JDK-6461727 : TripleDES KeyGenerators in SunPKCS11 and SunJCE do not agree on key length
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.crypto:pkcs11
  • Affected Version: 6,6u15
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic,solaris_10
  • CPU: generic,sparc
  • Submitted: 2006-08-18
  • Updated: 2012-10-01
  • Resolved: 2007-09-15
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 6 JDK 7 Other
6u15Fixed 7 b21Fixed OpenJDK6Fixed
Description
The SunJCE implementation of the TripleDES KeyGenerator accepts 112 (2-key) and 168 (3-key), but the SunPKCS11 implementation requires 128 (2-key) or 192 (3-key). This is clearly broken.

Comments
EVALUATION SunPKCS11 should accept 112 and 168 in addition to 128/192.
18-08-2006