Mercurial Mercurial > jdk-sandbox / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
test/jdk/sun/security/pkcs11/README
changeset 47216 71c04702a3d5
parent 19067 5271291b7121
child 51460 97e361fe3433 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/sun/security/pkcs11/README	Tue Sep 12 19:03:39 2017 +0200
@@ -0,0 +1,22 @@
+This README is to keep a list facts and known workaround for the pkcs11 java tests
+perform as a result of bugs or features in NSS or other pkcs11 libraries.
+
+- NSS ECC None/Basic/Extended
+The tests detect the NSS library support for Elliptic Curves as to not
+report incorrect failures.  PKCS11 reports back CKR_DOMAIN_PARAMS_INVALID
+when the curve is not supported.
+
+- Default libsoftokn3.so
+By default PKCS11Test.java will look for libsoftokn3.so.  There are a number of
+tests, particularly in Secmod, that need libnss3.so.  The method useNSS() in
+PKCS11test.java is to change the search and version checking to libnss3.
+
+ECC Basic supports is secp256r1, secp384r1, and secp521r1.
+
+- A bug in NSS 3.12 (Mozilla bug 471665) causes AES key lengths to be
+read incorrectly. KeyStore/SecretKeysBasic.java tiggers this bug and
+knows to avoid it.
+
+- A number of EC tests fail because of a DER bug in NSS 3.11.  The best guess
+is Mozilla bug 480280.  Those tests that abort execution with a PASS result
+are:  TestECDH2, TestECDSA, TestECDSA2 and TestECGenSpec.
jdk-sandbox