Differences between openJDK and oracleJDK

Tue Oct 4 15:50:35 UTC 2016

On Fri, Sep 30, 2016 at 10:04 PM, Steffen Heil (Mailinglisten)
<lists at steffen-heil.de> wrote:
> Hi
>
>
> Sorry for the late reply.
>
>
>> The original mail is about the method missing, not the class.
>
> Exactly.
>
>
>> That said, I also don't think there is any difference between OpenJDK and Oracle JDK here.
>>
>> *Steffen*, how do you find the method is missing? The latest jdk9 is modularized so you cannot call internal method like before. Is
>> that the reason? Can you show the compilation or runtime error?
>
> The following works in openJDK 1.8.0.101:
>
> AuthorityKeyIdentifierExtension akidext = ....;
> byte[] kid = akidext.getEncodedKeyIdentifier();
>
> But in oracleJDK 1.8.0.101 it leads to a compile time error, because that method does not exist.
>
>
>> > There is no difference in the Oracle and OpenJDK JSSE implementation. They are the same.
>
> Obviously, there is.
>

The explanation is quite simple:)

 - go get the OpenJDK sources from
http://hg.openjdk.java.net/jdk8u/jdk8u-dev/jdk
 - take a look at the modifications you are interested in:

hg annotate src/share/classes/sun/security/x509/AuthorityKeyIdentifierExtension.java

...
    0:     }
11494:
11494:     /**
11494:      * Return the encoded key identifier, or null if not specified.
11494:      */
11494:     public byte[] getEncodedKeyIdentifier() throws IOException {
11494:         if (id != null) {
11494:             DerOutputStream derOut = new DerOutputStream();
11494:             id.encode(derOut);
11494:             return derOut.toByteArray();
11494:         }
11494:         return null;
11494:     }
    0: }
...

This will show you that the function you're interested in was added
with change 11494

 - now get the bug id of this change:

$ hg log -r 11494
changeset:   11494:ffd65eb4d2be 11476:5b8ec82dc4d3
user:        mullan
date:        Mon Mar 21 14:13:57 2016 +0000
summary:     8072463: Remove requirement that AKID and SKID have to
match when building certificate chain
Reviewed-by: xuelei

 - finally check the bug in the Java bug system:

https://bugs.openjdk.java.net/browse/JDK-8072463

...
JDK-8142944 8u102  Sean Coffey P3 Resolved Fixed b02
JDK-8142945 7u121  Sean Coffey P3 Resolved Fixed b01
JDK-8155040 7u111  Sean Coffey P3 Closed Won't Fix
JDK-8156372 8u111  Sean Mullan P3 Resolved Fixed b01
JDK-8162209 emb-8u111  Sean Mullan P3 Resolved Fixed b01
...

It lists all the builds where this issue has been integrated and 8u101
is obviously not among the releases which contains this fix (8u102b02
is actually the first branch containing this fix).

In the OpenJDK sources, this change is definitely not in the jdk8u101
branch. You should ask the provider of your "openJDK 1.8.0.101" binary
why he has some functionality in it which only appears in the OpenJDK
repositories in the jdk8u102 branch (starting from build 2).

Regards,
Volker

>
>> That said, other distributions which
>> derive from OpenJDK (e.g. IcedTea or Linux distros) may have differences, but that is outside my knowledge area.  If you build
>> OpenJDK from the source, the binaries of JSSE in OpenJDK and OracleJDK will be the same.
>
> I downloaded the source of openJDK from its source repositories and compiled it myself.
> I also tested with https://github.com/ojdkbuild/ojdkbuild.
>
> I downloaded oracleJDK from oracle itself.
>
> So I don't think this is the issue.
>
>
> Regards,
>   Steffen
>
>