JDK-8080462 : Update SunPKCS11 provider with PKCS11 v2.40 support
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.crypto:pkcs11
  • Affected Version: 8,11,14
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2015-05-15
  • Updated: 2020-08-28
  • Resolved: 2019-06-11
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 13 JDK 14 JDK 8 Other
11.0.6Fixed 13 b25Fixed 14Fixed 8u241Fixed openjdk8u272Fixed
Related Reports
Blocks :  
CSR :  
Relates :  
Relates :  
Relates :  
Relates :  
Relates :  
Relates :  
Relates :  
Sub Tasks
JDK-8221441 :  
JDK-8225323 :  
Update SunPKCS11 provider with the PKCS#11 v2.40 header files and support more algorithms commonly implemented by most PKCS11 libraries. 
This includes syncing up SunPKCS11 provider to the supported algorithms of other default java providers when the corresponding mechanisms are supported in PKCS#11 v2.40 spec (see suggested list of algorithms below):

    MessageDigest: SHA-512/224, SHA-512/256
    MAC: HmacSHA512/224, HmacSHA512/256
    Signature: RSASSA-PSS, SHA1withRSASSA-PSS, SHA224withRSASSA-PSS, SHA256withRSASSA-PSS, SHA384withRSASSA-PSS, SHA512withRSASSA-PSS, SHA224withDSA, SHA256withDSA, SHA384withDSA, SHA512withDSA
    Cipher: AES/GCM/NoPadding, AES_128/GCM/NoPadding, AES_192/GCM/NoPadding, AES_256/GCM/NoPadding

In addition, it'd be good to print out unsupported algorithms, parse new attributes, and error codes defined in PKCS#11 v2.40 spec.

PKCS#11 v2.40 (w/ Errata incorporated)
Base Spec: http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/errata01/os/pkcs11-base-v2.40-errata01-os-complete.html
Profile: http://docs.oasis-open.org/pkcs11/pkcs11-profiles/v2.40/pkcs11-profiles-v2.40.html
Current Mechanisms: http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/errata01/os/pkcs11-curr-v2.40-errata01-os-complete.html
Historical Mechanisms: http://docs.oasis-open.org/pkcs11/pkcs11-hist/v2.40/pkcs11-hist-v2.40.html
Usage Guide: http://docs.oasis-open.org/pkcs11/pkcs11-ug/v2.40/pkcs11-ug-v2.40.html
Approving retroactively as this has been pushed to 8u-dev already.

Fix request (8u) I'd like to request a backport of this enhancement so we can provide compatibility between JDKs and improve PKCS#11 support. Patch has been review-approved here: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2020-August/012575.html

Still in review, needs dependent backports: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2020-August/012356.html

Still under review

Fix Request (8u) I'd like to request an approval for a 8u backport of this enhancement. This backport would provide feature parity between OpenJDK and Oracle JDK 8. Patch does not apply cleanly and a review has been requested here: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2019-November/010618.html

Fix request (11u) Requesting backport of this item for parity with Oracle 11.0.6. Patch applies cleanly, net a whitespace change in P11RSACipher.java in code which doesn't exist in 11u. Test runs through SAP's regression tests without issue. Will wait for CSR approval before pushing.

Additional RSASSA-PSS signatures are added in addition to what's covered by earlier comment. The latest webrev adds support for: Java Algorithm ( PKCS#11 Mechanism ) MessageDigest.SHA-512/224 ( CKM_SHA512_224 ) MessageDigest.SHA-512/256 ( CKM_SHA512_256 ) MAC.HmacSHA512/224 ( CKM_SHA512_224_HMAC ) MAC.HmacSHA512/256 ( CKM_SHA512_256_HMAC ) Signature.RSASSA-PSS ( CKM_RSA_PKCS_PSS ) Signature.SHA1withRSASSA-PSS ( CKM_SHA1_RSA_PKCS_PSS ) Signature.SHA224withRSASSA-PSS ( CKM_SHA224_RSA_PKCS_PSS ) Signature.SHA256withRSASSA-PSS ( CKM_SHA256_RSA_PKCS_PSS ) Signature.SHA384withRSASSA-PSS ( CKM_SHA384_RSA_PKCS_PSS ) Signature.SHA512withRSASSA-PSS ( CKM_SHA512_RSA_PKCS_PSS ) Signature.SHA224withDSA ( CKM_DSA_SHA224 ) Signature.SHA256withDSA ( CKM_DSA_SHA256 ) Signature.SHA384withDSA ( CKM_DSA_SHA384 ) Signature.SHA512withDSA ( CKM_DSA_SHA512 ) Cipher.AES/GCM/NoPadding ( CKM_AES_GCM ) Cipher.AES_128/GCM/NoPadding ( CKM_AES_GCM ) Cipher.AES_192/GCM/NoPadding ( CKM_AES_GCM ) Cipher.AES_256/GCM/NoPadding ( CKM_AES_GCM )

For now, we will focus on updating PKCS#11 v2.40 header files and support for following PKCS11 mechanisms: CKM_SHA512_224, CKM_SHA512_256, CKM_SHA512_224_HMAC, CKM_SHA512_256_HMAC, CKM_AES_GCM, CKM_DSA_SHA224, CKM_DSA_SHA256, CKM_DSA_SHA384, CKM_DSA_SHA512.

We should also consider AES GCM and CCM support if supported by NSS PKCS11 library.

Hmm, scaab055 seem to be one of the older system, i.e. S11.2, but the tests are run on new machines, i.e. hostname=bus00cxi.us.oracle.com, javatestOS=SunOS 5.12 (amd64) in the corresponding .jtr file, so the failure seems to be due to the RC4 cipher are changed to be decrypt only in S12. These test failures should be logged under this new RFE that I filed specifically for detecting legacy mechanisms, i.e. https://bugs.openjdk.java.net/browse/JDK-8176837

In my case the work was being done on ARM Linux

It is essential to include Solaris release info for all PKCS11 provider bugs. Can u please provide as detailed release info (including build# if available) as possible? Thanks! BTW, there is actually a more suitable bug for these test failures, see https://bugs.openjdk.java.net/browse/JDK-8176837

Consider providing PKCS11 v2.3 support if v2.4 finalization continues to lag. An update providing access to current "best practice" algorithms is critically needed.