Java 从X509证书中提取ECPublicKey_Java_Public Key_Ecdsa

Java 从X509证书中提取ECPublicKey

java

Java 从X509证书中提取ECPublicKey,java,public-key,ecdsa,Java,Public Key,Ecdsa,使用Java从X509证书中提取ECPublicKey时遇到问题密钥和证书创建如下 ssh-keygen -t ecdsa -f id_ecdsa openssl pkcs8 -topk8 -in id_ecdsa -out id_ecdsa.p8 openssl req -new x509 -key id_ecdsa.p8 -out id_ecdsa.crt.der -outform der 用于从证书中提取公钥的代码为 FileInputStream fin = new FileInpu

使用Java从X509证书中提取ECPublicKey时遇到问题

密钥和证书创建如下

ssh-keygen -t ecdsa -f id_ecdsa
openssl pkcs8 -topk8 -in id_ecdsa -out id_ecdsa.p8
openssl req -new x509 -key id_ecdsa.p8 -out id_ecdsa.crt.der -outform der

用于从证书中提取公钥的代码为

FileInputStream fin = new FileInputStream("<path to id_ecdsa.crt.der>");
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate) cf.generateCertificate(fin);
PublicKey pk = cert.getPublicKey();

if (pk instanceof ECPublicKey) {
  ECPublicKey key = (ECPublicKey) pk;
  ...
} else if (pk instanceof RSAPublicKey) {
  RSAPublicKey key = (RSAPublicKey) pk;
  ...
}

FileInputStream fin=newfileinputstream（“”）；
CertificateFactory cf=CertificateFactory.getInstance（“X.509”）；
X509证书证书=（X509证书）cf.generateCertificate（fin）；
PublicKey pk=cert.getPublicKey（）；
if（ECPublicKey的主键实例）{
ECPublicKey=（ECPublicKey）主键；
...
}else if（RSAPublicKey的主键实例）{
RSAPublicKey key=（RSAPublicKey）主键；
...
}

对于包含RSA密钥的证书，一切正常。但是，如果使用ECDSA密钥，则忽略if（ECPublicKey的pk instanceof）块

调用pk.getAlgorithm（）将生成“EC”，这表明该密钥是ECDSA密钥

使用调试器检查pk会生成ECDSA的X509Key类型。对于RSA密钥，调试器将生成RSAPublicKeyImpl

N.B.java.security.*用作库

如果您能帮我解决问题，我将不胜感激。

我发现，添加Bouncy Castle作为提供商似乎已经解决了我的问题。JDK在默认情况下似乎没有安装EC支持

Security.addProvider(new BouncyCastleProvider());
CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");