Intel

Developer Zone

EccAlg

com.intel.crypto

Class EccAlg

  • java.lang.Object
    • com.intel.crypto.EccAlg

  • public abstract class EccAlg
extends java.lang.Object

    This abstract class represents ECC algorithm set including key-generation, signing and verifying. This class allows the instantiation of an ECC implementation class through the create() factory method.

    NOTE:
    The ECC algorithm implementation supports the following curve types only:

    • The secp256k1 curve is a 256-bit elliptic curve over finite field Fp, based on "SEC 2: Recommended Elliptic Curve Domain Parameters" Version 1.0 September 20, 2000.

    The following key generation and signing algorithms are supported by this class:
    • ECC keys generation
    • ECC signature using the ECDSA algorithm

    The default hash algorithm is SHA-526 HashAlg.HASH_TYPE_SHA256.

    • Nested Class Summary

      Nested Classes
      Modifier and Type Class and Description
      static class EccAlg.CurvePoint
      This class represents a generic uncompressed point (x, y) on an elliptic curve.
      static class EccAlg.CurveProperties
      This class represents elliptic curve properties, namely the tuple T = (p, a, b, G, n, h).

    • Field Summary

      Fields
      Modifier and Type Field and Description
      static short ECC_CURVE_TYPE_SECP256K1
      The ECC secp256k1 curve is a 256-bit elliptic curve over finite field Fp.

    • Method Summary

      Methods
      Modifier and Type Method and Description
      abstract void calculatePublicKey(EccAlg.CurvePoint publicKey)
      Calculates the public key based on the private key scalar set in the instance and stores it into the provided publicKey.
      static EccAlg create(short curveType)
      Factory method for creating a concrete instance.
      abstract void generateKeys()
      Generates ECC public and private keys.
      abstract EccAlg.CurveProperties getCurveProperties()
      Returns the object that represents the properties of the instance's curve.
      abstract short getCurveType()
      Return the ECC curve type.
      abstract short getHashAlg()
      Obtains the hash algorithm which is currently used by this instance during signing operations.
      abstract void getKeys(EccAlg.CurvePoint publicKey, byte[] privateKey, short privateKeyIndex)
      Obtains the ECC public and private keys for this instance.
      abstract short getPrivateKeySize()
      Returns the ECC private key scalar length in bytes.
      abstract void getPublicKey(EccAlg.CurvePoint publicKey)
      Obtains the ECC public key for this instance.
      abstract short getPublicKeySize()
      Returns the ECC public key point coordinate length in bytes.
      abstract short getSignatureSize()
      Returns the signature length in bytes of the curve currently used in the instance.
      abstract void setHashAlg(short hashAlgType)
      Sets the hash algorithm to be used by this instance during signing operations.
      abstract void setKeys(EccAlg.CurvePoint publicKey, byte[] privateKey, short privateKeyIndex, short privateKeyLength)
      Sets the ECC public and private keys.
      abstract void setPrivateKey(byte[] privateKey, short privateKeyIndex, short privateKeyLength)
      Sets the ECC private key.
      abstract void setPublicKey(EccAlg.CurvePoint publicKey)
      Sets the ECC public key.
      abstract void signComplete(byte[] data, short dataIndex, short dataLength, byte[] signatureR, short signatureRIndex, byte[] signatureS, short signatureSIndex)
      Signs the provided input data using the key and hash algorithm currently stored by the instance.
      abstract void signHash(byte[] hash, short hashIndex, short hashLength, byte[] signatureR, short signatureRIndex, byte[] signatureS, short signatureSIndex)
      Signs the provided already hashed data using the key currently stored in the instance.
      abstract boolean validatePublicKey(EccAlg.CurvePoint publicKey)
      Validates the provided public key by verifying that it represents a legal point on the elliptic curve.
      abstract boolean verifyComplete(byte[] data, short dataIndex, short dataLength, byte[] signatureR, short signatureRIndex, short signatureRLength, byte[] signatureS, short signatureSIndex, short signatureSLength)
      Verifies the signature on the provided input data using the key and hash algorithm currently stored by the instance.
      abstract boolean verifyHash(byte[] hash, short hashIndex, short hashLength, byte[] signatureR, short signatureRIndex, short signatureRLength, byte[] signatureS, short signatureSIndex, short signatureSLength)
      Verifies the signature on the provided already hashed input data using the key currently stored in the instance.

      • Methods inherited from class java.lang.Object

        equals, getClass, hashCode, toString

    • Field Detail

      • ECC_CURVE_TYPE_SECP256K1

        public static final short ECC_CURVE_TYPE_SECP256K1
        The ECC secp256k1 curve is a 256-bit elliptic curve over finite field Fp.
        See Also:
        Constant Field Values

    • Method Detail

      • generateKeys

        public abstract void generateKeys()
                           throws CryptoException
        Generates ECC public and private keys. Keys are generated according to the curve type and are stored internally in the instance. Calling this method will override any other key (public or private) previously stored by this instance.
        Throws:
        ComputationException - if the operation did not complete successfully due to errors returned from the crypto engine
        CryptoException - if an unexpected error occurred

      • setPrivateKey

        public abstract void setPrivateKey(byte[] privateKey,
                 short privateKeyIndex,
                 short privateKeyLength)
                            throws CryptoException
        Sets the ECC private key. Calling this method will override any other private key previously stored by this instance. The key validity is not checked.
        Parameters:
        privateKey - the ECC private key scalar
        privateKeyIndex - index in the privateKey array
        privateKeyLength - private key length in bytes should be equal to getPrivateKeySize()
        Throws:
        IllegalParameterException - if the privateKeyLength doesn't match the size returned by getPrivateKeySize() or input is invalid
        CryptoException

      • setKeys

        public abstract void setKeys(EccAlg.CurvePoint publicKey,
           byte[] privateKey,
           short privateKeyIndex,
           short privateKeyLength)
                      throws CryptoException
        Sets the ECC public and private keys. Calling this method will override any other key (public or private) previously stored by this instance. The key-pair validity is checked based on the elliptic curve.
        Parameters:
        publicKey - the ECC public key. Should contain valid X and Y coordinates buffers with size getPublicKeySize()
        privateKey - the ECC private key scalar
        privateKeyIndex - index in the privateKey array
        privateKeyLength - private key length in bytes should be equal to getPrivateKeySize()
        Throws:
        IllegalParameterException - if the lengths of publicKey.x or publicKey.y don't match the size returned by getPublicKeySize() or privateKeyLength doesn't match the size returned by getPrivateKeySize() or provided keys are invalid
        ComputationException - if the operation did not complete successfully due to errors returned from the crypto engine
        CryptoException - if an unexpected error occurred

      • getCurveType

        public abstract short getCurveType()
        Return the ECC curve type.
        Returns:
        returns the ECC curve type used by this instance.

      • getPublicKeySize

        public abstract short getPublicKeySize()
        Returns the ECC public key point coordinate length in bytes.
        Returns:
        the ECC public key point coordinate according to the curve type used by this instance.

      • getPrivateKeySize

        public abstract short getPrivateKeySize()
        Returns the ECC private key scalar length in bytes.
        Returns:
        the ECC private key length according to the curve type used by this instance.

      • getKeys

        public abstract void getKeys(EccAlg.CurvePoint publicKey,
           byte[] privateKey,
           short privateKeyIndex)
                      throws CryptoException
        Obtains the ECC public and private keys for this instance. The getPublicKeySize() method can be used to retrieve the required size for publicKey.x and publicKey.y coordinate buffers. The getPrivateKeySize() can be used to retrieve the required size for the privateKey buffer.
        Parameters:
        publicKey - the ECC public key. should contain X coordinate and the Y coordinate buffers with size getPublicKeySize()
        privateKey - an array to hold the ECC private key with the correct size
        privateKeyIndex - index in the private key array
        Throws:
        NotInitializedException - if the keys were not set or generated for this instance
        IllegalParameterException - if the lengths of publicKey.x or publicKey.y don't match the size returned by getPublicKeySize() or input is invalid
        CryptoException

      • signComplete

        public abstract void signComplete(byte[] data,
                short dataIndex,
                short dataLength,
                byte[] signatureR,
                short signatureRIndex,
                byte[] signatureS,
                short signatureSIndex)
                           throws CryptoException
        Signs the provided input data using the key and hash algorithm currently stored by the instance. The method getSignatureSize() provides the required size for the signatureR and signatureS buffers. The default hash algorithm is SHA-526 HashAlg.HASH_TYPE_SHA256.
        Parameters:
        data - the plain data to sign
        dataIndex - index in the data array
        dataLength - data length in bytes
        signatureR - the R signature buffer to hold the data must be at least getSignatureSize() length
        signatureRIndex - index in the R signature buffer
        signatureS - the S signature buffer to hold the data must be at least getSignatureSize() length
        signatureSIndex - index in the S signature buffer
        Throws:
        NotInitializedException - if this instance is not configured correctly in order to generate a signature. For example, if the private key or the hash algorithm were not set for this instance
        ComputationException - if the operation did not complete successfully due to errors returned from the crypto engine
        CryptoException - if an unexpected error occurred
        IllegalParameterException - if the lengths of signatureR or signatureS are less than the size returned by getSignatureSize() or input is invalid

      • verifyComplete

        public abstract boolean verifyComplete(byte[] data,
                     short dataIndex,
                     short dataLength,
                     byte[] signatureR,
                     short signatureRIndex,
                     short signatureRLength,
                     byte[] signatureS,
                     short signatureSIndex,
                     short signatureSLength)
                                throws CryptoException
        Verifies the signature on the provided input data using the key and hash algorithm currently stored by the instance.
        Parameters:
        data - The data to verify
        dataIndex - index in the data array
        dataLength - data length in bytes
        signatureR - The R signature buffer to verify
        signatureRIndex - index in the R signature buffer
        signatureRLength - R signature buffer length in bytes
        signatureS - The S signature buffer to verify
        signatureSIndex - index in the S signature buffer
        signatureSLength - S signature buffer length in bytes
        Throws:
        NotInitializedException - if this instance is not configured correctly in order to generate a signature. For example, if the public key or the hash algorithm were not set for this instance
        IllegalParameterException - signatureLength doesn't match getSignatureSize() or input invalid
        ComputationException - if the operation did not complete successfully due to errors returned from the crypto engine
        CryptoException - if an unexpected error occurred

      • signHash

        public abstract void signHash(byte[] hash,
            short hashIndex,
            short hashLength,
            byte[] signatureR,
            short signatureRIndex,
            byte[] signatureS,
            short signatureSIndex)
                       throws CryptoException
        Signs the provided already hashed data using the key currently stored in the instance.
        Parameters:
        hash - the input data to sign
        hashIndex - index in the input array
        hashLength - input data length must be no larger than getPrivateKeySize()
        signatureR - the R signature buffer to hold the data must be at least getSignatureSize() length
        signatureRIndex - index in the R signature buffer
        signatureS - the S signature buffer to hold the data must be at least getSignatureSize()length
        signatureSIndex - index in the S signature buffer
        Throws:
        NotInitializedException - if this instance is not configured correctly in order to generate a signature. For example, the private key or the public key is not set.
        IllegalParameterException - if the lengths of signatureR or signatureS are less than the size returned by getSignatureSize() or hash is bigger than getPrivateKeySize() or input is invalid
        ComputationException - if the operation did not complete successfully due to errors returned from the crypto engine
        CryptoException - if an unexpected error occurred

      • verifyHash

        public abstract boolean verifyHash(byte[] hash,
                 short hashIndex,
                 short hashLength,
                 byte[] signatureR,
                 short signatureRIndex,
                 short signatureRLength,
                 byte[] signatureS,
                 short signatureSIndex,
                 short signatureSLength)
                            throws CryptoException
        Verifies the signature on the provided already hashed input data using the key currently stored in the instance.
        Parameters:
        hash - the hash that was signed
        hashIndex - index in the hash array
        hashLength - hash data length
        signatureR - The R signature buffer to verify
        signatureRIndex - index in the R signature buffer
        signatureRLength - R signature buffer length in bytes
        signatureS - The S signature buffer to verify
        signatureSIndex - index in the S signature buffer
        signatureSLength - S signature buffer length in bytes
        Returns:
        true if the signature verified successfully, false otherwise.
        Throws:
        NotInitializedException - if this instance is not configured correctly in order to verify the signature. For example, the public key.
        IllegalParameterException - if hash doesn't match the size returned by getPrivateKeySize() or signatureLengths don't match getSignatureSize()
        ComputationException - if the operation did not complete successfully due to errors returned from the crypto engine
        CryptoException - if an unexpected error occurred

      • validatePublicKey

        public abstract boolean validatePublicKey(EccAlg.CurvePoint publicKey)
                                   throws CryptoException
        Validates the provided public key by verifying that it represents a legal point on the elliptic curve.
        Parameters:
        publicKey - the public key to verify.
        Returns:
        return true iff publicKey is valid false otherwise.
        Throws:
        IllegalParameterException - if size of publicKey.x or publicKey.y don't match the size returned by getPublicKeySize() or the provided input is illegal
        CryptoException - if an unexpected error occurred
        ComputationException - if the operation did not complete successfully due to errors returned from the crypto engine

      • calculatePublicKey

        public abstract void calculatePublicKey(EccAlg.CurvePoint publicKey)
                                 throws CryptoException
        Calculates the public key based on the private key scalar set in the instance and stores it into the provided publicKey.
        Parameters:
        publicKey - the output ECC public key. Should contain valid X and Y coordinates buffers with size getPublicKeySize()
        Throws:
        NotInitializedException - if this instance is not configured correctly in order to calculate the public key. For example, if the private key is not set for this instance
        IllegalParameterException - if size of publicKey.x or publicKey.y don't match the size returned by getPublicKeySize() or the provided input is illegal
        CryptoException - if an unexpected error occurred
        ComputationException - if the operation did not complete successfully due to errors returned from the crypto engine

      • getSignatureSize

        public abstract short getSignatureSize()
        Returns the signature length in bytes of the curve currently used in the instance. (Note: this size is for R and S)

      • setHashAlg

        public abstract void setHashAlg(short hashAlgType)
                         throws CryptoException
        Sets the hash algorithm to be used by this instance during signing operations.
        Parameters:
        hashAlgType - the hash algorithm that will be used during signing operations, see HashAlg.HASH_TYPE_XXX definitions for possible values
        Throws:
        NotSupportedException - if the provided hashing algorithm is not supported.
        CryptoException

      • getHashAlg

        public abstract short getHashAlg()
        Obtains the hash algorithm which is currently used by this instance during signing operations.
        Returns:
        The hash algorithm that is used during signing operations, see HashAlg.HASH_TYPE_XXX definitions for possible values

      • getCurveProperties

        public abstract EccAlg.CurveProperties getCurveProperties()
        Returns the object that represents the properties of the instance's curve.
        Returns:
        a EccAlg.CurveProperties object that represents the curve's properties.

      • create

        public static final EccAlg create(short curveType)
                           throws CryptoException
        Factory method for creating a concrete instance.
        Parameters:
        curveType - the ECC curve type - one of EccAlg.ECC_CURVE_TYPE_XXX values
        Returns:
        EccAlg instance.
        Throws:
        IllegalParameterException - if the curveType is unsupported
        CryptoException
Back to top

Hardware Developers

  • Resource and Design Center
  • Shop Intel
  • Firmware

    • Open Source

  • 01.org
  • Clear Linux* Project
  • Zephyr Project

    • Manage Your Tools

  • Download Center
  • Online Service Center
  • Registration Center

    • Stay Up-to-Date

  • Forums
  • Recent Updates
  • Subscribe to our YouTube Channel
  • Newsletter Archives

    • Terms of Use
    *Trademarks
    Privacy
    Cookies