public static ECKeyPair create(KeyPair keyPair) { BCECPrivateKey privateKey = (BCECPrivateKey) keyPair.getPrivate(); BCECPublicKey publicKey = (BCECPublicKey) keyPair.getPublic(); BigInteger privateKeyValue = privateKey.getD(); // Ethereum does not use encoded public keys like bitcoin - see // https://en.bitcoin.it/wiki/Elliptic_Curve_Digital_Signature_Algorithm for details // Additionally, as the first bit is a constant prefix (0x04) we ignore this value byte[] publicKeyBytes = publicKey.getQ().getEncoded(false); BigInteger publicKeyValue = new BigInteger(1, Arrays.copyOfRange(publicKeyBytes, 1, publicKeyBytes.length)); return new ECKeyPair(privateKeyValue, publicKeyValue); }
ecParam.getH(), ecParam.getSeed()); KeyFactory keyFactory = KeyFactory.getInstance(ECDSA, BouncyCastleProvider.PROVIDER_NAME); ECPrivateKeySpec keySpec = new ECPrivateKeySpec(((BCECPrivateKey) privateKey).getS(), ecSpec); privateKey = (PrivateKey) keyFactory.generatePrivate(keySpec);
public byte[] serializePrivateKey() throws Exception { switch (this.keyType) { case ECDSA: case SM2: BCECPrivateKey pri = (BCECPrivateKey) this.privateKey; String curveName = Curve.valueOf(pri.getParameters().getCurve()).toString(); byte[] d = new byte[32]; if (pri.getD().toByteArray().length == 33) { System.arraycopy(pri.getD().toByteArray(), 1, d, 0, 32); } else if (pri.getD().toByteArray().length == 31){ d[0] = 0; System.arraycopy(pri.getD().toByteArray(), 0, d, 1, 31); } else { return pri.getD().toByteArray(); } return d; default: // should not reach here throw new Exception(ErrorCode.UnknownKeyType); } }
public boolean equals(Object o) { if (!(o instanceof BCECPrivateKey)) { return false; } BCECPrivateKey other = (BCECPrivateKey)o; return getD().equals(other.getD()) && (engineGetSpec().equals(other.engineGetSpec())); }
/** * 将ECC私钥转换为PKCS8标准的字节流 * * @param priKey * @param pubKey 可以为空,但是如果为空的话得到的结果OpenSSL可能解析不了 * @return */ public static byte[] convertECPrivateKeyToPKCS8(ECPrivateKeyParameters priKey, ECPublicKeyParameters pubKey) { ECDomainParameters domainParams = priKey.getParameters(); ECParameterSpec spec = new ECParameterSpec(domainParams.getCurve(), domainParams.getG(), domainParams.getN(), domainParams.getH()); BCECPublicKey publicKey = null; if (pubKey != null) { publicKey = new BCECPublicKey(ALGO_NAME_EC, pubKey, spec, BouncyCastleProvider.CONFIGURATION); } BCECPrivateKey privateKey = new BCECPrivateKey(ALGO_NAME_EC, priKey, publicKey, spec, BouncyCastleProvider.CONFIGURATION); return privateKey.getEncoded(); }
protected Key engineTranslateKey( Key key) throws InvalidKeyException { if (key instanceof ECPublicKey) { return new BCECPublicKey((ECPublicKey)key, configuration); } else if (key instanceof ECPrivateKey) { return new BCECPrivateKey((ECPrivateKey)key, configuration); } throw new InvalidKeyException("key type unknown"); }
private void writeObject( ObjectOutputStream out) throws IOException { out.defaultWriteObject(); out.writeObject(this.getEncoded()); } }
public byte[] serializePrivateKey() throws Exception { switch (this.keyType) { case ECDSA: case SM2: BCECPrivateKey pri = (BCECPrivateKey) this.privateKey; String curveName = Curve.valueOf(pri.getParameters().getCurve()).toString(); byte[] d = new byte[32]; if (pri.getD().toByteArray().length == 33) { System.arraycopy(pri.getD().toByteArray(), 1, d, 0, 32); } else if (pri.getD().toByteArray().length == 31){ d[0] = 0; System.arraycopy(pri.getD().toByteArray(), 0, d, 1, 31); } else { return pri.getD().toByteArray(); } return d; default: // should not reach here throw new Exception(ErrorCode.UnknownKeyType); } }
public int hashCode() { return getD().hashCode() ^ engineGetSpec().hashCode(); }
public KeyPair generateKeyPair() { if (!initialised) { initialize(strength, new SecureRandom()); } AsymmetricCipherKeyPair pair = engine.generateKeyPair(); ECPublicKeyParameters pub = (ECPublicKeyParameters)pair.getPublic(); ECPrivateKeyParameters priv = (ECPrivateKeyParameters)pair.getPrivate(); if (ecParams instanceof ECParameterSpec) { ECParameterSpec p = (ECParameterSpec)ecParams; BCECPublicKey pubKey = new BCECPublicKey(algorithm, pub, p, configuration); return new KeyPair(pubKey, new BCECPrivateKey(algorithm, priv, pubKey, p, configuration)); } else if (ecParams == null) { return new KeyPair(new BCECPublicKey(algorithm, pub, configuration), new BCECPrivateKey(algorithm, priv, configuration)); } else { java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)ecParams; BCECPublicKey pubKey = new BCECPublicKey(algorithm, pub, p, configuration); return new KeyPair(pubKey, new BCECPrivateKey(algorithm, priv, pubKey, p, configuration)); } }
@Test public void valuesFromGenerator() throws Exception { String dataForSigningStr = "BD6OAA=="; byte[] dataForSigning = Base64.decodeBase64(dataForSigningStr); logger.info("dataForSigning length : " + dataForSigning.length); KeyPair keyPair = KeyCodec.getKeyPair(); BCECPrivateKey priv = (BCECPrivateKey) keyPair.getPrivate(); BCECPublicKey pub = (BCECPublicKey) keyPair.getPublic(); byte[] pubByte = pub.getEncoded(); byte[] privByte = priv.getEncoded(); pub = (BCECPublicKey) KeyCodec.getPubKey(pubByte); priv = (BCECPrivateKey) KeyCodec.getPrivKey(privByte); logger.info("pubByte : " + pubByte.length + " privByte : " + privByte.length); BigInteger[] signatureGen = NamedCurve.signAndFromatToRS(priv, dataForSigning); logger.info("Signature : " + signatureGen); byte[] signatureGenAsn1 = Asn1.getEncoded(signatureGen); logger.info("signatureGenAsn1 length : " + signatureGenAsn1.length + " = " + Base64.encodeBase64URLSafeString(signatureGenAsn1)); byte[] r = signatureGen[0].toByteArray(); byte[] s = signatureGen[1].toByteArray(); logger.info("s length : " + s.length + " r length : " + r.length); String signatureStr = "PAM5wG8-yVfZtE3LhK8WEDCEQCgFIZSK2AxQ0KGBRIzGyzcre6R6SrWlobsW_W_mYGYMJlU-3Y0JOeNTGuNOng=="; byte[] signature = Base64.decodeBase64(signatureStr); logger.info("Signature length : " + signature.length); signatureGen = Asn1.decodeToBigIntegerArray(signatureGenAsn1); assertTrue(NamedCurve.verify(KeyCodec.getKeyAsRawBytes(pub), dataForSigning, signatureGen)); }
/** * 只获取私钥里的d,32字节 * * @param privateKey * @return */ public static byte[] getRawPrivateKey(BCECPrivateKey privateKey) { return fixToCurveLengthBytes(privateKey.getD().toByteArray()); }
public static ECPrivateKeyParameters convertPrivateKeyToParameters(BCECPrivateKey ecPriKey) { ECParameterSpec parameterSpec = ecPriKey.getParameters(); ECDomainParameters domainParameters = new ECDomainParameters(parameterSpec.getCurve(), parameterSpec.getG(), parameterSpec.getN(), parameterSpec.getH()); return new ECPrivateKeyParameters(ecPriKey.getD(), domainParameters); }
public PrivateKey generatePrivate(PrivateKeyInfo keyInfo) throws IOException { ASN1ObjectIdentifier algOid = keyInfo.getPrivateKeyAlgorithm().getAlgorithm(); if (algOid.equals(X9ObjectIdentifiers.id_ecPublicKey)) { return new BCECPrivateKey(algorithm, keyInfo, configuration); } else { throw new IOException("algorithm identifier " + algOid + " in key not recognised"); } }
if (ecSpec == null) orderBitLength = ECUtil.getOrderBitLength(configuration, null, this.getS()); orderBitLength = ECUtil.getOrderBitLength(configuration, ecSpec.getOrder(), this.getS()); keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, this.getS(), publicKey, params); keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, this.getS(), params);
/** * Returns a 32 byte array containing the private key, or null if the key is encrypted or public only * * @return - */ @Nullable public byte[] getPrivKeyBytes() { if (privKey == null) { return null; } else if (privKey instanceof BCECPrivateKey) { return bigIntegerToBytes(((BCECPrivateKey) privKey).getD(), 32); } else { return null; } }
public static PublicKey extractPublicKey(PrivateKey privateKey) { String algorithm = privateKey.getAlgorithm(); try { if (algorithm.equals(RSA.getAlgorithmName())) { KeyFactory keyFactory = KeyFactory.getInstance(RSA.getAlgorithmName(), BouncyCastleProviderHolder.getInstance()); RSAPrivateCrtKey rsaPrivateCrtKey = (RSAPrivateCrtKey) privateKey; RSAPublicKeySpec keySpec = new RSAPublicKeySpec(rsaPrivateCrtKey.getModulus(), rsaPrivateCrtKey.getPublicExponent()); return keyFactory.generatePublic(keySpec); } else if (algorithm.equals(EC.getAlgorithmName())) { KeyFactory keyFactory = KeyFactory.getInstance(EC.getAlgorithmName(), BouncyCastleProviderHolder.getInstance()); BCECPrivateKey ecPrivateKey = (BCECPrivateKey) privateKey; ECParameterSpec ecParameterSpec = ecPrivateKey.getParameters(); ECPoint ecPoint = new FixedPointCombMultiplier().multiply(ecParameterSpec.getG(), ecPrivateKey.getD()); ECPublicKeySpec keySpec = new ECPublicKeySpec(ecPoint, ecParameterSpec); return keyFactory.generatePublic(keySpec); } else { throw new IllegalArgumentException("Unexpected key algorithm: " + algorithm); } } catch (GeneralSecurityException e) { throw new RuntimeException(e); } }
protected PrivateKey engineGeneratePrivate( KeySpec keySpec) throws InvalidKeySpecException { if (keySpec instanceof ECPrivateKeySpec) { return new BCECPrivateKey(algorithm, (ECPrivateKeySpec)keySpec, configuration); } else if (keySpec instanceof java.security.spec.ECPrivateKeySpec) { return new BCECPrivateKey(algorithm, (java.security.spec.ECPrivateKeySpec)keySpec, configuration); } else if (keySpec instanceof OpenSSHPrivateKeySpec) { org.bouncycastle.asn1.sec.ECPrivateKey ecKey = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(((OpenSSHPrivateKeySpec)keySpec).getEncoded()); try { return new BCECPrivateKey(algorithm, new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, ecKey.getParameters()), ecKey), configuration); } catch (IOException e) { throw new InvalidKeySpecException("bad encoding: " + e.getMessage()); } } return super.engineGeneratePrivate(keySpec); }
ecParam.getH(), ecParam.getSeed()); KeyFactory keyFactory = KeyFactory.getInstance(ECDSA, BouncyCastleProvider.PROVIDER_NAME); ECPrivateKeySpec keySpec = new ECPrivateKeySpec(((BCECPrivateKey) privateKey).getS(), ecSpec); privateKey = (PrivateKey) keyFactory.generatePrivate(keySpec);
/** * Produce a string rendering of the ECKey INCLUDING the private key. * Unless you absolutely need the private key it is better for security reasons to just use toString(). * * * @return - */ public String toStringWithPrivate() { StringBuilder b = new StringBuilder(); b.append(toString()); if (privKey != null && privKey instanceof BCECPrivateKey) { b.append(" priv:").append(Hex.toHexString(((BCECPrivateKey) privKey).getD().toByteArray())); } return b.toString(); }