問題描述
我有一個原始 (r,s) 格式的 ECDSA NIST P-256 公鑰.似乎沒有簡單的方法可以將其加載到實現 java.security.interfaces.ECPublicKey 的對象中.
I have a raw (r,s) format ECDSA NIST P-256 public key. It seems that there is no simple way to load it into an object that implements java.security.interfaces.ECPublicKey.
加載 64 字節公鑰以便用于檢查簽名的最簡潔方法是什么?
What is the cleanest way to load a 64 byte public key so that it can be used to check signatures?
推薦答案
EC 功能需要 Java 7,Base 64 編碼器/解碼器需要 Java 8,無需額外的庫 - 只需普通 Java.請注意,當打印出來時,這實際上會將公鑰顯示為 命名曲線,這是大多數其他解決方案所不具備的.如果您有最新的運行時,其他答案會更干凈.
Java 7 is required for the EC functionality and Java 8 for the Base 64 encoder / decoder, no additional libraries - just plain Java. Note that this will actually display the public key as a named curve when printed out, something most other solutions won't do. If you have an up-to-date runtime, this other answer is more clean.
如果我們使用 ECPublicKeySpec 來做這件事,這個答案會很困難.所以讓我們作弊并使用 X509EncodedKeySpec 代替:
This answer is going to be tough if we do this using ECPublicKeySpec. So lets cheat a bit and use X509EncodedKeySpec instead:
private static byte[] P256_HEAD = Base64.getDecoder().decode("MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE");
/**
* Converts an uncompressed secp256r1 / P-256 public point to the EC public key it is representing.
* @param w a 64 byte uncompressed EC point consisting of just a 256-bit X and Y
* @return an <code>ECPublicKey</code> that the point represents
*/
public static ECPublicKey generateP256PublicKeyFromFlatW(byte[] w) throws InvalidKeySpecException {
byte[] encodedKey = new byte[P256_HEAD.length + w.length];
System.arraycopy(P256_HEAD, 0, encodedKey, 0, P256_HEAD.length);
System.arraycopy(w, 0, encodedKey, P256_HEAD.length, w.length);
KeyFactory eckf;
try {
eckf = KeyFactory.getInstance("EC");
} catch (NoSuchAlgorithmException e) {
throw new IllegalStateException("EC key factory not present in runtime");
}
X509EncodedKeySpec ecpks = new X509EncodedKeySpec(encodedKey);
return (ECPublicKey) eckf.generatePublic(ecpks);
}
用法:
ECPublicKey key = generateP256PublicKeyFromFlatW(w);
System.out.println(key);
<小時>
這背后的想法是創建一個臨時的 X509 編碼密鑰,它以公共點 w 結尾.之前的字節包含命名曲線的 OID 和結構開銷的 ASN.1 DER 編碼,以字節 04 結尾,指示未壓縮點.這里是中的結構看起來像什么的例子,使用值1和2的32字節的X和Y.
The idea behind this is to create a temporary X509 encoded key, which happily ends with the public point w at the end. The bytes before that contain the ASN.1 DER encoding of the OID of the named curve and structural overhead, ending with byte 04 indicating an uncompressed point. Here is an example what the structure looks like, using value 1 and 2 for the 32-byte X and Y.
為創建標頭而刪除的未壓縮點值的 32 字節 X 和 Y 值.這只有效,因為該點是靜態大小的 - 它在末端的位置僅由曲線的大小決定.
The 32-byte X and Y values of the uncompressed point values removed to create the header. This only works because the point is statically sized - it's location at the end is only determined by the size of the curve.
現在函數 generateP256PublicKeyFromFlatW 所需要的只是將接收到的公共點 w 添加到標頭中,并通過為 X509EncodedKeySpec<實現的解碼器運行它/代碼>.
Now all that is required in the function generateP256PublicKeyFromFlatW is to add the received public point w to the header and run it through the decoder implemented for X509EncodedKeySpec.
上面的代碼使用了一個原始的、未壓縮的公共 EC 點——只有一個 32 字節的 X 和 Y——沒有帶有值 04 的未壓縮點指示符.當然支持 65 字節壓縮點也很容易:
The above code uses a raw, uncompressed public EC point - just a 32 byte X and Y - without the uncompressed point indicator with value 04. Of course it is easy to support 65 byte compressed points as well:
/**
* Converts an uncompressed secp256r1 / P-256 public point to the EC public key it is representing.
* @param w a 64 byte uncompressed EC point starting with <code>04</code>
* @return an <code>ECPublicKey</code> that the point represents
*/
public static ECPublicKey generateP256PublicKeyFromUncompressedW(byte[] w) throws InvalidKeySpecException {
if (w[0] != 0x04) {
throw new InvalidKeySpecException("w is not an uncompressed key");
}
return generateP256PublicKeyFromFlatW(Arrays.copyOfRange(w, 1, w.length));
}
<小時>
最后,我生成了 base 64 中的常量 P256_HEAD 頭值:
private static byte[] createHeadForNamedCurve(String name, int size)
throws NoSuchAlgorithmException,
InvalidAlgorithmParameterException, IOException {
KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC");
ECGenParameterSpec m = new ECGenParameterSpec(name);
kpg.initialize(m);
KeyPair kp = kpg.generateKeyPair();
byte[] encoded = kp.getPublic().getEncoded();
return Arrays.copyOf(encoded, encoded.length - 2 * (size / Byte.SIZE));
}
調用者:
String name = "NIST P-256";
int size = 256;
byte[] head = createHeadForNamedCurve(name, size);
System.out.println(Base64.getEncoder().encodeToString(head));
這篇關于在 Java 中加載原始 64 字節長的 ECDSA 公鑰的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,也希望大家多多支持html5模板網!