stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
a8d4acac11
jdk-24/jdk/test/sun/security/pkcs11
History
Vinnie Ryan b572fc9aad 8051972: sun/security/pkcs11/ec/ReadCertificates.java fails intermittently 
Reviewed-by: mullan
2014-08-05 13:59:15 +01:00
..
Cipher 8001284: Buffer problems with SunPKCS11-Solaris and CKM_AES_CTR 2013-05-07 14:13:53 -07:00
ec 8051972: sun/security/pkcs11/ec/ReadCertificates.java fails intermittently 2014-08-05 13:59:15 +01:00
fips 8028192: Use of PKCS11-NSS provider in FIPS mode broken 2014-04-09 12:49:51 +00:00
KeyAgreement 7146728: Inconsistent length for the generated secret using DH key agreement impl from SunJCE and PKCS11 2012-03-20 15:06:13 -07:00
KeyGenerator 6962318: Update copyright year 2010-12-28 15:53:50 -08:00
KeyPairGenerator 7196382: PKCS11 provider should support 2048-bit DH 2013-10-08 11:07:31 -07:00
KeyStore 8043406: Change default policy for JCE providers to run with as few privileges as possible 2014-07-10 22:44:58 +00:00
Mac 6943119: Rebrand source copyright notices 2010-05-25 15:58:33 -07:00
MessageDigest 4963723: Implement SHA-224 2012-05-08 17:57:48 -07:00
nss 8047085: PKCS11/NSS tests failing intermittently on Windows 2014-06-18 15:05:29 +01:00
Provider 8043406: Change default policy for JCE providers to run with as few privileges as possible 2014-07-10 22:44:58 +00:00
rsa 7198416: CertificateIssuerName and CertificateSubjectName are redundant 2012-11-08 12:51:25 -05:00
Secmod 7197491: update copyright year to match last edit in jdk8 jdk repository 2012-11-02 15:50:11 +00:00
SecureRandom 6943119: Rebrand source copyright notices 2010-05-25 15:58:33 -07:00
Serialize 6943119: Rebrand source copyright notices 2010-05-25 15:58:33 -07:00
Signature 8029158: sun/security/pkcs11/Signature/TestDSAKeyLength.java does not compile (or run) 2013-12-03 17:23:58 -08:00
sslecc 8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property 2014-01-13 21:12:58 -08:00
tls 8028192: Use of PKCS11-NSS provider in FIPS mode broken 2014-04-09 12:49:51 +00:00
PKCS11Test.java 8039212: SecretKeyBasic.sh needs to avoid NSS libnss3 and libsoftokn3 version mismatches 2014-06-10 12:04:42 -07:00
README 8020424: The NSS version should be detected before running crypto tests 2013-07-29 13:43:24 -07:00
SampleTest.java 6943119: Rebrand source copyright notices 2010-05-25 15:58:33 -07:00
SecmodTest.java 8029235: Update copyright year to match last edit in jdk8 jdk repository for 2013 2013-12-26 12:04:16 -08:00

README 

This README is to keep a list facts and known workaround for the pkcs11 java tests
perform as a result of bugs or features in NSS or other pkcs11 libraries.

- NSS ECC None/Basic/Extended
The tests detect the NSS library support for Elliptic Curves as to not
report incorrect failures.  PKCS11 reports back CKR_DOMAIN_PARAMS_INVALID
when the curve is not supported.

- Default libsoftokn3.so
By default PKCS11Test.java will look for libsoftokn3.so.  There are a number of
tests, particularly in Secmod, that need libnss3.so.  The method useNSS() in
PKCS11test.java is to change the search and version checking to libnss3.

ECC Basic supports is secp256r1, secp384r1, and secp521r1.

- A bug in NSS 3.12 (Mozilla bug 471665) causes AES key lengths to be
read incorrectly. KeyStore/SecretKeysBasic.java tiggers this bug and
knows to avoid it.

- A number of EC tests fail because of a DER bug in NSS 3.11.  The best guess
is Mozilla bug 480280.  Those tests that abort execution with a PASS result
are:  TestECDH2, TestECDSA, TestECDSA2 and TestECGenSpec.