How to use java-deprecated elliptic curves in jdk 17

Question

we're migrating from jdk 8 to 17 and apparently, the curve that our privateKey uses: secp256k1 is deprecated, so we get this error

Unable to calculate signature using Elliptic Curve PrivateKey. Curve not supported: secp256k1 (1.3.132.0.10)
io.jsonwebtoken.security.SignatureException: Unable to calculate signature using Elliptic Curve PrivateKey. Curve not supported: secp256k1 (1.3.132.0.10)
    at app//io.jsonwebtoken.impl.crypto.EllipticCurveSigner.sign(EllipticCurveSigner.java:46)
    at app//io.jsonwebtoken.impl.crypto.DefaultJwtSigner.sign(DefaultJwtSigner.java:59)
    at app//io.jsonwebtoken.impl.DefaultJwtBuilder.compact(DefaultJwtBuilder.java:353)

Is there any way we could still use this privatekey with jjwt? adding BouncyCastleProvider doesn't seem to work for our case..

score 0 · Answer 1 · answered Aug 22 '22 at 02:28

0

BouncyCastleProvider actually did work, but I had to put it in front of SunEC provider in order to use bouncycastle's implementation for signing the jwt

answered Aug 22 '22 at 02:28

Minsoo Cheong

36
2

How to use java-deprecated elliptic curves in jdk 17

1 Answers1