stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
48ce9464b0
jdk-24/jdk/test/sun/security/pkcs11
History
Xue-Lei Andrew Fan 520ada1ca7 8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property 
Reviewed-by: mullan, weijun
2014-01-13 21:12:58 -08:00
..
Cipher 8001284: Buffer problems with SunPKCS11-Solaris and CKM_AES_CTR 2013-05-07 14:13:53 -07:00
ec 8027218: TEST_BUG: sun/security/pkcs11/ec tests fail because of ever-changing key size restrictions 2013-12-04 10:59:17 -08:00
fips 8011680: Re-integrate AEAD implementation of JSSE 2013-04-11 18:57:14 -07:00
KeyAgreement 7146728: Inconsistent length for the generated secret using DH key agreement impl from SunJCE and PKCS11 2012-03-20 15:06:13 -07:00
KeyGenerator 6962318: Update copyright year 2010-12-28 15:53:50 -08:00
KeyPairGenerator 7196382: PKCS11 provider should support 2048-bit DH 2013-10-08 11:07:31 -07:00
KeyStore 8029369: Shell tests in sun/security/pkcs11/ do not compile PKCS11Test 2013-12-02 14:19:25 +00:00
Mac 6943119: Rebrand source copyright notices 2010-05-25 15:58:33 -07:00
MessageDigest 4963723: Implement SHA-224 2012-05-08 17:57:48 -07:00
nss 6880559: Enable PKCS11 64-bit windows builds 2012-07-16 22:38:49 +01:00
Provider 8029904: Remove com.sun.security.auth.callback.DialogCallbackHandler 2013-12-16 15:05:26 +00:00
rsa 7198416: CertificateIssuerName and CertificateSubjectName are redundant 2012-11-08 12:51:25 -05:00
Secmod 7197491: update copyright year to match last edit in jdk8 jdk repository 2012-11-02 15:50:11 +00:00
SecureRandom 6943119: Rebrand source copyright notices 2010-05-25 15:58:33 -07:00
Serialize 6943119: Rebrand source copyright notices 2010-05-25 15:58:33 -07:00
Signature 8029158: sun/security/pkcs11/Signature/TestDSAKeyLength.java does not compile (or run) 2013-12-03 17:23:58 -08:00
sslecc 8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property 2014-01-13 21:12:58 -08:00
tls 8014618: Need to strip leading zeros in TlsPremasterSecret of DHKeyAgreement 2013-05-30 22:02:43 -07:00
PKCS11Test.java 8027218: TEST_BUG: sun/security/pkcs11/ec tests fail because of ever-changing key size restrictions 2013-12-04 10:59:17 -08:00
README 8020424: The NSS version should be detected before running crypto tests 2013-07-29 13:43:24 -07:00
SampleTest.java 6943119: Rebrand source copyright notices 2010-05-25 15:58:33 -07:00
SecmodTest.java 8012971: PKCS11Test hiding exception failures 2013-07-19 11:34:33 -07:00

README 

This README is to keep a list facts and known workaround for the pkcs11 java tests
perform as a result of bugs or features in NSS or other pkcs11 libraries.

- NSS ECC None/Basic/Extended
The tests detect the NSS library support for Elliptic Curves as to not
report incorrect failures.  PKCS11 reports back CKR_DOMAIN_PARAMS_INVALID
when the curve is not supported.

- Default libsoftokn3.so
By default PKCS11Test.java will look for libsoftokn3.so.  There are a number of
tests, particularly in Secmod, that need libnss3.so.  The method useNSS() in
PKCS11test.java is to change the search and version checking to libnss3.

ECC Basic supports is secp256r1, secp384r1, and secp521r1.

- A bug in NSS 3.12 (Mozilla bug 471665) causes AES key lengths to be
read incorrectly. KeyStore/SecretKeysBasic.java tiggers this bug and
knows to avoid it.

- A number of EC tests fail because of a DER bug in NSS 3.11.  The best guess
is Mozilla bug 480280.  Those tests that abort execution with a PASS result
are:  TestECDH2, TestECDSA, TestECDSA2 and TestECGenSpec.