7054637 closed/lib/security/cacerts/VerifyCACerts.java failed on solaris 11
Vincent Ryan
vincent.x.ryan at oracle.com
Thu Sep 15 08:20:27 UTC 2011
On 09/14/11 09:30 PM, Valerie (Yu-Ching) Peng wrote:
>
> As long as Solaris supports both key formats after fixing 6830224, then it'd be
> fine, I guess.
>
> Oh, are you gonna change the synopsis to describe the cause of the problem? I'd
> also prefer it that way.
I've fixed that:
http://monaco.sfbay.sun.com/detail.jsf?cr=7054637
Thanks.
> Thanks,
> Valerie
>
> On 09/14/11 11:17, Vincent Ryan wrote:
>> Please review the following fix to the SunPKCS11 JCE provider:
>>
>> http://cr.openjdk.java.net/~vinnie/7054637/webrev.00/
>>
>> The problem is that some older PKCS11 tokens support only the raw encoding for
>> EC point in Elliptic Curve public keys. This fix introduces a configuration
>> attribute that controls whether the raw-encoding or DER-encoding shall be used.
>>
>> It aids interoperability between older and newer PKCS11 tokens.
>>
>> Thanks.
>>
>>
>>
>
More information about the security-dev
mailing list