RFR: 8325254: CKA_TOKEN private and secret keys are not necessarily sensitive
Martin Balao
mbalao at openjdk.org
Mon Feb 5 23:50:45 UTC 2024
Hi,
May I have a review for this fix to [JDK-8325254](https://bugs.openjdk.org/browse/JDK-8325254)?
With this change, CKA_TOKEN = true is used as an indicator of a sensitive private key (opaque) only if the token is NSS. The behavior previous to [JDK-8271566](https://bugs.openjdk.org/browse/JDK-8271566) is restored for non-NSS tokens.
No regressions observed in jdk/sun/security/pkcs11.
-------------
Commit messages:
- 8325254: CKA_TOKEN private and secret keys are not necessarily sensitive
Changes: https://git.openjdk.org/jdk/pull/17712/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=17712&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8325254
Stats: 3 lines in 1 file changed: 1 ins; 0 del; 2 mod
Patch: https://git.openjdk.org/jdk/pull/17712.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/17712/head:pull/17712
PR: https://git.openjdk.org/jdk/pull/17712
More information about the security-dev
mailing list