (byte) 0xee, (byte) 0xd4, (byte) 0xc3, (byte) 0xd9, - (byte) 0x8f, (byte) 0x1c, (byte) 0x9b, (byte) 0x95, - (byte) 0x18, (byte) 0xf1, (byte) 0x16, (byte) 0x26, - (byte) 0x3d, (byte) 0xb8, (byte) 0x21, (byte) 0xc3, - (byte) 0x6a, (byte) 0x06, (byte) 0xad, (byte) 0xae, - (byte) 0x17, (byte) 0x16, (byte) 0x2a, (byte) 0xd3, - (byte) 0x16, (byte) 0x2f, (byte) 0x68, (byte) 0xc3 - }; - - public static final short ECSP224_FP_K = 1; - - public static final byte[] ECSP224_FP_W_X = { - (byte) 0xcf, (byte) 0xd9, (byte) 0x2a, (byte) 0xea, - (byte) 0x0f, (byte) 0x79, (byte) 0x19, (byte) 0x0c, - (byte) 0x48, (byte) 0xca, (byte) 0x70, (byte) 0x3e, - (byte) 0xb8, (byte) 0xa9, (byte) 0xba, (byte) 0xa7, - (byte) 0x09, (byte) 0x9a, (byte) 0x23, (byte) 0xbb, - (byte) 0x39, (byte) 0x57, (byte) 0x82, (byte) 0x61, - (byte) 0xfe, (byte) 0x4d, (byte) 0x0f, (byte) 0x04 - }; - - public static final byte[] ECSP224_FP_W_Y = { - (byte) 0x25, (byte) 0x7a, (byte) 0x3d, (byte) 0x98, - (byte) 0xde, (byte) 0x44, (byte) 0xbd, (byte) 0x25, - (byte) 0x40, (byte) 0x49, (byte) 0x77, (byte) 0xa4, - (byte) 0xac, (byte) 0x7f, (byte) 0xc5, (byte) 0x6d, - (byte) 0x3d, (byte) 0x4e, (byte) 0x82, (byte) 0x7f, - (byte) 0x08, (byte) 0x5b, (byte) 0x7c, (byte) 0xf5, - (byte) 0x24, (byte) 0x75, (byte) 0x24, (byte) 0xc4 - }; - - - //Anomalous curve(small-pub-256), with pubkey of order 3 - public static final byte[] ECSP256_FP_P = { - (byte) 0xc9, (byte) 0xa8, (byte) 0x03, (byte) 0xb1, - (byte) 0xea, (byte) 0xf8, (byte) 0x49, (byte) 0xf1, - (byte) 0xc0, (byte) 0x2c, (byte) 0xfd, (byte) 0x1d, - (byte) 0xbf, (byte) 0xac, (byte) 0x68, (byte) 0x62, - (byte) 0x39, (byte) 0x85, (byte) 0xc8, (byte) 0x8b, - (byte) 0x37, (byte) 0x10, (byte) 0x3b, (byte) 0x33, - (byte) 0x8a, (byte) 0xe1, (byte) 0x1d, (byte) 0x25, - (byte) 0x97, (byte) 0xee, (byte) 0x84, (byte) 0x45 - }; - - public static final byte[] ECSP256_FP_A = { - (byte) 0x48, (byte) 0x41, (byte) 0xc5, (byte) 0x77, - (byte) 0x5a, (byte) 0x24, (byte) 0xa8, (byte) 0x84, - (byte) 0xca, (byte) 0x36, (byte) 0xec, (byte) 0x36, - (byte) 0x2b, (byte) 0x44, (byte) 0x64, (byte) 0x5a, - (byte) 0x2f, (byte) 0x60, (byte) 0xb2, (byte) 0x5d, - (byte) 0x00, (byte) 0x2c, (byte) 0x4f, (byte) 0xc1, - (byte) 0xd9, (byte) 0xf1, (byte) 0x39, (byte) 0x87, - (byte) 0x0f, (byte) 0xe0, (byte) 0xcc, (byte) 0x71 - }; - - public static final byte[] ECSP256_FP_B = { - (byte) 0x1b, (byte) 0x09, (byte) 0x74, (byte) 0x56, - (byte) 0x75, (byte) 0x1f, (byte) 0x35, (byte) 0x34, - (byte) 0x19, (byte) 0x0d, (byte) 0xae, (byte) 0x56, - (byte) 0x8f, (byte) 0x80, (byte) 0xa2, (byte) 0xc6, - (byte) 0xff, (byte) 0x55, (byte) 0xdd, (byte) 0xdf, - (byte) 0xe0, (byte) 0x72, (byte) 0xa7, (byte) 0xdc, - (byte) 0x64, (byte) 0x67, (byte) 0xa4, (byte) 0xb6, - (byte) 0x47, (byte) 0x6b, (byte) 0x68, (byte) 0x80 - }; - - public static final byte[] ECSP256_FP_G_X = { - (byte) 0xa1, (byte) 0xfd, (byte) 0x34, (byte) 0xa2, - (byte) 0x7a, (byte) 0xfb, (byte) 0x13, (byte) 0x40, - (byte) 0xb8, (byte) 0xe4, (byte) 0xa7, (byte) 0xdb, - (byte) 0x2a, (byte) 0x5e, (byte) 0xc5, (byte) 0xa1, - (byte) 0x43, (byte) 0x2c, (byte) 0x6d, (byte) 0xc8, - (byte) 0x55, (byte) 0x5a, (byte) 0xf9, (byte) 0xf7, - (byte) 0x8f, (byte) 0xca, (byte) 0x2c, (byte) 0xf7, - (byte) 0x40, (byte) 0xca, (byte) 0xb2, (byte) 0xb7 - }; - - public static final byte[] ECSP256_FP_G_Y = { - (byte) 0x98, (byte) 0x41, (byte) 0x9c, (byte) 0x69, - (byte) 0x8c, (byte) 0xab, (byte) 0x6c, (byte) 0x7d, - (byte) 0xbb, (byte) 0x53, (byte) 0xeb, (byte) 0x27, - (byte) 0x51, (byte) 0x41, (byte) 0x7b, (byte) 0x52, - (byte) 0xcc, (byte) 0xde, (byte) 0xd4, (byte) 0x68, - (byte) 0x0c, (byte) 0x5e, (byte) 0x09, (byte) 0x54, - (byte) 0x3f, (byte) 0x93, (byte) 0xc7, (byte) 0x88, - (byte) 0x6c, (byte) 0x3a, (byte) 0x17, (byte) 0x3e - }; - - public static final byte[] ECSP256_FP_R = { - (byte) 0xc9, (byte) 0xa8, (byte) 0x03, (byte) 0xb1, - (byte) 0xea, (byte) 0xf8, (byte) 0x49, (byte) 0xf1, - (byte) 0xc0, (byte) 0x2c, (byte) 0xfd, (byte) 0x1d, - (byte) 0xbf, (byte) 0xac, (byte) 0x68, (byte) 0x63, - (byte) 0x12, (byte) 0x8c, (byte) 0x5b, (byte) 0x1f, - (byte) 0xc5, (byte) 0xac, (byte) 0xd5, (byte) 0xb5, - (byte) 0xe0, (byte) 0xfc, (byte) 0x0a, (byte) 0x73, - (byte) 0x11, (byte) 0xfb, (byte) 0x5b, (byte) 0x1d - }; - - public static final short ECSP256_FP_K = 1; - - public static final byte[] ECSP256_FP_W_X = { - (byte) 0x75, (byte) 0xfc, (byte) 0xe7, (byte) 0x09, - (byte) 0x68, (byte) 0x86, (byte) 0x2d, (byte) 0x53, - (byte) 0xe2, (byte) 0x95, (byte) 0x48, (byte) 0xaa, - (byte) 0xd7, (byte) 0x05, (byte) 0x82, (byte) 0x51, - (byte) 0x4e, (byte) 0x96, (byte) 0x0d, (byte) 0x81, - (byte) 0x28, (byte) 0xbd, (byte) 0x3c, (byte) 0x5f, - (byte) 0x8c, (byte) 0x4d, (byte) 0xbe, (byte) 0x2c, - (byte) 0xf8, (byte) 0xda, (byte) 0xd6, (byte) 0x53 - }; - - public static final byte[] ECSP256_FP_W_Y = { - (byte) 0x55, (byte) 0xaa, (byte) 0x4b, (byte) 0x7d, - (byte) 0x38, (byte) 0x82, (byte) 0xfb, (byte) 0x0a, - (byte) 0x83, (byte) 0xbd, (byte) 0x00, (byte) 0xc9, - (byte) 0xc3, (byte) 0xba, (byte) 0xe1, (byte) 0x7f, - (byte) 0x10, (byte) 0x24, (byte) 0xd6, (byte) 0x4a, - (byte) 0xec, (byte) 0x67, (byte) 0xe1, (byte) 0xdb, - (byte) 0x38, (byte) 0xef, (byte) 0x67, (byte) 0x1e, - (byte) 0x63, (byte) 0x50, (byte) 0xbe, (byte) 0xae - }; - - - //Anomalous curve(small-pub-384), with pubkey of order 3 - public static final byte[] ECSP384_FP_P = { - (byte) 0xd0, (byte) 0xdf, (byte) 0x6c, (byte) 0x96, - (byte) 0xcf, (byte) 0xf7, (byte) 0x08, (byte) 0x1b, - (byte) 0xe8, (byte) 0x0d, (byte) 0x22, (byte) 0xb0, - (byte) 0x05, (byte) 0x75, (byte) 0x8a, (byte) 0x2e, - (byte) 0x2f, (byte) 0x04, (byte) 0x6e, (byte) 0x15, - (byte) 0xfe, (byte) 0x02, (byte) 0x0e, (byte) 0xf8, - (byte) 0x86, (byte) 0xe2, (byte) 0x1b, (byte) 0x49, - (byte) 0x2a, (byte) 0xc5, (byte) 0x72, (byte) 0x57, - (byte) 0xa9, (byte) 0x23, (byte) 0x14, (byte) 0x4b, - (byte) 0xca, (byte) 0xd9, (byte) 0x89, (byte) 0xab, - (byte) 0x63, (byte) 0x41, (byte) 0xbd, (byte) 0x3b, - (byte) 0x70, (byte) 0x0f, (byte) 0x91, (byte) 0x4b - }; - - public static final byte[] ECSP384_FP_A = { - (byte) 0x45, (byte) 0xc6, (byte) 0x45, (byte) 0x03, - (byte) 0xbe, (byte) 0x01, (byte) 0x9a, (byte) 0xfd, - (byte) 0x34, (byte) 0x62, (byte) 0xb3, (byte) 0x61, - (byte) 0xad, (byte) 0x2b, (byte) 0x2a, (byte) 0x3b, - (byte) 0xca, (byte) 0x0a, (byte) 0xec, (byte) 0xcc, - (byte) 0x54, (byte) 0x94, (byte) 0xa6, (byte) 0x24, - (byte) 0xfb, (byte) 0x63, (byte) 0x24, (byte) 0x55, - (byte) 0xe6, (byte) 0x2b, (byte) 0x4f, (byte) 0x0c, - (byte) 0x98, (byte) 0xf9, (byte) 0x44, (byte) 0xfa, - (byte) 0x97, (byte) 0xc3, (byte) 0x78, (byte) 0x11, - (byte) 0xda, (byte) 0x03, (byte) 0x98, (byte) 0x23, - (byte) 0xcd, (byte) 0x77, (byte) 0xc9, (byte) 0x06 - }; - - public static final byte[] ECSP384_FP_B = { - (byte) 0xd8, (byte) 0x55, (byte) 0x83, (byte) 0xf7, - (byte) 0xf1, (byte) 0x1a, (byte) 0xd2, (byte) 0x3e, - (byte) 0xc7, (byte) 0x5e, (byte) 0xd5, (byte) 0xa4, - (byte) 0x14, (byte) 0x15, (byte) 0x3a, (byte) 0x06, - (byte) 0xd6, (byte) 0x64, (byte) 0x09, (byte) 0x36, - (byte) 0xb8, (byte) 0x10, (byte) 0x3f, (byte) 0x5d, - (byte) 0xf6, (byte) 0x91, (byte) 0xfa, (byte) 0x95, - (byte) 0xcf, (byte) 0x2a, (byte) 0xfa, (byte) 0x78, - (byte) 0xf3, (byte) 0xea, (byte) 0x5a, (byte) 0xdd, - (byte) 0xc2, (byte) 0x25, (byte) 0xb1, (byte) 0x44, - (byte) 0x96, (byte) 0x40, (byte) 0x48, (byte) 0xc9, - (byte) 0xf7, (byte) 0x59, (byte) 0x2a, (byte) 0xe4 - }; - - public static final byte[] ECSP384_FP_G_X = { - (byte) 0x2b, (byte) 0x13, (byte) 0x41, (byte) 0xd1, - (byte) 0x2d, (byte) 0xff, (byte) 0x4f, (byte) 0x9c, - (byte) 0xf9, (byte) 0x42, (byte) 0x7c, (byte) 0x47, - (byte) 0x52, (byte) 0x96, (byte) 0x2b, (byte) 0x4c, - (byte) 0x2b, (byte) 0xdc, (byte) 0x8f, (byte) 0xbc, - (byte) 0xd8, (byte) 0x06, (byte) 0x52, (byte) 0x51, - (byte) 0x6c, (byte) 0x42, (byte) 0x1c, (byte) 0xc5, - (byte) 0x23, (byte) 0x21, (byte) 0x2a, (byte) 0x01, - (byte) 0xea, (byte) 0x63, (byte) 0xc7, (byte) 0x9d, - (byte) 0x6e, (byte) 0x9a, (byte) 0x9c, (byte) 0x84, - (byte) 0x93, (byte) 0x3e, (byte) 0x35, (byte) 0x3e, - (byte) 0x21, (byte) 0x24, (byte) 0x16, (byte) 0xec - }; - - public static final byte[] ECSP384_FP_G_Y = { - (byte) 0xce, (byte) 0x41, (byte) 0x6c, (byte) 0x6e, - (byte) 0x75, (byte) 0xfa, (byte) 0x9f, (byte) 0xd2, - (byte) 0x05, (byte) 0xed, (byte) 0x48, (byte) 0xfc, - (byte) 0x4e, (byte) 0x30, (byte) 0x99, (byte) 0xcb, - (byte) 0xb1, (byte) 0xd6, (byte) 0xed, (byte) 0x03, - (byte) 0x1b, (byte) 0x7d, (byte) 0xdb, (byte) 0xff, - (byte) 0x1d, (byte) 0x63, (byte) 0x4e, (byte) 0xb9, - (byte) 0x7a, (byte) 0x83, (byte) 0xd9, (byte) 0xb7, - (byte) 0x80, (byte) 0xcf, (byte) 0xd4, (byte) 0xde, - (byte) 0xdf, (byte) 0xdd, (byte) 0x2c, (byte) 0x76, - (byte) 0x04, (byte) 0xd1, (byte) 0x43, (byte) 0x19, - (byte) 0x6c, (byte) 0x08, (byte) 0xd9, (byte) 0x33 - }; - - public static final byte[] ECSP384_FP_R = { - (byte) 0xd0, (byte) 0xdf, (byte) 0x6c, (byte) 0x96, - (byte) 0xcf, (byte) 0xf7, (byte) 0x08, (byte) 0x1b, - (byte) 0xe8, (byte) 0x0d, (byte) 0x22, (byte) 0xb0, - (byte) 0x05, (byte) 0x75, (byte) 0x8a, (byte) 0x2e, - (byte) 0x2f, (byte) 0x04, (byte) 0x6e, (byte) 0x15, - (byte) 0xfe, (byte) 0x02, (byte) 0x0e, (byte) 0xf7, - (byte) 0x66, (byte) 0x4e, (byte) 0xd5, (byte) 0x1d, - (byte) 0x77, (byte) 0x01, (byte) 0xc8, (byte) 0x6b, - (byte) 0xf2, (byte) 0xa1, (byte) 0xe9, (byte) 0xf3, - (byte) 0x00, (byte) 0x2c, (byte) 0x26, (byte) 0xfe, - (byte) 0x00, (byte) 0x23, (byte) 0x14, (byte) 0xc3, - (byte) 0xc9, (byte) 0x2f, (byte) 0x1c, (byte) 0xa9 - }; - - public static final short ECSP384_FP_K = 1; - - public static final byte[] ECSP384_FP_W_X = { - (byte) 0xa4, (byte) 0xbd, (byte) 0x57, (byte) 0x5b, - (byte) 0xf2, (byte) 0x03, (byte) 0x00, (byte) 0xb0, - (byte) 0xcf, (byte) 0x8a, (byte) 0x2f, (byte) 0x41, - (byte) 0xdd, (byte) 0x5a, (byte) 0x03, (byte) 0xe9, - (byte) 0x08, (byte) 0x96, (byte) 0x6a, (byte) 0x42, - (byte) 0x29, (byte) 0xa5, (byte) 0xf2, (byte) 0x2f, - (byte) 0x5c, (byte) 0x19, (byte) 0x0d, (byte) 0x36, - (byte) 0x41, (byte) 0xac, (byte) 0x2d, (byte) 0x32, - (byte) 0xb7, (byte) 0xb2, (byte) 0x4a, (byte) 0x63, - (byte) 0x48, (byte) 0x2c, (byte) 0xbb, (byte) 0xcd, - (byte) 0x0c, (byte) 0x22, (byte) 0x57, (byte) 0xf8, - (byte) 0x34, (byte) 0x83, (byte) 0x4e, (byte) 0xf1 - }; - - public static final byte[] ECSP384_FP_W_Y = { - (byte) 0x38, (byte) 0xd5, (byte) 0x1c, (byte) 0x8f, - (byte) 0x9e, (byte) 0x90, (byte) 0x59, (byte) 0x2f, - (byte) 0x56, (byte) 0x7e, (byte) 0x81, (byte) 0xd0, - (byte) 0xe4, (byte) 0x85, (byte) 0x5e, (byte) 0x79, - (byte) 0x73, (byte) 0x1b, (byte) 0x57, (byte) 0x97, - (byte) 0x85, (byte) 0x7a, (byte) 0x4c, (byte) 0x7d, - (byte) 0xc2, (byte) 0x70, (byte) 0x65, (byte) 0x3b, - (byte) 0xc9, (byte) 0xf0, (byte) 0xc3, (byte) 0x1e, - (byte) 0x84, (byte) 0x69, (byte) 0x30, (byte) 0x07, - (byte) 0xb0, (byte) 0x9c, (byte) 0xeb, (byte) 0xf7, - (byte) 0x10, (byte) 0xd5, (byte) 0xae, (byte) 0x32, - (byte) 0x37, (byte) 0x30, (byte) 0x39, (byte) 0x49 - }; - - - //Anomalous curve(small-pub-521), with pubkey of order 4 - public static final byte[] ECSP521_FP_P = { - (byte) 0x01, (byte) 0xd3, (byte) 0xdf, (byte) 0x43, - (byte) 0x09, (byte) 0x24, (byte) 0x95, (byte) 0x6e, - (byte) 0x21, (byte) 0x0a, (byte) 0x60, (byte) 0x5b, - (byte) 0x4d, (byte) 0xbf, (byte) 0x4a, (byte) 0x2e, - (byte) 0x90, (byte) 0x9d, (byte) 0x7a, (byte) 0x80, - (byte) 0x16, (byte) 0x58, (byte) 0x97, (byte) 0x8c, - (byte) 0x88, (byte) 0xff, (byte) 0xd6, (byte) 0x8d, - (byte) 0xcc, (byte) 0x81, (byte) 0x7f, (byte) 0x5c, - (byte) 0xc7, (byte) 0x9c, (byte) 0xf1, (byte) 0x88, - (byte) 0xd9, (byte) 0xee, (byte) 0x82, (byte) 0xd1, - (byte) 0xa5, (byte) 0x1c, (byte) 0x44, (byte) 0xcb, - (byte) 0xd3, (byte) 0x1e, (byte) 0x9c, (byte) 0xc5, - (byte) 0xb8, (byte) 0x16, (byte) 0xd7, (byte) 0x6d, - (byte) 0x5b, (byte) 0x13, (byte) 0x12, (byte) 0xb0, - (byte) 0x05, (byte) 0xf7, (byte) 0xb6, (byte) 0x89, - (byte) 0x19, (byte) 0xe2, (byte) 0x75, (byte) 0xda, - (byte) 0xc9, (byte) 0x9f - }; - - public static final byte[] ECSP521_FP_A = { - (byte) 0x00, (byte) 0x40, (byte) 0x16, (byte) 0x39, - (byte) 0xf3, (byte) 0x6f, (byte) 0x2e, (byte) 0xe4, - (byte) 0x5f, (byte) 0xc1, (byte) 0x64, (byte) 0xea, - (byte) 0x3e, (byte) 0x1f, (byte) 0x14, (byte) 0xf4, - (byte) 0x80, (byte) 0x3f, (byte) 0xd7, (byte) 0xa7, - (byte) 0x7f, (byte) 0xfd, (byte) 0xfb, (byte) 0x39, - (byte) 0x2c, (byte) 0x3f, (byte) 0x8f, (byte) 0xe9, - (byte) 0x5d, (byte) 0x1a, (byte) 0xea, (byte) 0x33, - (byte) 0x14, (byte) 0x67, (byte) 0xf4, (byte) 0x61, - (byte) 0x8d, (byte) 0x59, (byte) 0xae, (byte) 0xee, - (byte) 0x49, (byte) 0xd5, (byte) 0xd7, (byte) 0xc7, - (byte) 0x0c, (byte) 0xaf, (byte) 0x32, (byte) 0x0f, - (byte) 0x7d, (byte) 0xd1, (byte) 0xac, (byte) 0x16, - (byte) 0x61, (byte) 0x14, (byte) 0xf5, (byte) 0x62, - (byte) 0x41, (byte) 0x34, (byte) 0x49, (byte) 0x99, - (byte) 0x1d, (byte) 0x3a, (byte) 0xa1, (byte) 0xa2, - (byte) 0xc4, (byte) 0x9e - }; - - public static final byte[] ECSP521_FP_B = { - (byte) 0x00, (byte) 0x4a, (byte) 0x26, (byte) 0xa8, - (byte) 0xc4, (byte) 0x7f, (byte) 0xce, (byte) 0x20, - (byte) 0x4b, (byte) 0xa9, (byte) 0x53, (byte) 0x01, - (byte) 0x5f, (byte) 0xa8, (byte) 0x67, (byte) 0x08, - (byte) 0xc0, (byte) 0xde, (byte) 0x72, (byte) 0x0f, - (byte) 0x27, (byte) 0x52, (byte) 0x39, (byte) 0x88, - (byte) 0xb0, (byte) 0x97, (byte) 0xe7, (byte) 0x74, - (byte) 0x16, (byte) 0x8c, (byte) 0x15, (byte) 0xf7, - (byte) 0xa2, (byte) 0x15, (byte) 0xaa, (byte) 0xf1, - (byte) 0x8a, (byte) 0x5f, (byte) 0x1b, (byte) 0x95, - (byte) 0x79, (byte) 0xab, (byte) 0x3d, (byte) 0xb9, - (byte) 0x35, (byte) 0xd4, (byte) 0x5b, (byte) 0xe1, - (byte) 0x4c, (byte) 0x9a, (byte) 0x87, (byte) 0xb7, - (byte) 0x11, (byte) 0x70, (byte) 0x39, (byte) 0x69, - (byte) 0x09, (byte) 0xb1, (byte) 0x4d, (byte) 0x06, - (byte) 0xf7, (byte) 0xa0, (byte) 0x99, (byte) 0x75, - (byte) 0xb3, (byte) 0xa6 - }; - - public static final byte[] ECSP521_FP_G_X = { - (byte) 0x01, (byte) 0xc8, (byte) 0x80, (byte) 0xae, - (byte) 0x0a, (byte) 0x35, (byte) 0x5a, (byte) 0x52, - (byte) 0x79, (byte) 0x1f, (byte) 0xc9, (byte) 0x60, - (byte) 0x0f, (byte) 0xd8, (byte) 0xb3, (byte) 0x57, - (byte) 0x26, (byte) 0xe9, (byte) 0xd7, (byte) 0x99, - (byte) 0x10, (byte) 0x14, (byte) 0x89, (byte) 0x16, - (byte) 0x1c, (byte) 0x8f, (byte) 0x90, (byte) 0xa9, - (byte) 0xc6, (byte) 0x63, (byte) 0x1d, (byte) 0x09, - (byte) 0xb3, (byte) 0xcb, (byte) 0x34, (byte) 0x75, - (byte) 0x84, (byte) 0x83, (byte) 0x7d, (byte) 0x9d, - (byte) 0xeb, (byte) 0x85, (byte) 0x66, (byte) 0xa9, - (byte) 0xc5, (byte) 0x84, (byte) 0x6a, (byte) 0xde, - (byte) 0xd0, (byte) 0xd0, (byte) 0x1e, (byte) 0xb9, - (byte) 0x47, (byte) 0xb4, (byte) 0xaf, (byte) 0xfd, - (byte) 0x34, (byte) 0xe8, (byte) 0xea, (byte) 0x7d, - (byte) 0xbe, (byte) 0x73, (byte) 0x3c, (byte) 0xbe, - (byte) 0xda, (byte) 0xfa - }; - - public static final byte[] ECSP521_FP_G_Y = { - (byte) 0x00, (byte) 0x05, (byte) 0x0f, (byte) 0x12, - (byte) 0x67, (byte) 0x2f, (byte) 0x16, (byte) 0x3f, - (byte) 0x19, (byte) 0xd5, (byte) 0xd4, (byte) 0x93, - (byte) 0xeb, (byte) 0x82, (byte) 0xef, (byte) 0x77, - (byte) 0x7b, (byte) 0x02, (byte) 0x13, (byte) 0xdd, - (byte) 0x4e, (byte) 0x0c, (byte) 0xf7, (byte) 0x5a, - (byte) 0x9b, (byte) 0x99, (byte) 0x72, (byte) 0x4f, - (byte) 0xbd, (byte) 0xb5, (byte) 0x4b, (byte) 0x0c, - (byte) 0xc4, (byte) 0xe0, (byte) 0x37, (byte) 0xbf, - (byte) 0x86, (byte) 0xa4, (byte) 0x8b, (byte) 0xac, - (byte) 0x28, (byte) 0x46, (byte) 0x7b, (byte) 0xdd, - (byte) 0x93, (byte) 0x6c, (byte) 0x31, (byte) 0x4c, - (byte) 0xe1, (byte) 0x3f, (byte) 0x6e, (byte) 0xc7, - (byte) 0xec, (byte) 0x69, (byte) 0xea, (byte) 0x09, - (byte) 0xae, (byte) 0x4f, (byte) 0x54, (byte) 0x44, - (byte) 0xdf, (byte) 0x4b, (byte) 0x2a, (byte) 0x11, - (byte) 0x7a, (byte) 0x66 - }; - - public static final byte[] ECSP521_FP_R = { - (byte) 0x01, (byte) 0xd3, (byte) 0xdf, (byte) 0x43, - (byte) 0x09, (byte) 0x24, (byte) 0x95, (byte) 0x6e, - (byte) 0x21, (byte) 0x0a, (byte) 0x60, (byte) 0x5b, - (byte) 0x4d, (byte) 0xbf, (byte) 0x4a, (byte) 0x2e, - (byte) 0x90, (byte) 0x9d, (byte) 0x7a, (byte) 0x80, - (byte) 0x16, (byte) 0x58, (byte) 0x97, (byte) 0x8c, - (byte) 0x88, (byte) 0xff, (byte) 0xd6, (byte) 0x8d, - (byte) 0xcc, (byte) 0x81, (byte) 0x7f, (byte) 0x5c, - (byte) 0xc7, (byte) 0xba, (byte) 0x08, (byte) 0x38, - (byte) 0x71, (byte) 0x7c, (byte) 0x19, (byte) 0x47, - (byte) 0xf9, (byte) 0x3c, (byte) 0xfd, (byte) 0xd3, - (byte) 0xed, (byte) 0x87, (byte) 0xec, (byte) 0x2c, - (byte) 0x2d, (byte) 0xf1, (byte) 0x81, (byte) 0xc7, - (byte) 0xad, (byte) 0xa5, (byte) 0x53, (byte) 0x34, - (byte) 0x6e, (byte) 0xc1, (byte) 0x49, (byte) 0x57, - (byte) 0x32, (byte) 0xa1, (byte) 0xe7, (byte) 0xff, - (byte) 0xe9, (byte) 0xb3 - }; - - public static final short ECSP521_FP_K = 1; - - public static final byte[] ECSP521_FP_W_X = { - (byte) 0x00, (byte) 0x28, (byte) 0x44, (byte) 0xdf, - (byte) 0x0f, (byte) 0x31, (byte) 0xf4, (byte) 0x6a, - (byte) 0x40, (byte) 0xe6, (byte) 0xc7, (byte) 0x00, - (byte) 0x6c, (byte) 0xde, (byte) 0x99, (byte) 0x15, - (byte) 0x5b, (byte) 0xd5, (byte) 0xd1, (byte) 0x8d, - (byte) 0x0e, (byte) 0x41, (byte) 0x50, (byte) 0x17, - (byte) 0x8a, (byte) 0x8e, (byte) 0x30, (byte) 0x7d, - (byte) 0x6a, (byte) 0xec, (byte) 0x08, (byte) 0xfd, - (byte) 0x02, (byte) 0xd4, (byte) 0x66, (byte) 0xc0, - (byte) 0x3c, (byte) 0x49, (byte) 0xb4, (byte) 0x9c, - (byte) 0x26, (byte) 0x54, (byte) 0xb7, (byte) 0xc9, - (byte) 0xa3, (byte) 0x2d, (byte) 0x88, (byte) 0xca, - (byte) 0x01, (byte) 0x40, (byte) 0x16, (byte) 0xa7, - (byte) 0xed, (byte) 0xdd, (byte) 0x44, (byte) 0x21, - (byte) 0x7b, (byte) 0xe9, (byte) 0x15, (byte) 0x50, - (byte) 0x5d, (byte) 0x22, (byte) 0x8e, (byte) 0xfb, - (byte) 0x93, (byte) 0x89 - }; - - public static final byte[] ECSP521_FP_W_Y = { - (byte) 0x01, (byte) 0x05, (byte) 0x92, (byte) 0x1e, - (byte) 0x21, (byte) 0x72, (byte) 0xc3, (byte) 0x05, - (byte) 0x0b, (byte) 0xa4, (byte) 0xc9, (byte) 0xd2, - (byte) 0xe7, (byte) 0x44, (byte) 0xfc, (byte) 0x5b, - (byte) 0x7b, (byte) 0x5e, (byte) 0x84, (byte) 0x51, - (byte) 0x75, (byte) 0x1e, (byte) 0x67, (byte) 0x80, - (byte) 0xc6, (byte) 0xde, (byte) 0x88, (byte) 0x22, - (byte) 0x94, (byte) 0x97, (byte) 0xbe, (byte) 0x7d, - (byte) 0x23, (byte) 0x55, (byte) 0x0b, (byte) 0xee, - (byte) 0xfa, (byte) 0x0c, (byte) 0xb7, (byte) 0xfa, - (byte) 0xfe, (byte) 0xbb, (byte) 0x4d, (byte) 0xd9, - (byte) 0xfa, (byte) 0xd1, (byte) 0x24, (byte) 0x4c, - (byte) 0x67, (byte) 0x33, (byte) 0xbe, (byte) 0xfe, - (byte) 0x5a, (byte) 0x97, (byte) 0x71, (byte) 0x0f, - (byte) 0x0d, (byte) 0xc5, (byte) 0x6d, (byte) 0xc0, - (byte) 0x8d, (byte) 0x9d, (byte) 0x9d, (byte) 0xf9, - (byte) 0xd8, (byte) 0x46 - }; - - - // getCorruptCurveParameter PARAMETER_CORRUPTION TYPES - public static final short CORRUPTION_NONE = 0x01; - public static final short CORRUPTION_FIXED = 0x02; - public static final short CORRUPTION_FULLRANDOM = 0x03; - public static final short CORRUPTION_ONEBYTERANDOM = 0x04; - public static final short CORRUPTION_ZERO = 0x05; - public static final short CORRUPTION_ONE = 0x06; - - // Supported embedded curves, getCurveParameter - // SECP recommended curves over FP - public static final byte CURVE_secp128r1 = 1; - public static final byte CURVE_secp160r1 = 2; - public static final byte CURVE_secp192r1 = 3; - public static final byte CURVE_secp224r1 = 4; - public static final byte CURVE_secp256r1 = 5; - public static final byte CURVE_secp384r1 = 6; - public static final byte CURVE_secp521r1 = 7; - - public static final byte CURVE_sp128 = 8; - public static final byte CURVE_sp160 = 9; - public static final byte CURVE_sp192 = 10; - public static final byte CURVE_sp224 = 11; - public static final byte CURVE_sp256 = 12; - public static final byte CURVE_sp384 = 13; - public static final byte CURVE_sp521 = 14; - - public static final byte FP_CURVES = 14; - - // SECP recommended curves over F2M - public static final byte CURVE_sect163r1 = 15; - public static final byte CURVE_sect233r1 = 16; - public static final byte CURVE_sect283r1 = 17; - public static final byte CURVE_sect409r1 = 18; - public static final byte CURVE_sect571r1 = 19; - - public static final byte F2M_CURVES = 12; - - public static byte getCurve(short keyClass, short keyLength) { - if (keyClass == KeyPair.ALG_EC_FP) { - switch (keyLength) { - case (short) 128: - return CURVE_secp128r1; - case (short) 160: - return CURVE_secp160r1; - case (short) 192: - return CURVE_secp192r1; - case (short) 224: - return CURVE_secp224r1; - case (short) 256: - return CURVE_secp256r1; - case (short) 384: - return CURVE_secp384r1; - case (short) 521: - return CURVE_secp521r1; - default: - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - } else if (keyClass == KeyPair.ALG_EC_F2M) { - switch (keyLength) { - case (short) 163: - return CURVE_sect163r1; - case (short) 233: - return CURVE_sect233r1; - case (short) 283: - return CURVE_sect283r1; - case (short) 409: - return CURVE_sect409r1; - case (short) 571: - return CURVE_sect571r1; - default: - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - } else { - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - return 0; - } - - public static byte getAnomalousCurve(short keyClass, short keyLength) { - if (keyClass == KeyPair.ALG_EC_FP) { - switch (keyLength) { - case (short) 128: - return CURVE_sp128; - case (short) 160: - return CURVE_sp160; - case (short) 192: - return CURVE_sp192; - case (short) 224: - return CURVE_sp224; - case (short) 256: - return CURVE_sp256; - case (short) 384: - return CURVE_sp384; - case (short) 521: - return CURVE_sp521; - default: - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - } else if (keyClass == KeyPair.ALG_EC_F2M) { - return 0; - } else { - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - return 0; - } - - public static short getCurveParameter(byte curve, short param, byte[] outputBuffer, short outputOffset) { - byte alg = getCurveType(curve); - switch (curve) { - case CURVE_secp128r1: { - EC_FP_P = EC128_FP_P; - EC_A = EC128_FP_A; - EC_B = EC128_FP_B; - EC_G_X = EC128_FP_G_X; - EC_G_Y = EC128_FP_G_Y; - EC_R = EC128_FP_R; - EC_K = EC128_FP_K; - break; - } - case CURVE_secp160r1: { - EC_FP_P = EC160_FP_P; - EC_A = EC160_FP_A; - EC_B = EC160_FP_B; - EC_G_X = EC160_FP_G_X; - EC_G_Y = EC160_FP_G_Y; - EC_R = EC160_FP_R; - EC_K = EC160_FP_K; - break; - } - case CURVE_secp192r1: { - EC_FP_P = EC192_FP_P; - EC_A = EC192_FP_A; - EC_B = EC192_FP_B; - EC_G_X = EC192_FP_G_X; - EC_G_Y = EC192_FP_G_Y; - EC_R = EC192_FP_R; - EC_K = EC192_FP_K; - break; - } - case CURVE_secp224r1: { - EC_FP_P = EC224_FP_P; - EC_A = EC224_FP_A; - EC_B = EC224_FP_B; - EC_G_X = EC224_FP_G_X; - EC_G_Y = EC224_FP_G_Y; - EC_R = EC224_FP_R; - EC_K = EC224_FP_K; - break; - } - case CURVE_secp256r1: { - EC_FP_P = EC256_FP_P; - EC_A = EC256_FP_A; - EC_B = EC256_FP_B; - EC_G_X = EC256_FP_G_X; - EC_G_Y = EC256_FP_G_Y; - EC_R = EC256_FP_R; - EC_K = EC256_FP_K; - break; - } - case CURVE_secp384r1: { - EC_FP_P = EC384_FP_P; - EC_A = EC384_FP_A; - EC_B = EC384_FP_B; - EC_G_X = EC384_FP_G_X; - EC_G_Y = EC384_FP_G_Y; - EC_R = EC384_FP_R; - EC_K = EC384_FP_K; - break; - } - case CURVE_secp521r1: { - EC_FP_P = EC521_FP_P; - EC_A = EC521_FP_A; - EC_B = EC521_FP_B; - EC_G_X = EC521_FP_G_X; - EC_G_Y = EC521_FP_G_Y; - EC_R = EC521_FP_R; - EC_K = EC521_FP_K; - break; - } - case CURVE_sect163r1: { - EC_F2M_F2M = EC163_F2M_F; - EC_A = EC163_F2M_A; - EC_B = EC163_F2M_B; - EC_G_X = EC163_F2M_G_X; - EC_G_Y = EC163_F2M_G_Y; - EC_R = EC163_F2M_R; - EC_K = EC163_F2M_K; - break; - } - case CURVE_sect233r1: { - EC_F2M_F2M = EC233_F2M_F; - EC_A = EC233_F2M_A; - EC_B = EC233_F2M_B; - EC_G_X = EC233_F2M_G_X; - EC_G_Y = EC233_F2M_G_Y; - EC_R = EC233_F2M_R; - EC_K = EC233_F2M_K; - break; - } - case CURVE_sect283r1: { - EC_F2M_F2M = EC283_F2M_F; - EC_A = EC283_F2M_A; - EC_B = EC283_F2M_B; - EC_G_X = EC283_F2M_G_X; - EC_G_Y = EC283_F2M_G_Y; - EC_R = EC283_F2M_R; - EC_K = EC283_F2M_K; - break; - } - case CURVE_sect409r1: { - EC_F2M_F2M = EC409_F2M_F; - EC_A = EC409_F2M_A; - EC_B = EC409_F2M_B; - EC_G_X = EC409_F2M_G_X; - EC_G_Y = EC409_F2M_G_Y; - EC_R = EC409_F2M_R; - EC_K = EC409_F2M_K; - break; - } - case CURVE_sect571r1: { - EC_F2M_F2M = EC571_F2M_F; - EC_A = EC571_F2M_A; - EC_B = EC571_F2M_B; - EC_G_X = EC571_F2M_G_X; - EC_G_Y = EC571_F2M_G_Y; - EC_R = EC571_F2M_R; - EC_K = EC571_F2M_K; - break; - } - case CURVE_sp128: { - EC_FP_P = ECSP128_FP_P; - EC_A = ECSP128_FP_A; - EC_B = ECSP128_FP_B; - EC_G_X = ECSP128_FP_G_X; - EC_G_Y = ECSP128_FP_G_Y; - EC_R = ECSP128_FP_R; - EC_K = ECSP128_FP_K; - EC_W_X = ECSP128_FP_W_X; - EC_W_Y = ECSP128_FP_W_Y; - break; - } - case CURVE_sp160: { - EC_FP_P = ECSP160_FP_P; - EC_A = ECSP160_FP_A; - EC_B = ECSP160_FP_B; - EC_G_X = ECSP160_FP_G_X; - EC_G_Y = ECSP160_FP_G_Y; - EC_R = ECSP160_FP_R; - EC_K = ECSP160_FP_K; - EC_W_X = ECSP160_FP_W_X; - EC_W_Y = ECSP160_FP_W_Y; - break; - } - case CURVE_sp192: { - EC_FP_P = ECSP192_FP_P; - EC_A = ECSP192_FP_A; - EC_B = ECSP192_FP_B; - EC_G_X = ECSP192_FP_G_X; - EC_G_Y = ECSP192_FP_G_Y; - EC_R = ECSP192_FP_R; - EC_K = ECSP192_FP_K; - EC_W_X = ECSP192_FP_W_X; - EC_W_Y = ECSP192_FP_W_Y; - break; - } - case CURVE_sp224: { - EC_FP_P = ECSP224_FP_P; - EC_A = ECSP224_FP_A; - EC_B = ECSP224_FP_B; - EC_G_X = ECSP224_FP_G_X; - EC_G_Y = ECSP224_FP_G_Y; - EC_R = ECSP224_FP_R; - EC_K = ECSP224_FP_K; - EC_W_X = ECSP224_FP_W_X; - EC_W_Y = ECSP224_FP_W_Y; - break; - } - case CURVE_sp256: { - EC_FP_P = ECSP256_FP_P; - EC_A = ECSP256_FP_A; - EC_B = ECSP256_FP_B; - EC_G_X = ECSP256_FP_G_X; - EC_G_Y = ECSP256_FP_G_Y; - EC_R = ECSP256_FP_R; - EC_K = ECSP256_FP_K; - EC_W_X = ECSP256_FP_W_X; - EC_W_Y = ECSP256_FP_W_Y; - break; - } - case CURVE_sp384: { - EC_FP_P = ECSP384_FP_P; - EC_A = ECSP384_FP_A; - EC_B = ECSP384_FP_B; - EC_G_X = ECSP384_FP_G_X; - EC_G_Y = ECSP384_FP_G_Y; - EC_R = ECSP384_FP_R; - EC_K = ECSP384_FP_K; - EC_W_X = ECSP384_FP_W_X; - EC_W_Y = ECSP384_FP_W_Y; - break; - } - case CURVE_sp521: { - EC_FP_P = ECSP521_FP_P; - EC_A = ECSP521_FP_A; - EC_B = ECSP521_FP_B; - EC_G_X = ECSP521_FP_G_X; - EC_G_Y = ECSP521_FP_G_Y; - EC_R = ECSP521_FP_R; - EC_K = ECSP521_FP_K; - EC_W_X = ECSP521_FP_W_X; - EC_W_Y = ECSP521_FP_W_Y; - break; - } - default: - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - short length = 0; - switch (param) { - case PARAMETER_FP: - if (alg == KeyPair.ALG_EC_FP) { - length = Util.arrayCopyNonAtomic(EC_FP_P, (short) 0, outputBuffer, outputOffset, (short) EC_FP_P.length); - } - break; - case PARAMETER_F2M: - if (alg == KeyPair.ALG_EC_F2M) { - length = Util.arrayCopyNonAtomic(EC_F2M_F2M, (short) 0, outputBuffer, outputOffset, (short) EC_F2M_F2M.length); - } - break; - case PARAMETER_A: - length = Util.arrayCopyNonAtomic(EC_A, (short) 0, outputBuffer, outputOffset, (short) EC_A.length); - break; - case PARAMETER_B: - length = Util.arrayCopyNonAtomic(EC_B, (short) 0, outputBuffer, outputOffset, (short) EC_B.length); - break; - case PARAMETER_G: - length = toX962(outputBuffer, outputOffset, EC_G_X, (short) 0, (short) EC_G_X.length, EC_G_Y, (short) 0, (short) EC_G_Y.length); - break; - case PARAMETER_R: - length = Util.arrayCopyNonAtomic(EC_R, (short) 0, outputBuffer, outputOffset, (short) EC_R.length); - break; - case PARAMETER_K: - length = 2; - Util.setShort(outputBuffer, outputOffset, EC_K); - break; - case PARAMETER_W: - length = toX962(outputBuffer, outputOffset, EC_W_X, (short) 0, (short) EC_W_X.length, EC_W_Y, (short) 0, (short) EC_W_Y.length); - break; - case PARAMETER_S: - length = Util.arrayCopyNonAtomic(EC_S, (short) 0, outputBuffer, outputOffset, (short) EC_S.length); - break; - default: - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - } - return length; - } - - public static short getCorruptCurveParameter(byte curve, short param, byte[] outputBuffer, short outputOffset, short corruptionType) { - short length = getCurveParameter(curve, param, outputBuffer, outputOffset); - if (length <= 0) { - return length; - } - switch (corruptionType) { - case CORRUPTION_NONE: - break; - case CORRUPTION_FIXED: - if (length >= 1) { - outputBuffer[outputOffset] = (byte) 0xcc; - outputBuffer[(short) (outputOffset + length - 1)] = (byte) 0xcc; - } - break; - case CORRUPTION_FULLRANDOM: - m_random.generateData(outputBuffer, outputOffset, length); - break; - case CORRUPTION_ONEBYTERANDOM: - short first = Util.getShort(outputBuffer, (short) 0); // save first two bytes - - m_random.generateData(outputBuffer, (short) 0, (short) 2); // generate position - short rngPos = Util.getShort(outputBuffer, (short) 0); // save generated position - - Util.setShort(outputBuffer, (short) 0, first); // restore first two bytes - - if (rngPos < 0) { // make positive - rngPos = (short) -rngPos; - } - rngPos %= length; // make < param length - - byte original = outputBuffer[rngPos]; - do { - m_random.generateData(outputBuffer, rngPos, (short) 1); - } while (original == outputBuffer[rngPos]); - break; - case CORRUPTION_ZERO: - Util.arrayFillNonAtomic(outputBuffer, outputOffset, length, (byte) 0); - break; - case CORRUPTION_ONE: - Util.arrayFillNonAtomic(outputBuffer, outputOffset, length, (byte) 1); - break; - default: - ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); - /* //TODO implement CORRUPT_B_LASTBYTEINCREMENT somehow - case CORRUPT_B_LASTBYTEINCREMENT: - m_ramArray2[(short) (m_lenB - 1)] += 1; - // Make sure its not the valid byte again - if (m_ramArray[(short) (m_lenB - 1)] == m_ramArray2[(short) (m_lenB - 1)]) { - m_ramArray2[(short) (m_lenB - 1)] += 1; // if yes, increment once more - } - break; - } - */ - } - return length; - } - - public static byte getCurveType(byte curve) { - return curve <= FP_CURVES ? KeyPair.ALG_EC_FP : KeyPair.ALG_EC_F2M; - } - - private static short toX962(byte[] outputBuffer, short outputOffset, byte[] xBuffer, short xOffset, short xLength, byte[] yBuffer, short yOffset, short yLength) { - short size = 1; - size += xLength; - size += yLength; - - short offset = outputOffset; - outputBuffer[offset] = 0x04; - offset += 1; - - offset = Util.arrayCopyNonAtomic(xBuffer, xOffset, outputBuffer, offset, xLength); - Util.arrayCopyNonAtomic(yBuffer, yOffset, outputBuffer, offset, yLength); - return size; - } - -} diff --git a/src/applets/SimpleECCApplet.java b/src/applets/SimpleECCApplet.java deleted file mode 100644 index a56250c..0000000 --- a/src/applets/SimpleECCApplet.java +++ /dev/null @@ -1,1026 +0,0 @@ -/* - * PACKAGEID: 4C6162616B417070 - * APPLETID: 4C6162616B4170706C6574 - */ -package applets; - -import javacard.framework.*; -import javacard.security.*; - - -public class SimpleECCApplet extends Applet { - - // MAIN INSTRUCTION CLASS - final static byte CLA_SIMPLEECCAPPLET = (byte) 0xB0; - - // INSTRUCTIONS - final static byte INS_GENERATEKEY = (byte) 0x5a; - final static byte INS_ALLOCATEKEYPAIRS = (byte) 0x5b; - - final static byte INS_ALLOCATEKEYPAIR = (byte) 0x5c; - final static byte INS_DERIVEECDHSECRET = (byte) 0x5d; - - final static byte INS_TESTECSUPPORTALL_FP = (byte) 0x5e; - final static byte INS_TESTECSUPPORTALL_F2M = (byte) 0x5f; - final static byte INS_TESTEC_GENERATEINVALID_FP = (byte) 0x70; - final static byte INS_TESTECSUPPORT_GIVENALG = (byte) 0x71; - final static byte INS_TESTECSUPPORT_EXTERNAL = (byte) 0x72; - final static byte INS_TESTEC_LASTUSEDPARAMS = (byte) 0x40; - - - public final static byte P1_SETCURVE = (byte) 0x01; - public final static byte P1_GENERATEKEYPAIR = (byte) 0x02; - - - final static short ARRAY_LENGTH = (short) 0xff; - final static byte AES_BLOCK_LENGTH = (short) 0x16; - - final static short EC_LENGTH_BITS = KeyBuilder.LENGTH_EC_FP_192; - //final static short EC_LENGTH_BITS = KeyBuilder.LENGTH_EC_FP_160; - //final static short EC_LENGTH_BITS = (short) 256; - - public final static byte ECTEST_SEPARATOR = (byte) 0xff; - public final static byte ECTEST_ALLOCATE_KEYPAIR = (byte) 0xc1; - public final static byte ECTEST_GENERATE_KEYPAIR_DEFCURVE = (byte) 0xc2; - public final static byte ECTEST_SET_VALIDCURVE = (byte) 0xc3; - public final static byte ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE = (byte) 0xc4; - public final static byte ECTEST_SET_INVALIDCURVE = (byte) 0xc5; - public final static byte ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE = (byte) 0xc6; - public final static byte ECTEST_ECDH_AGREEMENT_VALID_POINT = (byte) 0xc7; - public final static byte ECTEST_ECDH_AGREEMENT_INVALID_POINT = (byte) 0xc8; - public final static byte ECTEST_EXECUTED_REPEATS = (byte) 0xc9; - public final static byte ECTEST_DH_GENERATESECRET = (byte) 0xca; - public final static byte ECTEST_SET_EXTERNALCURVE = (byte) 0xcb; - public final static byte ECTEST_GENERATE_KEYPAIR_EXTERNALCURVE = (byte) 0xcc; - public final static byte ECTEST_ECDSA_SIGNATURE = (byte) 0xcd; - public final static byte ECTEST_SET_ANOMALOUSCURVE = (byte) 0xce; - public final static byte ECTEST_GENERATE_KEYPAIR_ANOMALOUSCURVE = (byte) 0xcf; - public final static byte ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT = (byte) 0xd0; - public final static byte ECTEST_SET_INVALIDFIELD = (byte) 0xd1; - public final static byte ECTEST_GENERATE_KEYPAIR_INVALIDFIELD = (byte) 0xd2; - - public final static short FLAG_ECTEST_ALLOCATE_KEYPAIR = (short) 0x0001; - public final static short FLAG_ECTEST_GENERATE_KEYPAIR_DEFCURVE = (short) 0x0002; - public final static short FLAG_ECTEST_SET_VALIDCURVE = (short) 0x0004; - public final static short FLAG_ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE = (short) 0x0008; - public final static short FLAG_ECTEST_SET_INVALIDCURVE = (short) 0x0010; - public final static short FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE = (short) 0x0020; - public final static short FLAG_ECTEST_ECDH_AGREEMENT_VALID_POINT = (short) 0x0040; - public final static short FLAG_ECTEST_ECDH_AGREEMENT_INVALID_POINT = (short) 0x0080; - public final static short FLAG_ECTEST_ECDSA_SIGNATURE = (short) 0x0100; - public final static short FLAG_ECTEST_SET_ANOMALOUSCURVE = (short) 0x0200; - public final static short FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE = (short) 0x0400; - public final static short FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT = (short) 0x0800; - public final static short FLAG_ECTEST_SET_INVALIDFIELD = (short) 0x1000; - public final static short FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDFIELD = (short) 0x2000; - - public final static short FLAG_ECTEST_ALL = (short) 0xffff; - - - public final static short SW_SKIPPED = (short) 0x0ee1; - public final static short SW_KEYPAIR_GENERATED_INVALID = (short) 0x0ee2; - public final static short SW_INVALID_CORRUPTION_TYPE = (short) 0x0ee3; - public final static short SW_SIG_VERIFY_FAIL = (short) 0xee4; - /* - public static final byte[] EC192_FP_PUBLICW = new byte[]{ - (byte) 0x04, (byte) 0xC9, (byte) 0xC0, (byte) 0xED, (byte) 0xFB, (byte) 0x27, - (byte) 0xB7, (byte) 0x1E, (byte) 0xBE, (byte) 0x30, (byte) 0x93, (byte) 0xFC, - (byte) 0x4F, (byte) 0x33, (byte) 0x76, (byte) 0x38, (byte) 0xCE, (byte) 0xE0, - (byte) 0x2F, (byte) 0x78, (byte) 0xF6, (byte) 0x3C, (byte) 0xEA, (byte) 0x90, - (byte) 0x22, (byte) 0x61, (byte) 0x32, (byte) 0x8E, (byte) 0x9F, (byte) 0x03, - (byte) 0x8A, (byte) 0xFD, (byte) 0x60, (byte) 0xA0, (byte) 0xCE, (byte) 0x01, - (byte) 0x9B, (byte) 0x76, (byte) 0x34, (byte) 0x59, (byte) 0x79, (byte) 0x64, - (byte) 0xD7, (byte) 0x79, (byte) 0x8E, (byte) 0x3B, (byte) 0x16, (byte) 0xD5, - (byte) 0x15}; - */ - public static final byte[] EC192_FP_PUBLICW = new byte[]{ - (byte) 0x04, - (byte) 0x9d, (byte) 0x42, (byte) 0x76, (byte) 0x9d, (byte) 0xfd, (byte) 0xbe, - (byte) 0x11, (byte) 0x3a, (byte) 0x85, (byte) 0x1b, (byte) 0xb6, (byte) 0xb0, - (byte) 0x1b, (byte) 0x1a, (byte) 0x51, (byte) 0x5d, (byte) 0x89, (byte) 0x3b, - (byte) 0x5a, (byte) 0xdb, (byte) 0xc1, (byte) 0xf6, (byte) 0x13, (byte) 0x29, - (byte) 0x74, (byte) 0x74, (byte) 0x9a, (byte) 0xc0, (byte) 0x96, (byte) 0x7a, - (byte) 0x8f, (byte) 0xf4, (byte) 0xcc, (byte) 0x54, (byte) 0xd9, (byte) 0x31, - (byte) 0x87, (byte) 0x60, (byte) 0x2d, (byte) 0xd6, (byte) 0x7e, (byte) 0xb3, - (byte) 0xd2, (byte) 0x29, (byte) 0x70a, (byte) 0xca, (byte) 0x2ca}; - - - private ECPublicKey ecPubKey = null; - private ECPublicKey ecPubKey128 = null; - private ECPublicKey ecPubKey160 = null; - private ECPublicKey ecPubKey192 = null; - private ECPublicKey ecPubKey256 = null; - private ECPrivateKey ecPrivKey = null; - private ECPrivateKey ecPrivKey128 = null; - private ECPrivateKey ecPrivKey160 = null; - private ECPrivateKey ecPrivKey192 = null; - private ECPrivateKey ecPrivKey256 = null; - - private ECKeyGenerator ecKeyGenerator = null; - private ECKeyTester ecKeyTester = null; - - private KeyAgreement dhKeyAgreement = null; - private RandomData randomData = null; - - // TEMPORARRY ARRAY IN RAM - private byte m_ramArray[] = null; - private byte m_ramArray2[] = null; - // PERSISTENT ARRAY IN EEPROM - private byte m_dataArray[] = null; - - short m_lenB = 0; - - protected SimpleECCApplet(byte[] buffer, short offset, byte length) { - short dataOffset = offset; - - if (length > 9) { - // shift to privilege offset - dataOffset += (short) (1 + buffer[offset]); - // finally shift to Application specific offset - dataOffset += (short) (1 + buffer[dataOffset]); - // go to proprietary data - dataOffset++; - - m_ramArray = JCSystem.makeTransientByteArray(ARRAY_LENGTH, JCSystem.CLEAR_ON_RESET); - m_ramArray2 = JCSystem.makeTransientByteArray(ARRAY_LENGTH, JCSystem.CLEAR_ON_RESET); - - m_dataArray = new byte[ARRAY_LENGTH]; - Util.arrayFillNonAtomic(m_dataArray, (short) 0, ARRAY_LENGTH, (byte) 0); - - randomData = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM); - EC_Consts.m_random = randomData; - - ecKeyGenerator = new ECKeyGenerator(); - ecKeyTester = new ECKeyTester(); - ecKeyTester.allocateECDH(); - ecKeyTester.allocateECDHC(); - ecKeyTester.allocateECDSA(); - - } - - register(); - } - - public static void install(byte[] bArray, short bOffset, byte bLength) throws ISOException { - // applet instance creation - new SimpleECCApplet(bArray, bOffset, bLength); - } - - public boolean select() { - return true; - } - - public void deselect() { - return; - } - - public void process(APDU apdu) throws ISOException { - // get the APDU buffer - byte[] apduBuffer = apdu.getBuffer(); - - // ignore the applet select command dispached to the process - if (selectingApplet()) - return; - - if (apduBuffer[ISO7816.OFFSET_CLA] == CLA_SIMPLEECCAPPLET) { - switch (apduBuffer[ISO7816.OFFSET_INS]) { - - case INS_TESTECSUPPORT_GIVENALG: - TestEC_SupportGivenLength(apdu); - break; - case INS_TESTECSUPPORTALL_FP: - TestEC_FP_SupportAllLengths(apdu); - break; - case INS_TESTECSUPPORTALL_F2M: - TestEC_F2M_SupportAllLengths(apdu); - break; - case INS_ALLOCATEKEYPAIR: - AllocateKeyPairReturnDefCurve(apdu); - break; - case INS_DERIVEECDHSECRET: - DeriveECDHSecret(apdu); - break; - case INS_TESTEC_GENERATEINVALID_FP: - TestEC_FP_GenerateInvalidCurve(apdu); - break; - case INS_TESTEC_LASTUSEDPARAMS: - TestECSupportInvalidCurve_lastUsedParams(apdu); - break; - case INS_TESTECSUPPORT_EXTERNAL: - TestEC_SupportExternal(apdu); - break; -/* - case INS_ALLOCATEKEYPAIRS: - AllocateKeyPairs(apdu); - break; -*/ - case INS_GENERATEKEY: - GenerateAndReturnKey(apdu); - break; - default: - // The INS code is not supported by the dispatcher - ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED); - break; - - } - } else ISOException.throwIt(ISO7816.SW_CLA_NOT_SUPPORTED); - } - - - short TestECSupport(byte keyClass, short keyLen, byte[] buffer, short bufferOffset) { - short baseOffset = bufferOffset; - - short testFlags = FLAG_ECTEST_ALL; - - ecPubKey = null; - ecPrivKey = null; - - buffer[bufferOffset] = ECTEST_SEPARATOR; - bufferOffset++; - buffer[bufferOffset] = keyClass; - bufferOffset++; - Util.setShort(buffer, bufferOffset, keyLen); - bufferOffset += 2; - - short sw; - - // - // 1. Allocate KeyPair object - // - buffer[bufferOffset] = ECTEST_ALLOCATE_KEYPAIR; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_ALLOCATE_KEYPAIR) != (short) 0) { - sw = ecKeyGenerator.allocatePair(keyClass, keyLen); - - if (sw != ISO7816.SW_NO_ERROR) { - testFlags = 0; //keyPair allocation failed, cannot continue with tests - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 2. Test keypair generation without explicit curve (=> default curve preset) - // - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_DEFCURVE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_DEFCURVE) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 3. Set valid custom curve - // - buffer[bufferOffset] = ECTEST_SET_VALIDCURVE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_SET_VALIDCURVE) != (short) 0) { - sw = ecKeyGenerator.setCustomCurve(keyClass, keyLen, m_ramArray, (short) 0); - - if (sw != ISO7816.SW_NO_ERROR) { - testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE; - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 4. Generate keypair with custom curve - // - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 5. ECDH agreement with valid public key - // - buffer[bufferOffset] = ECTEST_ECDH_AGREEMENT_VALID_POINT; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_ECDH_AGREEMENT_VALID_POINT) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - if (sw == ISO7816.SW_NO_ERROR) { - ecPubKey = ecKeyGenerator.getPublicKey(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 6. ECDH agreement with invalid public key - // - buffer[bufferOffset] = ECTEST_ECDH_AGREEMENT_INVALID_POINT; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_ECDH_AGREEMENT_INVALID_POINT) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - if (sw == ISO7816.SW_NO_ERROR) { - ecPubKey = ecKeyGenerator.getPublicKey(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - sw = ecKeyTester.testECDH_invalidPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 1); - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 7. ECDSA test - // - buffer[bufferOffset] = ECTEST_ECDSA_SIGNATURE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_ECDSA_SIGNATURE) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - if (sw == ISO7816.SW_NO_ERROR) { - ecPubKey = ecKeyGenerator.getPublicKey(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - sw = ecKeyTester.testECDSA(ecPrivKey, ecPubKey, m_ramArray2, (short) 0, (short) m_ramArray2.length, m_ramArray, (short) 0); - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 8. Set anomalous custom curve - // - buffer[bufferOffset] = ECTEST_SET_ANOMALOUSCURVE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_SET_ANOMALOUSCURVE) != (short) 0) { - if (keyClass == KeyPair.ALG_EC_FP) { //Only FP supported at the moment - sw = ecKeyGenerator.setCustomAnomalousCurve(keyClass, keyLen, m_ramArray, (short) 0); - } - if (sw != ISO7816.SW_NO_ERROR) { - testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE; - testFlags &= ~FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT; - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 9. Generate keypair with anomalous custom curve - // - - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_ANOMALOUSCURVE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_ANOMALOUSCUVE) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - if (sw != ISO7816.SW_NO_ERROR) { - testFlags &= ~FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT; - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 10. Test small degree pubkey - // - - buffer[bufferOffset] = ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_ECDH_AGREEMENT_SMALL_DEGREE_POINT) != (short) 0) { - short pubLength = EC_Consts.getCurveParameter(EC_Consts.getAnomalousCurve(keyClass, keyLen), EC_Consts.PARAMETER_W, m_ramArray, (short) 0); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - sw = ecKeyTester.testECDH(ecPrivKey, m_ramArray, (short) 0, pubLength, m_ramArray2, (short) 1); - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 11. Set invalid custom curve - // - buffer[bufferOffset] = ECTEST_SET_INVALIDCURVE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_SET_INVALIDCURVE) != (short) 0) { - sw = ecKeyGenerator.setCustomInvalidCurve(keyClass, keyLen, ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_B, EC_Consts.CORRUPTION_FIXED, m_ramArray, (short) 0); - - if (sw != ISO7816.SW_NO_ERROR) { - testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE; - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 12. Generate keypair with invalid custom curve - // - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // - // 13. Set invalid field - // - buffer[bufferOffset] = ECTEST_SET_INVALIDFIELD; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_SET_INVALIDFIELD) != (short) 0) { - if (keyClass == KeyPair.ALG_EC_FP) - sw = ecKeyGenerator.setCustomInvalidCurve(keyClass, keyLen, ECKeyGenerator.KEY_BOTH, EC_Consts.PARAMETER_FP, EC_Consts.CORRUPTION_FULLRANDOM, m_ramArray, (short) 0); - else - sw = ecKeyGenerator.setCustomInvalidCurve(keyClass, keyLen, ECKeyGenerator.KEY_BOTH, EC_Consts.PARAMETER_F2M, EC_Consts.CORRUPTION_FULLRANDOM, m_ramArray, (short) 0); - - if (sw != ISO7816.SW_NO_ERROR) { - testFlags &= ~FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDFIELD; - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // 14. Generate key with invalid field - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_INVALIDFIELD; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_GENERATE_KEYPAIR_INVALIDFIELD) != (short) 0) { - sw = ecKeyGenerator.generatePair(); - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - return (short) (bufferOffset - baseOffset); - } - - void TestEC_SupportGivenLength(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - short len = apdu.setIncomingAndReceive(); - - short dataOffset = ISO7816.OFFSET_CDATA; - byte algType = apdubuf[dataOffset]; - dataOffset++; - short keyLength = Util.getShort(apdubuf, dataOffset); - dataOffset += 2; - - dataOffset = 0; - dataOffset += TestECSupport(algType, keyLength, apdubuf, dataOffset); - - apdu.setOutgoingAndSend((short) 0, dataOffset); - } - - void TestEC_FP_SupportAllLengths(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - short len = apdu.setIncomingAndReceive(); - short dataOffset = 0; - - // FP - dataOffset += TestECSupport(KeyPair.ALG_EC_FP, (short) 128, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_FP, (short) 160, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_FP, (short) 192, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_FP, (short) 224, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_FP, (short) 256, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_FP, (short) 384, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_FP, (short) 521, apdubuf, dataOffset); - - apdu.setOutgoingAndSend((short) 0, dataOffset); - } - - void TestEC_F2M_SupportAllLengths(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - short len = apdu.setIncomingAndReceive(); - - short dataOffset = 0; - // F2M - dataOffset += TestECSupport(KeyPair.ALG_EC_F2M, (short) 113, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_F2M, (short) 131, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_F2M, (short) 163, apdubuf, dataOffset); - dataOffset += TestECSupport(KeyPair.ALG_EC_F2M, (short) 193, apdubuf, dataOffset); - - apdu.setOutgoingAndSend((short) 0, dataOffset); - } - - short TestECSupportExternalCurve(byte keyClass, short keyLength, byte[] buffer, short bufferOffset, short outputOffset) { - short startOffset = outputOffset; - - short fieldLength = Util.getShort(buffer, bufferOffset); - bufferOffset += 2; - short aLength = Util.getShort(buffer, bufferOffset); - bufferOffset += 2; - short bLength = Util.getShort(buffer, bufferOffset); - bufferOffset += 2; - short gxLength = Util.getShort(buffer, bufferOffset); - bufferOffset += 2; - short gyLength = Util.getShort(buffer, bufferOffset); - bufferOffset += 2; - short rLength = Util.getShort(buffer, bufferOffset); - bufferOffset += 2; - - buffer[outputOffset] = ECTEST_SEPARATOR; - outputOffset++; - - // allocatePair - buffer[outputOffset] = ECTEST_ALLOCATE_KEYPAIR; - outputOffset++; - short sw = ecKeyGenerator.allocatePair(keyClass, keyLength); - Util.setShort(buffer, outputOffset, sw); - outputOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - return (short) (outputOffset - startOffset); - } - - // setExternalCurve - buffer[outputOffset] = ECTEST_SET_EXTERNALCURVE; - outputOffset++; - sw = ecKeyGenerator.setExternalCurve(ECKeyGenerator.KEY_BOTH, keyClass, buffer, bufferOffset, fieldLength, aLength, bLength, gxLength, gyLength, rLength); - Util.setShort(buffer, outputOffset, sw); - outputOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - return (short) (outputOffset - startOffset); - } - - // generatePair - buffer[outputOffset] = ECTEST_GENERATE_KEYPAIR_EXTERNALCURVE; - outputOffset++; - sw = ecKeyGenerator.generatePair(); - Util.setShort(buffer, outputOffset, sw); - outputOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - return (short) (outputOffset - startOffset); - } - - ecPubKey = ecKeyGenerator.getPublicKey(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - - // test_ECDH - buffer[outputOffset] = ECTEST_ECDH_AGREEMENT_VALID_POINT; - outputOffset++; - sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); - Util.setShort(buffer, outputOffset, sw); - outputOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - return (short) (outputOffset - startOffset); - } - - // test_ECDH invalid - buffer[outputOffset] = ECTEST_ECDH_AGREEMENT_INVALID_POINT; - outputOffset++; - sw = ecKeyTester.testECDH_invalidPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); - Util.setShort(buffer, outputOffset, sw); - outputOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - return (short) (outputOffset - startOffset); - } - - // test_ECDSA - buffer[outputOffset] = ECTEST_ECDSA_SIGNATURE; - outputOffset++; - randomData.generateData(m_ramArray, (short) 0, (short) (ARRAY_LENGTH / 2)); - sw = ecKeyTester.testECDSA(ecPrivKey, ecPubKey, m_ramArray, (short) 0, (short) (ARRAY_LENGTH / 2), m_ramArray2, (short) 0); - Util.setShort(buffer, outputOffset, sw); - outputOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - return (short) (outputOffset - startOffset); - } - - return (short) (outputOffset - startOffset); - } - - /** - * Receives an FP or F2M elliptic curve parameters in the APDU. - * Then allocates a new keypair, sets said curve and tries ECDH, ECDSA. - * APDU format: - * byte CLA = CLA_SIMPLEECCAPPLET - * byte INS = INS_TESTECSUPPORT_EXTERNAL - * byte P0 - * byte P1 - * <p> - * CDATA: - * byte keyClass -> KeyPair.ALG_EC_FP or KeyPair.ALG_EC_F2\M - * short keyLength - * short fieldLength - * short aLength - * short bLength - * short gxLength - * short gyLength - * short rLength - * field -> FP: prime / F2M: three or one short representing the reduction polynomial - * a - * b - * gx - * gy - * r - * short k - * <p> - * Response APDU format: - * CDATA: - * byte ECTEST_SEPARATOR - * byte ECTEST_ALLOCATE_KEYPAIR - * short sw - * byte ECTEST_SET_EXTERNALCURVE - * short sw - * byte ECTEST_GENERATE_KEYPAIR_EXTERNALCURVE - * short sw - * byte ECTEST_ECDH_AGREEMENT_VALID_POINT - * short sw - * byte ECTEST_ECDH_AGREEMENT_INVALID_POINT - * short sw - * byte ECTEST_ECDSA_SIGNATURE - * short sw - * - * @param apdu - */ - void TestEC_SupportExternal(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - short len = apdu.setIncomingAndReceive(); - - short offset = ISO7816.OFFSET_CDATA; - byte keyClass = apdubuf[offset]; - ++offset; - short keyLength = Util.getShort(apdubuf, offset); - offset += 2; - - short dataLength = TestECSupportExternalCurve(keyClass, keyLength, apdubuf, offset, (short) 0); - - apdu.setOutgoingAndSend((short) 0, dataLength); - } - - - void TestEC_FP_GenerateInvalidCurve(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - short len = apdu.setIncomingAndReceive(); - - short offset = ISO7816.OFFSET_CDATA; - short repeats = Util.getShort(apdubuf, offset); - offset += 2; - short corruptionType = Util.getShort(apdubuf, offset); - offset += 2; - byte bRewindOnSuccess = apdubuf[offset]; - offset++; - - short dataOffset = 0; - - // FP - dataOffset += TestECSupportInvalidCurve(KeyPair.ALG_EC_FP, (short) 160, apdubuf, dataOffset, repeats, corruptionType, bRewindOnSuccess); - - apdu.setOutgoingAndSend((short) 0, dataOffset); - } - - short TestECSupportInvalidCurve(byte keyClass, short keyLen, byte[] buffer, short bufferOffset, short repeats, short corruptionType, byte bRewindOnSuccess) { - short baseOffset = bufferOffset; - - short testFlags = FLAG_ECTEST_ALL; - - ecPubKey = null; - ecPrivKey = null; - - buffer[bufferOffset] = ECTEST_SEPARATOR; - bufferOffset++; - buffer[bufferOffset] = keyClass; - bufferOffset++; - Util.setShort(buffer, bufferOffset, keyLen); - bufferOffset += 2; - - short numExecutionsOffset = bufferOffset; // num executions to be stored later - bufferOffset += 2; - - short sw; - - // - // 1. Allocate KeyPair object - // - buffer[bufferOffset] = ECTEST_ALLOCATE_KEYPAIR; - bufferOffset++; - sw = SW_SKIPPED; - if ((testFlags & FLAG_ECTEST_ALLOCATE_KEYPAIR) != (short) 0) { - sw = ecKeyGenerator.allocatePair(keyClass, keyLen); - if (sw == ISO7816.SW_NO_ERROR) { - ecPrivKey = ecKeyGenerator.getPrivateKey(); - ecPubKey = ecKeyGenerator.getPublicKey(); - } else { - testFlags = 0; - } - - if (ecPubKey == null || ecPrivKey == null) { - ecKeyGenerator.generatePair(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - ecPubKey = ecKeyGenerator.getPublicKey(); - } - } - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - - // - // 2. Set invalid custom curve (many times) - // - sw = ecKeyGenerator.setCustomCurve(keyClass, keyLen, m_ramArray, (short) 0); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - ecPubKey = ecKeyGenerator.getPublicKey(); - - m_lenB = ecPubKey.getB(m_ramArray2, (short) 0); //store valid B - - short startOffset = bufferOffset; - short i; - for (i = 0; i < repeats; i++) { - if ((testFlags & FLAG_ECTEST_SET_INVALIDCURVE) != (short) 0) { - if (bRewindOnSuccess == 1) { - // if nothing unexpected happened, rewind bufferOffset back again - bufferOffset = startOffset; - } - - ecPubKey.getB(m_ramArray2, (short) 0); //store valid B - - // set invalid curve - buffer[bufferOffset] = ECTEST_SET_INVALIDCURVE; - bufferOffset++; - - // Supported types of invalid curve: - // CORRUPTION_NONE = 0x01, valid parameter - // CORRUPTION_FIXED = 0x02, first and last byte changed to a fixed value - // CORRUPTION_FULLRANDOM = 0x03, completely random parameter data - // CORRUPTION_ONEBYTERANDOM = 0x04, one random byte randomly changed - // CORRUPTION_ZERO = 0x05, parameter competely zero - // CORRUPTION_ONE = 0x06, parameter completely one - sw = ecKeyGenerator.setCustomInvalidCurve(keyClass, keyLen, ECKeyGenerator.KEY_BOTH, EC_Consts.PARAMETER_B, corruptionType, m_ramArray, (short) 0); - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - // if we reach this line, we are interested in value of B that caused incorrect response - break; // stop execution, return B - } - - // Gen key pair with invalid curve - - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_INVALIDCUSTOMCURVE; - bufferOffset++; - // Should fail - sw = ecKeyGenerator.generatePair(); - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - if (sw == ISO7816.SW_NO_ERROR) { - // If this line is reached, we generated key pair - what should not happen - buffer[bufferOffset] = ECTEST_DH_GENERATESECRET; - bufferOffset++; - - ecPrivKey = ecKeyGenerator.getPrivateKey(); - ecPubKey = ecKeyGenerator.getPublicKey(); - - sw = ecKeyTester.testECDH_validPoint(ecPrivKey, ecPubKey, m_ramArray, (short) 0, m_ramArray2, (short) 0); - m_lenB = ecPubKey.getB(m_ramArray2, (short) 0); //store B - //TODO: note, according to the previous version of this method, sw should get appended to the buffer only if sw != SW_NO_ERROR - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - break; //stop execution, return B - } - - // Generate keypair with valid curve - to check that whole engine is not somehow blocked - // after previous attempt with invalid curve - // - // set valid curve - buffer[bufferOffset] = ECTEST_SET_VALIDCURVE; - bufferOffset++; - sw = ecKeyGenerator.setCustomCurve(keyClass, keyLen, m_ramArray, (short) 0); - - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - - // Gen key pair with valid curve - buffer[bufferOffset] = ECTEST_GENERATE_KEYPAIR_CUSTOMCURVE; - bufferOffset++; - - sw = ecKeyGenerator.generatePair(); - Util.setShort(buffer, bufferOffset, sw); - bufferOffset += 2; - if (sw != ISO7816.SW_NO_ERROR) { - break; - } - - // If we reach this line => everything was as expected - // Rewind offset in array back (no storage of info about expected runs) - // bufferOffset = startOffset; done at beginning - } else { - Util.setShort(buffer, bufferOffset, SW_SKIPPED); - bufferOffset += 2; - } - } - - // Set number of executed repeats - Util.setShort(buffer, numExecutionsOffset, i); - - return (short) (bufferOffset - baseOffset); - } - - //TODO: generalize invalid B setting to all curve params - void TestECSupportInvalidCurve_lastUsedParams(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - apdu.setIncomingAndReceive(); - - short offset = 0; - Util.arrayCopyNonAtomic(m_ramArray2, (short) 0, apdubuf, offset, m_lenB); - offset += m_lenB; - - apdu.setOutgoingAndSend((short) 0, offset); - } - - void AllocateKeyPairReturnDefCurve(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - apdu.setIncomingAndReceive(); - - short bitLen = Util.getShort(apdubuf, ISO7816.OFFSET_CDATA); - - // Note: all locations should happen in constructor. But here it is intentional - // as we like to test for result of allocation - ecKeyGenerator.allocatePair(KeyPair.ALG_EC_FP, bitLen); - - // If required, generate also new key pair - if (apdubuf[ISO7816.OFFSET_P1] == (byte) 1) { - - // If required, initialize curve parameters first - if (apdubuf[ISO7816.OFFSET_P2] == (byte) 2) { - ecKeyGenerator.setCustomCurve(KeyPair.ALG_EC_FP, bitLen, m_ramArray, (short) 0); - } - - // Now generate new keypair with either default or custom curve - ecKeyGenerator.generatePair(); - - short len; - short offset = 0; - - // Export curve public parameters - offset += 2; // reserve space for length - len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_FP, apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - offset += 2; // reserve space for length - len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_A, apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - - offset += 2; // reserve space for length - len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_B, apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - offset += 2; // reserve space for length - len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_R, apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - /* - offset += 2; // reserve space for length - len = ecPubKey.getW(apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - */ - apdu.setOutgoingAndSend((short) 0, offset); - } - } - - void DeriveECDHSecret(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - short len = apdu.setIncomingAndReceive(); - - // Assumption: proper EC keyPair is already allocated - // If public key point is provided, then use it - if (len == 0) { - // if not provided, use build-in one (valid only for 192 only) - Util.arrayCopyNonAtomic(EC192_FP_PUBLICW, (short) 0, apdubuf, ISO7816.OFFSET_CDATA, (short) EC192_FP_PUBLICW.length); - len = (short) EC192_FP_PUBLICW.length; - } - - // Generate fresh EC keypair - ecKeyGenerator.generatePair(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - - if (dhKeyAgreement == null) { - dhKeyAgreement = KeyAgreement.getInstance(KeyAgreement.ALG_EC_SVDP_DH, false); - } - dhKeyAgreement.init(ecPrivKey); - short secretLen = 0; - // Generate and export secret - secretLen = dhKeyAgreement.generateSecret(apdubuf, ISO7816.OFFSET_CDATA, len, m_ramArray, (short) 0); - Util.arrayCopyNonAtomic(m_ramArray, (short) 0, apdubuf, (short) 0, secretLen); - - apdu.setOutgoingAndSend((short) 0, secretLen); - } - - void GenerateAndReturnKey(APDU apdu) { - byte[] apdubuf = apdu.getBuffer(); - apdu.setIncomingAndReceive(); - - short offset = ISO7816.OFFSET_CDATA; - byte keyClass = apdubuf[offset]; - offset++; - - short keyLength = Util.getShort(apdubuf, offset); - offset += 2; - - byte anomalous = apdubuf[offset]; - - offset = 0; - - switch (apdubuf[ISO7816.OFFSET_P1]) { - case P1_SETCURVE: { - ecKeyGenerator.allocatePair(keyClass, keyLength); - - if (anomalous != 0) { - ecKeyGenerator.setCustomAnomalousCurve(keyClass, keyLength, m_ramArray, (short) 0); - } else { - ecKeyGenerator.setCustomCurve(keyClass, keyLength, m_ramArray, (short) 0); - } - ecKeyGenerator.generatePair(); - ecPubKey = ecKeyGenerator.getPublicKey(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - break; - } - case P1_GENERATEKEYPAIR: { - // Assumption: proper EC keyPair is already allocated and initialized - short sw = ecKeyGenerator.generatePair(); - if (sw != ISO7816.SW_NO_ERROR) { - ISOException.throwIt(sw); - } - ecPubKey = ecKeyGenerator.getPublicKey(); - ecPrivKey = ecKeyGenerator.getPrivateKey(); - - offset = 0; - apdubuf[offset] = EC_Consts.TAG_ECPUBKEY; - offset++; - offset += 2; // reserve space for length - short len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PUBLIC, EC_Consts.PARAMETER_W, apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - apdubuf[offset] = EC_Consts.TAG_ECPRIVKEY; - offset++; - offset += 2; // reserve space for length - len = ecKeyGenerator.exportParameter(ECKeyGenerator.KEY_PRIVATE, EC_Consts.PARAMETER_S, apdubuf, offset); - Util.setShort(apdubuf, (short) (offset - 2), len); - offset += len; - break; - } - default: - ISOException.throwIt(ISO7816.SW_INCORRECT_P1P2); - } - - apdu.setOutgoingAndSend((short) 0, offset); - } - -/* - void AllocateKeyPair(byte algorithm, short bitLen) { - // Select proper attributes - switch (bitLen) { - case (short) 128: { - ecKeyPair = ecKeyPair128; - ecKeyPair = ecKeyPair128; - ecPrivKey = ecPrivKey128; - break; - } - case (short) 160: { - ecKeyPair = ecKeyPair160; - ecKeyPair = ecKeyPair160; - ecPrivKey = ecPrivKey160; - break; - } - case (short) 192: { - ecKeyPair = ecKeyPair192; - ecKeyPair = ecKeyPair192; - ecPrivKey = ecPrivKey192; - break; - } - case (short) 256: { - ecKeyPair = ecKeyPair256; - ecKeyPair = ecKeyPair256; - ecPrivKey = ecPrivKey256; - break; - } - default: { - ISOException.throwIt((short) -1); - } - } - - // Allocate instance - ecKeyPair = new KeyPair(algorithm, bitLen); - ecKeyPair.genKeyPair(); - ecPubKey = (ECPublicKey) ecKeyPair.getPublic(); - // sometimes null is returned and previous one call to genKeyPair() - // is required before we can get public key - if (ecPubKey == null) { - ecKeyPair.genKeyPair(); - } - ecPubKey = (ECPublicKey) ecKeyPair.getPublic(); - ecPrivKey = (ECPrivateKey) ecKeyPair.getPrivate(); - // Set required EC parameters - EC_Consts.setValidECKeyParams(ecPubKey, ecPrivKey, KeyPair.ALG_EC_FP, bitLen, m_ramArray); - } - - -*/ - -} - |