(1)转换ECDSA私钥和公钥；(2) ECDSA验证

Question

遵循这个discussion，这是一个简单的教程，如何在java中使用ECDSA算法对字符串进行签名，而不使用任何第三方库。但问题是：

1. 如何将公钥和私钥转换为字符串？(因为我想将它们发送到数据库中)。
2. 有人能帮我创建一个简单的教程，说明如何在java中使用ECDSA算法来验证消息吗？此时，我需要包含签名和公钥作为验证方法。

下面是我的java代码中的场景，假设有发送方和接收方：

• 发送方

package sender;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
public class Sign {    
  public static void main(String[] args) throws Exception {
      /*
       * Generate a key pair
       */
      KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
      SecureRandom random = SecureRandom.getInstance("SHA1PRNG");

      keyGen.initialize(256, random);

      KeyPair pair = keyGen.generateKeyPair();
        
      /*
      Generate the private and the public key
      */

      PrivateKey priv = pair.getPrivate();
      /*
      *and then Convert the priv key into a String;
      *HOW can i do that ? this what i'm asking
      */
                   
      PublicKey pub = pair.getPublic();
      /*
      Convert the pub key into a String;
      HOW can i do that ? this what i'm asking
      */      
       
      /*
      -------Encrypt the pub and the priv key, i do with my own code  
      -------Store the enrypted pub & priv key into the database
      -------I'm doing this with my own code
      */
        
        
      /*
      * Create a Signature object and initialize it with the private key
      */
      Signature dsa = Signature.getInstance("SHA1withECDSA");

      dsa.initSign(priv);

      String str = "This is string to sign";
      byte[] strByte = str.getBytes("UTF-8");
      dsa.update(strByte);

      /*
      * Now that all the data to be signed has been read in, generate a
      * signature for it
      */

      byte[] realSig = dsa.sign();
      System.out.println("Signature: " + 
             new BigInteger(1, realSig).toString(16));
      /*
      and Then i'm storing this signature into my database. 
      i have done with this
      */
    }
}

• 接受者侧

package recipient;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
 public class Verify {   
   public static void main(String[] args) throws Exception {
   /*
   Step one, taking public key from the database.
   Step two, receive the message + signature.
   Step three, split the message and signature into an "array[0]" for message,
   and "array[1] for the signature"
        
   Verify the signature <--- Here's what im asking to anybody, 
   how can i do, i mean the sample code ? 
   */  
   }
}

对不起，我的英语不好。

Answer 1

你问了很多关于处理ECDSA的不同问题。我将在这里回答您关于数据库存储的第一个问题。如果您想了解如何正确使用ECDSA，我建议您对ECDSA的机制进行一些额外的研究。这里给出的例子无论如何都很难脱离上下文进行跟踪。

要将密钥存储为字符串，必须首先检索以编码的格式表示密钥的字节数组(注:编码未加密)。这可以通过使用来自Key类的Key方法来完成，该类是PublicKey和PrivateKey的超级接口。

示例：

PrivateKey key = // ...

byte[] enc_key = key.getEncoded();

// Byte array to string

StringBuilder key_builder = new StringBuilder();

for(byte b : enc_key){
    key_builder.append(String.format("%02x", b));
}

String serialized_key = key_builder.toString();

要从数据库中再次加载密钥，需要将字符串解析为字节数组，将其传递到适当的键规范中，然后使用密钥工厂检索它。

示例：

String serialzed_key = // ...

byte[] encoded_key = // serialzed_key -> byte array conversion

// If key is private, use PKCS #8

PKCS8EncodedKeySpec formatted_private = new PKCS8EncodedKeySpec(encoded_key);

// or, if key is public, use X.509

X509EncodedKeySpec formatted_public = new X509EncodedKeySpec(encoded_key);

// Retrieve key using KeyFactory

KeyFactory kf = KeyFactory.getInstance("EC");

PublicKey pub = kf.generatePublic(formatted_public);

PrivateKey priv = kf.generatePrivate(formatted_private);

如果您所要做的只是使用ECDSA作为签名算法，那么验证与使用verify方法而不是使用sign方法进行签名完全相同，如下所示：

byte[] message_hash = // ...
byte[] candidate_message = // ...

PublicKey pub = // ...

Signature dsa = Signature.getInstance("SHA1withECDSA");

dsa.initVerify(pub);

dsa.update(candidate_message);

boolean success = dsa.verify(message_hash);