ECDSA KEY PAIR

Hi,
does this output look ok? a lot of sequences, prefix and in the middle of the sequence repeat every generation.
thanks (output and partial code below)
pub: 3049301306072a8648ce3d020106082a8648ce3d030101033200046b4c88bb2a2b05ab1de3e91780a00849f2e2594fcfd5d9b139f5e0a836b4028ccfa4a83bc0f9e9d2a268a036d2844c49
priv:
3039020100301306072a8648ce3d020106082a8648ce3d030101041f301d02010104181158c20db4dd65855948a11cd73b2f8d4dbbcebddee029a7
pub: 3049301306072a8648ce3d020106082a8648ce3d030101033200045efbaecaa5cee746916a11beaf457c8b905814a8597521b4c47f0c9df4d9709e4f2a84f048012babacef109e5e8a54ec
priv:
303a020100301306072a8648ce3d020106082a8648ce3d0301010420301e020101041900f0f11adf664150a930f8bc6fe2e5fd5d534af124e9e9000f
code:
algorithm is input by the user, in this case "ECDSA".
                        // Gen. keys for ECDSA\other with FLEXIPROVIDER.
               KeyPairGenerator generate = KeyPairGenerator.getInstance(algorithm, "FlexiEC");
               // Obtain a specific set of EC domain parameters (curve parameters).
               CurveParams ecParams = new Prime192v1();
               generate.initialize(ecParams, new SecureRandom());
               KeyPair keyPair = generate.generateKeyPair();
               // Write keys to separate files.
               FileOutputStream pubFos = new FileOutputStream(publicKeyFile);
               pubFos.write(keyPair.getPublic().getEncoded());
               pubFos.close();
               System.out.println("pub: " + ByteUtils.toHexString(keyPair.getPublic().getEncoded()));
               FileOutputStream privFos = new FileOutputStream(privateKeyFile);
               privFos.write(keyPair.getPrivate().getEncoded());
               privFos.close();
               System.out.println("priv: " + ByteUtils.toHexString(keyPair.getPrivate().getEncoded()));Edited by: sk16 on Apr 17, 2010 4:33 PM

sk16 wrote:
its seems that nothing is being written to the files.. (: only to the screenHow are you determining this? The content won't look the same as you see on the screen because the the file is written in it's raw binary form without being hex encoded.
This does not look to a a cryptographic problem.

Similar Messages

  • PKCS#11 provider - ECDSA key pair generation on token

    Hello,
    I want to generate ECDSA key pair on HSM (nCipher's netHSM) using SunPKCS11 provider and Java 6.
    After generation for all supported curve names (e.g. secp256r1) I try to call getEncoding method from PublicKey object (keyPair.getPublic().getEncoded()) and
    I get RuntimeException
    caused by java.io.IOException: "Point does not match field size"
    at sun.security.ec.ECParameters.decodePoint(ECParameters.java:75)
    at sun.security.pkcs11.P11ECKeyFactory.decodePoint(P11ECKeyFactory.java:61)
    at sun.security.pkcs11.P11Key$P11ECPublicKey.fetchValues(P11Key.java:1002)
    Keys are accessible on HSM.
    Everything is well configured and works fine with RSA keys.
    Using IAIK PKCS#11 provider I got proper values. Is it any bug in SunPKCS11 provider?
    Regards,
    MarcinP

    I recently had a problem with ECDSA and the PKCS#11 library of nCipher. Here's info from one of their engineers about the PKCS11 library:
    "There are two separate issues - one is that our current pkcs11
    release doesn't support ECDSA signature with SHA-2 hashes
    (the v11.00 firmware adds support for it, but the main release version of
    the pkcs11 library hasn't been updated to take advantage of it yet).
    There is a hotfix version that does support SHA-2 hashes with some
    restrictions, talk to [email protected] for details, and V11.10
    should be out soon and have that merged in.
    But the issue with setting CKA_SIGN is that our underlying HSM API
    allows elliptic curve keys to be either key exchange (ECDH) or
    signature (ECDSA) keys, but not both at one.
    At the PKCS #11 level, if you specify CKA_DERIVE=true and let
    CKA_SIGN default, it will default to false, and vice versa.
    If you specify both CKA_DERIVE=true and CKA_SIGN=true, then we
    return CKR_TEMPLATE_INCONSISTENT because we can't do both with
    the same key. (However, the tests using C_GetMechanismInfo will
    show that we can do both mechanisms, because we can - so long
    as you use different keys, even though they have the same PKCS#11
    type.)
    I can't comment on when or how that will be changed."
    I was using the PKCS#11 library through NSS when I ran into the problem, but I imagine Java would run into similar problems also using the PKCS#11 library. I was able to generate keypairs but not create a CSR (which required making a signature, which required SHA-2).
    Can you just use the java classes to speak to the netHSM? I've never directly written code to do so myself, but I have used Corestreet's OCSP product that uses the java classes to speak to the nCipher HSMs (though not using EC). It might work better than going through the PKCS#11 layer. There should be a java directory under NFAST_HOME that contains some jars.
    Please post back if you figure anything out as I'll probably be playing with this stuff myself soon.
    Dave

  • SSL: How to use the same key pair for ABAP & JAVA?

    Hello,
    I want to setup an XI (3.0 on Netweaver04)installation in the way, that ABAP AS and JAVA AS use the same key pair for SSL. My problem is to define the same private key on ABAP and JAVA. With the JAVA Administrator I am able to define or import a private key. But I could not find a possibility in ABAP to manage private keys in order to use the same on as in JAVA. What is the procedure for this?
    Thanks and Regards,
    Frank Tottleben

    Hello,
    I want to setup an XI (3.0 on Netweaver04)installation in the way, that ABAP AS and JAVA AS use the same key pair for SSL. My problem is to define the same private key on ABAP and JAVA. With the JAVA Administrator I am able to define or import a private key. But I could not find a possibility in ABAP to manage private keys in order to use the same on as in JAVA. What is the procedure for this?
    Thanks and Regards,
    Frank Tottleben

  • I need help with Creating Key Pairs

    Hello,
    I need help with Creating Key Pairs, I generate key pais with aba provider, but the keys generated are not base 64.
    the class is :
    import java.io.*;
    import java.math.BigInteger;
    import java.security.*;
    import java.security.spec.*;
    import java.security.interfaces.*;
    import javax.crypto.*;
    import javax.crypto.spec.*;
    import au.net.aba.crypto.provider.ABAProvider;
    class CreateKeyPairs {
    private static KeyPair keyPair;
    private static KeyPairGenerator pairGenerator;
    private static PrivateKey privateKey;
    private static PublicKey publicKey;
    public static void main(String[] args) throws Exception {
    if (args.length != 2) {
    System.out.println("Usage: java CreateKeyParis public_key_file_name privete_key_file_name");
    return;
    createKeys();
    saveKey(args[0],publicKey);
    saveKey(args[1],privateKey);
    private static void createKeys() throws Exception {
    Security.addProvider(new ABAProvider());
    pairGenerator = KeyPairGenerator.getInstance("RSA","ABA");
    pairGenerator.initialize(1024, new SecureRandom());
    keyPair = pairGenerator.generateKeyPair();
    privateKey = keyPair.getPrivate();
    publicKey = keyPair.getPublic();
    private synchronized static void saveKey(String filename,PrivateKey key) throws Exception {
    ObjectOutputStream out= new ObjectOutputStream(new FileOutputStream(filename));
    out.writeObject(key);
    out.close();
    private synchronized static void saveKey(String filename,PublicKey key) throws Exception {
    ObjectOutputStream out= new ObjectOutputStream( new FileOutputStream(filename));
    out.writeObject(key);
    out.close();
    the public key is:
    �� sr com.sun.rsajca.JSA_RSAPublicKeyrC��� xr com.sun.rsajca.JS_PublicKey~5< ~��% L thePublicKeyt Lcom/sun/rsasign/p;xpsr com.sun.rsasign.anm����9�[ [ at [B[ bq ~ xr com.sun.rsasign.p��(!g�� L at Ljava/lang/String;[ bt [Ljava/lang/String;xr com.sun.rsasign.c�"dyU�|  xpt Javaur [Ljava.lang.String;��V��{G  xp   q ~ ur [B���T�  xp   ��ccR}o���[!#I����lo������
    ����^"`8�|���Z>������&
    d ����"B��
    ^5���a����jw9�����D���D�)�*3/h��7�|��I�d�$�4f�8_�|���yuq ~
    How i can generated the key pairs in base 64 or binary????
    Thanxs for help me
    Luis Navarro Nu�ez
    Santiago.
    Chile.
    South America.

    I don't use ABA but BouncyCastle
    this could help you :
    try
    java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    java.security.KeyPairGenerator kg = java.security.KeyPairGenerator.getInstance("RSA","BC");
    java.security.KeyPair kp = kg.generateKeyPair();
    java.security.Key pub = kp.getPublic();
    java.security.Key pri = kp.getPrivate();
    System.out.println("pub: " + pub);
    System.out.println("pri: " + pri);
    byte[] pub_e = pub.getEncoded();
    byte[] pri_e = pri.getEncoded();
    java.io.PrintWriter o;
    java.io.DataInputStream i;
    java.io.File f;
    o = new java.io.PrintWriter(new java.io.FileOutputStream("d:/pub64"));
    o.println(new sun.misc.BASE64Encoder().encode(pub_e));
    o.close();
    o = new java.io.PrintWriter(new java.io.FileOutputStream("d:/pri64"));
    o.println(new sun.misc.BASE64Encoder().encode(pri_e));
    o.close();
    java.io.BufferedReader br = new java.io.BufferedReader(new java.io.FileReader("d:/pub64"));
    StringBuffer keyBase64 = new StringBuffer();
    String line = br.readLine ();
    while(line != null)
    keyBase64.append (line);
    line = br.readLine ();
    byte [] pubBytes = new sun.misc.BASE64Decoder().decodeBuffer(keyBase64.toString ());
    br = new java.io.BufferedReader(new java.io.FileReader("d:/pri64"));
    keyBase64 = new StringBuffer();
    line = br.readLine ();
    while(line != null)
    keyBase64.append (line);
    line = br.readLine ();
    byte [] priBytes = new sun.misc.BASE64Decoder().decodeBuffer(keyBase64.toString ());
    java.security.KeyFactory kf = java.security.KeyFactory.getInstance("RSA","BC");
    java.security.Key pubKey = kf.generatePublic(new java.security.spec.X509EncodedKeySpec(pubBytes));
    System.out.println("pub: " + pubKey);
    java.security.Key priKey = kf.generatePrivate(new java.security.spec.PKCS8EncodedKeySpec(priBytes));
    System.out.println("pri: " + priKey);
    catch(Exception e)
    e.printStackTrace ();
    }

  • Is a Public/Private Key Pair possible in SAP?

    I have a web service that I would like to run as part of a nightly script. I currently use username/password authentication, but it is not acceptable to have them hard coded, due to Sarbanes-Oxley rules. SAP's site claims to support authentication with x.509 certificates, but is unclear on the implementation details. How could I go about setting up and using a public/private key pair in SAP?

    Not really a portal question, and maybe you'll get a better result in a security forum...
    However, briefly, yes, the AS Java supports X509 certificates as an authentication mechansm. You need to use Visual Admin to generate a server side certificate, then you need the client side to register its own X509 certificate and then in the Java user admin you need to associate the client certificate with a known user. Now when the client executes the web service call it can pass the certificate and the AS Java will back translate the certificate to a real username.

  • Bluetooth key pairing on x61s

    I got a Logitech DiNovo Edge keyboard, and I can't get it to work with the built in bluetooth in my x61s.
    When I search for bluetooth devices using my bluetooth tools, the keyboard pops up correctly. When I then connect to the keyboard, it prompts me for 7 random digits, which is a part of the keypairing process. The problem is:
    I can enter the 7 digits from my bluetooth keyboard, but when it's done, the keyboard disconnects again - as if I didn't enter them correctly.
    I have tried several times, and updated bluetooth drivers, but I can't get it to work.. Next I'm going to BIOS update.
    But it's strange, since I can both register the bluetooth device and type in numbers from it. It's simply the key pairing, which goes wrong.
    I hope someone can help me please!
    Message Edited by Ljorring on 12-17-2008 05:15 AM
    Solved!
    Go to Solution.

    I finally got it to work!!
    What I did was:
    1. Go to Start->Run->'Services.msc'
    2. Find 'Logitech Bluetooth Service'
    3. Start service and Turn on your Dinovo Edge Keyboard
    4. Now a guide should pop up, and the rest is piece of cake.
    I could not find help anywhere - I simply browsed the services without any clue at all. It's most furtunate, that the solution was in there...

  • Generating key pair on PKCS#11token and save it there

    Hello,
    again i'm completely lost in this PKCS11 jungle.
    What i want to do:
    Generating key pair on crypto pkcs11 token and store it there.
    In the moment i've tried eg:
    sun.security.pkcs11.SunPKCS11 p = new sun.security.pkcs11.SunPKCS11(configName);
    Security.addProvider(p);
    Builder builder = KeyStore.Builder.newInstance("PKCS11", p, new KeyStore.CallbackHandlerProtection(new UserInputDialog(new JDialog(),"test","test")));
    KeyStore ks = builder.getKeyStore();
    ks.load(null,null);
    KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA", p);
    gen.initialize(1024);
    KeyPair kp = gen.generateKeyPair();
               Here access to token works. The callback PIN dialog comes up and i can login.
    But i'm not sure whether the key are generated on this PKCS11. And they are not stored there.
    How i can generate keys are stored there.
    (like with keytool -genkeys ). In keytool case a certificate is stored.
    ... every little hint, also to some documentation i've not seen, is very welcome ...
    Thank You !
    Regards
    Thomas
    .

    First, you need to get a KeyStore representation of the PKCS#11 token with code similar to this, I'm using NSS as the PKCS#11 token in this example:
    Provider nss = new sun.security.pkcs11.SunPKCS11(configFile);
    Security.insertProviderAt(nss, 1);  //you may not want it at highest priority
    KeyStore ks = KeyStore.getInstance("PKCS11", nss);
    ks.load(null, password);From the testing I've done in the past with various tokens, when you generate an asymmetric keypair (e.g. RSA like you are) specifying the PKCS11 provider, it creates it right on the token automatically and code like below is not needed.
    To store the key in the keystore, use code similar to this, I'm using NSS again and storing a symmetric key:
    KeyGenerator kg = KeyGenerator.getInstance("DESede",nss);
    SecretKey tripleDesKey = kg.generateKey();
    KeyStore.SecretKeyEntry skEntry = new KeyStore.SecretKeyEntry(tripleDesKey);
    ks.setEntry(randAlias, skEntry, new KeyStore.PasswordProtection(password));

  • How to indetify key pair in Java?

    Hello
    I need only to know if some private and public key generating one key pair.
    I don't want to try it through encrypt/decrypt process and checking data.
    Thanks

    I have some private key and some public key and I need to detect if private key belongs to some public key. It shouldn't be possible to get into such a state in the first place. Key pairs should be stored in such a way that they are always together, e.g. in a java.security.KeyStore or an HSM, most probably associated with a Certificate.
    If true, then I can encrypt data by one of them and correctly decrypt by second.You can encrypt with the public key and decrypt with the private key.
    If false ,I will got incorrect data after decryption.No you won't, you'll get an exception.

  • Web Server 6.1 - How recovery Key Pair File Password

    I have installed Sun Web Sever 6.1, i am initialized Trust Database, then I generate Request a Certificate for verisign, then verisign send me the Certificate but when i tray install the certificate he say me invalid password, I dont remenber the Key Pair File Password who can recory Key Pair File Password?
    Please help me!

    Assuming that the security libraries are working the way they're supposed to, the password is not recoverable.
    Your best option, other than trying really hard to remember your password, is to delete the certificate and key databases and start over.

  • Can someone help me? Why i can not build RSA key pair

    i download the java_card_kit-2_2_01-win-gl.zip from sun's web site
    and i use the keypair class to build a RSA key pair
    but it always throws NO_SUCH_ALGORITHM excption.
    how can i build a key pair

    This has been covered a million times. There isn't any crypto implementation with Sun's kit. This is mentioned in the documentation.

  • [Security:090809]The key pair could not be retrieved

    Hi All,
    I have created the key pair successfully and then exported them to file and then imported to DemoTrust.jks also by those commands:
    keytool -genkeypair -alias wlpkey -keypass password -keyalg rsa -keysize 1024 -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase -dname "CN=Oracle Corp, OU=WLP, O=Oracle, L=Boulder, ST=CO, C=US"
    keytool -exportcert -alias wlpkey -keypass password -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase -file wckey.der
    keytool -importcert -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase -file wckey.der -alias wlpkey -keypass password
    I can see that my alias is present in DemoTrust.jks by this command:
    keytool -list -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase
    Now When I want to modify the SAML Security by creating a new Security Credential Mapping in weblogic admin console (Home >Security Realms >myrealm >Credential Mappings>PKI>New), I am getting following exceptions:
    +[Security:090809]The key pair could not be retrieved from the keystore with the supplied alias wlpkey and its password.+
    An error occurred while creating a security credential. Please check the log for more details.
    Can anyone point out anything to overcome this error?
    I am using WLP 10.3.4.
    I have tried this by creating the certificates from WLP_HOME/OFM_HOME and WLP_HOME/wlserver_10.3/server/lib also.
    What else can I try?
    Regards
    Jay
    Edited by: 902059 on Apr 6, 2012 2:14 AM

    The password that you have configured is incorrect and hence the error.
    [Security:090809]The key pair could not be retrieved from the keystore with the supplied alias wlpkey and its password.
    An error occurred while creating a security credential. Please check the log for more details.You need to give the password of the private key (that you have used while creating the key pair) in the PKI credential mapping configuration. The one highlighted below:
    keytool -genkeypair -alias wlpkey -keypass password -keyalg rsa -keysize 1024 -keystore DemoIdentity.jks -storepass DemoIdentityKeyStorePassPhrase -dname "CN=Oracle Corp, OU=WLP, O=Oracle, L=Boulder, ST=CO, C=US"Thanks,
    Patrick

  • ERROR While Configuring the SSL Key Pair SAP NW 7.3

    I am trying to create new key pair entry to use for SSL. I am getting weird error, after importing certificate response ssl-credential entry goes invalid.
    Below are list of step I carried prior getting error.
    1) Deleted existing Java key pair from existing view ICM_SSL_<Instance_ID>
    2) Generated new pair entry
    3) Generated certificate sign request.
    4) Sent to SAP CA at SAP Trust Center Service at service.sap.com/tcs.
    5) Import certificate request.
    And ssl-credential entry turns red , with error"This entry expired"
    Please see screenshot below

    I am trying to create new key pair entry to use for SSL. I am getting weird error, after importing certificate response ssl-credential entry goes invalid.
    Below are list of step I carried prior getting error.
    1) Deleted existing Java key pair from existing view ICM_SSL_<Instance_ID>
    2) Generated new pair entry
    3) Generated certificate sign request.
    4) Sent to SAP CA at SAP Trust Center Service at service.sap.com/tcs.
    5) Import certificate request.
    And ssl-credential entry turns red , with error"This entry expired"
    Please see screenshot below

  • Trying to generate secure rpc key pairs with java

    I see a couple of different classes that will generate public private key pairs in various algorithms for me but it doesn't appear that I can supply a pass phrase to use with these.
    I want to write java code that will create a NIS+ secureRPC key pair for me.
    thanks.

    See now this is a really good question. I don't have an answer, but I really like seeing these types of questions here

  • Can a link 5 usb key paired with hp's wireless elite keyboard?

    Hi, I have a link 5 wireless mouse and a old hp's wireless elite keyboard.  I don't know if they both use bluetooth or one is bluetootha and the other 2.4GHz or not.  But can a link 5 usb key paired with a hp's version 1 wireless keyboard?  If not, how can I get a wireless usb key for my hp wireless eilte keyboard?

    Hello,
    A Link 5 USB mouse can be used with some devices and HP has listed them at the following link:
    HP Link-5technology liberates USB ports
    HP also introduced new PCaccessories with HP’s exclusive Link-5 technology. Link-5 allows users to connect up to fiveHP-compatible PC accessories with one receiver, freeing up valuableUSB ports.
    There are no drivers orsoftware to install. Users simply press the ”Connect” button on aLink-5 device to pair it with their PC. The wireless receiver then“remembers” all paired devices, making Link-5 accessories ideal forthose using a PC in multiple settings such as the home, office orother mobile locations.
    Link-5 delivers reliableconnectivity using 2.4-GHz wireless technology and has anintelligent sleep mode to ensure the longest possible battery life.The latest Link-5 accessories lineup includes:
    HP Wireless Mini Keyboard: Just the right mobile companion fora tablet or entertainment PC, this full-featured keyboard islightweight and ultra-small in size.
    HP Wireless Ultrathin Wireless Keyboard: Offering a stylishlook and feel, this keyboard is durable, full-featured and a greatvalue.
    HP Wireless Elite v2 Keyboard: Featuring a sleek, ultra-slimdesign, this keyboard offers superb performance and comfort.
    HP Wireless Optical Comfort Mouse: Offering a comfortable,secure grip for use in the right or left hand, this mouse featuresan optical sensor with adjustable sensitivity that works on mostsurfaces.
    HP Wireless Laser Comfort Mouse: Using a laser sensor withadjustable sensitivity, this mouse delivers optimal performance andworks on most surfaces.
    HP Wireless Mobile Mouse: Designed for users who are on the go,this mouse delivers reliable wireless connectivity at a greatvalue.
    It is only mention v2 not v1, so not sure if it will work. You should not be able to buy a key, because each device is sold with their specific usb receiver, so the answer is, you cannot get one, except if you buy  a new part.
    Thanks,
    I work for HP! Please remember to provide and if this helped click ON

  • How to recover key pair from certificate

    Hello,
    I am trying to sign my MIDlet. I have followed the instruction below to create key pair and obtain a valid certificate from GeoTrust
    http://java.sun.com/j2me/docs/wtk2.2/docs/UserGuide-html/security.html
    Unfortunately, I deleted the key pairs which I used to create the certificate signing request. Is there anyway I can recover from that? Can I import the key pair from the certificate file? Do I really need the original key pair or I can generate another one?
    Please help
    Thanks
    ben

    Hello,
    I am trying to sign my MIDlet. I have followed the instruction below to create key pair and obtain a valid certificate from GeoTrust
    http://java.sun.com/j2me/docs/wtk2.2/docs/UserGuide-html/security.html
    Unfortunately, I deleted the key pairs which I used to create the certificate signing request. Is there anyway I can recover from that? Can I import the key pair from the certificate file? Do I really need the original key pair or I can generate another one?
    Please help
    Thanks
    ben

Maybe you are looking for

  • How to set charset in CFDocument

    I have problem with special character when outputting it to PDF using CFDocument. Special character in PDF Document turn into strange character. I placed <cfprocessingDirective pageEncoding="utf-8"> at top of the page where cfdocument exist already,

  • Does CCM require IPC in SRM 4.0?

    In SRM 4.0, will catalog still work for self-service procurement if IPC was not active?

  • After updating to Lion I can't send mail.

    I updated my computer and now I am not able to send any mail.  Help please.

  • My iphone 5s froze and turned off by itself. I can't turn it on.

    I was charging my 5s at my school. After it get fully charged, I immediately used it. After a while, my phone freezes and dies. I can't turn it on and I really need my 5s 'cause I just bought it a week ago. Will Apple replace the product? Please help

  • Curved/shaped frames

    Many recent programs( such as the Iomege CD RW interface) involved with multimedia interfaces present a GUI with curved edges - is this possible in Java?