tom.deneau at amd.com
Fri May 25 22:13:30 UTC 2012
I don't believe we have a JCE code signing keypair (where would we have gotten one?)
Is there any test flag that tells the Oracle 7u4 jre to not require a signed crypto provider
From: Valerie (Yu-Ching) Peng [mailto:valerie.peng at oracle.com]
Sent: Friday, May 25, 2012 12:11 PM
To: Deneau, Tom
Cc: build-dev at openjdk.java.net
Subject: Re: Building sunpkcs11.jar
The provider built from OpenJDK workspace is unsigned.
It can't be used with Oracle 7u4 JRE which require crypto provider to be
signed for export/import conformance.
If Your company has a JCE code signing keypair, you can sign the
provider built using OpenJDK with that keypair and then use it w/ Oracle
On 05/23/12 08:54, Deneau, Tom wrote:
> I want to be able to modify and rebuild lib/ext/sunpkcs11.jar.
> When I do a "make all; make images" everything completes successfully.
> With javap, I can see my modified class in the build/linux-amd64/j2sdk-image/jre/lib/ext
> When I use this built ext directory as a replacement of the Oracle 7U4 JRE, and run some code that does
> KeyGenerator gen = KeyGenerator.getInstance("AES");
> I get
> Test1,java.security.NoSuchAlgorithmException: AES KeyGenerator not available
> at javax.crypto.KeyGenerator.<init>(KeyGenerator.java:158)
> at javax.crypto.KeyGenerator.getInstance(KeyGenerator.java:207)
> This code runs successfully with the regular Oracle 7U4 JRE.
> Am I missing something in the build process?
> -- Tom Deneau
More information about the build-dev