Cleaning up crypto support
Mark Wielaard
mjw at redhat.com
Thu Oct 2 02:49:30 PDT 2008
Hi,
On Thu, 2008-09-25 at 20:56 +0200, Mark Wielaard wrote:
> I believe this version is pretty clean. And it should be simple to
> verify that it works correctly now since all unnecessary code is just
> thrown out. Of course I threw all the crypto and security tests at it
> that I could find and all happily passed. I did alter the TestUtil class
> so that it always checks all algorithms and full keys.
>
> It would be nice to push this in OpenJDK proper so there is less
> divergence and so the GPLed version always has full crypto support
> enabled.
>
> If you still want to support a ClosedJDK with restricted crypto support
> then all you have to do it provide your own Cipher and JceSecurity
> class, plus any of the now removed auxiliary classes JarVerfifier and
> JceSecurityManager. Everything else can be the same between the free
> openjdk and proprietary closedjdk.
>
> Please let me know if you would need any help integrating this.
> I did already push it into icedtea6.
I didn't see any replies to this yet. Please do let me know if I can
help in any way to get this pushed forward faster.
Thanks,
Mark
More information about the distro-pkg-dev
mailing list