[jdk11u-dev] RFR: 8239264: Clearup the legacy ObjectIdentifier constructor from int array

Matthias Baesken mbaesken at openjdk.org
Fri May 26 14:13:57 UTC 2023 

On Thu, 25 May 2023 08:19:23 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:

> I had to work on this intensely to get it into 11.
> 
> First I resolved the conflicts:
> 
> src/java.base/macosx/classes/apple/security/KeychainStore.java
> Copyright, different way to call loadLibrary.
> This was wrongly removed anyways, see JDK-8240193
> 
> src/java.base/share/classes/com/sun/crypto/provider/DHPrivateKey.java
> src/java.base/share/classes/com/sun/crypto/provider/DHPublicKey.java
> src/java.base/share/classes/com/sun/crypto/provider/OAEPParameters.java
> src/java.base/share/classes/sun/security/pkcs/ContentInfo.java
> All Copyright
> 
> src/java.base/share/classes/sun/security/pkcs/PKCS9Attribute.java
> The change is subsumed by 8268801: Improve PKCS attribute handling", a
> closed issue that is not in head.
> 8268801 brought parts of this change to
> 11 as it was needed for some security fix.
> 
> src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
> Copyright, Complex resolve due to context
> 
> src/java.base/share/classes/sun/security/util/ObjectIdentifier.java
> Copyright
> Complex resolve due to context.  Hunk in line 486 actually differs, but change
> is only new formatting.
> 
> src/java.base/share/classes/sun/security/x509/AlgorithmId.java
> Copyright
> 
> Second, to make it compile, I had to adapt the newly introduced calls to
> ObjectIdentifier.of(). Unfortunately, "8268801: Improve PKCS attribute handling"
> already backported parts of the later change
> "8242151: Improve OID mapping and reuse among JDK security providers f..."
> that make of() throw an exception. I restored the original function,
> renamed it and adapted all the call sites.
> 
> This comes in a separate commit.  I will backport "JDK-8242151: Improve OID mapping and reuse among JDK security providers for aliases registration" on top of this, which will remove of1() again.

LGTM thanks for backporting.
However I am a bit concerned about removal of public methods in an old release that have a comment like "This method is kept for compatibility reasons. The new implementation
does the check and conversion. All around the JDK, the method is called  ...."
(see  src/java.base/share/classes/sun/security/util/ObjectIdentifier.java  )   ; could we break existing code using 11 ?

-------------

Marked as reviewed by mbaesken (Reviewer).

PR Review: https://git.openjdk.org/jdk11u-dev/pull/1898#pullrequestreview-1446324514

More information about the jdk-updates-dev mailing list