Jcryptoki for bitcoin ECDSA secp256k1

11/20/2017 2:40:03 AM
Gravatar
Total Posts 3

Jcryptoki for bitcoin ECDSA secp256k1

Hello, I've been playing around with the RSA examples which work great after modifying a few attributes for SoftHsm2 :-)

But I wasn't able to generate an ECDSA key pair with secp256k1 curve. My goal is to generate a bitcoin private key in an HSM and sign transactions with it.

Some code sample like the one provided for RSA would be very helpful.

Thank you very much.

11/21/2017 8:39:59 AM
Gravatar
Total Posts 3

Re: Jcryptoki for bitcoin ECDSA secp256k1

The following code causes the below exception. Any idea what might be the reason ?

 

byte[] derBytes = Base64.getDecoder().decode("BgUrgQQACg=="); // DER encoding obtained with $ openssl ecparam -out ec_param.pem -name secp256k1

ArrayList<CryptokiAttribute> templatePub = new ArrayList<CryptokiAttribute>();

templatePub.add(new CryptokiAttribute(CryptokiAttribute.CKA_EC_PARAMS, derBytes));

ArrayList<CryptokiAttribute> templatePri = new ArrayList<CryptokiAttribute>();

Key[] keys = session.generateKeyPair(new Mechanism(Mechanism.CKM_EC_KEY_PAIR_GEN, null), templatePub, templatePri);

 

 

Exception in thread "main" java.lang.ClassCastException: com.cryptware.jcryptoki.CryptokiObject cannot be cast to com.cryptware.jcryptoki.Key

at com.cryptware.jcryptoki.Session.generateKeyPair(Unknown Source)

at ecdsaTest.main(ecdsaTest.java:200)

11/21/2017 5:58:13 PM
Gravatar
Total Posts 296
Ugo Chirico http://www.ugochirico.com

Re: Jcryptoki for bitcoin ECDSA secp256k1

Its very strange.

can you call this line instead of your?

Object[] keys = session.generateKeyPair(new Mechanism(Mechanism.CKM_EC_KEY_PAIR_GEN, null), templatePub, templatePri);
System.out.println(keys[0].getClass());

In this way we can see which kind of object we have back from that method.

11/22/2017 3:01:52 AM
Gravatar
Total Posts 3

Re: Jcryptoki for bitcoin ECDSA secp256k1

Hi Ugo, thank you for feedback.

 

The exception is raised inside session.generateKeyPair(...) so it never actually returns.

Is this an encoding problem of ec_params ? 

This is all the code i'm running :

Cryptoki cryptoki = new Cryptoki();

cryptoki.attach("/usr/local/lib/softhsm/libsofthsm2.so");

int ret = cryptoki.initialize(true);

if(ret != CryptokiException.CKR_OK)

{

    System.out.println("Error " + ret);

    return;

}

CryptokiInfo info = cryptoki.getInfo(); // returns correct info

SlotInfo slotInfo = slot.getInfo(); // returns correct info

if(slot.isTokenPresent())

{

    Token token = slot.getToken();

    TokenInfo tokenInfo = token.getInfo();

    // Opens a read/write serial session

    Session session = token.openSession(SessionInfo.CKF_SERIAL_SESSION | SessionInfo.CKF_RW_SESSION,

                                    null,

                                    null);

    SessionInfo sessionInfo = session.getInfo(); // returns correct info

 

    // Executes the login passing the user PIN

        int nRes = session.login(Session.CKU_USER, "1234");

        if (nRes != 0)

        {

            System.out.println("Wrong PIN");

            return;

        }

    byte[] derBytes = Base64.getDecoder().decode("BgUrgQQACg=="); // DER encoding obtained with $ openssl ecparam -out ec_param.pem -name secp256k1

    ArrayList<CryptokiAttribute> templatePub = new ArrayList<CryptokiAttribute>();

    templatePub.add(new CryptokiAttribute(CryptokiAttribute.CKA_EC_PARAMS, derBytes));

    ArrayList<CryptokiAttribute> templatePri = new ArrayList<CryptokiAttribute>();

    Object[] keys = session.generateKeyPair(new Mechanism(Mechanism.CKM_EC_KEY_PAIR_GEN, null), templatePub, templatePri);

Exception in thread "main" java.lang.ClassCastException: com.cryptware.jcryptoki.CryptokiObject cannot be cast to com.cryptware.jcryptoki.Key