Java字节数组到ECCPrivateKey-InvalidKeySpecException：无法识别编码的密钥规范 [英] Java byte array to ECCPrivateKey - InvalidKeySpecException: encoded key spec not recognised

问题描述

当我尝试从字节数组制作ECC私钥时，出现以下异常。我有公钥/私钥，并且从C库micro-ecc / uECC.h输出签名。 C用secp192r1曲线。我正在尝试使用Java中C生成的密钥来验证数据。如何将字节数组转换为私钥/公钥？

When I try to make ECC private key from byte array, I get exception mentioned below. I have public/private keys and out signed output from C library micro-ecc/uECC.h. C used secp192r1 curve. I am trying to verify data with C generated keys in Java. How to convert byte array to private/public key?

Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
byte[] kb = new byte[]{(byte)0x24, (byte)0xF4, (byte)0x36, (byte)0x16, (byte)0xD0, (byte)0x96, (byte)0x12, (byte)0x63, (byte)0x90, (byte)0x2E, (byte)0x51, (byte)0xF6, (byte)0x87, (byte)0x55, (byte)0xAB, (byte)0xCB, (byte)0x5D, (byte)0xAC, (byte)0x56, (byte)0x1A, (byte)0xA5, (byte)0xFA, (byte)0x55, (byte)0xDB};
X509EncodedKeySpec ks = new X509EncodedKeySpec(kb);
KeyFactory kf = java.security.KeyFactory.getInstance("ECDH", "BC");
org.bouncycastle.jce.interfaces.ECPrivateKey remotePublicKey = (org.bouncycastle.jce.interfaces.ECPrivateKey)kf.generatePublic(ks);

java.security.spec.InvalidKeySpecException: encoded key spec not recognised
at org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi.engineGeneratePublic(Unknown Source)
at org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi.engineGeneratePublic(Unknown Source)
at java.security.KeyFactory.generatePublic(KeyFactory.java:328)

我也尝试使用

KeyFactory.getInstance("ECDH", "BC"); 

，但上面引发了相同的异常。

but it throws the same exception above.

KeyFactory.getInstance("EC");

投掷

java.security.InvalidKeyException: invalid key format

或

java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException : DerInputStream.getLength(): lengthTag=116, too big.   

推荐答案

X509EncodedKeySpec（key）或 PKCS8EncodedKeySpec（key）构造函数采用编码格式的私钥/公钥。可以通过以下方式转换未编码的密钥字节：

X509EncodedKeySpec(key) or PKCS8EncodedKeySpec(key) constructors take private/public keys in encoded format. Unencoded key bytes can be converted this way:

Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec("secp192r1");

ECPrivateKeySpec ecPrivateKeySpec = new ECPrivateKeySpec(new BigInteger(1, privateKeyBytes), spec); 

ECNamedCurveSpec params = new ECNamedCurveSpec("secp192r1", spec.getCurve(), spec.getG(), spec.getN());
java.security.spec.ECPoint w = new java.security.spec.ECPoint(new BigInteger(1, Arrays.copyOfRange(publicKeyBytes, 0, 24)), new BigInteger(1, Arrays.copyOfRange(publicKeyBytes, 24, 48)));
PublicKey publicKey = factory.generatePublic(new java.security.spec.ECPublicKeySpec(w, params));

这篇关于Java字节数组到ECCPrivateKey-InvalidKeySpecException：无法识别编码的密钥规范的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！