Mapping problem of PKCS11 EC public key to BC PKCS10 object

Question

I have created EC key pair in HSM using PKCS11Interop library, and i need to create PKCS10 Certificate request using this keys. For generation of PKCS10 I use BC, and in this situation i need to set public key as a parameter for PKCS10 request. In BC i need to get public key as ECPublicKeyParameters for putting in PKCS10 object. I do not know how to map PKCS11 public key to ECPublicKeyParameters.

Or may be there is another method for this type mapping?

Thanks in advance!

Has the answer fixed your problem ? – Egl Nov 25 '19 at 14:55 — Egl, Nov 25 '19 at 14:55

score 0 · Answer 1 · answered Nov 22 '19 at 13:31

0

import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
import org.bouncycastle.crypto.util.PublicKeyFactory;

AsymmetricKeyParameter keyParameters = PublicKeyFactory.createKey(publicKey.getEncoded());
if (keyParameters instanceof ECPublicKeyParameters) {
    ECPublicKeyParameters ecPublicKeyParameters = (ECPublicKeyParameters) keyParameters;


}

answered Nov 22 '19 at 13:31

Egl

774
7
20

Thanks for your answer. Which attributes of pkcs11 public key must be used in yor code? I can get cka_ec_params, cka_ec_point from pkcs11 pub key. from these attributes how can i create a correct ecpublickeyparameters of BC? – Uzeyir Dec 03 '19 at 18:10
I thought you already had a PublicKey object from your key pair generation. This is the publicKey object in my code. That's all.The call to PublicKeyFactory.createKey() already generates the ECPublicKeyParameters object. – Egl Dec 30 '19 at 18:15

Mapping problem of PKCS11 EC public key to BC PKCS10 object

1 Answers1