H Tink Generate an ECDSA signature

This article belongs to H Verify external signature in Tink and is part 1.

Lets start the mission with a small program that generates a Private Key and Public Key keypair with ECDSA-keys and uses the JCE for this task.

As Tink can work with 3 key sizes or curves („Nist P256“ = 256 Bit, „Nist P384“ = 384 Bit and „Nist P521“ = 521 Bit) the solution generates 3 files named „ecdsa_classic_data_xxx.txt“, where xxx ist the used key size.

Please be aware that the material for the signature is hashed with „SHA256withECDSA“ for the key length „256“. When using the other key lengths „384“ and „521“ the hashroutine is „SHA512withECDSA“.

The Public Key gets encoded to a byte array and saved in a Base64-coded string. The second line in the datafile contains the message byte array in a Base64-coded string. The third line is the generated signature as byte array in a Base64-coded string.

All files are saved on the classpath.

Here is the sourcecode:

The console output is very short:

All sourcecodes to this solution are available in my Github-Archive with this link: https://github.com/java-crypto/H-Google-Tink. All programs run with Java 8 and Java 11.

The licence (or better unlicence) to my solution is available here: Lizenz-Seite.

Last edit: 18.11.2019