0

My actual need is to generate a EC key pair (public & private key) and use it to mock the device authorization. Once the generated public key is used in one of our endpoints, I will receive an SMS TAN for which I will need to generate a signature and then use that signature to authorize the device mocking.

so far, manually, I was using https://kjur.github.io/jsrsasign/sample/sample-ecdsa.html to generate the EC key pair, sign message and verifying the signature. I am looking for any direct APIs so that I can do these via postman or jMeter without any manual interventions.

Karthik Ravindran
  • 1
  • 1

1 Answers1

0

For JMeter you can take the code sample from this answer and use it from the suitable JSR223 Test Element and Groovy language

Demo:

enter image description here

Code just in case you want to replicate the exercise:

import java.security.*;
import java.security.spec.ECGenParameterSpec;

KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");

keyGen.initialize(new ECGenParameterSpec("secp256r1"), new SecureRandom());

KeyPair pair = keyGen.generateKeyPair();
PrivateKey priv = pair.getPrivate();
PublicKey pub = pair.getPublic();

/*
 * Create a Signature object and initialize it with the private key
 */

Signature ecdsa = Signature.getInstance("SHA256withECDSA");

ecdsa.initSign(priv);

String str = "aaa";
byte[] strByte = str.getBytes("UTF-8");
ecdsa.update(strByte);

/*
 * Now that all the data to be signed has been read in, generate a
 * signature for it
 */

byte[] realSig = ecdsa.sign();
log.info("Signature: " + new BigInteger(1, realSig).toString(16));
Dmitri T
  • 159,985
  • 5
  • 83
  • 133
  • Thanks Dmitri. Is there any ways we could generate these in HEX format? I am able to generate the EC keys now but the problem is I would need it in HEX format. I tried converting the generated keys, but getting some errors – Karthik Ravindran Aug 17 '22 at 13:13