void mcl_ecpbs_import_pk(mcl_ecpbs_pk *pk) {
FILE *fp;
int compressed_y;
big x;
fp = fopen("keys/ec160.public", "rt");
if (fp == NULL) {
printf("file ec.public does not exist\n");
exit(0);
}
x = mirvar(0);
/* import the compressed y value */
fscanf(fp, "%d", &compressed_y);
/* import the x coordinate on the curve */
innum(x, fp);
fclose(fp);
/* check if x is valid on the curve */
if (!epoint_x(x)) {
printf(
"Problem - imported x value of the public key is not on the active curve\n");
exit(0);
}
/* decompress point */
if (!epoint_set(x, x, compressed_y, pk->key)) {
printf("Problem - public key point (x,y) is not on the curve\n");
exit(0);
}
mirkill(x);
}
BOOL is_on_curve(const Big& a)
{ return epoint_x(a.fn);}
void mcl_ecpbs_import_parameters(mcl_ecpbs_parameters *parameters) {
FILE *fp;
int bits;
big x, y;
miracl *mip;
/* get public curve parameters */
fp = fopen("keys/ec160.parameters", "rt");
if (fp == NULL) {
printf("file ec.parameters does not exist\n");
exit(0);
}
/* read in big number bitlength */
fscanf(fp, "%d\n", &bits);
/*
* Initialize the system, using HEX (base16) internally.
* The internal storage for each big number uses bits/4.
*/
mip = mirsys(bits / 4, 16);
/* initialize memory for parameters */
parameters->p = mirvar(0);
parameters->A = mirvar(0);
parameters->B = mirvar(0);
parameters->q = mirvar(0);
x = mirvar(0);
y = mirvar(0);
parameters->g = epoint_init();
/* import parameters */
/* p is the modulus */
innum(parameters->p, fp);
/* A and B are curve parameters */
innum(parameters->A, fp);
innum(parameters->B, fp);
/* q is the order of (x,y) */
innum(parameters->q, fp);
/* (x,y) point on curve of order q */
innum(x, fp);
innum(y, fp);
fclose(fp);
/* FIXME randomize */
irand(675822498);
/* initialize curve - can use MR_PROJECTIVE, or MR_AFFINE */
ecurve_init(parameters->A, parameters->B, parameters->p, MR_PROJECTIVE);
/* check if x is valid on the curve */
if (!epoint_x(x)) {
printf(
"Problem - imported x value of the generator is not on the active curve\n");
exit(0);
}
/* initialize generator to the point of order q */
if (!epoint_set(x, y, 0, parameters->g)) {
printf("Problem - generator point (x,y) is not on the curve\n");
exit(0);
}
mirkill(x);
mirkill(y);
}
/*
* function encodeByteArrayToPoint : Encodes the given byte array into a point.
* If the given byte array can not be encoded to a point, returns 0.
* param dlog : Pointer to the native Dlog object.
* param binaryString : The byte array to encode.
* param k : k is the maximum length of a string to be converted to a Group Element of this group.
* If a string exceeds the k length it cannot be converted.
* return : The created point or 0 if the point cannot be created.
*/
JNIEXPORT jlong JNICALL Java_edu_biu_scapi_primitives_dlog_miracl_MiraclDlogECFp_encodeByteArrayToPoint
(JNIEnv * env, jobject, jlong m, jbyteArray binaryString, jint k){
//Pseudo-code:
/*If the length of binaryString exceeds k then throw IndexOutOfBoundsException.
Let L be the length in bytes of p
Choose a random byte array r of length L – k – 2 bytes
Prepare a string newString of the following form: r || binaryString || binaryString.length (where || denotes concatenation) (i.e., the least significant byte of newString is the length of binaryString in bytes)
Convert the result to a BigInteger (bIString)
Compute the elliptic curve equation for this x and see if there exists a y such that (x,y) satisfies the equation.
If yes, return (x,y)
Else, go back to step 3 (choose a random r etc.) up to 80 times (This is an arbitrary hard-coded number).
If did not find y such that (x,y) satisfies the equation after 80 trials then return null.
*/
/* convert the accepted parameters to MIRACL parameters*/
miracl* mip = (miracl*)m;
jbyte* string = (jbyte*) env->GetByteArrayElements(binaryString, 0);
int len = env->GetArrayLength(binaryString);
if (len > k){
env ->ReleaseByteArrayElements(binaryString, string, 0);
return 0;
}
big x, p;
x = mirvar(mip, 0);
p = mip->modulus;
int l = logb2(mip, p)/8;
char* randomArray = new char[l-k-2];
char* newString = new char[l - k - 1 + len];
memcpy(newString+l-k-2, string, len);
newString[l - k - 2 + len] = (char) len;
int counter = 0;
bool success = 0;
csprng rng;
srand(time(0));
long seed;
char raw = rand();
time((time_t*)&seed);
strong_init(&rng,1,&raw,seed);
do{
for (int i=0; i<l-k-2; i++){
randomArray[i] = strong_rng(&rng);
}
memcpy(newString, randomArray, l-k-2);
bytes_to_big(mip, l - k - 1 + len, newString, x);
//If the number is negative, make it positive.
if(exsign(x)== -1){
absol(x, x);
}
//epoint_x returns true if the given x value leads to a valid point on the curve.
//if failed, go back to choose a random r etc.
success = epoint_x(mip, x);
counter++;
} while((!success) && (counter <= 80)); //we limit the amount of times we try to 80 which is an arbitrary number.
epoint* point = 0;
if (success){
point = epoint_init(mip);
epoint_set(mip, x, x, 0, point);
}
char* temp = new char[l - k - 1 + len];
big_to_bytes(mip,l - k - 1 + len , x, temp, 1);
//Delete the allocated memory.
env ->ReleaseByteArrayElements(binaryString, string, 0);
mirkill(x);
delete(randomArray);
delete(newString);
//Return the created point.
return (long) point;
}
