Just a little background on my project:
I'm implementing an SMS encryption program using ECDH for Android (BouncyCastle) and I need to send my public keys over SMS. Functionality wise, all is up and working but I'm a little skeptical about the X.509 code I've implemented.
On the sender side:
byte[] pubEnc = aKeyPair.getPublic().getEncoded();
X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc);
pubX509 is then encoded into Base64 and sent via SMS
On the receiver side:
KeyFactory keyFac = KeyFactory.getInstance("ECDH", "SC");
X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(SharedS);
ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509);
The received value is Base64 decoded into SharedS which is cast into a new pubX509
As I've mentioned, implementation wise, this code seems to be working fine, however I'd like to find out if I am implementing the X509 properly.
Any advise would be much appreciated.
The fact that Sun (now Oracle) called this an X509EncodedKeySpec is simply because the public key is encoded using a format that was specified in the much larger X.509 certificate standard. For the internet, a proper implementation of X.509 certificates is specified in RFC 5280. As you can see, this RFC is over 140 pages in length. In the whole document, these 3 lines describe how to represent a public key:
SubjectPublicKeyInfo ::= SEQUENCE {
algorithm AlgorithmIdentifier,
subjectPublicKey BIT STRING }
And this is format that is produced by the Java class X509EncodedKeySpec. You can ignore all the rest of the X509 standard, you don't have to use certificates.