wiki:Crypto/ECDSA

Version 6 (modified by zzz, 5 years ago) (diff)

ECDSA Help Page

If you came to this page because you have a warning in your console about missing ECDSA support, you are in the right place. This page includes additional information and help on how to fix it.

Background

We are migrating most of the digital signature cryptography in I2P to ECDSA. This effort started in late 2013, and in each 2014 release we have improved the support for ECDSA and moved more functions over to ECDSA. By early 2015, ECDSA support will be required for many things to work in I2P.

Unfortunately, we depend on Java and the OS to provide the low-level support for ECDSA, and it is not always present.

We've added the following warnings if you do not have ECDSA support:

  • As of 0.9.15, there are warnings in the log files and on the logs page at http://127.0.0.1:7657/logs
  • As of 0.9.17, there is a warning in the console side bar.
  • Periodic warnings in release notes and console news in 2014.

Solutions

There are several possible reasons for the lack of ECDSA support:

  • Red Hat / Fedora OSes: Not supported. Install the Bouncy Castle provider "bcprov" jar. Instructions: http://forum.i2p/viewtopic.php?t=11580
  • Old version of I2P. ECDSA support was added in 0.9.12. We recommend that you upgrade to the current release.
  • Old version of Java. If you are running Java 6, try upgrading to Java 7.
  • Lack of "unlimited strength policy files" in Java. Unlikely, but it might work. See http://zzz.i2p/topics/1682
  • Old or unusual OS without ECDSA support. See Red Hat above.

Links and More Information