x:
This fix basically modifies P11SecretKeyFactory.getKeyType method to accept
"ChaCha20-Poly1305" as alias for "ChaCha20".
Testing:
I ran jdk_security tests locally and they passed. Also failure in ssl-tests
gets fixed.
[1]
https://urldefense.com/v3/__https://gith
st slash, if any).
>
> Fix:
> This fix basically modifies P11SecretKeyFactory.getKeyType method to accept
> "ChaCha20-Poly1305" as alias for "ChaCha20".
>
> Testing:
> I ran jdk_security tests locally and they passed
On Thu, 23 Jun 2022 16:47:18 GMT, Valerie Peng wrote:
>> zzambers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> TestKeyMaterialChaCha20.java: Added bug number
>
> src/jdk.crypto.cryptoki/sha
st slash, if any).
>
> Fix:
> This fix basically modifies P11SecretKeyFactory.getKeyType method to accept
> "ChaCha20-Poly1305" as alias for "ChaCha20".
>
> Testing:
> I ran jdk_security tests locally and they passed
On Thu, 23 Jun 2022 22:07:42 GMT, zzambers wrote:
>> TLS `*_CHACHA20_POLY1305_*` cipher suites are currently broken when
>> configuration with SunPKCS11 provider is used. I discovered this by my
>> ssl-tests testsuite [1].
>>
>>
>> make TEST_PKCS11_F
st slash, if any).
>
> Fix:
> This fix basically modifies P11SecretKeyFactory.getKeyType method to accept
> "ChaCha20-Poly1305" as alias for "ChaCha20".
>
> Testing:
> I ran jdk_security tests locally and they passed
On Thu, 23 Jun 2022 22:07:42 GMT, zzambers wrote:
>> TLS `*_CHACHA20_POLY1305_*` cipher suites are currently broken when
>> configuration with SunPKCS11 provider is used. I discovered this by my
>> ssl-tests testsuite [1].
>>
>>
>> make TEST_PKCS11_F
SunPkcs11 provider throws out of bounds exception during encryption when
specific conditions are met.
Exception:
Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: Array
index out of range: 32
at java.base/java.util.Arrays.rangeCheck(Arrays.java:725)
at java.ba
EncryptUpdate to free up padBuffer so that
> padBuffer can than be used to add whole new padding block.
>
> [1]
> https://github.com/openjdk/jdk/blob/d4eeeb82cb2288973a6a247c54513f7e1c6b58f0/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java#L622
zzamber
On Tue, 28 Jun 2022 12:57:21 GMT, zzambers wrote:
> SunPkcs11 provider throws out of bounds exception during encryption when
> specific conditions are met.
>
> Exception:
>
> Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: Array
> in
st slash, if any).
>
> Fix:
> This fix basically modifies P11SecretKeyFactory.getKeyType method to accept
> "ChaCha20-Poly1305" as alias for "ChaCha20".
>
> Testing:
> I ran jdk_security tests locally and they passed. Also failur
On Mon, 27 Jun 2022 13:18:44 GMT, zzambers wrote:
>> TLS `*_CHACHA20_POLY1305_*` cipher suites are currently broken when
>> configuration with SunPKCS11 provider is used. I discovered this by my
>> ssl-tests testsuite [1].
>>
>>
>> make TEST_PKCS11_F
On Thu, 23 Jun 2022 23:01:36 GMT, Valerie Peng wrote:
>> I have addressed both remarks.
>> jdk_security tests passed for me locally with this change.
>> Thanks
>
>> I have addressed both remarks. jdk_security tests passed for me locally with
>> this change. Thanks
>
> I will submit a test job o
On Tue, 7 Jun 2022 22:07:17 GMT, zzambers wrote:
> TLS `*_CHACHA20_POLY1305_*` cipher suites are currently broken when
> configuration with SunPKCS11 provider is used. I discovered this by my
> ssl-tests testsuite [1].
>
>
> make TEST_PKCS11_FIPS=1
> SSLTESTS_SSL_
EncryptUpdate to free up padBuffer so that
> padBuffer can than be used to add whole new padding block.
>
> [1]
> https://github.com/openjdk/jdk/blob/d4eeeb82cb2288973a6a247c54513f7e1c6b58f0/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java#L622
On Tue, 28 Jun 2022 13:20:53 GMT, zzambers wrote:
>> SunPkcs11 provider throws out of bounds exception during encryption when
>> specific conditions are met.
>>
>> Exception:
>>
>> Exception in thread "main" java.lang.ArrayIndexOutOfBoundsExceptio
On Wed, 6 Jul 2022 00:07:50 GMT, Valerie Peng wrote:
>> I have fixed all the issues, jdk_security tests passed for me (with these
>> changes). Thanks
>
>> I have fixed all the issues, jdk_security tests passed for me (with these
>> changes). Thanks
>
> Looks good, I will approve after the test
On Tue, 28 Jun 2022 12:57:21 GMT, zzambers wrote:
> SunPkcs11 provider throws out of bounds exception during encryption when
> specific conditions are met.
>
> Exception:
>
> Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: Array
> in
There is a race condition in JDK's SessionManager, which can lead to random
exceptions.
**Exception:**
javax.net.ssl.SSLException: Internal error: close session with active objects
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133)
at
java.base/sun.security.s
On Tue, 6 Sep 2022 21:02:50 GMT, Valerie Peng wrote:
>> There is a race condition in JDK's SessionManager, which can lead to random
>> exceptions.
>>
>> **Exception:**
>>
>> javax.net.ssl.SSLException: Internal error: close session with active objects
>> at java.base/sun.security.ssl.Aler
On Tue, 6 Sep 2022 20:25:13 GMT, Valerie Peng wrote:
>> There is a race condition in JDK's SessionManager, which can lead to random
>> exceptions.
>>
>> **Exception:**
>>
>> javax.net.ssl.SSLException: Internal error: close session with active objects
>> at java.base/sun.security.ssl.Aler
[2]
> https://github.com/openjdk/jdk/blob/9444a081cc9873caa7b5c6a78df0d1aecda6e4f1/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Session.java#L93
> [3]
> https://github.com/openjdk/jdk/blob/9444a081cc9873caa7b5c6a78df0d1aecda6e4f1/src/jdk.crypto.cryptoki/share/classes/sun/secur
On Thu, 1 Sep 2022 17:28:40 GMT, zzambers wrote:
> There is a race condition in JDK's SessionManager, which can lead to random
> exceptions.
>
> **Exception:**
>
> javax.net.ssl.SSLException: Internal error: close session with active objec
During testing I have found messages such as this are printed to stdout:
sun.security.pkcs11.P11PSSSignature@6e1567f1: Calling C_SignUpdate
**Problem:**
Problem is in P11PSSSignature.engineUpdate method [1], which unconditionally
prints some debug information to stdout. Other prints in that cla
On Wed, 14 Sep 2022 18:41:42 GMT, Valerie Peng wrote:
>> During testing I have found messages such as this are printed to stdout:
>>
>> sun.security.pkcs11.P11PSSSignature@6e1567f1: Calling C_SignUpdate
>>
>>
>> **Problem:**
>> Problem is in P11PSSSignature.engineUpdate method [1], which uncon
On Wed, 14 Sep 2022 17:03:41 GMT, zzambers wrote:
> During testing I have found messages such as this are printed to stdout:
>
> sun.security.pkcs11.P11PSSSignature@6e1567f1: Calling C_SignUpdate
>
>
> **Problem:**
> Problem is in P11PSSSignature.engineUpdate method [1],
26 matches
Mail list logo
