-
Bug
-
Resolution: Duplicate
-
P4
-
None
-
6
-
x86
-
windows_xp
FULL PRODUCT VERSION :
java version "1.6.0_04"
Java(TM) SE Runtime Environment (build 1.6.0_04-b12)
Java HotSpot(TM) Client VM (build 10.0-b19, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Applicable to all
A DESCRIPTION OF THE PROBLEM :
Specifying "CKA_WRAP_WITH_TRUSTED = true" in the configuration data for the Sun PKCS11 provider results in a parse error of the configuration.
Basically, this attribute was omitted in the list of attributes in sun/security/pkcs11/wrapper/Functions.java
I did check against the current sdk7 source and this still appears to be the case. I also checked against the _11 runtime - the PKCS11 jar (lib/ext/sunpkcs11.jar) hasn't been updated and that's where the changes would be if any.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
in a PKCS11 config file specify
attributes (*, CKO_SECRET_KEY, *) = {
CKA_WRAP_WITH_TRUSTED = true
}
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The CKA_WRAP_WITH_TRUSTED attribute to be set on a generated AES key.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
$ !-2
java TestPKCS11Utimaco
Exception in thread "main" java.security.ProviderException: Error parsing config
uration
at sun.security.pkcs11.Config.getConfig(Config.java:71)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:110)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:90)
at TestPKCS11Utimaco.main(TestPKCS11Utimaco.java:63)
Caused by: sun.security.pkcs11.ConfigurationException: Unknown attribute name CK
A_WRAP_WITH_TRUSTED, line 4
at sun.security.pkcs11.Config.excLine(Config.java:343)
at sun.security.pkcs11.Config.decodeAttributeName(Config.java:903)
at sun.security.pkcs11.Config.parseAttributes(Config.java:765)
at sun.security.pkcs11.Config.parse(Config.java:374)
at sun.security.pkcs11.Config.<init>(Config.java:194)
at sun.security.pkcs11.Config.getConfig(Config.java:67)
... 3 more
REPRODUCIBILITY :
This bug can be reproduced always.
java version "1.6.0_04"
Java(TM) SE Runtime Environment (build 1.6.0_04-b12)
Java HotSpot(TM) Client VM (build 10.0-b19, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Applicable to all
A DESCRIPTION OF THE PROBLEM :
Specifying "CKA_WRAP_WITH_TRUSTED = true" in the configuration data for the Sun PKCS11 provider results in a parse error of the configuration.
Basically, this attribute was omitted in the list of attributes in sun/security/pkcs11/wrapper/Functions.java
I did check against the current sdk7 source and this still appears to be the case. I also checked against the _11 runtime - the PKCS11 jar (lib/ext/sunpkcs11.jar) hasn't been updated and that's where the changes would be if any.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
in a PKCS11 config file specify
attributes (*, CKO_SECRET_KEY, *) = {
CKA_WRAP_WITH_TRUSTED = true
}
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The CKA_WRAP_WITH_TRUSTED attribute to be set on a generated AES key.
ERROR MESSAGES/STACK TRACES THAT OCCUR :
$ !-2
java TestPKCS11Utimaco
Exception in thread "main" java.security.ProviderException: Error parsing config
uration
at sun.security.pkcs11.Config.getConfig(Config.java:71)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:110)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:90)
at TestPKCS11Utimaco.main(TestPKCS11Utimaco.java:63)
Caused by: sun.security.pkcs11.ConfigurationException: Unknown attribute name CK
A_WRAP_WITH_TRUSTED, line 4
at sun.security.pkcs11.Config.excLine(Config.java:343)
at sun.security.pkcs11.Config.decodeAttributeName(Config.java:903)
at sun.security.pkcs11.Config.parseAttributes(Config.java:765)
at sun.security.pkcs11.Config.parse(Config.java:374)
at sun.security.pkcs11.Config.<init>(Config.java:194)
at sun.security.pkcs11.Config.getConfig(Config.java:67)
... 3 more
REPRODUCIBILITY :
This bug can be reproduced always.
- duplicates
-
JDK-8080462 Update SunPKCS11 provider with PKCS11 v2.40 support
-
- Resolved
-