iaik.security.ec.common

Class EdPrivateKey

java.lang.Object

iaik.pkcs.pkcs8.PrivateKeyInfo

iaik.security.ec.common.AbstractECPrivateKey

iaik.security.ec.common.EdPrivateKey

All Implemented Interfaces:

iaik.asn1.ASN1Type, EdKey, Serializable, Cloneable, ECKey, ECPrivateKey, Key, PrivateKey, Destroyable

Direct Known Subclasses:

EdDSAPrivateKey

public class EdPrivateKey
extends AbstractECPrivateKey
implements EdKey

Representation of a public key for Ed algorithms. It is derived from PublicKeyInfo which makes it suitable for use in X.509 certificates.

Ed based algorithms use byte arrays as secret keys and extract secret scalars from this array. In the case of the ECDH variants, the scalar is directly extract from the array. For EdDSA, the seed is first expanded to an array twice the size, where the lower half is used to extract the secret scalar.

PKCS#8 [2] defines a syntax for encapsulating private key information:

 PrivateKeyInfo ::= SEQUENCE {
   version Version,
   privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
   privateKey PrivateKey,
   attributes [0] Attributes OPTIONAL
 }
 

For Ed private keys the syntax for the privateKey field is defined by [1]:

 PrivateKey ::= OCTET STRING
 

Note that [1] requires attributes to be absent.

References:

[1] Algorithm Identifiers for Ed25519, Ed448, X25519 and X448 for use in the Internet X.409 Public Key Infrastructure. S. Josefsson and J. Schaad. https://tools.ietf.org/html/draft-ietf-curdle-pkix-04

[2] An RSA Laboratories Technical Note. 1993. PKCS #8: Private-Key Information Syntax Standard v2.1

Author:

Sebastian Ramacher

See Also:

EdKey, EdPrivateKey, EdPublicKeySpec, X448KeyPairGenerator, X25519KeyPairGenerator, EdPrivateKeySpec, Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
protected byte[]	seed_

Fields inherited from class iaik.security.ec.common.AbstractECPrivateKey

encodedPrivateKey_, params_, s_, w_

Fields inherited from class iaik.pkcs.pkcs8.PrivateKeyInfo

private_key_algorithm

Fields inherited from interface java.security.interfaces.ECPrivateKey

serialVersionUID

Constructor Summary

Constructors

Constructor and Description
EdPrivateKey(byte[] encoded) Constructs a new EdPrivateKey from an encoded ASN.1 structure.
EdPrivateKey(EdParameterSpec params, byte[] s) Constructs a new EdPrivateKey from a set of curve parameters and a secret integer s.
EdPrivateKey(EdParameterSpec params, byte[] seed, BigInteger s, ECPoint publicKey) Creates a new private key with the specified parameters.
EdPrivateKey(EdPrivateKeySpec keySpec) Constructs a new EdPrivateKey from an IAIK EdPrivateKeySpec object.

Method Summary

Modifier and Type	Method and Description
protected ECPoint	computeOrGetW() Check if public point is set and return it.
static BigInteger	computeS(EdParameterSpec params, byte[] seed) Extract scalar from seed.
protected void	createEncodedPrivateKey() Creates the ASN.1 private key structure.
protected void	decode(byte[] privateKey)
protected void	finalize()
String	getAlgorithm()
int	getKeyLength() Returns the key length of this ECKey.
EdParameterSpec	getParams() Returns the domain parameters of the associated elliptic curve.
EdPublicKey	getPublicKey() Returns the corresponding AbstractECPublicKey.
byte[]	getSeed() Return the secret seed.
String	toString()

Methods inherited from class iaik.security.ec.common.AbstractECPrivateKey

encode, equals, getS, hashCode

Methods inherited from class iaik.pkcs.pkcs8.PrivateKeyInfo

clone, createPrivateKeyInfo, decode, getAlgorithmID, getAttributes, getEncoded, getFormat, getPrivateKey, getPrivateKey, getPrivateKey, getPrivateKey, getPrivateKey, getPrivateKey, getPubKey, setAttributes, setPubKey, toASN1Object, writeTo

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.security.Key

getEncoded, getFormat

Methods inherited from interface javax.security.auth.Destroyable

destroy, isDestroyed

Field Detail

seed_

protected transient byte[] seed_

Constructor Detail

EdPrivateKey

public EdPrivateKey(byte[] encoded)
             throws InvalidKeyException

Constructs a new EdPrivateKey from an encoded ASN.1 structure.

Parameters:

encoded - the byte[] holding the ASN.1 structure

Throws:

InvalidKeyException - thrown if the given encoded key could not be decoded

EdPrivateKey

public EdPrivateKey(EdPrivateKeySpec keySpec)

Constructs a new EdPrivateKey from an IAIK EdPrivateKeySpec object.

Parameters:

keySpec - the private key spec

EdPrivateKey

public EdPrivateKey(EdParameterSpec params,
                    byte[] s)

Constructs a new EdPrivateKey from a set of curve parameters and a secret integer s.

Parameters:

params - the curve parameters

s - the private key

EdPrivateKey

public EdPrivateKey(EdParameterSpec params,
                    byte[] seed,
                    BigInteger s,
                    ECPoint publicKey)

Creates a new private key with the specified parameters.

Parameters:

params - the domain parameters

seed - the private key

s - the private scalar

publicKey - the corresponding public key (may be null)

Method Detail

getSeed

public byte[] getSeed()

Return the secret seed.

Returns:

secret seed

decode

protected void decode(byte[] privateKey)
               throws InvalidKeyException

Specified by:

decode in class iaik.pkcs.pkcs8.PrivateKeyInfo

Throws:

InvalidKeyException

createEncodedPrivateKey

protected void createEncodedPrivateKey()

Description copied from class: AbstractECPrivateKey

Creates the ASN.1 private key structure.

Specified by:

createEncodedPrivateKey in class AbstractECPrivateKey

computeS

public static BigInteger computeS(EdParameterSpec params,
                                  byte[] seed)

Extract scalar from seed.

Parameters:

params - domain parameters

seed - seed

Returns:

scalar

finalize

protected void finalize()
                 throws Throwable

Overrides:

finalize in class AbstractECPrivateKey

Throws:

Throwable

getKeyLength

public int getKeyLength()

Description copied from interface: ECKey

Returns the key length of this ECKey.

Returns:

the key length in bits

getPublicKey

public EdPublicKey getPublicKey()

Description copied from class: AbstractECPrivateKey

Returns the corresponding AbstractECPublicKey.

Specified by:

getPublicKey in class AbstractECPrivateKey

Returns:

the corresponding AbstractECPublicKey

getParams

public EdParameterSpec getParams()

Description copied from interface: ECKey

Returns the domain parameters of the associated elliptic curve.

Specified by:

getParams in interface EdKey

Specified by:

getParams in interface ECKey

Overrides:

getParams in class AbstractECPrivateKey

Returns:

the curve domain parameters

getAlgorithm

public String getAlgorithm()

Specified by:

getAlgorithm in interface Key

Specified by:

getAlgorithm in class iaik.pkcs.pkcs8.PrivateKeyInfo

toString

public String toString()

Overrides:

toString in class iaik.pkcs.pkcs8.PrivateKeyInfo

computeOrGetW

protected ECPoint computeOrGetW()

Check if public point is set and return it. If not, re-compute it.

Returns:

the public point