Crypto components as external JCE provider

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thursday 22 June 2006 08:36, Vivek Lakshmanan wrote:
> Hi All,
> A few of us have been discussing extracting the crypto components in
> classpath as an external JCE provider especially for use with Java
> 1.4.x based VMs (PR27649 for those looking for the whole story). This
> will also help those trying to package classpath for distribution
> under export restrictions since these jars can be excluded much more
> easily than if they are integrated into the main classpath jar.
>
> What follows is a summary of what has been discussed so far. I feel
> it would be best to see if there are any reservations about our
> plans:
>
> 1) We are currently planning to produce a crypto provider jar
> (gnu.java.security, gnu.javax.crypto and gnu.javax.security).
> Currently there are some dependencies on 'gnu.classpath.debug'. One
> suggestion was to produce a separate jar for this package.  This
> sounds reasonable to me but are there any objections? The other minor
> dependencies on other classpath packages will be cleaned up.
>
> 2) We will extract a JCE jar with the javax.crypto classes. Most
> 1.4.x vendors now include these, however, they check to see if the
> provider is signed. This issue has been discussed earlier in various
> contexts [1]. If we produce this jar, users can use our crypto
> provider by placing the JCE jar in the endorsed directory of their
> JRE for instance (if they desire to do so).
>
> 3) A Jessie jar would be extracted in a similar manner.
>
> 4) Code in these packages (especially the JCE provider packages) will
> only use Java 1.4.x constructs for the time being so it can be used
> with 1.4.x based JDKs (PR28127).

does anybody know of a free tool that can help detect usage of non-1.4 
API in a package/jar?  could the JAPI tool be used for this or as part 
of a solution?


> All suggestions/comments are welcome.
> Thanks,
> Vivek
>
>
> [1] http://lists.debian.org/debian-java/2005/10/msg00089.html

TIA + cheers;
rsn
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://developer.classpath.org/pipermail/classpath/attachments/20060622/69f660f3/attachment.pgp

[Index of Archives]     [Linux Kernel]     [Linux Cryptography]     [Fedora]     [Fedora Directory]     [Red Hat Development]

  Powered by Linux