枚举 Java 中可用的所有椭圆曲线名称的方法?
Way to enumerate all elliptic curve names available in Java?
有没有办法枚举所有可以给的椭圆曲线名称
ECGenParameterSpec 构造函数?或者你是否必须在墙上扔一大堆曲线名称,然后看看当你尝试使用它们时哪些会抛出或不会抛出异常?
来自 ECGenParameterSpec 构造函数的文档:
... For the list of supported names, please consult the documentation of provider whose implementation will be used.
所以(部分)您的问题的答案是,您已经知道您传递的名称受您将使用的任何实现的支持。
至于列举各种算法,我相信你追求的是java.security.Security.getProviders(String filter)。
public static Provider[] getProviders(String filter) ...
Returns an array containing all installed providers that satisfy the specified selection criterion, or null if no such providers have been installed. ...
另见 Java Security Standard Algorithm Names Specification。
至于 ECGenParameterSpec,它唯一的内部成员是您传递给它的单个 String 对象。那么这是怎么回事呢?好吧,它实现了 AlgorithmParameterSpec,其中(来自文档):
... This interface contains no methods or constants. Its only purpose is to group (and provide type safety for) all parameter specifications. All parameter specifications must implement this interface.
这在很大程度上取决于您要使用的提供商。正如 user69513 所述,您需要查阅文档。这就是最基本的问题。
对于 SunEC 提供商,找不到文档,public 也没有可用的资源。但是通过 sunec.jar 中公开的 classes 我们发现 CurveDB class 和方法 getSupportedCurves.可以使用反射调用它:
public static void main(String[] args) throws Exception {
Method method = sun.security.ec.CurveDB.class.getDeclaredMethod("getSupportedCurves", null);
method.setAccessible(true);
Collection result = (Collection) method.invoke(null, null);
for (Object object : result) {
System.out.println(object);
}
}
这让你完全脱色:
secp112r1 (1.3.132.0.6)
secp112r2 (1.3.132.0.7)
secp128r1 (1.3.132.0.28)
secp128r2 (1.3.132.0.29)
secp160k1 (1.3.132.0.9)
secp160r1 (1.3.132.0.8)
secp160r2 (1.3.132.0.30)
secp192k1 (1.3.132.0.31)
secp192r1 [NIST P-192, X9.62 prime192v1] (1.2.840.10045.3.1.1)
secp224k1 (1.3.132.0.32)
secp224r1 [NIST P-224] (1.3.132.0.33)
secp256k1 (1.3.132.0.10)
secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
secp384r1 [NIST P-384] (1.3.132.0.34)
secp521r1 [NIST P-521] (1.3.132.0.35)
X9.62 prime192v2 (1.2.840.10045.3.1.2)
X9.62 prime192v3 (1.2.840.10045.3.1.3)
X9.62 prime239v1 (1.2.840.10045.3.1.4)
X9.62 prime239v2 (1.2.840.10045.3.1.5)
X9.62 prime239v3 (1.2.840.10045.3.1.6)
sect113r1 (1.3.132.0.4)
sect113r2 (1.3.132.0.5)
sect131r1 (1.3.132.0.22)
sect131r2 (1.3.132.0.23)
sect163k1 [NIST K-163] (1.3.132.0.1)
sect163r1 (1.3.132.0.2)
sect163r2 [NIST B-163] (1.3.132.0.15)
sect193r1 (1.3.132.0.24)
sect193r2 (1.3.132.0.25)
sect233k1 [NIST K-233] (1.3.132.0.26)
sect233r1 [NIST B-233] (1.3.132.0.27)
sect239k1 (1.3.132.0.3)
sect283k1 [NIST K-283] (1.3.132.0.16)
sect283r1 [NIST B-283] (1.3.132.0.17)
sect409k1 [NIST K-409] (1.3.132.0.36)
sect409r1 [NIST B-409] (1.3.132.0.37)
sect571k1 [NIST K-571] (1.3.132.0.38)
sect571r1 [NIST B-571] (1.3.132.0.39)
X9.62 c2tnb191v1 (1.2.840.10045.3.0.5)
X9.62 c2tnb191v2 (1.2.840.10045.3.0.6)
X9.62 c2tnb191v3 (1.2.840.10045.3.0.7)
X9.62 c2tnb239v1 (1.2.840.10045.3.0.11)
X9.62 c2tnb239v2 (1.2.840.10045.3.0.12)
X9.62 c2tnb239v3 (1.2.840.10045.3.0.13)
X9.62 c2tnb359v1 (1.2.840.10045.3.0.18)
X9.62 c2tnb431r1 (1.2.840.10045.3.0.20)
有一种更好的方法可以使用受支持的 API 而不是反射来获取受支持的曲线名称列表:
Security.getProviders("AlgorithmParameters.EC")[0]
.getService("AlgorithmParameters", "EC").getAttribute("SupportedCurves");
在jshell中(采用OpenJDK 11.0.1):
jshell> Security.getProviders("AlgorithmParameters.EC")[0]
.getService("AlgorithmParameters", "EC").getAttribute("SupportedCurves")
==> "[secp112r1,1.3.132.0.6]|[secp112r2,1.3.132.0.7]|[secp128r1,1.3.132.0.28]|[secp128r2,1.3.132.0.29]|[secp160k1,1.3.132.0.9]|[secp160r1,1.3.132.0.8]|[secp160r2,1.3.132.0.30]|[secp192k1,1.3.132.0.31]|[secp192r1,NIST P-192,X9.62 prime192v1,1.2.840.10045.3.1.1]|[secp224k1,1.3.132.0.32]|[secp224r1,NIST P-224,1.3.132.0.33]|[secp256k1,1.3.132.0.10]|[secp256r1,NIST P-256,X9.62 prime256v1,1.2.840.10045.3.1.7]|[secp384r1,NIST P-384,1.3.132.0.34]|[secp521r1,NIST P-521,1.3.132.0.35]|[X9.62 prime192v2,1.2.840.10045.3.1.2]|[X9.62 prime192v3,1.2.840.10045.3.1.3]|[X9.62 prime239v1,1.2.840.10045.3.1.4]|[X9.62 prime239v2,1.2.840.10045.3.1.5]|[X9.62 prime239v3,1.2.840.10045 ... 840.10045.3.0.18]|[X9.62 c2tnb431r1,1.2.840.10045.3.0.20]|[brainpoolP160r1,1.3.36.3.3.2.8.1.1.1]|[brainpoolP192r1,1.3.36.3.3.2.8.1.1.3]|[brainpoolP224r1,1.3.36.3.3.2.8.1.1.5]|[brainpoolP256r1,1.3.36.3.3.2.8.1.1.7]|[brainpoolP320r1,1.3.36.3.3.2.8.1.1.9]|[brainpoolP384r1,1.3.36.3.3.2.8.1.1.11]|[brainpoolP512r1,1.3.36.3.3.2.8.1.1.13]"
然后您可以解析这些条目。
但是,现在还有new "XEC" curves - X25519 and X448. As far as I am aware, these are only available as the two constants of NamedParameterSpec。
有没有办法枚举所有可以给的椭圆曲线名称
ECGenParameterSpec 构造函数?或者你是否必须在墙上扔一大堆曲线名称,然后看看当你尝试使用它们时哪些会抛出或不会抛出异常?
来自 ECGenParameterSpec 构造函数的文档:
... For the list of supported names, please consult the documentation of provider whose implementation will be used.
所以(部分)您的问题的答案是,您已经知道您传递的名称受您将使用的任何实现的支持。
至于列举各种算法,我相信你追求的是java.security.Security.getProviders(String filter)。
public static Provider[] getProviders(String filter) ...
Returns an array containing all installed providers that satisfy the specified selection criterion, or null if no such providers have been installed. ...
另见 Java Security Standard Algorithm Names Specification。
至于 ECGenParameterSpec,它唯一的内部成员是您传递给它的单个 String 对象。那么这是怎么回事呢?好吧,它实现了 AlgorithmParameterSpec,其中(来自文档):
... This interface contains no methods or constants. Its only purpose is to group (and provide type safety for) all parameter specifications. All parameter specifications must implement this interface.
这在很大程度上取决于您要使用的提供商。正如 user69513 所述,您需要查阅文档。这就是最基本的问题。
对于 SunEC 提供商,找不到文档,public 也没有可用的资源。但是通过 sunec.jar 中公开的 classes 我们发现 CurveDB class 和方法 getSupportedCurves.可以使用反射调用它:
public static void main(String[] args) throws Exception {
Method method = sun.security.ec.CurveDB.class.getDeclaredMethod("getSupportedCurves", null);
method.setAccessible(true);
Collection result = (Collection) method.invoke(null, null);
for (Object object : result) {
System.out.println(object);
}
}
这让你完全脱色:
secp112r1 (1.3.132.0.6)
secp112r2 (1.3.132.0.7)
secp128r1 (1.3.132.0.28)
secp128r2 (1.3.132.0.29)
secp160k1 (1.3.132.0.9)
secp160r1 (1.3.132.0.8)
secp160r2 (1.3.132.0.30)
secp192k1 (1.3.132.0.31)
secp192r1 [NIST P-192, X9.62 prime192v1] (1.2.840.10045.3.1.1)
secp224k1 (1.3.132.0.32)
secp224r1 [NIST P-224] (1.3.132.0.33)
secp256k1 (1.3.132.0.10)
secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
secp384r1 [NIST P-384] (1.3.132.0.34)
secp521r1 [NIST P-521] (1.3.132.0.35)
X9.62 prime192v2 (1.2.840.10045.3.1.2)
X9.62 prime192v3 (1.2.840.10045.3.1.3)
X9.62 prime239v1 (1.2.840.10045.3.1.4)
X9.62 prime239v2 (1.2.840.10045.3.1.5)
X9.62 prime239v3 (1.2.840.10045.3.1.6)
sect113r1 (1.3.132.0.4)
sect113r2 (1.3.132.0.5)
sect131r1 (1.3.132.0.22)
sect131r2 (1.3.132.0.23)
sect163k1 [NIST K-163] (1.3.132.0.1)
sect163r1 (1.3.132.0.2)
sect163r2 [NIST B-163] (1.3.132.0.15)
sect193r1 (1.3.132.0.24)
sect193r2 (1.3.132.0.25)
sect233k1 [NIST K-233] (1.3.132.0.26)
sect233r1 [NIST B-233] (1.3.132.0.27)
sect239k1 (1.3.132.0.3)
sect283k1 [NIST K-283] (1.3.132.0.16)
sect283r1 [NIST B-283] (1.3.132.0.17)
sect409k1 [NIST K-409] (1.3.132.0.36)
sect409r1 [NIST B-409] (1.3.132.0.37)
sect571k1 [NIST K-571] (1.3.132.0.38)
sect571r1 [NIST B-571] (1.3.132.0.39)
X9.62 c2tnb191v1 (1.2.840.10045.3.0.5)
X9.62 c2tnb191v2 (1.2.840.10045.3.0.6)
X9.62 c2tnb191v3 (1.2.840.10045.3.0.7)
X9.62 c2tnb239v1 (1.2.840.10045.3.0.11)
X9.62 c2tnb239v2 (1.2.840.10045.3.0.12)
X9.62 c2tnb239v3 (1.2.840.10045.3.0.13)
X9.62 c2tnb359v1 (1.2.840.10045.3.0.18)
X9.62 c2tnb431r1 (1.2.840.10045.3.0.20)
有一种更好的方法可以使用受支持的 API 而不是反射来获取受支持的曲线名称列表:
Security.getProviders("AlgorithmParameters.EC")[0]
.getService("AlgorithmParameters", "EC").getAttribute("SupportedCurves");
在jshell中(采用OpenJDK 11.0.1):
jshell> Security.getProviders("AlgorithmParameters.EC")[0]
.getService("AlgorithmParameters", "EC").getAttribute("SupportedCurves")
==> "[secp112r1,1.3.132.0.6]|[secp112r2,1.3.132.0.7]|[secp128r1,1.3.132.0.28]|[secp128r2,1.3.132.0.29]|[secp160k1,1.3.132.0.9]|[secp160r1,1.3.132.0.8]|[secp160r2,1.3.132.0.30]|[secp192k1,1.3.132.0.31]|[secp192r1,NIST P-192,X9.62 prime192v1,1.2.840.10045.3.1.1]|[secp224k1,1.3.132.0.32]|[secp224r1,NIST P-224,1.3.132.0.33]|[secp256k1,1.3.132.0.10]|[secp256r1,NIST P-256,X9.62 prime256v1,1.2.840.10045.3.1.7]|[secp384r1,NIST P-384,1.3.132.0.34]|[secp521r1,NIST P-521,1.3.132.0.35]|[X9.62 prime192v2,1.2.840.10045.3.1.2]|[X9.62 prime192v3,1.2.840.10045.3.1.3]|[X9.62 prime239v1,1.2.840.10045.3.1.4]|[X9.62 prime239v2,1.2.840.10045.3.1.5]|[X9.62 prime239v3,1.2.840.10045 ... 840.10045.3.0.18]|[X9.62 c2tnb431r1,1.2.840.10045.3.0.20]|[brainpoolP160r1,1.3.36.3.3.2.8.1.1.1]|[brainpoolP192r1,1.3.36.3.3.2.8.1.1.3]|[brainpoolP224r1,1.3.36.3.3.2.8.1.1.5]|[brainpoolP256r1,1.3.36.3.3.2.8.1.1.7]|[brainpoolP320r1,1.3.36.3.3.2.8.1.1.9]|[brainpoolP384r1,1.3.36.3.3.2.8.1.1.11]|[brainpoolP512r1,1.3.36.3.3.2.8.1.1.13]"
然后您可以解析这些条目。
但是,现在还有new "XEC" curves - X25519 and X448. As far as I am aware, these are only available as the two constants of NamedParameterSpec。