changeset 10237:44b89a35be6e

8046046: Test sun/security/pkcs11/Signature/TestDSAKeyLength.java fails intermittently on Solaris 11 in 8u40 nightly Summary: Override the upper limit to 1024 for SHA1withDSA when larger DSA key size is supported. Reviewed-by: mullan, ascarpino
author valeriep
date Tue, 01 Jul 2014 20:35:30 +0000
parents 8fb53507cc6e
children c2e818a8d678
files src/share/classes/sun/security/pkcs11/P11Signature.java
diffstat 1 files changed, 5 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/pkcs11/P11Signature.java	Tue Jul 01 10:20:56 2014 -0700
+++ b/src/share/classes/sun/security/pkcs11/P11Signature.java	Tue Jul 01 20:35:30 2014 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -340,7 +340,10 @@
         }
         int minKeySize = (int) mechInfo.ulMinKeySize;
         int maxKeySize = (int) mechInfo.ulMaxKeySize;
-
+        // need to override the MAX keysize for SHA1withDSA
+        if (md != null && mechanism == CKM_DSA && maxKeySize > 1024) {
+               maxKeySize = 1024;
+        }
         int keySize = 0;
         if (key instanceof P11Key) {
             keySize = ((P11Key) key).length();