I've been putting a significant amount of work into compiling a large set of elliptic curve parameters/names/oids for an open source library and a related closed source security product we have. We need to be able to support any of the curves that OpenSSL/LibreSSL support.
The trick is this is currently impossible due to hardcoding in OpenJDK 16. Though you supply valid parameters via ECParameterSpec, when you attempt to construct an instance of ECPrivateKey or ECPublicKey you hit code in sun.security.util.CurveDB that does a "reverse lookup" of sorts to find the curve name. If it's not a curve CurveDB knows about, you can't use it. Is there willingness to accept contributions that would remove this limitation? -- David Blevins http://twitter.com/dblevins http://www.tomitribe.com
