"InvalidParameterSpecException: Not a supported curve" from org.bouncycastle.openpgp.operator.jcajce.JcaPGPKeyConverter#getPublicKey with default provider and ECDSA NIST P-256 key

[michkot]

When using a NIST P-256 curve ECDSA key and trying to extract it using org.bouncycastle.openpgp.operator.jcajce.JcaPGPKeyConverter#getPublicKey with default (sun) provider , "InvalidParameterSpecException: Not a supported curve" exception is thrown. The issue cannot be reproduced when "BC" provider is specified.

JDK used : Oracle Java 11

Upon investigating with debugger:

lookup:66, CurveDB (sun.security.util)
engineInit:120, ECParameters (sun.security.util)
init:294, AlgorithmParameters (java.security)
getECParameterSpec:-1, JcaPGPKeyConverter (org.bouncycastle.openpgp.operator.jcajce)
implGetPublicKeyEC:-1, JcaPGPKeyConverter (org.bouncycastle.openpgp.operator.jcajce)
getPublicKey:-1, JcaPGPKeyConverter (org.bouncycastle.openpgp.operator.jcajce)
...

• getECParameterSpec is called with ASN1ObjectIdentifier curveOid 1.2.840.10045.3.1.7
• init is called with paramSpec.name == "prime256v1"
• CurveDB.lookup internally queries maps:
• • first oidMap which has OID as keys (not curve names!)
• • then nameMap
• • the problem is that the registerd names are secp256r1, NIST P-256, X9.62 prime256v1

Naive suggestion - can we pass OIDs instead of names mapped from these OIDs? Is that an issue for other providers?

Or is this the fault of sun's provider having an alias X9.62 prime256v1 / not having other of the aliases noted e.g. here https://www.gnupg.org/documentation/manuals/gcrypt/ECC-key-parameters.html ?