BouncyCastle参数对象不是ECParameterSpec
BouncyCastle参数对象不是ECParameterSpec
提问于 2019-02-06 15:08:11
我在用EC加密bouncycastle,
BC Jar: org.bouncycastle:bcprov-jdk15on:1.59
并使用以下代码初始化KeyPairGenerator
ECNamedCurveParameterSpec parameterSpec
= ECNamedCurveTable.getParameterSpec("secp256k1");
System.out.println("Passing ParameterSpec => " + parameterSpec);
System.out.println("Is Instance of org.bouncycastle.jce.spec.ECParameterSpec => " + (parameterSpec instanceof ECParameterSpec));
KeyPairGenerator keyPairGenerator
= KeyPairGenerator.getInstance("ECDSA", "BC");
keyPairGenerator.initialize(parameterSpec);但这给了我下面的例外。
java.security.InvalidAlgorithmParameterException: parameter object not a ECParameterSpec
at org.bouncycastle.jcajce.provider.asymmetric.ec.KeyPairGeneratorSpi$EC.initialize(Unknown Source)
at java.security.KeyPairGenerator.initialize(KeyPairGenerator.java:411)
at io.gupshup.crypto.web.ECKeyGenerator.generateKeyPair(ECKeyGenerator.java:56)现在,BouncyCastleProvider中的代码检查了我在初始化之前输出的类的实例。此外,我还打印了进程中加载的所有类。我无法识别我的代码中的问题。
作为参考,这是sout和类加载器的输出。
[Loaded org.bouncycastle.util.Pack from file:/opt/tomcat0.8/webapps/inbox/WEB-INF/lib/bcprov-jdk15on-1.59.jar]
Passing ParameterSpec => org.bouncycastle.jce.spec.ECNamedCurveParameterSpec@7e5f0eee
Is Instance of org.bouncycastle.jce.spec.ECParameterSpec => true
[Loaded org.bouncycastle.jcajce.provider.asymmetric.ec.KeyPairGeneratorSpi from file:/opt/tomcat0.8/webapps/channel/WEB-INF/lib/bcprov-jdk15on-1.59.jar]
[Loaded org.bouncycastle.jcajce.provider.asymmetric.ec.KeyPairGeneratorSpi$EC from file:/opt/tomcat0.8/webapps/channel/WEB-INF/lib/bcprov-jdk15on-1.59.jar]
[Loaded org.bouncycastle.jcajce.provider.asymmetric.ec.KeyPairGeneratorSpi$ECDSA from file:/opt/tomcat0.8/webapps/channel/WEB-INF/lib/bcprov-jdk15on-1.59.jar]
[Loaded org.bouncycastle.crypto.KeyGenerationParameters from file:/opt/tomcat0.8/webapps/channel/WEB-INF/lib/bcprov-jdk15on-1.59.jar]
[Loaded org.bouncycastle.crypto.params.ECKeyGenerationParameters from file:/opt/tomcat0.8/webapps/channel/WEB-INF/lib/bcprov-jdk15on-1.59.jar]
[Loaded org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator from file:/opt/tomcat0.8/webapps/channel/WEB-INF/lib/bcprov-jdk15on-1.59.jar]
[Loaded org.bouncycastle.crypto.generators.ECKeyPairGenerator from file:/opt/tomcat0.8/webapps/channel/WEB-INF/lib/bcprov-jdk15on-1.59.jar]
[Loaded sun.reflect.GeneratedConstructorAccessor150 from __JVM_DefineClass__]
[Loaded sun.security.jca.JCAUtil from /usr/lib/jvm/jdk1.8.0_131/jre/lib/rt.jar]
[Loaded sun.security.jca.JCAUtil$CachedSecureRandomHolder from /usr/lib/jvm/jdk1.8.0_131/jre/lib/rt.jar]
[Loaded org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec from file:/opt/tomcat0.8/webapps/channel/WEB-INF/lib/bcprov-jdk15on-1.59.jar]
[Loaded java.lang.Throwable$WrappedPrintStream from /usr/lib/jvm/jdk1.8.0_131/jre/lib/rt.jar]请帮助我,因为我不能找到问题,我已经尝试了相同的代码在我的本地设置和事情是工作的,因为他们应该。
这是SPI中由于某种未知原因而无法工作的代码。
if (params == null)
{
ECParameterSpec implicitCA = configuration.getEcImplicitlyCa();
if (implicitCA == null)
{
throw new InvalidAlgorithmParameterException("null parameter passed but no implicitCA set");
}
this.ecParams = null;
this.param = createKeyGenParamsBC(implicitCA, random);
}
else if (params instanceof ECParameterSpec)
{
this.ecParams = params;
this.param = createKeyGenParamsBC((ECParameterSpec)params, random);
}
else if (params instanceof java.security.spec.ECParameterSpec)
{
this.ecParams = params;
this.param = createKeyGenParamsJCE((java.security.spec.ECParameterSpec)params, random);
}
else if (params instanceof ECGenParameterSpec)
{
initializeNamedCurve(((ECGenParameterSpec)params).getName(), random);
}
else if (params instanceof ECNamedCurveGenParameterSpec)
{`initializeNamedCurve(((ECNamedCurveGenParameterSpec)params).getName(), random);`
}
else
{
throw new InvalidAlgorithmParameterException("parameter object not a ECParameterSpec");
}提亚
回答 2
Stack Overflow用户
发布于 2019-02-07 08:07:34
Bouncy Castle提供程序使用JCA定义的API来指定参数。如果您想要使用命名曲线secp256k1,那么您应该使用JCA类ECGenParameterSpec来指明它。
Security.addProvider(new BouncyCastleProvider());
ECGenParameterSpec namedParamSpec = new ECGenParameterSpec("secp256k1");
KeyPairGenerator ecKPGen = KeyPairGenerator.getInstance("EC", "BC");
ecKPGen.initialize(namedParamSpec);
KeyPair ecKP = ecKPGen.generateKeyPair();当然,如果您需要Bouncy Castle,这是有争议的,尽管Bouncy中的新EC代码执行得很好。
不管怎样,
ECGenParameterSpec namedParamSpec = new ECGenParameterSpec("secp256k1");
KeyPairGenerator ecKPGen = KeyPairGenerator.getInstance("EC");
ecKPGen.initialize(namedParamSpec);
KeyPair ecKP = ecKPGen.generateKeyPair();在我的系统上运行得很好。
Stack Overflow用户
发布于 2019-10-15 10:10:23
似乎java Security.addProvider()会导致类加载器泄漏。然后,它将导致instanceof返回false.It可以简单地解决如下所示:
private static KeyPairGenerator g
static{
try {
cleanEnvAndInitG(CURVE_NAME);
} catch (NoSuchAlgorithmException e) {
Random r = new Random();
//sleep 30ms~300ms
int time= r.nextInt(300-30+1) + 30;
Thread.sleep(time);
cleanEnvAndInitG(CURVE_NAME);
logger.info(e.getMessage(), e);
}catch( ...
}
public static void cleanEnvAndInitG(String curveName) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
Security.removeProvider(ECDH_PROVIDER);
Security.addProvider(new BouncyCastleProvider());
ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec(curveName);
keyPairGenerator = KeyPairGenerator.getInstance(ECDH_ALGORITHM, ECDH_PROVIDER);
keyPairGenerator.initialize(ecSpec, new SecureRandom());
}注意:
1)初始化失败时应设计重试机制,避免并发问题。
2)如果可能,您应该缓存g以提高性能。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/54548296
复制相关文章
相似问题
腾讯云开发者
