Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Fixed
Priority: P3
Fix Version/s: 12
Affects Version/s: None
Component/s: security-libs
Labels:

Subcomponent:
javax.net.ssl
Resolved In Build:
b12

Issue	Fix Version	Assignee	Priority	Status	Resolution	Resolved In Build
JDK-8214291	11.0.3-oracle	Ivan Gerasimov	P3	Resolved	Fixed	master
JDK-8215531	11.0.3	Martin Balao Alonso	P3	Resolved	Fixed	master
JDK-8213778	openjdk8u212	Martin Balao Alonso	P3	Resolved	Fixed	b01
JDK-8215861	8u212	Ivan Gerasimov	P3	Resolved	Fixed	b01
JDK-8214080	8u211	Ivan Gerasimov	P3	Resolved	Fixed	b01
JDK-8216163	8u202	Ivan Gerasimov	P3	Resolved	Fixed	b31
JDK-8215191	8u192	Ivan Gerasimov	P3	Closed	Fixed	b34
JDK-8220980	emb-8u211	Ivan Gerasimov	P3	Resolved	Fixed	master
JDK-8213925	openjdk7u	Martin Balao Alonso	P3	Resolved	Fixed	master

See the comment in SunPKCS11.java. Need to consider whether we can support SunTls12Prf, SunTls12RsaPremasterSecret, etc. in SunPKCS11 in the future.

        /*
         * TLS 1.2 uses a different hash algorithm than 1.0/1.1 for the
         * PRF calculations. As of 2010, there is no PKCS11-level
         * support for TLS 1.2 PRF calculations, and no known OS's have
         * an internal variant we could use. Therefore for TLS 1.2, we
         * are updating JSSE to request different provider algorithms
         * (e.g. "SunTls12Prf"), and currently only SunJCE has these
         * TLS 1.2 algorithms.
         *
         * If we reused the names such as "SunTlsPrf", the PKCS11
         * providers would need be updated to fail correctly when
         * presented with the wrong version number (via
         * Provider.Service.supportsParameters()), and we would also
         * need to add the appropriate supportsParamters() checks into
         * KeyGenerators (not currently there).
         *
         * In the future, if PKCS11 support is added, we will restructure
         * this.
         */

backported by

JDK-8213778 Support TLS v1.2 algorithm in SunPKCS11 provider

Resolved

JDK-8213925 Support TLS v1.2 algorithm in SunPKCS11 provider

Resolved

JDK-8214080 Support TLS v1.2 algorithm in SunPKCS11 provider

Resolved

JDK-8214291 Support TLS v1.2 algorithm in SunPKCS11 provider

Resolved

JDK-8215531 Support TLS v1.2 algorithm in SunPKCS11 provider

Resolved

JDK-8215861 Support TLS v1.2 algorithm in SunPKCS11 provider

Resolved

JDK-8216163 Support TLS v1.2 algorithm in SunPKCS11 provider

Resolved

JDK-8220980 Support TLS v1.2 algorithm in SunPKCS11 provider

Resolved

JDK-8215191 Support TLS v1.2 algorithm in SunPKCS11 provider

Closed

causes

JDK-8349849 PKCS11 SunTlsKeyMaterial crashes when used with TLS1.2 TlsKeyMaterialParameterSpec

Resolved

duplicates

JDK-8080076 PKCS#11 v2.40 Support for TLSv1.2 feature

Closed

is blocked by

JDK-8080462 Update SunPKCS11 provider with PKCS11 v2.40 support

Resolved

relates to

JDK-8213154 Update copyright headers of files in src tree that are missing Classpath exception

Resolved

JDK-8220753 Re-introduce the test case for TLS 1.2 algorithms in SunPKCS11 crypto provider

Resolved

JDK-8210912 Build error in src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_convert.c after JDK-8029661

Closed

(4 backported by, 1 causes, 1 duplicates, 1 is blocked by, 3 relates to)

Assignee:: Martin Balao Alonso

Reporter:: Xuelei Fan

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Created:: 2013-12-05 21:47

Updated:: 2025-02-11 08:57

Resolved:: 2018-09-19 05:06

Details

Backports

Description

Attachments

Issue Links

Activity

People

Dates