我有一个使用 BouncyCastle 作为安全提供程序的应用程序，但我想切换到另一个直接使用 OpenSSL (Conscrypt) 的应用程序。我遇到的问题是我使用的是 BouncyCastle 提供的 KeyGenerator 中的 ECDH“密钥”，但我的其他库中没有类似的 KeyGenerator。

为了比较两者，我将使用两种方法和以下输入来解码这些点 -

添加换行符以提高可读性

BADX_GAXp03z_5p05O1-op61KJAl4j9U2sBnAnJ4p_6GSAIyFGU3lM

oC4aIXw_2qlTnplykArgjvwCWw-2g6L44

使用 BouncyCastle 方法-

public org.bouncycastle.jce.interfaces.ECPublicKey loadECPublicKeyBC(String encodedPublicKey) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException, IOException {

    Base64.Decoder base64Decoder = Base64.getUrlDecoder();

    byte[] decodedPublicKey = base64Decoder.decode(encodedPublicKey);

    KeyFactory keyFactory = KeyFactory.getInstance("ECDH", "BC");

    ECParameterSpec ecParameterSpec = ECUtil.getECParameterSpec(openSSLProvider, "prime256v1");

    ECPoint ecPoint = ECUtil.decodePoint(decodedPublicKey, ecParameterSpec.getCurve());

    ECPublicKeySpec pubSpec = new ECPublicKeySpec(ecPoint, ecParameterSpec);

    org.bouncycastle.jce.interfaces.ECPublicKey ecPublicKey = (org.bouncycastle.jce.interfaces.ECPublicKey)keyFactory.generatePublic(pubSpec);

    return ecPublicKey;

}

返回getAlgorithm的是EC。返回getFormat的是X.509。

getEncoded这个的价值是——

[48,-126,1,51,48,-127,-20,6,7,42,-122,72,-50,61,2,1,48,

-127,-32,2,1,1,48,44,6,7,42,-122,72,-50,61,1,1,2,33,0,

-1,-1,-1,-1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,-1,-1,-1,-1,

-1,-1,-1,-1,-1,-1,-1,-1,48,68,4,32,-1,-1,-1,-1,0,0,0,1,

0,0,0,0,0,0,0,0,0,0,0,0,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,

-1,-4,4,32,90,-58,53,-40,-86,58,-109,-25,-77,-21,-67,85,

118,-104,-122,-68,101,29,6,-80,-52,83,-80,-10,59,-50,60,

62,39,-46,96,75,4,65,4,107,23,-47,-14,-31,44,66,71,-8,-68,

-26,-27,99,-92,64,-14,119,3,125,-127,45,-21,51,-96,-12,

-95,57,69,-40,-104,-62,-106,79,-29,66,-30,-2,26,127,-101,