ECPrivateKey (ECCelerate 6.2 API)

java.lang.Object
- iaik.pkcs.pkcs8.PrivateKeyInfo
- - iaik.security.ec.common.AbstractECPrivateKey
  - - iaik.security.ec.common.ECPrivateKey

All Implemented Interfaces:

iaik.asn1.ASN1Type, Serializable, Cloneable, ECKey, ECPrivateKey, Key, PrivateKey, Destroyable
```
public final class ECPrivateKey
extends AbstractECPrivateKey
```
Representation of a private key for EC algorithms and implementation of the ECPrivateKey interface. It is derived from PrivateKeyInfo, which makes it suitable for use with PKCS#8.
PKCS#8 defines a syntax for encapsulating private key information:
```
 PrivateKeyInfo ::= SEQUENCE {
   version Version,
   privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
   privateKey PrivateKey
   attributes [0] IMPLICIT Attributes OPTIONAL }
 
```
For EC private keys the syntax for the privateKey field is defined by SEC1 [1]:
```
 ECPrivateKey ::= SEQUENCE {
   version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
   privateKey     OCTET STRING,
   parameters [0] ECDomainParameters {{ SECGCurveNames }} OPTIONAL,
   publicKey  [1] BIT STRING OPTIONAL
 }
 
```
and RFC 5915 [3]:
```
 ECPrivateKey ::= SEQUENCE {
   version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
   privateKey     OCTET STRING,
   parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
   publicKey  [1] BIT STRING OPTIONAL
 }
 
```
Both definitions are structurally equivalent; the parameters field may specify (by its ASN.1 object identifier) any elliptic curve supported by ECCelerate (e.g. as SEC 2 SECCurveName, or RFC 5480 NamedCurve). Although domain parameters shall be encoded by their curve oid, this implementation also supports full domain parameter encoding for interoperability reasons with other implementations.
According to the ASN.1 definition parameters is an optional field, however, RFC 5915 requires that parameters MUST be included in the ECPrivateKey structure. This may give some redundancy since the parameters are also included in the PKCS#8 PrivateKeyInfo privateKeyAlgorithm AlgorithmID. For interoperability reasons this implementation includes parameters in both the PKCS#8 privateKeyAlgorithm AlgorithmID and the ECPrivateKey parameters field.
As required the parameters are encoded as SECGCurveName/NamedCurve oid by default, however, if ECCelerate has been configured to not use OID parameter encoding, the parameters are encoded explicitly:
```
 ECParameterSpec.setDefaultOIDEncoding(true);
 
```
References:
[1] Certicom research. 2009. Standards for Efficient Cryptography - SEC 1: Elliptic Curve Cryptography v2.0
[2] Certicom research. 2000. Standards for Efficient Cryptography - SEC 2: Recommended elliptic curve domain parameters
[3] S. Turner (IECA), D. Brown (Certicom). 2010. RFC 5915: Elliptic Curve Private Key Structure
[4] S. Turner, D. Brown, K. Yiu, R. Housley, T. Polk. 2009. RFC 5480: Elliptic Curve Cryptography Subject Public Key Information
[5] An RSA Laboratories Technical Note. 1993. PKCS #8: Private-Key Information Syntax Standard v2.1
Author:

Christian Hanser, Sebastian Ramacher

See Also:

ECKeyPairGenerator, ECKey, ECPrivateKeySpec, ECPublicKey, ECPublicKeySpec, Serialized Form

Field Summary

Fields
Modifier and Type	Field and Description
`static iaik.asn1.INTEGER`	`EC_PRIVATE_KEY_VERSION` the version field in the ASN.1 encoding
`static iaik.asn1.ObjectID`	`OID` object identifier for the ASN.1 structure

Fields inherited from class iaik.security.ec.common.AbstractECPrivateKey
encodedPrivateKey_, params_, s_, w_

Fields inherited from class iaik.pkcs.pkcs8.PrivateKeyInfo
private_key_algorithm

Constructor Summary

Constructors
Constructor and Description
`ECPrivateKey(byte[] encoded)` Constructs a new `ECPrivateKey` from an encoded ASN.1 structure.
`ECPrivateKey(ECParameterSpec params, BigInteger s)` Constructs a new `ECPrivateKey` from a set of curve parameters and a secret integer `s`.
`ECPrivateKey(ECParameterSpec params, BigInteger s, ECPoint publicKey)` Creates a new private key with the specified parameters.
`ECPrivateKey(ECPrivateKey key)` Constructs a new `ECPrivateKey` from a JDK private key.
`ECPrivateKey(ECPrivateKeySpec key)` Constructs a new `ECPrivateKey` from a JDK `ECPrivateKeySpec` object.
`ECPrivateKey(ECPrivateKeySpec key)` Constructs a new `ECPrivateKey` from an IAIK `ECPrivateKeySpec` object.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected void`	`createEncodedPrivateKey()` Creates the ASN.1 private key structure following [1, Section C.4].
`protected void`	`decode(byte[] privateKey)` Decodes the DER encoded private key.
`String`	`getAlgorithm()`
`int`	`getKeyLength()` Returns the key length of this `ECKey`.
`ECPublicKey`	`getPublicKey()` Returns the corresponding `AbstractECPublicKey`.
`static ECPrivateKey`	`parse(byte[] privateKey)` This method parses an EC private key.
`String`	`toString()`

Methods inherited from class iaik.security.ec.common.AbstractECPrivateKey
encode, equals, finalize, getParams, getS, hashCode

Methods inherited from class iaik.pkcs.pkcs8.PrivateKeyInfo
clone, createPrivateKeyInfo, decode, getAlgorithmID, getAttributes, getEncoded, getFormat, getPrivateKey, getPrivateKey, getPrivateKey, getPrivateKey, getPrivateKey, getPrivateKey, getPubKey, setAttributes, setPubKey, toASN1Object, writeTo

Methods inherited from class java.lang.Object
getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.security.Key
getEncoded, getFormat

Methods inherited from interface javax.security.auth.Destroyable
destroy, isDestroyed

- Field Detail
  - EC_PRIVATE_KEY_VERSION
```
public static final iaik.asn1.INTEGER EC_PRIVATE_KEY_VERSION
```
    the version field in the ASN.1 encoding
  - OID
```
public static final iaik.asn1.ObjectID OID
```
    object identifier for the ASN.1 structure
- Constructor Detail
  - ECPrivateKey
```
public ECPrivateKey(byte[] encoded)
             throws InvalidKeyException
```
    Constructs a new ECPrivateKey from an encoded ASN.1 structure.
    
    Parameters:
    
    encoded - the byte[] holding the ASN.1 structure
    
    Throws:
    
    InvalidKeyException - thrown if the given encoded key could not be decoded
  - ECPrivateKey
```
public ECPrivateKey(ECPrivateKeySpec key)
             throws InvalidCurveParameterSpecException
```
    Constructs a new ECPrivateKey from a JDK ECPrivateKeySpec object.
    
    Parameters:
    
    key - the private key spec
    
    Throws:
    
    InvalidCurveParameterSpecException - if the associated curve parameters are not valid
  - ECPrivateKey
```
public ECPrivateKey(ECPrivateKey key)
             throws InvalidCurveParameterSpecException
```
    Constructs a new ECPrivateKey from a JDK private key.
    
    Parameters:
    
    key - the private key
    
    Throws:
    
    InvalidCurveParameterSpecException - if the associated curve parameters are not valid
  - ECPrivateKey
```
public ECPrivateKey(ECPrivateKeySpec key)
```
    Constructs a new ECPrivateKey from an IAIK ECPrivateKeySpec object.
    
    Parameters:
    
    key - the private key spec
  - ECPrivateKey
```
public ECPrivateKey(ECParameterSpec params,
                    BigInteger s)
```
    Constructs a new ECPrivateKey from a set of curve parameters and a secret integer s.
    
    Parameters:
    
    params - the curve parameters
    
    s - the private key
  - ECPrivateKey
```
public ECPrivateKey(ECParameterSpec params,
                    BigInteger s,
                    ECPoint publicKey)
```
    Creates a new private key with the specified parameters.
    
    Parameters:
    
    params - the domain parameters
    
    s - the private key
    
    publicKey - the corresponding public key (may be null)
- Method Detail
  - getAlgorithm
```
public String getAlgorithm()
```
    Specified by:
    
    getAlgorithm in interface Key
    
    Specified by:
    
    getAlgorithm in class iaik.pkcs.pkcs8.PrivateKeyInfo
  - parse
```
public static ECPrivateKey parse(byte[] privateKey)
                          throws InvalidKeyException
```
    This method parses an EC private key. The format must be ECPrivateKey as defined in [1] or [3]. The parameters field must be included.
    
    Parameters:
    
    privateKey - a "RAW" EC private key
    
    Returns:
    
    the private key
    
    Throws:
    
    InvalidKeyException - if the given key is not an EC private key, is not properly encoded or does not contain parameters
  - getKeyLength
```
public int getKeyLength()
```
    Description copied from interface: ECKey
    
    Returns the key length of this ECKey.
    
    Returns:
    
    the key length in bits
  - getPublicKey
```
public ECPublicKey getPublicKey()
```
    Description copied from class: AbstractECPrivateKey
    
    Returns the corresponding AbstractECPublicKey.
    
    Specified by:
    
    getPublicKey in class AbstractECPrivateKey
    
    Returns:
    
    the corresponding AbstractECPublicKey
  - toString
```
public String toString()
```
    Overrides:
    
    toString in class iaik.pkcs.pkcs8.PrivateKeyInfo
  - createEncodedPrivateKey
```
protected void createEncodedPrivateKey()
```
    Creates the ASN.1 private key structure following [1, Section C.4].
```
 ECPrivateKey ::= SEQUENCE {
   version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
   privateKey OCTET STRING,
   parameters [0] ECDomainParameters {{ SECGCurveNames }} OPTIONAL,
   publicKey [1] BIT STRING OPTIONAL
 }
 
```
    Specified by:
    
    createEncodedPrivateKey in class AbstractECPrivateKey
  - decode
```
protected void decode(byte[] privateKey)
               throws InvalidKeyException
```
    Decodes the DER encoded private key.
    
    Specified by:
    
    decode in class iaik.pkcs.pkcs8.PrivateKeyInfo
    
    Parameters:
    
    privateKey - the DER byte array.
    
    Throws:
    
    InvalidKeyException - if the provided key data is invalid.
    
    See Also:
    
    AbstractECPrivateKey.encode()

Class ECPrivateKey

Field Summary

Fields inherited from class iaik.security.ec.common.AbstractECPrivateKey

Fields inherited from class iaik.pkcs.pkcs8.PrivateKeyInfo

Constructor Summary

Method Summary

Methods inherited from class iaik.security.ec.common.AbstractECPrivateKey

Methods inherited from class iaik.pkcs.pkcs8.PrivateKeyInfo

Methods inherited from class java.lang.Object

Methods inherited from interface java.security.Key

Methods inherited from interface javax.security.auth.Destroyable

Field Detail

EC_PRIVATE_KEY_VERSION

OID

Constructor Detail

ECPrivateKey

ECPrivateKey

ECPrivateKey

ECPrivateKey

ECPrivateKey

ECPrivateKey

Method Detail

getAlgorithm

parse

getKeyLength

getPublicKey

toString

createEncodedPrivateKey

decode