java – 具有弹性城堡的椭圆曲线密码学(ECC),用于非对称加密

发布时间：2020-12-15 02:25:45 所属栏目：Java 来源：网络整理

导读：我想使用ECC来交换会话密钥以进行长期数据传输.应使用ECC-192bit(curvename：prime192v1)对此密钥交换进行加密.这意味着我想实现自己的混合加密模型. 因此我用JAVA充气城堡.我实施了ECDSA,它运行正常.我实现了AES-128位对称加密,这也很好.但我不能使用ECC实

我想使用ECC来交换会话密钥以进行长期数据传输.应使用ECC-192bit(curvename：prime192v1)对此密钥交换进行加密.这意味着我想实现自己的混合加密模型.

因此我用JAVA充气城堡.我实施了ECDSA,它运行正常.我实现了AES-128位对称加密,这也很好.但我不能使用ECC实现简单的非对称加密.

所以我的问题是：这种非对称加密可以用充气城堡实现吗？

这是我尝试使用AsymmetricBlockCipher接口实现ECC加密.但这不起作用.

我是否真的必须实现自己的ECCEngine,就像RSAEngine(RSACoreEngin)的实现一样？

这是我的代码：

import org.bouncycastle.jce.interfaces.ECPublicKey;
import org.bouncycastle.jce.interfaces.ECPrivateKey;
import org.bouncycastle.crypto.AsymmetricBlockCipher;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.engines.AESEngine;
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.jce.ECNamedCurveTable;
import org.bouncycastle.jce.spec.ECParameterSpec;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import javax.crypto.Cipher;



public class ASymCrypto {

    //cipher init
    private static AsymmetricBlockCipher bc = null;
//    private static PaddedBufferedBlockCipher cipher = null;


    //keys and info parameter
    private static ECPublicKeyParameters publicParam = null;
    private static ECPrivateKeyParameters privParam = null;



    /**
     * Constructor
     */
    ASymCrypto(ECPublicKey pubKey,ECPrivateKey privKey) {


//  //default paddedBufferedBlockCipher with PKCS5/7 padding
//  cipher = new PaddedBufferedBlockCipher(bc);
        System.out.println( "remotePrivateKey:  " + privKey + " -(format): "+ privKey.getFormat() + " algo: " + privKey.getAlgorithm());
        System.out.println( "remotePrivateKey:  " + pubKey + " -(format): "+ pubKey.getFormat() + " algo: " + pubKey.getAlgorithm());

    //get the key and the EC parameters
    ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("prime192v1");
    ECDomainParameters domainParam = new ECDomainParameters(
        ecSpec.getCurve(),ecSpec.getG(),ecSpec.getN());

    //ECPublicKeyParameters(ECPoint Q,ECDomainParameters params) 
    publicParam = new ECPublicKeyParameters( pubKey.getQ(),domainParam );
    if(publicParam == null)
        System.out.println("ERROR: Initializing ASymCrpto failed at ECPublicKeyParam.");

    //ECPrivateKeyParameters(java.math.BigInteger d,ECDomainParameters params) 
    privParam = new ECPrivateKeyParameters( privKey.getD(),domainParam );
    if(privParam == null)
        System.out.println("ERROR: Initializing ASymCrpto failed at ECPrivateKeyParam.");

    bc = new AsymmetricBlockCipher(new AESEngine());
    }

    /**
     *  encryptEC192 function
     *  @param input: byte array with the message to encrypt
     *  @param output: byte array with the encrypted message using the public key of the partner
     *  @return bool true if successfully encrypted
     *  @throws InvalidCipherTextException 
     */
    public boolean encryptEC192(byte[] input,byte[] output) throws InvalidCipherTextException{

    if(publicParam == null)
        System.out.println("ERROR2: Initializing ASymCrpto failed at ECPublicKeyParam.");
    bc.init( true,publicParam);

    System.out.println("InputBS: " + bc.getInputBlockSize() + " OutputBS: " + bc.getOutputBlockSize() + "n");
    output = bc.processBlock(input,input.length );

    return true;
    }


    /**
     *  encryptEC192 function
     *  @param input: byte array with the message to encrypt
     *  @param output: byte array with the encrypted message using the public key of the partner
     *  @return bool true if successfully encrypted
     *  @throws InvalidCipherTextException 
     */    
    public boolean decryptEC192(byte[] input,byte[] output) throws InvalidCipherTextException{

    if(privParam == null)
        System.out.println("ERROR2: Initializing ASymCrpto failed at ECPrivateKeyParam.");
    bc.init( false,privParam);
    System.out.println("InputBS: " + bc.getInputBlockSize() + " OutputBS: " + bc.getOutputBlockSize() + "n");
    output = bc.processBlock(input,input.length );

    return true;
    }


//  INFORMATION PURPOSE ONLY:
//  public byte[] processBlock(byte[] in,//                             int inOff,//                             int len)
//                      throws InvalidCipherTextException
//  process the block of len bytes stored in in from offset inOff.
//  Parameters:
//  in - the input data
//  inOff - offset into the in array where the data starts
//  len - the length of the block to be processed.
//  Returns:
//  the resulting byte array of the encryption/decryption process.
//  Throws:
//  InvalidCipherTextException - data decrypts improperly.
//  DataLengthException - the input data is too large for the cipher.


}

解决方法

BC有这样的解决方案.请看示例org.bouncycastle.crypto.test.ECIESTest.或者看这里 http://www.flexiprovider.de/examples/ExampleECIES.html(另一家提供商).

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!