Lars Silvén wrote:
Hi Brad,
Do you have everything you need to fix the bug.
I believe so. I haven't started looking at it closely yet, I'm still
mopping up several fires. Unfortunately, I'm the chef, busboy, and
bottle washer for several projects here.
> Or is there anything more I could do to help.
I have now also tested the nCipher HSM. To get their p11 working my patch had
to be applied.
Do you have any idea when we the fix could be released?
Are you looking for JDK7, or 6?
Brad
Best Regards
Brad Wetmore wrote:
Lars Silvén wrote:
Hi Brad,
I have written a simple application that illustrates the problem:
http://bunny.primekey.se/~lars/sunP11Bug/src/test/Main.java
But you need a p11 module with ECC capability to run it. Do you have one?
Yes.
If not I could investigate if one of our HSM vendors could send you one.
Also to verify that the public key actually is usable a JCA provider
with ECC is needed.
I'm going to be working on adding ECC to the JCE provider for JDK 7.
Thanks for the case.
Brad
But for that you could use BouncyCastle.
Start running the application without parameters and then you get a
description of needed parameters.
Lars
Brad Wetmore wrote:
Great, thanks for doing so.
I'll be working on this fairly soon, so I'll get a bug filed. Do you
have a standalone test case for this already? See step 3 of the
contribute page. If you do but you don't have it in jtreg format, I can
get it into the jtreg format.
Brad
Lars Silvén wrote:
Here is my SCA!
//Lars
Brad Wetmore wrote:
Hi Lars,
I have created a patch that is fixing the problem:
This is Brad Wetmore, I am the Security group Moderator, and also the
person who will be handling this when I get back to working on the
Java
ECC implementation.
Unfortunately, I can't take your source contribution yet without a
signed copy of the Sun Contribution Agreement in place. This is done
for your protection as well as the Sun's and the OpenJDK community's.
Please see the following link for more information:
http://openjdk.java.net/contribute/
The Signatories of the SCA are eligible to donate code to all products
and projects owned or managed by Sun: signing it once means you can
contribute code to any Sun-sponsored open source project.
If you have recently signed it and it hasn't yet appeared in our
database yet, just let me know.
Discussions of the problem is fine, it's just the source that we can't
take at this point.
Thanks,
Brad
------------------------------------------------------------------------
