From owner-freebsd-java@freebsd.org Thu Sep 10 15:34:11 2015 Return-Path: Delivered-To: freebsd-java@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BE26CA00B2E for ; Thu, 10 Sep 2015 15:34:11 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id A6B441E61 for ; Thu, 10 Sep 2015 15:34:11 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id A6121A00B2C; Thu, 10 Sep 2015 15:34:11 +0000 (UTC) Delivered-To: java@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A59A5A00B2B for ; Thu, 10 Sep 2015 15:34:11 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 95ABE1E60 for ; Thu, 10 Sep 2015 15:34:11 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id t8AFYBKc084149 for ; Thu, 10 Sep 2015 15:34:11 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: java@FreeBSD.org Subject: maintainer-feedback requested: [Bug 203017] java/openjdk8: unlimited strength policy option not working Date: Thu, 10 Sep 2015 15:34:11 +0000 X-Bugzilla-Type: request Message-ID: In-Reply-To: References: X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-java@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting Java to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Sep 2015 15:34:11 -0000 lapo@lapo.it has reassigned Bugzilla Automation 's request for maintainer-feedback to java@FreeBSD.org: Bug 203017: java/openjdk8: unlimited strength policy option not working https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D203017 --- Description --- I didn't verify in depth yet, but it seems to me that openjdk8 unlimited cr= ypto option is not working correctly, as I have the following exception which I don't have using openjdk7: [http-nio-80-exec-6] ERROR 2015-09-10 16:44:16,764 Tile - Errore com.andxor.pki.SigningException: Unable to add authentication data: key inv= alid in message. at com.andxor.pki.CMSSigner.internalSign(CMSSigner.java:425) at com.andxor.pki.CMSSigner.sign(CMSSigner.java:430) at com.andxor.pki.CMSSigner.sign(CMSSigner.java:490) at com.andxor.pki.CMSSigner.predictP7SSize(CMSSigner.java:530) at com.andxor.pki.CMSSigner.predictP7SSize(CMSSigner.java:501) at com.andxor.pki.PDFSigner.sign(PDFSigner.java:438) at com.andxor.pki.PDFSigner.sign(PDFSigner.java:396) at com.andxor.pdf.web.Tile.doPost(Tile.java:529) at javax.servlet.http.HttpServlet.service(HttpServlet.java:644) at javax.servlet.http.HttpServlet.service(HttpServlet.java:725) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicatio= nFil terChain.java:291) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterC= hain .java:206) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicatio= nFil terChain.java:239) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterC= hain .java:206) at com.andxor.pdf.web.CacheFilter.doFilter(CacheFilter.java:27) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicatio= nFil terChain.java:239) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterC= hain .java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.j= ava: 219) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.j= ava: 106) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBas= e.ja va:501) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:14= 2) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogV= alve .java:610) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.jav= a:88 ) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:516) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Proc= esso r.java:1086) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(Abstra= ctPr otocol.java:659) at org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.process(= Http 11NioProtocol.java:223) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.ja= va:1 558) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java= :151 5) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1= 142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:= 617) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.j= ava: 61) at java.lang.Thread.run(Thread.java:745) Caused by: com.andxor.pki.SigningException: Unable to add authentication da= ta: key invalid in message. at com.andxor.pki.CMSSigner.addAuthenticationData(CMSSigner.java:641) at com.andxor.pki.CMSSigner.internalSign(CMSSigner.java:413) ... 34 more Caused by: org.bouncycastle.cms.CMSException: key invalid in message. at org.bouncycastle.cms.CMSEnvelopedDataGenerator.generate(Unknown Source) at org.bouncycastle.cms.CMSEnvelopedDataGenerator.generate(Unknown Source) at com.andxor.pki.Ciphers.encrypt(Ciphers.java:38) at com.andxor.pki.CMSSigner.addAuthenticationData(CMSSigner.java:636) ... 35 more Caused by: java.security.InvalidKeyException: The key must be 256 bits at com.sun.crypto.provider.AESCipher.checkKeySize(AESCipher.java:158) at com.sun.crypto.provider.AESCipher.engineInit(AESCipher.java:346) at javax.crypto.Cipher.init(Cipher.java:1537) ... 39 more=