Is this the proper way to use Bouncy Castle to generate a Bitcoin compatible key?

5

3

I'd like to use Bouncy Castle to generate the keypair for use with all *coin variants.

Is this the correct implementation to get the correct ECC curve that the *coin variants use?

    Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair GenerateKeys(int keySize)
    {
        var gen = new Org.BouncyCastle.Crypto.Generators.ECKeyPairGenerator();
        var secureRandom = new Org.BouncyCastle.Security.SecureRandom();
        var keyGenParam = new Org.BouncyCastle.Crypto.KeyGenerationParameters(secureRandom, keySize);
        gen.Init(keyGenParam);

        return gen.GenerateKeyPair();
    }

goodguys_activate

Posted 2012-12-19T19:44:06.020

Reputation: 11 898

1@LamonteCristo can we now know 5 years later? :Pknocte 2018-01-06T18:23:52.923

IIRC, bitcoin uses an ECDSA key that is hashed using RIPEMD-160. For the particulars, you should look at the bitcoin wiki or vanitygen.

Nick ODell 2012-12-20T01:53:24.730

@NickODell I ported Base58Check (RIPE160 + Sha256) to .NET / C# and that is passing all tests. All I need help with is the ECDSA curve. I think Bouncy is the only way...goodguys_activate 2012-12-20T01:59:33.873

I just checked, and you are correct about it doing sha256 first. Out of curiosity, what are you making that requires generating keys but can't use bitcoind?Nick ODell 2012-12-20T02:32:28.780

@NickODell I'm afraid I can't announce anything now. I'll have a timeline in Feb.goodguys_activate 2012-12-20T02:59:03.190

Answers

6

Below extract should answer your question.

public class ECKeyPair implements Key
{
    private static final SecureRandom secureRandom = new SecureRandom ();
    private static final X9ECParameters curve = SECNamedCurves.getByName ("secp256k1");
    private static final ECDomainParameters domain = new ECDomainParameters (curve.getCurve (), curve.getG (), curve.getN (), curve.getH ());

    private BigInteger priv;
    private byte[] pub;
    private boolean compressed;


    public static ECKeyPair createNew (boolean compressed)
    {
        ECKeyPairGenerator generator = new ECKeyPairGenerator ();
        ECKeyGenerationParameters keygenParams = new ECKeyGenerationParameters (domain, secureRandom);
        generator.init (keygenParams);
        AsymmetricCipherKeyPair keypair = generator.generateKeyPair ();
        ECPrivateKeyParameters privParams = (ECPrivateKeyParameters) keypair.getPrivate ();
        ECPublicKeyParameters pubParams = (ECPublicKeyParameters) keypair.getPublic ();
        ECKeyPair k = new ECKeyPair ();
        k.priv = privParams.getD ();
        k.compressed = compressed;
        if ( compressed )
        {
            ECPoint q = pubParams.getQ ();
            k.pub = new ECPoint.Fp (domain.getCurve (), q.getX (), q.getY (), true).getEncoded ();
        }
        else
        {
            k.pub = pubParams.getQ ().getEncoded ();
        }
        return k;
    }

}

Check out https://github.com/bitsofproof/supernode for more details.

Tamas Blummer

Posted 2012-12-19T19:44:06.020

Reputation: 187

1

        var curve = ECNamedCurveTable.GetByName("secp256k1");
        var domainParams = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H, curve.GetSeed());
        var secureRandom = new SecureRandom();
        var keyParams = new ECKeyGenerationParameters(domainParams, secureRandom);
        var generator = new ECKeyPairGenerator("ECDSA");
        generator.Init(keyParams);
        var keyPair = generator.GenerateKeyPair();
        ns.privateKey = keyPair.Private as ECPrivateKeyParameters;
        ns.publicKey = keyPair.Public as ECPublicKeyParameters;

Oleg D

Posted 2012-12-19T19:44:06.020

Reputation: 45