Hi Chris,
It's not a bug in ToBigInteger per se, but one does have to be careful about the length of an encoding of the value. Note that it must be exactly 32 (for secp256k1), so one has to deal with a possible leading "sign byte", and also the less likely occurrence of a very small field element value leading to < 32 bytes encoding.

When I get to porting the latest EC stuff over from Java, there will be a GetEncoded method on ECFieldElement, but for now you can use the Org.BouncyCastle.Asn1.X9.X9IntegerConverter utility class:
Snippet
            ECFieldElement  fe = ...;
            int length= X9IntegerConverter.GetByteLength(fe);
byte[] encoding = X9IntegerConverter.IntegerToBytes(fe.ToBigInteger(), length);

BTW, if you are trying to produce a standard point encoding, you can just use ECPoint.GetEncoded() which does the above internally and also adds the leading point format byte.

Snippet Regards,
Pete Dettman

On 26/10/2013 10:28 PM, Mankowski, Chris wrote:
EDIT:  corrections in subject and body (bits vs bytes)

There seems to be a bug in ToBigInteger, that causes the output of ECFieldElement to sometimes be 33 bits long.

The problem seems to be a leading zero is appended (or left in) during the conversion. This bit seems to be located in byte[0]. So far it seems that the value is always zero with these outside-in tests, however further investigation is warranted.

Then again, if I do have any error in my code, please let me know.


while(true)

            {

ECKeyPairGeneratorgen = newECKeyPairGenerator("ECDSA");

Org.BouncyCastle.Asn1.X9.X9ECParameters ecp = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1");

ECDomainParameters ecSpec = new ECDomainParameters(ecp.Curve, ecp.G, ecp.N, ecp.H, ecp.GetSeed());

SecureRandom secureRandom = new SecureRandom();

ECKeyGenerationParametersecgp = newECKeyGenerationParameters(ecSpec, secureRandom);

                gen.Init(ecgp);

AsymmetricCipherKeyPair eckp = gen.GenerateKeyPair();


// Cast it

var publicKey = (ECPublicKeyParameters)(eckp.Public);

var privateKey = (ECPrivateKeyParameters)(eckp.Private);


// Get X and Y

var pubxBigInt = publicKey.Q.X.ToBigInteger();

var pubyBigInt = publicKey.Q.Y.ToBigInteger();


// Get Byte Array... whoa, why is the length 33? Can I simply trim the leading zero?

var pubxBigIntArray = pubyBigInt.ToByteArray();

var pubyBigIntArray = pubyBigInt.ToByteArray();


if (pubyBigIntArray.Length > 32 || pubxBigIntArray.Length > 32)

                {

StringBuilder sb = new StringBuilder();


if (pubxBigIntArray.Length > 32)

                    {

sb.Append(String.Format("X is {0} bits. Bit[0] = {1}", pubxBigIntArray.Length, pubxBigIntArray[0]));

                    }

if (pubyBigIntArray.Length > 32)

                    {

sb.Append(String.Format(" Y is {0} bits. Bit[0] = {1}",pubyBigIntArray.Length, pubyBigIntArray[0]));

                    }

Console.WriteLine(sb.ToString());

                }

else

                {

Console.WriteLine("OK");

                }

            }


Chris Mankowski

------------------------------------------------------------------------
Notice: This e-mail message and any attachment to this e-mail message may contain information that is confidential, proprietary, privileged, legally privileged and/or exempt from disclosure under applicable law. If you are not the intended recipient, please accept this as notice that any disclosure, copying, distribution or use of the information contained in this transmission is strictly prohibited. NFP reserves the right, to the extent and under circumstances permitted by applicable law, to retain, monitor and intercept e-mail messages to and from its systems.

Any views or opinions expressed in this e-mail are those of the sender and do not necessarily express those of NFP. Although this transmission and any attachment are believed to be free of any virus or other defect that might affect any computer system into which it is received and opened, it is the responsibility of the recipient to ensure that it is virus free and no responsibility is accepted by NFP, its subsidiaries and affiliates, as applicable, for any loss or damage arising in any way from its use.

If you have received this e-mail in error, please immediately contact the sender by return e-mail or by telephone at 212-301-4000 and destroy the material in its entirety, whether electronic or hard copy format.

Reply via email to