2

When I try to make ECC private key from byte array, I get exception mentioned below. I have public/private keys and out signed output from C library micro-ecc/uECC.h. C used secp192r1 curve. I am trying to verify data with C generated keys in Java. How to convert byte array to private/public key?

Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
byte[] kb = new byte[]{(byte)0x24, (byte)0xF4, (byte)0x36, (byte)0x16, (byte)0xD0, (byte)0x96, (byte)0x12, (byte)0x63, (byte)0x90, (byte)0x2E, (byte)0x51, (byte)0xF6, (byte)0x87, (byte)0x55, (byte)0xAB, (byte)0xCB, (byte)0x5D, (byte)0xAC, (byte)0x56, (byte)0x1A, (byte)0xA5, (byte)0xFA, (byte)0x55, (byte)0xDB};
X509EncodedKeySpec ks = new X509EncodedKeySpec(kb);
KeyFactory kf = java.security.KeyFactory.getInstance("ECDH", "BC");
org.bouncycastle.jce.interfaces.ECPrivateKey remotePublicKey = (org.bouncycastle.jce.interfaces.ECPrivateKey)kf.generatePublic(ks);

java.security.spec.InvalidKeySpecException: encoded key spec not recognised
at org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi.engineGeneratePublic(Unknown Source)
at org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi.engineGeneratePublic(Unknown Source)
at java.security.KeyFactory.generatePublic(KeyFactory.java:328)

Also I have tried to use 

KeyFactory.getInstance("ECDH", "BC");

but it throws the same exception above.

KeyFactory.getInstance("EC");

throws

java.security.InvalidKeyException: invalid key format

or

java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException : DerInputStream.getLength(): lengthTag=116, too big.
Improve this question
8
  • Where did you get your byte array? Commented May 25, 2016 at 13:15
  • I have public/private keys and out signed output in C librarary micro-ecc/uECC.h. I am trying to verify it in Java. Commented May 25, 2016 at 13:43
  • C used secp192r1 but I don't know if it necessary to provide it when loading public/private key in Java and how to do it. Commented May 25, 2016 at 13:51
  • When I generate key pair and create copies in Java, it works well. Commented May 26, 2016 at 14:54
  • @Justas If you generate correctly EC keypairs in Java using KeyPairGenerator.getInstance("EC") and then you can parse it using KeyFactory methods. Then probably your byte[] keys are wrong or has some specific format. Also note that there is an error in your code (not related directly with the exception): kf.generatePublic(ks) can not be cast to ECPrivateKey so change it to: (org.bouncycastle.jce.interfaces.ECPublicKey)kf.generatePublic(ks);. Commented May 26, 2016 at 21:29

1 Answer 1

Reset to default
4

X509EncodedKeySpec(key) or PKCS8EncodedKeySpec(key) constructors take private/public keys in encoded format. Unencoded key bytes can be converted this way:

Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec("secp192r1");

ECPrivateKeySpec ecPrivateKeySpec = new ECPrivateKeySpec(new BigInteger(1, privateKeyBytes), spec); 

ECNamedCurveSpec params = new ECNamedCurveSpec("secp192r1", spec.getCurve(), spec.getG(), spec.getN());
java.security.spec.ECPoint w = new java.security.spec.ECPoint(new BigInteger(1, Arrays.copyOfRange(publicKeyBytes, 0, 24)), new BigInteger(1, Arrays.copyOfRange(publicKeyBytes, 24, 48)));
PublicKey publicKey = factory.generatePublic(new java.security.spec.ECPublicKeySpec(w, params));
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.