Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-7200306

SunPKCS11 provider delays the check of DSA key size for SHA1withDSA to sign() instead of init()

    XMLWordPrintable

Details

    • b119
    • x86
    • linux

    Description

      When we generate a 2048 bit DSA key, and use it with signature algorithm SHA1withDSA, it is expected that we will catch an InvalidKeyException in the Signature.init(privateKey) method.

      But when the test is running on solaris platforn, the expected InvalidKeyException is not thrown, instead, the ProviderException complain about key size out of range is thrown:
      java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_KEY_SIZE_RANGE
      at sun.security.pkcs11.P11Signature.engineSign(P11Signature.java:557)
      at java.security.Signature$Delegate.engineSign(Signature.java:1161)
      at java.security.Signature.sign(Signature.java:553)
      at TestSunJCE.testKeyPair(TestSunJCE.java:286)
      at TestSunJCE.main(TestSunJCE.java:486)
      Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_KEY_SIZE_RANGE
      at sun.security.pkcs11.wrapper.PKCS11.C_Sign(Native Method)
      at sun.security.pkcs11.P11Signature.engineSign(P11Signature.java:542)
      ... 4 more

      We should make the behavior consistent.

      Attachments

        Issue Links

          Activity

            People

              valeriep Valerie Peng
              yulixu Vivian Xu (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                Imported:
                Indexed: