Deriving ECDSA Public Key from Private Key

Lev Knoblock picture Lev Knoblock · Mar 10, 2018 · Viewed 7.1k times · Source

I was attempting to generate a public ECDSA key from a private key, and I haven't managed to find much help on the internet as to how to do this. Pretty much everything is for generating a public key from a public key spec, and I don't know how to get that. So far, this is what I've put together:

public void setPublic() throws GeneralSecurityException {
    ECNamedCurveParameterSpec params = ECNamedCurveTable.getParameterSpec("secp256k1");
    KeyFactory fact = KeyFactory.getInstance("ECDSA", "BC");
    ECCurve curve = params.getCurve();
    java.security.spec.EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, params.getSeed());
    java.security.spec.ECPoint point = ECPointUtil.decodePoint(ellipticCurve, this.privateKey.getEncoded());
    java.security.spec.ECParameterSpec params2=EC5Util.convertSpec(ellipticCurve, params);
    java.security.spec.ECPublicKeySpec keySpec = new java.security.spec.ECPublicKeySpec(point,params2);
    this.publicKey = fact.generatePublic(keySpec);
}

However, when running, I get the following error:

Exception in thread "main" java.lang.IllegalArgumentException: Invalid point encoding 0x30
at org.bouncycastle.math.ec.ECCurve.decodePoint(Unknown Source)
at org.bouncycastle.jce.ECPointUtil.decodePoint(Unknown Source)
at Wallet.Wallet.setPublic(Wallet.java:125)

What am I doing wrong? Is there a better/easier way to do this?

EDIT: I've managed to get some code to compile, but it does not work correctly:

public void setPublic() throws GeneralSecurityException {
    BigInteger privKey = new BigInteger(getHex(privateKey.getEncoded()),16);
    X9ECParameters ecp = SECNamedCurves.getByName("secp256k1");
    ECPoint curvePt = ecp.getG().multiply(privKey);
    BigInteger x = curvePt.getX().toBigInteger();
    BigInteger y = curvePt.getY().toBigInteger();
    byte[] xBytes = removeSignByte(x.toByteArray());
    byte[] yBytes = removeSignByte(y.toByteArray());
    byte[] pubKeyBytes = new byte[65];
    pubKeyBytes[0] = new Byte("04");
    System.arraycopy(xBytes, 0, pubKeyBytes, 1, xBytes.length);
    System.arraycopy(yBytes, 0, pubKeyBytes, 33, xBytes.length);




    ECNamedCurveParameterSpec params = ECNamedCurveTable.getParameterSpec("secp256k1");
    KeyFactory fact = KeyFactory.getInstance("ECDSA", "BC");
    ECCurve curve = params.getCurve();
    java.security.spec.EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, params.getSeed());
    java.security.spec.ECPoint point = ECPointUtil.decodePoint(ellipticCurve, pubKeyBytes);
    java.security.spec.ECParameterSpec params2 = EC5Util.convertSpec(ellipticCurve, params);
    java.security.spec.ECPublicKeySpec keySpec = new java.security.spec.ECPublicKeySpec(point,params2);
    this.publicKey = fact.generatePublic(keySpec);
}

private byte[] removeSignByte(byte[] arr)
{
    if(arr.length==33)
    {
        byte[] newArr = new byte[32];
        System.arraycopy(arr, 1, newArr, 0, newArr.length);
        return newArr;
    }
    return arr;
}

When I run it, it generates a publicKey, but it's not the same one that the private key corresponds to.

Answer

Lev Knoblock picture Lev Knoblock · Mar 10, 2018

So after a while, I figured out a solution and decided to post it in case anyone else has the same issue as me:

KeyFactory keyFactory = KeyFactory.getInstance("ECDSA", "BC");
    ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("secp256k1");

    ECPoint Q = ecSpec.getG().multiply(((org.bouncycastle.jce.interfaces.ECPrivateKey) this.privateKey).getD());

    ECPublicKeySpec pubSpec = new ECPublicKeySpec(Q, ecSpec);
    PublicKey publicKeyGenerated = keyFactory.generatePublic(pubSpec);
    this.publicKey = publicKeyGenerated;

EDIT: Removed the code decoding the ECPoint as per @MaartenBodewes comment.