7054637 closed/lib/security/cacerts/VerifyCACerts.java failed on solaris 11

Vincent Ryan vincent.x.ryan at oracle.com
Wed Sep 14 11:17:13 PDT 2011

Please review the following fix to the SunPKCS11 JCE provider:


The problem is that some older PKCS11 tokens support only the raw encoding for
EC point in Elliptic Curve public keys. This fix introduces a configuration
attribute that controls whether the raw-encoding or DER-encoding shall be used.

It aids interoperability between older and newer PKCS11 tokens.


More information about the security-dev mailing list