Bug ID: JDK-8080462 Update SunPKCS11 provider with PKCS11 v2.40 support

JDK-8080462 : Update SunPKCS11 provider with PKCS11 v2.40 support

Type: Enhancement
Component: security-libs
Sub-Component: javax.crypto:pkcs11
Affected Version: 8,11,14

Priority: P3
Status: Resolved
Resolution: Fixed
OS: generic
CPU: generic

Submitted: 2015-05-15
Updated: 2024-02-02
Resolved: 2019-06-11

Versions (Unresolved/Resolved/Fixed)

The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.

JDK 11	JDK 13	JDK 14	JDK 8	Other
11.0.6-oracleFixed	13 b25Fixed	14Fixed	8u241Fixed	openjdk8u272Fixed

Related Reports

Blocks :	JDK-8029661 - Support TLS v1.2 algorithm in SunPKCS11 provider
CSR :	JDK-8221442 - Update SunPKCS11 provider with PKCS11 v2.40 support
Duplicate :	JDK-8217611 - PKCS11 module unable to negotiate TLSv1.3 with RSASSA-PSS
Duplicate :	JDK-6793099 - CKA_WRAP_WITH_TRUSTED can't be specified as an attribute in the SunPKCS11 config
Relates :	JDK-8226651 - Setting the mgfHash in CK_RSA_PKCS_PSS_PARAMS has no effect
Relates :	JDK-8238898 - Missing hash characters for header on license file
Relates :	JDK-8229243 - SunPKCS11-Solaris provider tests failing on Solaris 11.4
Relates :	JDK-8228835 - Memory leak in PKCS11 provider when using AES GCM
Relates :	JDK-8307185 - pkcs11 native libraries make JNI calls into java code while holding GC lock
Relates :	JDK-8282077 - PKCS11 provider C_sign() impl should handle CKR_BUFFER_TOO_SMALL error
Relates :	JDK-8225695 - 32-bit build failures after JDK-8080462 (Update SunPKCS11 provider with PKCS11 v2.40 support)
Relates :	JDK-8325162 - Remove duplicate GCMParameters class
Relates :	JDK-8261433 - Better pkcs11 performance for libpkcs11:C_EncryptInit/libpkcs11:C_DecryptInit
Relates :	JDK-8228645 - Don't run sun/security/pkcs11/Cipher/TestKATForGCM.java on buggy NSS solaris versions

Sub Tasks

JDK-8221441 :	Release Note: SunPKCS11 Provider Upgraded with Support for PKCS#11 v2.40 - Closed
JDK-8225323 :	Update doc accordingly for the SunPKCS11 provider v2.40 changes - Resolved

Description

Update SunPKCS11 provider with the PKCS#11 v2.40 header files and support more algorithms commonly implemented by most PKCS11 libraries. 
This includes syncing up SunPKCS11 provider to the supported algorithms of other default java providers when the corresponding mechanisms are supported in PKCS#11 v2.40 spec (see suggested list of algorithms below):

    MessageDigest: SHA-512/224, SHA-512/256
    MAC: HmacSHA512/224, HmacSHA512/256
    Signature: RSASSA-PSS, SHA1withRSASSA-PSS, SHA224withRSASSA-PSS, SHA256withRSASSA-PSS, SHA384withRSASSA-PSS, SHA512withRSASSA-PSS, SHA224withDSA, SHA256withDSA, SHA384withDSA, SHA512withDSA
    Cipher: AES/GCM/NoPadding, AES_128/GCM/NoPadding, AES_192/GCM/NoPadding, AES_256/GCM/NoPadding

In addition, it'd be good to print out unsupported algorithms, parse new attributes, and error codes defined in PKCS#11 v2.40 spec.

PKCS#11 v2.40 (w/ Errata incorporated)
Base Spec: http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/errata01/os/pkcs11-base-v2.40-errata01-os-complete.html
Profile: http://docs.oasis-open.org/pkcs11/pkcs11-profiles/v2.40/pkcs11-profiles-v2.40.html
Current Mechanisms: http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/errata01/os/pkcs11-curr-v2.40-errata01-os-complete.html
Historical Mechanisms: http://docs.oasis-open.org/pkcs11/pkcs11-hist/v2.40/pkcs11-hist-v2.40.html
Usage Guide: http://docs.oasis-open.org/pkcs11/pkcs11-ug/v2.40/pkcs11-ug-v2.40.html

Comments

Approving retroactively as this has been pushed to 8u-dev already.
28-08-2020
Fix request (8u) I'd like to request a backport of this enhancement so we can provide compatibility between JDKs and improve PKCS#11 support. Patch has been review-approved here: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2020-August/012575.html
28-08-2020
Still in review, needs dependent backports: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2020-August/012356.html
12-08-2020
Still under review
18-02-2020
Fix Request (8u) I'd like to request an approval for a 8u backport of this enhancement. This backport would provide feature parity between OpenJDK and Oracle JDK 8. Patch does not apply cleanly and a review has been requested here: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2019-November/010618.html
19-11-2019
Fix request (11u) Requesting backport of this item for parity with Oracle 11.0.6. Patch applies cleanly, net a whitespace change in P11RSACipher.java in code which doesn't exist in 11u. Test runs through SAP's regression tests without issue. Will wait for CSR approval before pushing.
11-11-2019
Additional RSASSA-PSS signatures are added in addition to what's covered by earlier comment. The latest webrev adds support for: Java Algorithm ( PKCS#11 Mechanism ) MessageDigest.SHA-512/224 ( CKM_SHA512_224 ) MessageDigest.SHA-512/256 ( CKM_SHA512_256 ) MAC.HmacSHA512/224 ( CKM_SHA512_224_HMAC ) MAC.HmacSHA512/256 ( CKM_SHA512_256_HMAC ) Signature.RSASSA-PSS ( CKM_RSA_PKCS_PSS ) Signature.SHA1withRSASSA-PSS ( CKM_SHA1_RSA_PKCS_PSS ) Signature.SHA224withRSASSA-PSS ( CKM_SHA224_RSA_PKCS_PSS ) Signature.SHA256withRSASSA-PSS ( CKM_SHA256_RSA_PKCS_PSS ) Signature.SHA384withRSASSA-PSS ( CKM_SHA384_RSA_PKCS_PSS ) Signature.SHA512withRSASSA-PSS ( CKM_SHA512_RSA_PKCS_PSS ) Signature.SHA224withDSA ( CKM_DSA_SHA224 ) Signature.SHA256withDSA ( CKM_DSA_SHA256 ) Signature.SHA384withDSA ( CKM_DSA_SHA384 ) Signature.SHA512withDSA ( CKM_DSA_SHA512 ) Cipher.AES/GCM/NoPadding ( CKM_AES_GCM ) Cipher.AES_128/GCM/NoPadding ( CKM_AES_GCM ) Cipher.AES_192/GCM/NoPadding ( CKM_AES_GCM ) Cipher.AES_256/GCM/NoPadding ( CKM_AES_GCM )
17-06-2019
URL: http://hg.openjdk.java.net/jdk/jdk/rev/f492567244ab User: valeriep Date: 2019-06-11 21:31:14 +0000
11-06-2019
For now, we will focus on updating PKCS#11 v2.40 header files and support for following PKCS11 mechanisms: CKM_SHA512_224, CKM_SHA512_256, CKM_SHA512_224_HMAC, CKM_SHA512_256_HMAC, CKM_AES_GCM, CKM_DSA_SHA224, CKM_DSA_SHA256, CKM_DSA_SHA384, CKM_DSA_SHA512.
13-03-2019
We should also consider AES GCM and CCM support if supported by NSS PKCS11 library.
10-12-2018
Hmm, scaab055 seem to be one of the older system, i.e. S11.2, but the tests are run on new machines, i.e. hostname=bus00cxi.us.oracle.com, javatestOS=SunOS 5.12 (amd64) in the corresponding .jtr file, so the failure seems to be due to the RC4 cipher are changed to be decrypt only in S12. These test failures should be logged under this new RFE that I filed specifically for detecting legacy mechanisms, i.e. https://bugs.openjdk.java.net/browse/JDK-8176837
30-03-2017
In my case the work was being done on ARM Linux
20-03-2017
It is essential to include Solaris release info for all PKCS11 provider bugs. Can u please provide as detailed release info (including build# if available) as possible? Thanks! BTW, there is actually a more suitable bug for these test failures, see https://bugs.openjdk.java.net/browse/JDK-8176837
20-03-2017
Consider providing PKCS11 v2.3 support if v2.4 finalization continues to lag. An update providing access to current "best practice" algorithms is critically needed.
09-11-2016