EC Cryptography Tutorials - Herong's Tutorial Examples - v1.02, by Dr. Herong Yang
Java Program to Generate EC Keys
This section provides a tutorial example on how to write a Java program to generate EC private-public key pairs.
If you are a Java developer, you can also write a Java program to generate EC private-public key pairs.
Here is my sample Java program that uses java.security.* packages to private-public key pairs with EC or other cryptographic algorithms.
/* JavaKeyPair.java * Copyright (c) HerongYang.com. All Rights Reserved. */ import java.io.*; import java.math.*; import java.security.*; import java.security.interfaces.*; class JavaKeyPair { public static void main(String[] a) { if (a.length<3) { System.out.println("Usage:"); System.out.println("java JavaKeyPair keySize output algorithm"); return; } int keySize = Integer.parseInt(a[0]); String output = a[1]; String algorithm = a[2]; // EC, RSA, DSA, ... try { getKeys(keySize,output,algorithm); } catch (Exception e) { System.out.println("Exception: "+e); return; } } private static void getKeys(int keySize, String output, String algorithm) throws Exception { KeyPairGenerator kg = KeyPairGenerator.getInstance(algorithm); kg.initialize(keySize); System.out.println(); System.out.println("KeyPairGenerator Object Info: "); System.out.println("Algorithm = "+kg.getAlgorithm()); System.out.println("Provider = "+kg.getProvider()); System.out.println("Key Size = "+keySize); System.out.println("toString = "+kg.toString()); KeyPair pair = kg.generateKeyPair(); PrivateKey priKey = pair.getPrivate(); PublicKey pubKey = pair.getPublic(); String fl = output+".pri"; FileOutputStream out = new FileOutputStream(fl); byte[] ky = priKey.getEncoded(); out.write(ky); out.close(); System.out.println(); System.out.println("Private Key Info: "); System.out.println("Algorithm = "+priKey.getAlgorithm()); System.out.println("Saved File = "+fl); System.out.println("Size = "+ky.length); System.out.println("Format = "+priKey.getFormat()); System.out.println("toString = "+priKey.toString()); fl = output+".pub"; out = new FileOutputStream(fl); ky = pubKey.getEncoded(); out.write(ky); out.close(); System.out.println(); System.out.println("Public Key Info: "); System.out.println("Algorithm = "+pubKey.getAlgorithm()); System.out.println("Saved File = "+fl); System.out.println("Size = "+ky.length); System.out.println("Format = "+pubKey.getFormat()); System.out.println("toString = "+pubKey.toString()); } }
Now let's try my sample program with different options.
1. Generate a 256-bit private-public key pairs. The output shows that Java picks the "secp256r1" curve.
herong> java JavaKeyPair 256 1st_ec EC KeyPairGenerator Object Info: Algorithm = EC Provider = SunEC version 17 Key Size = 256 toString = java.security.KeyPairGenerator$Delegate@6d5380c2 Private Key Info: Algorithm = EC Saved File = 1st_ec.pri Size = 67 Format = PKCS#8 toString = sun.security.ec.ECPrivateKeyImpl@3a0141b0 Public Key Info: Algorithm = EC Saved File = 1st_ec.pub Size = 91 Format = X.509 toString = Sun EC public key, 256 bits public x coord: 853346207140393763650036399724805522838088855041430... public y coord: 745481693560289876495239256879081829182273437238861... parameters: secp256r1 [NIST P-256,X9.62 prime256v1] (1.2.840.10045.3.1.7) herong> dir 67 1st_ec.pri 91 1st_ec.pub ...
2. Generate a longer private-public key pairs. The output shows that Java picks the "secp521r1" curve.
herong> java JavaKeyPair 521 2nd_ec EC KeyPairGenerator Object Info: Algorithm = ec Provider = SunEC version 17 Key Size = 521 toString = java.security.KeyPairGenerator$Delegate@5ef04b5 Private Key Info: Algorithm = EC Saved File = 2nd_ec.pri Size = 98 Format = PKCS#8 toString = sun.security.ec.ECPrivateKeyImpl@5b7f3667 Public Key Info: Algorithm = EC Saved File = 2nd_ec.pub Size = 158 Format = X.509 toString = Sun EC public key, 521 bits public x coord: 518836930523842718148489356314770664342986719875920... public y coord: 564229509192138801573886481648145012198584749459934... parameters: secp521r1 [NIST P-521] (1.3.132.0.35)
3. Generate a shorter private-public key pairs. Too bad, curve "secp192r1" is not supported.
herong> java JavaKeyPair 192 3rd_ec EC KeyPairGenerator Object Info: Algorithm = ec Provider = SunEC version 17 Key Size = 192 toString = java.security.KeyPairGenerator$Delegate@4459eb14 Exception: java.security.ProviderException: Curve not supported: secp192r1 [NIST P-192,X9.62 prime192v1] (1.2.840.10045.3.1.1)
Table of Contents
Geometric Introduction to Elliptic Curves
Algebraic Introduction to Elliptic Curves
Abelian Group and Elliptic Curves
Discrete Logarithm Problem (DLP)
Generators and Cyclic Subgroups
tinyec - Python Library for ECC
ECDH (Elliptic Curve Diffie-Hellman) Key Exchange
ECDSA (Elliptic Curve Digital Signature Algorithm)
ECES (Elliptic Curve Encryption Scheme)
"keytool -keyalg EC" - Generate EC Key Pair
"keytool -groupname ..." - Select Curve Name
►Java Program to Generate EC Keys