RFR: 8368694: PKCS11-NSS generic keys generated by DH have leading zeroes stripped [v2]
Daniel Jeliński
djelinski at openjdk.org
Wed Oct 8 10:13:01 UTC 2025
> The DiffieHellman KeyAgreement supports 2 key algorithms: TlsPremasterSecret and Generic. The Generic algorithm is supposed to generate keys of a constant length, keeping leading zeroes as appropriate.
>
> This PR changes the SunPKCS11 implementation to pass a CKA_VALUE_LEN attribute when a fixed length is needed; when the attribute is absent, the PKCS11 provider strips the leading zeroes.
>
> Added a check to the existing test cases to verify the fix. The check passes with the fix, fails without it. Other tier1-3 tests continue to pass.
Daniel Jeliński has updated the pull request incrementally with one additional commit since the last revision:
Use CKA_VALUE_LEN in parameterless engineGenerateSecret
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/27494/files
- new: https://git.openjdk.org/jdk/pull/27494/files/7f1e31bf..818e0348
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=27494&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=27494&range=00-01
Stats: 17 lines in 1 file changed: 2 ins; 12 del; 3 mod
Patch: https://git.openjdk.org/jdk/pull/27494.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/27494/head:pull/27494
PR: https://git.openjdk.org/jdk/pull/27494
More information about the security-dev
mailing list