JDK-8278622 : Release Note: SunPKCS11 Provider Now Supports Some PKCS#11 v3.0 APIs
  • Type: Sub-task
  • Component: security-libs
  • Affected Version: 18
  • Priority: P4
  • Status: Resolved
  • Resolution: Delivered
  • Submitted: 2021-12-13
  • Updated: 2021-12-16
  • Resolved: 2021-12-16
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 18
18Resolved
Description
PKCS#11 v3.0 adds several new APIs that support new function entry points, as well as message-based encryption for AEAD ciphers, etc. For JDK 18, the SunPKCS11 provider has been updated to support some of the new PKCS#11 v3.0 APIs. To be more specific, if the "functionList" attribute in the provider configuration file is not set, the SunPKCS11 provider will first try to locate the new PKCS#11 v3.0 C_GetInterface() method before falling back to the C_GetFunctionList() method to load the function pointers of the native PKCS#11 library. If the loaded PKCS#11 library is v3.0, then the SunPKCS11 provider will cancel crypto operations by trying the new PKCS#11 v3.0 C_SessionCancel() method instead of finishing off remaining operations and discarding the results. Support for other new PKCS#11 v3.0 APIs will be added in later releases.