Uploaded image for project: 'Commons'
  1. Commons
  2. COMMONS-336

ECDSASigningHandler cannot work when without ECPrivate key

    XMLWordPrintable

    Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 22.0.0, 23.0.0, 24.0.0
    • 24.0.0
    • JSON Web Token
    • None

      Description

      The ECDSASigningHandler which is used for JWT signing when using ES* signing algorithm cannot work if the keystore does not provide an exportable EC Private key.
      The implementation assume that the construction of the signing handler need ECPrivateKey.

      It would help if this can be constructed with a more lax constructor (like PrivateKey) just like the RSASigningHandler. In fact it seems we constructor to compute the EC curve may not be needed as when sign() is called the algorithm type is passed and so the curve can be determined there.

      This may help to solve the issues for OPENAM-12801 too (HSM). As for now it would seems AM5/6 will not be able to do signing with ECDSA due to the inability to even create a EC signing handler

      Details: See OPENAM-12801 (subset of the issues)

        Attachments

          Issue Links

            Activity

              People

              neil.madden Neil Madden
              chee-weng.chea C-Weng C
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: