[Bug 356] keytool doesn't handle SHA384withECDSA signatures
bugzilla-daemon at icedtea.classpath.org
bugzilla-daemon at icedtea.classpath.org
Thu Aug 27 10:18:08 PDT 2009
http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=356
------- Comment #15 from gnu_andrew at member.fsf.org 2009-08-27 17:18 -------
A little debugging finds that:
array length: 67
field size: 256
n = 32
array: [4, 65, 4, -26, -5, 56, -82, -53, -122, 32, 102, -86, -64, -59, 84, 5,
110, 1, -49, 38, -7, 3, -97, 122, -36, -18, 99, -126, -83, 83, 34, 12, -38,
-84, 43, 83, -38, -25, -58, 9, -30, -37, 108, -43, 35, -118, -15, 53, 104, -26,
-45, -51, 3, -83, 100, -119, -108, 25, 75, -37, 39, 9, 50, -121, 105, 68, 96]
The check that throws the exception is the failure of array length to equal
(n*2)+1 (65) in this case. The array returned by NSS has two extra bytes. n
is calculated from the field size of 256 by adding 7 and shifting right 3. If
the field size was 257, it would thus match the array size but this is not a
legal EC key size.
--
Configure bugmail: http://icedtea.classpath.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the distro-pkg-dev
mailing list