Save This Page
1 package org.bouncycastle.crypto.agreement;
2
3 import java.math.BigInteger;
4
5 import org.bouncycastle.math.ec.ECPoint;
6
7 import org.bouncycastle.crypto.BasicAgreement;
8 import org.bouncycastle.crypto.CipherParameters;
9 import org.bouncycastle.crypto.params.ECPublicKeyParameters;
10 import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
11
12 /**
13 * P1363 7.2.1 ECSVDP-DH
14 *
15 * ECSVDP-DH is Elliptic Curve Secret Value Derivation Primitive,
16 * Diffie-Hellman version. It is based on the work of [DH76], [Mil86],
17 * and [Kob87]. This primitive derives a shared secret value from one
18 * party's private key and another party's public key, where both have
19 * the same set of EC domain parameters. If two parties correctly
20 * execute this primitive, they will produce the same output. This
21 * primitive can be invoked by a scheme to derive a shared secret key;
22 * specifically, it may be used with the schemes ECKAS-DH1 and
23 * DL/ECKAS-DH2. It assumes that the input keys are valid (see also
24 * Section 7.2.2).
25 */
26 public class ECDHBasicAgreement
27 implements BasicAgreement
28 {
29 private ECPrivateKeyParameters key;
30
31 public void init(
32 CipherParameters key)
33 {
34 this.key = (ECPrivateKeyParameters)key;
35 }
36
37 public BigInteger calculateAgreement(
38 CipherParameters pubKey)
39 {
40 ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey;
41 ECPoint P = pub.getQ().multiply(key.getD());
42
43 // if (p.isInfinity()) throw new RuntimeException("d*Q == infinity");
44
45 return P.getX().toBigInteger();
46 }
47 }