login about faq

Hi,

I am generating a EC DSA key pair using BouncyCastle and am sending the private key to an Android device so that it can sign data to submit to the server.

X9ECParameters p = NistNamedCurves.GetByName(SIG_ALGORTHIM);
ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
SecureRandom k = new SecureRandom();
g.Init(new ECKeyGenerationParameters(parameters, k));
AsymmetricCipherKeyPair pair = g.GenerateKeyPair();
ECPrivateKeyParameters kp = pair.Private as ECPrivateKeyParameters;
PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(pair.Private);            
return Core.Hex.Encode(privateKeyInfo.GetDerEncoded());

This will generate something like:

308202050201003081EC06072A8648CE3D02013081E0020101302C06072A8648CE3D0101022100FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF30440420FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC04205AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B0441046B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C2964FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5022100FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC6325510201010482010F3082010B02010104201093EF4D3D6822E4BF6FD27E5BABB3032F9053BBAA784524E18714852E317A46A081E33081E0020101302C06072A8648CE3D0101022100FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF30440420FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC04205AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B0441046B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C2964FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5022100FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551020101
When I try and use the key with CkDsa, VerifyKey fails with "q is not prime". If I try and sign anyway SignHash fails with "not a private key".

dsa.FromDer(bytes); // loads OK
dsa.VerifyKey(); // fails - see last error below

Any suggestions?

Many thanks.

ChilkatLog:
   VerifyKey:
     DllDate: Aug 20 2013
     ChilkatVersion: 9.4.1.42
     UnlockPrefix: Anything for 30-day trial
     Architecture: Little Endian; 32-bit
     Language: Android Java
     VerboseLogging: 0
     hcCurDate: Thu, 19 Dec 2013 15:53:17 +0000
     hcExpire: 11/2013
     Verifying key...
     q is not prime
     Failed.
   --VerifyKey
 --ChilkatLog

asked Dec 19 '13 at 11:06

culyerr's gravatar image

culyerr
1112

edited Dec 19 '13 at 11:07


By definition of DSA (Digital Signature Algorithm) standards, p and q need to be prime.

link

answered Dec 19 '13 at 15:40

chilkat's gravatar image

chilkat ♦♦
11.8k316358421

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×7
×5
×3

Asked: Dec 19 '13 at 11:06

Seen: 898 times

Last updated: Dec 19 '13 at 15:40

powered by OSQA