stackoom
  简体   繁体   中英

how to convert AsymmetricKeyPair to base64 encoding string in dart

 原文  2022-06-16 06:53:57       dart/ cryptography/ pointycastle

Question

I'ma rookie in PointyCastle,how can I generate ecc base64 key pairs with PointyCastle in dart

AsymmetricKeyPair<PublicKey, PrivateKey> generateKeyPair({curve = 'secp256r1'}) {
    var param = curve == 'secp256r1' ? ECCurve_secp256r1() : ECCurve_secp256k1();
    var keyParams = ECKeyGeneratorParameters(param);

    var random = FortunaRandom();
    random.seed(KeyParameter(_seed()));

    var generator = ECKeyGenerator();
    generator.init(ParametersWithRandom(keyParams, random));

    return generator.generateKeyPair();
}
Uint8List _seed() {
    var random = Random.secure();
    var seed = List<int>.generate(32, (_) => random.nextInt(256));
    return Uint8List.fromList(seed);
}

above I can generate a AsymmetricKeyPair object,how to get public base64 and private base64 like my already done js bundle

{"priKey":"CVK3r/UxdGCwQBjtn5vN/orUMxKf9E/1TlJzLkMz9t4=","pubKey":"BJH/mWJqgchGxXGA5/E79SsWRwVo3rpduBmD8FOs7UlKiK8PIvwrkCDvUcwhKdysW35OByPjoVcwFqg1NyumLKM="}

besides, at first I want to use my js bundle file in flutter android, but that would be very tough as I know

how to use js bundle in flutter android

I also need to make sign and verify function with ecdsa in sha256

Signer signer = new Signer('SHA-256/ECDSA');
// 签名,参数:私钥,明文
ECSignature sign(String privateKeyStr, String txt) {
    SecureRandom random = _setRadom();
    // how to convert a plain txt to kTestBytes
    final Uint8List kTestBytes = new Uint8List.fromList([1, 2, 3]);

    // if I pass in base64 privateKey str, is the radix 64?
    ECPrivateKey privateKey = new ECPrivateKey(BigInt.parse(privateKeyStr, radix: 10), ecDomain);

    PrivateKeyParameter signParams = new PrivateKeyParameter(privateKey);
    signer.init(true, new ParametersWithRandom(signParams, random));
    ECSignature signature = signer.generateSignature(kTestBytes) as ECSignature;
    return signature;
}
// 验签
//  参数: 明文,签名,公钥
bool verify(txt, signature, publicKey) {
    // how to make the txt to kTestBytes
    var kTestBytes = txt
    signer.init(false, new PublicKeyParameter(publicKey));
    bool verify = signer.verifySignature(kTestBytes, signature);
    // print(verify);
    return verify;
}
// I don't know what this function actually do,as I know in other language ecdsa don;t need a random number.
SecureRandom _setRadom() {
    List<int> key = [67, 3, 241, 75, 143, 78, 115, 99, 21, 242, 180, 43, 26, 7, 194, 20];
    List<int> iv = [87, 117, 137, 182, 2, 199, 132, 230, 120, 12, 109, 177, 34, 197, 186, 206];
    KeyParameter keyParam = new KeyParameter(new Uint8List.fromList(key));
    ParametersWithIV<KeyParameter> paramsIV = new ParametersWithIV(keyParam, new Uint8List.fromList(iv));
    SecureRandom random = new SecureRandom('AES/CTR/AUTO-SEED-PRNG')..seed(paramsIV);
    return random;
}

Any place can I find sample codes, these functions were changed by some copies on the internet。and I got many confuses list in the comment

2 answers

solution1
 2 ACCPTED  2022-06-16 13:28:55

The EC keys are to be exported/imported as a Base64 encoded raw private key and as a Base64 encoded raw uncompressed public key.

First of all it can be stated that signing and verifying with the posted code works when a fresh key pair is generated:

AsymmetricKeyPair<PublicKey, PrivateKey> kp = generateKeyPair();
ECSignature signature = sign(kp.privateKey as ECPrivateKey, "The quick brown fox jumps over the lazy dog");
bool verified = verify("The quick brown fox jumps over the lazy dog", signature, kp.publicKey as ECPublicKey);
print(verified); // true

Ie in the following I will focus on the import/export of the keys. The raw keys are encapsulated in ECPrivateKey and ECPublicKey and can be exported and imported as follows:

String p256 = 'secp256r1';
AsymmetricKeyPair<PublicKey, PrivateKey> kp = generateKeyPair(curve: p256);

// Export
BigInt d = (kp.privateKey as ECPrivateKey).d!;
BigInt x = (kp.publicKey as ECPublicKey).Q!.x!.toBigInteger()!;
BigInt y = (kp.publicKey as ECPublicKey).Q!.y!.toBigInteger()!;

// Import
ECDomainParameters domain = ECDomainParameters(p256);
ECPrivateKey ecPrivateKey = ECPrivateKey(d, domain);
ECPublicKey ecPublicKey = ECPublicKey(domain.curve.createPoint(x, y), domain);

Here d is the raw private key and x and y are the x and y coordinates of the raw public key.

On the JavaScript side, the Base64 encoded raw private key is used and the Base64 encoded raw uncompressed key, where the uncompressed key is the concatenation 0x04 + <x> + <y> . So, for export and import, the following applies:

  • Regarding the export, the Base64 encoded raw private and public key can be derived from d , x , and y as follows:

     String rawPrivateB64 = exportPrivate(d); String rawUncompressedPublicB64 = exportPublic(x, y, 32);

    with

    import 'dart:convert'; import 'package:nanodart/nanodart.dart'; String exportPrivate(BigInt d){ return base64Encode(NanoHelpers.bigIntToBytes(d)); } String exportPublic(BigInt x, BigInt y, int size){ return base64Encode(NanoHelpers.concat([Uint8List.fromList([4]), pad(NanoHelpers.bigIntToBytes(x), size), pad(NanoHelpers.bigIntToBytes(y), size)])); } Uint8List pad(Uint8List list, int size){ Uint8List padded = list; int currSize = list.length; if (currSize < size){ Uint8List pad = Uint8List(size - currSize); padded = NanoHelpers.concat([pad, list]); } return padded; }

    The size passed in exportPublic() as 3rd parameter is the size of the order of the generator point (32 bytes for secp256r1). If x or y are smaller, they are each padded from the front with 0x00 values until the required length is reached.

    For the conversion from BigInt to Uint8List and the concatenation I used the NanoHelpers class from the NanoDart package for simplicity. Of course, other implementations can be used here as well.

  • Regarding the import, d , x , and y can be derived from the Base64 encoded raw private and public key as follows:

     BigInt d = importPrivate(rawPrivateB64); List xy = importPublic(rawUncompressedPublicB64); BigInt x = xy.elementAt(0); BigInt y = xy.elementAt(1);

    with

    BigInt importPrivate(String d){ return NanoHelpers.byteToBigInt(base64Decode(d)); } List importPublic(String xy){ Uint8List xyBytes = base64Decode(xy); xyBytes = xyBytes.sublist(1, xyBytes.length); int size = xyBytes.length ~/ 2; Uint8List x = xyBytes.sublist(0, size); Uint8List y = xyBytes.sublist(size); return [NanoHelpers.byteToBigInt(x), NanoHelpers.byteToBigInt(y)]; }

Test

The posted key pair

{"priKey":"CVK3r/UxdGCwQBjtn5vN/orUMxKf9E/1TlJzLkMz9t4=","pubKey":"BJH/mWJqgchGxXGA5/E79SsWRwVo3rpduBmD8FOs7UlKiK8PIvwrkCDvUcwhKdysW35OByPjoVcwFqg1NyumLKM="}

can be imported and used for signing and verification as follows:

String rawPrivateB64 = "CVK3r/UxdGCwQBjtn5vN/orUMxKf9E/1TlJzLkMz9t4=";
String rawUncompressedPublicB64 = "BJH/mWJqgchGxXGA5/E79SsWRwVo3rpduBmD8FOs7UlKiK8PIvwrkCDvUcwhKdysW35OByPjoVcwFqg1NyumLKM=";

BigInt d = importPrivate(rawPrivateB64);
List xy = importPublic(rawUncompressedPublicB64);
BigInt x = xy.elementAt(0);
BigInt y = xy.elementAt(1);

ECDomainParameters domain = ECDomainParameters('secp256r1');
ECPrivateKey private = ECPrivateKey(d, domain);
ECPublicKey public = ECPublicKey(domain.curve.createPoint(x, y), domain);

ECSignature signature = sign(private, "The quick brown fox jumps over the lazy dog");
bool verified = verify("The quick brown fox jumps over the lazy dog", signature, public);
print(verified); // true

Edit: Regarding your comment: sign() and verify() are the methods you posted, but according to the changes, the keys are now passed directly (instead of strings) and the actual message is applied (instead of [1,2,3] ) using utf8.encode() for UTF-8 encoding:

import 'dart:convert';

ECSignature sign(ECPrivateKey privateKey, String txt) {
  SecureRandom random = _setRandom();
  Uint8List txtBytes = Uint8List.fromList(utf8.encode(txt));
  PrivateKeyParameter signParams = PrivateKeyParameter(privateKey);
  signer.init(true, ParametersWithRandom(signParams, random));
  ECSignature signature = signer.generateSignature(txtBytes) as ECSignature;
  return signature;
}

bool verify(String txt, ECSignature signature, ECPublicKey publicKey) {
  signer.init(false, PublicKeyParameter(publicKey));
  bool verify = signer.verifySignature(Uint8List.fromList(utf8.encode(txt)), signature);
  return verify;
}

As _setRandom() I applied the implementation from generateKeyPair() instead of your implementation (ie a FortunaRandom() based CSPRNG).

solution2
 0  2022-06-20 07:25:52

my whole code based on accepted answer

crypto.dart

import "dart:typed_data";
import "dart:math";
import 'dart:convert';

import "package:pointycastle/export.dart";
import './utils.dart';

Signer signer = new Signer('SHA-256/ECDSA');

class Crypto {
  final ECDomainParameters ecDomain = new ECDomainParameters('secp256r1');

  /// 公私钥对生成
  /// 关于公私钥encoding:https://stackoverflow.com/questions/72641616/how-to-convert-asymmetrickeypair-to-base64-encoding-string-in-dart
  ///

  Map generateKeyPair({curve = 'secp256r1'}) {
    var param = curve == 'secp256r1' ? ECCurve_secp256r1() : ECCurve_secp256k1();
    var keyParams = ECKeyGeneratorParameters(param);

    var random = FortunaRandom();
    random.seed(KeyParameter(this._seed(32)));

    var generator = ECKeyGenerator();
    generator.init(ParametersWithRandom(keyParams, random));

    AsymmetricKeyPair<PublicKey, PrivateKey> kp = generator.generateKeyPair();
    BigInt d = (kp.privateKey as ECPrivateKey).d!;
    BigInt x = (kp.publicKey as ECPublicKey).Q!.x!.toBigInteger()!;
    BigInt y = (kp.publicKey as ECPublicKey).Q!.y!.toBigInteger()!;
    String rawPrivateB64 = exportPrivate(d);
    String rawUncompressedPublicB64 = exportPublic(x, y, 32);
    return {'base64Pub': rawUncompressedPublicB64, 'base64Priv': rawPrivateB64};
  }

  Uint8List _seed(size) {
    var random = Random.secure();
    var seed = List<int>.generate(size, (_) => random.nextInt(256));
    return Uint8List.fromList(seed);
  }

// TODO
// Restore the ECPrivateKey from 'd'.
  restoreKeyFromPrivate(privateKeyStr) {
    ECPrivateKey privateKey = new ECPrivateKey(BigInt.parse(privateKeyStr, radix: 10), ecDomain);
    ECPoint Q = privateKey.parameters!.G * privateKey.d as ECPoint;
    ECPublicKey publicKey = new ECPublicKey(Q, privateKey.parameters);
    return publicKey;
  }

  ECSignature sign(ECPrivateKey privateKey, String txt) {
    SecureRandom random = _setRandom();
    Uint8List txtBytes = Uint8List.fromList(utf8.encode(txt));
    PrivateKeyParameter signParams = PrivateKeyParameter(privateKey);
    signer.init(true, ParametersWithRandom(signParams, random));
    ECSignature signature = signer.generateSignature(txtBytes) as ECSignature;
    return signature;
  }

  bool verify(String txt, ECSignature signature, ECPublicKey publicKey) {
    signer.init(false, PublicKeyParameter(publicKey));
    bool verify = signer.verifySignature(Uint8List.fromList(utf8.encode(txt)), signature);
    return verify;
  }

  SecureRandom _setRandom() {
    // List<int> key = [67, 3, 241, 75, 143, 78, 115, 99, 21, 242, 180, 43, 26, 7, 194, 20];
    // List<int> iv = [87, 117, 137, 182, 2, 199, 132, 230, 120, 12, 109, 177, 34, 197, 186, 206];
    List<int> key = _seed(16);
    List<int> iv = _seed(16);
    KeyParameter keyParam = new KeyParameter(new Uint8List.fromList(key));
    ParametersWithIV<KeyParameter> paramsIV = new ParametersWithIV(keyParam, new Uint8List.fromList(iv));
    SecureRandom random = new SecureRandom('AES/CTR/AUTO-SEED-PRNG')..seed(paramsIV);
    return random;
  }
}

crypto_test.dart 

import '../lib/crypto/crypto.dart';
import "dart:typed_data";
import "dart:math";
import '../lib/crypto/utils.dart';
import "package:pointycastle/export.dart";

var crypto = new Crypto();
void main() {
  // _generateTest();
  // _signTest();
  Map keyPair = crypto.generateKeyPair();
  String rawPrivateB64 = keyPair['base64Priv'];
  String rawUncompressedPublicB64 = keyPair['base64Pub'];

  BigInt d = importPrivate(rawPrivateB64);
  List xy = importPublic(rawUncompressedPublicB64);
  BigInt x = xy.elementAt(0);
  BigInt y = xy.elementAt(1);

  ECDomainParameters domain = ECDomainParameters('secp256r1');
  ECPrivateKey private = ECPrivateKey(d, domain);
  ECPublicKey public = ECPublicKey(domain.curve.createPoint(x, y), domain);

  ECSignature signature = crypto.sign(private, "The quick brown fox jumps over the lazy dog");
  bool verified = crypto.verify("The quick brown fox jumps over the lazy dog", signature, public);
  print('验签结果');
  print(verified); // true
}

_generateTest() {
  Map keyPair = crypto.generateKeyPair();

  print("结果");
  print(keyPair['base64Pub']);
  print(keyPair['base64Priv']);
}

_signTest() {
  // AsymmetricKeyPair<PublicKey, PrivateKey> kp = crypto.generateKeyPair();
  // ECSignature signature = sign(kp.privateKey as ECPrivateKey, "The quick brown fox jumps over the lazy dog");
  // bool verified = crypto.verify("The quick brown fox jumps over the lazy dog", signature, kp.publicKey as ECPublicKey);
  // print(verified); // true
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to decode or convert base64 string url to UintList in Dart? Dart encoding hex using Base64 How to download picture and convert to base64 correctly in Dart? Dart Convert from base64 to HEX How to decode the image which is a base64 string, in Dart? Dart - Base64 string is not equal to python Dart - Encode and decode base64 string encoding an image to base64 string I cannot convert resized Image object to Base64 string in Dart How to convert image file to base64 String in flutter?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM