Java 7 keytool Elliptic Curve Encryption

Question

I'm trying to create a keystore using keytool with a keyalg ECC.

This should be possible according to Oracle. I quote:

Area: Tools

Synopsis: The keytool and jarsigner tools now support the ECC algorithm in keypair generation and jar signing.

RFE: 6870812

I'm using the 32-bit version 1.7.0_07, and I've tried keytool with -keyalg ECC, ECIES, ECDSA,... but I always get Cannot derive signature algorithm.

Am I using the wrong Java version? Am I using the wrong name for ECC?

Answer 1

Here is the source for the algorithm selection. The allowed values are DSA, RSA and EC. These values are not documented anywhere as far as I can tell.

Answer 2

I believe you have to install the unlimited strength policy for JCE to work with all algorithims. If you haven't done so already, it's at the bottom of this page: http://www.oracle.com/technetwork/java/javase/downloads/index.html