0

I am trying to generate CSR(Certificate Signing Request) with the keys generated from HSM.

I am able to convert HSM RSA public key to java.security RSAPublicKey with modulus and public_exponent.

I am NOT able to convert HSM ECDSA public key to java.security EC PublicKey. I have Curve name(SECP256R1) and the EcPoint value for the public key I generated from HSM.

Can someone help on this?

Thanks!!

menakshisundaram
  • 153
  • 1
  • 5
  • See [here](https://stackoverflow.com/q/43965667/5128464) – vlp Jul 17 '20 at 07:38
  • thanks @vlp .. I tried this one for different curves. some of the curves have indifferent length. Meaning - I m not able to split the encoded public key into exact halves to get x and y components. Is there some way that I should look to separate x and y values for different curve types? – menakshisundaram Jul 18 '20 at 03:13
  • 1
    Encoding must be in line with ANSI X9.62 -- usually an uncompressed format is used (i.e. `0x04` followed by an even number of bytes. You just need to divide those bytes to halves and get the coordinates). Consider updating your question with example value of `CKA_EC_POINT` and `CKA_EC_PARAMS`... – vlp Jul 18 '20 at 12:42
  • Also see [here](https://security.stackexchange.com/q/185520) – vlp Jul 18 '20 at 12:43

0 Answers0