RFR[13] JDK-8224981, Problemlist test/jdk/sun/security/pkcs11/tls/tls12/FipsModeTLS12.java
Xuelei Fan
xuelei.fan at oracle.com
Mon Jun 3 13:10:40 UTC 2019
On 5/29/2019 12:30 PM, Martin Balao wrote:
> Hi Xuelei,
>
> Thanks for blacklisting this test.
>
> I've been trying to reproduce this failure in my local Windows
> environment without success. Thus, I'm not sure of what's going on.
>
> My hypothesis is that SSLCipher class may be initialized, for some
> reason, before the Security providers are dynamically set during the
> "initialize" function (FipsModeTLS12.java). If I had access to the
> environment where the failure reproduces, I would set security providers
> in java.security to confirm or discard.
>
I'm not sure of it. The initialize() is the first method called in
main(). I guess the providers configuration in the initialize() method
should be get respected.
Per the debug log:
Caused by: java.security.NoSuchAlgorithmException: Cannot find any
provider supporting AES/GCM/NoPadding
and
Caused by: java.security.NoSuchAlgorithmException: Unsupported mode GCM
at
jdk.crypto.cryptoki/sun.security.pkcs11.P11Cipher.engineSetMode(P11Cipher.java:214)
at
The GCM mode is not supported by the SunPKCS11 provider or any provider
configured. The SunJCE provider supports GCM mode, but it is not
configured for this test.
Hope it helps.
Xuelei
More information about the security-dev
mailing list