Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-7200306

SunPKCS11 provider delays the check of DSA key size for SHA1withDSA to sign() instead of init()

    Details

    • Subcomponent:
    • Resolved In Build:
      b119
    • CPU:
      x86
    • OS:
      linux

      Description

      When we generate a 2048 bit DSA key, and use it with signature algorithm SHA1withDSA, it is expected that we will catch an InvalidKeyException in the Signature.init(privateKey) method.

      But when the test is running on solaris platforn, the expected InvalidKeyException is not thrown, instead, the ProviderException complain about key size out of range is thrown:
      java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_KEY_SIZE_RANGE
      at sun.security.pkcs11.P11Signature.engineSign(P11Signature.java:557)
      at java.security.Signature$Delegate.engineSign(Signature.java:1161)
      at java.security.Signature.sign(Signature.java:553)
      at TestSunJCE.testKeyPair(TestSunJCE.java:286)
      at TestSunJCE.main(TestSunJCE.java:486)
      Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_KEY_SIZE_RANGE
      at sun.security.pkcs11.wrapper.PKCS11.C_Sign(Native Method)
      at sun.security.pkcs11.P11Signature.engineSign(P11Signature.java:542)
      ... 4 more

      We should make the behavior consistent.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                valeriep Valerie Peng
                Reporter:
                yulixu Vivian Xu (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Due:
                  Created:
                  Updated:
                  Resolved:
                  Imported:
                  Indexed: