/hg/release/icedtea7-forest-2.5/jdk: 27 new changesets
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Tue Oct 14 20:14:08 UTC 2014
changeset d8e8a3469b10 in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=d8e8a3469b10
author: mbankal
date: Thu Jun 19 23:20:26 2014 -0700
8037846: Ensure streaming of input cipher streams
Reviewed-by: ascarpino, coffeys, robm, ahgross, asmotrak
changeset 8d0fb48c8aad in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=8d0fb48c8aad
author: coffeys
date: Fri Jul 11 12:22:02 2014 +0100
7160837: DigestOutputStream does not turn off digest calculation when "close()" is called
8012637: Adjust CipherInputStream class to work in AEAD/GCM mode
Reviewed-by: ascarpino, mbankal
changeset 7f6e12a04c9c in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=7f6e12a04c9c
author: sgabdura
date: Wed May 21 08:38:00 2014 +0200
8015256: Better class accessibility
Summary: Improve protection domain check in forName()
Reviewed-by: coleenp, mchung, acorn, jdn
changeset 76186528d444 in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=76186528d444
author: coffeys
date: Thu Oct 02 02:10:56 2014 +0100
8028192: Use of PKCS11-NSS provider in FIPS mode broken
Reviewed-by: xuelei
changeset 727c91b48b9a in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=727c91b48b9a
author: mcherkas
date: Mon Jul 14 17:00:32 2014 +0400
8035162: Service printing service
Reviewed-by: bae, jgodinez, mschoene
Contributed-by: artem.malinko at oracle.com
changeset 4af55bc2305a in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=4af55bc2305a
author: dmeetry
date: Wed May 28 10:34:41 2014 +0400
8035781: Improve equality for annotations
Reviewed-by: darcy
changeset 8710cd45b2be in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=8710cd45b2be
author: naoto
date: Mon Apr 21 13:29:56 2014 -0700
8036936: Use local locales
Summary: Made sure cache key is cleared on GC invocation
Reviewed-by: okutsu
changeset 68cb686778bb in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=68cb686778bb
author: mbankal
date: Tue Jun 10 02:07:15 2014 -0700
8037066: Secure transport layer
Reviewed-by: xuelei, coffeys, ahgross, asmotrak
changeset cd618bef98e9 in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=cd618bef98e9
author: anashaty
date: Mon May 19 17:46:12 2014 +0400
8038000: java.awt.image.RasterFormatException: Incorrect scanline stride
Reviewed-by: bae, serb
changeset 069a0295190b in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=069a0295190b
author: robm
date: Thu May 29 19:43:14 2014 +0100
8038364: Use certificate exceptions correctly
Reviewed-by: mullan, coffeys
changeset 230de2494a75 in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=230de2494a75
author: igerasim
date: Thu May 29 15:31:00 2014 +0400
8038908: Make Signature more robust
Reviewed-by: valeriep, skoivu, asmotrak
changeset df0116af14cb in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=df0116af14cb
author: aefimov
date: Mon Jul 07 18:41:49 2014 +0400
8038913: Bolster XML support
Reviewed-by: mullan
changeset 83ec3bc09479 in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=83ec3bc09479
author: igerasim
date: Wed Apr 16 12:37:49 2014 +0400
8039396: NPE when writing a class descriptor object to a custom ObjectOutputStream
Reviewed-by: alanb
changeset c03b9e2fe2c7 in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=c03b9e2fe2c7
author: robm
date: Mon Jun 16 08:53:40 2014 -0700
8039509: Wrap sockets more thoroughly
Reviewed-by: michaelm, coffeys
changeset 68d50f61dab9 in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=68d50f61dab9
author: igerasim
date: Mon May 12 15:07:32 2014 +0400
8041529: Better parameterization of parameter lists
Reviewed-by: twisti, ahgross
changeset c9f7512d4a3a in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=c9f7512d4a3a
author: bae
date: Thu May 29 10:48:39 2014 +0400
8041540: Better use of pages in font processing
Reviewed-by: prr
changeset 99f95fab84c8 in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=99f95fab84c8
author: pchelko
date: Fri May 23 12:03:24 2014 +0400
8041545: Better validation of generated rasters
Reviewed-by: prr, serb, bae, skoivu
changeset ecaf6325319f in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=ecaf6325319f
author: dfuchs
date: Wed May 14 15:23:59 2014 +0200
8041564: Improved management of logger resources
Reviewed-by: skoivu, mchung, igerasim
changeset 73bf3b365e80 in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=73bf3b365e80
author: azvegint
date: Fri May 30 16:20:04 2014 +0400
8042609: Limit splashiness of splash images
Reviewed-by: mschoene, serb
changeset e71df8a80509 in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=e71df8a80509
author: igerasim
date: Fri Jun 06 00:58:04 2014 +0400
8042797: Avoid strawberries in LogRecord
Reviewed-by: dfuchs
changeset fda2754500f3 in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=fda2754500f3
author: bae
date: Sat Jun 21 01:39:52 2014 +0400
8042850: Extra unused entries in ICU ScriptCodes enum
Reviewed-by: prr
changeset d62afc010f62 in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=d62afc010f62
author: dmeetry
date: Fri Jul 04 21:03:03 2014 +0400
8044274: Proper property processing
Reviewed-by: naoto
changeset d2b7084a7344 in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=d2b7084a7344
author: prr
date: Wed Jul 30 11:12:38 2014 -0700
8052162: REGRESSION: sun/java2d/cmm/ColorConvertOp tests fail since 7u71 b01
Reviewed-by: bae, serb
changeset c2feb999b76e in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=c2feb999b76e
author: robm
date: Thu Aug 07 15:40:14 2014 +0100
8053963: (dc) Use DatagramChannel.receive() instead of read() in connect()
Reviewed-by: michaelm, chegar
changeset 59a0201c1b3f in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=59a0201c1b3f
author: mfang
date: Mon Aug 18 10:32:46 2014 -0700
8055176: 7u71 l10n resource file translation update
Reviewed-by: yhuang
changeset 6b81c7cc733e in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=6b81c7cc733e
author: andrew
date: Thu Oct 02 03:17:19 2014 +0100
Bump to 2.5.3
changeset e49ef2cfd3e8 in /hg/release/icedtea7-forest-2.5/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.5/jdk?cmd=changeset;node=e49ef2cfd3e8
author: andrew
date: Tue Oct 14 21:12:28 2014 +0100
Added tag icedtea-2.5.3 for changeset 6b81c7cc733e
diffstat:
.hgtags | 1 +
make/java/net/FILES_c.gmk | 1 +
make/java/net/mapfile-vers | 2 +
make/jdk_generic_profile.sh | 2 +-
src/share/classes/com/sun/accessibility/internal/resources/accessibility_zh_TW.properties | 2 +-
src/share/classes/com/sun/crypto/provider/RSACipher.java | 61 ++-
src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java | 21 +-
src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_sv.properties | 2 +-
src/share/classes/com/sun/org/apache/xml/internal/security/Init.java | 72 ++-
src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java | 7 +
src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java | 13 +-
src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java | 9 +-
src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java | 13 +
src/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java | 7 +
src/share/classes/com/sun/org/apache/xml/internal/security/utils/ElementProxy.java | 3 +
src/share/classes/com/sun/org/apache/xml/internal/security/utils/JavaUtils.java | 22 +
src/share/classes/com/sun/org/apache/xml/internal/security/utils/XMLUtils.java | 6 +
src/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java | 13 +
src/share/classes/com/sun/rowset/RowSetResourceBundle_pt_BR.properties | 4 +-
src/share/classes/com/sun/swing/internal/plaf/metal/resources/metal_sv.properties | 2 +-
src/share/classes/com/sun/swing/internal/plaf/synth/resources/synth_sv.properties | 2 +-
src/share/classes/com/sun/tools/example/debug/tty/TTYResources_ja.java | 4 +-
src/share/classes/com/sun/tools/jdi/resources/jdi_ja.properties | 8 +-
src/share/classes/java/io/ObjectOutputStream.java | 4 +-
src/share/classes/java/lang/Class.java | 23 +-
src/share/classes/java/lang/invoke/MethodType.java | 2 +-
src/share/classes/java/net/AbstractPlainDatagramSocketImpl.java | 4 +
src/share/classes/java/net/DatagramSocket.java | 50 ++-
src/share/classes/java/net/DatagramSocketImpl.java | 6 +
src/share/classes/java/security/DigestOutputStream.java | 6 +-
src/share/classes/java/security/Signature.java | 28 +-
src/share/classes/java/security/cert/CertificateRevokedException.java | 10 +-
src/share/classes/java/util/ResourceBundle.java | 19 +-
src/share/classes/java/util/logging/LogRecord.java | 8 +-
src/share/classes/java/util/logging/Logger.java | 9 +-
src/share/classes/javax/crypto/CipherInputStream.java | 35 +-
src/share/classes/javax/crypto/CipherOutputStream.java | 14 +-
src/share/classes/sun/awt/image/ByteBandedRaster.java | 20 +-
src/share/classes/sun/awt/image/ByteComponentRaster.java | 20 +-
src/share/classes/sun/awt/image/BytePackedRaster.java | 27 +-
src/share/classes/sun/awt/image/IntegerComponentRaster.java | 20 +-
src/share/classes/sun/awt/image/ShortBandedRaster.java | 19 +-
src/share/classes/sun/awt/image/ShortComponentRaster.java | 20 +-
src/share/classes/sun/awt/resources/awt_pt_BR.properties | 2 +-
src/share/classes/sun/nio/ch/DatagramChannelImpl.java | 20 +
src/share/classes/sun/reflect/annotation/AnnotationInvocationHandler.java | 112 +++++-
src/share/classes/sun/rmi/rmic/resources/rmic_ja.properties | 6 +-
src/share/classes/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java | 142 ++++---
src/share/classes/sun/security/pkcs11/P11RSACipher.java | 154 +++++++-
src/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java | 44 +-
src/share/classes/sun/security/pkcs11/Token.java | 34 +
src/share/classes/sun/security/ssl/ClientHandshaker.java | 190 +++++++++-
src/share/classes/sun/security/ssl/Handshaker.java | 12 +-
src/share/classes/sun/security/ssl/RSAClientKeyExchange.java | 166 +--------
src/share/classes/sun/security/ssl/SSLSessionImpl.java | 26 +-
src/share/classes/sun/security/util/KeyUtil.java | 74 +++
src/share/classes/sun/security/util/Resources_de.java | 10 +-
src/share/classes/sun/security/util/Resources_fr.java | 4 +-
src/share/classes/sun/security/util/Resources_it.java | 4 +-
src/share/classes/sun/security/util/Resources_pt_BR.java | 4 +-
src/share/classes/sun/tools/jconsole/resources/messages_ja.properties | 8 +-
src/share/classes/sun/util/locale/BaseLocale.java | 88 ++--
src/share/classes/sun/util/locale/LocaleObjectCache.java | 4 +-
src/share/javavm/export/jvm.h | 15 +-
src/share/native/java/lang/Class.c | 7 +-
src/share/native/sun/font/layout/ContextualSubstSubtables.cpp | 52 ++-
src/share/native/sun/font/layout/LEScripts.h | 6 -
src/solaris/classes/sun/print/CUPSPrinter.java | 8 +-
src/solaris/classes/sun/print/IPPPrintService.java | 8 +-
src/solaris/native/java/net/AbstractPlainDatagramSocketImpl.c | 89 ++++
src/windows/classes/sun/security/mscapi/RSACipher.java | 83 +++-
src/windows/native/java/net/AbstractPlainDatagramSocketImpl.c | 111 +++++
src/windows/native/sun/awt/splashscreen/splashscreen_sys.c | 13 +-
test/com/sun/crypto/provider/TLS/TestPremaster.java | 55 ++-
test/java/io/Serializable/unresolvableObjectStreamClass/UnresolvableObjectStreamClass.java | 68 +++
test/sun/java2d/cmm/ColorConvertOp/ColConvCCMTest.java | 2 +-
test/sun/security/pkcs11/fips/CipherTest.java | 15 +-
test/sun/security/pkcs11/fips/ClientJSSEServerJSSE.java | 12 +-
test/sun/security/pkcs11/tls/TestPremaster.java | 55 ++-
79 files changed, 1765 insertions(+), 559 deletions(-)
diffs (truncated from 4231 to 500 lines):
diff -r f9b67cec73d2 -r e49ef2cfd3e8 .hgtags
--- a/.hgtags Thu Oct 02 00:46:45 2014 +0100
+++ b/.hgtags Tue Oct 14 21:12:28 2014 +0100
@@ -475,3 +475,4 @@
1e6a8564aa3400fe8f84085c908f55a942d426f0 icedtea-2.5.2
fa4e5dae68e19bdd1f0bac703889a4cf30a59754 icedtea-2.5.3pre01
16dfadea81a1e00677ba697628177e2d60d5df7f icedtea-2.5.3pre02
+6b81c7cc733ef2ba77e86e88320c8ef34696c872 icedtea-2.5.3
diff -r f9b67cec73d2 -r e49ef2cfd3e8 make/java/net/FILES_c.gmk
--- a/make/java/net/FILES_c.gmk Thu Oct 02 00:46:45 2014 +0100
+++ b/make/java/net/FILES_c.gmk Tue Oct 14 21:12:28 2014 +0100
@@ -24,6 +24,7 @@
#
FILES_c = \
+ AbstractPlainDatagramSocketImpl.c \
DatagramPacket.c \
InetAddress.c \
Inet4Address.c \
diff -r f9b67cec73d2 -r e49ef2cfd3e8 make/java/net/mapfile-vers
--- a/make/java/net/mapfile-vers Thu Oct 02 00:46:45 2014 +0100
+++ b/make/java/net/mapfile-vers Tue Oct 14 21:12:28 2014 +0100
@@ -28,6 +28,8 @@
SUNWprivate_1.1 {
global:
JNI_OnLoad;
+ Java_java_net_AbstractPlainDatagramSocketImpl_init;
+ Java_java_net_AbstractPlainDatagramSocketImpl_dataAvailable;
Java_java_net_PlainSocketImpl_socketListen;
Java_java_net_PlainDatagramSocketImpl_getTTL;
Java_java_net_PlainDatagramSocketImpl_init;
diff -r f9b67cec73d2 -r e49ef2cfd3e8 make/jdk_generic_profile.sh
--- a/make/jdk_generic_profile.sh Thu Oct 02 00:46:45 2014 +0100
+++ b/make/jdk_generic_profile.sh Tue Oct 14 21:12:28 2014 +0100
@@ -625,7 +625,7 @@
# IcedTea versioning
export ICEDTEA_NAME="IcedTea"
-export PACKAGE_VERSION="2.5.3pre02"
+export PACKAGE_VERSION="2.5.3"
export DERIVATIVE_ID="${ICEDTEA_NAME} ${PACKAGE_VERSION}"
echo "Building ${DERIVATIVE_ID}"
diff -r f9b67cec73d2 -r e49ef2cfd3e8 src/share/classes/com/sun/accessibility/internal/resources/accessibility_zh_TW.properties
--- a/src/share/classes/com/sun/accessibility/internal/resources/accessibility_zh_TW.properties Thu Oct 02 00:46:45 2014 +0100
+++ b/src/share/classes/com/sun/accessibility/internal/resources/accessibility_zh_TW.properties Tue Oct 14 21:12:28 2014 +0100
@@ -44,7 +44,7 @@
popupmenu=\u5373\u73FE\u5F0F\u529F\u80FD\u8868
progressbar=\u9032\u5EA6\u5217
pushbutton=\u4E0B\u58D3\u6309\u9215
-radiobutton=\u55AE\u9078\u9215
+radiobutton=\u5713\u9215
rootpane=root \u7A97\u683C
rowheader=\u5217\u6A19\u984C
scrollbar=\u6372\u8EF8
diff -r f9b67cec73d2 -r e49ef2cfd3e8 src/share/classes/com/sun/crypto/provider/RSACipher.java
--- a/src/share/classes/com/sun/crypto/provider/RSACipher.java Thu Oct 02 00:46:45 2014 +0100
+++ b/src/share/classes/com/sun/crypto/provider/RSACipher.java Tue Oct 14 21:12:28 2014 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -39,6 +39,8 @@
import sun.security.rsa.*;
import sun.security.jca.Providers;
+import sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec;
+import sun.security.util.KeyUtil;
/**
* RSA cipher implementation. Supports RSA en/decryption and signing/verifying
@@ -91,8 +93,8 @@
// padding object
private RSAPadding padding;
- // cipher parameter for OAEP padding
- private OAEPParameterSpec spec = null;
+ // cipher parameter for OAEP padding and TLS RSA premaster secret
+ private AlgorithmParameterSpec spec = null;
// buffer for the data
private byte[] buffer;
@@ -110,6 +112,9 @@
// hash algorithm for OAEP
private String oaepHashAlgorithm = "SHA-1";
+ // the source of randomness
+ private SecureRandom random;
+
public RSACipher() {
paddingType = PAD_PKCS1;
}
@@ -175,7 +180,7 @@
// see JCE spec
protected AlgorithmParameters engineGetParameters() {
- if (spec != null) {
+ if (spec != null && spec instanceof OAEPParameterSpec) {
try {
AlgorithmParameters params =
AlgorithmParameters.getInstance("OAEP", "SunJCE");
@@ -278,8 +283,13 @@
buffer = new byte[n];
} else if (paddingType == PAD_PKCS1) {
if (params != null) {
- throw new InvalidAlgorithmParameterException
- ("Parameters not supported");
+ if (!(params instanceof TlsRsaPremasterSecretParameterSpec)) {
+ throw new InvalidAlgorithmParameterException(
+ "Parameters not supported");
+ }
+
+ spec = params;
+ this.random = random; // for TLS RSA premaster secret
}
int blockType = (mode <= MODE_DECRYPT) ? RSAPadding.PAD_BLOCKTYPE_2
: RSAPadding.PAD_BLOCKTYPE_1;
@@ -295,19 +305,18 @@
throw new InvalidKeyException
("OAEP cannot be used to sign or verify signatures");
}
- OAEPParameterSpec myParams;
if (params != null) {
if (!(params instanceof OAEPParameterSpec)) {
throw new InvalidAlgorithmParameterException
("Wrong Parameters for OAEP Padding");
}
- myParams = (OAEPParameterSpec) params;
+ spec = params;
} else {
- myParams = new OAEPParameterSpec(oaepHashAlgorithm, "MGF1",
+ spec = new OAEPParameterSpec(oaepHashAlgorithm, "MGF1",
MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT);
}
padding = RSAPadding.getInstance(RSAPadding.PAD_OAEP_MGF1, n,
- random, myParams);
+ random, (OAEPParameterSpec)spec);
if (encrypt) {
int k = padding.getMaxDataSize();
buffer = new byte[k];
@@ -422,17 +431,40 @@
if (wrappedKey.length > buffer.length) {
throw new InvalidKeyException("Key is too long for unwrapping");
}
+
+ boolean isTlsRsaPremasterSecret =
+ algorithm.equals("TlsRsaPremasterSecret");
+ Exception failover = null;
+ byte[] encoded = null;
+
update(wrappedKey, 0, wrappedKey.length);
try {
- byte[] encoded = doFinal();
- return ConstructKeys.constructKey(encoded, algorithm, type);
+ encoded = doFinal();
} catch (BadPaddingException e) {
- // should not occur
- throw new InvalidKeyException("Unwrapping failed", e);
+ if (isTlsRsaPremasterSecret) {
+ failover = e;
+ } else {
+ throw new InvalidKeyException("Unwrapping failed", e);
+ }
} catch (IllegalBlockSizeException e) {
// should not occur, handled with length check above
throw new InvalidKeyException("Unwrapping failed", e);
}
+
+ if (isTlsRsaPremasterSecret) {
+ if (!(spec instanceof TlsRsaPremasterSecretParameterSpec)) {
+ throw new IllegalStateException(
+ "No TlsRsaPremasterSecretParameterSpec specified");
+ }
+
+ // polish the TLS premaster secret
+ encoded = KeyUtil.checkTlsPreMasterSecretKey(
+ ((TlsRsaPremasterSecretParameterSpec)spec).getClientVersion(),
+ ((TlsRsaPremasterSecretParameterSpec)spec).getServerVersion(),
+ random, encoded, (failover != null));
+ }
+
+ return ConstructKeys.constructKey(encoded, algorithm, type);
}
// see JCE spec
@@ -440,5 +472,4 @@
RSAKey rsaKey = RSAKeyFactory.toRSAKey(key);
return rsaKey.getModulus().bitLength();
}
-
}
diff -r f9b67cec73d2 -r e49ef2cfd3e8 src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java
--- a/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java Thu Oct 02 00:46:45 2014 +0100
+++ b/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java Tue Oct 14 21:12:28 2014 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -56,7 +56,7 @@
protected void engineInit(AlgorithmParameterSpec params,
SecureRandom random) throws InvalidAlgorithmParameterException {
- if (params instanceof TlsRsaPremasterSecretParameterSpec == false) {
+ if (!(params instanceof TlsRsaPremasterSecretParameterSpec)) {
throw new InvalidAlgorithmParameterException(MSG);
}
this.spec = (TlsRsaPremasterSecretParameterSpec)params;
@@ -67,21 +67,20 @@
throw new InvalidParameterException(MSG);
}
+ // Only can be used in client side to generate TLS RSA premaster secret.
protected SecretKey engineGenerateKey() {
if (spec == null) {
throw new IllegalStateException(
"TlsRsaPremasterSecretGenerator must be initialized");
}
- byte[] b = spec.getEncodedSecret();
- if (b == null) {
- if (random == null) {
- random = new SecureRandom();
- }
- b = new byte[48];
- random.nextBytes(b);
- b[0] = (byte)spec.getMajorVersion();
- b[1] = (byte)spec.getMinorVersion();
+
+ if (random == null) {
+ random = new SecureRandom();
}
+ byte[] b = new byte[48];
+ random.nextBytes(b);
+ b[0] = (byte)spec.getMajorVersion();
+ b[1] = (byte)spec.getMinorVersion();
return new SecretKeySpec(b, "TlsRsaPremasterSecret");
}
diff -r f9b67cec73d2 -r e49ef2cfd3e8 src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_sv.properties
--- a/src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_sv.properties Thu Oct 02 00:46:45 2014 +0100
+++ b/src/share/classes/com/sun/java/swing/plaf/windows/resources/windows_sv.properties Tue Oct 14 21:12:28 2014 +0100
@@ -22,7 +22,7 @@
FileChooser.saveInLabel.textAndMnemonic=Spara i:
FileChooser.fileNameLabel.textAndMnemonic=Fil&namn:
FileChooser.folderNameLabel.textAndMnemonic=Mapp&namn:
-FileChooser.filesOfTypeLabel.textAndMnemonic=Filer av &typ:
+FileChooser.filesOfTypeLabel.textAndMnemonic=Filer av &typen:
FileChooser.upFolderToolTip.textAndMnemonic=Upp en niv\u00E5
FileChooser.upFolderAccessibleName=Upp
FileChooser.homeFolderToolTip.textAndMnemonic=Hem
diff -r f9b67cec73d2 -r e49ef2cfd3e8 src/share/classes/com/sun/org/apache/xml/internal/security/Init.java
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/Init.java Thu Oct 02 00:46:45 2014 +0100
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/Init.java Tue Oct 14 21:12:28 2014 +0100
@@ -25,6 +25,8 @@
import java.io.InputStream;
import java.security.AccessController;
import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.List;
@@ -35,6 +37,7 @@
import com.sun.org.apache.xml.internal.security.algorithms.JCEMapper;
import com.sun.org.apache.xml.internal.security.algorithms.SignatureAlgorithm;
import com.sun.org.apache.xml.internal.security.c14n.Canonicalizer;
+import com.sun.org.apache.xml.internal.security.exceptions.XMLSecurityException;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.KeyResolver;
import com.sun.org.apache.xml.internal.security.transforms.Transform;
import com.sun.org.apache.xml.internal.security.utils.ElementProxy;
@@ -118,43 +121,50 @@
log.log(java.util.logging.Level.FINE, "Registering default algorithms");
}
try {
- //
- // Bind the default prefixes
- //
- ElementProxy.registerDefaultPrefixes();
+ AccessController.doPrivileged(new PrivilegedExceptionAction<Void>(){
+ @Override public Void run() throws XMLSecurityException {
+ //
+ // Bind the default prefixes
+ //
+ ElementProxy.registerDefaultPrefixes();
- //
- // Set the default Transforms
- //
- Transform.registerDefaultAlgorithms();
+ //
+ // Set the default Transforms
+ //
+ Transform.registerDefaultAlgorithms();
- //
- // Set the default signature algorithms
- //
- SignatureAlgorithm.registerDefaultAlgorithms();
+ //
+ // Set the default signature algorithms
+ //
+ SignatureAlgorithm.registerDefaultAlgorithms();
- //
- // Set the default JCE algorithms
- //
- JCEMapper.registerDefaultAlgorithms();
+ //
+ // Set the default JCE algorithms
+ //
+ JCEMapper.registerDefaultAlgorithms();
- //
- // Set the default c14n algorithms
- //
- Canonicalizer.registerDefaultAlgorithms();
+ //
+ // Set the default c14n algorithms
+ //
+ Canonicalizer.registerDefaultAlgorithms();
- //
- // Register the default resolvers
- //
- ResourceResolver.registerDefaultResolvers();
+ //
+ // Register the default resolvers
+ //
+ ResourceResolver.registerDefaultResolvers();
- //
- // Register the default key resolvers
- //
- KeyResolver.registerDefaultResolvers();
- } catch (Exception ex) {
- log.log(java.util.logging.Level.SEVERE, ex.getMessage(), ex);
- ex.printStackTrace();
+ //
+ // Register the default key resolvers
+ //
+ KeyResolver.registerDefaultResolvers();
+
+ return null;
+ }
+ });
+ } catch (PrivilegedActionException ex) {
+ XMLSecurityException xse = (XMLSecurityException)ex.getException();
+ log.log(java.util.logging.Level.SEVERE, xse.getMessage(), xse);
+ xse.printStackTrace();
}
}
diff -r f9b67cec73d2 -r e49ef2cfd3e8 src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java Thu Oct 02 00:46:45 2014 +0100
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/JCEMapper.java Tue Oct 14 21:12:28 2014 +0100
@@ -27,6 +27,7 @@
import com.sun.org.apache.xml.internal.security.encryption.XMLCipher;
import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
+import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
import org.w3c.dom.Element;
@@ -49,8 +50,11 @@
*
* @param id
* @param algorithm
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the JCE algorithm
*/
public static void register(String id, Algorithm algorithm) {
+ JavaUtils.checkRegisterPermission();
algorithmsMap.put(id, algorithm);
}
@@ -264,8 +268,11 @@
/**
* Sets the default Provider for obtaining the security algorithms
* @param provider the default providerId.
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to set the JCE provider
*/
public static void setProviderId(String provider) {
+ JavaUtils.checkRegisterPermission();
providerName = provider;
}
diff -r f9b67cec73d2 -r e49ef2cfd3e8 src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java Thu Oct 02 00:46:45 2014 +0100
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java Tue Oct 14 21:12:28 2014 +0100
@@ -37,6 +37,7 @@
import com.sun.org.apache.xml.internal.security.signature.XMLSignature;
import com.sun.org.apache.xml.internal.security.signature.XMLSignatureException;
import com.sun.org.apache.xml.internal.security.utils.Constants;
+import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -314,18 +315,21 @@
}
/**
- * Registers implementing class of the Transform algorithm with algorithmURI
+ * Registers implementing class of the SignatureAlgorithm with algorithmURI
*
- * @param algorithmURI algorithmURI URI representation of <code>Transform algorithm</code>.
+ * @param algorithmURI algorithmURI URI representation of <code>SignatureAlgorithm</code>.
* @param implementingClass <code>implementingClass</code> the implementing class of
* {@link SignatureAlgorithmSpi}
* @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered
* @throws XMLSignatureException
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the signature algorithm
*/
@SuppressWarnings("unchecked")
public static void register(String algorithmURI, String implementingClass)
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException,
XMLSignatureException {
+ JavaUtils.checkRegisterPermission();
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass);
}
@@ -352,15 +356,18 @@
/**
* Registers implementing class of the Transform algorithm with algorithmURI
*
- * @param algorithmURI algorithmURI URI representation of <code>Transform algorithm</code>.
+ * @param algorithmURI algorithmURI URI representation of <code>SignatureAlgorithm</code>.
* @param implementingClass <code>implementingClass</code> the implementing class of
* {@link SignatureAlgorithmSpi}
* @throws AlgorithmAlreadyRegisteredException if specified algorithmURI is already registered
* @throws XMLSignatureException
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the signature algorithm
*/
public static void register(String algorithmURI, Class<? extends SignatureAlgorithmSpi> implementingClass)
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException,
XMLSignatureException {
+ JavaUtils.checkRegisterPermission();
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Try to register " + algorithmURI + " " + implementingClass);
}
diff -r f9b67cec73d2 -r e49ef2cfd3e8 src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java Thu Oct 02 00:46:45 2014 +0100
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java Tue Oct 14 21:12:28 2014 +0100
@@ -40,6 +40,7 @@
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315OmitComments;
import com.sun.org.apache.xml.internal.security.c14n.implementations.Canonicalizer20010315WithComments;
import com.sun.org.apache.xml.internal.security.exceptions.AlgorithmAlreadyRegisteredException;
+import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
@@ -136,10 +137,13 @@
* @param algorithmURI
* @param implementingClass
* @throws AlgorithmAlreadyRegisteredException
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the canonicalizer
*/
@SuppressWarnings("unchecked")
public static void register(String algorithmURI, String implementingClass)
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException {
+ JavaUtils.checkRegisterPermission();
// check whether URI is already registered
Class<? extends CanonicalizerSpi> registeredClass =
canonicalizerHash.get(algorithmURI);
@@ -160,9 +164,12 @@
* @param algorithmURI
* @param implementingClass
* @throws AlgorithmAlreadyRegisteredException
+ * @throws SecurityException if a security manager is installed and the
+ * caller does not have permission to register the canonicalizer
*/
- public static void register(String algorithmURI, Class<CanonicalizerSpi> implementingClass)
+ public static void register(String algorithmURI, Class<? extends CanonicalizerSpi> implementingClass)
throws AlgorithmAlreadyRegisteredException, ClassNotFoundException {
+ JavaUtils.checkRegisterPermission();
// check whether URI is already registered
Class<? extends CanonicalizerSpi> registeredClass = canonicalizerHash.get(algorithmURI);
diff -r f9b67cec73d2 -r e49ef2cfd3e8 src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java Thu Oct 02 00:46:45 2014 +0100
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java Tue Oct 14 21:12:28 2014 +0100
@@ -39,6 +39,7 @@
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509SKIResolver;
import com.sun.org.apache.xml.internal.security.keys.keyresolver.implementations.X509SubjectNameResolver;
import com.sun.org.apache.xml.internal.security.keys.storage.StorageResolver;
+import com.sun.org.apache.xml.internal.security.utils.JavaUtils;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -172,9 +173,12 @@
* @throws InstantiationException
* @throws IllegalAccessException
More information about the distro-pkg-dev
mailing list