RFR : 8080102: Java 8 cannot load its cacerts in FIPS. no such provider: SunEC
Seán Coffey
sean.coffey at oracle.com
Sat Jun 6 09:55:07 UTC 2015
thanks for review Valerie. I think the current JDK 9 builds already
check for some module correctness. Hopefully - what I'm proposing will
work post modules. My initial attempt had the java.base module trying to
pull in the jdk.crypto.ec module. That would not be allowed. The current
proposal doesn't seem to place any issue on modules and the current
export rules work ok.
Regards,
Sean.
On 05/06/2015 22:04, Valerie Peng wrote:
>
> This looks pretty good.
> However, I suspect this will stop working once the Jake changes are
> integrated as module boundaries are enforced?
> Valerie
>
>
> On 6/5/2015 3:21 AM, Seán Coffey wrote:
>> Looking to resolve a recently reported issue where the
>> P11ECKeyFactory class has too much dependence on the SunEC provider.
>> With some reshuffling and creation of a new P11ECUtil class, I was
>> able to remove the call for lookup of SunEC Provider. The test picks
>> up the regression when running with the SunPKCS11-NSS provider.
>>
>> bug report : https://bugs.openjdk.java.net/browse/JDK-8080102
>> webrev :
>> http://cr.openjdk.java.net/~coffeys/webrev.8080102.jdk9.v2/webrev/
>>
>> --
>> Regards,
>> Sean.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20150606/6459f5bc/attachment.htm>
More information about the security-dev
mailing list