Xuelei,
Sorry, for the delayed response, I have been working in another area.
Comments below:
On 12/09/2012 10:07 PM, Xuelei Fan wrote:
Hi Stephen,
The update in JsseJce.java update the behaviors of SunJSSE provider.
Need more time to evaluate the impact.
For a particular standard named curve of EC, I think the ECParameterSpec
does not change in different providers. I was wondering, is it
necessary to bind the ECParameterSpec with a particular provider? in
ECUtil, you have methods like this one:
ECParameterSpec getECParameterSpec(Provider p, ECParameterSpec spec)
I think it converts from one ECParameterSpec object to another
ECParameterSpec object. What's the usage of this method?
From what I can see of the code, the caller is checking to see the
curve is supported. I did not change what was being done, but changed
code path from a direct call into the sun.security.ec package to call
into java.security packages.
The provider parameter is there because to be provider independent,
since the calling JSSE had already obtained the EC provider it intends
to use, so I did not want to use the default provider.
And this one:
ECParameterSpec getECParameterSpec(Provider p, String name)
For named curves, is it possible to make methods like this one to be
provider independent?
Again, a calling class will have already obtained the EC provider they
intend to use.
Steve.
Regards,
Xuelei
On 11/27/2012 11:21 AM, Stephen Flores wrote:
Vincent, Sean,
Please review the fix for:
CR 7194075: Various classes of sunec.jar are duplicated in rt.jar
http://cr.openjdk.java.net/~sflores/7194075/webrev-1/
Changes:
*Changed/renamed any of methods that did not support the public API to
package private.
*Moved the decode and encode point methods out of ECParameters to a new
class sun.security.util.ECUtil.
*Changed any "new byte[], System.arraycopy" blocks in ECUtil point
methods to Arrays.copyOfRange.
*Added a new AlgorithmParameterSpec in sun.security.util to get curves
by key size, for PKCS11 to use.
*Moved all of static lookup methods in ECParameters, NamedCurve and the
curve repository to separate class (CurveDB). This made ECParameters and
NamedCurve cleaner and easier work on (there was some ECParameters cleanup.
*In JSSE and PKCS11 and changed the references to ECParmeters and
NamedCurve to the ECUtil which has utility methods that use the public
APIs.
*Changed to the EC unit test to use the list of supported curves in the
property that the SunEC provider has already.
*Changed SunECEntries to build the list of supported curves property
from the collection in CurveDB.
*Changed the JDK makefiles to not duplicate EC classes in rt.jar.
Thanks,
Steve.
