throw new IOException("Unknown named curve: " + oid);
}
return spec;
}
throw new IOException("Only named ECParameters supported");
We have the following exception "java.io.IOException : Unknown named curve : 1.3.36.3.3.2.8.1.1.7" (row 7) because the getECParameters method of the NamedCurve class doesn't know the value 1.3.36.3.3.2.8.1.1.7 of the oid.
So we resolved this adding the following oid values in the NamedCurve class:
could you please provide the recompiled NamedCurve.java? I have the same problem and i need support for EC Curves in Java. or isthere an other way to support it in my applicaton without modify the source?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello ,
we have a problem with the creation of a CA associated with keys of type ECDSA with spec . Brainpool256r1 .
Summarize the configuration of our environment :
S.O : Win 2008
EJBCA 3.10.6
jboss 4.3
jdk1.6
We have created our Brainpoll256r1 ECDSA keys on a HSM Lunasa .
Successivamenta we created our CVCA in this way :
Type of CA: CVC
CA Token Type PKCS # 11
Hard CA Token Properties:
slot 1
defaultKey DVECDSADEU01
SharedLibrary C: \ \ ejbca_3_8_2 \ \ lib \ \ cryptoki.dll
pin xxxxxxxxxxx
Signing Algorithm : SHA1WithECDSA
Key sequence : 00001
Subject DN : CN = XXX , C = KK
Signed By : selfsigned
Certificate Profile : RootCA
Validity (Days ) : 365
After you have entered all the parameters and press the Create button we get the following Error: CA token authorization failed .
In jboss log we see the following error:
18/04/2014 13:10:40,408 ERROR [ org.ejbca.core.model.ca.catoken.PKCS11CAToken ] Failed to initialize PKCS11 provider slot '1 '.
java.security.KeyStoreException : KeyStore instantiation failed
...
...
...
Caused by: java.security.cert.CertificateParsingException : java.io.IOException : Unknown named curve : 1.3.36.3.3.2.8.1.1.7
Why , could someone help us?
Java PKCS#11 does not support Brainpool curves. You can find our documentation about it here.
http://ejbca.org/docs/adminguide.html#ECDSA%20keys%20and%20signatures
PrimeKey has a java PKCS#11 patch that is available for Enterprise Support Customers (it has also been submitted to Oracle for inclusion in Java).
Cheers,
Tomas
Save time and money with an Enterprise support subscription. Please see www.primekey.se for more information.
http://www.primekey.se/Products/EJBCA+PKI/
http://www.primekey.se/Services/Support/
Hi Tomas,
We've read your link; but we didn't resolved our problem.
The problem is in decodeParameters method in ECParameter class:
}
throw new IOException("Only named ECParameters supported");
We have the following exception "java.io.IOException : Unknown named curve : 1.3.36.3.3.2.8.1.1.7" (row 7) because the getECParameters method of the NamedCurve class doesn't know the value 1.3.36.3.3.2.8.1.1.7 of the oid.
So we resolved this adding the following oid values in the NamedCurve class:
In this way all work perfectly.
Thank's a lot and best regards.
Last edit: Fabio Mangiarulo 2014-05-08
Hi,
how did you extend NamedCurve class. Did you recompile while jre?
can u give me a hint?
thx
OK I got it Thank you - just recompiled NamedCurve.java and replaced it in jre/lib/rt.jar
Last edit: TalimGideon 2014-09-19
Hi,
could you please provide the recompiled NamedCurve.java? I have the same problem and i need support for EC Curves in Java. or isthere an other way to support it in my applicaton without modify the source?
Hi,
PrimeKey has made patches for JDK (also submitted to OpenJDK of course), but only provide it to support customers.
Regards,
Tomas
Save time and money with an Enterprise support subscription. Please see www.primekey.se for more information.
https://www.primekey.se/technologies/products-overview/
https://www.primekey.se/service-support/support/