[Bug crypto/27649] Addition of --standalone-crypto configure option

[mwringe at redhat dot com]

------- Comment #10 from mwringe at redhat dot com  2006-06-22 14:35 -------
(In reply to comment #9)
> (In reply to comment #8)
> > (In reply to comment #7)
> > > > ...
...
> > Actually this brings up another point. When using proprietary 1.4 VMs and 
> > using
> > our crypto jars as a provider, the proprietary JCE API implementations seem 
> > to
> > check if the provider is signed but we dont/cant/wont have officially signed
> > jars for these
> > (http://www.gnu.org/software/gnu-crypto/manual/Installing-the-JCE-Classes.html#Installing%20the%20JCE%20Classes
> > ) we almost have to fake out these VMs to use our JCE code 
> > (javax.crypto...).
> > So far we have been doing this by placing a massive crypto.jar in the 
> > endorsed
> > directory of the JRE so our classes gets loaded before the proprietary
> > implementation. As a result, having a jce jar might be necessary.
> 
> good catch!
> 
> 
> > Are there any
> > tricks that we can use to get around this problem?
> 
> for 1.4 you can specify the jars on the bootclasspath.  for 1.5 i never tried.
> 
...
> 
hmm, good idea. This will allow only specified applications to use the unsiged
gnu-crypto.jars and will allow for java versions to be changed without having
to update the new endorsed directory.

It can confirm that it also work on 1.5

If anybody has any other ideas about how to get around this issue, please
comment.

Thanks,

Matt Wringe


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=27649