[9] RFR 8056026 Debug security logging should print Provider used for each crypto operation

Sean Mullan sean.mullan at oracle.com
Mon Sep 15 15:12:57 UTC 2014 

Can you also add similar log messages for MessageDigest, SecureRandom, 
and KeyStore?

Otherwise looks good. Please add a noreg label. Also the fix is helpful 
to any platform and not just solaris/sparc so you should change those 
fields to be generic.

--Sean

On 09/12/2014 11:11 AM, Vincent Ryan wrote:
>
> Please review this change to display the JCE provider that has been
> selected for common crypto operations.
> This aids troubleshooting crypto applications when a given crypto
> algorithm is supported by several JCE providers.
> Some crypto operations delay selecting a provider until they examine the
> key supplied in the init() method.
> This fix also accommodates that behaviour.
>
> The following crypto operations are supported: Cipher, KeyAgreement,
> KeyGenerator, KeyPairGenerator, Mac and Signature.
> To see these new messages, activate JCE provider debugging as normal.
> For example,
>
> % java -Djava.security.debug=provider MySSLClientApp
>   :
> Provider: Signature.SHA256withRSA verification from: SunRsaSign
> Provider: Signature.SHA256withRSA verification from: SunRsaSign
> Provider: Signature.SHA256withRSA verification from: SunRsaSign
> Provider: Signature.SHA1withDSA verification from: SunPKCS11-Solaris
> Provider: Signature.SHA1withDSA verification from: SunPKCS11-Solaris
> Provider: Signature.MD5withRSA verification from: SunPKCS11-Solaris
> Provider: Signature.MD5withRSA verification from: SunPKCS11-Solaris
> Provider: Signature.SHA256withRSA verification from: SunRsaSign
> Provider: Signature.SHA256withRSA verification from: SunRsaSign
> Provider: KeyPairGenerator.EC from: SunPKCS11-Solaris
> Provider: Signature.SHA256withRSA verification from: SunRsaSign
> Provider: Signature.SHA256withRSA verification from: SunRsaSign
> Provider: Cipher.AES/GCM/NoPadding encryption from: SunJCE
> Provider: KeyGenerator.SunTls12RsaPremasterSecret from: SunJCE
> Provider: Cipher.RSA/ECB/PKCS1Padding key wrapping from: SunPKCS11-Solaris
> Provider: KeyGenerator.SunTls12MasterSecret from: SunJCE
> Provider: KeyGenerator.SunTls12KeyMaterial from: SunJCE
> Provider: Signature.SHA512withRSA signing from: SunPKCS11-Solaris
> Provider: KeyGenerator.SunTls12Prf from: SunJCE
> Provider: Cipher.AES/GCM/NoPadding encryption from: SunJCE
> Provider: Cipher.AES/GCM/NoPadding decryption from: SunJCE
> Provider: KeyGenerator.SunTls12Prf from: SunJCE
> Provider: Cipher.AES/GCM/NoPadding encryption from: SunJCE
> Provider: Cipher.AES/GCM/NoPadding encryption from: SunJCE
> Provider: Cipher.AES/GCM/NoPadding decryption from: SunJCE
> Provider: KeyGenerator.SunTls12KeyMaterial from: SunJCE
> Provider: Cipher.AES/GCM/NoPadding decryption from: SunJCE
> Provider: Cipher.AES/GCM/NoPadding decryption from: SunJCE
> Provider: KeyGenerator.SunTls12Prf from: SunJCE
> Provider: KeyGenerator.SunTls12Prf from: SunJCE
> Provider: Cipher.AES/GCM/NoPadding encryption from: SunJCE
> Provider: Cipher.AES/GCM/NoPadding encryption from: SunJCE
> Provider: Cipher.AES/GCM/NoPadding decryption from: SunJCE
> Provider: Cipher.AES/GCM/NoPadding decryption from: SunJCE
> Provider: Cipher.AES/GCM/NoPadding decryption from: SunJCE
> Provider: Cipher.AES/GCM/NoPadding encryption from: SunJCE
>   :
>
>
> Thanks.
>
> Bug: https://bugs.openjdk.java.net/browse/JDK-8056026
> Webrev: http://cr.openjdk.java.net/~vinnie/8056026/webrev.00/

More information about the security-dev mailing list