On 16 April 2010 00:06, Bradford Wetmore <bradford.wetm...@oracle.com> wrote: > Hi Andrew, > > I couldn't tell for sure if this was for OpenJDK 7 or OpenJDK 6. I'm > assuming the former? >
You're correct. I should have made it clearer in the initial e-mail, though I did ask if it was ok to push it to tl which is 7 only. The patch does apply to both, so I'll ask Joe Darcy about backporting it once it's in 7. > Looks good. I checked for any remaining missing CKR_* values in the > PKCS11 spec version 2.20, this covers all the missing values. > Thanks. These are all the values used by the current version of NSS (3.12.3 IIRC). > I've filed: > > 6944361: Missing CKR_ values in PKCS11Exception > > Our reviewer names would be wetmore, valeriep. > Thanks. Pushed: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/c444651077d2 >> http://cr.openjdk.java.net/~andrew/nss/webrev.01/jdk.patch > > Specifying just the top level of the webrev is preferred. > Whoops! Sorry, I usually do post the right URL. Must have copied the wrong one. > Thanks! > > Brad > > > On 4/12/2010 8:49 AM, Andrew John Hughes wrote: >> Hi, >> >> I'm trying to debug an issue with the NSS provider crashing on a >> number of JTreg tests. See >> http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=469 >> >> I found a couple of issues in doing so: >> >> * The stack trace is incomplete as a couple of exceptions are thrown >> using only the message without including the cause >> * The NSS wrapper can't handle a couple of newer NSS error codes >> >> This patch: >> >> http://cr.openjdk.java.net/~andrew/nss/webrev.01/jdk.patch >> >> fixes both issues and extends: >> >> java.security.cert.CertificateParsingException: java.io.IOException: subject >> key, Could not create EC public key >> at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:171) >> at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1747) >> at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:320) >> at >> sun.security.provider.X509Factory.parseX509orPKCS7Cert(X509Factory.java:550) >> at >> sun.security.provider.X509Factory.engineGenerateCertificates(X509Factory.java:434) >> at >> java.security.cert.CertificateFactory.generateCertificates(CertificateFactory.java:444) >> at ReadCertificates.readCertificates(ReadCertificates.java:51) >> at ReadCertificates.main(ReadCertificates.java:86) >> at PKCS11Test.premain(PKCS11Test.java:79) >> at PKCS11Test.testDefault(PKCS11Test.java:113) >> at PKCS11Test.main(PKCS11Test.java:86) >> at ReadCertificates.main(ReadCertificates.java:57) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:616) >> at >> com.sun.javatest.regtest.MainAction$SameVMThread.run(MainAction.java:595) >> at java.lang.Thread.run(Thread.java:636) >> Caused by: java.io.IOException: subject key, Could not create EC public key >> at sun.security.x509.X509Key.parse(X509Key.java:174) >> at >> sun.security.x509.CertificateX509Key.<init>(CertificateX509Key.java:75) >> at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:705) >> at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:169) >> ... 17 more >> >> with: >> >> Caused by: java.security.InvalidKeyException: Could not create EC public key >> at sun.security.x509.X509Key.buildX509Key(X509Key.java:227) >> at sun.security.x509.X509Key.parse(X509Key.java:170) >> ... 20 more >> Caused by: java.security.spec.InvalidKeySpecException: Could not create EC >> public key >> at >> sun.security.pkcs11.P11ECKeyFactory.engineGeneratePublic(P11ECKeyFactory.java:154) >> at java.security.KeyFactory.generatePublic(KeyFactory.java:321) >> at sun.security.x509.X509Key.buildX509Key(X509Key.java:223) >> ... 21 more >> Caused by: java.security.InvalidKeyException: Could not create EC public key >> at >> sun.security.pkcs11.P11ECKeyFactory.implTranslatePublicKey(P11ECKeyFactory.java:117) >> at >> sun.security.pkcs11.P11ECKeyFactory.engineGeneratePublic(P11ECKeyFactory.java:152) >> ... 23 more >> Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: >> CKR_DOMAIN_PARAMS_INVALID >> at sun.security.pkcs11.wrapper.PKCS11.C_CreateObject(Native Method) >> at >> sun.security.pkcs11.P11ECKeyFactory.generatePublic(P11ECKeyFactory.java:229) >> at >> sun.security.pkcs11.P11ECKeyFactory.implTranslatePublicKey(P11ECKeyFactory.java:103) >> ... 24 more >> >> allowing the native NSS error to be seen. >> >> Ok to push to tl? If so, can I have a bug ID for this change? >> >> Thanks, > -- Andrew :-) Free Java Software Engineer Red Hat, Inc. (http://www.redhat.com) Support Free Java! Contribute to GNU Classpath and the OpenJDK http://www.gnu.org/software/classpath http://openjdk.java.net PGP Key: 94EFD9D8 (http://subkeys.pgp.net) Fingerprint: F8EF F1EA 401E 2E60 15FA 7927 142C 2591 94EF D9D8
