Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8029156

test/sun/security/pkcs11/ec/ReadCertificates.java failing: EC key must be at least 256 bits (lnx)

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: 8
    • Fix Version/s: 8
    • Component/s: security-libs
    • Labels:
      None

      Description

      On a Ubuntu 12.04 system that is fully patched (and hence latest NSS library) then this test is failing since the push of JDK-7200306 to jdk8/tl. This test used to fail intermittently (but rarely, maybe one in a 100 runs), now it fails every time.

      ----------System.out:(65/2693)----------
      Beginning test run ReadCertificates...
      Running test with provider SunPKCS11-NSS...
      Loading ECCCA.crt...
      Loading ECCp160.crt...
      Loading ECCp192.crt...
      Loading ECCp224.crt...
      Loading ECCp256.crt...
      Loading ECCp384.crt...
      Loading ECCp521.crt...
      Loading End_P256_Specified_SHA1.cer...
      Loading End_P256_Specified_SHA256.cer...
      Loading End_P256_Specified_SHA384.cer...
      Loading End_P256_Specified_SHA512.cer...
      Loading End_P256_combined_SHA1.cer...
      Loading End_P256_combined_SHA256.cer...
      Loading End_P256_combined_SHA384.cer...
      Loading End_P256_combined_SHA512.cer...
      Loading End_P384_Specified_SHA1.cer...
      Loading End_P384_Specified_SHA256.cer...
      Loading End_P384_Specified_SHA384.cer...
      Loading End_P384_Specified_SHA512.cer...
      Loading End_P384_combined_SHA1.cer...
      Loading End_P384_combined_SHA256.cer...
      Loading End_P384_combined_SHA384.cer...
      Loading End_P384_combined_SHA512.cer...
      Loading End_P521_Specified_SHA1.cer...
      Loading End_P521_Specified_SHA256.cer...
      Loading End_P521_Specified_SHA384.cer...
      Loading End_P521_Specified_SHA512.cer...
      Loading End_P521_combined_SHA1.cer...
      Loading RootP256.cer...
      Loading certicom-secg-ca.cer...
      Loading certicom-secg-server.der...
      Loading sunlabscerts.pem...
      OK: 110 certificates.
      Verifying CN=ECC CA, O=Red Hat, C=US...
      Verifying CN=jordan.sfbay.redhat.com, OU=ECC p160, O=Red Hat, C=US...
      Verifying CN=jordan.sfbay.redhat.com, OU=ECC p192, O=Red Hat, C=US...
      Verifying CN=jordan.sfbay.redhat.com, OU=ECC p224, O=Red Hat, C=US...
      Verifying CN=jordan.sfbay.redhat.com, OU=ECC p256, O=Red Hat, C=US...
      Verifying CN=jordan.sfbay.redhat.com, OU=ECC p384, O=Red Hat, C=US...
      Verifying CN=jordan.sfbay.redhat.com, OU=ECC p5214, O=Red Hat, C=US...
      Verifying CN=End_P256_Specified_SHA1...
      Verifying CN=End_P256_Specified_SHA256...
      Verifying CN=End_P256_Specified_SHA384...
      Verifying CN=End_P256_Specified_SHA512...
      Verifying CN=End_P256_Combined_SHA1...
      Verifying CN=End_P256_Combined_SHA256...
      Verifying CN=End_P256_Combined_SHA384...
      Verifying CN=End_P256_Combined_SHA512...
      Verifying CN=End_P384_Specified_SHA1...
      Verifying CN=End_P384_Specified_SHA256...
      Verifying CN=End_P384_Specified_SHA384...
      Verifying CN=End_P384_Specified_SHA512...
      Verifying CN=End_P384_Combined_SHA1...
      Verifying CN=End_P384_Combined_SHA256...
      Verifying CN=End_P384_Combined_SHA384...
      Verifying CN=End_P384_Combined_SHA512...
      Verifying CN=End_P521_Specified_SHA1...
      Verifying CN=End_P521_Specified_SHA256...
      Verifying CN=End_P521_Specified_SHA384...
      Verifying CN=End_P521_Specified_SHA512...
      Verifying CN=End_P521_Combined_SHA1...
      Verifying CN=ROOT_P256...
      Verifying C=CA, CN=tls.secg.org ecc CA sect233k1 Certificate, ST=Ontario, L=Toronto, O=Certicom Corp., OU=SAMPLE ONLY...
      ----------System.err:(21/1173)----------
      java.security.InvalidKeyException: EC key must be at least 256 bits
      at sun.security.pkcs11.P11Signature.checkKeySize(P11Signature.java:359)
      at sun.security.pkcs11.P11Signature.engineInitVerify(P11Signature.java:411)
      at java.security.Signature$Delegate.engineInitVerify(Signature.java:1120)
      at java.security.Signature.initVerify(Signature.java:452)
      at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:438)
      at ReadCertificates.main(ReadCertificates.java:111)
      at PKCS11Test.premain(PKCS11Test.java:79)
      at PKCS11Test.testNSS(PKCS11Test.java:357)
      at PKCS11Test.main(PKCS11Test.java:89)
      at ReadCertificates.main(ReadCertificates.java:58)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      at java.lang.reflect.Method.invoke(Method.java:483)
      at com.sun.javatest.regtest.MainAction$SameVMRunnable.run(MainAction.java:746)
      at java.lang.Thread.run(Thread.java:744)

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                ascarpino Anthony Scarpino
                Reporter:
                alanb Alan Bateman
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: