Sahamati / rahasya

The project aims to simplify the usage of ECC curve (curve25519) with Diffie-Hellman Key exchange. The work is inline with the Account Aggregator Specification.
Apache License 2.0
13 stars 20 forks source link

getKeyMaterial guidance #7

Closed ChariKundavarapu closed 2 years ago

ChariKundavarapu commented 4 years ago

Hi SasiKumar,

My Self is ChariKundavarapu. Yesterday you shared response for my query "REG: DataProvider Error while generating ECDH". When using your code snippet i am able to get the KeyPair but both public and private key values are same. Please find the below code snippet. 1

kundavarapuSubrahmanyaChari commented 4 years ago

Hi SasiKumar,

Good Evening!, Can you please provide the guidance for the above issue. I am getting same values for Public and Private keys.

vishwa-vyom commented 4 years ago

Hi @kundavarapuSubrahmanyaChari,

Not very sure what you are trying, but if you want to print and see the difference the private and public keys, you can use the below code.

System.out.println("public: " + new String(Base64.getEncoder().encode(keyPair.getPublic().getEncoded()))); System.out.println("private: " + new String(Base64.getEncoder().encode(keyPair.getPrivate().getEncoded())));

vishwa-vyom commented 4 years ago

@kundavarapuSubrahmanyaChari was the above detail sufficient, can we close this issue?

ChariKundavarapu commented 4 years ago

Hi @vishwa-vyom ,

Yes , I am able to print and get different values for public and private keys. But i want to integrate this utility into Android mobile application. Please provide the guidance for how to integrate this utility into Android application.

vishwa-vyom commented 4 years ago

@ChariKundavarapu Since this code is Java, you should be able to integrate with Android app. Any specific issue are you facing?

ChariKundavarapu commented 3 years ago

Hi SasiKumar and Vishwa,

We are getting error while mapping public key format with server side. {"errorCode":"org.bouncycastle.jcajce.provider.asymmetric.ec.KeyAgreementSpi$1","errorMessage":"calculation failed: ECDH public key has wrong domain parameters","errorInfo":null}

App Public key Format: "KeyValue": "-----BEGIN PUBLIC KEY-----MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEd+DxLaYL5ORmq5sL7baT1H3NpJxg+WWjsmWCtu0fPjxL0Cn+20\/EfQuLZmVzIDRaVGNGmOtV3UA6+BhUeCNdLA==-----END PUBLIC KEY-----"

We are generating key with android app.

Server Public Key Format: -----BEGIN PUBLIC KEY-----MIIBMTCB6gYHKoZIzj0CATCB3gIBATArBgcqhkjOPQEBAiB/////////////////////////////////////////7TBEBCAqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqYSRShRAQge0Je0Je0Je0Je0Je0Je0Je0Je0Je0Je0JgtenHcQyGQEQQQqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq0kWiCuGaG4oIa04B7dLHdI0UySPU1+bXxhsinpxaJ+ztPZAiAQAAAAAAAAAAAAAAAAAAAAFN753qL3nNZYEmMaXPXT7QIBCANCAAR9NHe+/US4L80Fbmn4iEfg1FVtXmehGGW6hWot31SzvmQJumU2S0zXzo2972EbEjmBRW2WdPG7SHe/TecncKDF-----END PUBLIC KEY----- Server side they are generating with docker.

Please help on this how we are mapping both keys and decrypt the data.

ChariKundavarapu commented 3 years ago

Hi SasiKumar and Vishwa,

Can please provide the solution with High priority.

And let me know the developer contact details, then I can follow up with him.

Regards, Subrahmanya Chari (Onemoney) 7013476110

vishwa-vyom commented 3 years ago

Hi @ChariKundavarapu,

You have used the ECCService code as is in Android or you made any minor modifications to made it work in Android? If modified, please send us the code to understand the issue better.

ChariKundavarapu commented 3 years ago

Hi @vishwa-vyom ,

I have made some changes to generate KeyMaterials. forward secrecy is docker gradle java project we are unable to use that code as it is. So that I made changes. Please find the changes below.

ECCService eccService = new ECCService(); try { KeyPair keyPair= eccService.generateKey(); System.out.println("Public Key "); System.out.println("public: 11" + new String(Base64.getEncoder().encode(keyPair.getPublic().getEncoded()))); System.out.println("private: 11" + new String(Base64.getEncoder().encode(keyPair.getPrivate().getEncoded())));

    } catch (NoSuchProviderException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }

private KeyPair generateKey() throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException { System.out.println("ALGORITHM :: PROVIDER :: "+ algorithm +" :: "+provider); KeyPairGenerator kpg; kpg = KeyPairGenerator.getInstance(algorithm); System.out.println("ALGORITHM KeyPairGenerator"); X9ECParameters ecP = CustomNamedCurves.getByName(curve); System.out.println("ALGORITHM curve"); ECParameterSpec ecSpec = EC5Util.convertToSpec(ecP); System.out.println("ALGORITHM ecSpec"); SecureRandom random = SecureRandom.getInstance("SHA1PRNG"); kpg.initialize(256, random);

    System.out.println("ALGORITHM ECParameterSpec");
    final KeyPair kp = kpg.genKeyPair();
    System.out.println("Key pair generated " + kp.getPublic().getAlgorithm());
    System.out.println("Key pair generated " + new String(Base64.getEncoder().encode(kp.getPublic().getEncoded())));
    return kp;

}

ChariKundavarapu commented 3 years ago

Hi @vishwa-vyom ,

Good Morning! Please check below error message getting while generating KeyMaterial After Android 28 (Pie) version. The BC provider no longer provides an implementation for KeyPairGenerator.EC. In

Same code is working for Oreo (Android 26).

private KeyPair generateKey() throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException { KeyPairGenerator kpg = null; KeyPair kp = null; try { kpg = KeyPairGenerator.getInstance(algorithm,provider);

        X9ECParameters ecP = CustomNamedCurves.getByName(curve);
        ECParameterSpec ecSpec = EC5Util.convertToSpec(ecP);
        System.out.println("Key pair generated ecSpec ");
        kpg.initialize(ecSpec);
        System.out.println("Key pair generated kpg ");
        kp = kpg.genKeyPair();
        System.out.println("Key pair generated KP " + kp.getPublic().getAlgorithm());
    } catch (Exception e) {
        System.out.println("Exception " + e.getMessage());
    }
    return kp;
}

Please check and let me know if any changes required to generate KeyMaterial.

ChariKundavarapu commented 3 years ago

Hi @vishwa-vyom ,

Good Afternoon! Please check below error message getting while generating KeyMaterial. EC_GROUP_new_arbitrary failed.

private KeyPair generateKey() throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException { KeyPairGenerator kpg = null; KeyPair kp = null; try { kpg = KeyPairGenerator.getInstance(algorithm);

    X9ECParameters ecP = CustomNamedCurves.getByName(curve);
    ECParameterSpec ecSpec = EC5Util.convertToSpec(ecP);
    System.out.println("Key pair generated ecSpec ");
    kpg.initialize(ecSpec);
    System.out.println("Key pair generated kpg ");
    kp = kpg.genKeyPair();
    System.out.println("Key pair generated KP " + kp.getPublic().getAlgorithm());
} catch (Exception e) {
    System.out.println("Exception " + e.getMessage());
}
return kp;

} Please check and let me know if any changes required to generate KeyMaterial.

ChariKundavarapu commented 3 years ago

HI @vishwa-vyom and @gsasikumar ,

I am unable to generate Key Materials latest and Version like Android P and Android 10. Can you please help me what changes required to generate Key-Materials in above Android version.

gsasikumar commented 3 years ago

I am not sure if this is still a requirement. Please let me know if you are still finding it difficult to use this as a reference in android. @ChariKundavarapu

ChariKundavarapu commented 3 years ago

Hi Sasi Kumar,

We fixed that issue generates key material and decrypting data.

But we are facing only the issue that was it is only working from Android 8.0(Oreo).

Please let us know any modifications that need to work for the lower Android version as well.

--------------------------------------------------------------------------------------------------- Thanks & Regards K.S.Chari, 7013476110

This message and any included attachments are from FinTech Products and Solutions India Pvt. Ltd. and are intended only for the addressee(s). The information contained herein may include privileged or otherwise confidential information. Unauthorized review, forwarding, printing, copying, distributing, or using such information is strictly prohibited and may be unlawful. If you received this message in error or have reason to believe you are not authorized to receive it, please promptly delete this message and notify the sender. Thank you.

On Fri, Mar 26, 2021 at 11:10 PM Sasikumar Ganesan @.***> wrote:

I am not sure if this is still a requirement. Please let me know if you are still finding it difficult to use this as a reference in android. @ChariKundavarapu https://github.com/ChariKundavarapu

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/gsasikumar/forwardsecrecy/issues/7#issuecomment-808402586, or unsubscribe https://github.com/notifications/unsubscribe-auth/AQONQ7XYCG4U65E4ZD4GLLLTFTBIHANCNFSM4PQAHQ3A .

gsasikumar commented 2 years ago

@ChariKundavarapu It's almost a year now, I hope this is resolved now.

ChariKundavarapu commented 2 years ago

Hi Sahamati/rahasya,

No, Still we are facing issues in Android 12 version devices.

---------------------------------------------------------------------------------------------- Thanks & Regards K.S.Chari, 9492602601

This message and any included attachments are from FinTech Products and Solutions India Pvt. Ltd. and are intended only for the addressee(s). The information contained herein may include privileged or otherwise confidential information. Unauthorized review, forwarding, printing, copying, distributing, or using such information is strictly prohibited and may be unlawful. If you received this message in error or have reason to believe you are not authorized to receive it, please promptly delete this message and notify the sender. Thank you.

On Wed, Nov 9, 2022 at 5:54 PM Sasikumar Ganesan @.***> wrote:

Closed #7 https://github.com/Sahamati/rahasya/issues/7 as completed.

— Reply to this email directly, view it on GitHub https://github.com/Sahamati/rahasya/issues/7#event-7772961460, or unsubscribe https://github.com/notifications/unsubscribe-auth/AQONQ7XHJ32PMU4AF6GN5R3WHOJWVANCNFSM4PQAHQ3A . You are receiving this because you were mentioned.Message ID: @.***>