ECC Component
Properties Methods Events Configuration Settings Errors
The ECC (Elliptic Curve Cryptography) component implements ECDSA (Elliptic Curve Digital Signature Algorithm) and ECDH (Elliptic Curve Diffie Hellman) operations.
Syntax
nsoftware.IPWorksEncrypt.Ecc
Remarks
The ECC (Elliptic Curve Cryptography) component implements ECDSA (Elliptic Curve Digital Signature Algorithm) and ECDH (Elliptic Curve Diffie Hellman) operations.
To begin, first call CreateKey to create a new ECC key if necessary.
An ECC key is made up of a number of individual parameters. When calling CreateKey the Key property is populated with a new private and public key.
After calling Sign the public key must be sent to the recipient along with HashSignature so they may perform signature verification. Likewise you must obtain the public key along with HashSignature in order to perform signature verification.
The public key consists of the following parameters:
The component also includes the PublicKey field which holds the PEM formatted public key for ease of use. This is helpful if you are in control of both sides of the encryption/signing and decryption/signature verification process. When sending the public key to a recipient note that not all implementations will support using the PEM formatted value in PublicKey in which case the individual parameters must be sent.
The private key consists of one value:
The component also include the PrivateKey field which holds the PEM formatted private key for ease of use. This is helpful for storing the private key more easily.ECDH Operations
The component supports computing a shared secret using ECDH. To computing a shared secret first set the RecipientKey property to the other party's public key. Then optionally set KeyDerivationFunction to the desired key derivation function. Finally, call ComputeSecret to compute the shared secret. The SharedSecret property will be populated with the computed secret.
ECDSA Operations
The component supports creating and verifying hash signatures using ECDSA.
To begin set Key to a valid private key. To create a new private key simply call CreateKey.
Select the input file by setting SetInputStream, InputFile, or InputMessage. Next call Sign. The Sign method will automatically compute the hash, and then sign the hash with the specified key.
Send the public key (see CreateKey for details), file, and HashSignature to the recipient.
When verifying a hash signature specify an input file by setting SetInputStream, InputFile, or InputMessage. Set HashSignature to the received hash signature. Then set Key to the public key and call VerifySignature.
To sign a hash or verify a hash signature without recomputing the hash simply set HashValue to the pre-computed hash value before calling Sign or VerifySignature.
Hash Notes
The component will determine whether or not to recompute the hash based on the properties that are set. If a file is specified by SetInputStream, InputFile, or InputMessage the hash will be recomputed when calling Sign or VerifySignature. If the HashValue property is set the component will only sign the hash or verify the hash signature. Setting SetInputStream, InputFile, or InputMessage clears the HashValue property. Setting the HashValue property clears the input file selection.
NOTE: This functionality is only available in Windows.
Property List
The following is the full list of the properties of the component with short descriptions. Click on the links for further details.
HashAlgorithm | The hash algorithm used for hash computation. |
HashSignature | The hash signature. |
HashValue | The hash value of the data. |
InputFile | The file to process. |
InputMessage | The message to process. |
Key | The ECC key. |
KeyDerivationFunction | The key derivation function. |
RecipientKey | The public key used to compute the shared secret. |
SharedSecret | The computed shared secret. |
SignerKey | The public key used to verify the signature. |
UseHex | Whether HashValue and HashSignature are hex encoded. |
Method List
The following is the full list of the methods of the component with short descriptions. Click on the links for further details.
ComputeSecret | Computes a shared secret. |
Config | Sets or retrieves a configuration setting . |
CreateKey | Creates a new key. |
Reset | Resets the component. |
SetInputStream | Sets the stream from which the component will read data to encrypt or decrypt. |
Sign | Creates a hash signature. |
VerifySignature | Verifies the signature for the specified data. |
Event List
The following is the full list of the events fired by the component with short descriptions. Click on the links for further details.
Error | Information about errors during data delivery. |
Progress | Fired as progress is made. |
Configuration Settings
The following is a list of configuration settings for the component with short descriptions. Click on the links for further details.
KeySize | The size, in bits, of the secret key. |
Curve | The elliptic curve. |
CNGECDSAKey | The CNG ECDSA key. |
CNGECDHKey | The CNG ECDH key. |
PrependSecret | An optional string to prepend to the secret agreement. |
AppendSecret | An optional string to append to the secret agreement. |
HMACKey | A key to use when generating a Hash-based Message Authentication Code (HMAC). |
TLSSeed | The TLS PRF Seed. |
TLSLabel | The TLS PRF label. |
CodePage | The system code page used for Unicode to Multibyte translations. |