1 package org.gudy.bouncycastle.crypto.agreement; 2 3 import java.math.BigInteger; 4 5 import org.gudy.bouncycastle.crypto.BasicAgreement; 6 import org.gudy.bouncycastle.crypto.CipherParameters; 7 import org.gudy.bouncycastle.crypto.params.ECPrivateKeyParameters; 8 import org.gudy.bouncycastle.crypto.params.ECPublicKeyParameters; 9 import org.gudy.bouncycastle.math.ec.ECPoint; 10 11 /** 12 * P1363 7.2.1 ECSVDP-DH 13 * 14 * ECSVDP-DH is Elliptic Curve Secret Value Derivation Primitive, 15 * Diffie-Hellman version. It is based on the work of [DH76], [Mil86], 16 * and [Kob87]. This primitive derives a shared secret value from one 17 * party's private key and another party's public key, where both have 18 * the same set of EC domain parameters. If two parties correctly 19 * execute this primitive, they will produce the same output. This 20 * primitive can be invoked by a scheme to derive a shared secret key; 21 * specifically, it may be used with the schemes ECKAS-DH1 and 22 * DL/ECKAS-DH2. It assumes that the input keys are valid (see also 23 * Section 7.2.2). 24 */ 25 public class ECDHBasicAgreement 26 implements BasicAgreement 27 { 28 private ECPrivateKeyParameters key; 29 init( CipherParameters key)30 public void init( 31 CipherParameters key) 32 { 33 this.key = (ECPrivateKeyParameters)key; 34 } 35 calculateAgreement( CipherParameters pubKey)36 public BigInteger calculateAgreement( 37 CipherParameters pubKey) 38 { 39 ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey; 40 ECPoint P = pub.getQ().multiply(key.getD()); 41 42 // if ( p.isInfinity() ) throw new RuntimeException("d*Q == infinity"); 43 44 return P.getX().toBigInteger(); 45 } 46 } 47