Integrated: 8325254: CKA_TOKEN private and secret keys are not necessarily sensitive
Martin Balao
mbalao at openjdk.org
Tue Feb 6 19:51:59 UTC 2024
On Mon, 5 Feb 2024 18:23:30 GMT, Martin Balao <mbalao at openjdk.org> wrote:
> Hi,
>
> May I have a review for this fix to [JDK-8325254](https://bugs.openjdk.org/browse/JDK-8325254)?
>
> With this change, CKA_TOKEN = true is used as an indicator of a sensitive private key (opaque) only if the token is NSS. The behavior previous to [JDK-8271566](https://bugs.openjdk.org/browse/JDK-8271566) is restored for non-NSS tokens.
>
> No regressions observed in jdk/sun/security/pkcs11.
This pull request has now been integrated.
Changeset: 0f5f3c9b
Author: Martin Balao <mbalao at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/0f5f3c9b9718c610406088327401210486447462
Stats: 3 lines in 1 file changed: 1 ins; 0 del; 2 mod
8325254: CKA_TOKEN private and secret keys are not necessarily sensitive
Reviewed-by: valeriep
-------------
PR: https://git.openjdk.org/jdk/pull/17712
More information about the security-dev
mailing list