[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bouncy Castle ready



> Please add as much details as you have now to the bug database
> http://www.gnu.org/software/classpath/bugs.html
> That way the issue isn't forgotten. You can always later add more
> details if you have more time. Just make sure the instructions on how to
> repeat the issue are clear and simple to follow so someone else can try
> to reproduce it.

I went to file a bug, and was prompted to specify which version of
classpath this applied to. The choices started at .15, and I then
checked and found that .14 is the most recent version available in
Debian.

I'd like to test this bug against .17, but was hoping to avoid spending
a lot of time doing so. What are the prospects of getting .17 into
Debian?

I'd be glad to help out if there is anything I could do. :-)

> >  Also running with kaffe gave different
> > failures than running with sablevm and gij (all failed on the same test
> > cases, in different ways); I'm not sure quite what to think of that.
> 
> The runtimes are probably not completely in sync. Hopefully it means
> that the runtime with the latest GNU Classpath gives the least faults.
> But it could of course be that we introduced a regression lately :{

Well, they failed on the same tests in different ways. :-)

I've attached the specific errors, by way of information. But I will
file a bug in classpath as you've suggested (once I can verify that it
is still a problem with the most recent version).

Charles

-- 
Tho tough
And rough
From wind and wave
Your cheek grows sleek
With
Burma-Shave
http://burma-shave.org/jingles/1931/tho_tough
libbcprov-java for Debian
=========================

In order to use this library, add the following to your classpath:

    /usr/share/java/bcprov.jar

Alternatively, the jar can be installed as an optional package by linking it
from $JAVA_HOME/lib/ext.


Installing Bouncy Castle as a Security Provider
-----------------------------------------------

From the BouncyCastleProvider javadocs:

To add the provider at runtime use:

    import java.security.Security;
    import org.bouncycastle.jce.provider.BouncyCastleProvider;

    Security.addProvider(new BouncyCastleProvider());

The provider can also be configured as part of your environment via static
registration by adding an entry to the java.security properties file (found in
$JAVA_HOME/jre/lib/security/java.security, where $JAVA_HOME is the location of
your JDK/JRE distribution). You'll find detailed instructions in the file but
basically it comes down to adding a line:

    security.provider.<n>=org.bouncycastle.jce.provider.BouncyCastleProvider

Where <n> is the preference you want the provider at (1 being the most
preferred).


Bouncy Caslte as a Trusted Security Provider
--------------------------------------------

Unfortunately, the Debian release of Bouncy Castle can not currently be used as
a trusted security provider, as the jar has not been signed by a trusted CA. We
are actively working to remedy this, and hope to support this functionality in
the future.


Regression Test Failures in Free JVMs
-------------------------------------

Currently some of the regression tests fail with certain free JVMs, as
documented here:

Kaffe version 1.1.5 fails on the following tests:

    DSA: r component wrong.
     expecting: 68076202252361894315274692543577577550894681403
     got      : 765319432306373964268376808835858013972132599654
    ECDSA 192 bit prime: r component wrong.
     expecting: 3342403536405981729393488334694600415596881826869351677613
     got      : 3187602046745097068290934305969813876101767926839540426218
    GOST3410-TEST1-512: r component wrong.
     expecting: 3e5f895e276d81d2d52c0763270a458157b784c57abdbd807bc44fd43a32ac06
     got      : 62fc273f5f22b6580150f7362f4269c3e253858acd8ee82b0eb4618d3b0f4c36
    ECGOST3410 - TEST: r component wrong.
     expecting: 29700980915817952874371204983938256990422752107994319651632687982059210933395
     got      : 11700501928114180003481645264816788532906730470190732436155925294628445009322


SableVM version 1.11.3 fails on the following tests:

    DSA: r component wrong.
     expecting: 68076202252361894315274692543577577550894681403
     got      : 746231301394742731982047691450321420276689060848
    ECDSA 192 bit prime: r component wrong.
     expecting: 3342403536405981729393488334694600415596881826869351677613
     got      : 6249833018739160226694907120521802919631748840289650662347
    GOST3410-TEST1-512: r component wrong.
     expecting: 3e5f895e276d81d2d52c0763270a458157b784c57abdbd807bc44fd43a32ac06
     got      : 24287d8a0d17fedec7c6dfd5a018a27ddcca4528a84ae7a51344715a83de2456
    ECGOST3410 - TEST: r component wrong.
     expecting: 29700980915817952874371204983938256990422752107994319651632687982059210933395
     got      : 13628253036095457453781547057345293906187223953521072753797672813397452752475


gij version 4.0.2 failed on the following tests:

    DSA: r component wrong.
     expecting: 68076202252361894315274692543577577550894681403
     got      : 746231301394742731982047691450321420276689060848
    ECDSA 192 bit prime: r component wrong.
     expecting: 3342403536405981729393488334694600415596881826869351677613
     got      : 6249833018739160226694907120521802919631748840289650662347
    GOST3410-TEST1-512: r component wrong.
     expecting: 3e5f895e276d81d2d52c0763270a458157b784c57abdbd807bc44fd43a32ac06
     got      : 24287d8a0d17fedec7c6dfd5a018a27ddcca4528a84ae7a51344715a83de2456
    ECGOST3410 - TEST: r component wrong.
     expecting: 29700980915817952874371204983938256990422752107994319651632687982059210933395
     got      : 13628253036095457453781547057345293906187223953521072753797672813397452752475

If you encounter errors with other JVMs, please report them so that they can be
documented here, and ultimately fixed upstream.

 -- Charles Fry <debian@frogcircus.org>, Mon Aug 19 18:21:08 2005

Attachment: signature.asc
Description: Digital signature


Reply to: