JDK8 fips/TestTLS12 failure on Ubuntu 24.04

[sxa]

Passes on the RHEL6 machine according to #5233 (comment)
Noted as part of the pkcs11 failures when testing Ubuntu 24.04 and UBI8 although not specifically called out in the AL2023 testing: adoptium/infrastructure#3614 (comment)
Performing new Grinder run at https://ci.adoptium.net/job/Grinder/10513 of jdk_security3_0 to check the output before adding more details.
Related: PKCS11 test failures at #5380

Noting that the JDK11 test of the same name passes with Cannot resolve artifact, please check if JIB jar is present in classpath. Test skipped: failure during initialization
`

[sxa]

JDK8 result:
Stack trace: Execution failed: main' threw exception: java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ARGUMENTS_BAD`

Standard output

libsoftokn3 version not found, set to 0.0: /usr/lib/x86_64-linux-gnu/libsoftokn3.so
SunPKCS11 provider: SunPKCS11-NSSKeyStore version 1.8
Sun JSSE provider (FIPS mode, crypto provider SunPKCS11-NSSKeyStore)
rsaPlainPreMasterSecret:
03, 03, E9, E7, 74, B5, A3, F7, 1C, CA, 78, E9, DA, FD, 89, EC, 02, 7F, 33, FC, D0, 9F, 28, 7C, B0, 86, 25, B4, 77, 19, 79, FE, 41, 51, 16, 7B, CE, 89, F0, 45, BC, AD, C1, 1F, B1, DE, E0, 85, 
Master Secret (SunJCE):
88, 31, BC, E0, E3, 73, 42, 6B, 17, 8A, 52, EB, E6, CF, A3, BB, EB, 06, 0C, CF, C6, 56, 6A, A0, E9, D1, 7E, 07, D3, 47, F8, E6, 33, 1D, D4, C8, A3, 4C, BF, 3D, A6, 55, F4, A0, 38, DF, 89, 22, 
SunPKCS11 Authentication Code: 
77, 6D, C5, CD, 51, F6, 2A, 4A, 88, C2, EE, CF, 
SunJCE Authentication Code: 
77, 6D, C5, CD, 51, F6, 2A, 4A, 88, C2, EE, CF, 
Client -> Network
16, 
03, 03, 00, 8B, 01, 00, 00, 87,  03, 03, 00, 0C, E5, 40, 01, 21, 
E4, 3E, D4, 46, 31, 0E, 9E, BA,  A2, 7C, D3, 6C, 13, 20, 08, 05, 
8F, 1A, 9A, 08, 2A, A2, EB, FA,  2C, 19, 00, 00, 02, 00, 3C, 01, 
00, 00, 5C, 00, 0D, 00, 24, 00,  22, 04, 03, 05, 03, 06, 03, 08, 
04, 08, 05, 08, 06, 08, 09, 08,  0A, 08, 0B, 04, 01, 05, 01, 06, 
01, 03, 03, 03, 01, 02, 03, 02,  01, 02, 02, 00, 32, 00, 24, 00, 
22, 04, 03, 05, 03, 06, 03, 08,  04, 08, 05, 08, 06, 08, 09, 08, 
0A, 08, 0B, 04, 01, 05, 01, 06,  01, 03, 03, 03, 01, 02, 03, 02, 
01, 02, 02, 00, 2B, 00, 03, 02,  03, 03, FF, 01, 00, 01, 00, 
Server -> Network

Client -> Network

Server -> Network
16, 
03, 03, 03, 50, 02, 00, 00, 4D,  03, 03, 6B, D3, EE, F9, EE, 08, 
8C, 19, 53, EA, 16, 80, 5E, 65,  7D, C7, 55, E6, 2B, 27, 5E, 24, 
64, D5, 13, 38, D3, 59, 15, BA,  B7, C2, 20, EC, 8B, 0F, 1C, 6F, 
C2, 64, 0B, 8A, 45, 73, EC, C8,  6F, 20, F6, 37, 52, C6, 60, 02, 
AB, 10, 27, A5, A5, 4E, 75, 31,  AC, 31, B9, 00, 3C, 00, 00, 05, 
FF, 01, 00, 01, 00, 0B, 00, 02,  F7, 00, 02, F4, 00, 02, F1, 30, 
82, 02, ED, 30, 82, 01, D5, A0,  03, 02, 01, 02, 02, 02, 0E, 42, 
30, 0D, 06, 09, 2A, 86, 48, 86,  F7, 0D, 01, 01, 0B, 05, 00, 30, 
1F, 31, 1D, 30, 1B, 06, 03, 55,  04, 03, 13, 14, 52, 65, 64, 20, 
48, 61, 74, 20, 54, 65, 73, 74,  20, 52, 6F, 6F, 74, 20, 43, 41, 
30, 1E, 17, 0D, 31, 37, 31, 30,  33, 30, 32, 31, 33, 33, 35, 39, 
5A, 17, 0D, 34, 32, 31, 30, 33,  30, 32, 31, 33, 33, 35, 39, 5A, 
30, 1F, 31, 1D, 30, 1B, 06, 03,  55, 04, 03, 13, 14, 52, 65, 64, 
20, 48, 61, 74, 20, 54, 65, 73,  74, 20, 52, 6F, 6F, 74, 20, 43, 
41, 30, 82, 01, 22, 30, 0D, 06,  09, 2A, 86, 48, 86, F7, 0D, 01, 
01, 01, 05, 00, 03, 82, 01, 0F,  00, 30, 82, 01, 0A, 02, 82, 01, 
01, 00, C3, F3, 2C, 0F, C6, 60,  46, 4C, 78, C9, 93, 11, 65, B4, 
81, 22, 64, 37, FC, 69, 59, 1A,  6A, 78, 79, B5, 44, CE, 6E, 1B, 
64, 23, AF, 37, D5, 61, 21, B7,  8D, 4A, F4, 03, F7, 01, 9C, B0, 
44, BB, 3F, DF, 2F, F6, FF, 25,  42, B5, F9, C7, 3E, A0, F4, B9, 
05, 8E, 61, 3E, 78, 06, 5E, 89,  78, A4, 23, AC, B5, FF, D7, 73, 
AF, 60, 77, 0F, 62, CD, 31, BF,  A3, 48, C2, BC, 9A, 06, A7, E8, 
D4, E7, C9, 85, 77, 37, 1C, EB,  8A, AF, 85, A5, AF, 31, E1, 72, 
27, 7B, 1B, DD, 7F, C3, 1B, 0F,  FF, 87, 97, 1C, 28, 57, 61, 3A, 
FC, 0C, 0D, 20, 3C, 38, 6F, DF,  99, 12, F0, CD, CC, 92, A2, 85, 
15, 67, 60, 51, A9, F0, B9, 52,  08, 70, E6, 84, 0C, 1E, 0F, 27, 
CA, F0, 80, 5F, FB, 34, 69, 54,  78, 28, 3E, 36, 96, CA, B7, FF, 
B9, 76, 44, 18, 14, DA, 07, D0,  A9, 46, B7, FC, 5E, 41, E5, C6, 
EE, EF, 40, F4, 8E, EC, F3, 33,  60, 69, 17, 3A, 79, BA, 87, CC, 
1B, 4D, 25, 23, 21, 9D, EF, EB,  43, C2, A0, 97, 55, DF, F2, AF, 
A3, 72, D5, 6B, BC, 23, 0C, CF,  AA, 7D, 5E, 64, 17, A3, 6B, 25, 
72, 31, 42, 18, B0, 15, BF, 37,  38, 18, 27, 24, 04, D9, 96, 86, 
EE, 2B, 02, 03, 01, 00, 01, A3,  33, 30, 31, 30, 11, 06, 09, 60, 
86, 48, 01, 86, F8, 42, 01, 01,  04, 04, 03, 02, 00, D5, 30, 0F, 
06, 03, 55, 1D, 13, 04, 08, 30,  06, 01, 01, FF, 02, 01, 00, 30, 
0B, 06, 03, 55, 1D, 0F, 04, 04,  03, 02, 01, FE, 30, 0D, 06, 09, 
2A, 86, 48, 86, F7, 0D, 01, 01,  0B, 05, 00, 03, 82, 01, 01, 00, 
20, 36, B6, CD, DA, 34, A3, 0C,  2B, 11, E9, FC, 3A, 2F, E5, 67, 
44, 0F, CF, C3, 3F, DA, F5, 7E,  E9, 43, F6, AE, 50, 61, 88, A8, 
19, DB, 49, BB, 0B, 2D, BB, FB,  D0, E7, 8A, BC, C4, 6C, 81, 0C, 
14, 56, C9, 2E, 67, 16, 3F, 06,  2A, C2, 02, B4, A4, 1E, 55, B3, 
CF, 4B, 8F, F8, 2C, B4, 4A, 2F,  72, 11, 97, 79, 35, 30, F5, 22, 
FC, D1, C2, B5, 9F, 8C, 0D, 66,  85, E3, 33, DC, A6, AD, F1, 94, 
B2, 42, 53, E4, A7, 98, BB, 5B,  15, F6, F3, D9, 43, 12, 67, 5F, 
2A, 34, 90, 41, 11, F6, 30, 45,  DD, 91, 4E, EC, AC, D0, 76, 73, 
45, 19, 06, 2A, 62, 4A, 83, 2C,  9F, 2C, 0F, 7B, EC, 4A, 0A, 39, 
09, 39, AE, EE, 0A, EF, 02, 64,  62, C7, 26, 79, 1E, 29, 1B, 65, 
9C, E1, 04, 7C, A9, 82, 50, 5D,  F8, A9, 0F, 0D, 39, 43, 25, D9, 
CA, 8A, 5B, DC, B4, 97, A6, 0D,  DD, 92, A6, B7, 8F, 88, 5D, 13, 
4B, C7, 85, DA, B5, D5, B7, F0,  50, 18, C9, D8, 41, A6, 71, 2F, 
2A, EF, C7, 17, EC, 67, D8, 07,  F0, AD, EB, 9E, D0, E8, 14, 0F, 
15, 51, A1, E4, F3, 85, A8, 4A,  81, C0, F2, A6, 66, 52, 3C, 9C, 
CC, 84, 78, 1D, CA, 43, 8F, 61,  76, F4, 20, 20, 9F, 80, B2, 84, 
0E, 00, 00, 00, 
Client -> Network
16, 
03, 03, 01, 06, 10, 00, 01, 02,  01, 00, 04, AC, 26, 28, F2, 85, 
1B, 9E, B6, DD, A3, 43, 91, 14,  59, 6F, 51, 2E, DD, 77, 86, D6, 
B4, 7B, 22, B8, BA, 0D, 3D, 45,  D2, 51, D1, 2B, 5F, A1, E9, 86, 
82, D0, F2, 3B, 35, 0E, D5, E6,  F2, CD, 7B, 8A, 09, B8, 6E, B0, 
0D, 88, 8B, 1D, 70, C3, 2A, 3E,  03, 24, 90, FD, C9, 30, 23, 58, 
82, 10, C3, 60, 1A, 35, 1D, DC,  30, 28, 66, 4F, 68, D6, E3, 22, 
97, A5, EF, 5A, 6F, 4A, 36, 6C,  B0, AB, 19, B2, F8, BE, 65, C6, 
9F, 23, 34, 9E, CD, 41, A9, D5,  60, 9C, 46, 67, 8B, 82, 64, 56, 
82, 3E, A1, 7B, 9F, 6F, F0, 67,  C3, 06, BF, DC, 7E, C1, 5F, 8F, 
98, 54, 40, D2, 11, 75, C8, 69,  2D, 4A, F8, 0E, B0, A4, CE, A9, 
56, 1B, 4A, 98, DD, EC, DF, 2F,  73, BA, 09, CE, 22, 0D, 7C, 1C, 
CC, F4, 59, 6F, 33, 92, 53, A3,  BD, 0E, C4, F5, 02, D1, 88, E8, 
67, 5E, AE, 11, 38, C5, 0F, 85,  AF, 9B, AA, BA, D9, 16, E1, 96, 
93, 5B, AB, B6, CC, 40, 07, 8E,  43, 25, 1E, 1D, B8, 77, AA, 16, 
C9, 25, DF, 57, 1E, 28, C6, CD,  04, 5D, 74, 17, 21, DA, 78, E7, 
CD, 98, 65, 6C, 17, 8C, D1, 3E,  96, D0, E6, 67, 5D, A9, 95, 98, 
87, 66, B8, B3, 4F, 8C, EE, ED,  A2, 6C, 
Server -> Network

Client -> Network
14, 
03, 03, 00, 01, 01, 
Server -> Network

Client -> Network
16, 
03, 03, 00, 50, 39, 58, 22, A6,  83, 67, B6, B9, 2A, 7B, D9, B5, 
B5, 4F, C9, 20, 06, 76, 1A, 3B,  7B, F8, C0, 74, 5E, 09, CB, E8, 
A6, 1C, 04, F0, 3C, A8, 1C, DA,  B4, 8A, 30, AD, B2, ED, C0, FB, 
BF, 6C, 16, 0E, 34, FF, CD, 22,  E8, 44, E9, D7, 75, CC, 94, 8A, 
AD, E0, 66, 32, 1C, 49, 79, 53,  EA, C7, 50, 6C, 6B, 2F, D9, 66, 
5F, 6C, 02, 6C, 
Server -> Network

Client -> Network

Server -> Network
14, 
03, 03, 00, 01, 01, 
Client -> Network

Server -> Network
16, 
03, 03, 00, 50, B3, 29, A8, 6D,  CD, 21, 18, 96, 28, 0D, 34, 98, 
75, 0E, C0, AE, 26, 25, 57, E8,  D0, A7, 77, 61, 61, 57, 30, D8, 
4E, 96, 61, F2, 3E, 85, 01, 93,  0D, C7, 6D, FE, 56, A7, 97, 7E, 
70, 9D, D1, 07, D3, AA, AF, A6,  3F, E8, 46, C1, 44, AE, 26, 9F, 
68, D7, DD, DC, 07, 3D, 3F, 5C,  82, D7, E2, 8A, DE, DA, C1, AF, 
3E, 13, EE, 1A, 
Client -> Network
17, 
03, 03, 00, 50, 82, A4, 66, F9,  42, 21, 06, FC, 74, C6, 15, FE, 
98, F3, 35, 4B, 76, 8D, D0, 59,  E2, A8, CE, D0, 03, F6, 76, 53, 
94, 47, 1F, 66, 42, 5D, 19, 4F,  3E, A3, 1E, E9, AE, 5B, F3, 8D, 
34, 50, 27, 51, D8, 88, 39, 98,  D9, 0B, 39, 43, CF, 91, 7B, E1, 
9D, 62, 1B, F4, 40, 57, 53, 39,  59, CB, E3, DE, 9B, 24, 91, C9, 
AE, 9C, 20, 76, 
Server -> Network
17, 
03, 03, 00, 50, DB, CA, 03, F2,  86, 7B, C7, 0C, 9D, 3D, 43, F9, 
A4, 28, 35, A3, 40, E9, AB, 87,  03, 12, 1E, 54, 39, D9, EC, 16, 
FB, B5, 32, E2, 35, CD, 5C, E9,  AD, A6, 15, C7, 4C, A0, 8F, 5D, 
BC, 6E, 82, 70, 2A, 77, 18, F7,  57, 28, 79, 6A, A1, 67, 04, FF, 
7B, 05, 9F, 02, 95, B1, 4D, 20,  3D, 48, C4, FC, 53, 2D, 25, 27, 
72, EC, E2, 25, 
Client -> Network
16, 
03, 03, 00, 8B, 01, 00, 00, 87,  03, 03, F1, 6E, 23, 38, C3, 2D, 
DD, FD, 56, E1, C8, FE, 1F, 63,  D1, 11, BD, 6D, C2, E8, FA, 77, 
2C, 72, CD, 16, 72, 1A, E9, 23,  DA, 92, 00, 00, 02, 00, 67, 01, 
00, 00, 5C, 00, 0D, 00, 24, 00,  22, 04, 03, 05, 03, 06, 03, 08, 
04, 08, 05, 08, 06, 08, 09, 08,  0A, 08, 0B, 04, 01, 05, 01, 06, 
01, 03, 03, 03, 01, 02, 03, 02,  01, 02, 02, 00, 32, 00, 24, 00, 
22, 04, 03, 05, 03, 06, 03, 08,  04, 08, 05, 08, 06, 08, 09, 08, 
0A, 08, 0B, 04, 01, 05, 01, 06,  01, 03, 03, 03, 01, 02, 03, 02, 
01, 02, 02, 00, 2B, 00, 03, 02,  03, 03, FF, 01, 00, 01, 00, 
Server -> Network

Standard error

java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ARGUMENTS_BAD
	at sun.security.pkcs11.P11KeyPairGenerator.generateKeyPair(P11KeyPairGenerator.java:422)
	at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:697)
	at sun.security.ssl.DHKeyExchange$DHEPossession.generateDHKeyPair(DHKeyExchange.java:181)
	at sun.security.ssl.DHKeyExchange$DHEPossession.<init>(DHKeyExchange.java:139)
	at sun.security.ssl.DHKeyExchange$DHEPossessionGenerator.createPossession(DHKeyExchange.java:389)
	at sun.security.ssl.SSLKeyExchange$T12KeyAgreement.createPossession(SSLKeyExchange.java:376)
	at sun.security.ssl.SSLKeyExchange.createPossessions(SSLKeyExchange.java:89)
	at sun.security.ssl.ServerHello$T12ServerHelloProducer.chooseCipherSuite(ServerHello.java:433)
	at sun.security.ssl.ServerHello$T12ServerHelloProducer.produce(ServerHello.java:296)
	at sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:421)
	at sun.security.ssl.ClientHello$T12ClientHelloConsumer.consume(ClientHello.java:1009)
	at sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:716)
	at sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:682)
	at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:377)
	at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
	at sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:981)
	at sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:968)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:915)
	at TestTLS12$testTLS12SunPKCS11Communication.runDelegatedTasks(TestTLS12.java:363)
	at TestTLS12$testTLS12SunPKCS11Communication.run(TestTLS12.java:312)
	at TestTLS12.main(TestTLS12.java:92)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at com.sun.javatest.regtest.agent.MainWrapper$MainThread.run(MainWrapper.java:127)
	at java.lang.Thread.run(Thread.java:750)
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ARGUMENTS_BAD
	at sun.security.pkcs11.wrapper.PKCS11.C_GenerateKeyPair(Native Method)
	at sun.security.pkcs11.P11KeyPairGenerator.generateKeyPair(P11KeyPairGenerator.java:414)
	... 27 more

JavaTest Message: Test threw exception: java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ARGUMENTS_BAD
JavaTest Message: shutting down test

STATUS:Failed.`main' threw exception: java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ARGUMENTS_BAD

[sxa]

Also fails in the same way on Debian12: https://ci.adoptium.net/job/Grinder/10528/consoleFull

[sxa]

Series of tests with a CUSTOM_TARGET of sun/nio/cs/TestCharsetMapping.java sun/nio/cs/TestIBMBugs.java sun/nio/cs/TestCharsetMapping.java sun/nio/cs/TestIBMBugs.java sun/security/pkcs11/ec/TestCurves.java sun/security/pkcs11/Provider/Login.sh sun/security/pkcs11/Secmod/AddPrivateKey.java sun/security/pkcs11/Secmod/GetPrivateKey.java sun/security/pkcs11/Secmod/JksSetPrivateKey.java sun/security/pkcs11/Secmod/LoadKeystore.java sun/security/pkcs11/Secmod/TrustAnchors.java sun/security/tools/keytool/autotest.sh sun/security/pkcs11/ec/TestCurves.java sun/security/pkcs11/Provider/Login.sh sun/security/pkcs11/Secmod/AddPrivateKey.java sun/security/pkcs11/Secmod/GetPrivateKey.java sun/security/pkcs11/Secmod/JksSetPrivateKey.java sun/security/pkcs11/Secmod/LoadKeystore.java sun/security/pkcs11/Secmod/TrustAnchors.java sun/security/tools/keytool/autotest.sh sun/security/pkcs11/fips/TestTLS12.java to cover the issues linked in the titles of this table

Grinder	machine	sun/nio/cs	pkcs11	TestTLS12	autotest
10530	Ubu24.04 (P)	✅	✅	❌	✅
10531	AL2023	✅	❌	✅	❌
10532	Debian12	✅	✅	❌	✅
10533	UBI9	✅	❌	✅	❌
10534	UBI8	✅	✅	❌	✅
10535	Fedora39	✅	❌	✅	❌
10536	AL2023	✅	❌	✅	❌
10537	Ubu22.04	✅	✅	❌	✅
10538	Ubu20.04	✅	✅	❌	✅
10540	Ubu24.04	✅	✅	❌	✅
10541	Ubu16.04	✅	✅	✅	✅
10542	CentOS7	✅	✅	❌	✅
10543	RHEL8 (P)	✅	✅	❌	✅

[sxa]

Noting that the TestTLS12 tests were excluded for Linux/ppc64le ONLY at https://github.com/adoptium/aqa-tests/pull/4652/files
As per that issue - on Linux/ppc64le they fail on a centos74 system but pass on Ubuntu 20.04 (which is not consistent with the x64 failure in the table above)

EDIT: Test on Ubuntu 20.04/ppc64le is skipped with Test skipped: TLS 1.2 mechanisms not supported by current SunPKCS11 back-end

[sxa]

For reference as potentially related: https://bugs.openjdk.org/browse/JDK-8029661