JDK-8176837 : SunPKCS11 provider needs to check more details on PKCS11 Mechanism
- Type: Bug
- Component: security-libs
- Sub-Component: javax.crypto:pkcs11
- Affected Version: 9,11,14
- Priority: P4
- Status: Closed
- Resolution: Fixed
- OS: generic
- CPU: generic
- Submitted: 2017-03-15
- Updated: 2024-09-19
- Resolved: 2019-09-23
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 11 | JDK 13 | JDK 14 | JDK 8 | Other |
|---|---|---|---|---|
| 11.0.6-oracleFixed | 13.0.4Fixed | 14 b16Fixed  |
8u411Fixed | openjdk8u322Fixed |
Related Reports
|
Duplicate :
|
|
|
Relates :
|
|
|
Relates :
|
Description
Currently, SunPKCS11 provider assumes the listed supported mechanism can be used fully, i.e. cipher mechanisms can perform both encrypt and decrypt operations, signature mechanisms can perform both signing and verification. This may be true initially, however, as mechanisms become weak or obsolete, this may not hold true anymore. One example, in S11.4, RC4 can no longer be used for encryption. However, it still shows up as supported mechanism which supports decryption for older applications. SunPKCS11 provider needs to be updated accordingly,
Comments
|