RFR: 8129560- CKR_ARGUMENTS_BAD - private exponent needs to comply with FIPS 186-4

[Sean Mullan]

On 12/20/2015 11:42 PM, Bhanu Gopularam wrote:
> Hi Sean,
>
> The present fix solves the test issue which is happening in newer Solaris version viz., 11.3/12 which has FIPS guidelines as a prerequisite.
> With your permission I shall leave the JDK-8074580 (test stabilization issue) in current state, and would like to continue with fix for public exponent issue as reported in JDK-8129560.
> Please let me know.

Sure, that is fine.

--Sean

>
> Thank you,
> Bhanu
>
> -----Original Message-----
> From: Anthony Scarpino
> Sent: Saturday, December 19, 2015 3:34 AM
> To: Sean Mullan
> Cc: Bhanu Gopularam; security-dev at openjdk.java.net
> Subject: Re: RFR: 8129560- CKR_ARGUMENTS_BAD - private exponent needs to comply with FIPS 186-4
>
> The problems are different. The PKCS11 error means everything in this case.
>
> Tony
>
>> On Dec 18, 2015, at 12:20 PM, Sean Mullan <sean.mullan at oracle.com> wrote:
>>
>> The fix looks good, although this test is already on the ProblemList due to JDK-8074580. Do you know if that bug is caused by the same issue? The underlying PKCS11 error is different (maybe due to a different Solaris version?), but it looks like an identical stack trace. It would be good to also remove it from the ProblemList and close the other bug if it is a duplicate issue.
>>
>> --Sean
>>
>>> On 12/18/2015 12:41 AM, Bhanu Gopularam wrote:
>>> Hi all,
>>>
>>> Please review a fix for following bug:
>>>
>>> Bug Id - https://bugs.openjdk.java.net/browse/JDK-8129560
>>>
>>> Issue – Test sun/security/pkcs11/rsa/TestKeyPairGenerator.java is
>>> failing because RSAKeyGenParameterSpec
>>>
>>> public exponent is not accordance with FIPS 186-4 guidance
>>>
>>> Solution – Used proper value for exponent based on reference from
>>> FIPS 186-4, section B-2.
>>>
>>> webrev - http://cr.openjdk.java.net/~ntv/bhanu/8129560/webrev.00/
>>>
>>> Thanks,
>>>
>>> Bhanu
>>>