RFR 8221271: sun/security/pkcs11/tls/tls12/TestTLS12.java test failed

Martin Balao mbalao at redhat.com
Fri Apr 19 16:42:36 UTC 2019


Hi Xuelei,

Thanks for your review.

Can we remove this test from the "test/jdk/ProblemList.txt" blacklist?

Webrev.01 does so:

 * http://cr.openjdk.java.net/~mbalao/webrevs/8221271/8221271.webrev.01/

I've tested this on jdk-submit and all tests pass.

Thanks,
Martin.-



On 4/18/19 7:42 PM, Xuelei Fan wrote:
> Hi Martin,
> 
> Good catch of the bug!  Looks fine to me.
> 
> Thanks,
> Xuelei
> 
> On 4/18/2019 10:13 AM, Martin Balao wrote:
>> Hi Xuelei,
>>
>> Can I have a review for 8221271 [1]?
>>
>> Webrev.00:
>>
>>   * http://cr.openjdk.java.net/~mbalao/webrevs/8221271/8221271.webrev.00/
>>
>> I'm proposing the following changes:
>>
>>   * RSACipher.java
>>    * Minor bug that is triggered only when "key" is not a RSAPublicKey or
>> a RSAPrivateKey (i.e.: it can be a PKCS8Key). The whole point of having
>> "rsaKey" variable is converting the key.
>>     * TestTLS12 triggered this bug in my Windows setup
>>
>>   * TestTLS12.java
>>    * jdk.tls.useExtendedMasterSecret is read by SSLConfiguration only in
>> initialization time and has to be false because the mechanism is
>> currently not supported by SunPKCS11 crypto provider. Setting it in run
>> time may have no effect (depending on when SSLConfiguration is
>> initialized). That's why the test was failing on some environments.
>>    * Keys must be of PrivateKey and PublicKey types. Depending on the JKS
>> keystore implementation, their subtype might be RSAPrivateKey,
>> RSAPublicKey, PKCS8Key or a different one.
>>
>> Thanks,
>> Martin.-
>>
>> -- 
>> [1] - https://bugs.openjdk.java.net/browse/JDK-8221271
>>




More information about the security-dev mailing list