Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Java 7 keytool Elliptic Curve Encryption

I'm trying to create a keystore using keytool with a keyalg ECC.

This should be possible according to Oracle. I quote:

Area: Tools

Synopsis: The keytool and jarsigner tools now support the ECC algorithm in keypair generation and jar signing.

RFE: 6870812

I'm using the 32-bit version 1.7.0_07, and I've tried keytool with -keyalg ECC, ECIES, ECDSA,... but I always get Cannot derive signature algorithm.

Am I using the wrong Java version? Am I using the wrong name for ECC?

like image 245
Bruno Lowagie Avatar asked Sep 06 '12 15:09

Bruno Lowagie


2 Answers

Here is the source for the algorithm selection. The allowed values are DSA, RSA and EC. These values are not documented anywhere as far as I can tell.

like image 56
mcdizzle Avatar answered Oct 14 '22 02:10

mcdizzle


I believe you have to install the unlimited strength policy for JCE to work with all algorithims. If you haven't done so already, it's at the bottom of this page: http://www.oracle.com/technetwork/java/javase/downloads/index.html

like image 22
monitorjbl Avatar answered Oct 14 '22 03:10

monitorjbl