Re: [9] RFR 8056026 Debug security logging should print Provider used for each crypto operation

Mon, 15 Sep 2014 08:14:21 -0700

Can you also add similar log messages for MessageDigest, SecureRandom, and KeyStore?
Otherwise looks good. Please add a noreg label. Also the fix is helpful to any platform and not just solaris/sparc so you should change those fields to be generic. 

--Sean

On 09/12/2014 11:11 AM, Vincent Ryan wrote:


Please review this change to display the JCE provider that has been
selected for common crypto operations.
This aids troubleshooting crypto applications when a given crypto
algorithm is supported by several JCE providers.
Some crypto operations delay selecting a provider until they examine the
key supplied in the init() method.
This fix also accommodates that behaviour.

The following crypto operations are supported: Cipher, KeyAgreement,
KeyGenerator, KeyPairGenerator, Mac and Signature.
To see these new messages, activate JCE provider debugging as normal.
For example,

% java -Djava.security.debug=provider MySSLClientApp
  :
Provider: Signature.SHA256withRSA verification from: SunRsaSign
Provider: Signature.SHA256withRSA verification from: SunRsaSign
Provider: Signature.SHA256withRSA verification from: SunRsaSign
Provider: Signature.SHA1withDSA verification from: SunPKCS11-Solaris
Provider: Signature.SHA1withDSA verification from: SunPKCS11-Solaris
Provider: Signature.MD5withRSA verification from: SunPKCS11-Solaris
Provider: Signature.MD5withRSA verification from: SunPKCS11-Solaris
Provider: Signature.SHA256withRSA verification from: SunRsaSign
Provider: Signature.SHA256withRSA verification from: SunRsaSign
Provider: KeyPairGenerator.EC from: SunPKCS11-Solaris
Provider: Signature.SHA256withRSA verification from: SunRsaSign
Provider: Signature.SHA256withRSA verification from: SunRsaSign
Provider: Cipher.AES/GCM/NoPadding encryption from: SunJCE
Provider: KeyGenerator.SunTls12RsaPremasterSecret from: SunJCE
Provider: Cipher.RSA/ECB/PKCS1Padding key wrapping from: SunPKCS11-Solaris
Provider: KeyGenerator.SunTls12MasterSecret from: SunJCE
Provider: KeyGenerator.SunTls12KeyMaterial from: SunJCE
Provider: Signature.SHA512withRSA signing from: SunPKCS11-Solaris
Provider: KeyGenerator.SunTls12Prf from: SunJCE
Provider: Cipher.AES/GCM/NoPadding encryption from: SunJCE
Provider: Cipher.AES/GCM/NoPadding decryption from: SunJCE
Provider: KeyGenerator.SunTls12Prf from: SunJCE
Provider: Cipher.AES/GCM/NoPadding encryption from: SunJCE
Provider: Cipher.AES/GCM/NoPadding encryption from: SunJCE
Provider: Cipher.AES/GCM/NoPadding decryption from: SunJCE
Provider: KeyGenerator.SunTls12KeyMaterial from: SunJCE
Provider: Cipher.AES/GCM/NoPadding decryption from: SunJCE
Provider: Cipher.AES/GCM/NoPadding decryption from: SunJCE
Provider: KeyGenerator.SunTls12Prf from: SunJCE
Provider: KeyGenerator.SunTls12Prf from: SunJCE
Provider: Cipher.AES/GCM/NoPadding encryption from: SunJCE
Provider: Cipher.AES/GCM/NoPadding encryption from: SunJCE
Provider: Cipher.AES/GCM/NoPadding decryption from: SunJCE
Provider: Cipher.AES/GCM/NoPadding decryption from: SunJCE
Provider: Cipher.AES/GCM/NoPadding decryption from: SunJCE
Provider: Cipher.AES/GCM/NoPadding encryption from: SunJCE
  :


Thanks.

Bug: https://bugs.openjdk.java.net/browse/JDK-8056026
Webrev: http://cr.openjdk.java.net/~vinnie/8056026/webrev.00/






















					Reply via email to