stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
efc37c5e71
jdk-24/jdk/test/sun/security/pkcs11
History
Chris Hegarty 008fee0591 8079782: RandomFactory should be in the jdk.testlibrary package 
Reviewed-by: bpb
2015-05-08 11:02:33 +01:00
..
Cipher 8078334: Mark regression tests using randomness 2015-04-29 10:25:53 -07:00
ec 8078334: Mark regression tests using randomness 2015-04-29 10:25:53 -07:00
fips 8028192: Use of PKCS11-NSS provider in FIPS mode broken 2014-04-09 12:49:51 +00:00
KeyAgreement 7146728: Inconsistent length for the generated secret using DH key agreement impl from SunJCE and PKCS11 2012-03-20 15:06:13 -07:00
KeyGenerator 8078334: Mark regression tests using randomness 2015-04-29 10:25:53 -07:00
KeyPairGenerator 7196382: PKCS11 provider should support 2048-bit DH 2013-10-08 11:07:31 -07:00
KeyStore 8043277: Update jdk regression tests to extend the default security policy instead of override 2014-10-27 13:45:39 -07:00
Mac 8078334: Mark regression tests using randomness 2015-04-29 10:25:53 -07:00
MessageDigest 8078334: Mark regression tests using randomness 2015-04-29 10:25:53 -07:00
nss 8059627: Enable PKCS11 tests on Mac 2014-10-06 16:44:57 +01:00
Provider 8062170: java.security.ProviderException: Error parsing configuration with space 2014-12-12 00:23:32 +00:00
rsa 8079782: RandomFactory should be in the jdk.testlibrary package 2015-05-08 11:02:33 +01:00
Secmod 8078334: Mark regression tests using randomness 2015-04-29 10:25:53 -07:00
SecureRandom 8078334: Mark regression tests using randomness 2015-04-29 10:25:53 -07:00
Serialize 6943119: Rebrand source copyright notices 2010-05-25 15:58:33 -07:00
Signature 8078334: Mark regression tests using randomness 2015-04-29 10:25:53 -07:00
sslecc 8078348: sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java fails with BindException 2015-04-22 14:01:01 +01:00
tls 8028192: Use of PKCS11-NSS provider in FIPS mode broken 2014-04-09 12:49:51 +00:00
PKCS11Test.java 8048603: Additional tests for MAC algorithms 2015-01-13 14:26:34 +03:00
README 8020424: The NSS version should be detected before running crypto tests 2013-07-29 13:43:24 -07:00
SampleTest.java 6943119: Rebrand source copyright notices 2010-05-25 15:58:33 -07:00
SecmodTest.java 8029235: Update copyright year to match last edit in jdk8 jdk repository for 2013 2013-12-26 12:04:16 -08:00

README 

This README is to keep a list facts and known workaround for the pkcs11 java tests
perform as a result of bugs or features in NSS or other pkcs11 libraries.

- NSS ECC None/Basic/Extended
The tests detect the NSS library support for Elliptic Curves as to not
report incorrect failures.  PKCS11 reports back CKR_DOMAIN_PARAMS_INVALID
when the curve is not supported.

- Default libsoftokn3.so
By default PKCS11Test.java will look for libsoftokn3.so.  There are a number of
tests, particularly in Secmod, that need libnss3.so.  The method useNSS() in
PKCS11test.java is to change the search and version checking to libnss3.

ECC Basic supports is secp256r1, secp384r1, and secp521r1.

- A bug in NSS 3.12 (Mozilla bug 471665) causes AES key lengths to be
read incorrectly. KeyStore/SecretKeysBasic.java tiggers this bug and
knows to avoid it.

- A number of EC tests fail because of a DER bug in NSS 3.11.  The best guess
is Mozilla bug 480280.  Those tests that abort execution with a PASS result
are:  TestECDH2, TestECDSA, TestECDSA2 and TestECGenSpec.