Java Crypto Libraries

Java Crypto Libraries


Cryptography in Java

  • JCA, Bouncy Castle and Web3j:Hashes, ECC and ECDSA

JCA, Bouncy Castle and Web3j

  • Cryptography in Java is based on the Java Cryptography Architecture (JCA)

    • Typical Java style: lot of boilerplate code

  • Bouncy Castle is the leading Java cryptography library

  • Web3j – a simplified library for Ethereum and secp256k1

ECDSA in Java: Install the Crypto Libraries

  • This Maven dependency will install the following libraries:

    • org.web3j.crypto– Ethereum style secp256k1 EC cryptography

    • org.bouncycastle– BouncyCastle crypto provider for Java


ECDSA in Java: Initialize the Application

import org.bouncycastle.util.encoders.Hex;
import org.web3j.crypto.*;
import java.math.BigInteger;

ECDSA in Java: Generate / Load Keys

// Generate random private key
// BigInteger privKey = Keys.createEcKeyPair().getPrivateKey(); 

BigInteger privKey = new BigInteger(
 "97ddae0f3a25b92268175400149d65d6887b9cefaf28ea2c078e05cdc15a3c0a", 16);
BigInteger pubKey = Sign.publicKeyFromPrivate(privKey);
ECKeyPair keyPair = new ECKeyPair(privKey, pubKey);

System.out.println("Private key: " + privKey.toString(16));
System.out.println("Public key: " + pubKey.toString(16));
System.out.println("Public key (compressed): " +

ECDSA in Java: Sign Message

String msg = "Message for signing";
byte[] msgHash = Hash.sha3(msg.getBytes());
Sign.SignatureData signature =
  Sign.signMessage(msgHash, keyPair, false);

System.out.println("Msg: " + msg);
System.out.println("Msg hash: " + Hex.toHexString(msgHash));
  "Signature: [v = %d, r = %s, s = %s]\n",
  signature.getV() - 27,

ECDSA in Java: Verify Signature

BigInteger pubKeyRecovered =
  Sign.signedMessageToKey(msg.getBytes(), signature);
System.out.println("Recovered public key: " +

boolean validSig = pubKey.equals(pubKeyRecovered);
System.out.println("Signature valid? " + validSig);

Last updated