/hg/release/icedtea7-forest-2.6/jdk: 44 new changesets
andrew at icedtea.classpath.org
andrew at icedtea.classpath.org
Thu Apr 19 17:28:41 UTC 2018
changeset 31b12e3c618c in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=31b12e3c618c
author: andrew
date: Thu Apr 19 04:01:14 2018 +0100
PR3576: System cacerts database handling should not affect jssecacerts
changeset 7ae89263e2c3 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=7ae89263e2c3
author: andrew
date: Thu Apr 19 04:49:16 2018 +0100
Bump to icedtea-2.6.14pre01
changeset 8d0bf5ceb0fc in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=8d0bf5ceb0fc
author: andrew
date: Thu Apr 19 04:49:54 2018 +0100
Added tag icedtea-2.6.14pre01 for changeset 7ae89263e2c3
changeset 9a154462b388 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=9a154462b388
author: juh
date: Tue Apr 03 16:57:08 2018 +0100
8019360: Cleanup of the javadoc <code> tag in java.security.*
Summary: Convert to {@code ...} tags. convert package.html to package-info.java.
Reviewed-by: darcy
changeset 4b540216e69a in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=4b540216e69a
author: darcy
date: Tue Apr 03 17:20:05 2018 +0100
7132338: Use @code friendly idiom for '\' in javadoc
Reviewed-by: alanb
changeset 5dc251e3461b in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=5dc251e3461b
author: rriggs
date: Tue Apr 03 17:29:12 2018 +0100
8026982: javadoc errors in core libs
Summary: Cleanup of javadoc -Xlint errors
Reviewed-by: lancea, mduigou, darcy, mullan, mchung
changeset 557cd6fc528c in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=557cd6fc528c
author: darcy
date: Tue Apr 03 17:34:23 2018 +0100
8029475: Fix more doclint issues in javax.security
Reviewed-by: juh
changeset 23a8b6dc4653 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=23a8b6dc4653
author: rpatil
date: Tue Apr 03 18:23:01 2018 +0100
8169080: Improve documentation examples for crypto applications
Reviewed-by: wetmore
Contributed-by: prasadarao.koppula at oracle.com
changeset 7b40f359b4bf in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=7b40f359b4bf
author: robm
date: Wed Apr 04 13:35:59 2018 +0100
8180881: Better packaging of deserialization
Reviewed-by: chegar, acorn
changeset e037abd46b1a in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=e037abd46b1a
author: apetcher
date: Wed Apr 04 13:37:49 2018 +0100
8182362: Update CipherOutputStream Usage
Summary: Clarify spec of CipherOutputStream in Javadoc comments
Reviewed-by: ascarpino
changeset 835c0031ac39 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=835c0031ac39
author: prr
date: Wed Apr 04 16:19:12 2018 +0100
8162488: JDK should be updated to use LittleCMS 2.8
Reviewed-by: serb, psadhukhan
changeset a0936e1d39d6 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=a0936e1d39d6
author: prr
date: Wed Apr 04 16:39:46 2018 +0100
8183032: Upgrade to LittleCMS 2.9
Reviewed-by: serb, psadhukhan, mschoene, rhalade
changeset ce6a47cbe6c6 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=ce6a47cbe6c6
author: coffeys
date: Wed Apr 04 19:43:07 2018 +0100
8189969: Manifest better manifest entries
Reviewed-by: weijun, igerasim
changeset 4a53de062a38 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=4a53de062a38
author: igerasim
date: Wed Apr 04 19:48:07 2018 +0100
8189977: Improve permission portability
Reviewed-by: rriggs
changeset 28ad4730ccbd in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=28ad4730ccbd
author: igerasim
date: Wed Apr 04 19:56:55 2018 +0100
8189981: Improve queuing portability
Reviewed-by: skoivu, rhalade, chegar, igerasim
changeset 94247dc2c4d3 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=94247dc2c4d3
author: mchinnathamb
date: Wed Apr 04 20:03:57 2018 +0100
8189985: Improve tabular data portability
Reviewed-by: dfuchs, robm
changeset 8cc1649473aa in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=8cc1649473aa
author: serb
date: Wed Nov 15 07:07:16 2017 -0800
8189989: Improve container portability
Reviewed-by: prr, azvegint, rhalade, skoivu
changeset 98b1874b35fc in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=98b1874b35fc
author: andrew
date: Wed Apr 04 21:05:40 2018 +0100
8200760: java.security-linux was missed in backport of JDK-8160104
Reviewed-by: aph
changeset eb270836a47a in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=eb270836a47a
author: ohrstrom
date: Wed Apr 04 21:13:40 2018 +0100
8001419: Build the JCE portion of JDK-8000970
Summary: Original code done by Fredrik Ohrstrom, separated/pushed by wetmore. 7171982 changes added for backport.
Reviewed-by: wetmore
changeset 9146181d901a in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=9146181d901a
author: igerasim
date: Wed Apr 04 22:30:12 2018 +0100
8189997: Enhance keystore mechanisms
8194259: keytool error: java.io.IOException: Invalid secret key format
Reviewed-by: mullan, valeriep, rriggs, ahgross
changeset bfc76ef66432 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=bfc76ef66432
author: serb
date: Wed Apr 04 23:17:45 2018 +0100
8191696: Better mouse positioning
Reviewed-by: skoivu, rhalade, prr, aghaisas
changeset 2c5212a1e10b in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=2c5212a1e10b
author: serb
date: Wed Apr 04 23:21:40 2018 +0100
8192030: Better MTSchema support
Reviewed-by: skoivu, rhalade, prr, aghaisas
changeset 0864f9f18f3a in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=0864f9f18f3a
author: rpatil
date: Wed Feb 07 00:09:23 2018 -0800
8192757: Improve stub classes implementation
Reviewed-by: rriggs, dfuchs, erikj
changeset 63539550b71c in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=63539550b71c
author: igerasim
date: Wed Apr 04 23:34:31 2018 +0100
8193409: Improve AES supporting classes
Reviewed-by: valeriep
changeset f4b6ad5ca3fb in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=f4b6ad5ca3fb
author: igerasim
date: Thu Apr 05 00:37:47 2018 +0100
8193414: Improvements in MethodType lookups
Reviewed-by: ahgross, jrose
changeset 520fe125fb8d in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=520fe125fb8d
author: robm
date: Thu Feb 15 19:03:51 2018 +0000
8193833: Better RMI connection support
Reviewed-by: smarks
changeset 2acd8b6a8da5 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=2acd8b6a8da5
author: snikandrova
date: Mon Jul 18 14:39:21 2016 +0300
8054213: Class name repeated in output of Type.toString()
Reviewed-by: darcy
changeset 691b130011bd in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=691b130011bd
author: igerasim
date: Thu Apr 05 20:49:21 2018 +0100
8150530: Improve javax.crypto.BadPaddingException messages
Reviewed-by: xuelei
changeset 9b80bdc032f2 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=9b80bdc032f2
author: rpatil
date: Thu Apr 05 22:59:52 2018 +0100
8153955: increase java.util.logging.FileHandler MAX_LOCKS limit
Summary: This patch adds a new JDK implementation specific system property "jdk.internal.FileHandlerLogging.maxLocks" to control java.util.logging.FileHandler's MAX_LOCKS limit.
Reviewed-by: coffeys, dfuchs
changeset 8c10d901810f in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=8c10d901810f
author: igerasim
date: Fri Apr 06 16:11:15 2018 +0100
8175075: Add 3DES to the default disabled algorithm security property
Reviewed-by: xuelei, mullan, rhalade
changeset d3ad17f5361e in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=d3ad17f5361e
author: aivanov
date: Fri Apr 06 16:26:41 2018 +0100
8179665: [Windows] java.awt.IllegalComponentStateException: component must be showing on the screen to determine its location
Reviewed-by: prr, serb, ssadetsky
changeset 863ee2af06e9 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=863ee2af06e9
author: robm
date: Fri Jan 12 22:16:44 2018 +0000
8186032: Disable XML Signatures signed with EC keys less than 224 bits
Reviewed-by: mullan
changeset f6d0386e83da in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=f6d0386e83da
author: vinnie
date: Fri Nov 14 14:12:58 2014 +0000
8034031: [parfait] JNI exception pending in jdk/src/macosx/native/apple/security/KeystoreImpl.m
Reviewed-by: alanb, weijun
changeset f2ed11af5ada in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=f2ed11af5ada
author: igerasim
date: Wed Dec 13 11:59:07 2017 -0800
8187496: Possible memory leak in java.apple.security.KeychainStore.addItemToKeychain
Reviewed-by: weijun, mullan, ahgross
changeset 28fabc1415b4 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=28fabc1415b4
author: rpatil
date: Tue Feb 27 19:59:31 2018 -0800
8198494: 8u171 and 8u172 - Build failure on non-SE Linux Platforms
Reviewed-by: dfuchs, rriggs, coffeys, aefimov
changeset 83251cc43371 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=83251cc43371
author: coffeys
date: Fri Apr 06 17:24:41 2018 +0100
8029020: Check src/share/native/java/util/zip code for JNI pending exceptions
Reviewed-by: alanb, chegar
changeset 7a5cd7ff849e in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=7a5cd7ff849e
author: coffeys
date: Mon Nov 27 16:53:29 2017 +0000
8189789: tomcat gzip-compressed response bodies appear to be broken in update 151
Reviewed-by: sherman, phh
changeset 27d048f8271c in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=27d048f8271c
author: mullan
date: Fri Dec 08 09:37:28 2017 -0500
8191358: Restore TSA certificate expiration check
Reviewed-by: coffeys, rhalade
changeset a788d62ebacd in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=a788d62ebacd
author: robm
date: Tue Feb 20 14:00:02 2018 +0000
8191909: Nightly failures in nashorn suite
Reviewed-by: chegar
changeset 636fbdbc150e in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=636fbdbc150e
author: igerasim
date: Fri Apr 06 18:37:12 2018 +0100
8192789: Avoid using AtomicReference in sun.security.provider.PolicyFile
Reviewed-by: mullan, ahgross
changeset fa547a6b7683 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=fa547a6b7683
author: robm
date: Sun Mar 04 16:33:27 2018 +0000
8198963: Fix new rmi property name
Reviewed-by: smarks
changeset 9483a1259c9e in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=9483a1259c9e
author: xuelei
date: Thu Apr 12 04:24:20 2018 +0100
8020842: IDN do not throw IAE when hostname ends with a trailing dot
8024068: sun/security/ssl/javax/net/ssl/ServerName/IllegalSNIName.java fails
Reviewed-by: weijun, michaelm
changeset 01043dfe49f1 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=01043dfe49f1
author: andrew
date: Thu Apr 19 04:51:01 2018 +0100
Added tag jdk7u181-b00 for changeset 9483a1259c9e
changeset 88859cc294e1 in /hg/release/icedtea7-forest-2.6/jdk
details: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.6/jdk?cmd=changeset;node=88859cc294e1
author: andrew
date: Thu Apr 19 17:55:33 2018 +0100
Merge jdk7u181-b00
diffstat:
.hgtags | 2 +
make/java/java/mapfile-vers | 2 +-
make/jdk_generic_profile.sh | 2 +-
make/sun/cmm/lcms/FILES_c_unix.gmk | 1 +
make/sun/cmm/lcms/FILES_c_windows.gmk | 1 +
src/macosx/native/apple/security/KeystoreImpl.m | 68 +-
src/share/classes/com/sun/crypto/provider/CipherCore.java | 5 +-
src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java | 18 +-
src/share/classes/com/sun/crypto/provider/FeedbackCipher.java | 6 +-
src/share/classes/com/sun/crypto/provider/JceKeyStore.java | 8 +-
src/share/classes/com/sun/crypto/provider/KeyProtector.java | 37 +-
src/share/classes/com/sun/crypto/provider/SealedObjectForKeyProtector.java | 163 ++
src/share/classes/com/sun/crypto/provider/ai.java | 64 -
src/share/classes/java/awt/Container.java | 10 +-
src/share/classes/java/io/ByteArrayInputStream.java | 1 -
src/share/classes/java/io/ByteArrayOutputStream.java | 2 -
src/share/classes/java/io/DataInput.java | 345 ++--
src/share/classes/java/io/DataOutput.java | 70 +-
src/share/classes/java/io/FilePermission.java | 12 +-
src/share/classes/java/io/InputStream.java | 3 +-
src/share/classes/java/io/LineNumberInputStream.java | 70 +-
src/share/classes/java/io/ObjectInputStream.java | 19 +-
src/share/classes/java/io/PipedInputStream.java | 7 +-
src/share/classes/java/io/PipedReader.java | 7 +-
src/share/classes/java/io/RandomAccessFile.java | 238 ++--
src/share/classes/java/io/Serializable.java | 8 +-
src/share/classes/java/io/SerializablePermission.java | 1 -
src/share/classes/java/io/StreamTokenizer.java | 126 +-
src/share/classes/java/lang/AbstractStringBuilder.java | 272 ++--
src/share/classes/java/lang/ArrayStoreException.java | 2 +-
src/share/classes/java/lang/Byte.java | 14 +-
src/share/classes/java/lang/Character.java | 12 +-
src/share/classes/java/lang/Class.java | 4 +-
src/share/classes/java/lang/ClassCastException.java | 2 +-
src/share/classes/java/lang/Double.java | 20 +-
src/share/classes/java/lang/Float.java | 20 +-
src/share/classes/java/lang/Integer.java | 51 +-
src/share/classes/java/lang/Long.java | 63 +-
src/share/classes/java/lang/RuntimePermission.java | 1 -
src/share/classes/java/lang/Short.java | 14 +-
src/share/classes/java/lang/String.java | 510 ++++----
src/share/classes/java/lang/Thread.java | 8 +-
src/share/classes/java/lang/invoke/MethodType.java | 30 +-
src/share/classes/java/lang/management/ManagementFactory.java | 2 +-
src/share/classes/java/lang/management/ManagementPermission.java | 4 +-
src/share/classes/java/lang/management/MemoryUsage.java | 4 +-
src/share/classes/java/lang/management/package.html | 4 +-
src/share/classes/java/lang/reflect/ReflectPermission.java | 1 -
src/share/classes/java/net/DatagramSocket.java | 4 +-
src/share/classes/java/net/Inet6Address.java | 6 +-
src/share/classes/java/net/MulticastSocket.java | 2 +-
src/share/classes/java/net/NetPermission.java | 1 -
src/share/classes/java/net/Proxy.java | 4 +-
src/share/classes/java/net/Socket.java | 6 +-
src/share/classes/java/net/SocketOptions.java | 6 +-
src/share/classes/java/net/SocketPermission.java | 18 +-
src/share/classes/java/net/URI.java | 6 +-
src/share/classes/java/net/URLConnection.java | 2 +-
src/share/classes/java/net/URLDecoder.java | 2 +-
src/share/classes/java/net/URLEncoder.java | 1 -
src/share/classes/java/net/package-info.java | 6 +-
src/share/classes/java/nio/X-Buffer.java.template | 2 +-
src/share/classes/java/nio/file/FileSystem.java | 2 +-
src/share/classes/java/rmi/activation/ActivationGroup.java | 6 +-
src/share/classes/java/rmi/dgc/VMID.java | 2 +-
src/share/classes/java/rmi/server/UnicastRemoteObject.java | 6 +-
src/share/classes/java/security/AccessControlContext.java | 40 +-
src/share/classes/java/security/AccessControlException.java | 6 +-
src/share/classes/java/security/AccessController.java | 135 +-
src/share/classes/java/security/AlgorithmParameterGenerator.java | 24 +-
src/share/classes/java/security/AlgorithmParameterGeneratorSpi.java | 6 +-
src/share/classes/java/security/AlgorithmParameters.java | 48 +-
src/share/classes/java/security/AlgorithmParametersSpi.java | 18 +-
src/share/classes/java/security/AllPermission.java | 4 +-
src/share/classes/java/security/AuthProvider.java | 48 +-
src/share/classes/java/security/BasicPermission.java | 23 +-
src/share/classes/java/security/Certificate.java | 12 +-
src/share/classes/java/security/CodeSigner.java | 12 +-
src/share/classes/java/security/CodeSource.java | 12 +-
src/share/classes/java/security/DigestException.java | 14 +-
src/share/classes/java/security/DigestInputStream.java | 24 +-
src/share/classes/java/security/DigestOutputStream.java | 16 +-
src/share/classes/java/security/DomainCombiner.java | 54 +-
src/share/classes/java/security/GeneralSecurityException.java | 16 +-
src/share/classes/java/security/Guard.java | 10 +-
src/share/classes/java/security/GuardedObject.java | 6 +-
src/share/classes/java/security/Identity.java | 48 +-
src/share/classes/java/security/IdentityScope.java | 18 +-
src/share/classes/java/security/InvalidAlgorithmParameterException.java | 14 +-
src/share/classes/java/security/InvalidKeyException.java | 14 +-
src/share/classes/java/security/Key.java | 15 +-
src/share/classes/java/security/KeyException.java | 14 +-
src/share/classes/java/security/KeyFactory.java | 28 +-
src/share/classes/java/security/KeyFactorySpi.java | 16 +-
src/share/classes/java/security/KeyManagementException.java | 14 +-
src/share/classes/java/security/KeyPair.java | 4 +-
src/share/classes/java/security/KeyPairGenerator.java | 55 +-
src/share/classes/java/security/KeyPairGeneratorSpi.java | 10 +-
src/share/classes/java/security/KeyRep.java | 16 +-
src/share/classes/java/security/KeyStore.java | 309 ++--
src/share/classes/java/security/KeyStoreException.java | 14 +-
src/share/classes/java/security/KeyStoreSpi.java | 142 +-
src/share/classes/java/security/MessageDigest.java | 62 +-
src/share/classes/java/security/MessageDigestSpi.java | 16 +-
src/share/classes/java/security/NoSuchAlgorithmException.java | 14 +-
src/share/classes/java/security/Permission.java | 36 +-
src/share/classes/java/security/PermissionCollection.java | 33 +-
src/share/classes/java/security/Permissions.java | 26 +-
src/share/classes/java/security/Policy.java | 56 +-
src/share/classes/java/security/PolicySpi.java | 10 +-
src/share/classes/java/security/PrivilegedAction.java | 12 +-
src/share/classes/java/security/PrivilegedActionException.java | 18 +-
src/share/classes/java/security/PrivilegedExceptionAction.java | 14 +-
src/share/classes/java/security/ProtectionDomain.java | 6 +-
src/share/classes/java/security/Provider.java | 106 +-
src/share/classes/java/security/ProviderException.java | 14 +-
src/share/classes/java/security/PublicKey.java | 4 +-
src/share/classes/java/security/SecureClassLoader.java | 38 +-
src/share/classes/java/security/SecureRandom.java | 64 +-
src/share/classes/java/security/SecureRandomSpi.java | 8 +-
src/share/classes/java/security/Security.java | 68 +-
src/share/classes/java/security/SecurityPermission.java | 18 +-
src/share/classes/java/security/Signature.java | 81 +-
src/share/classes/java/security/SignatureException.java | 14 +-
src/share/classes/java/security/SignatureSpi.java | 28 +-
src/share/classes/java/security/SignedObject.java | 41 +-
src/share/classes/java/security/Signer.java | 20 +-
src/share/classes/java/security/UnresolvedPermission.java | 28 +-
src/share/classes/java/security/acl/Acl.java | 32 +-
src/share/classes/java/security/acl/AclEntry.java | 4 +-
src/share/classes/java/security/acl/Group.java | 4 +-
src/share/classes/java/security/acl/Owner.java | 4 +-
src/share/classes/java/security/acl/package-info.java | 33 +
src/share/classes/java/security/acl/package.html | 54 -
src/share/classes/java/security/cert/CertificateFactory.java | 4 +-
src/share/classes/java/security/cert/PolicyQualifierInfo.java | 2 +-
src/share/classes/java/security/cert/TrustAnchor.java | 1 -
src/share/classes/java/security/cert/X509CertSelector.java | 4 +-
src/share/classes/java/security/cert/package-info.java | 62 +
src/share/classes/java/security/cert/package.html | 65 -
src/share/classes/java/security/interfaces/DSAKeyPairGenerator.java | 26 +-
src/share/classes/java/security/interfaces/DSAParams.java | 14 +-
src/share/classes/java/security/interfaces/DSAPrivateKey.java | 6 +-
src/share/classes/java/security/interfaces/DSAPublicKey.java | 6 +-
src/share/classes/java/security/interfaces/package-info.java | 74 +
src/share/classes/java/security/interfaces/package.html | 77 -
src/share/classes/java/security/package-info.java | 112 +
src/share/classes/java/security/package.html | 117 -
src/share/classes/java/security/spec/package-info.java | 73 +
src/share/classes/java/security/spec/package.html | 78 -
src/share/classes/java/text/MessageFormat.java | 6 +-
src/share/classes/java/text/Normalizer.java | 8 +-
src/share/classes/java/text/SimpleDateFormat.java | 1 -
src/share/classes/java/util/BitSet.java | 4 +-
src/share/classes/java/util/Deque.java | 3 -
src/share/classes/java/util/Hashtable.java | 4 +
src/share/classes/java/util/Locale.java | 4 +-
src/share/classes/java/util/Properties.java | 183 +-
src/share/classes/java/util/PropertyPermission.java | 9 +-
src/share/classes/java/util/Queue.java | 1 -
src/share/classes/java/util/ResourceBundle.java | 1 -
src/share/classes/java/util/Scanner.java | 1 -
src/share/classes/java/util/UUID.java | 4 +-
src/share/classes/java/util/Vector.java | 29 +-
src/share/classes/java/util/concurrent/BlockingDeque.java | 2 -
src/share/classes/java/util/concurrent/BlockingQueue.java | 1 -
src/share/classes/java/util/concurrent/Future.java | 4 +-
src/share/classes/java/util/concurrent/PriorityBlockingQueue.java | 6 +-
src/share/classes/java/util/concurrent/locks/ReentrantReadWriteLock.java | 1 -
src/share/classes/java/util/jar/Pack200.java | 2 +-
src/share/classes/java/util/logging/FileHandler.java | 28 +-
src/share/classes/java/util/regex/Pattern.java | 2 +-
src/share/classes/java/util/spi/LocaleServiceProvider.java | 2 +-
src/share/classes/javax/crypto/Cipher.java | 35 +-
src/share/classes/javax/crypto/CipherOutputStream.java | 12 +-
src/share/classes/javax/crypto/CipherSpi.java | 42 +-
src/share/classes/javax/crypto/KeyGenerator.java | 1 -
src/share/classes/javax/crypto/Mac.java | 4 +-
src/share/classes/javax/crypto/SealedObject.java | 54 +-
src/share/classes/javax/management/openmbean/TabularDataSupport.java | 7 +-
src/share/classes/javax/net/ssl/SSLEngine.java | 6 +-
src/share/classes/javax/net/ssl/SSLPermission.java | 3 +-
src/share/classes/javax/security/auth/PrivateCredentialPermission.java | 4 +-
src/share/classes/javax/security/auth/kerberos/DelegationPermission.java | 4 +-
src/share/classes/javax/security/auth/kerberos/ServicePermission.java | 6 +-
src/share/classes/javax/security/auth/login/LoginContext.java | 12 +-
src/share/classes/javax/security/auth/x500/X500Principal.java | 2 +-
src/share/classes/sun/misc/JavaxCryptoSealedObjectAccess.java | 38 +
src/share/classes/sun/misc/Launcher.java | 17 +-
src/share/classes/sun/misc/SharedSecrets.java | 15 +-
src/share/classes/sun/misc/VM.java | 21 +-
src/share/classes/sun/reflect/generics/reflectiveObjects/ParameterizedTypeImpl.java | 4 +-
src/share/classes/sun/rmi/server/MarshalInputStream.java | 6 +-
src/share/classes/sun/rmi/transport/tcp/TCPTransport.java | 9 +
src/share/classes/sun/security/pkcs11/P11RSACipher.java | 4 +-
src/share/classes/sun/security/provider/PolicyFile.java | 14 +-
src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java | 22 +-
src/share/classes/sun/security/rsa/RSAPadding.java | 7 +-
src/share/classes/sun/security/ssl/CipherBox.java | 17 +-
src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java | 16 +-
src/share/classes/sun/security/util/HostnameChecker.java | 288 ++++-
src/share/classes/sun/security/util/ManifestDigester.java | 86 +-
src/share/lib/security/java.security-linux | 44 +-
src/share/lib/security/java.security-macosx | 23 +-
src/share/lib/security/java.security-solaris | 23 +-
src/share/lib/security/java.security-windows | 23 +-
src/share/native/java/util/zip/Deflater.c | 25 +-
src/share/native/java/util/zip/Inflater.c | 13 +-
src/share/native/java/util/zip/ZipFile.c | 14 +-
src/share/native/java/util/zip/zlib/deflate.c | 6 +-
src/share/native/java/util/zip/zlib/patches/ChangeLog_java | 2 +
src/share/native/sun/java2d/cmm/lcms/LCMS.c | 6 +-
src/share/native/sun/java2d/cmm/lcms/cmsalpha.c | 588 ++++++++++
src/share/native/sun/java2d/cmm/lcms/cmscam02.c | 2 +-
src/share/native/sun/java2d/cmm/lcms/cmscgats.c | 365 +++---
src/share/native/sun/java2d/cmm/lcms/cmscnvrt.c | 22 +-
src/share/native/sun/java2d/cmm/lcms/cmserr.c | 16 +-
src/share/native/sun/java2d/cmm/lcms/cmsgamma.c | 466 +++++--
src/share/native/sun/java2d/cmm/lcms/cmsgmt.c | 10 +-
src/share/native/sun/java2d/cmm/lcms/cmshalf.c | 6 +-
src/share/native/sun/java2d/cmm/lcms/cmsintrp.c | 64 +-
src/share/native/sun/java2d/cmm/lcms/cmsio0.c | 122 +-
src/share/native/sun/java2d/cmm/lcms/cmsio1.c | 79 +-
src/share/native/sun/java2d/cmm/lcms/cmslut.c | 132 +-
src/share/native/sun/java2d/cmm/lcms/cmsmd5.c | 2 +-
src/share/native/sun/java2d/cmm/lcms/cmsmtrx.c | 4 +-
src/share/native/sun/java2d/cmm/lcms/cmsnamed.c | 92 +-
src/share/native/sun/java2d/cmm/lcms/cmsopt.c | 221 ++-
src/share/native/sun/java2d/cmm/lcms/cmspack.c | 557 +++++----
src/share/native/sun/java2d/cmm/lcms/cmspcs.c | 16 +-
src/share/native/sun/java2d/cmm/lcms/cmsplugin.c | 100 +-
src/share/native/sun/java2d/cmm/lcms/cmsps2.c | 78 +-
src/share/native/sun/java2d/cmm/lcms/cmssamp.c | 2 +-
src/share/native/sun/java2d/cmm/lcms/cmssm.c | 11 +-
src/share/native/sun/java2d/cmm/lcms/cmstypes.c | 308 +++--
src/share/native/sun/java2d/cmm/lcms/cmsvirt.c | 65 +-
src/share/native/sun/java2d/cmm/lcms/cmswtpnt.c | 7 +-
src/share/native/sun/java2d/cmm/lcms/cmsxform.c | 441 +++++--
src/share/native/sun/java2d/cmm/lcms/lcms2.h | 160 +-
src/share/native/sun/java2d/cmm/lcms/lcms2_internal.h | 161 +-
src/share/native/sun/java2d/cmm/lcms/lcms2_plugin.h | 46 +-
src/share/native/sun/misc/VM.c | 2 +-
src/solaris/classes/sun/awt/X11/XMouseInfoPeer.java | 22 +-
src/windows/classes/sun/awt/windows/ThemeReader.java | 18 +-
src/windows/classes/sun/awt/windows/WInputMethod.java | 5 +-
src/windows/native/sun/windows/MouseInfo.cpp | 3 +-
src/windows/native/sun/windows/ThemeReader.cpp | 4 +-
src/windows/native/sun/windows/awt_Component.cpp | 6 +
test/java/lang/reflect/Generics/TestGenericReturnTypeToString.java | 135 ++
test/java/util/logging/FileHandlerMaxLocksTest.java | 113 +
test/java/util/zip/InflateIn_DeflateOut.java | 121 ++-
test/javax/swing/JFrame/AlwaysOnTop/AlwaysOnTopImeTest.java | 73 +
test/sun/rmi/transport/proxy/EagerHttpFallback.java | 2 +-
test/sun/rmi/transport/tcp/blockAccept/BlockAcceptTest.java | 2 +-
test/sun/security/ssl/javax/net/ssl/ServerName/IllegalSNIName.java | 85 +
test/sun/security/ssl/sun/net/www/protocol/https/NewImpl/ComHostnameVerifier.java | 9 +-
test/sun/security/ssl/sun/net/www/protocol/https/NewImpl/JavaxHostnameVerifier.java | 9 +-
257 files changed, 6981 insertions(+), 4374 deletions(-)
diffs (truncated from 24777 to 500 lines):
diff -r 0274fb482b7d -r 88859cc294e1 .hgtags
--- a/.hgtags Wed Feb 28 05:52:09 2018 +0000
+++ b/.hgtags Thu Apr 19 17:55:33 2018 +0100
@@ -670,3 +670,5 @@
239c3c49e218806ae5eea1d7be806faacf3c9330 jdk7u171-b01
047ce250a0ab99c4650d506c0ab6fc9734968a28 jdk7u171-b02
68b6bb380175e4469e995a6c8a49a64a4c658cdc icedtea-2.6.13
+7ae89263e2c362312ec38041f456b52a0bfddc30 icedtea-2.6.14pre01
+9483a1259c9e24e766d449f085b015ef57736dd6 jdk7u181-b00
diff -r 0274fb482b7d -r 88859cc294e1 make/java/java/mapfile-vers
--- a/make/java/java/mapfile-vers Wed Feb 28 05:52:09 2018 +0000
+++ b/make/java/java/mapfile-vers Thu Apr 19 17:55:33 2018 +0100
@@ -267,7 +267,7 @@
Java_sun_misc_Version_getJvmVersionInfo;
Java_sun_misc_Version_getJvmSpecialVersion;
Java_sun_misc_VM_getThreadStateValues;
- Java_sun_misc_VM_latestUserDefinedLoader;
+ Java_sun_misc_VM_latestUserDefinedLoader0;
Java_sun_misc_VM_initialize;
Java_sun_misc_VMSupport_initAgentProperties;
Java_sun_misc_VMSupport_getVMTemporaryDirectory;
diff -r 0274fb482b7d -r 88859cc294e1 make/jdk_generic_profile.sh
--- a/make/jdk_generic_profile.sh Wed Feb 28 05:52:09 2018 +0000
+++ b/make/jdk_generic_profile.sh Thu Apr 19 17:55:33 2018 +0100
@@ -672,7 +672,7 @@
# IcedTea versioning
export ICEDTEA_NAME="IcedTea"
-export PACKAGE_VERSION="2.6.13"
+export PACKAGE_VERSION="2.6.14pre01"
export DERIVATIVE_ID="${ICEDTEA_NAME} ${PACKAGE_VERSION}"
echo "Building ${DERIVATIVE_ID}"
diff -r 0274fb482b7d -r 88859cc294e1 make/sun/cmm/lcms/FILES_c_unix.gmk
--- a/make/sun/cmm/lcms/FILES_c_unix.gmk Wed Feb 28 05:52:09 2018 +0000
+++ b/make/sun/cmm/lcms/FILES_c_unix.gmk Thu Apr 19 17:55:33 2018 +0100
@@ -26,6 +26,7 @@
ifneq ($(SYSTEM_LCMS),true)
FILES_c = \
+ cmsalpha.c \
cmscam02.c \
cmscgats.c \
cmscnvrt.c \
diff -r 0274fb482b7d -r 88859cc294e1 make/sun/cmm/lcms/FILES_c_windows.gmk
--- a/make/sun/cmm/lcms/FILES_c_windows.gmk Wed Feb 28 05:52:09 2018 +0000
+++ b/make/sun/cmm/lcms/FILES_c_windows.gmk Thu Apr 19 17:55:33 2018 +0100
@@ -24,6 +24,7 @@
#
FILES_c = \
+ cmsalpha.c \
cmscam02.c \
cmscgats.c \
cmscnvrt.c \
diff -r 0274fb482b7d -r 88859cc294e1 src/macosx/native/apple/security/KeystoreImpl.m
--- a/src/macosx/native/apple/security/KeystoreImpl.m Wed Feb 28 05:52:09 2018 +0000
+++ b/src/macosx/native/apple/security/KeystoreImpl.m Thu Apr 19 17:55:33 2018 +0100
@@ -299,11 +299,21 @@
// Make a java array of certificate data from the chain.
jclass byteArrayClass = (*env)->FindClass(env, "[B");
+ if (byteArrayClass == NULL) {
+ goto errOut;
+ }
jobjectArray javaCertArray = (*env)->NewObjectArray(env, certCount, byteArrayClass, NULL);
+ // Cleanup first then check for a NULL return code
(*env)->DeleteLocalRef(env, byteArrayClass);
+ if (javaCertArray == NULL) {
+ goto errOut;
+ }
// And, make an array of the certificate refs.
jlongArray certRefArray = (*env)->NewLongArray(env, certCount);
+ if (certRefArray == NULL) {
+ goto errOut;
+ }
SecCertificateRef currCertRef = NULL;
@@ -318,6 +328,9 @@
bzero(&currCertData, sizeof(CSSM_DATA));
err = SecCertificateGetData(currCertRef, &currCertData);
jbyteArray encodedCertData = (*env)->NewByteArray(env, currCertData.Length);
+ if (encodedCertData == NULL) {
+ goto errOut;
+ }
(*env)->SetByteArrayRegion(env, encodedCertData, 0, currCertData.Length, (jbyte *)currCertData.Data);
(*env)->SetObjectArrayElement(env, javaCertArray, i, encodedCertData);
jlong certRefElement = ptr_to_jlong(currCertRef);
@@ -330,6 +343,9 @@
// Find the label. It's a 'blob', but we interpret as characters.
jstring alias = getLabelFromItem(env, (SecKeychainItemRef)certificate);
+ if (alias == NULL) {
+ goto errOut;
+ }
// Find the creation date.
jlong creationDate = getModDateFromItem(env, (SecKeychainItemRef)certificate);
@@ -340,6 +356,7 @@
}
} while (searchResult == noErr);
+errOut:
if (identitySearch != NULL) {
CFRelease(identitySearch);
}
@@ -362,10 +379,16 @@
CSSM_DATA currCertificate;
err = SecCertificateGetData(certRef, &currCertificate);
jbyteArray certData = (*env)->NewByteArray(env, currCertificate.Length);
+ if (certData == NULL) {
+ goto errOut;
+ }
(*env)->SetByteArrayRegion(env, certData, 0, currCertificate.Length, (jbyte *)currCertificate.Data);
// Find the label. It's a 'blob', but we interpret as characters.
jstring alias = getLabelFromItem(env, theItem);
+ if (alias == NULL) {
+ goto errOut;
+ }
// Find the creation date.
jlong creationDate = getModDateFromItem(env, theItem);
@@ -376,6 +399,7 @@
}
} while (searchResult == noErr);
+errOut:
if (keychainItemSearch != NULL) {
CFRelease(keychainItemSearch);
}
@@ -404,12 +428,14 @@
if (passwordLen > 0) {
passwordChars = (*env)->GetCharArrayElements(env, passwordObj, NULL);
- passwordStrRef = CFStringCreateWithCharacters(kCFAllocatorDefault, passwordChars, passwordLen);
+ if (passwordChars == NULL) {
+ goto errOut;
+ }
- // clear the password and release
- memset(passwordChars, 0, passwordLen);
- (*env)->ReleaseCharArrayElements(env, passwordObj, passwordChars,
- JNI_ABORT);
+ passwordStrRef = CFStringCreateWithCharactersNoCopy(NULL, passwordChars, passwordLen, kCFAllocatorNull);
+ if (passwordStrRef == NULL) {
+ goto errOut;
+ }
}
}
@@ -428,12 +454,21 @@
if (err == noErr) {
CFIndex size = CFDataGetLength(exportedData);
returnValue = (*env)->NewByteArray(env, size);
+ if (returnValue == NULL) {
+ goto errOut;
+ }
(*env)->SetByteArrayRegion(env, returnValue, 0, size, (jbyte *)CFDataGetBytePtr(exportedData));
}
+errOut:
if (exportedData) CFRelease(exportedData);
if (passwordStrRef) CFRelease(passwordStrRef);
-
+ if (passwordChars) {
+ // clear the password and release
+ memset(passwordChars, 0, passwordLen);
+ (*env)->ReleaseCharArrayElements(env, passwordObj, passwordChars,
+ JNI_ABORT);
+ }
return returnValue;
}
@@ -471,6 +506,9 @@
jsize dataSize = (*env)->GetArrayLength(env, rawDataObj);
jbyte *rawData = (*env)->GetByteArrayElements(env, rawDataObj, NULL);
+ if (rawData == NULL) {
+ goto errOut;
+ }
CFDataRef cfDataToImport = CFDataCreate(kCFAllocatorDefault, (UInt8 *)rawData, dataSize);
CFArrayRef createdItems = NULL;
@@ -495,12 +533,11 @@
if (passwordChars == NULL) {
goto errOut;
}
- passwordStrRef = CFStringCreateWithCharacters(kCFAllocatorDefault, passwordChars, passwordLen);
- // clear the password and release
- memset(passwordChars, 0, passwordLen);
- (*env)->ReleaseCharArrayElements(env, passwordObj, passwordChars,
- JNI_ABORT);
+ passwordStrRef = CFStringCreateWithCharactersNoCopy(NULL, passwordChars, passwordLen, kCFAllocatorNull);
+ if (passwordStrRef == NULL) {
+ goto errOut;
+ }
}
}
@@ -538,6 +575,15 @@
CFRelease(createdItems);
}
+errOut:
+ if (passwordStrRef) CFRelease(passwordStrRef);
+ if (passwordChars) {
+ // clear the password and release
+ memset(passwordChars, 0, passwordLen);
+ (*env)->ReleaseCharArrayElements(env, passwordObj, passwordChars,
+ JNI_ABORT);
+ }
+
JNF_COCOA_EXIT(env);
return returnValue;
diff -r 0274fb482b7d -r 88859cc294e1 src/share/classes/com/sun/crypto/provider/CipherCore.java
--- a/src/share/classes/com/sun/crypto/provider/CipherCore.java Wed Feb 28 05:52:09 2018 +0000
+++ b/src/share/classes/com/sun/crypto/provider/CipherCore.java Thu Apr 19 17:55:33 2018 +0100
@@ -849,8 +849,9 @@
if (padding != null) {
int padStart = padding.unpad(outWithPadding, 0, outLen);
if (padStart < 0) {
- throw new BadPaddingException("Given final block not "
- + "properly padded");
+ throw new BadPaddingException("Given final block not " +
+ "properly padded. Such issues can arise if a bad key " +
+ "is used during decryption.");
}
outLen = padStart;
}
diff -r 0274fb482b7d -r 88859cc294e1 src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java
--- a/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java Wed Feb 28 05:52:09 2018 +0000
+++ b/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java Thu Apr 19 17:55:33 2018 +0100
@@ -473,6 +473,9 @@
} catch (InvalidKeyException ike) {
// should never happen
throw new RuntimeException("Internal cipher key is corrupted");
+ } catch (InvalidAlgorithmParameterException iape) {
+ // should never happen
+ throw new RuntimeException("Internal cipher IV is invalid");
}
byte[] out2 = new byte[out.length];
cipher.encrypt(out, 0, out.length, out2, 0);
@@ -484,6 +487,9 @@
} catch (InvalidKeyException ike) {
// should never happen
throw new RuntimeException("Internal cipher key is corrupted");
+ } catch (InvalidAlgorithmParameterException iape) {
+ // should never happen
+ throw new RuntimeException("Internal cipher IV is invalid");
}
return out2;
}
@@ -527,8 +533,12 @@
}
iv = new byte[IV_LEN];
System.arraycopy(buffer, 0, iv, 0, iv.length);
- cipher.init(true, cipherKey.getAlgorithm(), cipherKey.getEncoded(),
+ try {
+ cipher.init(true, cipherKey.getAlgorithm(), cipherKey.getEncoded(),
iv);
+ } catch (InvalidAlgorithmParameterException iape) {
+ throw new InvalidKeyException("IV in wrapped key is invalid");
+ }
byte[] buffer2 = new byte[buffer.length - iv.length];
cipher.decrypt(buffer, iv.length, buffer2.length,
buffer2, 0);
@@ -541,8 +551,12 @@
}
}
// restore cipher state to prior to this call
- cipher.init(decrypting, cipherKey.getAlgorithm(),
+ try {
+ cipher.init(decrypting, cipherKey.getAlgorithm(),
cipherKey.getEncoded(), IV2);
+ } catch (InvalidAlgorithmParameterException iape) {
+ throw new InvalidKeyException("IV in wrapped key is invalid");
+ }
byte[] out = new byte[keyValLen];
System.arraycopy(buffer2, 0, out, 0, keyValLen);
return ConstructKeys.constructKey(out, wrappedKeyAlgorithm,
diff -r 0274fb482b7d -r 88859cc294e1 src/share/classes/com/sun/crypto/provider/FeedbackCipher.java
--- a/src/share/classes/com/sun/crypto/provider/FeedbackCipher.java Wed Feb 28 05:52:09 2018 +0000
+++ b/src/share/classes/com/sun/crypto/provider/FeedbackCipher.java Thu Apr 19 17:55:33 2018 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -26,6 +26,7 @@
package com.sun.crypto.provider;
import java.security.InvalidKeyException;
+import java.security.InvalidAlgorithmParameterException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.ShortBufferException;
@@ -100,7 +101,8 @@
* initializing this cipher
*/
abstract void init(boolean decrypting, String algorithm, byte[] key,
- byte[] iv) throws InvalidKeyException;
+ byte[] iv) throws InvalidKeyException,
+ InvalidAlgorithmParameterException;
/**
* Gets the initialization vector.
diff -r 0274fb482b7d -r 88859cc294e1 src/share/classes/com/sun/crypto/provider/JceKeyStore.java
--- a/src/share/classes/com/sun/crypto/provider/JceKeyStore.java Wed Feb 28 05:52:09 2018 +0000
+++ b/src/share/classes/com/sun/crypto/provider/JceKeyStore.java Thu Apr 19 17:55:33 2018 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -929,8 +929,10 @@
// First run a custom filter
long nestedDepth = info.depth();
if ((nestedDepth == 1 &&
- info.serialClass() != SealedObjectForKeyProtector.class) ||
- nestedDepth > MAX_NESTED_DEPTH) {
+ info.serialClass() != SealedObjectForKeyProtector.class) ||
+ (nestedDepth > MAX_NESTED_DEPTH &&
+ info.serialClass() != null &&
+ info.serialClass() != Object.class)) {
return Status.REJECTED;
}
diff -r 0274fb482b7d -r 88859cc294e1 src/share/classes/com/sun/crypto/provider/KeyProtector.java
--- a/src/share/classes/com/sun/crypto/provider/KeyProtector.java Wed Feb 28 05:52:09 2018 +0000
+++ b/src/share/classes/com/sun/crypto/provider/KeyProtector.java Thu Apr 19 17:55:33 2018 +0100
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -26,8 +26,6 @@
package com.sun.crypto.provider;
import java.io.IOException;
-import java.io.Serializable;
-import java.security.Security;
import java.security.Key;
import java.security.PrivateKey;
import java.security.Provider;
@@ -43,7 +41,6 @@
import javax.crypto.Cipher;
import javax.crypto.CipherSpi;
import javax.crypto.SecretKey;
-import javax.crypto.IllegalBlockSizeException;
import javax.crypto.SealedObject;
import javax.crypto.spec.*;
import sun.security.x509.AlgorithmId;
@@ -346,7 +343,7 @@
SunJCE.getInstance(),
"PBEWithMD5AndTripleDES");
cipher.init(Cipher.DECRYPT_MODE, skey, params);
- return (Key)soForKeyProtector.getObject(cipher);
+ return soForKeyProtector.getKey(cipher);
} catch (NoSuchAlgorithmException ex) {
// Note: this catch needed to be here because of the
// later catch of GeneralSecurityException
@@ -376,33 +373,3 @@
super(cipherSpi, provider, transformation);
}
}
-
-final class SealedObjectForKeyProtector extends javax.crypto.SealedObject {
-
- static final long serialVersionUID = -3650226485480866989L;
-
- SealedObjectForKeyProtector(Serializable object, Cipher c)
- throws IOException, IllegalBlockSizeException {
- super(object, c);
- }
-
- SealedObjectForKeyProtector(SealedObject so) {
- super(so);
- }
-
- AlgorithmParameters getParameters() {
- AlgorithmParameters params = null;
- if (super.encodedParams != null) {
- try {
- params = AlgorithmParameters.getInstance("PBE",
- SunJCE.getInstance());
- params.init(super.encodedParams);
- } catch (NoSuchAlgorithmException nsae) {
- //eat.
- } catch (IOException ioe) {
- //eat.
- }
- }
- return params;
- }
-}
diff -r 0274fb482b7d -r 88859cc294e1 src/share/classes/com/sun/crypto/provider/SealedObjectForKeyProtector.java
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/com/sun/crypto/provider/SealedObjectForKeyProtector.java Thu Apr 19 17:55:33 2018 +0100
@@ -0,0 +1,163 @@
+/*
+ * Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.sun.crypto.provider;
+
+import sun.misc.ObjectInputFilter;
+import sun.misc.SharedSecrets;
+
+import java.io.*;
+import java.security.*;
+import javax.crypto.*;
+
+final class SealedObjectForKeyProtector extends SealedObject {
+
+ static final long serialVersionUID = -3650226485480866989L;
+
+ /**
+ * The InputStreamFilter for a Key object inside this SealedObject. It can
+ * be either provided as a {@link Security} property or a system property
+ * (when provided as latter, it shadows the former). If the result of this
+ * filter is {@link sun.misc.ObjectInputFilter.Status.UNDECIDED}, the system
+ * level filter defined by jdk.serialFilter will be consulted. The value
+ * of this property uses the same format of jdk.serialFilter.
+ */
+ private static final String KEY_SERIAL_FILTER = "jceks.key.serialFilter";
+
+ SealedObjectForKeyProtector(Serializable object, Cipher c)
+ throws IOException, IllegalBlockSizeException {
+ super(object, c);
+ }
+
+ SealedObjectForKeyProtector(SealedObject so) {
+ super(so);
+ }
+
+ AlgorithmParameters getParameters() {
+ AlgorithmParameters params = null;
+ if (super.encodedParams != null) {
+ try {
+ params = AlgorithmParameters.getInstance("PBE",
+ SunJCE.getInstance());
+ params.init(super.encodedParams);
+ } catch (NoSuchAlgorithmException nsae) {
+ throw new RuntimeException(
+ "SunJCE provider is not configured properly");
+ } catch (IOException io) {
+ throw new RuntimeException("Parameter failure: "+
+ io.getMessage());
+ }
+ }
+ return params;
+ }
+
+ final Key getKey(Cipher c)
+ throws IOException, ClassNotFoundException, IllegalBlockSizeException,
+ BadPaddingException {
+
+ try (ObjectInputStream ois = SharedSecrets.getJavaxCryptoSealedObjectAccess()
+ .getExtObjectInputStream(this, c)) {
+ AccessController.doPrivileged(new PrivilegedAction<Void>() {
+ @Override
+ public Void run() {
+ ObjectInputFilter.Config.setObjectInputFilter(ois,
+ DeserializationChecker.ONE_FILTER);
+ return null;
+ }
+ });
+ try {
More information about the distro-pkg-dev
mailing list