You are viewing a plain text version of this content. The canonical link for it is here.
Posted to general@gump.apache.org by bo...@apache.org on 2004/03/02 12:27:31 UTC
cvs commit: gump/project jce.xml xml-security.xml
bodewig 2004/03/02 03:27:31
Modified: project jce.xml xml-security.xml
Log:
Use the JDK 1.4 provider instead of the JDK 1.3 JCE
Revision Changes Path
1.14 +1 -1 gump/project/jce.xml
Index: jce.xml
===================================================================
RCS file: /home/cvs/gump/project/jce.xml,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- jce.xml 27 Feb 2004 09:22:56 -0000 1.13
+++ jce.xml 2 Mar 2004 11:27:30 -0000 1.14
@@ -25,7 +25,7 @@
<package>javax.crypto</package>
<package>org.bouncycastle</package>
- <jar name="jce-jdk13-116.jar" type="boot"/>
+ <jar name="bcprov-jdk14-122.jar" type="boot"/>
</project>
</module>
1.26 +0 -4 gump/project/xml-security.xml
Index: xml-security.xml
===================================================================
RCS file: /home/cvs/gump/project/xml-security.xml,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- xml-security.xml 27 Feb 2004 09:22:57 -0000 1.25
+++ xml-security.xml 2 Mar 2004 11:27:30 -0000 1.26
@@ -31,10 +31,6 @@
<ant target="gump">
<sysproperty name="build.clonevm" value="true"/>
<property name="lib.jce" project="jce" reference="jarpath"/>
- <property name="jce.download.md5"
- value="85c64cd754719a4bc8da7e9aa0e113fd"/>
- <property name="jce.download.sha1"
- value="c1f0e975e8c8e0a0105787b249a50615b485d109"/>
</ant>
<depend project="ant" inherit="runtime"/>
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org
Re: Bouncycastle JCE
Posted by Stefan Bodewig <bo...@apache.org>.
On Tue, 02 Mar 2004, Stefan Bodewig <bo...@apache.org> wrote:
> so I'll try with the unrestricted policy file next.
It works.
Stefan
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org
Re: Bouncycastel JCE
Posted by Stefan Bodewig <bo...@apache.org>.
On Thu, 04 Mar 2004, Berin Lautenbach <be...@wingsofhermes.org> wrote:
> Looks like more failures with xml-security.
Yes, I've seen but not understood them.
> The current failure is around trying to download the BC JCE, so I
> have reversed out the change around the JDK1.4 JCE to re-enable the
> BC JCE.
OK, if that fixes the problem ...
> Not sure what the correct protocol is, so apologies if I am stepping
> on toes.
The correct protocol is to go ahead and commit fixes as you see fit ;-)
Thanks
Stefan
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org
Re: Bouncycastel JCE (was Re: cvs commit: gump/project jce.xml xml-security.xml)
Posted by Berin Lautenbach <be...@wingsofhermes.org>.
Stefan,
Looks like more failures with xml-security.
As an aside, I've found that even the beta JDK1.5 provider may not
support everything we need, and 1.4 definitely doesn't.
The current failure is around trying to download the BC JCE, so I have
reversed out the change around the JDK1.4 JCE to re-enable the BC JCE.
Not sure what the correct protocol is, so apologies if I am stepping on
toes.
Cheers,
Berin
Berin Lautenbach wrote:
>>>Stefan,
>
>
>>>Unfortunately I don't think we can use the JDK1.4 provider, as it
>>>doesn't implement some of the padding we need (thus the errors from
>>>the previous builds).
>>
>>No, no problems with padding so far.
>
>
> My experience was that the policy file is only needed if BC is not
> available. If it isn't available, the *first* error you get is the error
> about key lengths. When you fix that, you get the padding errors.
> But happy to wait and see :>, and I hugely appreciate the efforts!
>
> Cheers,
> Berin
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
> For additional commands, e-mail: general-help@gump.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org
Re: Bouncycastel JCE (was Re: cvs commit: gump/project jce.xml xml-security.xml)
Posted by Berin Lautenbach <be...@wingsofhermes.org>.
>> Stefan,
>> Unfortunately I don't think we can use the JDK1.4 provider, as it
>> doesn't implement some of the padding we need (thus the errors from
>> the previous builds).
>
> No, no problems with padding so far.
My experience was that the policy file is only needed if BC is not
available. If it isn't available, the *first* error you get is the error
about key lengths. When you fix that, you get the padding errors.
But happy to wait and see :>, and I hugely appreciate the efforts!
Cheers,
Berin
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org
Bouncycastel JCE (was Re: cvs commit: gump/project jce.xml
xml-security.xml)
Posted by Stefan Bodewig <bo...@apache.org>.
On Tue, 02 Mar 2004, Berin Lautenbach <be...@wingsofhermes.org> wrote:
> Stefan,
>
> Co-incidental :>.
Absolutely since I just now have removed the provider from the
bootclasspath and things are improving.
I've just now received
[junit] java.lang.SecurityException: Unsupported keysize or algorithm parameters
so I'll try with the unrestricted policy file next.
> Unfortunately I don't think we can use the JDK1.4 provider, as it
> doesn't implement some of the padding we need (thus the errors from
> the previous builds).
No, no problems with padding so far.
> I did some tracking - and the problem from the previous builds is
> that if the BC JCE is defined on the BOOTCLASSPATH, it doesn't get
> used.
This is what I found out as well 8-)
> Unfortunately, we need to use bootclasspath because of Xalan.
No, in Gump there is a type="boot" flag on the jars we want to see on
the bootclasspath. We can take it away from JCE and still keep it for
Xalan and Xerces.
Stefan
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org
Re: cvs commit: gump/project jce.xml xml-security.xml
Posted by Berin Lautenbach <be...@wingsofhermes.org>.
Stefan,
Co-incidental :>. I was just looking at this.
Unfortunately I don't think we can use the JDK1.4 provider, as it
doesn't implement some of the padding we need (thus the errors from the
previous builds).
I did some tracking - and the problem from the previous builds is that
if the BC JCE is defined on the BOOTCLASSPATH, it doesn't get used. It
can only be defined on the CLASSPATH. Unfortunately, we need to use
bootclasspath because of Xalan.
So rather than me muck around with the gump definitions and getting them
completely wrong, can someone give me some advice as to how define it
such that the BC JCE is on CLASSPATH and everything else on bootclasspath?
Cheers,
Berin
bodewig@apache.org wrote:
> bodewig 2004/03/02 03:27:31
>
> Modified: project jce.xml xml-security.xml
> Log:
> Use the JDK 1.4 provider instead of the JDK 1.3 JCE
>
> Revision Changes Path
> 1.14 +1 -1 gump/project/jce.xml
>
> Index: jce.xml
> ===================================================================
> RCS file: /home/cvs/gump/project/jce.xml,v
> retrieving revision 1.13
> retrieving revision 1.14
> diff -u -r1.13 -r1.14
> --- jce.xml 27 Feb 2004 09:22:56 -0000 1.13
> +++ jce.xml 2 Mar 2004 11:27:30 -0000 1.14
> @@ -25,7 +25,7 @@
> <package>javax.crypto</package>
> <package>org.bouncycastle</package>
>
> - <jar name="jce-jdk13-116.jar" type="boot"/>
> + <jar name="bcprov-jdk14-122.jar" type="boot"/>
> </project>
>
> </module>
>
>
>
> 1.26 +0 -4 gump/project/xml-security.xml
>
> Index: xml-security.xml
> ===================================================================
> RCS file: /home/cvs/gump/project/xml-security.xml,v
> retrieving revision 1.25
> retrieving revision 1.26
> diff -u -r1.25 -r1.26
> --- xml-security.xml 27 Feb 2004 09:22:57 -0000 1.25
> +++ xml-security.xml 2 Mar 2004 11:27:30 -0000 1.26
> @@ -31,10 +31,6 @@
> <ant target="gump">
> <sysproperty name="build.clonevm" value="true"/>
> <property name="lib.jce" project="jce" reference="jarpath"/>
> - <property name="jce.download.md5"
> - value="85c64cd754719a4bc8da7e9aa0e113fd"/>
> - <property name="jce.download.sha1"
> - value="c1f0e975e8c8e0a0105787b249a50615b485d109"/>
> </ant>
>
> <depend project="ant" inherit="runtime"/>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
> For additional commands, e-mail: general-help@gump.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@gump.apache.org
For additional commands, e-mail: general-help@gump.apache.org