问题
I'd like to encrypt some data on a server so if someone got access to the database and codebase the secret data would not be compromised.
It seems to me a good way to do this is through elliptic curve cryptography.
I'm wondering how to do this in Bouncy Castle? I've Googled around and read some blog posts, but they generate keys unrelated to strings and I'm not sure how to implement it with a password, plus I don't want to make a mistake.
essentially I'd like something like this:
var privateKey = GetPrivateKey("secretpassword");
var publicKey = GetPublicKey(privateKey);
string data = "secret data";
var encryptedData = encryptData(publicKey, data);
string data2 = unencryptData(privateKey, data);
Assert.AreEqual(data, data2);
This is my current work in progress:
string password = "n55xSMb7J7n7K8zBRn"; // this will not be hardcoded in the application. It will come from a password prompt
byte[] salt = ASCIIEncoding.UTF8.GetBytes(password + password);
int iterations = 5;
int keySizeInBits = 32;
Pkcs5S2ParametersGenerator generator = new Pkcs5S2ParametersGenerator(new Sha256Digest());
generator.Init(PbeParametersGenerator.Pkcs5PasswordToUtf8Bytes(password.ToCharArray()), salt, iterations);
KeyParameter key = (KeyParameter)generator.GenerateDerivedMacParameters(keySizeInBits);
byte[] k = key.GetKey();
X9ECParameters ecP = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1");
ECDomainParameters ecSpec = new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed());
IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom(k)));
AsymmetricCipherKeyPair aKeyPair = g.GenerateKeyPair();
AsymmetricKeyParameter privateK = aKeyPair.Private;
AsymmetricKeyParameter publicK = aKeyPair.Public;
来源:https://stackoverflow.com/questions/19819709/can-i-use-elliptic-curve-cryptography-as-a-password-with-bouncy-castle-in-c