Details
-
Bug
-
Resolution: Fixed
-
P3
-
None
-
None
-
b102
-
generic
-
linux, solaris_10
-
Verified
Backports
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8036143 | 7u91 | Sean Coffey | P3 | Resolved | Fixed | b01 |
| JDK-8085998 | 7u85 | Sean Coffey | P3 | Resolved | Fixed | b15 |
Description
Many PKCS11 tests, in particular EC ones, have intermittent failures due to the NSS version on the test machine being old or not supporting the full elliptic curve suite (ECC Basic vs ECC Extended vs none at all).
The most common error one will see returned from PKCS11 is CKR_DOMAIN_PARAMS_INVALID from EC tests. Others are one-off bugs in NSS that were fixed in later NSS versions. While it would be nice to have all the NSS version up-to-date, it's a reality that these failures will occur in the community and it's best the tests are smarter rather than having to explain the problems over and over.
The most common error one will see returned from PKCS11 is CKR_DOMAIN_PARAMS_INVALID from EC tests. Others are one-off bugs in NSS that were fixed in later NSS versions. While it would be nice to have all the NSS version up-to-date, it's a reality that these failures will occur in the community and it's best the tests are smarter rather than having to explain the problems over and over.
Attachments
Issue Links
- backported by
-
JDK-8036143 The NSS version should be detected before running crypto tests
-
- Resolved
-
-
-
- Resolved
-
- duplicates
-
-
- Resolved
-
-
-
- Resolved
-
- relates to
-
-
- Closed
-
-
-
- Resolved
-
(1 relates to)