Menu
I am trying to implement ECDSA (Elliptic Curve Digital Signature Algorithm) but I couldn't find any examples in Java which use Bouncy Castle. I created the keys, but I really don't know what kind of functions I should use to create a signature and verify it.
public static KeyPair GenerateKeys()
throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException
{
ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("B-571");
KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC");
g.initialize(ecSpec, new SecureRandom());
return g.generateKeyPair();
}
690
The Elliptic Curve Digital Signature Algorithm (ECDSA) is a Digital Signature Algorithm (DSA) which uses keys derived from elliptic curve cryptography (ECC). It is a particularly efficient equation based on public key cryptography (PKC).
ECDSA is used with a SHA1cryptographic hash of the message to sign (the file). A hash is simply another mathematical equation that you apply on every byte of data which will give you a number that is unique to your data. Like for example, the sum of the values of all bytes may be considered a very dumb hash function.
ECDSA Verify Signature The algorithm to verify a ECDSA signature takes as input the signed message msg + the signature {r, s} produced from the signing algorithm + the public key pubKey, corresponding to the signer's private key. The output is boolean value: valid or invalid signature.
Bouncy Castle is a Java library that complements the default Java Cryptographic Extension (JCE), and it provides more cipher suites and algorithms than the default JCE provided by Sun. In addition to that, Bouncy Castle has lots of utilities for reading arcane formats like PEM and ASN.
owlstead is correct. And to elaborate a bit more, you can do this:
KeyPair pair = GenerateKeys();
Signature ecdsaSign = Signature.getInstance("SHA256withECDSA", "BC");
ecdsaSign.initSign(pair.getPrivate());
ecdsaSign.update(plaintext.getBytes("UTF-8"));
byte[] signature = ecdsaSign.sign();
And to verify:
Signature ecdsaVerify = Signature.getInstance("SHA256withECDSA", "BC");
ecdsaVerify.initVerify(pair.getPublic());
ecdsaVerify.update(plaintext.getBytes("UTF-8"));
boolean result = ecdsaVerify.verify(signature);
You seem to be using Bouncy Castle mainly as provider. In that case you could simply use Signature.getInstance("SHA256withECDSA", "BC").
34
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
