Is there a test provider that does not allow private key export?

Xuelei Fan at
Fri Jun 17 00:28:44 UTC 2016

Maybe, you can have a look at:


On 6/16/2016 9:54 PM, Wang Weijun wrote:
> Hi Guys
> I am working on a keytool -providername bug [1] and would like to write a test with a provider that does not allow a private key to be exported (therefore not usable by Signature in another provider). Do we already have one inside jdk/test? Or is it possible to configure the SunPKCS11-NSS provider to do so?
> Thanks
> Max
> [1]

More information about the security-dev mailing list