FULL PRODUCT VERSION : java version "1.6.0_22" Java(TM) SE Runtime Environment (build 1.6.0_22-b04) Java HotSpot(TM) Client VM (build 17.1-b03, mixed mode, sharing) ADDITIONAL OS VERSION INFORMATION : Microsoft Windows XP [Version 5.1.2600] EXTRA RELEVANT SYSTEM CONFIGURATION : PKCS11 driver has limit for session count. A DESCRIPTION OF THE PROBLEM : After refactoring done in 1.6.0_21 in sun.security.pkcs11.SessionManager it is not possible to initialize SunPKCS11 provider more times than PKCS11 driver maxSessionCount limit. When initializing (maxLimitCount + 1) instance exception is thrown. In 1.6.0_20 or earlier this works fine. STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : Create in loop more than maxSessionCount (this is specific for PKCS11 driver). In maxSessionCounty + 1 loop exception is thrown. EXPECTED VERSUS ACTUAL BEHAVIOR : EXPECTED - no exception is thrown ACTUAL - Exception in thread "main" java.security.ProviderException: Initialization failed at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:340) at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:90) at pl.unizeto.procertum.pkcs11.SunPkcs11BugTest.main(SunPkcs11BugTest.java:29) Caused by: java.security.ProviderException: Could not obtain session at sun.security.pkcs11.SessionManager.getOpSession(SessionManager.java:134) at sun.security.pkcs11.Token.<init>(Token.java:118) at sun.security.pkcs11.SunPKCS11.initToken(SunPKCS11.java:780) at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:331) REPRODUCIBILITY : This bug can be reproduced always. ---------- BEGIN SOURCE ---------- // Maximum session count supported by pkcs11 driver. // If you don't know what is the limit for your driver set it to 1000 // or higher value. // If driver has no limit for session count this test works fine. int driverMaxSessions = 32; StringBuilder pkcs11Cfg = new StringBuilder(); pkcs11Cfg.append("name = PKCS11\n"); pkcs11Cfg.append("library = crypto3PKCS.dll"); for(int i=0; i < driverMaxSessions + 1; i++) { InputStream config = new ByteArrayInputStream(pkcs11Cfg.toString().getBytes()); // fails with "java.security.ProviderException: Could not obtain session" // when in (driverMaxSession + 1) loop on JRE 6u20 or later SunPKCS11 provider = new sun.security.pkcs11.SunPKCS11(config); provider.logout(); } ---------- END SOURCE ----------
|