Creating an EC Public Key using Named Curves

Anders Rundgren anders.rundgren.net at gmail.com
Wed Oct 9 15:18:49 UTC 2013


On 2013-10-08 17:41, Vincent Ryan wrote:
> Currently, there is no public API for named curves.

Since I wanted a source-compatible BC, JDK 6-7, and Android solution, I ended-up using
public key samples instead:

ECParameterSpec spec = ((ECPublicKey) KeyFactory.getInstance ("EC").generatePublic (new X509EncodedKeySpec (sample_public_key))).getParams ();

https://code.google.com/p/openkeystore/source/browse/library/trunk/src/org/webpki/crypto/KeyAlgorithms.java

It is not pretty but since it is one-time op I can (probably) live with it.

Anders

> 
> However you can generate named curves using the SunEC provider and the ECParameterSpec class.
> For example,
> 
>         AlgorithmParameters parameters = AlgorithmParameters.getInstance("EC", "SunEC");
>         parameters.init(new ECGenParameterSpec("secp256r1"));
>         ECParameterSpec ecParameters = parameters.getParameterSpec(ECParameterSpec.class);
> 
>         return KeyFactory.getInstance("EC", "SunEC").generatePublic(new ECPublicKeySpec(new ECPoint(x, y), ecParameters));
> 
> 
> It's not elegant but the list of supported named curves can be extracted from the AlgorithmParameters.EC SupportedCurves
> property. For example,
> 
>         String[] curves = Security.getProvider("SunEC")
>             .getProperty("AlgorithmParameters.EC SupportedCurves")
>             .split("\\|");
>         for (String curve : curves) {
>             System.out.println(curve.substring(1, curve.indexOf(",")));
>         }
> 
> 
> 
> 
> On 8 Oct 2013, at 13:53, Anders Rundgren wrote:
> 
>> If you have the X and Y points and the name of a public key you can create a ECPublicKey using BouncyCastle.
>> I cannot find any counterpart in JDK 7.  What am I missing?
>>
>> BC:
>>
>> return KeyFactory.getInstance ("EC").generatePublic (new ECPublicKeySpec (new ECPoint (x, y), new ECNamedCurveSpec (name,...)));
>>
>> Cheers
>> Anders
> 




More information about the security-dev mailing list