RFR: 8258833: Cancel multi-part cipher operations in SunPKCS11 after failures
Martin Balao
mbalao at openjdk.java.net
Thu Jan 7 19:53:59 UTC 2021
On Tue, 5 Jan 2021 19:30:13 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> When a multi-part cipher operation fails in SunPKCS11 (i.e. because of an invalid block size), we now cancel the operation before returning the underlying Session to the Session Manager. This allows to use the returned Session for a different purpose. Otherwise, an CKR_OPERATION_ACTIVE error would be raised from the PKCS#11 library.
>>
>> The jdk/sun/security/pkcs11/Cipher/CancelMultipart.java regression test is introduced as part of this PR.
>>
>> No regressions found in jdk/sun/security/pkcs11.
>
> test/jdk/sun/security/pkcs11/Cipher/CancelMultipart.java line 122:
>
>> 120: cipher.doFinal(new byte[1], 0, 0);
>> 121: } else {
>> 122: cipher.update(new byte[1]);
>
> Why only calling update(..) for Cipher encryption would lead to Exception? Seems strange...
Because a C_EncryptUpdate call that returns with an error here [1] implies that a session (with an active operation) is returned to the Session Manager here [2] [3]. For decryption, where we have proper padding on the Java side while doing an update, the test exercises the doFinal path. Decryption/Encryption is anecdotal here: what the test wants is coverage on both update and doFinal paths.
--
[1] - https://github.com/openjdk/jdk/blob/1cc09ccaef9a3695dd2862e3ee121e141e0a8a13/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java#L584
[2] - https://github.com/openjdk/jdk/blob/1cc09ccaef9a3695dd2862e3ee121e141e0a8a13/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java#L631
[3] - https://github.com/openjdk/jdk/blob/1cc09ccaef9a3695dd2862e3ee121e141e0a8a13/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java#L423
-------------
PR: https://git.openjdk.java.net/jdk/pull/1901
More information about the security-dev
mailing list