在充气城堡中生成ECDSA私钥会返回PUBLIC密钥

我试图使用充气城堡来生成ECDSA密钥。 代码似乎从Java的角度来看很好; 但是，当我转储文件并尝试validation数据时，OpenSSL不喜欢数据的格式。

经过一番研究，我认为充气城堡正在将私钥编码为公钥。

这是我的Java代码：

public class Test { public static void main(String[] args) { Security.addProvider(new BouncyCastleProvider()); System.out.println("Starting..."); String name = "prime256v1"; try { KeyPairGenerator kpg = KeyPairGenerator.getInstance("ECDSA", BouncyCastleProvider.PROVIDER_NAME); kpg.initialize(new ECGenParameterSpec(name)); KeyPair keyPair = kpg.generateKeyPair(); FileOutputStream writer = new FileOutputStream("private.key"); writer.write(keyPair.getPrivate().getEncoded()); writer.close(); } catch(Exception e) { e.printStackTrace(); } } } 

private.key文件以有效的DER格式生成; 但是，当我运行以下命令来查看密钥的ASN.1结构时：

 $ openssl asn1parse -inform DER -in /my/path/private.key 0:d=0 hl=3 l= 147 cons: SEQUENCE 3:d=1 hl=2 l= 1 prim: INTEGER :00 6:d=1 hl=2 l= 19 cons: SEQUENCE 8:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 17:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 27:d=1 hl=2 l= 121 prim: OCTET STRING [HEX DUMP]:  

为了比较，如果我运行以下命令使用OpenSSL生成ECDSA密钥，我将获得以下ASN.1结构：

  $ openssl ecparam -name prime256v1 -genkey -noout -outform DER -out private.key $ openssl asn1parse -inform DER -in private.key 0:d=0 hl=2 l= 119 cons: SEQUENCE 2:d=1 hl=2 l= 1 prim: INTEGER :01 5:d=1 hl=2 l= 32 prim: OCTET STRING [HEX DUMP]:  39:d=1 hl=2 l= 10 cons: cont [ 0 ] 41:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 51:d=1 hl=2 l= 68 cons: cont [ 1 ] 53:d=2 hl=2 l= 66 prim: BIT STRING 

所以，我想我的问题是

• 有什么我想念的吗？
• 或者这是一个已知的错误？
• 反正有没有绕过它？

 private String getPrivateKeyAsHex(PrivateKey privateKey) { ECPrivateKey ecPrivateKey = (ECPrivateKey) privateKey; byte[] privateKeyBytes = new byte[PRIVATE_KEY_LENGTH]; writeToStream(privateKeyBytes, 0, ecPrivateKey.getS(), PRIVATE_KEY_LENGTH); String hex = Hex.toHexString(privateKeyBytes); logger.debug("Private key bytes: " + Arrays.toString(privateKeyBytes)); logger.debug("Private key hex: " + hex); return hex; } private String getPublicKeyAsHex(PublicKey publicKey) { ECPublicKey ecPublicKey = (ECPublicKey) publicKey; ECPoint ecPoint = ecPublicKey.getW(); byte[] publicKeyBytes = new byte[PUBLIC_KEY_LENGTH]; writeToStream(publicKeyBytes, 0, ecPoint.getAffineX(), PRIVATE_KEY_LENGTH); writeToStream(publicKeyBytes, PRIVATE_KEY_LENGTH, ecPoint.getAffineY(), PRIVATE_KEY_LENGTH); String hex = Hex.toHexString(publicKeyBytes); logger.debug("Public key bytes: " + Arrays.toString(publicKeyBytes)); logger.debug("Public key hex: " + hex); return hex; } private void writeToStream(byte[] stream, int start, BigInteger value, int size) { byte[] data = value.toByteArray(); int length = Math.min(size, data.length); int writeStart = start + size - length; int readStart = data.length - length; System.arraycopy(data, readStart, stream, writeStart, length); } 

• 如何使用Apache的POI以编程方式从Powerpoint演示文稿中读取图形值？
• 用于共享大型不可变对象的工厂/缓存策略

• 来自bouncycastle RSAKeyParameters的Publickey
• ColdFusion 10中的BouncyCastle库
• validation在Java中的golang中生成的rsa.SignPKCS1v15签名
• 如何将.der文件中的私钥加载到java私钥对象中
• 如何将PEM编码的椭圆曲线公钥加载到Bouncy Castle？
• 带有Bouncy Castle的256位AES / CBC / PKCS5Padding
• 使用轻量级API生成Bouncy Castle RSA密钥对
• 使用bouncycastle / spongycastle读取加密的私钥
• Java BC SicBlockCipher直接输出等效于c＃