Is “Ed25519” what you need? It’s not available in JDK 11. See
https://bugs.openjdk.java.net/browse/JDK-8199231.
—Max
> On Aug 28, 2020, at 9:55 AM, Anders Rundgren <anders.rundgren....@gmail.com>
> wrote:
>
> On 2020-08-28 15:41, Weijun Wang wrote:
>> What version of java are you using and what’s your command to generate the
>> key pair?
>
> Hi Max,
>
> While waiting for JDK 15, I'm currently using JDK11 and BC but the question
> is really about the Signature object specification.
>
> KeyPairGenerator kpg = KeyPairGenerator.getInstance("X25519")
> KeyPair kp = kpg.generateKeyPair();
>
> A self-signed X25519 certificate would require that a X25519 key is useful as
> a signature key.
>
> Note: I'm not proposing such a feature, I'm just trying to understand :)
>
> Regards,
> Anders
>> Thanks,
>> Max
>>> On Aug 28, 2020, at 7:03 AM, Anders Rundgren
>>> <anders.rundgren....@gmail.com> wrote:
>>>
>>> Hi Crypto Experts,
>>>
>>> Please pardon my ignorance regarding curve25519, but I ran into problems
>>> [*] trying to recreate the sample certificate:
>>> https://urldefense.com/v3/__https://tools.ietf.org/html/rfc8410*section-10.2__;Iw!!GqivPVa7Brio!OMTnVBdbrt8MuV8YwHsti8iuWLk2QE3C6FGAQeBoMJj9pIBQiRO6cbcSLzY8F_90TQ$
>>>
>>> It seems that the certificate is signed with a key intended for ECDH.
>>> Question: is Java's "Signature" object supposed to accept X25519 keys?
>>>
>>> Personally I don't see any use of a self-signed encryption certificate so
>>> maybe this is just a bad example...kind of edge case.
>>>
>>> Regards,
>>> Anders Rundgren
>>>
>>> *] java.security.InvalidKeyException: cannot identify EdDSA private key
>
