'Re: [dev-crypto] ECDSA signing problem'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bouncycastle-crypto-dev
Subject:    Re: [dev-crypto] ECDSA signing problem
From:       Damian Kolasa <fatfredyy () gmail ! com>
Date:       2013-04-02 16:33:37
Message-ID: 515B0861.6090502 () gmail ! com
[Download RAW message or body]

Maybe this patch will help I've had the same problem...

https://gist.github.com/fatfredyy/5293701


Regards Damian


On 2013.04.02 01:20, David Hook wrote:
>
> 1.48 won't help, I'm pretty sure this would have worked in BC 1.10...
>
> I'd have to see a stack trace, why do you get an InvalidKeyException?
>
> Regards,
>
> David
>
> On 30/03/13 18:45, Leon wrote:
>> Hi List,
>>
>> I've been using BC 1.47 with RSA and DSA operations for a while - no 
>> problem. Recently I've started to also try and incorporate EC and use 
>> ECDSA for signing. Here are the steps the code currently successfully 
>> perform:
>>
>> 1. Create keypair. For EC, I've added all the ECparam stuff and use 
>> the sect233k1 curve to successfully generate a keypair.
>> 2. Next I create a CSR which I send to a CA to be signed.
>> 3. When the signed certificate is imported again, I first check its 
>> signature and period validity. This goes fine (as it did with RSA/DSA).
>> 4. Next I try to sign and immediately verify some data using the 
>> private key and newly imported certificate (public key) to verify 
>> that they match. I setup the Signature class with the SHA256WITHECDSA 
>> method, but when I do the initSign(privkey), I get an 
>> InvalidKeyException.
>>
>> In the debugger view the privatekey information seems fine and 
>> correct but it must be in some way incorrect.
>> Is there a way I can determine/test why / if it is created "wrong". I 
>> use the following lines to create it:
>>
>> :
>> ECGenParameterSpec ecSpec = new ECGenParameterSpec("sect233k1");
>> keyPairGenerator.initialize(ecSpec, new SecureRandom());
>> :
>> KeyPair kp = keyPairGenerator.genKeyPair();
>> :
>>
>> The private key is encrypted after being created and only decrypted 
>> when the signed certificate is imported. I do not suspect any error 
>> with this code since it works fine with RSA and DSA.
>>
>> Any comments is appreciated!
>> Should I try BC 1.48 - the change log does not suggest anything that 
>> will help me.
>>
>> Regards,
>> Leon
>>
>>
>
>


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic