Update the OpenJDK exclude tests list for FIPS

[WilburZjh]

The FIPS mode has restrictive security configurations, so update the OpenJDK exclude tests list “ProblemList-fips.txt” for the FIPS testing.

[WilburZjh]

Exclude tests list from sanity.openjdk

java.security.NoSuchProviderException: no such provider: SunRsaSign

• java/math/BigInteger/ModPow65537.java.ModPow65537

Existing Jars sign related

• java/util/jar/JarFile/ScanSignedJar.java.ScanSignedJar
• java/util/jar/JarFile/TurkCert.java.TurkCert
• java/util/jar/JarInputStream/ScanSignedJar.java.ScanSignedJar
• java/util/jar/JarInputStream/TestIndexedJarWithBadSignature.java.TestIndexedJarWithBadSignature

-keystore ks -storepass changeit -keypass changeit -keyalg rsa -alias a -dname CN=A -genkeypair keytool error: java.security.KeyStoreException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ATTRIBUTE_VALUE_INVALID

• java/util/jar/JarInputStream/ExtraFileInMetaInf.java.ExtraFileInMetaInf

[WilburZjh]

Exclude tests list from extended.openjdk

java.security.KeyStoreException: JCEKS not found

• sun/security/tools/jarsigner/TsacertOptionTest.java.TsacertOptionTest

java.security.KeyStoreException: JKS not found java.security.NoSuchAlgorithmException: JKS KeyStore not available

• java/security/KeyStore/CheckInputStream.java.CheckInputStream
• java/security/KeyStore/KeyStoreBuilder.java.KeyStoreBuilder
• java/security/KeyStore/PBETest.java.PBETest
• java/security/KeyStore/PKCS12/CheckDefaults.java.CheckDefaults
• java/security/KeyStore/PKCS12/WriteP12Test.java.WriteP12Test
• java/security/KeyStore/TestKeyStoreBasic.java.TestKeyStoreBasic
• java/security/KeyStore/TestKeystoreCompat.java.TestKeystoreCompat
• java/security/Policy/SignedJar/SignedJarTest.java.SignedJarTest
• javax/net/ssl/ALPN/SSLEngineAlpnTest.java.SSLEngineAlpnTest
• javax/net/ssl/ALPN/SSLServerSocketAlpnTest.java.SSLServerSocketAlpnTest
• javax/net/ssl/ALPN/SSLSocketAlpnTest.java.SSLSocketAlpnTest
• javax/net/ssl/ciphersuites/ECCurvesconstraints.java.ECCurvesconstraints
• javax/net/ssl/compatibility/ClientHelloProcessing.java.ClientHelloProcessing
• javax/net/ssl/FixingJavadocs/KMTMGetNothing.java.KMTMGetNothing
• javax/net/ssl/FixingJavadocs/SSLSessionNulls.java.SSLSessionNulls
• javax/net/ssl/interop/ClientHelloBufferUnderflowException.java.ClientHelloBufferUnderflowException
• javax/net/ssl/interop/ClientHelloChromeInterOp.java.ClientHelloChromeInterOp
• javax/net/ssl/sanity/ciphersuites/SystemPropCipherSuitesOrder.java.SystemPropCipherSuitesOrder
• javax/net/ssl/sanity/ciphersuites/TLSCipherSuitesOrder.java.TLSCipherSuitesOrder
• javax/net/ssl/sanity/interop/ClientJSSEServerJSSE.java.ClientJSSEServerJSSE
• javax/net/ssl/ServerName/SSLEngineExplorer.java.SSLEngineExplorer
• javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java.SSLEngineExplorerMatchedSNI
• javax/net/ssl/ServerName/SSLEngineExplorerUnmatchedSNI.java.SSLEngineExplorerUnmatchedSNI
• javax/net/ssl/ServerName/SSLEngineExplorerWithCli.java.SSLEngineExplorerWithCli
• javax/net/ssl/ServerName/SSLEngineExplorerWithSrv.java.SSLEngineExplorerWithSrv
• javax/net/ssl/ServerName/SSLSocketSNISensitive.java.SSLSocketSNISensitive
• javax/net/ssl/SSLEngine/ArgCheck.java.ArgCheck
• javax/net/ssl/SSLEngine/Arrays.java.Arrays
• javax/net/ssl/SSLEngine/ExtendedKeyEngine.java.ExtendedKeyEngine
• javax/net/ssl/SSLEngine/ExtendedKeySocket.java.ExtendedKeySocket
• javax/net/ssl/SSLEngine/LargeBufs.java.LargeBufs
• javax/net/ssl/SSLEngine/LargePacket.java.LargePacket
• javax/net/ssl/SSLEngine/NoAuthClientAuth.java.NoAuthClientAuth
• javax/net/ssl/SSLSession/RenegotiateTLS13.java.RenegotiateTLS13
• javax/net/ssl/SSLSession/ResumeTLS13withSNI.java.ResumeTLS13withSNI
• javax/net/ssl/SSLSession/SessionCacheSizeTests.java.SessionCacheSizeTests
• javax/net/ssl/SSLSession/SessionTimeOutTests.java.SessionTimeOutTests
• javax/net/ssl/SSLSession/SSLCtxAccessToSessCtx.java.SSLCtxAccessToSessCtx
• javax/net/ssl/SSLSession/TestEnabledProtocols.java.TestEnabledProtocols
• javax/net/ssl/SSLSocket/InputStreamClosure.java.InputStreamClosure
• javax/net/ssl/SSLSocket/OutputStreamClosure.java.OutputStreamClosure
• javax/net/ssl/SSLSocket/Tls13PacketSize.java.Tls13PacketSize
• javax/net/ssl/templates/SSLEngineTemplate.java.SSLEngineTemplate
• javax/net/ssl/templates/SSLSocketSSLEngineTemplate.java.SSLSocketSSLEngineTemplate
• javax/net/ssl/templates/SSLSocketTemplate.java.SSLSocketTemplate
• javax/net/ssl/TLS/TestJSSEClientDefaultProtocol.java.TestJSSEClientDefaultProtocol
• javax/net/ssl/TLS/TestJSSEClientProtocol.java.TestJSSEClientProtocol
• javax/net/ssl/TLS/TestJSSENoCommonProtocols.java.TestJSSENoCommonProtocols
• javax/net/ssl/TLS/TestJSSEServerProtocol.java.TestJSSEServerProtocol
• javax/net/ssl/TLS/TLSDataExchangeTest.java.TLSDataExchangeTest
• javax/net/ssl/TLS/TLSEnginesClosureTest.java.TLSEnginesClosureTest
• javax/net/ssl/TLS/TLSHandshakeTest.java.TLSHandshakeTest
• javax/net/ssl/TLS/TLSMFLNTest.java.TLSMFLNTest
• javax/net/ssl/TLS/TLSNotEnabledRC4Test.java.TLSNotEnabledRC4Test
• javax/net/ssl/TLS/TLSRehandshakeTest.java.TLSRehandshakeTest
• javax/net/ssl/TLS/TLSRehandshakeWithCipherChangeTest.java.TLSRehandshakeWithCipherChangeTest
• javax/net/ssl/TLS/TLSRehandshakeWithDataExTest.java.TLSRehandshakeWithDataExTest
• javax/net/ssl/TLS/TLSUnsupportedCiphersTest.java.TLSUnsupportedCiphersTest
• javax/net/ssl/TLSv1/TLSDataExchangeTest.java.TLSDataExchangeTest
• javax/net/ssl/TLSv1/TLSEnginesClosureTest.java.TLSEnginesClosureTest
• javax/net/ssl/TLSv1/TLSHandshakeTest.java.TLSHandshakeTest
• javax/net/ssl/TLSv1/TLSMFLNTest.java.TLSMFLNTest
• javax/net/ssl/TLSv1/TLSNotEnabledRC4Test.java.TLSNotEnabledRC4Test
• javax/net/ssl/TLSv1/TLSRehandshakeTest.java.TLSRehandshakeTest
• javax/net/ssl/TLSv1/TLSRehandshakeWithCipherChangeTest.java.TLSRehandshakeWithCipherChangeTest
• javax/net/ssl/TLSv1/TLSRehandshakeWithDataExTest.java.TLSRehandshakeWithDataExTest
• javax/net/ssl/TLSv1/TLSUnsupportedCiphersTest.java.TLSUnsupportedCiphersTest
• javax/net/ssl/TLSv11/EmptyCertificateAuthorities.java.EmptyCertificateAuthorities
• javax/net/ssl/TLSv11/TLSDataExchangeTest.java.TLSDataExchangeTest
• javax/net/ssl/TLSv11/TLSEnginesClosureTest.java.TLSEnginesClosureTest
• javax/net/ssl/TLSv11/TLSHandshakeTest.java.TLSHandshakeTest
• javax/net/ssl/TLSv11/TLSMFLNTest.java.TLSMFLNTest
• javax/net/ssl/TLSv11/TLSNotEnabledRC4Test.java.TLSNotEnabledRC4Test
• javax/net/ssl/TLSv11/TLSRehandshakeTest.java.TLSRehandshakeTest
• javax/net/ssl/TLSv11/TLSRehandshakeWithCipherChangeTest.java.TLSRehandshakeWithCipherChangeTest
• javax/net/ssl/TLSv11/TLSRehandshakeWithDataExTest.java.TLSRehandshakeWithDataExTest
• javax/net/ssl/TLSv11/TLSUnsupportedCiphersTest.java.TLSUnsupportedCiphersTest
• javax/net/ssl/TLSv12/DisabledShortDSAKeys.java.DisabledShortDSAKeys
• javax/net/ssl/TLSv12/DisabledShortRSAKeys.java.DisabledShortRSAKeys
• javax/net/ssl/TLSv12/ShortRSAKey512.java.ShortRSAKey512
• javax/net/ssl/TLSv12/ShortRSAKeyGCM.java.ShortRSAKeyGCM
• javax/net/ssl/TLSv12/SignatureAlgorithms.java.SignatureAlgorithms
• javax/net/ssl/TLSv12/TLSEnginesClosureTest.java.TLSEnginesClosureTest
• sun/security/pkcs11/rsa/TestKeyFactory.java.TestKeyFactory
• sun/security/pkcs11/rsa/TestSignatures.java.TestSignatures
• sun/security/provider/KeyStore/CaseSensitiveAliases.java.CaseSensitiveAliases
• sun/security/provider/KeyStore/TestJKSWithSecretKey.java.TestJKSWithSecretKey
• sun/security/provider/KeyStore/WrongPassword.java.WrongPassword
• sun/security/provider/X509Factory/BadPem.java.BadPem
• sun/security/provider/X509Factory/BigCRL.java.BigCRL
• sun/security/rsa/TestKeyFactory.java.TestKeyFactory
• sun/security/rsa/TestSignatures.java.TestSignatures
• sun/security/ssl/ALPN/AlpnGreaseTest.java.AlpnGreaseTest
• sun/security/ssl/CertPathRestrictions/TLSRestrictions.java.TLSRestrictions
• sun/security/ssl/ClientHandshaker/LengthCheckTest.java.LengthCheckTest
• sun/security/ssl/ClientHandshaker/RSAExport.java.RSAExport
• sun/security/ssl/DHKeyExchange/DHEKeySizing.java.DHEKeySizing
• sun/security/ssl/DHKeyExchange/UseStrongDHSizes.java.UseStrongDHSizes
• sun/security/ssl/EngineArgs/DebugReportsOneExtraByte.java.DebugReportsOneExtraByte
• sun/security/ssl/GenSSLConfigs/main.java.main
• sun/security/ssl/HandshakeOutStream/NullCerts.java.NullCerts
• sun/security/ssl/InputRecord/ClientHelloRead.java.ClientHelloRead
• sun/security/ssl/ServerHandshaker/AnonCipherWithWantClientAuth.java.AnonCipherWithWantClientAuth
• sun/security/ssl/ServerHandshaker/GetPeerHost.java.GetPeerHost
• sun/security/ssl/ServerHandshaker/HelloExtensionsTest.java.HelloExtensionsTest
• sun/security/ssl/SignatureScheme/CustomizedClientSchemes.java.CustomizedClientSchemes
• sun/security/ssl/SignatureScheme/CustomizedServerSchemes.java.CustomizedServerSchemes
• sun/security/ssl/SignatureScheme/Tls13NamedGroups.java.Tls13NamedGroups
• sun/security/ssl/SSLContextImpl/MD2InTrustAnchor.java.MD2InTrustAnchor
• sun/security/ssl/SSLContextImpl/TrustTrustedCert.java.TrustTrustedCert
• sun/security/ssl/SSLEngineImpl/CloseEngineException.java.CloseEngineException
• sun/security/ssl/SSLEngineImpl/CloseStart.java.CloseStart
• sun/security/ssl/SSLEngineImpl/DelegatedTaskWrongException.java.DelegatedTaskWrongException
• sun/security/ssl/SSLEngineImpl/EmptyExtensionData.java.EmptyExtensionData
• sun/security/ssl/SSLEngineImpl/EngineEnforceUseClientMode.java.EngineEnforceUseClientMode
• sun/security/ssl/SSLEngineImpl/RehandshakeFinished.java.RehandshakeFinished
• sun/security/ssl/SSLEngineImpl/SSLEngineBadBufferArrayAccess.java.SSLEngineBadBufferArrayAccess
• sun/security/ssl/SSLEngineImpl/SSLEngineDeadlock.java.SSLEngineDeadlock
• sun/security/ssl/SSLEngineImpl/SSLEngineFailedALPN.java.SSLEngineFailedALPN
• sun/security/ssl/SSLEngineImpl/SSLEngineKeyLimit.java.SSLEngineKeyLimit
• sun/security/ssl/SSLEngineImpl/TLS13BeginHandshake.java.TLS13BeginHandshake
• sun/security/ssl/SSLSocketImpl/ClientSocketCloseHang.java.ClientSocketCloseHang
• sun/security/ssl/SSLSocketImpl/SSLExceptionForIOIssue.java.SSLExceptionForIOIssue
• sun/security/ssl/SSLSocketImpl/SSLSocketBruceForceClose.java.SSLSocketBruceForceClose
• sun/security/ssl/SSLSocketImpl/SSLSocketClose.java.SSLSocketClose
• sun/security/ssl/SSLSocketImpl/SSLSocketKeyLimit.java.SSLSocketKeyLimit
• sun/security/ssl/X509KeyManager/CertificateAuthorities.java.CertificateAuthorities
• sun/security/ssl/X509KeyManager/PreferredKey.java.PreferredKey
• sun/security/ssl/X509KeyManager/SelectOneKeyOutOfMany.java.SelectOneKeyOutOfMany
• sun/security/ssl/X509TrustManagerImpl/BasicConstraints.java.BasicConstraints
• sun/security/ssl/X509TrustManagerImpl/CertRequestOverflow.java.CertRequestOverflow
• sun/security/ssl/X509TrustManagerImpl/CheckNullEntity.java.CheckNullEntity
• sun/security/ssl/X509TrustManagerImpl/ComodoHacker.java.ComodoHacker
• sun/security/ssl/X509TrustManagerImpl/PKIXExtendedTM.java.PKIXExtendedTM
• sun/security/ssl/X509TrustManagerImpl/SelfIssuedCert.java.SelfIssuedCert
• sun/security/ssl/X509TrustManagerImpl/SunX509ExtendedTM.java.SunX509ExtendedTM
• sun/security/ssl/X509TrustManagerImpl/TooManyCAs.java.TooManyCAs
• sun/security/ssl/X509TrustManagerImpl/X509ExtendedTMEnabled.java.X509ExtendedTMEnabled
• sun/security/tools/keytool/StartDateTest.java.StartDateTest

no such algorithm: DSA for provider SUN

• java/security/KeyRep/Serial.java.Serial
• java/security/KeyRep/SerialDSAPubKey.java.SerialDSAPubKey
• java/security/Signature/ByteBuffers.java.ByteBuffers
• java/security/Signature/TestInitSignWithMyOwnRandom.java.TestInitSignWithMyOwnRandom
• java/security/SignedObject/Copy.java.Copy
• sun/security/pkcs/pkcs8/TestLeadingZeros.java.TestLeadingZeros
• sun/security/provider/DSA/SupportedDSAParamGen.java.SupportedDSAParamGen
• sun/security/provider/DSA/TestAlgParameterGenerator.java.TestAlgParameterGenerator
• sun/security/provider/DSA/TestDSA.java.TestDSA
• sun/security/provider/DSA/TestDSA2.java.TestDSA2
• sun/security/provider/DSA/TestKeyPairGenerator.java.TestKeyPairGenerator
• sun/security/provider/DSA/TestLegacyDSAKeyPairGenerator.java.TestLegacyDSAKeyPairGenerator
• sun/security/provider/NSASuiteB/TestDSAGenParameterSpec.java.TestDSAGenParameterSpec
• sun/security/provider/NSASuiteB/TestSHAwithDSASignatureOids.java.TestSHAwithDSASignatureOids

Hard code provider SunJCE

• com/sun/crypto/provider/CICO/CICODESFuncTest.java.CICODESFuncTest
• com/sun/crypto/provider/CICO/PBEFunc/CICOPBEFuncTest.java.CICOPBEFuncTest
• com/sun/crypto/provider/Cipher/AEAD/Encrypt.java.Encrypt
• com/sun/crypto/provider/Cipher/AEAD/SameBuffer.java.SameBuffer
• com/sun/crypto/provider/Cipher/AES/TestCopySafe.java.TestCopySafe
• com/sun/crypto/provider/Cipher/PBE/PBESameBuffer/PBESameBuffer.java.PBESameBuffer
• com/sun/crypto/provider/Cipher/PBE/PBESealedObject.java.PBESealedObject
• com/sun/crypto/provider/Cipher/PBE/PKCS12Cipher.java.PKCS12Cipher
• com/sun/crypto/provider/Cipher/PBE/PKCS12CipherKAT.java.PKCS12CipherKAT
• com/sun/crypto/provider/Cipher/PBE/TestCipherKeyWrapperPBEKey.java.TestCipherKeyWrapperPBEKey
• com/sun/crypto/provider/Cipher/PBE/TestCipherPBECons.java.TestCipherPBECons
• com/sun/crypto/provider/Cipher/RC2ArcFour/CipherKAT.java.CipherKAT
• com/sun/crypto/provider/Cipher/RSA/TestOAEP.java.TestOAEP
• com/sun/crypto/provider/Cipher/RSA/TestOAEP_KAT.java.TestOAEP_KAT
• com/sun/crypto/provider/Cipher/RSA/TestOAEPPadding.java.TestOAEPPadding
• com/sun/crypto/provider/Cipher/RSA/TestOAEPParameterSpec.java.TestOAEPParameterSpec
• com/sun/crypto/provider/Cipher/RSA/TestOAEPWithParams.java.TestOAEPWithParams
• com/sun/crypto/provider/Cipher/RSA/TestRSA.java.TestRSA
• com/sun/crypto/provider/Mac/HmacSaltLengths.java.HmacSaltLengths
• com/sun/crypto/provider/Mac/MacKAT.java.MacKAT
• com/sun/crypto/provider/TLS/TestKeyMaterial.java.TestKeyMaterial
• com/sun/crypto/provider/TLS/TestMasterSecret.java.TestMasterSecret
• com/sun/crypto/provider/TLS/TestPremaster.java.TestPremaster
• com/sun/crypto/provider/TLS/TestPRF.java.TestPRF
• com/sun/crypto/provider/TLS/TestPRF12.java.TestPRF12
• java/security/Security/removing/RemoveStaticProvider.java.RemoveStaticProvider
• javax/crypto/CryptoPermission/AllPermCheck.java.AllPermCheck
• javax/crypto/CryptoPermission/LowercasePermCheck.java.LowercasePermCheck
• javax/crypto/CryptoPermission/RC2PermCheck.java.RC2PermCheck
• javax/crypto/CryptoPermission/RC4AliasPermCheck.java.RC4AliasPermCheck
• javax/crypto/CryptoPermission/RSANoLimit.java.RSANoLimit
• javax/crypto/EncryptedPrivateKeyInfo/GetKeySpec.java.GetKeySpec
• javax/crypto/EncryptedPrivateKeyInfo/GetKeySpecException.java.GetKeySpecException
• javax/crypto/EncryptedPrivateKeyInfo/GetKeySpecInvalidEncoding.java.GetKeySpecInvalidEncoding

no such provider: SunJCE

• com/sun/crypto/provider/Cipher/AEAD/GCMLargeDataKAT.java.GCMLargeDataKAT
• com/sun/crypto/provider/Cipher/AEAD/GCMParameterSpecTest.java.GCMParameterSpecTest
• com/sun/crypto/provider/Cipher/AEAD/KeyWrapper.java.KeyWrapper
• com/sun/crypto/provider/Cipher/AEAD/ReadWriteSkip.java.ReadWriteSkip
• com/sun/crypto/provider/Cipher/AEAD/SealedObjectTest.java.SealedObjectTest
• com/sun/crypto/provider/Cipher/AEAD/WrongAAD.java.WrongAAD
• com/sun/crypto/provider/Cipher/AES/CICO.java.CICO
• com/sun/crypto/provider/Cipher/AES/CTR.java.CTR
• com/sun/crypto/provider/Cipher/AES/Padding.java.Padding
• com/sun/crypto/provider/Cipher/AES/TestAESCipher.java.TestAESCipher
• com/sun/crypto/provider/Cipher/AES/TestAESCiphers/TestAESWithDefaultProvider.java.TestAESWithDefaultProvider
• com/sun/crypto/provider/Cipher/AES/TestCICOWithGCM.java.TestCICOWithGCM
• com/sun/crypto/provider/Cipher/AES/TestCICOWithGCMAndAAD.java.TestCICOWithGCMAndAAD
• com/sun/crypto/provider/Cipher/AES/TestGCMKeyAndIvCheck.java.TestGCMKeyAndIvCheck
• com/sun/crypto/provider/Cipher/AES/TestISO10126Padding.java.TestISO10126Padding
• com/sun/crypto/provider/Cipher/AES/TestKATForGCM.java.TestKATForGCM
• com/sun/crypto/provider/Cipher/AES/TestNonexpanding.java.TestNonexpanding
• com/sun/crypto/provider/Cipher/AES/TestSameBuffer.java.TestSameBuffer
• com/sun/crypto/provider/Cipher/AES/TestShortBuffer.java.TestShortBuffer
• com/sun/crypto/provider/Cipher/Blowfish/TestCipherBlowfish.java.TestCipherBlowfish
• com/sun/crypto/provider/Cipher/CTR/CounterMode.java.CounterMode
• com/sun/crypto/provider/Cipher/CTS/CTSMode.java.CTSMode
• com/sun/crypto/provider/Cipher/DES/DESSecretKeySpec.java.DESSecretKeySpec
• com/sun/crypto/provider/Cipher/DES/KeyWrapping.java.KeyWrapping
• com/sun/crypto/provider/Cipher/DES/PaddingTest.java.PaddingTest
• com/sun/crypto/provider/Cipher/DES/TestCipherDES.java.TestCipherDES
• com/sun/crypto/provider/Cipher/DES/TestCipherDESede.java.TestCipherDESede
• com/sun/crypto/provider/Cipher/DES/TextPKCS5PaddingTest.java.TextPKCS5PaddingTest
• com/sun/crypto/provider/Cipher/KeyWrap/NISTWrapKAT.java.NISTWrapKAT
• com/sun/crypto/provider/Cipher/KeyWrap/XMLEncKAT.java.XMLEncKAT
• com/sun/crypto/provider/Cipher/PBE/DecryptWithoutParameters.java.DecryptWithoutParameters
• com/sun/crypto/provider/Cipher/PBE/NegativeLength.java.NegativeLength
• com/sun/crypto/provider/Cipher/PBE/PBEKeysAlgorithmNames.java.PBEKeysAlgorithmNames
• com/sun/crypto/provider/Cipher/PBE/PKCS12Oid.java.PKCS12Oid
• com/sun/crypto/provider/Cipher/UTIL/StrongOrUnlimited.java.StrongOrUnlimited
• com/sun/crypto/provider/KeyAgreement/DHGenSecretKey.java.DHGenSecretKey
• com/sun/crypto/provider/KeyAgreement/DHKeyAgreement2.java.DHKeyAgreement2
• com/sun/crypto/provider/KeyAgreement/SameDHKeyStressTest.java.SameDHKeyStressTest
• com/sun/crypto/provider/KeyAgreement/SupportedDHKeys.java.SupportedDHKeys
• com/sun/crypto/provider/KeyAgreement/SupportedDHParamGens.java.SupportedDHParamGens
• com/sun/crypto/provider/KeyAgreement/TestExponentSize.java.TestExponentSize
• com/sun/crypto/provider/KeyAgreement/UnsupportedDHKeys.java.UnsupportedDHKeys
• com/sun/crypto/provider/KeyFactory/PBKDF2HmacSHA1FactoryTest.java.PBKDF2HmacSHA1FactoryTest
• com/sun/crypto/provider/KeyFactory/TestProviderLeak.java.TestProviderLeak
• com/sun/crypto/provider/Mac/EmptyByteBufferTest.java.EmptyByteBufferTest
• com/sun/crypto/provider/Mac/HmacPBESHA1.java.HmacPBESHA1
• com/sun/crypto/provider/Mac/LargeByteBufferTest.java.LargeByteBufferTest
• com/sun/crypto/provider/Mac/MacClone.java.MacClone
• com/sun/crypto/provider/Mac/MacSameTest.java.MacSameTest
• com/sun/crypto/provider/Mac/NullByteBufferTest.java.NullByteBufferTest
• com/sun/crypto/provider/NSASuiteB/TestAESOids.java.TestAESOids
• com/sun/crypto/provider/NSASuiteB/TestAESWrapOids.java.TestAESWrapOids
• com/sun/crypto/provider/NSASuiteB/TestHmacSHAOids.java.TestHmacSHAOids
• java/security/KeyStore/PKCS12/ConvertP12Test.java.ConvertP12Test
• java/security/KeyStore/TestKeyStoreEntry.java.TestKeyStoreEntry
• java/security/Signature/NONEwithRSA.java.NONEwithRSA
• javax/crypto/Cipher/CipherInputStreamExceptions.java.CipherInputStreamExceptions
• javax/crypto/Cipher/GetMaxAllowed.java.GetMaxAllowed
• javax/crypto/Cipher/TestCipherMode.java.TestCipherMode
• javax/crypto/CipherSpi/DirectBBRemaining.java.DirectBBRemaining
• javax/crypto/EncryptedPrivateKeyInfo/GetAlgName.java.GetAlgName
• javax/crypto/KeyGenerator/TestGetInstance.java.TestGetInstance
• javax/crypto/Mac/TestGetInstance.java.TestGetInstance
• javax/crypto/SecretKeyFactory/SecKFTranslateTest.java.SecKFTranslateTest
• javax/crypto/spec/DESKeySpec/CheckParity.java.CheckParity
• javax/crypto/spec/RC2ParameterSpec/RC2AlgorithmParameters.java.RC2AlgorithmParameters
• sun/security/pkcs11/Cipher/EncryptionPadding.java.EncryptionPadding
• sun/security/pkcs11/Cipher/TestPKCS5PaddingError.java.TestPKCS5PaddingError
• sun/security/pkcs11/Cipher/TestRawRSACipher.java.TestRawRSACipher
• sun/security/pkcs11/Cipher/TestRSACipher.java.TestRSACipher
• sun/security/pkcs11/Cipher/TestRSACipherWrap.java.TestRSACipherWrap
• sun/security/pkcs11/Cipher/TestSymmCiphers.java.TestSymmCiphers
• sun/security/pkcs11/Cipher/TestSymmCiphersNoPad.java.TestSymmCiphersNoPad
• sun/security/pkcs11/KeyAgreement/TestInterop.java.TestInterop

no such provider: SunRsaSign

• java/security/KeyFactory/GenerateRSAPrivateCrtKey.java.GenerateRSAPrivateCrtKey
• java/security/KeyPairGenerator/GenerateRSAKeyPair.java.GenerateRSAKeyPair
• java/security/Policy/GetInstance/GetInstance.java.GetInstance
• javax/security/auth/login/Configuration/GetInstance.java.GetInstance
• sun/security/pkcs11/Signature/SigInteropPSS.java.SigInteropPSS
• sun/security/rsa/KeySizeTest.java.KeySizeTest
• sun/security/rsa/PrivateKeyEqualityTest.java.PrivateKeyEqualityTest
• sun/security/rsa/pss/PSSKeyCompatibility.java.PSSKeyCompatibility
• sun/security/rsa/pss/PSSParametersTest.java.PSSParametersTest
• sun/security/rsa/pss/SerializedPSSKey.java.SerializedPSSKey
• sun/security/rsa/pss/TestPSSKeySupport.java.TestPSSKeySupport
• sun/security/rsa/SignatureTest.java.SignatureTest
• sun/security/rsa/SignedObjectChain.java.SignedObjectChain
• sun/security/rsa/SpecTest.java.SpecTest
• sun/security/rsa/TestKeyPairGeneratorInit.java.TestKeyPairGeneratorInit
• sun/security/rsa/TestKeyPairGeneratorLength.java.TestKeyPairGeneratorLength

java.lang.RuntimeException: Provider SunRsaSign not found.

• sun/security/x509/X509CRLImpl/Verify.java.Verify
• sun/security/x509/X509CertImpl/Verify.java.Verify

Hard code provider SunRsaSign

• java/security/Signature/SignatureGetInstance.java.SignatureGetInstance
• sun/security/rsa/TestKeyPairGenerator.java.TestKeyPairGenerator
• sun/security/rsa/TestSigGen15.java.TestSigGen15
• sun/security/rsa/pss/TestSigGenPSS.java.TestSigGenPSS

SunJGSS provider & krb5 related

• sun/security/jgss/GssMemoryIssues.java.GssMemoryIssues
• sun/security/jgss/spnego/MSOID.java.MSOID
• sun/security/jgss/spnego/NotPreferredMech.java.NotPreferredMech
• sun/security/krb5/KrbCredSubKey.java.KrbCredSubKey
• sun/security/krb5/RFC396xTest.java.RFC396xTest
• sun/security/krb5/ServiceCredsCombination.java.ServiceCredsCombination
• sun/security/krb5/auto/AcceptPermissions.java.AcceptPermissions
• sun/security/krb5/auto/AcceptorSubKey.java.AcceptorSubKey
• sun/security/krb5/auto/Addresses.java.Addresses
• sun/security/krb5/auto/AddressesAndNameType.java.AddressesAndNameType
• sun/security/krb5/auto/AlwaysEncPaReq.java.AlwaysEncPaReq
• sun/security/krb5/auto/Basic.java.Basic
• sun/security/krb5/auto/BasicKrb5Test.java.BasicKrb5Test
• sun/security/krb5/auto/BasicProc.java.BasicProc
• sun/security/krb5/auto/BogusKDC.java.BogusKDC
• sun/security/krb5/auto/CleanState.java.CleanState
• sun/security/krb5/auto/CrossRealm.java.CrossRealm
• sun/security/krb5/auto/DiffNameSameKey.java.DiffNameSameKey
• sun/security/krb5/auto/DiffSaltParams.java.DiffSaltParams
• sun/security/krb5/auto/DupEtypes.java.DupEtypes
• sun/security/krb5/auto/DynamicKeytab.java.DynamicKeytab
• sun/security/krb5/auto/EmptyPassword.java.EmptyPassword
• sun/security/krb5/auto/FileKeyTab.java.FileKeyTab
• sun/security/krb5/auto/ForwardableCheck.java.ForwardableCheck
• sun/security/krb5/auto/Forwarded.java.Forwarded
• sun/security/krb5/auto/GSS.java.GSS
• sun/security/krb5/auto/GSSUnbound.java.GSSUnbound
• sun/security/krb5/auto/HttpNegotiateServer.java.HttpNegotiateServer
• sun/security/krb5/auto/IgnoreChannelBinding.java.IgnoreChannelBinding
• sun/security/krb5/auto/KPEquals.java.KPEquals
• sun/security/krb5/auto/KdcPolicy.java.KdcPolicy
• sun/security/krb5/auto/KerberosHashEqualsTest.java.KerberosHashEqualsTest
• sun/security/krb5/auto/KeyPermissions.java.KeyPermissions
• sun/security/krb5/auto/KeyTabCompat.java.KeyTabCompat
• sun/security/krb5/auto/KrbTicket.java.KrbTicket
• sun/security/krb5/auto/KvnoNA.java.KvnoNA
• sun/security/krb5/auto/LifeTimeInSeconds.java.LifeTimeInSeconds
• sun/security/krb5/auto/LoginModuleOptions.java.LoginModuleOptions
• sun/security/krb5/auto/LoginNoPass.java.LoginNoPass
• sun/security/krb5/auto/LongLife.java.LongLife
• sun/security/krb5/auto/MSOID2.java.MSOID2
• sun/security/krb5/auto/MoreKvno.java.MoreKvno
• sun/security/krb5/auto/NewSalt.java.NewSalt
• sun/security/krb5/auto/NoAddresses.java.NoAddresses
• sun/security/krb5/auto/NoInitNoKeytab.java.NoInitNoKeytab
• sun/security/krb5/auto/NonMutualSpnego.java.NonMutualSpnego
• sun/security/krb5/auto/NoneReplayCacheTest.java.NoneReplayCacheTest
• sun/security/krb5/auto/NullRenewUntil.java.NullRenewUntil
• sun/security/krb5/auto/OkAsDelegate.java.OkAsDelegate
• sun/security/krb5/auto/OkAsDelegateXRealm.java.OkAsDelegateXRealm
• sun/security/krb5/auto/OnlyDesLogin.java.OnlyDesLogin
• sun/security/krb5/auto/PrincipalNameEquals.java.PrincipalNameEquals
• sun/security/krb5/auto/RRC.java.RRC
• sun/security/krb5/auto/ReferralsTest.java.ReferralsTest
• sun/security/krb5/auto/RefreshKrb5Config.java.RefreshKrb5Config
• sun/security/krb5/auto/Renew.java.Renew
• sun/security/krb5/auto/Renewal.java.Renewal
• sun/security/krb5/auto/ReplayCacheTest.java.ReplayCacheTest
• sun/security/krb5/auto/S4U2proxy.java.S4U2proxy
• sun/security/krb5/auto/S4U2proxyGSS.java.S4U2proxyGSS
• sun/security/krb5/auto/S4U2self.java.S4U2self
• sun/security/krb5/auto/S4U2selfAsServer.java.S4U2selfAsServer
• sun/security/krb5/auto/S4U2selfAsServerGSS.java.S4U2selfAsServerGSS
• sun/security/krb5/auto/S4U2selfGSS.java.S4U2selfGSS
• sun/security/krb5/auto/SPNEGO.java.SPNEGO
• sun/security/krb5/auto/SSL.java.SSL
• sun/security/krb5/auto/SaslBasic.java.SaslBasic
• sun/security/krb5/auto/SaslUnbound.java.SaslUnbound
• sun/security/krb5/auto/SpnegoLifeTime.java.SpnegoLifeTime
• sun/security/krb5/auto/SpnegoReqFlags.java.SpnegoReqFlags
• sun/security/krb5/auto/Test5653.java.Test5653
• sun/security/krb5/auto/TicketSName.java.TicketSName
• sun/security/krb5/auto/TwoOrThree.java.TwoOrThree
• sun/security/krb5/auto/TwoPrinces.java.TwoPrinces
• sun/security/krb5/auto/TwoTab.java.TwoTab
• sun/security/krb5/auto/UnboundSSL.java.UnboundSSL
• sun/security/krb5/auto/UnboundSSLMultipleKeys.java.UnboundSSLMultipleKeys
• sun/security/krb5/auto/UnboundSSLPrincipalProperty.java.UnboundSSLPrincipalProperty
• sun/security/krb5/auto/UnboundService.java.UnboundService
• sun/security/krb5/auto/UseCacheAndStoreKey.java.UseCacheAndStoreKey
• sun/security/krb5/auto/W83.java.W83
• sun/security/krb5/auto/principalProperty/PrincipalSystemPropTest.java.PrincipalSystemPropTest
• sun/security/krb5/ktab/FileKeyTab.java.FileKeyTab
• sun/security/krb5/ktab/KeyTabIndex.java.KeyTabIndex
• sun/security/krb5/runNameEquals.sh.runNameEquals

XMLDSig related DOM XMLSignatureFactory not available DOM mechanism not available DOM KeyInfoFactory not available

• javax/xml/crypto/dsig/ErrorHandlerPermissions.java.ErrorHandlerPermissions
• javax/xml/crypto/dsig/GenerationTests.java.GenerationTests
• javax/xml/crypto/dsig/LineFeedOnlyTest.java.LineFeedOnlyTest
• javax/xml/crypto/dsig/SecurityManager/XMLDSigWithSecMgr.java.XMLDSigWithSecMgr
• javax/xml/crypto/dsig/TransformService/NullParent.java.NullParent
• javax/xml/crypto/dsig/ValidationTests.java.ValidationTests
• javax/xml/crypto/dsig/keyinfo/KeyInfo/Marshal.java.Marshal

failed to load PKCS12 keystore related java.io.IOException: parseAlgParameters failed: PBE AlgorithmParameters not available at sun.security.pkcs12.PKCS12KeyStore.parseAlgParameters(PKCS12KeyStore.java:828) at sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2047) at java.security.KeyStore.load(KeyStore.java:1445) at Utils.loadKeyStore(Utils.java:125)
Caused by: java.security.NoSuchAlgorithmException: PBE AlgorithmParameters not available at sun.security.jca.GetInstance.getInstance(GetInstance.java:159) at java.security.Security.getImpl(Security.java:714) at java.security.AlgorithmParameters.getInstance(AlgorithmParameters.java:146) at sun.security.pkcs12.PKCS12KeyStore.parseAlgParameters(PKCS12KeyStore.java:822)

• java/security/KeyStore/PKCS12/EntryProtectionTest.java.EntryProtectionTest
• java/security/KeyStore/PKCS12/MetadataEmptyTest.java.MetadataEmptyTest
• java/security/KeyStore/PKCS12/MetadataStoreLoadTest.java.MetadataStoreLoadTest
• java/security/KeyStore/PKCS12/ReadP12Test.java.ReadP12Test
• sun/security/ec/TestEC.java.TestEC
• sun/security/pkcs11/ec/ReadPKCS12.java.ReadPKCS12
• sun/security/pkcs12/Bug6415637.java.Bug6415637
• sun/security/pkcs12/WrongPBES2.java.WrongPBES2

Caused by: java.security.NoSuchAlgorithmException: PBES2 AlgorithmParameters not available

• sun/security/pkcs12/PBES2Encoding.java.PBES2Encoding

FIPS doesnt support DES secret key

• com/sun/crypto/provider/Cipher/DES/FlushBug.java.FlushBug
• com/sun/crypto/provider/Cipher/DES/Sealtest.java.Sealtest

check if a provider exactly equals to Sun

• java/security/SecureRandom/DefaultProvider.java.DefaultProvider

no such algorithm: MD2 for provider SUN

• sun/security/provider/MessageDigest/DigestKAT.java.DigestKAT
• sun/security/provider/MessageDigest/Offsets.java.Offsets

no such algorithm: MD5 for provider SUN

• java/security/MessageDigest/ByteBuffers.java.ByteBuffers
• sun/security/pkcs11/MessageDigest/ReinitDigest.java.ReinitDigest

no such algorithm: NONEwithDSA for provider SUN

• java/security/Signature/Offsets.java.Offsets

no such algorithm: PKCS11 for provider SUN

• sun/security/ssl/SSLContextImpl/BadKSProvider.java.BadKSProvider
• sun/security/ssl/SSLContextImpl/GoodProvider.java.GoodProvider

no such algorithm: SHA for provider SUN

• java/security/MessageDigest/TestSameValue.java.TestSameValue
• java/security/Security/CaseInsensitiveAlgNames.java.CaseInsensitiveAlgNames
• sun/security/provider/MessageDigest/TestSHAClone.java.TestSHAClone

no such algorithm: SHA-256 for provider SUN

• sun/security/provider/NSASuiteB/TestSHAOids.java.TestSHAOids

NativePRNG SecureRandom not available

• sun/security/provider/SecureRandom/StrongSeedReader.java.StrongSeedReader

SHA1PRNG SecureRandom not available

• java/security/SecureRandom/GetAlgorithm.java.GetAlgorithm
• java/security/Security/ClassLoaderDeadlock/Deadlock.sh.Deadlock
• sun/security/provider/SecureRandom/SelfSeed.java.SelfSeed
• sun/security/provider/SecureRandom/StrongSecureRandom.java.StrongSecureRandom
• sun/security/provider/SeedGenerator/SeedGeneratorChoice.java.SeedGeneratorChoice

SHA-512/224 MessageDigest not available

• sun/security/provider/MessageDigest/SHA512.java.SHA512

SHA-512/256 MessageDigest not available

• java/security/SignedObject/Chain.java.Chain

DSS Signature not available

• java/security/Signature/SignWithOutputBuffer.java.SignWithOutputBuffer

SunPKCS11-Solaris provider related

• sun/security/pkcs11/Cipher/JNICheck.java.JNICheck

unrecognized algorithm name: PBKDF2WITHHMACSHA1

• sun/security/x509/AlgorithmId/OidTableInit.java.OidTableInit

unrecognized algorithm name: PBEWITHMD5ANDDES

• sun/security/x509/AlgorithmId/TurkishRegion.java.TurkishRegion

RSASSA-PSS AlgorithmParameters not available

• sun/security/x509/AlgorithmId/AlgorithmIdEqualsHashCode.java.AlgorithmIdEqualsHashCode

failed to save PKCS12 keystore related. PBEWithSHA1AndRC2_40 AlgorithmParameters not available

• java/security/KeyStore/PKCS12/StoreTrustedCertAPITest.java.StoreTrustedCertAPITest

load PBE SecretKeyFactory not available

• sun/security/pkcs12/StorePasswordTest.java.StorePasswordTest
• sun/security/tools/keytool/StorePasswords.java.StorePasswords

RSASSA-PSS KeyPairGenerator not available

• java/security/cert/X509Certificate/GetSigAlgParams.java.GetSigAlgParams
• sun/security/rsa/pss/SignatureTest2.java.SignatureTest2
• sun/security/rsa/pss/SignatureTestPSS.java.SignatureTestPSS
• sun/security/tools/keytool/PSS.java.PSS

failed to translate a DSA public key from P11DSAKeyFactory java.lang.NullPointerException at sun.security.pkcs11.P11DSAKeyFactory.implTranslatePublicKey(P11DSAKeyFactory.java:57) at sun.security.pkcs11.P11DSAKeyFactory.engineGeneratePublic(P11DSAKeyFactory.java:109) at java.security.KeyFactory.generatePublic(KeyFactory.java:334)

• java/security/cert/CertificateFactory/openssl/OpenSSLCert.java.OpenSSLCert
• java/security/cert/CertificateFactory/ReturnStream.java.ReturnStream
• java/security/cert/CertificateFactory/slowstream.sh.slowstream
• java/security/cert/CertPath/Serialize.java.Serialize
• java/security/cert/CertPathEncodingTest.java.CertPathEncodingTest
• java/security/cert/CertPathValidator/nameConstraintsRFC822/ValidateCertPath.java.ValidateCertPath
• java/security/cert/CertPathValidatorException/Serial.java.Serial
• java/security/cert/PolicyNode/GetPolicyQualifiers.java.GetPolicyQualifiers
• java/security/cert/X509CertSelectorTest.java.X509CertSelectorTest
• java/security/CodeSigner/Serialize.java.Serialize
• java/security/KeyStore/EntryMethods.java.EntryMethods
• java/security/UnresolvedPermission/AccessorMethods.java.AccessorMethods
• sun/security/pkcs/pkcs7/PKCS7VerifyTest.java.PKCS7VerifyTest
• sun/security/provider/certpath/SunCertPathBuilderExceptionTest.java.SunCertPathBuilderExceptionTest
• sun/security/validator/EndEntityExtensionCheck.java.EndEntityExtensionCheck

failed to translate a DSA private key from P11DSAKeyFactory java.lang.NullPointerException at sun.security.pkcs11.P11DSAKeyFactory.implTranslatePrivateKey(P11DSAKeyFactory.java:83) at sun.security.pkcs11.P11DSAKeyFactory.engineGeneratePrivate(P11DSAKeyFactory.java:141) at java.security.KeyFactory.generatePrivate(KeyFactory.java:372)

• java/security/KeyRep/SerialOld.java.SerialOld
• sun/security/pkcs/pkcs8/PKCS8Test.java.PKCS8Test
• sun/security/pkcs11/Signature/TestDSA.java.TestDSA

Failed to translate a DSA private key get from KeyPairGenerator

• java/security/KeyPairGenerator/Failover.java.Failover

Could not create RSA private key due to the CKA_CLASS is CKO_PRIVATE_KEY Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ATTRIBUTE_VALUE_INVALID at sun.security.pkcs11.wrapper.PKCS11$InnerPKCS11.C_CreateObject(PKCS11.java:183) at sun.security.pkcs11.P11RSAKeyFactory.generatePrivate(P11RSAKeyFactory.java:250) at sun.security.pkcs11.P11RSAKeyFactory.implTranslatePrivateKey(P11RSAKeyFactory.java:80) Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ATTRIBUTE_VALUE_INVALID at sun.security.pkcs11.wrapper.PKCS11$InnerPKCS11.C_CreateObject(PKCS11.java:183) at sun.security.pkcs11.P11RSAKeyFactory.generatePrivate(P11RSAKeyFactory.java:250) at sun.security.pkcs11.P11RSAKeyFactory.implTranslatePrivateKey(P11RSAKeyFactory.java:80)

• sun/security/ssl/rsa/SignatureOffsets.java.SignatureOffsets
• sun/security/ssl/rsa/SignedObjectChain.java.SignedObjectChain

sun.security.pkcs11.P11Key$P11PrivateKey incompatible with sun.security.provider.DSAPrivateKey

• java/security/KeyPairGenerator/SolarisShortDSA.java.SolarisShortDSA

Cant create a PKCS12 keystore related

• java/security/KeyStore/PKCS12/StoreTrustedCertKeytool.java.StoreTrustedCertKeytool
• sun/security/pkcs12/ParamsTest.java.ParamsTest
• sun/security/pkcs12/PKCS12SameKeyId.java.PKCS12SameKeyId

Cannot find any provider supporting AESWrap

• com/sun/crypto/provider/Cipher/KeyWrap/TestCipherKeyWrapperTest.java.TestCipherKeyWrapperTest

DES/DESede SecretKey algorithms is not supported

• sun/security/pkcs12/StoreSecretKeyTest.java.StoreSecretKeyTest

PBEWithSHA1AndRC2_40 AlgorithmParameters not available

• sun/security/pkcs12/StoreTrustedCertTest.java.StoreTrustedCertTest

PBEWithMD5AndDES SecretKeyFactory not available

• com/sun/crypto/provider/Cipher/PBE/PBEInvalidParamsTest.java.PBEInvalidParamsTest
• com/sun/crypto/provider/Cipher/PBE/PBEKeyTest.java.PBEKeyTest
• com/sun/crypto/provider/Cipher/PBE/PBEParametersTest.java.PBEParametersTest

PBEWithHmacSHA1AndAES_128 SecretKeyFactory not available

• com/sun/crypto/provider/Cipher/PBE/PBES2Test.java.PBES2Test

PBKDF2WithHmacSHA1/PBKDF2WithHmacSHA224/PBKDF2WithHmacSHA256/PBKDF2WithHmacSHA384/PBKDF2WithHmacSHA512 SecretKeyFactory not available

• com/sun/crypto/provider/Cipher/PBE/PBMacBuffer.java.PBMacBuffer
• com/sun/crypto/provider/Cipher/PBE/PBMacDoFinalVsUpdate.java.PBMacDoFinalVsUpdate
• com/sun/crypto/provider/Cipher/PBE/PBKDF2Translate.java.PBKDF2Translate
• javax/crypto/SecretKeyFactory/PBKDF2TranslateTest.java.PBKDF2TranslateTest

pbeWithMD5ANDdes SecretKeyFactory not available

• com/sun/crypto/provider/Cipher/PBE/TestCipherPBE.java.TestCipherPBE

PBEWithSHA1AndDESede AlgorithmParameters not available

• javax/net/ssl/Stapling/HttpsUrlConnClient.java.HttpsUrlConnClient
• javax/net/ssl/Stapling/SSLEngineWithStapling.java.SSLEngineWithStapling
• javax/net/ssl/Stapling/StapleEnableProps.java.StapleEnableProps
• javax/net/ssl/TLSCommon/TLSTest.java.TLSTest
• javax/net/ssl/TLSCommon/TestSessionLocalPrincipal.java.TestSessionLocalPrincipal
• sun/security/pkcs12/EmptyPassword.java.EmptyPassword

FIPS does not support DES/ECB/PKCS5Padding

• com/sun/crypto/provider/Cipher/TextLength/TestCipherTextLength.java.TestCipherTextLength

Cannot find any provider supporting PBEWithMD5AndTripleDES

• javax/crypto/Cipher/TestGetInstance.java.TestGetInstance

Cannot find any provider supporting Blowfish

• javax/crypto/Cipher/Turkish.java.Turkish

unrecognized algorithm name: PBEWithMD5AndDES

• javax/crypto/EncryptedPrivateKeyInfo/GetKeySpecException2.java.GetKeySpecException2

P11KeyPairGenerator doesnt support DesEDE

• javax/crypto/KeyGenerator/TestKGParity.java.TestKGParity

Could not create DH private key

• sun/security/pkcs11/tls/TestLeadingZeroesP11.java.TestLeadingZeroesP11

sun.security.pkcs11.P11Key$P11DSAPublicKey incompatible with sun.security.x509.X509Key

• sun/security/pkcs/pkcs10/PKCS10AttrEncoding.java.PKCS10AttrEncoding
• sun/security/pkcs/pkcs7/SignerOrder.java.SignerOrder

XMLSignature provider is disabled in FIPS mode

• com/sun/org/apache/xml/internal/security/TruncateHMAC.java.TruncateHMAC

Module java.security.sasl related. Unable to find client impl for CRAM-MD5 or DIGEST-MD5. NTLM should not support auth-conf

• com/sun/security/sasl/Cram.java.Cram
• com/sun/security/sasl/digest/AuthNoUtf8.java.AuthNoUtf8
• com/sun/security/sasl/digest/AuthOnly.java.AuthOnly
• com/sun/security/sasl/digest/AuthRealmChoices.java.AuthRealmChoices
• com/sun/security/sasl/digest/AuthRealms.java.AuthRealms
• com/sun/security/sasl/digest/CheckNegotiatedQOPs.java.CheckNegotiatedQOPs
• com/sun/security/sasl/digest/Integrity.java.Integrity
• com/sun/security/sasl/digest/NoQuoteParams.java.NoQuoteParams
• com/sun/security/sasl/digest/Privacy.java.Privacy
• com/sun/security/sasl/digest/PrivacyRc4.java.PrivacyRc4
• com/sun/security/sasl/digest/Unbound.java.Unbound
• com/sun/security/sasl/ntlm/Conformance.java.Conformance
• com/sun/security/sasl/ntlm/NTLMTest.java.NTLMTest
• javax/security/sasl/Sasl/ClientServerTest.java.ClientServerTest
• javax/security/sasl/Sasl/DisabledMechanisms.java.DisabledMechanisms

java.security.ProviderException: Could not derive key at sun.security.pkcs11.P11ECDHKeyAgreement.engineGenerateSecret(P11ECDHKeyAgreement.java:145) at javax.crypto.KeyAgreement.generateSecret(KeyAgreement.java:586)

• sun/security/pkcs11/ec/TestCurves.java.TestCurves

java.security.spec.InvalidKeySpecException: Could not create EC private key at sun.security.pkcs11.P11ECKeyFactory.engineGeneratePrivate(P11ECKeyFactory.java:218) at java.security.KeyFactory.generatePrivate(KeyFactory.java:366) at TestECDH2.genECKeyPair(TestECDH2.java:98)

• sun/security/pkcs11/ec/TestECDH2.java.TestECDH2
• sun/security/pkcs11/ec/TestECDSA2.java.TestECDSA2

java.security.KeyStoreException: Key protection algorithm not found: java.lang.NullPointerException at sun.security.pkcs12.PKCS12KeyStore.setKeyEntry(PKCS12KeyStore.java:687) at sun.security.pkcs12.PKCS12KeyStore.engineSetEntry(PKCS12KeyStore.java:1408) at java.security.KeyStore.setEntry(KeyStore.java:1557)

• sun/security/pkcs12/P12SecretKey.java.P12SecretKey

java.security.spec.InvalidKeySpecException: Could not create DH private key at sun.security.pkcs11.P11DHKeyFactory.engineGeneratePrivate(P11DHKeyFactory.java:166) at java.security.KeyFactory.generatePrivate(KeyFactory.java:366) Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ATTRIBUTE_VALUE_INVALID at sun.security.pkcs11.wrapper.PKCS11.C_CreateObject(Native Method) at sun.security.pkcs11.wrapper.PKCS11$InnerPKCS11.C_CreateObject(PKCS11.java:183) at sun.security.pkcs11.P11DHKeyFactory.generatePrivate(P11DHKeyFactory.java:207) at sun.security.pkcs11.P11DHKeyFactory.engineGeneratePrivate(P11DHKeyFactory.java:160)

• sun/security/pkcs11/KeyAgreement/TestShort.java.TestShort

Caused by: java.security.ProviderException: Initialization failed at sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:421) at sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:125) Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_SLOT_ID_INVALID at sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:387) Initialization failed PKCS11Exception: CKR_SLOT_ID_INVALID. All the below tests will call PKCS11Test.getSunPKCS11(PKCS11Test.java:105) to get the SunPKCS11 provider. When testing in the FIPS mode, the SunPKCS11 will first be initialized as a FIPS provider SunPKCS11-NSS-FIPS. And then in the test code PKCS11Test, line 480 and 486. It will try to configure the SunPKCS11 using the p11-nss.txt to the NSS mode. But in the FIPS mode, there can only be a single PKCS11 provider. So configure the SunPKCS11 to the NSS mode will failed.

• sun/security/pkcs11/Cipher/ReinitCipher.java.ReinitCipher
• sun/security/pkcs11/Cipher/Test4512704.java.Test4512704
• sun/security/pkcs11/Cipher/TestCICOWithGCM.java.TestCICOWithGCM
• sun/security/pkcs11/Cipher/TestCICOWithGCMAndAAD.java.TestCICOWithGCMAndAAD
• sun/security/pkcs11/Cipher/TestGCMKeyAndIvCheck.java.TestGCMKeyAndIvCheck
• sun/security/pkcs11/Cipher/TestKATForGCM.java.TestKATForGCM
• sun/security/pkcs11/ec/ReadCertificates.java.ReadCertificates
• sun/security/pkcs11/KeyAgreement/UnsupportedDHKeys.java.UnsupportedDHKeys
• sun/security/pkcs11/KeyGenerator/TestKeyGenerator.java.TestKeyGenerator
• sun/security/pkcs11/MessageDigest/ByteBuffers.java.ByteBuffers
• sun/security/pkcs11/MessageDigest/DigestKAT.java.DigestKAT
• sun/security/pkcs11/MessageDigest/TestCloning.java.TestCloning
• sun/security/pkcs11/Provider/ConfigQuotedString.sh.ConfigQuotedString
• sun/security/pkcs11/Provider/Login.sh.Login
• sun/security/pkcs11/rsa/KeyWrap.java.KeyWrap
• sun/security/pkcs11/SampleTest.java.SampleTest
• sun/security/pkcs11/SecureRandom/Basic.java.Basic
• sun/security/pkcs11/SecureRandom/TestDeserialization.java.TestDeserialization
• sun/security/pkcs11/Serialize/SerializeProvider.java.SerializeProvider
• sun/security/pkcs11/Signature/ByteBuffers.java.ByteBuffers
• sun/security/pkcs11/Signature/InitAgainPSS.java.InitAgainPSS
• sun/security/pkcs11/Signature/KeyAndParamCheckForPSS.java.KeyAndParamCheckForPSS
• sun/security/pkcs11/Signature/ReinitSignature.java.ReinitSignature
• sun/security/pkcs11/Signature/SignatureTestPSS.java.SignatureTestPSS
• sun/security/pkcs11/Signature/TestDSA2.java.TestDSA2
• sun/security/pkcs11/Signature/TestRSAKeyLength.java.TestRSAKeyLength
• sun/security/pkcs11/tls/TestPremaster.java.TestPremaster

java.lang.IllegalArgumentException: if keyStoreType is PKCS11, then keyStore must be NONE

• javax/net/ssl/SSLSession/JSSERenegotiate.java.JSSERenegotiate
• javax/net/ssl/HttpsURLConnection/CriticalSubjectAltName.java.CriticalSubjectAltName
• javax/net/ssl/SSLParameters/UseCipherSuitesOrder.java.UseCipherSuitesOrder
• javax/net/ssl/TLSv11/GenericBlockCipher.java.GenericBlockCipher
• javax/net/ssl/TLSv11/GenericStreamCipher.java.GenericStreamCipher
• sun/security/ssl/ClientHandshaker/CipherSuiteOrder.java.CipherSuiteOrder
• sun/security/ssl/ProtocolVersion/HttpsProtocols.java.HttpsProtocols
• sun/security/tools/jarsigner/JarSigningNonAscii.java.JarSigningNonAscii
• sun/security/tools/jarsigner/LargeJarEntry.java.LargeJarEntry

javax.security.auth.login.LoginException: if keyStoreType is PKCS11 then keyStoreURL must be NONE

• com/sun/security/auth/module/KeyStoreLoginModule/OptionTest.java.OptionTest
• com/sun/security/auth/module/KeyStoreLoginModule/ReadOnly.java.ReadOnly

Could not generate keyPair for DH java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ARGUMENTS_BAD at sun.security.pkcs11.P11KeyPairGenerator.generateKeyPair(P11KeyPairGenerator.java:424) at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:697)

• sun/security/pkcs11/KeyAgreement/SupportedDHKeys.java.SupportedDHKeys
• sun/security/pkcs11/KeyAgreement/TestDH.java.TestDH
• sun/security/pkcs11/KeyPairGenerator/TestDH2048.java.TestDH2048

All the below hard coded static String keyStoreFile = "keystore", and set the system property; However, in the test codes. In FIPS mode, keystore must be NONE. javax.net.ssl.SSLHandshakeException: no cipher suites in common

• javax/net/ssl/ciphersuites/DisabledAlgorithms.java.DisabledAlgorithms
• javax/net/ssl/FixingJavadocs/ImplicitHandshake.java.ImplicitHandshake
• javax/net/ssl/HttpsURLConnection/GetResponseCode.java.GetResponseCode
• javax/net/ssl/ServerName/BestEffortOnLazyConnected.java.BestEffortOnLazyConnected
• javax/net/ssl/ServerName/SSLSocketConsistentSNI.java.SSLSocketConsistentSNI
• javax/net/ssl/ServerName/SSLSocketExplorer.java.SSLSocketExplorer
• javax/net/ssl/ServerName/SSLSocketExplorerFailure.java.SSLSocketExplorerFailure
• javax/net/ssl/ServerName/SSLSocketExplorerMatchedSNI.java.SSLSocketExplorerMatchedSNI
• javax/net/ssl/ServerName/SSLSocketExplorerWithCliSNI.java.SSLSocketExplorerWithCliSNI
• javax/net/ssl/ServerName/SSLSocketExplorerWithSrvSNI.java.SSLSocketExplorerWithSrvSNI
• javax/net/ssl/SSLSession/HttpsURLConnectionLocalCertificateChain.java.HttpsURLConnectionLocalCertificateChain
• javax/net/ssl/Stapling/SSLSocketWithStapling.java.SSLSocketWithStapling
• javax/net/ssl/TLSv12/ProtocolFilter.java.ProtocolFilter
• sun/security/ssl/AppInputStream/ReadZeroBytes.java.ReadZeroBytes
• sun/security/ssl/AppInputStream/RemoveMarkReset.java.RemoveMarkReset
• sun/security/ssl/AppOutputStream/NoExceptionOnClose.java.NoExceptionOnClose
• sun/security/ssl/InputRecord/SSLSocketTimeoutNulls.java.SSLSocketTimeoutNulls
• sun/security/ssl/SocketCreation/SocketCreation.java.SocketCreation
• sun/security/ssl/spi/ProviderInit.java.ProviderInit
• sun/security/ssl/SSLSessionImpl/HashCodeMissing.java.HashCodeMissing
• sun/security/ssl/SSLSessionImpl/ResumeChecksClient.java.ResumeChecksClient
• sun/security/ssl/SSLSessionImpl/ResumeChecksServer.java.ResumeChecksServer
• sun/security/ssl/SSLSocketImpl/AsyncSSLSocketClose.java.AsyncSSLSocketClose
• sun/security/ssl/SSLSocketImpl/ClientModeClientAuth.java.ClientModeClientAuth
• sun/security/ssl/SSLSocketImpl/CloseSocketException.java.CloseSocketException
• sun/security/ssl/SSLSocketImpl/InvalidateServerSessionRenegotiate.java.InvalidateServerSessionRenegotiate
• sun/security/ssl/SSLSocketImpl/LargePacketAfterHandshakeTest.java.LargePacketAfterHandshakeTest
• sun/security/ssl/SSLSocketImpl/NewSocketMethods.java.NewSocketMethods
• sun/security/ssl/SSLSocketImpl/NoImpactServerRenego.java.NoImpactServerRenego
• sun/security/ssl/SSLSocketImpl/NotifyHandshakeTest.sh.NotifyHandshakeTest
• sun/security/ssl/SSLSocketImpl/RejectClientRenego.java.RejectClientRenego
• sun/security/ssl/SSLSocketImpl/ReuseAddr.java.ReuseAddr
• sun/security/ssl/SSLSocketImpl/ReverseNameLookup.java.ReverseNameLookup
• sun/security/ssl/SSLSocketImpl/ServerRenegoWithTwoVersions.java.ServerRenegoWithTwoVersions
• sun/security/ssl/SSLSocketImpl/ServerTimeout.java.ServerTimeout
• sun/security/ssl/SSLSocketImpl/UnconnectedSocketWrongExceptions.java.UnconnectedSocketWrongExceptions
• sun/security/ssl/Stapling/StatusResponseManager.sh.StatusResponseManager
• sun/security/tools/keytool/printssl.sh.printssl
• sun/security/util/HostnameMatcher/NullHostnameCheck.java.NullHostnameCheck

NSS module initial failures. It using "nss.cfg"/"nsstrust.cfg"/"nsscrypto.cfg" as the configure file and in the FIPS mode, there can only be a single PKCS11 provider. java.security.ProviderException: NSS library directory /usr/lib64 invalid, NSS already initialized with /usr/lib64/

• sun/security/pkcs11/Secmod/AddPrivateKey.java.AddPrivateKey
• sun/security/pkcs11/Secmod/Crypto.java.Crypto
• sun/security/pkcs11/Secmod/LoadKeystore.java.LoadKeystore
• sun/security/pkcs11/Secmod/TrustAnchors.java.TrustAnchors

FIPS doesnt support ECB mode in AES/ECB/PKCS5Padding cipher java.security.InvalidKeyException: Could not create key at sun.security.pkcs11.P11SecretKeyFactory.createKey(P11SecretKeyFactory.java:274) at sun.security.pkcs11.P11SecretKeyFactory.convertKey(P11SecretKeyFactory.java:179) at sun.security.pkcs11.P11SecretKeyFactory.convertKey(P11SecretKeyFactory.java:111)

• sun/security/pkcs11/Cipher/CancelMultipart.java.CancelMultipart

com.sun.exp.provider.EXP related

• java/security/Security/signedfirst/Dyn.sh.Dyn
• java/security/Security/signedfirst/Static.sh.Static

FIPS doesnt support DES secret key

• javax/crypto/Cipher/ByteBuffers.java.ByteBuffers

Failed to create a PKCS12 keystore

• javax/net/ssl/TLSCommon/ConcurrentClientAccessTest.java.ConcurrentClientAccessTest

FIPS doesnt support DESede algorithms

• com/sun/crypto/provider/CICO/CICOSkipTest.java.CICOSkipTest

Cipher suites mismatch

• javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java.CheckCipherSuites

FIPS doesnt support DKS keystore

• sun/security/provider/KeyStore/DKSTest.sh.DKSTest

Policy file related. Failed due to related to the keystore files.

• sun/security/provider/PolicyFile/Alias.java.Alias
• sun/security/provider/PolicyFile/AliasExpansion.java.AliasExpansion
• sun/security/provider/PolicyFile/TokenStore.java.TokenStore
• sun/security/provider/PolicyFile/TrustedCert.java.TrustedCert

Hard code checking if the provider is "MyProvider()"

• sun/security/ssl/HandshakeHash/HandshakeHashCloneExhaustion.java.HandshakeHashCloneExhaustion

keytool error: java.security.KeyStoreException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ATTRIBUTE_VALUE_INVALID

• sun/security/tools/keytool/CloseFile.java.CloseFile
• sun/security/tools/keytool/NewSize7.java.NewSize7
• sun/security/tools/keytool/UnknownAndUnparseable.java.UnknownAndUnparseable

Cant create a keystore in FIPS by sun.security.tools.keytool.Main.main( ("-keystore jks -storepass changeit -keypass changeit " + "-dname CN=A -alias " + keyalg + " -genkeypair " + "-keyalg " + keyalg).split(" ")); or -keystore ks -storepass changeit -keypass changeit

• sun/security/tools/jarsigner/certpolicy.sh.certpolicy
• sun/security/tools/jarsigner/concise_jarsigner.sh.concise_jarsigner
• sun/security/tools/jarsigner/DefaultSigalg.java.DefaultSigalg
• sun/security/tools/jarsigner/EntriesOrder.java.EntriesOrder
• sun/security/tools/jarsigner/Test4431684.java.Test4431684
• sun/security/tools/jarsigner/TimestampCheck.java.TimestampCheck
• sun/security/tools/jarsigner/weaksize.sh
• sun/security/tools/keytool/keyalg.sh.keyalg
• sun/security/tools/keytool/standard.sh.standard
• sun/security/tools/keytool/WeakAlg.java.WeakAlg
• sun/security/validator/certreplace.sh.certreplace
• sun/security/validator/samedn.sh.samedn

We can generate different such as SslMacMD5/SslMacSHA1/HmacMD5/HmacSHA1/HmacSHA224/HmacSHA256/HmacSHA384/HmacSHA512 secret keys but we only support to import AES secret key for now. java.security.InvalidKeyException: init() failed at sun.security.pkcs11.P11Mac.engineInit(P11Mac.java:208) Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_KEY_TYPE_INCONSISTENT at sun.security.pkcs11.wrapper.PKCS11.C_SignInit(Native Method) at sun.security.pkcs11.P11Mac.initialize(P11Mac.java:177) at sun.security.pkcs11.P11Mac.engineInit(P11Mac.java:206)

• javax/crypto/Mac/ByteBuffers.java.ByteBuffers
• sun/security/pkcs11/Mac/MacKAT.java.MacKAT
• sun/security/pkcs11/Mac/MacSameTest.java.MacSameTest
• sun/security/pkcs11/Mac/ReinitMac.java

Could not import DSA private key when invoke kpg.initialize(1024) after KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA");

• java/security/Provider/SupportsParameter.java.SupportsParameter

We can generate DES secret keys but cant import it

• sun/security/pkcs11/KeyGenerator/DESParity.java.DESParity

testMDChange failed at:MD2/2500 This is failed because the BUFFER_SIZE is defined as 96 in P11Digest engine class for FIPS. The length (2500) of the data which is over the buffer size.

• java/security/MessageDigest/TestDigestIOStream.java.TestDigestIOStream

Exception in thread "main" java.security.ProviderException: Unknown mechanism: 20 mechanism 20 is: SHA256withDSA, its alias is CKM_DSA_SHA256. It is defined in SunPKCS11 when fips mode is enabled. When getInstance("SHA256withDSA") in invoked from Signature class, it will eventually invoke the P11Signature(token, algorithm, mechanism). However, in the P11Signature constructor, there is no CKM_DSA_SHA256 defined in the switch-case statement. Not only CKM_DSA_SHA256, but also CKM_DSA_SHA224/CKM_DSA_SHA384/CKM_DSA_SHA512, etc. Thereofore, SHA256withDSA is an Unknown mechanism.

• java/security/Signature/SignatureLength.java.SignatureLength
• sun/security/provider/DSA/TestMaxLengthDER.java.TestMaxLengthDER
• sun/security/x509/X509CertImpl/V3Certificate.java.V3Certificate

Can generate a TlsMasterSecret key via (TlsMasterSecret)kg.generateKey() but the result of key.getEncoded() is null; It seems that cant import a TlsMasterSecret key;

• sun/security/pkcs11/tls/TestMasterSecret.java.TestMasterSecret

When FIPS mode is disabled, cacerts in ${JAVA_HOME}/jre/lib/security/cacerts is not empty. Therefore, X509Certificate[] acceptedIssuers = trustManager.getAcceptedIssuers(); The length of acceptedIssuers is not 0. But when FIPS mode is enabled, cacerts in ${JAVA_HOME}/jre/lib/security/cacerts is empty. While executing this statement X509Certificate[] acceptedIssuers = trustManager.getAcceptedIssuers(); The length of acceptedIssuers is 0.

• javax/net/ssl/sanity/CacertsExplorer.java.CacertsExplorer

[WilburZjh]

detail explanation for #612

[sshuklao]

I am getting same CKR_KEY_TYPE_INCONSISTENT error when running Apache Spark 3.3.0 on IBM-Semeru-Runtime 11.0.16.1 on FIPS enabled cluster.

Caused by: java.security.InvalidKeyException: init() failed
    at jdk.crypto.cryptoki/sun.security.pkcs11.P11Mac.engineInit(P11Mac.java:208)
    at java.base/javax.crypto.Mac.chooseProvider(Mac.java:366)
    at java.base/javax.crypto.Mac.init(Mac.java:435)
    at com.ibm.stocator.thirdparty.cos.auth.AbstractAWSSigner.sign(AbstractAWSSigner.java:127)
    ... 34 more
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_KEY_TYPE_INCONSISTENT
    at jdk.crypto.cryptoki/sun.security.pkcs11.wrapper.PKCS11.C_SignInit(Native Method)
    at jdk.crypto.cryptoki/sun.security.pkcs11.P11Mac.initialize(P11Mac.java:177)
    at jdk.crypto.cryptoki/sun.security.pkcs11.P11Mac.engineInit(P11Mac.java:206)
    ... 37 more

[WilburZjh]

The traceStack for javax/crypto/CipherSpi/TestGCMWithByteBuffer.java is

javax.crypto.BadPaddingException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ENCRYPTED_DATA_INVALID
    at sun.security.pkcs11.P11AEADCipher.handleException(P11AEADCipher.java:749)
    at sun.security.pkcs11.P11AEADCipher.implDoFinal(P11AEADCipher.java:722)
    at sun.security.pkcs11.P11AEADCipher.engineDoFinal(P11AEADCipher.java:548)
    at javax.crypto.Cipher.doFinal(Cipher.java:2463)
    at TestGCMWithByteBuffer.decrypt(TestGCMWithByteBuffer.java:157)
    at TestGCMWithByteBuffer.test(TestGCMWithByteBuffer.java:86)
    at TestGCMWithByteBuffer.main(TestGCMWithByteBuffer.java:52)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at com.sun.javatest.regtest.agent.MainActionHelper$AgentVMRunnable.run(MainActionHelper.java:298)
    at java.lang.Thread.run(Thread.java:826)
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ENCRYPTED_DATA_INVALID
    at sun.security.pkcs11.wrapper.PKCS11.C_Decrypt(Native Method)
    at sun.security.pkcs11.P11AEADCipher.implDoFinal(P11AEADCipher.java:708)

In NSS docs version 3.15, it is mentioned that for Cipher mode AES-GCM.

PK11_Decrypt - Performs decryption as a single PKCS#11 operation (eg: not multi-part). This is necessary for AES-GCM.
PK11_Encrypt - Performs encryption as a single PKCS#11 operation (eg: not multi-part). This is necessary for AES-GCM.

[WilburZjh]

The traceStack for sun/rmi/rmic/manifestClassPath/run.sh is

Exception in thread "main" java.lang.ExceptionInInitializerError
    at java.lang.J9VMInternals.ensureError(J9VMInternals.java:158)
    at java.lang.J9VMInternals.recordInitializationFailure(J9VMInternals.java:147)
    at sun.rmi.transport.LiveRef.<init>(LiveRef.java:74)
    at sun.rmi.server.UnicastServerRef.<init>(UnicastServerRef.java:168)
    at sun.rmi.server.UnicastServerRef.<init>(UnicastServerRef.java:186)
    at java.rmi.server.UnicastRemoteObject.exportObject(UnicastRemoteObject.java:301)
    at Main.main(Main.java:10)
Caused by: java.lang.RuntimeException: could not find SunPKCS11-NSS-FIPS provider for FIPS mode
    at java.security.SecureRandom.getDefaultPRNG(SecureRandom.java:209)
    at java.security.SecureRandom.<init>(SecureRandom.java:170)
    at java.rmi.server.UID.<init>(UID.java:112)
    at java.rmi.server.ObjID.<clinit>(ObjID.java:88)
    ... 5 more

If we assign a directory to -Djava.ext.dirs jvm options, the ExtClassLoader will not load the jar file under ${JAVA_HOME}/jre/lib/ext.

One solution that fix this issue is expanding -Djava.ext.dirs with {JAVA_HOME}/jre/lib/ext. A passed version can be seen from this <<grinder>>

[WilburZjh]

The exception is : sun.security.pkcs11.wrapper.PKCS11Exception: CKR_KEY_SIZE_RANGE. The minimum length for an MD5 HMAC key is 16 bytes. However, this test uses a 4 bytes length key for HmacMD5.

• com/sun/crypto/provider/Mac/HmacMD5.java.HmacMD5