ECKey.fromASN1 should check and respect the compression state of the included public key

novitski / bitcoinj

Automatically exported from code.google.com/p/bitcoinj

Apache License 2.0

0 stars 0 forks source link

ECKey.fromASN1 should check and respect the compression state of the included public key #528

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

The public key derived from the private key is longer and different than the 
original one.

I noticed this bug when I tried to use ECKey.toASN1 and ECKey.fromASN1 for 
wallet backup/restore purposes.

Broken:

ECKey key = new ECKey();
ECKey cloneKey = ECKey.fromASN1(key.toASN1());

Code that works:

ECKey key = new ECKey();
byte[] privateKey = key.getPrivKeyBytes();
byte[] publicKey = key.getPubKey();

ECKey keyClone = new ECKey(privateKey, publicKey);

Original issue reported on code.google.com by nicos.pa...@pvs.com.cy on 28 Feb 2014 at 1:38

GoogleCodeExporter commented 9 years ago

I forgot to mention I am using bitcoinj 0.11

Original comment by nicos.pa...@pvs.com.cy on 28 Feb 2014 at 1:38

GoogleCodeExporter commented 9 years ago

The key is not "incorrect", it's just decompressed. You can recompress it to 
get back the original (public) key. It's unfortunate but correct that EC public 
keys can have two different but equivalent forms.

Probably, to make the behaviour more intuitive here, fromASN1() should pay 
attention to the compression state of the key in the ASN1 rather than always 
recalculate uncompressed form from the private key alone.

Original comment by mh.in.en...@gmail.com on 28 Feb 2014 at 4:37

Changed title: ECKey.fromASN1 should check and respect the compression state of the included public key

GoogleCodeExporter commented 9 years ago

This issue was closed by revision e397928ec3fd.

Original comment by mh.in.en...@gmail.com on 17 Mar 2014 at 4:43

Changed state: Fixed