8336499: Failure when creating non-CRT RSA private keys in SunPKCS11

[Sorna-Sarathi]

Hi all,
This pull request contains a backport of commit 3251eea from the openjdk/jdk repository.
Tier1 testing is successful.
Thanks!

JBS Issue: JDK-8336499

---

Progress

• Change must not contain extraneous whitespace
• JDK-8336499 needs maintainer approval
• Commit message must refer to an issue

Issue

• JDK-8336499: Failure when creating non-CRT RSA private keys in SunPKCS11 (Bug - P4)

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk21u-dev.git pull/1021/head:pull/1021
$ git checkout pull/1021

Update a local copy of the PR:
$ git checkout pull/1021
$ git pull https://git.openjdk.org/jdk21u-dev.git pull/1021/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 1021

View PR using the GUI difftool:
$ git pr show -t 1021

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk21u-dev/pull/1021.diff

Using Webrev

Link to Webrev Comment

[bridgekeeper]

Hi @Sorna-Sarathi, welcome to this OpenJDK project and thanks for contributing!

We do not recognize you as Contributor and need to ensure you have signed the Oracle Contributor Agreement (OCA). If you have not signed the OCA, please follow the instructions. Please fill in your GitHub username in the "Username" field of the application. Once you have signed the OCA, please let us know by writing /signed in a comment in this pull request.

If you already are an OpenJDK Author, Committer or Reviewer, please click here to open a new issue so that we can record that fact. Please use "Add GitHub user Sorna-Sarathi" as summary for the issue.

If you are contributing this work on behalf of your employer and your employer has signed the OCA, please let us know by writing /covered in a comment in this pull request.

[openjdk]

❗ This change is not yet ready to be integrated.
See the Progress checklist in the description for automated requirements.

[openjdk]

This backport pull request has now been updated with issue from the original commit.

[Sorna-Sarathi]

/covered

[bridgekeeper]

Thank you! Please allow for a few business days to verify that your employer has signed the OCA. Also, please note that pull requests that are pending an OCA check will not usually be evaluated, so your patience is appreciated!

[openjdk]

⚠️ @Sorna-Sarathi This change is now ready for you to apply for maintainer approval. This can be done directly in each associated issue or by using the /approval command.

[mlbridge]

Webrevs

• 00: Full (4bfa74ad)

[offamitkumar]

@Sorna-Sarathi You haven't enabled GHA on your repo. Please do it.

[bridgekeeper]

@Sorna-Sarathi This pull request has been inactive for more than 4 weeks and will be automatically closed if another 4 weeks passes without any activity. To avoid this, simply add a new comment to the pull request. Feel free to ask for assistance if you need help with progressing this pull request towards integration!

[Sorna-Sarathi]

/approval request fixes failure when creating non-CRT RSA private keys in SunPKCS11. Backporting it.

[openjdk]

@Sorna-Sarathi
8336499: The approval request has been created successfully.

[GoeLin]

Hi @Sorna-Sarathi ,
please enable GHA actions and trigger a rerun.
Please do more extensive testing of this change. Tier 1 is not sufficient for a change in a
important component as security. Please give a more detailed backport comment, see also https://wiki.openjdk.org/display/JDKUpdates/How+to+contribute+or+backport+a+fix

Further, I would propose to defer this to the April update, so that it has at least some coverage by 24. It's a pity you missed 23, that's closed as far as I know.

[GoeLin]

Hi @Sorna-Sarathi,
I still would like to see some more testing. Removing the label in the meantime. Same for 17.
Also please check the failures in the Pre-submit tests.