Closed Bug 1344292 Opened 7 years ago Closed 7 years ago

[RFE] ECC encryption keys cannot be archived

Categories

(JSS Graveyard :: Library, defect)

Product:
JSS Graveyard
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: elio.maldonado.batiz, Assigned: cfu)

References

Details

Attachments

(1 file)

patch to allow ECC keys to be archived
20.79 KB, patch
cfu
: review+
Details | Diff | Splinter Review 
NSS provides support for TLS v1.1 and v1.2. As a consequence of this, JSS must be updated to allow access to this new NSS feature for use by servers such as Tomcat.
Assignee: glenbeasley → cfu
Attachment #8843369 - Flags: review?(cfu)
Comment on attachment 8843369 [details] [diff] [review]
patch to allow ECC keys to be archived

Review of attachment 8843369 [details] [diff] [review]:
-----------------------------------------------------------------

The attachment seems to be a subset of my original Fedora downstream patch: jss-support-TLS1_1-TLS1_2.patch

Did I miss something?
Attachment #8843369 - Flags: review?(cfu) → review-
The downstream jss.spec file from Rawhide hs that a separate patch. There I see
   ...
Patch20:        jss-ECC-Phase2KeyArchivalRecovery.patch  ----------------------
Patch21:        jss-undo-JCA-deprecations.patch
Patch22:        jss-undo-BadPaddingException-deprecation.patch
Patch23:        jss-fixed-build-issue-on-F17-or-newer.patch
Patch24:        jss-SHA-OID-fix.patch
Patch25:        jss-RC4-strengh-verify.patch
Patch26:        jss-support-TLS1_1-TLS1_2.patch ------------------------------
  ...
I see the same on tjss.soec from rhel-7.3. That's why I filed this bug. 

If you wish we can get rid on this bug and instead attach this to Bug 1308019 as the first patch to be applied. The other patch needs to be updated as you already pointed out in an emali. We could also merge this and the other together as either method works. 

What do you prefer?
Flags: needinfo?(cfu)
Summary: Provide Tomcat support for TLS v1.1 and TLS v1.2 via NSS through JSS → RFE] ECC encryption keys cannot be archived
Comment on attachment 8843369 [details] [diff] [review]
patch to allow ECC keys to be archived

Oops, wrong patch description caused confusion, sorry about that.
Attachment #8843369 - Attachment description: TLSv1.1 support to be used by Tomcat JSS → patch to allow ECC keys to be archived
Flags: needinfo?(cfu)
Attachment #8843369 - Flags: review- → review?(cfu)
Comment on attachment 8843369 [details] [diff] [review]
patch to allow ECC keys to be archived

Review of attachment 8843369 [details] [diff] [review]:
-----------------------------------------------------------------

Glad we sorted that out!!

This patch seems to match my original Fedora JSS downstream patch jss-ECC-Phase2KeyArchivalRecovery.patch which allows ECC keys to be archived.
Attachment #8843369 - Flags: review?(cfu) → review+
original downstream bug is https://bugzilla.redhat.com/show_bug.cgi?id=804840 which requires Read Hat access.
Pushed: https://hg.mozilla.org/projects/jss/rev/c06710ee98541cb08b678097c3ee414263b3c3f0
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Historical Note:
# RHBZ 804840 - [RFE] ECC encryption keys cannot be archived
# ECC phase2 work - support for ECC encryption key archival and recovery
# https://bugzilla.redhat.com/show_bug.cgi?id=804840
# author: cfu@redhat.com
# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1344292
#Patch20:        jss-ECC-Phase2KeyArchivalRecovery.patch
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Pushed: https://hg.mozilla.org/projects/jss/rev/ea41ec8844a128c30da0fa5aee355e2351fcf140
This adds two files I missed in the previous push to git.
Status: REOPENED → RESOLVED
Closed: 7 years ago7 years ago
Resolution: --- → FIXED
Summary: RFE] ECC encryption keys cannot be archived → [RFE] ECC encryption keys cannot be archived
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: