RFR: 8209398: sun/security/pkcs11/KeyStore/SecretKeysBasic.sh failed with "PKCS11Exception: CKR_ATTRIBUTE_SENSITIVE"
Valerie Peng
valeriep at openjdk.java.net
Wed Dec 22 19:13:12 UTC 2021
On Wed, 22 Dec 2021 00:46:32 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> Since the return error code is PKCS11 CKR_ATTRIBUTE_SENSITIVE, does it make sense to assign `sensitive = true` right at the beginning? I'm not a PKCS11 expert and not sure if this has any negative effect on
>
> https://github.com/openjdk/jdk/blob/ea8d3c92c69c393cdbc6c62398f1e9c6adc708d3/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java#L1394
> (where the `sensitive` flag is used).
I debated about it, my current thought is to reflect the same value returned by underlying PKCS11 library. Otherwise, it may look confusing to users - why C returns false but Java shows it to be true. This consistency comes with a cost of extra maintenance/code to check and special handle vendor-specific behavior like this NSS token key, i.e. queried to be non-sensitive and extractable , but yet errors out if trying to retrieve the key values.
-------------
PR: https://git.openjdk.java.net/jdk/pull/6837
More information about the security-dev
mailing list