RFR: 8258833: Cancel multi-part cipher operations in SunPKCS11 after failures [v6]
Martin Balao
mbalao at openjdk.java.net
Fri Jan 15 20:28:29 UTC 2021
On Thu, 14 Jan 2021 20:29:54 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> The update fails because the native mechanism (CKM_AES_ECB) has no padding and OpenJDK does not buffer data in the Java side for encryption [1] (this is a bug that I'll address soon). As a result, there is a PKCS#11 call with an invalid length and we get the error that ends up returning the session to the Session Manager. I just realized that when we fix the previous padding-bug, this test path won't work anymore. CKR_BUFFER_TOO_SMALL errors on updates do not lead to a reset call in the OpenJDK side (contrary to doFinal), so they wouldn't be useful for the test. I'll investigate if there is a way to trigger the path. Otherwise we should keep the doFinal path only. I'd still force a reset if there is an error other than CKR_BUFFER_TOO_SMALL in the update.
>>
>> --
>> [1] - https://github.com/openjdk/jdk/blob/1cc09ccaef9a3695dd2862e3ee121e141e0a8a13/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java#L583
>
> It's an update call, isn't padding occur when doFinal() is called for encryption?
> In any case, it's best for the test case to not have this bug dependency. I am ok if you can only test doFinal path only.
Yes, makes sense to remove the bug dependency and the whole encrypt-update path. I'll keep the test extensible, though; so we can include new paths eventually.
-------------
PR: https://git.openjdk.java.net/jdk/pull/1901
More information about the security-dev
mailing list