RFR: 8258833: Cancel multi-part cipher operations in SunPKCS11 after failures [v7]
Valerie Peng
valeriep at openjdk.java.net
Fri Jan 22 07:08:45 UTC 2021
On Wed, 20 Jan 2021 13:47:13 GMT, Martin Balao <mbalao at openjdk.org> wrote:
>> When a multi-part cipher operation fails in SunPKCS11 (i.e. because of an invalid block size), we now cancel the operation before returning the underlying Session to the Session Manager. This allows to use the returned Session for a different purpose. Otherwise, an CKR_OPERATION_ACTIVE error would be raised from the PKCS#11 library.
>>
>> The jdk/sun/security/pkcs11/Cipher/CancelMultipart.java regression test is introduced as part of this PR.
>>
>> No regressions found in jdk/sun/security/pkcs11.
>
> Martin Balao has updated the pull request incrementally with two additional commits since the last revision:
>
> - Align doCancel pattern in 'P11Cipher::implDoFinal(byte[]..' to 'P11Cipher::implDoFinal(ByteBuffer..'. Better documentation in P11Cipher. Copyright date updated.
> - Copyright dates updated to 2021 on modified files
Marked as reviewed by valeriep (Reviewer).
-------------
PR: https://git.openjdk.java.net/jdk/pull/1901
More information about the security-dev
mailing list