如何使用 FIPS BouncyCastle 将 ECPrivateKey 转换为 ECPublicKey?
How to convert ECPrivateKey into ECPublicKey using FIPS BouncyCastle?
如何使用 FIPS BouncyCastle 将 ECPrivateKey 转换为 ECPublicKey?
我使用以下代码(稍微简化)将 ECPrivateKey 转换为 ECPublicKey:
public static ECPublicKey getPublicKeyFromPrivateKey(ECPrivateKey privateKey) throws GeneralSecurityException {
final KeyFactory keyFactory = KeyFactory.getInstance("ECDSA", new BouncyCastleProvider());
final BCECPrivateKey bcecPrivateKey = (BCECPrivateKey) privateKey;
final ECParameterSpec ecSpec = bcecPrivateKey.getParameters();
final ECPoint q = ecSpec.getG().multiply(bcecPrivateKey.getD());
final byte[] qBytes = q.getEncoded(false);
final ECPoint point = ecSpec.getCurve().decodePoint(qBytes);
final ECPublicKeySpec pubSpec = new ECPublicKeySpec(point, ecSpec);
return (ECPublicKey) keyFactory.generatePublic(pubSpec);
}
这适用于非 FIPS BouncyCastle。现在,我们需要以符合 FIPS 的方式做同样的事情。这里的问题是 FIPS BouncyCastle 1.0.1 中似乎不存在像 ECParameterSpec 这样的 类。我们如何使用 FIPS BouncyCastle 做同样的事情?
我找到了以下对我有用的解决方案:
public static PublicKey getPublicKeyForPrivateKeyEC(ECPrivateKey privateKey) throws GeneralSecurityException {
final KeyFactory keyFactory = KeyFactory.getInstance("ECDSA", new BouncyCastleProvider());
final ECParameterSpec ecSpec = privateKey.getParams();
final ECCurve ecCurve = FipsECUtil.convertCurve(ecSpec);
final ECMultiplier multiplier = ecCurve.getMultiplier();
final ECPoint generatorP = FipsECUtil.convertPoint(ecSpec, ecSpec.getGenerator());
final ECPoint q = multiplier.multiply(generatorP, privateKey.getS());
final byte[] publicDerBytes = q.getEncoded(false);
final ECPoint point = ecCurve.decodePoint(publicDerBytes);
final ECPublicKeySpec pubSpec = new ECPublicKeySpec(new java.security.spec.ECPoint(
point.getAffineXCoord().toBigInteger(),
point.getAffineYCoord().toBigInteger()), ecSpec);
return keyFactory.generatePublic(pubSpec);
}
如何使用 FIPS BouncyCastle 将 ECPrivateKey 转换为 ECPublicKey?
我使用以下代码(稍微简化)将 ECPrivateKey 转换为 ECPublicKey:
public static ECPublicKey getPublicKeyFromPrivateKey(ECPrivateKey privateKey) throws GeneralSecurityException {
final KeyFactory keyFactory = KeyFactory.getInstance("ECDSA", new BouncyCastleProvider());
final BCECPrivateKey bcecPrivateKey = (BCECPrivateKey) privateKey;
final ECParameterSpec ecSpec = bcecPrivateKey.getParameters();
final ECPoint q = ecSpec.getG().multiply(bcecPrivateKey.getD());
final byte[] qBytes = q.getEncoded(false);
final ECPoint point = ecSpec.getCurve().decodePoint(qBytes);
final ECPublicKeySpec pubSpec = new ECPublicKeySpec(point, ecSpec);
return (ECPublicKey) keyFactory.generatePublic(pubSpec);
}
这适用于非 FIPS BouncyCastle。现在,我们需要以符合 FIPS 的方式做同样的事情。这里的问题是 FIPS BouncyCastle 1.0.1 中似乎不存在像 ECParameterSpec 这样的 类。我们如何使用 FIPS BouncyCastle 做同样的事情?
我找到了以下对我有用的解决方案:
public static PublicKey getPublicKeyForPrivateKeyEC(ECPrivateKey privateKey) throws GeneralSecurityException {
final KeyFactory keyFactory = KeyFactory.getInstance("ECDSA", new BouncyCastleProvider());
final ECParameterSpec ecSpec = privateKey.getParams();
final ECCurve ecCurve = FipsECUtil.convertCurve(ecSpec);
final ECMultiplier multiplier = ecCurve.getMultiplier();
final ECPoint generatorP = FipsECUtil.convertPoint(ecSpec, ecSpec.getGenerator());
final ECPoint q = multiplier.multiply(generatorP, privateKey.getS());
final byte[] publicDerBytes = q.getEncoded(false);
final ECPoint point = ecCurve.decodePoint(publicDerBytes);
final ECPublicKeySpec pubSpec = new ECPublicKeySpec(new java.security.spec.ECPoint(
point.getAffineXCoord().toBigInteger(),
point.getAffineYCoord().toBigInteger()), ecSpec);
return keyFactory.generatePublic(pubSpec);
}