[jira] [Work logged] (SSHD-986) Implement ECDSA public key recovery

Mon, 04 May 2020 10:00:15 -0700 


     [ 
https://issues.apache.org/jira/browse/SSHD-986?focusedWorklogId=430296&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-430296
 ]

ASF GitHub Bot logged work on SSHD-986:
---------------------------------------

                Author: ASF GitHub Bot
            Created on: 04/May/20 16:59
            Start Date: 04/May/20 16:59
    Worklog Time Spent: 10m 
      Work Description: lgoldstein opened a new pull request #129:
URL: https://github.com/apache/mina-sshd/pull/129


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

            Worklog Id:     (was: 430296)
    Remaining Estimate: 0h
            Time Spent: 10m

> Implement ECDSA public key recovery
> -----------------------------------
>
>                 Key: SSHD-986
>                 URL: https://issues.apache.org/jira/browse/SSHD-986
>             Project: MINA SSHD
>          Issue Type: New Feature
>    Affects Versions: 2.4.0
>            Reporter: Thomas Wolf
>            Assignee: Lyor Goldstein
>            Priority: Minor
>         Attachments: ECRecoverTest.java
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> {{KeyUtils.recoverPublicKey(PrivateKey)}} (and also 
> {{OpenSSHECDSAPrivateKeyEntryDecoder.recoverPublicKey(ECPrivateKey)}}, but 
> that doesn't seem to be called at all) are not implemented for ECDSA keys.
> EC public key recovery is a ECPoint scalar multiplication and can be done via 
> Bouncy Castle. So if the code to do this can be guarded as other BC-dependent 
> code this might be one way to implement this.
> Seems to me that lack of {{KeyUtils.recoverPublicKey(PrivateKey)}} for ECDSA 
> currently prevents reading a key pair from a PKCS#8 PEM ECDSA private key 
> file because {{PKCS8PEMResourceKeyPairParser}} calls that recovery method.
> Attached is small JUnit test showing how to compute the ECDSA public key from 
> a given ECDSA private key using Bouncy Castle.
> According to [RFC 5915|https://tools.ietf.org/html/rfc5915], a PKCS#8 
> representation of a ECDSA private key SHOULD contain the public key, too, so 
> if it's present it might perhaps even be possible to avoid this scalar 
> multiplication altogether, but exploiting this might require some larger code 
> refactoring?



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org

Reply via email to