For a non-technical person, how do I generate a ECDSA key pair easily? Ask Question Asked 7 years. To create the corresponding public key, do this: openssl ec -in myprivatekey.pem -pubout -out mypubkey.pem. Adding an external key pair to a local bitcoinj wallet.
- 'keytool -genkeypair' Command Examples - Generate Key Pair How to use the 'keytool -genkeypair' command? I want to generate a pair of public key and private key for myself. Here is an example of using 'keytool -genkeypair' command to generate a pair of public key and private key for yourself: C:Usersfyicenter'Program Filesjavajre7binkeytool' -genkey.
- The JOSE standard recommends a minimum RSA key size of 2048 bits. To generate a 2048-bit RSA private + public key pair for use in RSxxx and PSxxx signatures: openssl genrsa 2048 -out rsa-2048bit-key-pair.pem Elliptic Curve keys. To generate an EC key pair the curve designation must be specified.
- I am trying to generate ECDSA key pair using SpongyCastle in Android. How can I generate a valid ECDSA EC key pair? The javadoc for java.security.Key tells.
In this chapter we will introduce the rather new Elliptic Curve Cryptography (ECC or EC for short) OpenPGP keys.
1. What are Elliptic Curve OpenPGP keys?
2. Example code
3. Compatibility Notes
4. Async code
2. Example code
3. Compatibility Notes
4. Async code
What are Elliptic Curve OpenPGP keys?
ECC keys are rather new to the OpenPGP standard. They were first defined in RFC 6637. This extension of the OpenPGP standard defines only three NIST approved curves. Later the open source GnuPG software added three Brainpool curves (defined in RFC 5639).
Encryption with EC keys is based on the Elliptic Curve Diffie-Hellman (ECDH) key agreement protocol. Signing with EC keys is based on the Elliptic Curve DSA (ECDSA) algorithm.
The encryption with EC OpenPGP keys is considered to be much more secure compared to the current RSA and Elgamal (DH/DSS) keys.
Supported EC curves
Currently, DidiSoft OpenPGP library for .NET supports ECC keys based on these elliptic curves:
- NIST P-256 (DidiSoft.Pgp.EcCurve.P256)
- NIST-384 (DidiSoft.Pgp.EcCurve.P384)
- NIST-521 (DidiSoft.Pgp.EcCurve.P521)
- Brainpool 256 bit (DidiSoft.Pgp.EcCurve.Brainpool256)
- Brainpool 384 bit (DidiSoft.Pgp.EcCurve.Brainpool384)
- Brainpool 512 bit (DidiSoft.Pgp.EcCurve.Brainpool512)
Key generation speed
The key generation of EC keys is much faster compared to the traditional RSA and DH/DSS keys.
Example Code
The key generation is invoked by the methods GenerateEccKeyPair defined in the KeyStore and PGPKeyPair classes.
Below is a short example that illustrates how to generate EC OpenPGP keys with the library.
C# example
VB.NET example
The example code above will generate keys with no expiration date and predefined preferred algorithms for compression, hash function, and symmetric encryption. If you wish to specify manually those algorithms, please check one of the overloaded versions of the method GenerateEccKeyPair.
After the key generation, the keys can be exported from the KeyStore or you can directly generate a key in a PGPKeyPair object and export them from there.
Compatibility Issues
ECC OpenPGP keys were first introduced in version 1.7.7 of DidiSoft OpenPGP Library for .NET
Elliptic curves OpenPGP keys are supported only by newer OpenPGP implementations like is Symantec (r) PGP Command line v. 10.2. and upper versions and GnuPGversion 2.1 and above. Attempts to use ECC OpenPGP keys with older software usually fails with error messages. For example, if you try to use such keys with older versions of our library you will receive exceptions with the message: “unknown PGP public key algorithm encountered“.
Generate Ec Key Pair Java
![Key Key](/uploads/1/2/6/0/126097471/852296349.png)
Async support
In order to create a key pair asynchronously, we have to use the DidiSoft.Pgp.KeyStoreAsync class which provides the same key creation methods with Async suffixes.
Summary
In this chapter, we have introduced the Elliptic Curve (EC) OpenPGP keys. The EC OpenPGP keys are still not adopted by the major OpenPGP software implementations but they will hopefully get traction soon.
Java Generate Ec Key Pair Key
They are considered superior by terms of cryptography security to the currently widespread RSA and DH/DSS keys.