-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
8325254: CKA_TOKEN private and secret keys are not necessarily sensitive #17712
Conversation
👋 Welcome back mbalao! A progress list of the required criteria for merging this PR into |
Your change looks good to me. It makes sense. What testing has been done? |
Hi @mcpowers , Thanks for having a look at this proposal. I ran a regression over jdk/sun/security/pkcs11 which exercises the code with the NSS Software Token, and all 111 tests passed. In addition, I asked the people who originally reported this bug to me to do some tests to confirm that JDK-8271566 introduced an observable change in behavior for the KeyStore::getKey public API. These tests included a CKA_TOKEN = TRUE, CKA_SENSITIVE = FALSE, CKA_EXTRACTABLE = TRUE case where we could see how 8271566 made their hardware token to return an opaque key instead of one with all the information. I am personally confident about this change, which does nothing more than returning to pre-8271566 behavior for non-NSS tokens and keeping the new behavior for NSS. If someone has more hardware tokens to test, I'd appreciate any additional feedback. Martin.- |
Since the existing tests use NSS, the change should not cause any difference. Just curious, do you know what PKCS11 library/impl the reporter uses? Would be nice to include it into the bug record as additional information. |
@martinuy This change now passes all automated pre-integration checks. ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details. After integration, the commit message for the final commit will be:
You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed. At the time when this comment was updated there had been 25 new commits pushed to the
As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details. ➡️ To integrate this PR with the above commit message to the |
Hi @valeriepeng , Thanks for having a look at this.
Yes, good idea. I'll add it to the ticket. |
/integrate |
Going to push as commit 0f5f3c9.
Your commit was automatically rebased without conflicts. |
Hi,
May I have a review for this fix to JDK-8325254?
With this change, CKA_TOKEN = true is used as an indicator of a sensitive private key (opaque) only if the token is NSS. The behavior previous to JDK-8271566 is restored for non-NSS tokens.
No regressions observed in jdk/sun/security/pkcs11.
Progress
Issue
Reviewers
Reviewing
Using
git
Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/17712/head:pull/17712
$ git checkout pull/17712
Update a local copy of the PR:
$ git checkout pull/17712
$ git pull https://git.openjdk.org/jdk.git pull/17712/head
Using Skara CLI tools
Checkout this PR locally:
$ git pr checkout 17712
View PR using the GUI difftool:
$ git pr show -t 17712
Using diff file
Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/17712.diff
Webrev
Link to Webrev Comment