sun jdk support

After some hit and trial I am able to resolve it.

Issue: When I was working with JDK 1.8 and bcprov-jdk15on-164.jar which is the latest bouncy castle for JDK 1.5 - JDK 1.11, it was working awesome. But bcprov-jdk15on-164.jar doesn’t work for JDK 1.7.0_80 and getting “java.security.InvalidKeyException: Not an EC key: ECDH” error.

Solution: While working with JDK 1.7.0_80 please use bcprov-jdk15to18-164.jar provider which is for JDK 1.5 - JDK 1.8.

I came across this issue as well when I created a fat JAR (a.k.a. uber JAR, shadow JAR). The BouncyCastle JAR is signed and if you create a fat JAR the contents of the BouncyCastle JAR are extracted and put in the fat JAR which breaks the signature. I suspect something similar was happening to you.

When I realised this I updated the build.gradle to exclude BouncyCastle from the fat JAR and add ../../lib/bcprov-jdk15on-154.jar to the Class-Path definition MANIFEST.MF. That way, when you run the generated fat JAR, it adds BouncyCastle to the classpath. Unfortunately, I had to commit lib/bcprov-jdk15on-154.jar into git.

In practice, developers will be using this project as a library and not as a fat JAR, so they will have to change their build to provide BouncyCastle at runtime. There are many ways to do this:

1. Put bcprov-jdk15on-154.jar in $JAVA_HOME/jre/lib/ext, like you suggested. The downside of this approach is that if you need to repeat this if you update your JRE.
2. Adapt the build system to add BouncyCastle at runtime (similar to how I adapted the gradle.build to add a Class-Path to the MANIFEST.MF). The downside is that you need to commit bcprov-jdk15on-154.jar into git.
3. Use a custom class loader that is able to load nested JARs. That way you can put the BouncyCastle JAR in a fat JAR without breaking the signature. The downside is that you need to create and use a custom classloader (Spring Boot provides one, though).

I will update the README with instructions. Thanks for your investigation and feedback!