liangsp
/
afu8u
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
afu8u/jdk/test/sun/security/pkcs11
History
Martin Balao 6f136c53bc 8029661: Support TLS v1.2 algorithm in SunPKCS11 provider 
TLS v1.2 algorithms for key and MAC derivation added to SunPKCS11 crypto provider. 8210912 fix is included as part of this changeset.

Reviewed-by: valeriep
 		2018-10-31 17:04:47 -03:00
..
Cipher 8063700: -Xcheck:jni changes cause many JCK failures in api/javax_crypto tests in SunPKCS11 2014-11-08 09:42:45 -08:00
Config 8187023: Cannot read pkcs11 config file in UTF-16 environment 2017-10-06 21:25:40 -07:00
KeyAgreement 8185292: Stricter key generation 2017-11-04 17:23:38 -07:00
KeyGenerator 6962318: Update copyright year 2010-12-28 15:53:50 -08:00
KeyPairGenerator 8190449: sun/security/pkcs11/KeyPairGenerator/TestDH2048.java fails on Solaris x64 5.10 2017-11-07 17:30:51 +00:00
KeyStore 8039212: SecretKeyBasic.sh needs to avoid NSS libnss3 and libsoftokn3 version mismatches 2014-06-10 12:04:42 -07:00
Mac 8048603: Additional tests for MAC algorithms 2015-01-13 14:26:34 +03:00
MessageDigest 4963723: Implement SHA-224 2012-05-08 17:57:48 -07:00
Provider 8062170: java.security.ProviderException: Error parsing configuration with space 2015-01-21 13:52:27 +03:00
Secmod 8048622: Enhance tests for PKCS11 keystores with NSS 2016-05-26 01:30:40 -07:00
SecureRandom
Serialize
Signature 8029158: sun/security/pkcs11/Signature/TestDSAKeyLength.java does not compile (or run) 2013-12-03 17:23:58 -08:00
ec 8051972: sun/security/pkcs11/ec/ReadCertificates.java fails intermittently 2018-02-07 17:11:24 -08:00
fips 8029661: Support TLS v1.2 algorithm in SunPKCS11 provider 2018-10-31 17:04:47 -03:00
nss 8047085: PKCS11/NSS tests failing intermittently on Windows 2014-06-18 17:50:55 +01:00
rsa 8129560: TestKeyPairGenerator.java fails on Solaris because private exponent needs to comply with FIPS 186-4 2018-10-22 15:20:49 +00:00
sslecc 8148516: Improve the default strength of EC in JDK 2016-09-19 11:44:50 +01:00
tls 8028192: Use of PKCS11-NSS provider in FIPS mode broken 2014-05-07 01:17:11 +00:00
PKCS11Test.java 8186098: sun/security/pkcs11/KeyStore/SecretKeysBasic.sh failed due to libnss3 version cannot be parsed 2018-10-23 11:29:55 -07:00
README 8020424: The NSS version should be detected before running crypto tests 2013-07-29 13:43:24 -07:00
SampleTest.java
SecmodTest.java 8029235: Update copyright year to match last edit in jdk8 jdk repository for 2013 2013-12-26 12:04:16 -08:00

README 

This README is to keep a list facts and known workaround for the pkcs11 java tests
perform as a result of bugs or features in NSS or other pkcs11 libraries.

- NSS ECC None/Basic/Extended
The tests detect the NSS library support for Elliptic Curves as to not
report incorrect failures.  PKCS11 reports back CKR_DOMAIN_PARAMS_INVALID
when the curve is not supported.

- Default libsoftokn3.so
By default PKCS11Test.java will look for libsoftokn3.so.  There are a number of
tests, particularly in Secmod, that need libnss3.so.  The method useNSS() in
PKCS11test.java is to change the search and version checking to libnss3.

ECC Basic supports is secp256r1, secp384r1, and secp521r1.

- A bug in NSS 3.12 (Mozilla bug 471665) causes AES key lengths to be
read incorrectly. KeyStore/SecretKeysBasic.java tiggers this bug and
knows to avoid it.

- A number of EC tests fail because of a DER bug in NSS 3.11.  The best guess
is Mozilla bug 480280.  Those tests that abort execution with a PASS result
are:  TestECDH2, TestECDSA, TestECDSA2 and TestECGenSpec.