Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-7105940

Test regression: KeyStore must be from provider SunPKCS11-NSSKeyStore

XMLWordPrintable

    • b14
    • generic
    • generic
    • Verified

      To use samevm mode in java_security, we reserved and restored the default SSLContext in CR 7055363, test/sun/security/pkcs11/fips/ClientJSSEServerJSSE.java:

      + SSLContext reservedSSLContext = SSLContext.getDefault();
      + try {
                  ...
      + } finally {
      + SSLContext.setDefault(reservedSSLContext);
      + }

      However, the default SSLContext is not supposed to be FIPS compliant. When run the test manually, we would get the following exception:

      default context init failed: java.security.KeyStoreException: FIPS mode: KeyStore must be from provider SunPKCS11-NSSKeyStore
      ----------System.err:(32/2442)----------
      java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)
      at java.security.Provider$Service.newInstance(Provider.java:1261)
      at sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
      at sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
      at javax.net.ssl.SSLContext.getInstance(SSLContext.java:157)
      at javax.net.ssl.SSLContext.getDefault(SSLContext.java:97)
      at CipherTest.main(CipherTest.java:397)
      at ClientJSSEServerJSSE.main(ClientJSSEServerJSSE.java:67)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      at java.lang.reflect.Method.invoke(Method.java:474)
      at com.sun.javatest.regtest.MainWrapper$MainThread.run(MainWrapper.java:94)
      at java.lang.Thread.run(Thread.java:722)
      Caused by: java.security.KeyStoreException: FIPS mode: KeyStore must be from provider SunPKCS11-NSSKeyStore
      at sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:65)
      at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:259)
      at sun.security.ssl.SSLContextImpl$DefaultSSLContext.getDefaultKeyManager(SSLContextImpl.java:712)
      at sun.security.ssl.SSLContextImpl$DefaultSSLContext.<init>(SSLContextImpl.java:573)
      at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
      at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
      at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
      at java.lang.reflect.Constructor.newInstance(Constructor.java:395)
      at java.lang.Class.newInstance0(Class.java:368)
      at java.lang.Class.newInstance(Class.java:320)
      at java.security.Provider$Service.newInstance(Provider.java:1235)
      ... 12 more

            xuelei Xuelei Fan
            xuelei Xuelei Fan
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: