← Back to team overview

openjdk team mailing list archive

[Bug 556549] Re: PCKS11 security provider not working

 

** Changed in: openjdk
   Importance: Unknown => Medium

-- 
You received this bug notification because you are a member of OpenJDK,
which is subscribed to openjdk-6 in ubuntu.
https://bugs.launchpad.net/bugs/556549

Title:
  PCKS11 security provider not working

Status in OpenJDK:
  In Progress
Status in “openjdk-6” package in Ubuntu:
  Fix Released

Bug description:
  should work when configured with --enable-nss, however the tests never
  did succeed:

  FAILED: com/sun/crypto/provider/KeyFactory/TestProviderLeak.java
  FAILED: java/security/KeyPairGenerator/Failover.java
  FAILED: sun/security/pkcs11/ec/ReadCertificates.java
  FAILED: sun/security/pkcs11/ec/ReadPKCS12.java
  FAILED: sun/security/pkcs11/ec/TestCurves.java
  FAILED: sun/security/pkcs11/ec/TestECDH.java
  FAILED: sun/security/pkcs11/ec/TestECDSA.java
  FAILED: sun/security/pkcs11/ec/TestECGenSpec.java
  FAILED: sun/security/pkcs11/ec/TestKeyFactory.java
  FAILED: sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java
  FAILED: sun/security/pkcs11/tls/TestPRF.java
  FAILED: sun/security/ssl/javax/net/ssl/NewAPIs/SSLEngine/TestAllSuites.java
  FAILED: sun/security/ssl/sanity/ciphersuites/CheckCipherSuites.java
  FAILED: sun/security/ssl/sanity/interop/ClientJSSEServerJSSE.java

  just turning off security.provider.9 in java.security lets the sun/security/ssl/ succeed.
  however there might be pkcs11 certificates in the cacerts file, which could cause upgrade errors when the pkcs11 support is removed/disabled.





References