使用BouncyCastle在Java中使用ECIES进行加密
我正在尝试使用Java中的BouncyCastle使用ECC算法对某些内容进行加密。但是我对BouncyCastle库的说法例外:无法转换JCEECPublicKey为IESKey。我理解的是,所产生的公共密钥KeyPairGenerator是JCEECPublicKey不能在java的使用Cipher.init方法。有人可以告诉我如何将其转换为公钥或X509规范,以便可以将其用于加密。
这是我尝试过的代码
// add instance of provider classSecurity.addProvider(new BouncyCastleProvider());
// initializing parameter specs secp256r1/prime192v1
ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("prime192v1");
// key pair generator to generate public and private key
KeyPairGenerator generator = KeyPairGenerator.getInstance("ECDH", new BouncyCastleProvider());
// initialize key pair generator
generator.initialize(ecSpec);
// Key pair to store public and private key
KeyPair keyPair = generator.generateKeyPair();
Cipher iesCipher = Cipher.getInstance("ECIES", new BouncyCastleProvider());
iesCipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic());
我也尝试将公钥转换为X509EncodedSpec,但出现相同的异常
X509EncodedKeySpec spec = new X509EncodedKeySpec(keyPair.getPublic().getEncoded());KeyFactory factory = KeyFactory.getInstance("ECDH");
PublicKey publicKey = factory.generatePublic(spec);
我得到的例外是
java.lang.ClassCastException: org.bouncycastle.jce.provider.JCEECPublicKey cannot be cast to org.bouncycastle.jce.interfaces.IESKey at org.bouncycastle.jce.provider.JCEIESCipher.engineGetKeySize(JCEIESCipher.java:49)
at javax.crypto.Cipher.passCryptoPermCheck(Cipher.java:1057)
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1015)
at javax.crypto.Cipher.init(Cipher.java:1229)
at javax.crypto.Cipher.init(Cipher.java:1173)
at com.test.EciesTest.main(EciesTest.java:45)
基于注释,我正在使用的JDK版本是JDK 7-我正在使用的Oracle Import语句:
import java.security.KeyPair;import java.security.KeyPairGenerator;
import java.security.Security;
import java.security.spec.ECGenParameterSpec;
import javax.crypto.Cipher;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
回答:
请尝试以下操作:
// add instance of provider classSecurity.addProvider(new BouncyCastleProvider());
String name = "secp256r1";
// NOTE just "EC" also seems to work here
KeyPairGenerator kpg = KeyPairGenerator.getInstance("ECDH", BouncyCastleProvider.PROVIDER_NAME);
kpg.initialize(new ECGenParameterSpec(name));
// Key pair to store public and private key
KeyPair keyPair = kpg.generateKeyPair();
Cipher iesCipher = Cipher.getInstance("ECIES", BouncyCastleProvider.PROVIDER_NAME);
iesCipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic());
请注意,通常,在尝试通过JCE使用Bouncy时,最好保留JCE类而不是Bouncy Castle类。在这种情况下,问题可能出在提供给密钥生成器的参数上。
在上面的代码中,我使用了,BouncyCastleProvider.PROVIDER_NAME但是"BC"当然可以很好地工作。尽管应该不影响最终结果,但每次都重新初始化提供者不是一个好主意。
确保您具有最新的系统来运行此代码。该代码已在以下系统上经过测试:
--- runtime information --- Properties:
java.vendor : Oracle Corporation
java.specification.name : Java Platform API Specification
java.specification.version : 1.8
java.runtime.name : Java(TM) SE Runtime Environment
java.runtime.version : 1.8.0_65-b17
java.vm.name : Java HotSpot(TM) 64-Bit Server VM
Unlimited crypto: yes
--- info for provider Bouncy Castle ---
Bouncy Castle version: 1.520000
Bouncy Castle provider registered: yes
以上是 使用BouncyCastle在Java中使用ECIES进行加密 的全部内容, 来源链接: utcz.com/qa/426528.html
