Zdenek Zambersky
|
3e60e82814
|
8289301: P11Cipher should not throw out of bounds exception during padding
Reviewed-by: valeriep
|
2022-07-07 18:18:04 +00:00 |
|
Zdenek Zambersky
|
b6bd190d8d
|
8288985: P11TlsKeyMaterialGenerator should work with ChaCha20-Poly1305
Reviewed-by: valeriep
|
2022-06-29 17:20:03 +00:00 |
|
Hai-May Chao
|
ca78f7bd76
|
8286259: Password cleanup after KeyStore.PasswordProtection in P11KeyStore
Reviewed-by: valeriep
|
2022-06-27 23:15:13 +00:00 |
|
Alexey Ivanov
|
e0d361cea9
|
8284191: Replace usages of 'a the' in hotspot and java.base
Reviewed-by: lancea, wetmore, naoto, iris, kevinw, xuelei
|
2022-05-24 11:25:13 +00:00 |
|
Magnus Ihse Bursie
|
f631c9884f
|
8285380: Fix typos in security
Reviewed-by: weijun, wetmore
|
2022-05-13 15:04:12 +00:00 |
|
Xue-Lei Andrew Fan
|
0f81d8fcc3
|
8284933: Improve debug in jdk.crypto.cryptoki
Reviewed-by: valeriep
|
2022-04-20 04:36:12 +00:00 |
|
Xue-Lei Andrew Fan
|
60446746d4
|
8284855: Update needed to Cleaners added to jdk.crypto.cryptoki
Reviewed-by: valeriep
|
2022-04-19 21:53:08 +00:00 |
|
Sean Mullan
|
dc6ec2a467
|
8284105: Update security libraries to use sealed classes
Reviewed-by: darcy, weijun, xuelei
|
2022-04-11 18:01:47 +00:00 |
|
Xue-Lei Andrew Fan
|
77388eaf25
|
8284368: Remove finalizer method in jdk.crypto.cryptoki
Reviewed-by: valeriep
|
2022-04-06 17:07:35 +00:00 |
|
Christoph Langer
|
cdef087aae
|
8283727: P11KeyGenerator has import statement with two semicolons after JDK-8267319
Reviewed-by: mullan
|
2022-03-28 09:49:05 +00:00 |
|
Valerie Peng
|
313bc7f64f
|
8267319: Use larger default key sizes and algorithms based on CNSA
Reviewed-by: weijun, xuelei
|
2022-03-24 22:50:26 +00:00 |
|
Valerie Peng
|
d7f31d0d53
|
8282077: PKCS11 provider C_sign() impl should handle CKR_BUFFER_TOO_SMALL error
Reviewed-by: mikael
|
2022-02-19 06:40:30 +00:00 |
|
Valerie Peng
|
d64820dfef
|
8209398: sun/security/pkcs11/KeyStore/SecretKeysBasic.sh failed with "PKCS11Exception: CKR_ATTRIBUTE_SENSITIVE"
Reviewed-by: hchao, weijun
|
2021-12-22 19:50:51 +00:00 |
|
Valerie Peng
|
83e6a4c0e9
|
8255409: Support the new C_GetInterfaceList, C_GetInterface, and C_SessionCancel APIs in PKCS#11 v3.0
Reviewed-by: ascarpino, weijun
|
2021-12-08 23:04:15 +00:00 |
|
Brent Christian
|
ec7cb6d5d3
|
8276447: Deprecate finalization-related methods for removal
Reviewed-by: rriggs, alanb, lancea, darcy, mchung, serb, smarks, prr
|
2021-12-08 00:23:15 +00:00 |
|
Martin Balao
|
ea8d3c92c6
|
8271566: DSA signature length value is not accurate in P11Signature
Reviewed-by: valeriep
|
2021-12-06 20:31:55 +00:00 |
|
Valerie Peng
|
669c90e23b
|
8278099: two sun/security/pkcs11/Signature tests failed with AssertionError
Reviewed-by: dcubed
|
2021-12-02 19:28:42 +00:00 |
|
Magnus Ihse Bursie
|
c393ee8f59
|
8276632: Use blessed modifier order in security-libs code
Reviewed-by: mullan
|
2021-11-05 14:09:58 +00:00 |
|
Valerie Peng
|
e63c1486dc
|
8264849: Add KW and KWP support to PKCS11 provider
Reviewed-by: ascarpino
|
2021-10-19 20:50:56 +00:00 |
|
Joe Darcy
|
7326481143
|
8274393: Suppress more warnings on non-serializable non-transient instance fields in security libs
Reviewed-by: weijun
|
2021-09-30 17:39:05 +00:00 |
|
Sean Coffey
|
0d745ae8fd
|
8269034: AccessControlException for SunPKCS11 daemon threads
Reviewed-by: valeriep
|
2021-06-29 22:52:45 +00:00 |
|
Valerie Peng
|
80dc262e81
|
8265500: Some impls of javax.crypto.Cipher.init() do not throw UnsupportedOperationExc for unsupported modes
Reviewed-by: xuelei
|
2021-06-17 23:27:54 +00:00 |
|
Sean Coffey
|
bdeaeb47d0
|
8240256: Better resource cleaning for SunPKCS11 Provider
Reviewed-by: valeriep
|
2021-06-03 06:45:06 +00:00 |
|
Weijun Wang
|
508cec7535
|
8267521: Post JEP 411 refactoring: maximum covering > 50K
Reviewed-by: dfuchs, prr
|
2021-06-02 15:48:50 +00:00 |
|
Weijun Wang
|
40d23a0c0b
|
8267543: Post JEP 411 refactoring: security
Reviewed-by: mullan
|
2021-06-02 15:47:57 +00:00 |
|
Weijun Wang
|
6765f90250
|
8266459: Implement JEP 411: Deprecate the Security Manager for Removal
Co-authored-by: Sean Mullan <mullan@openjdk.org>
Co-authored-by: Lance Andersen <lancea@openjdk.org>
Co-authored-by: Weijun Wang <weijun@openjdk.org>
Reviewed-by: erikj, darcy, chegar, naoto, joehw, alanb, mchung, kcr, prr, lancea
|
2021-06-02 11:57:31 +00:00 |
|
Martin Balao
|
bdbe23b9cb
|
8265462: Handle multiple slots in the NSS Internal Module from SunPKCS11's Secmod
Reviewed-by: valeriep
|
2021-05-18 22:34:27 +00:00 |
|
Valerie Peng
|
7ab6dc83df
|
6676643: Improve current C_GetAttributeValue native implementation
Reviewed-by: xuelei
|
2021-05-14 23:04:37 +00:00 |
|
Valerie Peng
|
5d8c1cc8a0
|
8255410: Add ChaCha20 and Poly1305 support to SunPKCS11 provider
Reviewed-by: jnimeh
|
2021-04-29 21:02:41 +00:00 |
|
Weijun Wang
|
f834557ae0
|
8258915: Temporary buffer cleanup
Reviewed-by: valeriep
|
2021-04-22 18:11:43 +00:00 |
|
Alex Blewitt
|
ebbce91e79
|
8264681: Use the blessed modifier order in java.security
Reviewed-by: mullan, shade
|
2021-04-14 06:01:00 +00:00 |
|
Martin Balao
|
1ee80e03ad
|
8261355: No data buffering in SunPKCS11 Cipher encryption when the underlying mechanism has no padding
Reviewed-by: valeriep
|
2021-04-12 20:58:08 +00:00 |
|
Ziyi Luo
|
a5d7de2351
|
8263404: RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec
Co-authored-by: Greg Rubin <rubin@amazon.com>
Reviewed-by: valeriep
|
2021-03-29 20:14:47 +00:00 |
|
Ziyi Luo
|
a777e82cd8
|
8254717: isAssignableFrom checks in KeyFactorySpi.engineGetKeySpec appear to be backwards
Reviewed-by: jnimeh
|
2021-03-04 15:17:53 +00:00 |
|
Martin Balao
|
47c7dc7734
|
8258833: Cancel multi-part cipher operations in SunPKCS11 after failures
Reviewed-by: valeriep
|
2021-01-25 18:01:59 +00:00 |
|
Valerie Peng
|
68cf65d284
|
8023980: JCE doesn't provide any class to handle RSA private key in PKCS#1
Reviewed-by: weijun
|
2021-01-18 02:26:17 +00:00 |
|
Martin Balao
|
4be2173478
|
8259319: Illegal package access when SunPKCS11 requires SunJCE's classes
Reviewed-by: valeriep, mullan
|
2021-01-12 23:44:19 +00:00 |
|
Valerie Peng
|
78c9fb92aa
|
8258851: Mismatch in SunPKCS11 provider registration properties and actual implementation
Reviewed-by: weijun
|
2020-12-23 22:36:45 +00:00 |
|
Valerie Peng
|
cd94606c0c
|
8258186: Replace use of JNI_COMMIT mode with mode 0
Reviewed-by: xuelei, alanb
|
2020-12-23 20:47:54 +00:00 |
|
Valerie Peng
|
78be334c38
|
8242332: Add SHA3 support to SunPKCS11 provider
Reviewed-by: xuelei
|
2020-12-05 23:47:35 +00:00 |
|
Anthony Scarpino
|
55f5542ca2
|
8026976: ECParameters, Point does not match field size
Reviewed-by: xuelei
|
2020-12-03 18:05:53 +00:00 |
|
Valerie Peng
|
7d8985243d
|
8244154: Update SunPKCS11 provider with PKCS11 v3.0 header files
Reviewed-by: weijun
|
2020-12-01 00:49:39 +00:00 |
|
Zdenek Zambersky
|
1cc09ccaef
|
8251117: Cannot check P11Key size in P11Cipher and P11AEADCipher
Reviewed-by: valeriep
|
2020-08-04 17:19:21 -03:00 |
|
Weijun Wang
|
507816d550
|
8244565: Accept PKCS #8 with version number 1
Reviewed-by: valeriep
|
2020-06-05 07:53:50 +08:00 |
|
Mikael Vidstedt
|
071bd521bc
|
8244224: Implementation of JEP 381: Remove the Solaris and SPARC Ports
Reviewed-by: alanb, bchristi, dcubed, dfuchs, eosterlund, erikj, glaubitz, ihse, iignatyev, jjiang, kbarrett, ksrini, kvn, naoto, prr, rriggs, serb, sspitsyn, stefank, tschatzl, valeriep, weijun, weijun
|
2020-05-20 17:33:37 -07:00 |
|
Valerie Peng
|
080b3b83eb
|
8242151: Improve OID mapping and reuse among JDK security providers for aliases registration
Use sun.security.util.KnownOIDs enum instead of hardcoding oid strings everywhere
Reviewed-by: weijun
|
2020-05-19 04:05:03 +00:00 |
|
Erik Joelsson
|
4df99aa7ae
|
8226346: Build better binary builders
Reviewed-by: tbell
|
2019-12-13 08:27:51 -08:00 |
|
Ivan Gerasimov
|
3790e58090
|
8241761: Typos: empty lines in javadoc, inconsistent indents, etc. (security-libs only)
Reviewed-by: weijun
|
2020-04-01 18:38:05 -07:00 |
|
Martin Balao
|
84f3e86749
|
8238555: Allow Initialization of SunPKCS11 with NSS when there are external FIPS modules in the NSSDB
Reviewed-by: mullan, valeriep
|
2020-02-05 12:20:36 -03:00 |
|
Matthias Baesken
|
3f140fafab
|
8239457: call ReleaseStringUTFChars before early returns in Java_sun_security_pkcs11_wrapper_PKCS11_connect
Reviewed-by: alanb, clanger
|
2020-02-19 13:37:07 +01:00 |
|
Valerie Peng
|
8969aeb16b
|
Merge
|
2020-02-12 01:13:55 +00:00 |
|
Valerie Peng
|
fc3b42fc8e
|
8238898: Missing hash characters for header on license file
Fixed the typos and corrected the formatting
Reviewed-by: weijun
|
2020-02-12 01:11:59 +00:00 |
|
Valerie Peng
|
1f17842583
|
8236512: PKCS11 Connection closed after Cipher.doFinal and NoPadding
Removed killSession() calls in certain impl classes when cancelling operations
Reviewed-by: xuelei
|
2020-02-12 00:56:27 +00:00 |
|
Valerie Peng
|
efc96d1c07
|
8236897: Fix the copyright header for pkcs11gcm2.h
Add the "Classpath" exception to existing header
Reviewed-by: weijun
|
2020-01-10 02:52:25 +00:00 |
|
Sean Coffey
|
a0b8244416
|
8233801: GCMEmptyIv.java test fails on Solaris 11.4
Reviewed-by: valeriep
|
2019-11-21 11:31:58 +00:00 |
|
Ivan Gerasimov
|
8e859259bc
|
8233884: Avoid looking up standard charsets in security libraries
Reviewed-by: coffeys
|
2019-11-12 01:36:17 -08:00 |
|
Valerie Peng
|
f14e3a60b2
|
8232950: SUNPKCS11 Provider incorrectly check key length for PSS Signatures
Fixed to treat the queried key size values as bits instead of bytes
Reviewed-by: ascarpino, xuelei
|
2019-10-31 02:22:42 +00:00 |
|
Valerie Peng
|
381e90eb6b
|
8229243: SunPKCS11-Solaris provider tests failing on Solaris 11.4
For CK_GCM_PARAMS, try the spec definition first before falling back to the header file definition
Reviewed-by: xuelei
|
2019-10-08 00:01:20 +00:00 |
|
Matthias Baesken
|
0e264cfe36
|
8231222: fix pkcs11 P11_DEBUG guarded native traces
Reviewed-by: clanger
|
2019-09-23 17:02:08 +02:00 |
|
Valerie Peng
|
46db25e188
|
8176837: SunPKCS11 provider needs to check more details on PKCS11 Mechanism
Disable mechanisms with partial support, e.g. can decrypt but cannot encrypt
Reviewed-by: xuelei
|
2019-09-20 21:33:24 +00:00 |
|
Matthias Baesken
|
2f496251ac
|
8230861: missing ReleaseStringUTFChars in Java_sun_security_pkcs11_wrapper_PKCS11_connect
Reviewed-by: alanb, stuefe
|
2019-09-11 16:54:53 +02:00 |
|
Valerie Peng
|
6212473fc4
|
8228835: Memory leak in PKCS11 provider when using AES GCM
Updated freeCKMechanismPtr to free mechanism-specific memories
Reviewed-by: jnimeh
|
2019-08-14 01:40:29 +00:00 |
|
Valerie Peng
|
1e0c8e5b26
|
8226651: Setting the mgfHash in CK_RSA_PKCS_PSS_PARAMS has no effect
Fixed to get the MGF digest algorithm from MGF1ParameterSpec
Reviewed-by: xuelei
|
2019-06-28 19:36:32 +00:00 |
|
Aleksey Shipilev
|
8125b0c2ba
|
8225695: 32-bit build failures after JDK-8080462 (Update SunPKCS11 provider with PKCS11 v2.40 support)
Reviewed-by: alanb
|
2019-06-14 10:02:57 +02:00 |
|
Valerie Peng
|
8813b93095
|
8080462: Update SunPKCS11 provider with PKCS11 v2.40 support
Added support for GCM, PSS, and other mechanisms
Reviewed-by: jnimeh
|
2019-06-11 21:30:28 +00:00 |
|
Martin Balao
|
0d35ef38e6
|
8220513: Wrapper Key may get deleted when closing sessions in SunPKCS11 crypto provider
Do not close the session holding the Wrapper Key while in use. Delete the Wrapper Key when no longer needed.
Reviewed-by: valeriep
|
2019-04-15 15:52:38 -03:00 |
|
Valerie Peng
|
ed87f68640
|
8213008: Cipher with UNWRAP_MODE should support the generation of an AES key type
Replaced CKK_GENERIC_SECRET with alorithm-specific key type in P11RSACipher unwrap impl
Reviewed-by: ascarpino
|
2019-03-11 23:48:32 +00:00 |
|
Valerie Peng
|
67ca52873f
|
8183107: PKCS11 regression regarding checkKeySize
Changed key size check in PKCS11 provider to only enforce positive return values
Reviewed-by: jnimeh
|
2019-02-27 19:37:51 +00:00 |
|
Valerie Peng
|
9d263d4bc1
|
8216597: SIGBUS in Java_sun_security_pkcs11_wrapper_PKCS11_getNativeKeyInfo after JDK-6913047
Changed variable declaration type to byte* from long* to fix SIGBUS error
Reviewed-by: ascarpino
|
2019-02-20 19:16:45 +00:00 |
|
Sean Coffey
|
63663b64d1
|
8218553: Enhance keystore load debug output
Reviewed-by: weijun
|
2019-02-07 12:09:17 +00:00 |
|
Martin Balao
|
6cfcdde523
|
8217088: Disable JDK-6913047 fix (SunPKCS11 memory leak) after JDK-8216597 (SIGBUS error in getNativeKeyInfo)
Disable JDK-6913047 fix (SunPKCS11 memory leak) temporarily until JDK-8216597 (SIGBUS error in getNativeKeyInfo) is fixed.
Reviewed-by: mullan
|
2019-01-15 19:24:07 -03:00 |
|
Jesper Wilhelmsson
|
a8c5f1e59a
|
Merge
|
2019-01-15 22:54:09 +01:00 |
|
Martin Balao
|
dfcab1b85a
|
6913047: Long term memory leak when using PKCS11 and JCE exceeds 32 bit process address space
Extract cryptographic keys within NSS PKCS11 software tokens for memory management purposes.
Reviewed-by: valeriep
|
2018-11-29 13:36:23 -03:00 |
|
Martin Balao
|
7724fd6d9b
|
8213154: Update copyright headers of files in src tree that are missing Classpath exception
Reviewed-by: andrew
|
2018-11-08 18:10:15 -03:00 |
|
Mikael Vidstedt
|
a69f014ad7
|
8210912: Build error in src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_convert.c after JDK-8029661
Reviewed-by: mullan
|
2018-09-19 09:24:40 -07:00 |
|
Martin Balao
|
aafb2b0474
|
8029661: Support TLS v1.2 algorithm in SunPKCS11 provider
TLS v1.2 algorithms for key and MAC derivation added to SunPKCS11 crypto provider.
Reviewed-by: valeriep
|
2018-09-12 13:09:51 +02:00 |
|
Jamil Nimeh
|
b798d67da6
|
8206295: More reliable p11 transactions
Reviewed-by: valeriep, mschoene, rhalade
|
2018-08-15 09:36:32 -07:00 |
|
Anthony Scarpino
|
4e46cc1392
|
8204196: integer cleanup
Reviewed-by: xuelei
|
2018-07-20 09:55:15 -07:00 |
|
Martin Balao
|
b44c24d290
|
8195607: sun/security/pkcs11/Secmod/TestNssDbSqlite.java failed with "NSS initialization failed" on NSS 3.34.1
Reviewed-by: valeriep, weijun
|
2018-06-26 08:10:45 +08:00 |
|
Martin Balao
|
62c97f695f
|
8203182: Release session if initialization of SunPKCS11 Signature fails
Ensure session is properly released in P11Signature class
Reviewed-by: valeriep
|
2018-06-01 19:46:31 +00:00 |
|
Valerie Peng
|
9e8d9fe1ee
|
8146293: Add support for RSASSA-PSS Signature algorithm
Add RSASSA-PSS key and signature support to SunRsaSign provider
Reviewed-by: wetmore
|
2018-05-21 23:40:52 +00:00 |
|
Valerie Peng
|
171373b021
|
8197441: Signature#initSign/initVerify for an invalid private/public key fails with ClassCastException for SunPKCS11 provider
Rethrow ClassCastException with InvalidKeyException
Reviewed-by: ascarpino
|
2018-04-13 18:07:58 +00:00 |
|
Adam Petcher
|
91a1005273
|
8185292: Stricter key generation
Reviewed-by: mullan
|
2017-10-24 09:58:27 -04:00 |
|
Martin Balao
|
f1212e26c3
|
8165996: PKCS11 using NSS throws an error regarding secmod.db when NSS uses sqlite
Reviewed-by: weijun
|
2017-12-13 01:29:58 +08:00 |
|
Valerie Peng
|
b3f1165f7d
|
8181048: Refactor existing providers to refer to the same constants for default values for key length
Reviewed-by: mullan, ahgross
|
2017-07-13 20:41:59 +00:00 |
|
Weijun Wang
|
2bb3b82709
|
8148371: Remove policytool
Reviewed-by: erikj, alanb, mullan
|
2017-09-21 16:29:18 +08:00 |
|
Erik Joelsson
|
3789983e89
|
8187443: Forest Consolidation: Move files to unified layout
Reviewed-by: darcy, ihse
|
2017-09-12 19:03:39 +02:00 |
|