Implemented ECEIS.

Author: joshmg

Diff for: build.gradle

@@ -18,16 +18,15 @@ dependencies {
     implementation group: 'org.bouncycastle',           name: 'bcprov-jdk15on',         version: '1.62'
     implementation group: 'org.bouncycastle',           name: 'bcpg-jdk15on',           version: '1.62'
 
-    implementation group: 'com.github.softwareverde',   name: 'java-util',              version: 'v2.1.0'
+    implementation group: 'com.github.softwareverde',   name: 'java-util',              version: 'v2.1.3'
     implementation group: 'com.github.softwareverde',   name: 'java-logging',           version: 'v2.1.0'
 
     implementation group: 'commons-codec',              name: 'commons-codec',          version: '1.13'
 
-    testCompile group: 'junit', name: 'junit', version: '4.12'
+    testImplementation group: 'junit', name: 'junit', version: '4.12'
 }
 
 test {
     maxHeapSize = "4096m"
-    jvmArgs "-XX:MaxPermSize=4096m"
     jvmArgs "-XX:MaxMetaspaceSize=4096m"
 }

Diff for: gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,6 @@
+#Fri May 15 17:54:33 EDT 2020
+distributionUrl=https\://services.gradle.org/distributions/gradle-6.4.1-all.zip
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-5.1.1-bin.zip
-zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
+zipStoreBase=GRADLE_USER_HOME

Diff for: gradlew

@@ -1,5 +1,21 @@
 #!/usr/bin/env sh
 
+#
+# Copyright 2015 the original author or authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
 ##############################################################################
 ##
 ##  Gradle start up script for UN*X
@@ -28,7 +44,7 @@ APP_NAME="Gradle"
 APP_BASE_NAME=`basename "$0"`
 
 # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-DEFAULT_JVM_OPTS='"-Xmx64m"'
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD="maximum"
@@ -66,6 +82,7 @@ esac
 
 CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
 
+
 # Determine the Java command to use to start the JVM.
 if [ -n "$JAVA_HOME" ] ; then
     if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
@@ -109,10 +126,11 @@ if $darwin; then
     GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
 fi
 
-# For Cygwin, switch paths to Windows format before running java
-if $cygwin ; then
+# For Cygwin or MSYS, switch paths to Windows format before running java
+if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then
     APP_HOME=`cygpath --path --mixed "$APP_HOME"`
     CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
+
     JAVACMD=`cygpath --unix "$JAVACMD"`
 
     # We build the pattern for arguments to be converted via cygpath
@@ -138,19 +156,19 @@ if $cygwin ; then
         else
             eval `echo args$i`="\"$arg\""
         fi
-        i=$((i+1))
+        i=`expr $i + 1`
     done
     case $i in
-        (0) set -- ;;
-        (1) set -- "$args0" ;;
-        (2) set -- "$args0" "$args1" ;;
-        (3) set -- "$args0" "$args1" "$args2" ;;
-        (4) set -- "$args0" "$args1" "$args2" "$args3" ;;
-        (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
-        (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
-        (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
-        (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
-        (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
+        0) set -- ;;
+        1) set -- "$args0" ;;
+        2) set -- "$args0" "$args1" ;;
+        3) set -- "$args0" "$args1" "$args2" ;;
+        4) set -- "$args0" "$args1" "$args2" "$args3" ;;
+        5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
+        6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
+        7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
+        8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
+        9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
     esac
 fi
 
@@ -159,14 +177,9 @@ save () {
     for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
     echo " "
 }
-APP_ARGS=$(save "$@")
+APP_ARGS=`save "$@"`
 
 # Collect all arguments for the java command, following the shell quoting and substitution rules
 eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
 
-# by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong
-if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then
-  cd "$(dirname "$0")"
-fi
-
 exec "$JAVACMD" "$@"

Diff for: gradlew.bat

@@ -1,3 +1,19 @@
+@rem
+@rem Copyright 2015 the original author or authors.
+@rem
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem      https://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+@rem
+
 @if "%DEBUG%" == "" @echo off
 @rem ##########################################################################
 @rem
@@ -13,8 +29,11 @@ if "%DIRNAME%" == "" set DIRNAME=.
 set APP_BASE_NAME=%~n0
 set APP_HOME=%DIRNAME%
 
+@rem Resolve any "." and ".." in APP_HOME to make it shorter.
+for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
+
 @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-set DEFAULT_JVM_OPTS="-Xmx64m"
+set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
 
 @rem Find java.exe
 if defined JAVA_HOME goto findJavaFromJavaHome
@@ -65,6 +84,7 @@ set CMD_LINE_ARGS=%*
 
 set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
 
+
 @rem Execute Gradle
 "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
 

Diff for: src/main/java/com/softwareverde/security/hash/sha512/ImmutableSha512Hash.java

@@ -0,0 +1,56 @@
+package com.softwareverde.security.hash.sha512;
+
+import com.softwareverde.constable.Const;
+import com.softwareverde.logging.Logger;
+import com.softwareverde.security.hash.ImmutableHash;
+import com.softwareverde.util.ByteUtil;
+import com.softwareverde.util.HexUtil;
+
+public class ImmutableSha512Hash extends ImmutableHash implements Sha512Hash, Const {
+    public static ImmutableSha512Hash fromHexString(final String hexString) {
+        if (hexString == null) { return null; }
+
+        final byte[] hashBytes = HexUtil.hexStringToByteArray(hexString);
+        if (hashBytes == null) { return null; }
+        if (hashBytes.length != BYTE_COUNT) { return null; }
+
+        return new ImmutableSha512Hash(hashBytes);
+    }
+
+    public static ImmutableSha512Hash copyOf(final byte[] bytes) {
+        if (bytes == null) { return null; }
+        if (bytes.length != BYTE_COUNT) {
+            Logger.warn("NOTICE: Unable to wrap bytes as hash. Invalid byte count: "+ bytes.length);
+            return null;
+        }
+        return new ImmutableSha512Hash(bytes);
+    }
+
+    protected ImmutableSha512Hash(final byte[] bytes) {
+        super(new byte[BYTE_COUNT]);
+
+        if (bytes.length != BYTE_COUNT) {
+            throw new RuntimeException("Invalid byte count: " + bytes.length);
+        }
+
+        ByteUtil.setBytes(_bytes, bytes);
+    }
+
+    public ImmutableSha512Hash() {
+        super(new byte[BYTE_COUNT]);
+    }
+
+    public ImmutableSha512Hash(final Sha512Hash hash) {
+        super(hash);
+    }
+
+    @Override
+    public MutableSha512Hash toReversedEndian() {
+        return MutableSha512Hash.wrap(ByteUtil.reverseEndian(_bytes));
+    }
+
+    @Override
+    public ImmutableSha512Hash asConst() {
+        return this;
+    }
+}

Diff for: src/main/java/com/softwareverde/security/hash/sha512/MutableSha512Hash.java

@@ -0,0 +1,77 @@
+package com.softwareverde.security.hash.sha512;
+
+import com.softwareverde.logging.Logger;
+import com.softwareverde.security.hash.MutableHash;
+import com.softwareverde.util.ByteUtil;
+import com.softwareverde.util.HexUtil;
+
+public class MutableSha512Hash extends MutableHash implements Sha512Hash {
+    public static MutableSha512Hash fromHexString(final String hexString) {
+        if (hexString == null) { return null; }
+
+        final byte[] hashBytes = HexUtil.hexStringToByteArray(hexString);
+        return MutableSha512Hash.wrap(hashBytes);
+    }
+
+    public static MutableSha512Hash wrap(final byte[] bytes) {
+        if (bytes == null) { return null; }
+
+        if (bytes.length != BYTE_COUNT) {
+            Logger.warn("NOTICE: Unable to wrap bytes as hash. Invalid byte count: " + bytes.length);
+            return null;
+        }
+        return new MutableSha512Hash(bytes);
+    }
+
+    public static MutableSha512Hash copyOf(final byte[] bytes) {
+        if (bytes == null) { return null; }
+
+        if (bytes.length != BYTE_COUNT) {
+            Logger.warn("NOTICE: Unable to wrap bytes as hash. Invalid byte count: " + bytes.length);
+            return null;
+        }
+        return new MutableSha512Hash(ByteUtil.copyBytes(bytes));
+    }
+
+    protected MutableSha512Hash(final byte[] bytes) {
+        super(bytes);
+
+        if (bytes.length != BYTE_COUNT) {
+            throw new RuntimeException("Invalid byte count: " + bytes.length);
+        }
+    }
+
+    public MutableSha512Hash() {
+        super(BYTE_COUNT);
+    }
+
+    public MutableSha512Hash(final Sha512Hash hash) {
+        super(hash);
+    }
+
+    @Override
+    public MutableSha512Hash toReversedEndian() {
+        return MutableSha512Hash.wrap(ByteUtil.reverseEndian(_bytes));
+    }
+
+    public void setBytes(final byte[] bytes) {
+        if (bytes.length != BYTE_COUNT) {
+            Logger.warn("NOTICE: Attempted to set hash bytes of incorrect length: " + bytes.length);
+            return;
+        }
+
+        if (_bytes.length != bytes.length) {
+            _bytes = new byte[bytes.length];
+        }
+        ByteUtil.setBytes(_bytes, bytes);
+    }
+
+    public void setBytes(final Sha512Hash hash) {
+        ByteUtil.setBytes(_bytes, hash.getBytes());
+    }
+
+    @Override
+    public ImmutableSha512Hash asConst() {
+        return new ImmutableSha512Hash(this);
+    }
+}

Diff for: src/main/java/com/softwareverde/security/hash/sha512/Sha512Hash.java

@@ -0,0 +1,48 @@
+package com.softwareverde.security.hash.sha512;
+
+import com.softwareverde.security.hash.Hash;
+import com.softwareverde.util.ByteUtil;
+
+import java.util.Comparator;
+
+public interface Sha512Hash extends Hash, Comparable<Sha512Hash> {
+    Comparator<Sha512Hash> COMPARATOR = new Comparator<Sha512Hash>() {
+        @Override
+        public int compare(final Sha512Hash hash0, final Sha512Hash hash1) {
+            for (int i = 0; i < BYTE_COUNT; ++i) {
+                final int b0 = ByteUtil.byteToInteger(hash0.getByte(i));
+                final int b1 = ByteUtil.byteToInteger(hash1.getByte(i));
+
+                if (b0 < b1) { return -1; }
+                if (b0 > b1) { return 1; }
+            }
+            return 0;
+        }
+    };
+
+    static Sha512Hash fromHexString(final String hexString) {
+        return ImmutableSha512Hash.fromHexString(hexString);
+    }
+
+    static Sha512Hash copyOf(final byte[] bytes) {
+        return ImmutableSha512Hash.copyOf(bytes);
+    }
+
+    static Sha512Hash wrap(final byte[] bytes) {
+        return MutableSha512Hash.wrap(bytes);
+    }
+
+    Integer BYTE_COUNT = 64;
+    ImmutableSha512Hash EMPTY_HASH = new ImmutableSha512Hash();
+
+    @Override
+    Sha512Hash toReversedEndian();
+
+    @Override
+    ImmutableSha512Hash asConst();
+
+    @Override
+    default int compareTo(final Sha512Hash sha512Hash) {
+        return COMPARATOR.compare(this, sha512Hash);
+    }
+}

Diff for: src/main/java/com/softwareverde/security/secp256k1/Ecies.java

@@ -0,0 +1,226 @@
+package com.softwareverde.security.secp256k1;
+
+import com.softwareverde.constable.bytearray.ByteArray;
+import com.softwareverde.constable.bytearray.MutableByteArray;
+import com.softwareverde.logging.Logger;
+import com.softwareverde.security.hash.sha512.Sha512Hash;
+import com.softwareverde.security.secp256k1.key.PrivateKey;
+import com.softwareverde.security.secp256k1.key.PublicKey;
+import com.softwareverde.security.util.HashUtil;
+import com.softwareverde.util.Util;
+import com.softwareverde.util.bytearray.ByteArrayBuilder;
+import org.bouncycastle.math.ec.ECCurve;
+import org.bouncycastle.math.ec.ECPoint;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.math.BigInteger;
+import java.security.spec.AlgorithmParameterSpec;
+
+public class Ecies {
+    protected static ByteArray substring(final ByteArray byteArray, final Integer offset) {
+        final int byteCount = (byteArray.getByteCount() - offset);
+        return ByteArray.wrap(byteArray.getBytes(offset, byteCount));
+    }
+
+    public static class Aes {
+        public static final String KEY_ALGORITHM = "AES";
+        public static final String ENCRYPTION_CIPHER = "AES/CBC/PKCS7Padding";
+        public static final Integer INITIALIZATION_VECTOR_BYTE_COUNT = 16;
+
+        public static ByteArray encrypt(final ByteArray data, final PrivateKey key, final ByteArray initializationVectorBytes) {
+            try {
+                final SecretKey secretKey = new SecretKeySpec(key.getBytes(), 0, key.getByteCount(), KEY_ALGORITHM);
+
+                final Cipher aesCipher = Cipher.getInstance(ENCRYPTION_CIPHER);
+                final AlgorithmParameterSpec initializationVector = new IvParameterSpec(initializationVectorBytes.getBytes());
+                aesCipher.init(Cipher.ENCRYPT_MODE, secretKey, initializationVector);
+                final byte[] cipherText = aesCipher.doFinal(data.getBytes());
+
+                final ByteArrayBuilder byteArrayBuilder = new ByteArrayBuilder();
+                byteArrayBuilder.appendBytes(initializationVectorBytes);
+                byteArrayBuilder.appendBytes(cipherText);
+                return byteArrayBuilder;
+            }
+            catch (final Exception exception) {
+                Logger.error("Unable to encrypt data.", exception);
+                return null;
+            }
+        }
+
+        public static ByteArray decrypt(final ByteArray data, final ByteArray key) {
+            try {
+                final SecretKey secretKey = new SecretKeySpec(key.getBytes(), 0, key.getByteCount(), KEY_ALGORITHM);
+
+                final byte[] initializationVectorBytes = data.getBytes(0, INITIALIZATION_VECTOR_BYTE_COUNT);
+                final AlgorithmParameterSpec initializationVector = new IvParameterSpec(initializationVectorBytes);
+                final ByteArray encryptedData = Ecies.substring(data, INITIALIZATION_VECTOR_BYTE_COUNT);
+
+                final Cipher aesCipher = Cipher.getInstance(ENCRYPTION_CIPHER);
+                aesCipher.init(Cipher.DECRYPT_MODE, secretKey, initializationVector);
+                return ByteArray.wrap(aesCipher.doFinal(encryptedData.getBytes()));
+            }
+            catch (final Exception exception) {
+                Logger.error("Unable to decrypt data.", exception);
+                return null;
+            }
+        }
+    }
+    protected final PrivateKey _localPrivateKey;
+    protected final PublicKey _remotePublicKey;
+    protected Boolean _includePublicKey = false;
+
+    protected Sha512Hash _getK() {
+        final ECCurve curve = Secp256k1.CURVE_DOMAIN.getCurve();
+        final PublicKey decompressedPublicKey = _remotePublicKey.decompress();
+        final ECPoint KB = curve.decodePoint(decompressedPublicKey.getBytes());
+        final ECPoint P = KB.multiply(new BigInteger(1, _localPrivateKey.getBytes()));
+        final BigInteger S = P.normalize().getXCoord().toBigInteger();
+        final MutableByteArray sBytes = new MutableByteArray(32);
+        sBytes.setBytes(0, S.toByteArray());
+
+        return HashUtil.sha512(sBytes);
+    }
+
+    protected PrivateKey _getFirstK() {
+        final Sha512Hash k = _getK();
+        return PrivateKey.fromBytes(k.getBytes(0, PrivateKey.KEY_BYTE_COUNT));
+    }
+
+    protected PrivateKey _getLastK() {
+        final Sha512Hash k = _getK();
+        return PrivateKey.fromBytes(Ecies.substring(k, PrivateKey.KEY_BYTE_COUNT));
+    }
+
+    public Ecies(final PrivateKey privateKey, final PublicKey recipientPublicKey) {
+        _localPrivateKey = privateKey;
+        _remotePublicKey = recipientPublicKey;
+    }
+
+    public void setIncludePublicKey(final Boolean includePublicKey) {
+        _includePublicKey = includePublicKey;
+    }
+
+    public Boolean getIncludePublicKey() {
+        return _includePublicKey;
+    }
+
+    public ByteArray encrypt(final ByteArray message) {
+        return this.encrypt(message, null);
+    }
+
+    public ByteArray encrypt(final ByteArray message, final ByteArray nullableInitializationVector) {
+        final PublicKey sendersPublicKey;
+        {
+            final PublicKey uncompressedPublicKey = _localPrivateKey.getPublicKey();
+            sendersPublicKey = uncompressedPublicKey.compress();
+        }
+
+        final ByteArray initializationVector;
+        {
+            final ByteArray hmac = (nullableInitializationVector != null ? nullableInitializationVector : HashUtil.sha256Hmac(message, _localPrivateKey));
+            initializationVector = ByteArray.wrap(hmac.getBytes(0, Aes.INITIALIZATION_VECTOR_BYTE_COUNT));
+        }
+
+        final ByteArray c;
+        {
+            final PrivateKey kE = _getFirstK();
+            c = Aes.encrypt(message, kE, initializationVector);
+            if (c == null) { return null; }
+        }
+
+        final ByteArray d;
+        {
+            final ByteArray ct = Ecies.substring(c, Aes.INITIALIZATION_VECTOR_BYTE_COUNT);
+            final ByteArrayBuilder hmacPreImage = new ByteArrayBuilder();
+            {
+                hmacPreImage.appendBytes(initializationVector);
+                if (_includePublicKey) {
+                    hmacPreImage.appendBytes(sendersPublicKey);
+                }
+                hmacPreImage.appendBytes(ct);
+            }
+
+            final PrivateKey kM = _getLastK();
+            d = HashUtil.sha256Hmac(hmacPreImage, kM);
+        }
+
+        final ByteArrayBuilder result = new ByteArrayBuilder();
+        {
+            if (_includePublicKey) {
+                result.appendBytes(sendersPublicKey);
+            }
+            result.appendBytes(c);
+            result.appendBytes(d);
+        }
+
+        return result;
+    }
+
+    public ByteArray decrypt(final ByteArray data) {
+        final int publicKeyByteCount;
+        final PublicKey sendersPublicKey;
+        if (_includePublicKey) {
+            final ByteArray publicKeyBytes;
+            if (Util.areEqual(PublicKey.UNCOMPRESSED_FIRST_BYTE, data.getByte(0))) {
+                publicKeyBytes = ByteArray.wrap(data.getBytes(0, PublicKey.UNCOMPRESSED_BYTE_COUNT));
+                publicKeyByteCount = PublicKey.UNCOMPRESSED_BYTE_COUNT;
+            }
+            else {
+                publicKeyBytes = ByteArray.wrap(data.getBytes(0, PublicKey.COMPRESSED_BYTE_COUNT));
+                publicKeyByteCount = PublicKey.COMPRESSED_BYTE_COUNT;
+            }
+            sendersPublicKey = PublicKey.fromBytes(publicKeyBytes).compress();
+            if ((sendersPublicKey == null) || (! sendersPublicKey.isValid())) { return null; }
+
+            final PublicKey publicKey = _localPrivateKey.getPublicKey();
+            if ( (! Util.areEqual(publicKey.compress(), sendersPublicKey)) && (! Util.areEqual(_remotePublicKey.compress(), sendersPublicKey)) ) {
+                return null;
+            }
+        }
+        else {
+            publicKeyByteCount = 0;
+            sendersPublicKey = null; // _remotePublicKey;
+        }
+
+        final int hmacByteCount = 32;
+
+        final ByteArray c;
+        {
+            final int cByteCount = (data.getByteCount() - publicKeyByteCount - hmacByteCount);
+            c = ByteArray.wrap(data.getBytes(publicKeyByteCount, cByteCount));
+        }
+
+        final ByteArray d;
+        {
+            final int dOffset = (data.getByteCount() - hmacByteCount);
+            d = Ecies.substring(data, dOffset);
+        }
+
+        final ByteArrayBuilder hmacPreImage = new ByteArrayBuilder();
+        {
+            final ByteArray initializationVector = ByteArray.wrap(c.getBytes(0, Aes.INITIALIZATION_VECTOR_BYTE_COUNT));
+            final ByteArray ct = Ecies.substring(c, Aes.INITIALIZATION_VECTOR_BYTE_COUNT);
+
+            hmacPreImage.appendBytes(initializationVector);
+            if (_includePublicKey) {
+                hmacPreImage.appendBytes(sendersPublicKey);
+            }
+            hmacPreImage.appendBytes(ct);
+        }
+
+        final ByteArray d2;
+        {
+            final PrivateKey kM = _getLastK();
+            d2 = HashUtil.sha256Hmac(hmacPreImage, kM);
+        }
+
+        final boolean checksumMatches = Util.areEqual(d, d2);
+        if (! checksumMatches) { return null; }
+
+        final PrivateKey kE = _getFirstK();
+        return Aes.decrypt(c, kE);
+    }
+}

Diff for: src/main/java/com/softwareverde/security/secp256k1/key/PublicKey.java

@@ -15,6 +15,13 @@
 import java.math.BigInteger;
 
 public class PublicKey extends ImmutableByteArray implements Const {
+    public static final byte UNCOMPRESSED_FIRST_BYTE = (byte) 0x04;
+    public static final byte COMPRESSED_FIRST_BYTE_0 = (byte) 0x02;
+    public static final byte COMPRESSED_FIRST_BYTE_1 = (byte) 0x03;
+
+    public static final Integer COMPRESSED_BYTE_COUNT = 33;
+    public static final Integer UNCOMPRESSED_BYTE_COUNT = 65;
+
     public static PublicKey fromBytes(final ByteArray bytes) {
         if (bytes == null) { return null; }
 
@@ -111,17 +118,17 @@ public static PublicKey fromSignature(final Signature signature, final Sha256Has
     }
 
     protected Boolean _isCompressed() {
-        if (_bytes.length != 33) { return false; }
+        if (_bytes.length != COMPRESSED_BYTE_COUNT) { return false; }
 
         final byte firstByte = _bytes[0];
-        return ( (firstByte == (byte) 0x02) || (firstByte == (byte) 0x03) );
+        return ( (firstByte == COMPRESSED_FIRST_BYTE_0) || (firstByte == COMPRESSED_FIRST_BYTE_1) );
     }
 
     protected Boolean _isDecompressed() {
-        if (_bytes.length != 65) { return false; }
+        if (_bytes.length != UNCOMPRESSED_BYTE_COUNT) { return false; }
 
         final byte firstByte = _bytes[0];
-        return (firstByte == (byte) 0x04);
+        return (firstByte == UNCOMPRESSED_FIRST_BYTE);
     }
 
     protected PublicKey(final byte[] bytes) {
@@ -155,9 +162,9 @@ public PublicKey compress() {
         if (_bytes.length == 0) { return this; } // NOP
         if (_isCompressed()) { return this; }
 
-        final Integer coordinateByteCount = ((_bytes.length - 1) / 2);
+        final int coordinateByteCount = ((_bytes.length - 1) / 2);
 
-        final Integer prefixByteCount = 1;
+        final int prefixByteCount = 1;
         // final byte prefix = _bytes[0];
         final byte[] publicKeyPointX = new byte[coordinateByteCount];
         final byte[] publicKeyPointY = new byte[coordinateByteCount];
@@ -167,7 +174,7 @@ public PublicKey compress() {
                 publicKeyPointY[i] = _bytes[prefixByteCount + coordinateByteCount + i];
             }
         }
-        final Boolean yCoordinateIsEven = ((publicKeyPointY[coordinateByteCount - 1] & 0xFF) % 2 == 0);
+        final boolean yCoordinateIsEven = ((publicKeyPointY[coordinateByteCount - 1] & 0xFF) % 2 == 0);
         final byte compressedPublicKeyPrefix = (yCoordinateIsEven ? (byte) 0x02 : (byte) 0x03);
         final byte[] compressedPublicKeyPoint = new byte[coordinateByteCount + prefixByteCount];
         {

Diff for: src/main/java/com/softwareverde/security/secp256k1/signature/Secp256k1Signature.java

@@ -41,7 +41,7 @@ protected static byte[] _toDerEncodedInteger(final ByteArray byteArray) {
             return bytes;
         }
 
-        final Integer skippedByteCount;
+        final int skippedByteCount;
         {
             int firstNonZeroIndex = 0;
             for (int i = 0; i < byteArray.getByteCount(); ++i) {

Diff for: src/main/java/com/softwareverde/security/util/HashUtil.java

@@ -5,12 +5,24 @@
 import com.softwareverde.security.hash.murmur.MurmurHashUtil;
 import com.softwareverde.security.hash.ripemd160.MutableRipemd160Hash;
 import com.softwareverde.security.hash.sha256.MutableSha256Hash;
+import com.softwareverde.security.hash.sha256.Sha256Hash;
+import com.softwareverde.security.hash.sha512.MutableSha512Hash;
+import com.softwareverde.security.secp256k1.key.PrivateKey;
 import org.bouncycastle.crypto.digests.RIPEMD160Digest;
+import org.bouncycastle.crypto.digests.SHA256Digest;
+import org.bouncycastle.crypto.macs.HMac;
+import org.bouncycastle.crypto.params.KeyParameter;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
 
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
+import java.security.Security;
 
 public class HashUtil {
+    static {
+        Security.addProvider(new BouncyCastleProvider());
+    }
+
     protected HashUtil() { }
 
     public static byte[] md5(final byte[] data) {
@@ -41,7 +53,13 @@ public static ByteArray sha1(final ByteArray data) {
         return MutableByteArray.wrap(HashUtil.sha1(data.getBytes()));
     }
 
-    public static byte[] sha256(final byte[] data) {
+    /**
+     * Uses Java's native implementation of SHA256.
+     *  This implementation is faster than BouncyCastle's implementation,
+     *  however, it has poor performance when parallelized across multiple
+     *  threads since it has an internal lock.
+     */
+    public static byte[] sha256_jvm(final byte[] data) {
         try {
             final MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
             return messageDigest.digest(data);
@@ -51,6 +69,26 @@ public static byte[] sha256(final byte[] data) {
         }
     }
 
+
+    /**
+     * Uses BouncyCastle's implementation of SHA256.
+     *  This implementation is slower than Java's native implementation,
+     *  however, it may be parallelized whereas Java's native implementation
+     *  has an internal lock.
+     */
+    public static byte[] sha256_bc(final byte[] data) {
+        final SHA256Digest messageDigest = new SHA256Digest();
+        messageDigest.update(data, 0, data.length);
+
+        final byte[] hashedBytes = new byte[Sha256Hash.BYTE_COUNT];
+        messageDigest.doFinal(hashedBytes, 0);
+        return hashedBytes;
+    }
+
+    public static byte[] sha256(final byte[] data) {
+        return HashUtil.sha256_jvm(data);
+    }
+
     public static MutableSha256Hash sha256(final ByteArray data) {
         return MutableSha256Hash.wrap(HashUtil.sha256(data.getBytes()));
     }
@@ -70,6 +108,28 @@ public static MutableSha256Hash doubleSha256(final ByteArray data) {
         return MutableSha256Hash.wrap(HashUtil.doubleSha256(data.getBytes()));
     }
 
+    public static ByteArray sha256Hmac(final ByteArray data, final PrivateKey privateKey) {
+        final HMac hmac = new HMac(new SHA256Digest());
+
+        hmac.init(new KeyParameter(privateKey.getBytes()));
+        final MutableByteArray hmacResult = new MutableByteArray(hmac.getMacSize());
+
+        hmac.update(data.getBytes(), 0, data.getByteCount());
+        hmac.doFinal(hmacResult.unwrap(), 0);
+
+        return hmacResult;
+    }
+
+    public static MutableSha512Hash sha512(final ByteArray data) {
+        try {
+            final MessageDigest messageDigest = MessageDigest.getInstance("SHA-512");
+            return MutableSha512Hash.wrap(messageDigest.digest(data.getBytes()));
+        }
+        catch (final NoSuchAlgorithmException exception) {
+            throw new RuntimeException(exception);
+        }
+    }
+
     public static byte[] ripemd160(final byte[] data) {
         final RIPEMD160Digest ripemd160Digest = new RIPEMD160Digest();
         ripemd160Digest.update(data, 0, data.length);

Diff for: src/test/java/com/softwareverde/security/secp256k1/EciesTests.java

@@ -0,0 +1,64 @@
+package com.softwareverde.security.secp256k1;
+
+import com.softwareverde.constable.bytearray.ByteArray;
+import com.softwareverde.security.secp256k1.key.PrivateKey;
+import com.softwareverde.security.secp256k1.key.PublicKey;
+import com.softwareverde.util.StringUtil;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class EciesTests {
+    @Test
+    public void should_encrypt_and_decrypt_data() {
+        // Setup
+        final PrivateKey sendersPrivateKey = PrivateKey.createNewKey();
+        final PublicKey sendersPublicKey = sendersPrivateKey.getPublicKey();
+
+        final PrivateKey recipientPrivateKey = PrivateKey.createNewKey();
+        final PublicKey recipientPublicKey = recipientPrivateKey.getPublicKey();
+
+        final String message = "Mary had a little lamb.";
+        final ByteArray payload = ByteArray.wrap(StringUtil.stringToBytes(message));
+
+        final Ecies ecies = new Ecies(sendersPrivateKey, recipientPublicKey);
+        final Ecies recipientEcies = new Ecies(recipientPrivateKey, sendersPublicKey);
+
+        // Action
+        final ByteArray encryptedPayload = ecies.encrypt(payload);
+        final ByteArray decryptedPayload = recipientEcies.decrypt(encryptedPayload);
+
+        // Assert
+        Assert.assertEquals(payload, decryptedPayload);
+    }
+
+    @Test
+    public void bitcore_test() {
+        // Setup
+        final PrivateKey alicePrivateKey = PrivateKey.fromHexString("77E06ABC52BF065CB5164C5DECA839D0276911991A2730BE4D8D0A0307DE7CEB");
+        final PrivateKey bobPrivateKey = PrivateKey.fromHexString("2B57C7C5E408CE927EEF5E2EFB49CFDADDE77961D342DAA72284BB3D6590862D");
+        Assert.assertNotNull(alicePrivateKey);
+        Assert.assertNotNull(bobPrivateKey);
+
+        final ByteArray message = ByteArray.wrap(StringUtil.stringToBytes("attack at dawn"));
+        // 0339E504D6492B082DA96E11E8F039796B06CD4855C101E2492A6F10F3E056A9E712C732611C6917AB5C57A1926973BC44A1586E94A783F81D05CE72518D9B0A80E2E13C7FF7D1306583F9CC7A48DEF5B37FBF2D5F294F128472A6E9C78DEDE5F5
+        final ByteArray expectedEncryptedValue = ByteArray.fromHexString("12C732611C6917AB5C57A1926973BC44A1586E94A783F81D05CE72518D9B0A80E2E13C7FF7D1306583F9CC7A48DEF5B37FBF2D5F294F128472A6E9C78DEDE5F5");
+
+        final Ecies senderEcies = new Ecies(alicePrivateKey, bobPrivateKey.getPublicKey().compress());
+        senderEcies.setIncludePublicKey(false);
+
+        final Ecies receiverEcies = new Ecies(bobPrivateKey, alicePrivateKey.getPublicKey());
+        receiverEcies.setIncludePublicKey(false);
+
+        // Action
+        final ByteArray encryptedValue = senderEcies.encrypt(message);
+        final ByteArray decryptedValue = receiverEcies.decrypt(encryptedValue);
+
+        // Assert
+        Assert.assertNotNull(encryptedValue);
+        Assert.assertEquals(expectedEncryptedValue, encryptedValue);
+
+        Assert.assertNotNull(decryptedValue);
+        Assert.assertEquals(message, decryptedValue);
+
+    }
+}

Diff for: src/test/java/com/softwareverde/security/util/HashUtilTests.java

@@ -1,14 +1,15 @@
 package com.softwareverde.security.util;
 
-import com.softwareverde.constable.bytearray.ByteArray;
-import com.softwareverde.constable.bytearray.MutableByteArray;
-import com.softwareverde.security.hash.sha256.Sha256Hash;
-import org.junit.Assert;
-import org.junit.Test;
+import com.softwareverde.constable.bytearray.*;
+import com.softwareverde.security.hash.sha256.*;
+import com.softwareverde.security.hash.sha512.Sha512Hash;
+import com.softwareverde.util.*;
+import com.softwareverde.util.timer.*;
+import org.junit.*;
 
 public class HashUtilTests {
     @Test
-    public void should_hash_sha256_in_place() {
+    public void should_hash_sha256() {
         // Setup
         final byte[] preImage = new byte[]{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09 };
         final ByteArray expectedBytes = MutableByteArray.wrap(HashUtil.sha256(HashUtil.sha256(preImage)));
@@ -19,4 +20,150 @@ public void should_hash_sha256_in_place() {
         // Assert
         Assert.assertEquals(expectedBytes, doubleSha256Hash);
     }
-}
+
+    @Test
+    public void should_hash_sha256_string() {
+        // Setup
+        final byte[] preImage = StringUtil.stringToBytes("Mary had a little lamb.");
+        final ByteArray expectedBytes = ByteArray.fromHexString("D2FC16A1F51A653AA01964EF9C923336E10653FEC195F493458B3B21890E1B97");
+
+        // Action
+        final Sha256Hash sha256Hash = HashUtil.sha256(MutableByteArray.wrap(preImage));
+
+        // Assert
+        Assert.assertEquals(expectedBytes, sha256Hash);
+    }
+
+    static class HasherThread extends Thread {
+        protected final NanoTimer _timer;
+        protected byte[] _preImage;
+
+        public static HasherThread newInstance(final byte[] bytes, final boolean useBc) {
+            final NanoTimer timer = new NanoTimer();
+            final byte[] preImage = ByteUtil.copyBytes(bytes);
+            final Runnable runnable = new Runnable() {
+                @Override
+                public void run() {
+                    byte[] bytes = preImage;
+                    timer.start();
+                    for (int i = 0; i < 10000000; ++i) {
+                        if (useBc) {
+                            bytes = HashUtil.sha256_bc(bytes);
+                        }
+                        else {
+                            bytes = HashUtil.sha256_jvm(bytes);
+                        }
+                    }
+                    timer.stop();
+                }
+            };
+
+            return new HasherThread(preImage, runnable, timer);
+        }
+
+        protected HasherThread(final byte[] preImage, final Runnable runnable, final NanoTimer timer) {
+            super(runnable);
+            _timer = timer;
+            _preImage = preImage;
+        }
+
+        public Long getMillisecondsElapsed() {
+            return _timer.getMillisecondsElapsed().longValue();
+        }
+    }
+
+    @Test
+    public void time_sha256_jvm_vs_bc() throws Exception {
+        byte[] preImage = new byte[]{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09 };
+
+        final NanoTimer jvmNanoTimer = new NanoTimer();
+        jvmNanoTimer.start();
+        for (int i = 0; i < 10000000; ++i) {
+            preImage = HashUtil.sha256_jvm(preImage);
+        }
+        jvmNanoTimer.stop();
+
+        final NanoTimer bcNanoTimer = new NanoTimer();
+        bcNanoTimer.start();
+        for (int i = 0; i < 10000000; ++i) {
+            preImage = HashUtil.sha256_bc(preImage);
+        }
+        bcNanoTimer.stop();
+
+        System.out.println("JVM: " + jvmNanoTimer.getMillisecondsElapsed());
+        System.out.println(" BC: " + bcNanoTimer.getMillisecondsElapsed());
+
+        final HasherThread[] threads = new HasherThread[2];
+        for (int i = 0; i < threads.length; ++i) {
+            threads[i] = HasherThread.newInstance(preImage, true);
+        }
+
+        final NanoTimer threadedBcTimer = new NanoTimer();
+        threadedBcTimer.start();
+        for (int i = 0; i < threads.length; ++i) {
+            threads[i].start();
+        }
+        for (int i = 0; i < threads.length; ++i) {
+            threads[i].join();
+        }
+        threadedBcTimer.stop();
+
+        for (int i = 0; i < threads.length; ++i) {
+            threads[i] = HasherThread.newInstance(preImage, false);
+        }
+
+        final NanoTimer threadedJvmTimer = new NanoTimer();
+        threadedJvmTimer.start();
+        for (int i = 0; i < threads.length; ++i) {
+            threads[i].start();
+        }
+        for (int i = 0; i < threads.length; ++i) {
+            threads[i].join();
+        }
+        threadedJvmTimer.stop();
+
+        System.out.println("Thread JVM: " + threadedJvmTimer.getMillisecondsElapsed());
+        System.out.println("Thread  BC: " + threadedBcTimer.getMillisecondsElapsed());
+    }
+
+    @Test
+    public void should_hash_sha256_with_threaded_implementation_when_in_use_by_other_thread() {
+        // Setup
+        final byte[] preImage = new byte[]{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09 };
+        final ByteArray expectedBytes = MutableByteArray.wrap(HashUtil.sha256(HashUtil.sha256(preImage)));
+
+        // Action
+        final Sha256Hash doubleSha256Hash = HashUtil.doubleSha256(MutableByteArray.wrap(preImage));
+
+        // Assert
+        Assert.assertEquals(expectedBytes, doubleSha256Hash);
+    }
+
+    @Test
+    public void should_hash_sha512() {
+        // Setup
+        final byte[] preImage = new byte[]{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09 };
+        final ByteArray expectedBytes = ByteArray.fromHexString("0F89EE1FCB7B0A4F7809D1267A029719004C5A5E5EC323A7C3523A20974F9A3F202F56FADBA4CD9E8D654AB9F2E96DC5C795EA176FA20EDE8D854C342F903533");
+
+        // Action
+        final Sha512Hash sha512Hash = HashUtil.sha512(MutableByteArray.wrap(preImage));
+        System.out.println(sha512Hash);
+
+        // Assert
+        Assert.assertEquals(expectedBytes, sha512Hash);
+    }
+
+    @Test
+    public void should_hash_sha512_string() {
+        // Setup
+        final byte[] preImage = StringUtil.stringToBytes("Mary had a little lamb.");
+        final ByteArray expectedBytes = ByteArray.fromHexString("35154F15409907FD431E20ABAD63EFB35F7992C71A847E70DB0AA95D13D51279D489C6A4BFBFA57F03E114BAC5808A8AFF1C666818C5FAF8225CE4C27D22BFC3");
+
+        // Action
+        final Sha512Hash sha512Hash = HashUtil.sha512(MutableByteArray.wrap(preImage));
+        System.out.println(sha512Hash);
+
+        // Assert
+        Assert.assertEquals(expectedBytes, sha512Hash);
+    }
+}