我目前的項目僅使用BouncyCastle的Fips資源進行加密/解密簽名等等。密鑰仍然使用通常的C#彈性城堡生成。現在,因爲這是一個浪費,我想要更改代碼,但是我找不到有關如何執行此操作的任何文檔。如何使用Bouncy Castle生成EC密鑰對
是我到目前爲止有:
ECDomainParameters s = new ECDomainParameters(...?)
FipsEC.KeyPairGenerator ecGen = CryptoServicesRegistrar.CreateGenerator(new FipsEC.KeyGenerationParameters(s));
但如何指定曲線,g和n的類型?
在此先感謝您,如果您能以某種方式提供幫助。
我在BouncyCastle單元測試中發現了一些例子。嘗試下載他們的代碼測試:https://www.bouncycastle.org/csharp/download/bccrypto-csharp-1.8.1-src.zip或找到自己的網頁上適當的源:https://www.bouncycastle.org/csharp/index.html
然後查找類單元測試:ECTest
例如他們有這樣的代碼:
/**
* key generation test
*/
[Test]
public void TestECDsaKeyGenTest()
{
SecureRandom random = new SecureRandom();
BigInteger n = new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307");
FpCurve curve = new FpCurve(
new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b
n, BigInteger.One);
ECDomainParameters parameters = new ECDomainParameters(
curve,
curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
n);
ECKeyPairGenerator pGen = new ECKeyPairGenerator();
ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(
parameters,
random);
pGen.Init(genParam);
AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair();
ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
ECDsaSigner ecdsa = new ECDsaSigner();
ecdsa.Init(true, param);
byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray();
BigInteger[] sig = ecdsa.GenerateSignature(message);
ecdsa.Init(false, pair.Public);
if (!ecdsa.VerifySignature(message, sig[0], sig[1]))
{
Fail("signature fails");
}
}
我發現'FipsEC.DomainParams.B571'但idk如何在此代碼中使用它 –