Click here to Skip to main content
14,084,762 members
Click here to Skip to main content
Add your own
alternative version


7 bookmarked
Posted 28 Oct 2016
Licenced CPOL

C# Elliptical Curve Cryptography with Bouncy Castle Curve P-128

, 28 Oct 2016
Rate this:
Please Sign up or sign in to vote.
Tweaking of the Bouncy Castle library to make it work with SecP128r1 curve1251


Bouncy castle is the most popular among very few Elliptical Curve Cryptography open source libraries available out there for C#, but there are some limitations, it doesn't support the generation of the p-128 curve keys. This article helps in tweaking the Bouncy Castle to support P-128 curve.


Elliptic curve cryptography (ECC) is an approach to public key cryptography based on the algebraic structure of elliptical over infinite fields. It represents a different way to do public-key cryptography, an alternative to the older RSA system and also offers certain advantages. It is popular in news as known to be used by FBI.

Very few open source libraries available for the ECC in C#, Bouncy Castle is the most widely used one, but as of now, it is not supporting P-128 curve.

Using the Code

Let's get started, generally generation of Bouncy castle key pair is as below GenerateKeys method.

public AsymmetricCipherKeyPair GenerateKeys(int keySize)
    //using ECDSA algorithm for the key generation
    var gen = new CEBA.Org.BouncyCastle.Crypto.Generators.ECKeyPairGenerator("ECDSA");

    //Creating Random
    var secureRandom = new SecureRandom();

    //Parameters creation using the random and keysize
    var keyGenParam = new KeyGenerationParameters(secureRandom, keySize);

    //Initializing generation algorithm with the Parameters--This method Init i modified

    //Generation of Key Pair
    return gen.GenerateKeyPair();

/// <summary>
/// This method creates 256 bit keys and creates the 
/// public/private key pair (if they are not yet created only)
/// </summary>
private void GeneratePKeys(int intSize)
    //Generating p-128 keys 128 specifies strength
    var keyPair = GenerateKeys(intSize);
    TextWriter textWriter = new StringWriter();
    Org.BouncyCastle.OpenSsl.PemWriter pemWriter = 
    new Org.BouncyCastle.OpenSsl.PemWriter(textWriter);
    string privateKey = textWriter.ToString();
    txtPrivateKey.Text = privateKey;
    ECPrivateKeyParameters privateKeyParam = (ECPrivateKeyParameters)keyPair.Private;
    txtD.Text = privateKeyParam.D.ToString();

    textWriter = new StringWriter();
    pemWriter = new Org.BouncyCastle.OpenSsl.PemWriter(textWriter);

    ECPublicKeyParameters publicKeyParam = (ECPublicKeyParameters)keyPair.Public;
    string publickey = textWriter.ToString();

    txtPublicKey.Text = publickey;
    txtX.Text = publicKeyParam.Q.X.ToBigInteger().ToString();
    txtY.Text = publicKeyParam.Q.Y.ToBigInteger().ToString();

The Bouncy castle class libraries consists of absract class SecObjectIdentifiers which has the supported curve types.

In the below sample, I tweaked class CEBA.Org.BouncyCastle.Crypto.Generators.ECKeyPairGenerator for the SecP128r1 curve.

using System;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Nist;
using Org.BouncyCastle.Asn1.Sec;
using Org.BouncyCastle.Asn1.TeleTrust;
using Org.BouncyCastle.Asn1.X9;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.EC;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Math.EC;
using Org.BouncyCastle.Math.EC.Multiplier;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities;
using System.Drawing;
using System.Windows.Forms;
using System.Drawing.Drawing2D;

//This is tweaked code used same name namespace 
namespace CEBA.Org.BouncyCastle.Crypto.Generators
    public class ECKeyPairGenerator: IAsymmetricCipherKeyPairGenerator
        private readonly string algorithm;

        private ECDomainParameters parameters;
        private DerObjectIdentifier publicKeyParamSet;
        private SecureRandom random;

        public ECKeyPairGenerator()
            : this("EC")

        public ECKeyPairGenerator(
            string algorithm)
            if (algorithm == null)
                throw new ArgumentNullException("algorithm");

            this.algorithm = algorithm;

        /// <summary>
        /// Init method of the class 
        /// CEBA.Org.BouncyCastle.Crypto.Generators.ECKeyPairGenerator updated as below
        /// </summary>
        /// <param name="parameters"></param>
        public void Init(KeyGenerationParameters parameters)
            if (parameters is ECKeyGenerationParameters)
                ECKeyGenerationParameters ecP = (ECKeyGenerationParameters)parameters;

                this.publicKeyParamSet = ecP.PublicKeyParamSet;
                this.parameters = ecP.DomainParameters;
                DerObjectIdentifier oid;
                switch (parameters.Strength)
                    case 192:
                        oid = X9ObjectIdentifiers.Prime192v1;
                    case 224:
                        oid = SecObjectIdentifiers.SecP224r1;
                    //This case 128 won't be available in the Bouncy castle source, i added this case
                    case 128:
                        oid = SecObjectIdentifiers.SecP128r1;

                    case 239:
                        oid = X9ObjectIdentifiers.Prime239v1;
                    case 256:
                        oid = X9ObjectIdentifiers.Prime256v1;
                    case 384:
                        oid = SecObjectIdentifiers.SecP384r1;
                    case 521:
                        oid = SecObjectIdentifiers.SecP521r1;
                        throw new InvalidParameterException("unknown key size.");

                X9ECParameters ecps = FindECCurveByOid(oid);

                this.publicKeyParamSet = oid;
                this.parameters = new ECDomainParameters(
                    ecps.Curve, ecps.G, ecps.N, ecps.H, ecps.GetSeed());

            this.random = parameters.Random;

            if (this.random == null)
                this.random = new SecureRandom();

         * Given the domain parameters this routine generates an EC key
         * pair in accordance with X9.62 section 5.2.1 pages 26, 27.
        public AsymmetricCipherKeyPair GenerateKeyPair()
            BigInteger n = parameters.N;
            BigInteger d;
            int minWeight = n.BitLength >> 2;

            for (; ; )
                d = new BigInteger(n.BitLength, random);

                if (d.CompareTo(BigInteger.Two) < 0 || d.CompareTo(n) >= 0)

                if (WNafUtilities.GetNafWeight(d) < minWeight)


            ECPoint q = CreateBasePointMultiplier().Multiply(parameters.G, d);

            if (publicKeyParamSet != null)
                return new AsymmetricCipherKeyPair(
                    new ECPublicKeyParameters(algorithm, q, publicKeyParamSet),
                    new ECPrivateKeyParameters(algorithm, d, publicKeyParamSet));

            return new AsymmetricCipherKeyPair(
                new ECPublicKeyParameters(algorithm, q, parameters),
                new ECPrivateKeyParameters(algorithm, d, parameters));

        protected virtual ECMultiplier CreateBasePointMultiplier()
            return new FixedPointCombMultiplier();

        internal static X9ECParameters FindECCurveByOid(DerObjectIdentifier oid)
            // TODO ECGost3410NamedCurves support (returns ECDomainParameters though)

            X9ECParameters ecP = CustomNamedCurves.GetByOid(oid);
            if (ecP == null)
                ecP = ECNamedCurveTable.GetByOid(oid);
            return ecP;

        internal static ECPublicKeyParameters GetCorrespondingPublicKey(
            ECPrivateKeyParameters privKey)
            ECDomainParameters ec = privKey.Parameters;
            ECPoint q = new FixedPointCombMultiplier().Multiply(ec.G, privKey.D);

            if (privKey.PublicKeyParamSet != null)
                return new ECPublicKeyParameters(privKey.AlgorithmName, q, privKey.PublicKeyParamSet);

            return new ECPublicKeyParameters(privKey.AlgorithmName, q, ec);

The sample Windows Form application generates the keys for the selected curve and displays them in the form as below. It displays:

Points of Interest

While learning about how to implement the ECC in C#, I found there are very limited sources available. So I tried this method to make Bouncy castle work with P-128 curve.


  • 28-October-2016: First draft


This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


About the Author

Deepraj Thuraka
Software Developer (Senior) Tollplus India Pvt ltd.
India India
No Biography provided

You may also be interested in...


Comments and Discussions

QuestionDecryption process Pin
Member 1090069129-Nov-18 21:45
memberMember 1090069129-Nov-18 21:45 
QuestionECC Encryption Pin
hamblos8-Nov-17 13:21
memberhamblos8-Nov-17 13:21 
QuestionNo P-128 - so what? :) Pin
Thornik1-Nov-16 14:49
memberThornik1-Nov-16 14:49 
PraiseCool Pin
Slacker00728-Oct-16 23:19
professionalSlacker00728-Oct-16 23:19 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Permalink | Advertise | Privacy | Cookies | Terms of Use | Mobile
Web05 | 2.8.190518.1 | Last Updated 28 Oct 2016
Article Copyright 2016 by Deepraj Thuraka
Everything else Copyright © CodeProject, 1999-2019
Layout: fixed | fluid