JavacardOS will not accept order any more, please contact our partner Feitian online Store:
https://ftsafe.en.alibaba.com/index.html
https://ftsafe.en.alibaba.com/index.html
Get ECC Public key from Private key
-
- Posts: 3
- Joined: Thu Jun 28, 2018 5:28 am
- Points :58
- Contact:
Get ECC Public key from Private key
Hi,
I have a specific private key and I would like calculate it's public key. I'm using 3.0.4 OS and secp256k1 algorithm. Is there any built-in merhod for this?
I succesfully used the KeyPair and KeyBuilder class but it always uses randomly generated private keys.
I have a specific private key and I would like calculate it's public key. I'm using 3.0.4 OS and secp256k1 algorithm. Is there any built-in merhod for this?
I succesfully used the KeyPair and KeyBuilder class but it always uses randomly generated private keys.
Re: Get ECC Public key from Private key
In JavaCardAPI, the description of genKeyPair() is "For the EC case, if the Field, A, B, G and R parameters of the public key object are pre-initialized, then they will be retained. Otherwise default pre-specified values MAY be used (e.g. WAP predefined curves), since computation of random generic EC keys is infeasible on the smart card platform." It only assign parameters of key. It is nothing in public key...
Re: Get ECC Public key from Private key
public key = private key * base point
-
- Posts: 3
- Joined: Thu Jun 28, 2018 5:28 am
- Points :58
- Contact:
Re: Get ECC Public key from Private key
Thank you for the answers. I know the "public key = private key * base point" equation but I don't know whether I should do this multiplication or there is built-in methods for this? It's important because my implementation of EC operations might be vulnerable to side-channel attacks. (https://en.wikipedia.org/wiki/Side-channel_attack)
-
- Posts: 24
- Joined: Sun Aug 23, 2015 11:14 pm
- Points :420
- Contact:
Re: Get ECC Public key from Private key
first
the code like this
second
modify EC_KEY_generate_key with new EC_KEY_generate_key_by_prikey (EC_KEY *eckey, unsigned char *prikey, int prilen )
this function only change random prikey with input prikey
the code like this
Code: Select all
#define _P "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF"
#define _a "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC"
#define _b "28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93"
#define _n "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123"
#define _Gx "32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7"
#define _Gy "BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0"
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/ebcdic.h>
#include <openssl/ecdsa.h>
/* chinese Sm2 parameters y2 = x3 + ax + b curve */
#define _P "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF"
#define _a "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC"
#define _b "28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93"
#define _n "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123"
#define _Gx "32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7"
#define _Gy "BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0"
....
int sm2_gen_key(PSM2_KEY sm2key)
{
int ret = -1;
EC_KEY* key = NULL;
BN_CTX *ctx = NULL;
EC_GROUP* group = NULL;
EC_POINT* point_p = NULL;
const EC_POINT *point_q = NULL;
BIGNUM *p, *a, *b, *gx, *gy, *z;
assert(sm2key);
p = BN_new();
a = BN_new();
b = BN_new();
gx = BN_new();
gy = BN_new();
z = BN_new();
// init a NULL algoritim group
group = EC_GROUP_new(EC_GFp_mont_method());
// convert SM2 para with bignum
BN_hex2bn(&p, _P);
BN_hex2bn(&a, _a);
BN_hex2bn(&b, _b);
BN_hex2bn(&gx, _Gx);
BN_hex2bn(&gy, _Gy);
BN_hex2bn(&z, _n);
ctx = BN_CTX_new();
if (!EC_GROUP_set_curve_GFp(group, p, a, b,ctx))
{
goto err_process;
}
point_p = EC_POINT_new(group);
if (!EC_POINT_set_affine_coordinates_GFp(group, point_p, gx, gy, ctx))
{
goto err_process;
}
//// check p on curve
if (!EC_POINT_is_on_curve(group, point_p, ctx))
{
ret = -2;
goto err_process;
}
//base poing G
if(!EC_GROUP_set_generator(group, point_p, z, BN_value_one()))
{
ret = -3;
goto err_process;
}
// generate key
key = EC_KEY_new();
if (!EC_KEY_set_group(key, group))
{
ret = -4;
goto err_process;
}
if(!EC_KEY_generate_key(key))
{
ret = -5;
goto err_process;
}
printf("gen key success:\n the prv is %s\n",
BN_bn2hex(EC_KEY_get0_private_key(key)));
sm2key->prv_key.bytes = BN_bn2bin(EC_KEY_get0_private_key(key), sm2key->prv_key.k);
point_q = EC_KEY_get0_public_key(key);
if(!EC_POINT_get_affine_coordinates_GFp(group, point_q, gx, gy , NULL))
{
goto err_process;
}
sm2key->pub_key.bytes = BN_bn2bin(gx, sm2key->pub_key.x);
BN_bn2bin(gy, sm2key->pub_key.y);
ret = 0;
err_process:
if (point_p != NULL)
{
EC_POINT_free(point_p);
}
if (group != NULL)
{
EC_GROUP_free(group);
}
if (ctx != NULL)
{
BN_CTX_free(ctx);
}
if (key != NULL)
{
EC_KEY_free(key);
}
return ret;
}
second
modify EC_KEY_generate_key with new EC_KEY_generate_key_by_prikey (EC_KEY *eckey, unsigned char *prikey, int prilen )
this function only change random prikey with input prikey
Re: Get ECC Public key from Private key
Thank you for the answers. I know the "public key = private key * base point" equation but I don't know whether I should do this multiplication or there is built-in methods for this? It's important because my implementation of EC operations might be vulnerable to side-channel attacks. (https://en.wikipedia.org/wiki/Side-channel_attack)
Do you want protect signature from side-channel attacks with public key? How it work? In my impression, side-channel attacks is collect information and try to analyze your private key. How the public key resist side-channel attacks ?
-
- Posts: 3
- Joined: Thu Jun 28, 2018 5:28 am
- Points :58
- Contact:
Re: Get ECC Public key from Private key
As the public key is created using the private key, the executed instructions and branches can depend on the private key too. This way an attacker can guess the private key by analysing the power consumption of the device and deduce the executed instruction.
That's why I would prefer a built-in, certificated method for this.
That's why I would prefer a built-in, certificated method for this.
Re: Get ECC Public key from Private key
Maybe you can calculate public key when you set private key. In general, set private key must be in secure environment.
Who is online
Users browsing this forum: No registered users and 11 guests