[Bug 356] keytool doesn't handle SHA384withECDSA signatures
bugzilla-daemon at icedtea.classpath.org
bugzilla-daemon at icedtea.classpath.org
Wed Jul 15 08:31:43 PDT 2009
http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=356
------- Comment #9 from jon.vanalten at redhat.com 2009-07-15 15:31 -------
oic. After looking some at sun/security/tools/KeyTool.java and
sun/security/pkcs11/SunPKCS11.java, I agree that changes to KeyTool would not
be the best approach here. There are a number of provider types in the JDK,
they are not given any special treatment by KeyTool. Similary not all
providers are known in java.security.
A couple of questions come to mind about the possibility of generating a NSS
config file (depending on detection of nss library). First: how would we know
whether the local library is built with ECC support? It is not afaik a default
build option, Fedora may not be the only distro not building with that option.
Second: folks wishing to use this provider would need to know the location of
the config file to pass as an arg when specifying this provider to keytool.
Either that or we need to patch SunPKCS11.java so that default constructor
looks to some location for config file rather than failing. Do other providers
require config files, and is there already some location where such files are
put by default?
--
Configure bugmail: http://icedtea.classpath.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the distro-pkg-dev
mailing list