OpenSSH ecdsa到BCECPublicKey

Question

我希望将OpenSSH ecdsa公钥字符串(.pub文件)转换为BCECPublicKey实例。

与代码相反，我想要实现的是：

BCECPublicKey publicKey = ...;

byte[] point = SubjectPublicKeyInfo.getInstance(ASN1Sequence.getInstance(publicKey.getEncoded())).getPublicKeyData().getOctets();

ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);

dataOutputStream.writeInt("ecdsa-sha2-nistp256".getBytes().length);
dataOutputStream.write("ecdsa-sha2-nistp256".getBytes());
dataOutputStream.writeInt("nistp256".getBytes().length);
dataOutputStream.write("nistp256".getBytes());
dataOutputStream.writeInt(point.length);
dataOutputStream.write(point);

String base64 = Base64.getEncoder().encodeToString(byteArrayOutputStream.toByteArray());

这就是我尝试过的：

    // Valid ecdsa-sha2-nistp256 public key string from a .pub file.
    String base64 = "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBG93uDMAjwxpPFXgLFFs7FzWZXrQRaXnBMqmHaRN/5JRzljuqYAUAkW98HvFxGKrnb2JdW3X785AxLNzVhiiw+4=";
    byte[] bytes = Base64.getDecoder().decode(base64);
    ECNamedCurveParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("secp256r1");

    // java.lang.IllegalArgumentException: Incorrect length for infinity encoding
    ECPoint point = ecSpec.getCurve().decodePoint(bytes);
    ECPublicKeySpec publicKeySpec = new ECPublicKeySpec(point, ecSpec);
    KeyFactory keyFactory = KeyFactory.getInstance("ECDSA", "BC");
    PublicKey pk = keyFactory.generatePublic(publicKeySpec);

但这似乎行不通。

有什么简单的方法可以用有弹性的城堡吗？

Answer 1

你知道你是通过连接六件事来创建blob的，其中只有第六种是实际的点编码，那么你怎么能想象使用所有blob作为点编码是正确的呢？

干净和健壮的方法是将blob解析回其片段并提取点编码；脏方法是假设blob如预期的那样，用于ecdsa-sha2-nistp 256(和未压缩的)，因此最后65个字节是点编码：

String base64 = "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBG93uDMAjwxpPFXgLFFs7FzWZXrQRaXnBMqmHaRN/5JRzljuqYAUAkW98HvFxGKrnb2JdW3X785AxLNzVhiiw+4=";
byte[] bytes = Base64.getDecoder().decode(base64), temp;

if( clean ){
    DataInputStream instr = new DataInputStream (new ByteArrayInputStream (bytes));
    temp = new byte[instr.readInt()]; instr.read(temp);
    if( !Arrays.equals(temp,"ecdsa-sha2-nistp256".getBytes())) throw new Exception ("bad key");
    temp = new byte[instr.readInt()]; instr.read(temp);
    if( !Arrays.equals(temp,"nistp256".getBytes())) throw new Exception ("bad key");
    temp = new byte[instr.readInt()]; instr.read (temp);
}else{
    temp = Arrays.copyOfRange(bytes, bytes.length-65, bytes.length);
}
ECNamedCurveParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec ("secp256r1");
org.bouncycastle.math.ec.ECPoint point = ecSpec.getCurve().decodePoint (temp);
KeyFactory keyFactory = KeyFactory.getInstance("ECDSA", "BC");
PublicKey pk = keyFactory.generatePublic(new org.bouncycastle.jce.spec.ECPublicKeySpec(point, ecSpec));