Correction. Re: Creating an EC Public Key using Named Curves
Anders Rundgren
anders.rundgren.net at gmail.com
Tue Oct 8 20:35:27 UTC 2013
Pardon me. It was actually BC 1.45 which screw-up, not JDK 7.
Anyway, the bottom line (for me as developer...) is that BC and JDK 7 are
incompatible at the src level.
thanx
Anders
On 2013-10-08 17:41, Vincent Ryan wrote:
> Currently, there is no public API for named curves.
>
> However you can generate named curves using the SunEC provider and the ECParameterSpec class.
> For example,
>
> AlgorithmParameters parameters = AlgorithmParameters.getInstance("EC", "SunEC");
> parameters.init(new ECGenParameterSpec("secp256r1"));
> ECParameterSpec ecParameters = parameters.getParameterSpec(ECParameterSpec.class);
>
> return KeyFactory.getInstance("EC", "SunEC").generatePublic(new ECPublicKeySpec(new ECPoint(x, y), ecParameters));
>
>
> It's not elegant but the list of supported named curves can be extracted from the AlgorithmParameters.EC SupportedCurves
> property. For example,
>
> String[] curves = Security.getProvider("SunEC")
> .getProperty("AlgorithmParameters.EC SupportedCurves")
> .split("\\|");
> for (String curve : curves) {
> System.out.println(curve.substring(1, curve.indexOf(",")));
> }
Thanx Vicent,
I guess this is new for JDK 7.
Unfortunately I seem to be stuck with BC because a serialized named
ECPublicKey in JDK 7 uses a different (and IMHO incorrect) format which
makes it impossible to sign a public key in an interoperable way.
Note: I used Oracle's JDK 7 on Windows but I assume it is the same for OpenJDK.
thanx
Anders Rundgren
>
>
>
>
> On 8 Oct 2013, at 13:53, Anders Rundgren wrote:
>
>> If you have the X and Y points and the name of a public key you can create a ECPublicKey using BouncyCastle.
>> I cannot find any counterpart in JDK 7. What am I missing?
>>
>> BC:
>>
>> return KeyFactory.getInstance ("EC").generatePublic (new ECPublicKeySpec (new ECPoint (x, y), new ECNamedCurveSpec (name,...)));
>>
>> Cheers
>> Anders
>
More information about the security-dev
mailing list