7054637 closed/lib/security/cacerts/VerifyCACerts.java failed on solaris 11

Vincent Ryan vincent.x.ryan at oracle.com
Thu Sep 15 08:20:27 UTC 2011


On 09/14/11 09:30 PM, Valerie (Yu-Ching) Peng wrote:
> 
> As long as Solaris supports both key formats after fixing 6830224, then it'd be
> fine, I guess.
> 
> Oh, are you gonna change the synopsis to describe the cause of the problem? I'd
> also prefer it that way.

I've fixed that:
   http://monaco.sfbay.sun.com/detail.jsf?cr=7054637


Thanks.


> Thanks,
> Valerie
> 
> On 09/14/11 11:17, Vincent Ryan wrote:
>> Please review the following fix to the SunPKCS11 JCE provider:
>>
>> http://cr.openjdk.java.net/~vinnie/7054637/webrev.00/
>>
>> The problem is that some older PKCS11 tokens support only the raw encoding for
>> EC point in Elliptic Curve public keys. This fix introduces a configuration
>> attribute that controls whether the raw-encoding or DER-encoding shall be used.
>>
>> It aids interoperability between older and newer PKCS11 tokens.
>>
>> Thanks.
>>
>>
>>   
> 




More information about the security-dev mailing list