com.arxanfintech.common.crypto.core

类 ECKey

java.lang.Object

com.arxanfintech.common.crypto.core.ECKey

所有已实现的接口:

java.io.Serializable

public class ECKey
extends java.lang.Object
implements java.io.Serializable

另请参阅:

序列化表格

嵌套类概要

嵌套类

限定符和类型	类和说明
static class	ECKey.ECDSASignature
static class	ECKey.MissingPrivateKeyException

字段概要

字段

限定符和类型	字段和说明
static org.spongycastle.crypto.params.ECDomainParameters	CURVE The parameters of the secp256k1 curve.
static org.spongycastle.jce.spec.ECParameterSpec	CURVE_SPEC
static java.math.BigInteger	HALF_CURVE_ORDER Equal to CURVE.getN().shiftRight(1), used for canonicalising the S value of a signature.
protected org.spongycastle.math.ec.ECPoint	pub

构造器概要

构造器

构造器和说明
ECKey() Generates an entirely new keypair.
ECKey(java.math.BigInteger priv, org.spongycastle.math.ec.ECPoint pub) Pair a private key integer with a public EC point BouncyCastle will be used as the Java Security Provider
ECKey(java.security.Provider provider, java.security.PrivateKey privKey, org.spongycastle.math.ec.ECPoint pub) Pair a private key with a public EC point.
ECKey(java.security.Provider provider, java.security.SecureRandom secureRandom) Generate a new keypair using the given Java Security Provider.
ECKey(java.security.SecureRandom secureRandom) Generates an entirely new keypair with the given SecureRandom object.

方法概要

限定符和类型	方法和说明
ECKey	compress() 已过时。 per-point compression property will be removed in Bouncy Castle
static org.spongycastle.math.ec.ECPoint	compressPoint(org.spongycastle.math.ec.ECPoint uncompressed) 已过时。 per-point compression property will be removed in Bouncy Castle
static byte[]	computeAddress(byte[] pubBytes) Compute an address from an encoded public key.
static byte[]	computeAddress(org.spongycastle.math.ec.ECPoint pubPoint) Compute an address from a public point.
ECKey	decompress() 已过时。 per-point compression property will be removed in Bouncy Castle
static org.spongycastle.math.ec.ECPoint	decompressPoint(org.spongycastle.math.ec.ECPoint compressed) 已过时。 per-point compression property will be removed in Bouncy Castle
byte[]	decryptAES(byte[] cipher) 已过时。 should not use EC private scalar value as an AES key
ECKey.ECDSASignature	doSign(byte[] input) Signs the given hash and returns the R and S components as BigIntegers and put them in ECDSASignature
boolean	equals(java.lang.Object o)
static org.spongycastle.math.ec.ECPoint	extractPublicKey(java.security.interfaces.ECPublicKey ecPublicKey)
static ECKey	fromNodeId(byte[] nodeId) Recover the public key from an encoded node id.
static ECKey	fromPrivate(java.math.BigInteger privKey) Creates an ECKey given the private key only.
static ECKey	fromPrivate(byte[] privKeyBytes) Creates an ECKey given the private key only.
static ECKey	fromPrivateAndPrecalculatedPublic(java.math.BigInteger priv, org.spongycastle.math.ec.ECPoint pub) Creates an ECKey that simply trusts the caller to ensure that point is really the result of multiplying the generator point by the private key.
static ECKey	fromPrivateAndPrecalculatedPublic(byte[] priv, byte[] pub) Creates an ECKey that simply trusts the caller to ensure that point is really the result of multiplying the generator point by the private key.
static ECKey	fromPublicOnly(byte[] pub) Creates an ECKey that cannot be used for signing, only verifying signatures, from the given encoded point.
static ECKey	fromPublicOnly(org.spongycastle.math.ec.ECPoint pub) Creates an ECKey that cannot be used for signing, only verifying signatures, from the given point.
byte[]	getAddress() Gets the address form of the public key.
byte[]	getNodeId() Generates the NodeID based on this key, that is the public key without first format byte
java.math.BigInteger	getPrivKey() Gets the private key in the form of an integer field element.
byte[]	getPrivKeyBytes() Returns a 32 byte array containing the private key, or null if the key is encrypted or public only
byte[]	getPubKey() Gets the encoded public key value.
org.spongycastle.math.ec.ECPoint	getPubKeyPoint() Gets the public key in the form of an elliptic curve point object from Bouncy Castle.
int	hashCode()
boolean	hasPrivKey() Returns true if this key has access to private key bytes.
boolean	isCompressed() Returns whether this key is using the compressed form or not.
boolean	isPubKeyCanonical() Returns true if this pubkey is canonical, i.e. the correct length taking into account compression.
static boolean	isPubKeyCanonical(byte[] pubkey) Returns true if the given pubkey is canonical, i.e. the correct length taking into account compression.
boolean	isPubKeyOnly() Returns true if this key doesn't have access to private key bytes.
java.math.BigInteger	keyAgreement(org.spongycastle.math.ec.ECPoint otherParty)
static byte[]	pubBytesWithoutFormat(org.spongycastle.math.ec.ECPoint pubPoint) Compute the encoded X, Y coordinates of a public point.
static byte[]	publicKeyFromPrivate(java.math.BigInteger privKey, boolean compressed) Returns public key bytes from the given private key.
static byte[]	recoverAddressFromSignature(int recId, ECKey.ECDSASignature sig, byte[] messageHash)
static ECKey	recoverFromSignature(int recId, ECKey.ECDSASignature sig, byte[] messageHash)
static byte[]	recoverPubBytesFromSignature(int recId, ECKey.ECDSASignature sig, byte[] messageHash) Given the components of a signature and a selector value, recover and return the public key that generated the signature according to the algorithm in SEC1v2 section 4.1.6.
ECKey.ECDSASignature	sign(byte[] messageHash) Takes the keccak hash (32 bytes) of data and returns the ECDSA signature
static byte[]	signatureToAddress(byte[] messageHash, ECKey.ECDSASignature sig) Compute the address of the key that signed the given signature.
static byte[]	signatureToAddress(byte[] messageHash, java.lang.String signatureBase64) Compute the address of the key that signed the given signature.
static ECKey	signatureToKey(byte[] messageHash, ECKey.ECDSASignature sig) Compute the key that signed the given signature.
static ECKey	signatureToKey(byte[] messageHash, java.lang.String signatureBase64) Compute the key that signed the given signature.
static byte[]	signatureToKeyBytes(byte[] messageHash, ECKey.ECDSASignature sig)
static byte[]	signatureToKeyBytes(byte[] messageHash, java.lang.String signatureBase64) Given a piece of text and a message signature encoded in base64, returns an ECKey containing the public key that was used to sign it.
java.lang.String	toString()
java.lang.String	toStringWithPrivate() Produce a string rendering of the ECKey INCLUDING the private key.
boolean	verify(byte[] data, byte[] signature) Verifies the given ASN.1 encoded ECDSA signature against a hash using the public key.
static boolean	verify(byte[] data, byte[] signature, byte[] pub) Verifies the given ASN.1 encoded ECDSA signature against a hash using the public key.
boolean	verify(byte[] sigHash, ECKey.ECDSASignature signature) Verifies the given R/S pair (signature) against a hash using the public key.
static boolean	verify(byte[] data, ECKey.ECDSASignature signature, byte[] pub) Verifies the given ECDSA signature against the message bytes using the public key bytes.

从类继承的方法 java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

字段详细资料

CURVE

public static final org.spongycastle.crypto.params.ECDomainParameters CURVE

The parameters of the secp256k1 curve.

CURVE_SPEC

public static final org.spongycastle.jce.spec.ECParameterSpec CURVE_SPEC

HALF_CURVE_ORDER

public static final java.math.BigInteger HALF_CURVE_ORDER

Equal to CURVE.getN().shiftRight(1), used for canonicalising the S value of a signature. ECDSA signatures are mutable in the sense that for a given (R, S) pair, then both (R, S) and (R, N - S mod N) are valid signatures. Canonical signatures are those where 1 - S - N/2 See https://github.com/bitcoin/bips/blob/master/bip-0062.mediawiki#Low_S_values_in_signatures

pub

protected final org.spongycastle.math.ec.ECPoint pub

构造器详细资料

ECKey

public ECKey()

Generates an entirely new keypair. BouncyCastle will be used as the Java Security Provider

ECKey

public ECKey(java.security.Provider provider,
             java.security.SecureRandom secureRandom)

Generate a new keypair using the given Java Security Provider. All private key operations will use the provider.

参数:

provider - provider

secureRandom - secureRandom

ECKey

public ECKey(java.security.SecureRandom secureRandom)

Generates an entirely new keypair with the given SecureRandom object. BouncyCastle will be used as the Java Security Provider

参数:

secureRandom - -

ECKey

public ECKey(java.security.Provider provider,
             java.security.PrivateKey privKey,
             org.spongycastle.math.ec.ECPoint pub)

Pair a private key with a public EC point. All private key operations will use the provider.

参数:

provider - provider

privKey - privKey

pub - pub

ECKey

public ECKey(java.math.BigInteger priv,
             org.spongycastle.math.ec.ECPoint pub)

Pair a private key integer with a public EC point BouncyCastle will be used as the Java Security Provider

参数:

priv - privkey

pub - pubkey

方法详细资料

extractPublicKey

public static org.spongycastle.math.ec.ECPoint extractPublicKey(java.security.interfaces.ECPublicKey ecPublicKey)

compressPoint

public static org.spongycastle.math.ec.ECPoint compressPoint(org.spongycastle.math.ec.ECPoint uncompressed)

已过时。 per-point compression property will be removed in Bouncy Castle

Utility for compressing an elliptic curve point. Returns the same point if it's already compressed. See the ECKey class docs for a discussion of point compression.

参数:

uncompressed - -

返回:

-

decompressPoint

public static org.spongycastle.math.ec.ECPoint decompressPoint(org.spongycastle.math.ec.ECPoint compressed)

已过时。 per-point compression property will be removed in Bouncy Castle

Utility for decompressing an elliptic curve point. Returns the same point if it's already compressed. See the ECKey class docs for a discussion of point compression.

参数:

compressed - -

返回:

-

fromPrivate

public static ECKey fromPrivate(java.math.BigInteger privKey)

Creates an ECKey given the private key only.

参数:

privKey - -

返回:

-

fromPrivate

public static ECKey fromPrivate(byte[] privKeyBytes)

Creates an ECKey given the private key only.

参数:

privKeyBytes - -

返回:

-

fromPrivateAndPrecalculatedPublic

public static ECKey fromPrivateAndPrecalculatedPublic(java.math.BigInteger priv,
                                                      org.spongycastle.math.ec.ECPoint pub)

Creates an ECKey that simply trusts the caller to ensure that point is really the result of multiplying the generator point by the private key. This is used to speed things up when you know you have the right values already. The compression state of pub will be preserved.

参数:

priv - -

pub - -

返回:

-

fromPrivateAndPrecalculatedPublic

public static ECKey fromPrivateAndPrecalculatedPublic(byte[] priv,
                                                      byte[] pub)

Creates an ECKey that simply trusts the caller to ensure that point is really the result of multiplying the generator point by the private key. This is used to speed things up when you know you have the right values already. The compression state of the point will be preserved.

参数:

priv - -

pub - -

返回:

-

fromPublicOnly

public static ECKey fromPublicOnly(org.spongycastle.math.ec.ECPoint pub)

Creates an ECKey that cannot be used for signing, only verifying signatures, from the given point. The compression state of pub will be preserved.

参数:

pub - -

返回:

-

fromPublicOnly

public static ECKey fromPublicOnly(byte[] pub)

Creates an ECKey that cannot be used for signing, only verifying signatures, from the given encoded point. The compression state of pub will be preserved.

参数:

pub - -

返回:

-

decompress

public ECKey decompress()

已过时。 per-point compression property will be removed in Bouncy Castle

Returns a copy of this key, but with the public point represented in uncompressed form. Normally you would never need this: it's for specialised scenarios or when backwards compatibility in encoded form is necessary.

返回:

-

compress

public ECKey compress()

已过时。 per-point compression property will be removed in Bouncy Castle

返回:

-

isPubKeyOnly

public boolean isPubKeyOnly()

Returns true if this key doesn't have access to private key bytes. This may be because it was never given any private key bytes to begin with (a watching key).

返回:

-

hasPrivKey

public boolean hasPrivKey()

Returns true if this key has access to private key bytes. Does the opposite of isPubKeyOnly().

返回:

-

publicKeyFromPrivate

public static byte[] publicKeyFromPrivate(java.math.BigInteger privKey,
                                          boolean compressed)

Returns public key bytes from the given private key. To convert a byte array into a BigInteger, use new BigInteger(1, bytes);

参数:

privKey - -

compressed - -

返回:

-

computeAddress

public static byte[] computeAddress(byte[] pubBytes)

Compute an address from an encoded public key.

参数:

pubBytes - an encoded (uncompressed) public key

返回:

20-byte address

computeAddress

public static byte[] computeAddress(org.spongycastle.math.ec.ECPoint pubPoint)

Compute an address from a public point.

参数:

pubPoint - a public point

返回:

20-byte address

getAddress

public byte[] getAddress()

Gets the address form of the public key.

返回:

20-byte address

pubBytesWithoutFormat

public static byte[] pubBytesWithoutFormat(org.spongycastle.math.ec.ECPoint pubPoint)

Compute the encoded X, Y coordinates of a public point. This is the encoded public key without the leading byte.

参数:

pubPoint - a public point

返回:

64-byte X,Y point pair

getNodeId

public byte[] getNodeId()

Generates the NodeID based on this key, that is the public key without first format byte

返回:

nodeid byte[] data

fromNodeId

public static ECKey fromNodeId(byte[] nodeId)

Recover the public key from an encoded node id.

参数:

nodeId - a 64-byte X,Y point pair

返回:

ECKey

getPubKey

public byte[] getPubKey()

Gets the encoded public key value.

返回:

65-byte encoded public key

getPubKeyPoint

public org.spongycastle.math.ec.ECPoint getPubKeyPoint()

Gets the public key in the form of an elliptic curve point object from Bouncy Castle.

返回:

-

getPrivKey

public java.math.BigInteger getPrivKey()

Gets the private key in the form of an integer field element. The public key is derived by performing EC point addition this number of times (i.e. point multiplying).

返回:

-

抛出:

java.lang.IllegalStateException - if the private key bytes are not available.

isCompressed

public boolean isCompressed()

Returns whether this key is using the compressed form or not. Compressed pubkeys are only 33 bytes, not 64.

返回:

-

toString

public java.lang.String toString()

覆盖:

toString 在类中 java.lang.Object

toStringWithPrivate

public java.lang.String toStringWithPrivate()

Produce a string rendering of the ECKey INCLUDING the private key. Unless you absolutely need the private key it is better for security reasons to just use toString().

返回:

-

doSign

public ECKey.ECDSASignature doSign(byte[] input)

Signs the given hash and returns the R and S components as BigIntegers and put them in ECDSASignature

参数:

input - to sign

返回:

ECDSASignature signature that contains the R and S components

sign

public ECKey.ECDSASignature sign(byte[] messageHash)

Takes the keccak hash (32 bytes) of data and returns the ECDSA signature

参数:

messageHash - -

返回:

-

抛出:

java.lang.IllegalStateException - if this ECKey does not have the private part.

signatureToKeyBytes

public static byte[] signatureToKeyBytes(byte[] messageHash,
                                         java.lang.String signatureBase64)
                                  throws java.security.SignatureException

Given a piece of text and a message signature encoded in base64, returns an ECKey containing the public key that was used to sign it. This can then be compared to the expected public key to determine if the signature was correct.

参数:

messageHash - a piece of human readable text that was signed

signatureBase64 - The message signature in base64

返回:

-

抛出:

java.security.SignatureException - If the public key could not be recovered or if there was a signature format error.

signatureToKeyBytes

public static byte[] signatureToKeyBytes(byte[] messageHash,
                                         ECKey.ECDSASignature sig)
                                  throws java.security.SignatureException

抛出:

java.security.SignatureException

signatureToAddress

public static byte[] signatureToAddress(byte[] messageHash,
                                        java.lang.String signatureBase64)
                                 throws java.security.SignatureException

Compute the address of the key that signed the given signature.

参数:

messageHash - 32-byte hash of message

signatureBase64 - Base-64 encoded signature

返回:

20-byte address

抛出:

java.security.SignatureException - SignatureException

signatureToAddress

public static byte[] signatureToAddress(byte[] messageHash,
                                        ECKey.ECDSASignature sig)
                                 throws java.security.SignatureException

Compute the address of the key that signed the given signature.

参数:

messageHash - 32-byte hash of message

sig - -

返回:

20-byte address

抛出:

java.security.SignatureException - SignatureException

signatureToKey

public static ECKey signatureToKey(byte[] messageHash,
                                   java.lang.String signatureBase64)
                            throws java.security.SignatureException

Compute the key that signed the given signature.

参数:

messageHash - 32-byte hash of message

signatureBase64 - Base-64 encoded signature

返回:

ECKey

抛出:

java.security.SignatureException - SignatureException

signatureToKey

public static ECKey signatureToKey(byte[] messageHash,
                                   ECKey.ECDSASignature sig)
                            throws java.security.SignatureException

Compute the key that signed the given signature.

参数:

messageHash - 32-byte hash of message

sig - sig

返回:

ECKey

抛出:

java.security.SignatureException - SignatureException

keyAgreement

public java.math.BigInteger keyAgreement(org.spongycastle.math.ec.ECPoint otherParty)

decryptAES

public byte[] decryptAES(byte[] cipher)

已过时。 should not use EC private scalar value as an AES key

Decrypt cipher by AES in SIC(also know as CTR) mode

参数:

cipher - -proper cipher

返回:

decrypted cipher, equal length to the cipher.

verify

public static boolean verify(byte[] data,
                             ECKey.ECDSASignature signature,
                             byte[] pub)

Verifies the given ECDSA signature against the message bytes using the public key bytes.

When using native ECDSA verification, data must be 32 bytes, and no element may be larger than 520 bytes.

参数:

data - Hash of the data to verify.

signature - signature.

pub - The public key bytes to use.

返回:

-

verify

public static boolean verify(byte[] data,
                             byte[] signature,
                             byte[] pub)

Verifies the given ASN.1 encoded ECDSA signature against a hash using the public key.

参数:

data - Hash of the data to verify.

signature - signature.

pub - The public key bytes to use.

返回:

-

verify

public boolean verify(byte[] data,
                      byte[] signature)

Verifies the given ASN.1 encoded ECDSA signature against a hash using the public key.

参数:

data - Hash of the data to verify.

signature - signature.

返回:

-

verify

public boolean verify(byte[] sigHash,
                      ECKey.ECDSASignature signature)

Verifies the given R/S pair (signature) against a hash using the public key.

参数:

sigHash - -

signature - -

返回:

-

isPubKeyCanonical

public boolean isPubKeyCanonical()

Returns true if this pubkey is canonical, i.e. the correct length taking into account compression.

返回:

-

isPubKeyCanonical

public static boolean isPubKeyCanonical(byte[] pubkey)

Returns true if the given pubkey is canonical, i.e. the correct length taking into account compression.

参数:

pubkey - -

返回:

-

recoverPubBytesFromSignature

public static byte[] recoverPubBytesFromSignature(int recId,
                                                  ECKey.ECDSASignature sig,
                                                  byte[] messageHash)

Given the components of a signature and a selector value, recover and return the public key that generated the signature according to the algorithm in SEC1v2 section 4.1.6.

The recId is an index from 0 to 3 which indicates which of the 4 possible keys is the correct one. Because the key recovery operation yields multiple potential keys, the correct key must either be stored alongside the signature, or you must be willing to try each recId in turn until you find one that outputs the key you are expecting.

If this method returns null it means recovery was not possible and recId should be iterated.

Given the above two points, a correct usage of this method is inside a for loop from 0 to 3, and if the output is null OR a key that is not the one you expect, you try again with the next recId.

参数:

recId - Which possible key to recover.

sig - the R and S components of the signature, wrapped.

messageHash - Hash of the data that was signed.

返回:

65-byte encoded public key

recoverAddressFromSignature

public static byte[] recoverAddressFromSignature(int recId,
                                                 ECKey.ECDSASignature sig,
                                                 byte[] messageHash)

参数:

recId - Which possible key to recover.

sig - the R and S components of the signature, wrapped.

messageHash - Hash of the data that was signed.

返回:

20-byte address

recoverFromSignature

public static ECKey recoverFromSignature(int recId,
                                         ECKey.ECDSASignature sig,
                                         byte[] messageHash)

参数:

recId - Which possible key to recover.

sig - the R and S components of the signature, wrapped.

messageHash - Hash of the data that was signed.

返回:

ECKey

getPrivKeyBytes

public byte[] getPrivKeyBytes()

Returns a 32 byte array containing the private key, or null if the key is encrypted or public only

返回:

-

equals

public boolean equals(java.lang.Object o)

覆盖:

equals 在类中 java.lang.Object

hashCode

public int hashCode()

覆盖:

hashCode 在类中 java.lang.Object