Details
-
Bug
-
Resolution: Fixed
-
P3
-
8
-
b119
-
x86
-
linux
Description
When we generate a 2048 bit DSA key, and use it with signature algorithm SHA1withDSA, it is expected that we will catch an InvalidKeyException in the Signature.init(privateKey) method.
But when the test is running on solaris platforn, the expected InvalidKeyException is not thrown, instead, the ProviderException complain about key size out of range is thrown:
java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_KEY_SIZE_RANGE
at sun.security.pkcs11.P11Signature.engineSign(P11Signature.java:557)
at java.security.Signature$Delegate.engineSign(Signature.java:1161)
at java.security.Signature.sign(Signature.java:553)
at TestSunJCE.testKeyPair(TestSunJCE.java:286)
at TestSunJCE.main(TestSunJCE.java:486)
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_KEY_SIZE_RANGE
at sun.security.pkcs11.wrapper.PKCS11.C_Sign(Native Method)
at sun.security.pkcs11.P11Signature.engineSign(P11Signature.java:542)
... 4 more
We should make the behavior consistent.
But when the test is running on solaris platforn, the expected InvalidKeyException is not thrown, instead, the ProviderException complain about key size out of range is thrown:
java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_KEY_SIZE_RANGE
at sun.security.pkcs11.P11Signature.engineSign(P11Signature.java:557)
at java.security.Signature$Delegate.engineSign(Signature.java:1161)
at java.security.Signature.sign(Signature.java:553)
at TestSunJCE.testKeyPair(TestSunJCE.java:286)
at TestSunJCE.main(TestSunJCE.java:486)
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_KEY_SIZE_RANGE
at sun.security.pkcs11.wrapper.PKCS11.C_Sign(Native Method)
at sun.security.pkcs11.P11Signature.engineSign(P11Signature.java:542)
... 4 more
We should make the behavior consistent.
Attachments
Issue Links
- relates to
-
JDK-8029156 test/sun/security/pkcs11/ec/ReadCertificates.java failing: EC key must be at least 256 bits (lnx)
- Closed
-
JDK-8029158 sun/security/pkcs11/Signature/TestDSAKeyLength.java does not compile (or run)
- Closed