[prev in list] [next in list] [prev in thread] [next in thread]
List: bouncycastle-crypto-dev
Subject: Re: [dev-crypto] ECDSA signing problem
From: Damian Kolasa <fatfredyy () gmail ! com>
Date: 2013-04-02 16:33:37
Message-ID: 515B0861.6090502 () gmail ! com
[Download RAW message or body]
Maybe this patch will help I've had the same problem...
https://gist.github.com/fatfredyy/5293701
Regards Damian
On 2013.04.02 01:20, David Hook wrote:
>
> 1.48 won't help, I'm pretty sure this would have worked in BC 1.10...
>
> I'd have to see a stack trace, why do you get an InvalidKeyException?
>
> Regards,
>
> David
>
> On 30/03/13 18:45, Leon wrote:
>> Hi List,
>>
>> I've been using BC 1.47 with RSA and DSA operations for a while - no
>> problem. Recently I've started to also try and incorporate EC and use
>> ECDSA for signing. Here are the steps the code currently successfully
>> perform:
>>
>> 1. Create keypair. For EC, I've added all the ECparam stuff and use
>> the sect233k1 curve to successfully generate a keypair.
>> 2. Next I create a CSR which I send to a CA to be signed.
>> 3. When the signed certificate is imported again, I first check its
>> signature and period validity. This goes fine (as it did with RSA/DSA).
>> 4. Next I try to sign and immediately verify some data using the
>> private key and newly imported certificate (public key) to verify
>> that they match. I setup the Signature class with the SHA256WITHECDSA
>> method, but when I do the initSign(privkey), I get an
>> InvalidKeyException.
>>
>> In the debugger view the privatekey information seems fine and
>> correct but it must be in some way incorrect.
>> Is there a way I can determine/test why / if it is created "wrong". I
>> use the following lines to create it:
>>
>> :
>> ECGenParameterSpec ecSpec = new ECGenParameterSpec("sect233k1");
>> keyPairGenerator.initialize(ecSpec, new SecureRandom());
>> :
>> KeyPair kp = keyPairGenerator.genKeyPair();
>> :
>>
>> The private key is encrypted after being created and only decrypted
>> when the signed certificate is imported. I do not suspect any error
>> with this code since it works fine with RSA and DSA.
>>
>> Any comments is appreciated!
>> Should I try BC 1.48 - the change log does not suggest anything that
>> will help me.
>>
>> Regards,
>> Leon
>>
>>
>
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic