JDK-6461727 : TripleDES KeyGenerators in SunPKCS11 and SunJCE do not agree on key length
Type:Bug
Component:security-libs
Sub-Component:javax.crypto:pkcs11
Affected Version:6,6u15
Priority:P3
Status:Resolved
Resolution:Fixed
OS:generic,solaris_10
CPU:generic,sparc
Submitted:2006-08-18
Updated:2012-10-01
Resolved:2007-09-15
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed. Resolved: Release in which this issue/RFE has been resolved. Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
The SunJCE implementation of the TripleDES KeyGenerator accepts 112 (2-key) and 168 (3-key), but the SunPKCS11 implementation requires 128 (2-key) or 192 (3-key). This is clearly broken.
Comments
EVALUATION
SunPKCS11 should accept 112 and 168 in addition to 128/192.