我使用generateKeyPair()方法使用ECDSA算法生成了2个不同的KeyPair。
public KeyPair generateKeyPair(){
ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec("secp192r1");
KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC");
g.initialize(spec, new SecureRandom());
return g.generateKeyPair();
}
然后我用PrivateKey和PublicKey从单独的KeyPair得到合并的SecretKey:
private SecretKey generateSecretKey(PrivateKey privateKey, PublicKey publicKey) {
KeyAgreement ka = KeyAgreement.getInstance("ECDH");
ka.init(privateKey);
ka.doPhase(publicKey),
true);
return ka.generateSecret("AES");
}
但是我得到了ka.generateSecret("AES"):
Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException
at java.lang.System.arraycopy(Native Method)
at org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi.engineGenerateSecret(Unknown Source)
at javax.crypto.KeyAgreement.generateSecret(KeyAgreement.java:648)
如果我使用ECDSA,我得到:
Exception in thread "main" java.security.NoSuchAlgorithmException: Algorithm ECDSA not available
at javax.crypto.KeyAgreement.getInstance(KeyAgreement.java:184)
使用DH抛出:
Exception in thread "main" java.security.InvalidKeyException: DHKeyAgreement requires DHPrivateKey
at org.bouncycastle.jcajce.provider.asymmetric.dh.KeyAgreementSpi.engineInit(Unknown Source)
at javax.crypto.KeyAgreement.implInit(KeyAgreement.java:346)
at javax.crypto.KeyAgreement.chooseProvider(KeyAgreement.java:378)
at javax.crypto.KeyAgreement.init(KeyAgreement.java:470)
如何从ECDSA算法生成的PrivateKey和PublicKey中得到组合SecretKey ?
从return ka.generateSecret();中删除"AES"参数后,它正常工作并返回曲线大小共享密钥:
private SecretKey generateSecretKey(PrivateKey privateKey, PublicKey publicKey) {
KeyAgreement ka = KeyAgreement.getInstance("ECDH");
ka.init(privateKey);
ka.doPhase(publicKey, true);
return ka.generateSecret();
}
密钥协议通常在双方之间工作,他们每一方都有自己的ECDS公钥和私钥(因此我们有四个不同的密钥)。你确定这是你想要的吗?
因此,当你同意一个密钥时,你需要a方的私钥和B方的公钥。在连接的另一端,您使用乙方的私钥和甲方的公钥
您选择的ECDH密钥协议算法在RFC3278中有描述,详细信息请阅读。