从您的描述中,您真正需要的是OID,而不是名称.如果是这样,那会更容易,因为曲线OID存在于EC公钥的“ X.509”编码中,而这实际上是X.509的SubjectPublicKeyInfo结构(在PKIX中进行了复制,请参见rfc5280 #4.1和rfc3279 #2.3.5,但是跳过有关对于Sun / Oracle / OpenJDK和BC实施(以及所有算法,而不仅仅是ECC),每个人都使用显式参数(每个人都使用namedCurve = OID选项)(即the encoding for JCA public keys). BC还提供了很好的支持来解析此结构:
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
KeyPairGenerator gen = KeyPairGenerator.getInstance("EC");
gen.initialize(new ECGenParameterSpec("secp256r1"));
ECPublicKey jcekey = (ECPublicKey) gen.generateKeyPair().getPublic();
//KeyFactory fact = KeyFactory.getInstance("EC", "BC");
//org.bouncycastle.jce.interfaces.ECPublicKey bckey = (org.bouncycastle.jce.interfaces.ECPublicKey)fact.generatePublic(new X509EncodedKeySpec(jcekey.getEncoded()));
// with Bouncy
byte[] enc = jcekey.getEncoded(); //enc = bckey.getEncoded();
SubjectPublicKeyInfo spki = SubjectPublicKeyInfo.getInstance(ASN1Sequence.getInstance(enc));
AlgorithmIdentifier algid = spki.getAlgorithm();
if( algid.getAlgorithm().equals(X9ObjectIdentifiers.id_ecPublicKey)){
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) algid.getParameters();
System.out.println (oid.toString()); // curve OID, use as needed
}else System.out.println ("not EC?");
为了获得完整性,即使没有Bouncy,如果您不使用最大的曲线并且愿意作弊(Java越来越不鼓励这样做),也不难:
import sun.security.util.DerInputStream;
import sun.security.util.ObjectIdentifier;
final ObjectIdentifier x9_id_ec = new ObjectIdentifier("1.2.840.10045.2.1");
int off = (4+2)+enc[(4+1)];
if( enc[0]==0x30 && enc[1]>0 && enc[2]==0x30 && enc[4]==6
&& new ObjectIdentifier(new DerInputStream(enc,4,off-4)).equals((Object)x9_id_ec)
&& enc[off] == 6 ){
byte[] oidenc = Arrays.copyOfRange(enc,off,off+2+enc[off+1]);
// that's the DER-encoded OID of the curve
ObjectIdentifier oid = new ObjectIdentifier(new DerInputStream(oidenc));
System.out.println (oid.toString()); // and the display form
}else System.out.println ("not EC or too big?");
我还要注意,如果您正在构建证书,PublicKey.getEncoded()已经是整个subjectPublicKeyInfo字段,这是您唯一需要放置曲线OID的位置,除了自签名之外,您唯一需要放置此密钥的位置算法OID.