Skip to content

Commit

Permalink
8325254: CKA_TOKEN private and secret keys are not necessarily sensitive
Browse files Browse the repository at this point in the history
Backport-of: 0f5f3c9b9718c610406088327401210486447462
  • Loading branch information
martinuy committed Feb 27, 2024
1 parent 3c0b302 commit 7bd9062
Showing 1 changed file with 3 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -395,8 +395,9 @@ static PrivateKey privateKey(Session session, long keyID, String algorithm,
new CK_ATTRIBUTE(CKA_EXTRACTABLE),
});

boolean keySensitive = (attrs[0].getBoolean() ||
attrs[1].getBoolean() || !attrs[2].getBoolean());
boolean keySensitive =
(attrs[0].getBoolean() && P11Util.isNSS(session.token)) ||
attrs[1].getBoolean() || !attrs[2].getBoolean();

switch (algorithm) {
case "RSA":
Expand Down

1 comment on commit 7bd9062

@openjdk-notifier
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.