6995421: Eliminate the static dependency to sun.security.ec.ECKeyFactory

Vincent Ryan vincent.x.ryan at oracle.com
Wed Jul 25 08:22:23 PDT 2012

Hello Stephen,

Your changes look good.

On 20/07/2012 21:18, Stephen Flores wrote:
> Please review the following webrev:
> http://cr.openjdk.java.net/~sflores/6995421/
> for bug: 6995421 Eliminate the static dependency to
> sun.security.ec.ECKeyFactory
> Description of the problem:
> sun.security.x509.AlgorithmId and sun.security.pkcs11.P11ECKeyFactory
> depend on an public static fields sun.security.ec.ECKeyFactory
> Also, while debuging I found that ECPublicKeyImpl did not check for
> missing domain parameters while parsing a key, the way ECPrivateKeyImpl
> does.
> Evaluation:
> At the time of development of AlgorithmId there was no public provider
> for EC Key Factory, a public provider has been added since.
> Description of fix:
> Since code in sun.security.x509.AlgorithmId the used the provider in
> ECKeyFactory was removed since the call to the public API now provides
> EC AlgorithmParameters.
> sun.security.pkcs11.P11ECKeyFactory was changed to use public KeyFactory
> API to get a key factory.
> Additional changes:
> A null check of the alorithm parameters was added to
> ECPublicKey.parseKeyBits.
> The internal provider in ECKeyFactory has been removed and it entries
> move to the SunEC provider class and any references to it have been
> changed to use the public provider API.
> Changed the TestEC to the the public API to get the SunEC provider the
> way applications would.
> The PKCS11 test methods that are shared TestEC were changed not to
> delete the provider given to them, which did not matter in the past
> since internal provider in ECKeyFactory was being used by EC classes.
> Thanks,
> Steve.

More information about the security-dev mailing list