Android Q bouncy castle issue

Question

From API level 28, Google has restricted Security provider feature(bouncy castle issue). So alternatively we have added Security provider using spongy castle Now we can able to generate a keypair. But the key pair is not matching with the previous one. We can't get Private keyThis is we used previously, Old codeapi 27:

KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC", "BC");
SecureRandom random =SecureRandom.getInstance("SHA1PRNG");
keyGen.initialize(256, random);KeyFactory kaif = KeyFactory.getInstance("EC", "BC");
KeyPair pair = keyGen.generateKeyPair();
PrivateKey privateKey = pair.getPrivate();
PublicKey publicKey = pair.getPublic();

After the API level issue, we have removed "BC" and added Bouncy Castle manually by adding the below lineSecurity.insertProviderAt(BouncyCastleProvider(), 1); by implementing Bouncy castle in dependencies, implementation "com.madgag.spongycastle:core:1.58.0.0" implementation "com.madgag.spongycastle:prov:1.58.0.0" But the key pair is not matching with the previous one. New Code:api 28

Security.insertProviderAt(new org.spongycastle.jce.provider.BouncyCastleProvider(), 1);
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC");
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
keyGen.initialize(256, random);
KeyFactory kaif = KeyFactory.getInstance("EC");
KeyPair pair = keyGen.generateKeyPair();
PrivateKey privateKey = pair.getPrivate();
PublicKey publicKey = pair.getPublic();

But the key pair is not matching with the previous one.

Image: code expectation

your question is not clear enough, please read [MCVE] and edit your question accordingly — Dev, Jul 20 '19 at 10:45
Possible duplicate of [How do I get ECDH keypair in Android 9.0 pie?](https://stackoverflow.com/questions/56884608/how-do-i-get-ecdh-keypair-in-android-9-0-pie) — President James K. Polk, Jul 20 '19 at 12:20
Please see this answer for a full example: https://stackoverflow.com/a/66323575/215266 — satur9nine, Jul 14 '21 at 19:32

score 0 · Answer 1 · answered Jul 20 '19 at 10:56

0

try insert new BouncyCastleProvider() on the first row of your security provider and remove all setprovider("BC") from your code.

answered Jul 20 '19 at 10:56

kabayaba

195
1
13

Security.insertProviderAt(new org.spongycastle.jce.provider.BouncyCastleProvider(), 1); Security.removeProvider("BC"); KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC"); SecureRandom random = SecureRandom.getInstance("SHA1PRNG"); keyGen.initialize(256, random); KeyFactory kaif = KeyFactory.getInstance("EC"); KeyPair pair = keyGen.generateKeyPair(); PrivateKey privateKey = pair.getPrivate(); PublicKey publicKey = pair.getPublic(); i already tried this – Jul 20 '19 at 11:06
but issue exist – Jul 20 '19 at 11:06
No you should remove "BC" if exist then insert – kabayaba Jul 20 '19 at 11:07
Also if you use spongycastle the provider should be "SC" not "BC" – kabayaba Jul 20 '19 at 11:08
Hi @frestonic attached images at description please refer – Jul 20 '19 at 11:14
i'm no expert in generating keys but shouldn't EC have some curve reference? – kabayaba Jul 20 '19 at 11:23
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "BC"); keyPairGenerator.initialize(new ECGenParameterSpec("secp521r1"), new SecureRandom()); java.security.KeyPair keyPair = keyPairGenerator.generateKeyPair(); – kabayaba Jul 20 '19 at 11:23
in the above code, you can't include providing. The main rule of android p is to remove the provider. The above code throws an exception – Jul 20 '19 at 11:33
the answer you had posted doesn't seem to related to my query – Jul 20 '19 at 11:38

Android Q bouncy castle issue

1 Answers1