[dev-crypto-csharp] Issue about ECDomainParameters

Wed, 03 Jan 2024 05:42:10 -0800 

Hi everyone,

I'm starting to learn the BouncyCastle C# lib use,  can anybody help me with 
this code:


public static ECDomainParameters BabyJubJubDomainParameters()
{
  // EC parameters (Montgomery Form)
  // values from https://eips.ethereum.org/EIPS/eip-2494
  var p = new 
Org.BouncyCastle.Math.BigInteger("21888242871839275222246405745257275088548364400416034343698204186575808495617");
  var h = new Org.BouncyCastle.Math.BigInteger("8");
  var n = new 
Org.BouncyCastle.Math.BigInteger("21888242871839275222246405745257275088614511777268538073601725287587578984328");
  var a = new Org.BouncyCastle.Math.BigInteger("168698");
  var b = new Org.BouncyCastle.Math.BigInteger("1");
  var M_GX = new Org.BouncyCastle.Math.BigInteger("7");
  var M_GY = new 
Org.BouncyCastle.Math.BigInteger("4258727773875940690362607550498304598101071202821725296872974770776423442226");

  var order = n.Multiply(h);
  /*
  
https://upcommons.upc.edu/bitstream/handle/2117/361741/mathematics-09-03022.pdf?sequence=1
  # Transform a Montgomery curve to a short Weierstrass .
  a = (3 - A^2) / (3 * B^2)
  b = (2 * A^3 - 9*A) / (27 * B^3)
  x0,y0 = (x0 + A/3) / B , y0 / B
  x1,y1 = (x1 + A/3) / B , y1 / B
  */

  var nove = new Org.BouncyCastle.Math.BigInteger("9");
  var W_a = 
((Org.BouncyCastle.Math.BigInteger.Three.Subtract(a.Pow(2))).Divide(Org.BouncyCastle.Math.BigInteger.Three.Multiply(b.Pow(2)))).Mod(p);
  var W_b = 
(Org.BouncyCastle.Math.BigInteger.Two.Multiply(a.Pow(3)).Subtract(nove.Multiply(a))).Divide((new
 Org.BouncyCastle.Math.BigInteger("27")).Multiply(b.Pow(3))); //.Mod(p);
  var W_GX = 
(M_GX.Add(a.Divide(Org.BouncyCastle.Math.BigInteger.Three))).Divide(b); 
//.Mod(p);
  var W_GY = M_GY.Divide(b); //.Mod(p);

  Org.BouncyCastle.Math.EC.ECCurve curve = new FpCurve(p, W_a, W_b, n, h);
  Org.BouncyCastle.Math.EC.ECPoint generatorPoint = curve.CreatePoint(W_GX, 
W_GY);
  return new ECDomainParameters(curve, generatorPoint, n, h);
}

var ecParameters = CryptoUtils.BabyJubJubDomainParameters();

The internal method ValidatePublicPoint of the class ECDomainParameters returns 
an exception:
System.ArgumentException: 'Point not on curve (Parameter 'q')'


Thanks in advance,
Best regards
F

Reply via email to