All geek questions in one place

Using BouncyCastle to Encrypt with ECIES in Java

I am trying to encrypt some content using ECC algorithm using BouncyCastle in java. But I get an exception from the BouncyCastle library saying that it cannot cast JCEECPublicKey until IESKey . I realized that the public key created by KeyPairGenerator is JCEECPublicKey , which cannot be used in java Cipher.init . Can someone tell me how you can convert it to a public key or X509 specification so that I can use it when encrypting.

Here is the code I tried

 // add instance of provider class Security.addProvider(new BouncyCastleProvider()); // initializing parameter specs secp256r1/prime192v1 ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("prime192v1"); // key pair generator to generate public and private key KeyPairGenerator generator = KeyPairGenerator.getInstance("ECDH", new BouncyCastleProvider()); // initialize key pair generator generator.initialize(ecSpec); // Key pair to store public and private key KeyPair keyPair = generator.generateKeyPair(); Cipher iesCipher = Cipher.getInstance("ECIES", new BouncyCastleProvider()); iesCipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic());

I also tried to convert the public key to X509EncodedSpec, but I get the same exception

 X509EncodedKeySpec spec = new X509EncodedKeySpec(keyPair.getPublic().getEncoded()); KeyFactory factory = KeyFactory.getInstance("ECDH"); PublicKey publicKey = factory.generatePublic(spec);

The exception that I get is

 java.lang.ClassCastException: org.bouncycastle.jce.provider.JCEECPublicKey cannot be cast to org.bouncycastle.jce.interfaces.IESKey at org.bouncycastle.jce.provider.JCEIESCipher.engineGetKeySize(JCEIESCipher.java:49) at javax.crypto.Cipher.passCryptoPermCheck(Cipher.java:1057) at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1015) at javax.crypto.Cipher.init(Cipher.java:1229) at javax.crypto.Cipher.init(Cipher.java:1173) at com.test.EciesTest.main(EciesTest.java:45)

EDIT

Based on the comment, I use the JDK version of JDK 7 - Oracle Import statements that I use:

 import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.Security; import java.security.spec.ECGenParameterSpec; import javax.crypto.Cipher; import org.bouncycastle.jce.provider.BouncyCastleProvider;
+2
source share
1 answer

Try the following:

 // add instance of provider class Security.addProvider(new BouncyCastleProvider()); String name = "secp256r1"; // NOTE just "EC" also seems to work here KeyPairGenerator kpg = KeyPairGenerator.getInstance("ECDH", BouncyCastleProvider.PROVIDER_NAME); kpg.initialize(new ECGenParameterSpec(name)); // Key pair to store public and private key KeyPair keyPair = kpg.generateKeyPair(); Cipher iesCipher = Cipher.getInstance("ECIES", BouncyCastleProvider.PROVIDER_NAME); iesCipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic());

And note that in general, it is better to stick with JCE classes instead of Bouncy Castle classes when trying to use Bouncy through JCE. In this case, the problem was probably the parameters given to the key generator.

In the above code, I used BouncyCastleProvider.PROVIDER_NAME , but just "BC" will work equally well, of course. Replicating the provider each time is not a good idea, although it should not affect the end result.

Make sure you have an updated system to run this code. This code has been tested on the following system:

  --- runtime information --- Properties: java.vendor : Oracle Corporation java.specification.name : Java Platform API Specification java.specification.version : 1.8 java.runtime.name : Java(TM) SE Runtime Environment java.runtime.version : 1.8.0_65-b17 java.vm.name : Java HotSpot(TM) 64-Bit Server VM Unlimited crypto: yes --- info for provider Bouncy Castle --- Bouncy Castle version: 1.520000 Bouncy Castle provider registered: yes
+2
source

Source: https://habr.com/ru/post/1246107/

More articles:


All Articles