[
https://issues.apache.org/jira/browse/SSHD-986?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17101078#comment-17101078
]
Thomas Wolf commented on SSHD-986:
----------------------------------
That's the "read public key from encoded private key data" solution. Looks OK.
> Implement ECDSA public key recovery
> -----------------------------------
>
> Key: SSHD-986
> URL: https://issues.apache.org/jira/browse/SSHD-986
> Project: MINA SSHD
> Issue Type: New Feature
> Affects Versions: 2.4.0
> Reporter: Thomas Wolf
> Assignee: Lyor Goldstein
> Priority: Minor
> Attachments: ECRecoverTest.java
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> {{KeyUtils.recoverPublicKey(PrivateKey)}} (and also
> {{OpenSSHECDSAPrivateKeyEntryDecoder.recoverPublicKey(ECPrivateKey)}}, but
> that doesn't seem to be called at all) are not implemented for ECDSA keys.
> EC public key recovery is a ECPoint scalar multiplication and can be done via
> Bouncy Castle. So if the code to do this can be guarded as other BC-dependent
> code this might be one way to implement this.
> Seems to me that lack of {{KeyUtils.recoverPublicKey(PrivateKey)}} for ECDSA
> currently prevents reading a key pair from a PKCS#8 PEM ECDSA private key
> file because {{PKCS8PEMResourceKeyPairParser}} calls that recovery method.
> Attached is small JUnit test showing how to compute the ECDSA public key from
> a given ECDSA private key using Bouncy Castle.
> According to [RFC 5915|https://tools.ietf.org/html/rfc5915], a PKCS#8
> representation of a ECDSA private key SHOULD contain the public key, too, so
> if it's present it might perhaps even be possible to avoid this scalar
> multiplication altogether, but exploiting this might require some larger code
> refactoring?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org
