Creating an EC Public Key using Named Curves

Michael StJohns mstjohns at comcast.net
Tue Oct 8 16:56:39 UTC 2013


I use this construct a lot, but there are a number of cases (e.g. where I'm trying to take an EC key and turn it into a structure to send to a smart card) where what I really need is to be able to produce an EllipticCurve (actually ECParamaterSpec) from a name.  

I started looking at why ECGenParameterSpec isn't currently a subclass of ECParameterSpec.   I *think* this is because the curve table is currently part of the individual EC providers rather than part of the JDK side implementation.

I'm wondering if perhaps its time to change the above and move the curve database over to the JDK side?

Mike





At 11:41 AM 10/8/2013, Vincent Ryan wrote:
>Currently, there is no public API for named curves.
>
>However you can generate named curves using the SunEC provider and the ECParameterSpec class.
>For example,
>
>        AlgorithmParameters parameters = AlgorithmParameters.getInstance("EC", "SunEC");
>        parameters.init(new ECGenParameterSpec("secp256r1"));
>        ECParameterSpec ecParameters = parameters.getParameterSpec(ECParameterSpec.class);
>
>        return KeyFactory.getInstance("EC", "SunEC").generatePublic(new ECPublicKeySpec(new ECPoint(x, y), ecParameters));
>
>
>It's not elegant but the list of supported named curves can be extracted from the AlgorithmParameters.EC SupportedCurves
>property. For example,
>
>        String[] curves = Security.getProvider("SunEC")
>            .getProperty("AlgorithmParameters.EC SupportedCurves")
>            .split("\\|");
>        for (String curve : curves) {
>            System.out.println(curve.substring(1, curve.indexOf(",")));
>        }
>
>
>
>
>On 8 Oct 2013, at 13:53, Anders Rundgren wrote:
>
>> If you have the X and Y points and the name of a public key you can create a ECPublicKey using BouncyCastle.
>> I cannot find any counterpart in JDK 7.  What am I missing?
>> 
>> BC:
>> 
>> return KeyFactory.getInstance ("EC").generatePublic (new ECPublicKeySpec (new ECPoint (x, y), new ECNamedCurveSpec (name,...)));
>> 
>> Cheers
>> Anders





More information about the security-dev mailing list