Package com.nimbusds.jose.crypto.utils
Class ECChecks
- java.lang.Object
-
- com.nimbusds.jose.crypto.utils.ECChecks
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static boolean
isPointOnCurve(BigInteger x, BigInteger y, ECParameterSpec ecParameterSpec)
Checks if the specified (ephemeral) public key is on the given curve.static boolean
isPointOnCurve(ECPublicKey publicKey, ECPrivateKey privateKey)
Checks if the specified (ephemeral) public key is on the curve of the private key.static boolean
isPointOnCurve(ECPublicKey publicKey, ECParameterSpec ecParameterSpec)
Checks if the specified (ephemeral) public key is on the given curve.
-
-
-
Method Detail
-
isPointOnCurve
public static boolean isPointOnCurve(ECPublicKey publicKey, ECPrivateKey privateKey)
Checks if the specified (ephemeral) public key is on the curve of the private key. Intended to prevent an "Invalid Curve Attack", independent from any JCA provider checks (the SUN provider in Java 1.8.0_51+ and BouncyCastle have them, other / older provider do not).See https://www.cs.bris.ac.uk/Research/CryptographySecurity/RWC/2017/nguyen.quan.pdf
- Parameters:
publicKey
- The public EC key. Must not benull
.privateKey
- The private EC key. Must not benull
.- Returns:
true
if public key passed the curve check.
-
isPointOnCurve
public static boolean isPointOnCurve(ECPublicKey publicKey, ECParameterSpec ecParameterSpec)
Checks if the specified (ephemeral) public key is on the given curve. Intended to prevent an "Invalid Curve Attack", independent from any JCA provider checks (the SUN provider in Java 1.8.0_51+ and BouncyCastle have them, other / older provider do not).See https://www.cs.bris.ac.uk/Research/CryptographySecurity/RWC/2017/nguyen.quan.pdf
- Parameters:
publicKey
- The public EC key. Must not benull
.ecParameterSpec
- The EC spec. Must not benull
.- Returns:
true
if public key passed the curve check.
-
isPointOnCurve
public static boolean isPointOnCurve(BigInteger x, BigInteger y, ECParameterSpec ecParameterSpec)
Checks if the specified (ephemeral) public key is on the given curve. Intended to prevent an "Invalid Curve Attack", independent from any JCA provider checks (the SUN provider in Java 1.8.0_51+ and BouncyCastle have them, other / older provider do not).See https://www.cs.bris.ac.uk/Research/CryptographySecurity/RWC/2017/nguyen.quan.pdf
- Parameters:
x
- The public EC x coordinate. Must not benull
.y
- The public EC y coordinate. Must not benull
.ecParameterSpec
- The EC spec. Must not benull
.- Returns:
true
if public key passed the curve check.
-
-