"Legacy SunEC curve disabled" Error

EC Cryptography Tutorials - Herong's Tutorial Examples

∟"Legacy SunEC curve disabled" Error

This section provides a tutorial example on how to resolve the 'Legacy SunEC curve disabled' error and get short and insecure EC private-public key pairs.

As of Java 15, a number of EC curves has been deprecated and labeled as "Legacy SunEC curve". If you try to use them, you will get the "Legacy SunEC curve disabled" error as shown below:

herong> java JavaKeyPair 112 old_ec EC

KeyPairGenerator Object Info:
Algorithm = EC
Provider = SunEC version 15
Key Size = 112
toString = java.security.KeyPairGenerator$Delegate@238e0d81
Exception: java.security.ProviderException:
  Legacy SunEC curve disabled:  secp112r1 (1.3.132.0.6)

But if you really want to use them, you can turn off the "Legacy" label using the "-Djdk.sunec.disableNative=false" option.

herong> java -Djdk.sunec.disableNative=false JavaKeyPair 112 2nd_ec EC

KeyPairGenerator Object Info:
Algorithm = EC
Provider = SunEC version 15
Key Size = 112
toString = java.security.KeyPairGenerator$Delegate@377dca04

Private Key Info:
Algorithm = EC
Saved File = 2nd_ec.pri
Size = 46
Format = PKCS#8
toString = sun.security.ec.ECPrivateKeyImpl@e83f0514

Public Key Info:
Algorithm = EC
Saved File = 2nd_ec.pub
Size = 52
Format = X.509
toString = Sun EC public key, 112 bits
  public x coord: 257242144836477949212001621944606
  public y coord: 1498955258700980639980411461311363
  parameters: secp112r1 (1.3.132.0.6)