[jdk17u-dev] RFR: 8302111: Serialization considerations [v4]
Goetz Lindenmaier
goetz at openjdk.org
Fri Feb 21 14:43:14 UTC 2025
On Fri, 21 Feb 2025 06:56:29 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:
>> I backport this to match 17.0.13-oracle based on the commit to 21.
>>
>> I had to resolve several files, two of them considerably:
>>
>> src/java.base/share/classes/com/sun/crypto/provider/DHPrivateKey.java
>> Resolved larger chunk.
>> src/java.base/share/classes/com/sun/crypto/provider/DHPublicKey.java
>> Resolved some code.
>>
>> The new code in DHPublic/PrivateKey depends on the removal
>> of IOExceptions in [JDK-8297065](https://bugs.openjdk.org/browse/JDK-8297065) "DerOutputStream operations should not throw IOExceptions".
>> This change is in 21 but not in 17. Thus code backported from 21 calls functions of
>> DerOutputStream that do not throw an exception in 21, but do so in 17.
>> JDK-8297065 makes the point that these exceptions can never be thrown, which also
>> holds for 17. So I just catch and ignore them.
>>
>> Also, I had to adapt code because an exception constructor with cause for
>> InvalidObjectException is missing in 17.
>> This was added by [JDK-8282696](https://bugs.openjdk.org/browse/JDK-8282696) "Add constructors taking a cause
>> to InvalidObjectException and InvalidClassException" in 19.
>> I added a call to initCause() to store the causing exception.
>>
>> I double-checked that [JDK-8297065](https://bugs.openjdk.org/browse/JDK-8297065) was not backported
>> by Oracle. Backporting this change would simplify matters considerably.
>>
>> The remaining files only needed trivial resolves:
>>
>> src/java.base/share/classes/java/security/Permissions.java
>> src/java.base/share/classes/java/security/SignedObject.java
>> Only Copyright.
>> src/java.base/share/classes/java/security/Timestamp.java
>> Copyright and import.
>> src/java.base/share/classes/java/security/UnresolvedPermissionCollection.java
>> src/java.base/share/classes/java/security/cert/CertificateRevokedException.java
>> src/java.base/share/classes/sun/security/provider/DRBG.java
>> src/java.base/share/classes/sun/security/util/ObjectIdentifier.java
>> src/java.base/share/classes/sun/security/x509/AlgIdDSA.java
>> Only Copyright.
>> src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5Context.java
>> Resolved imports.
>> src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5InitCredential.java
>> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecureRandom.java
>> Only Copyright.
>>
>> I manually ran these tests on linux x86_64:
>>
>> test/jdk/com/sun/security
>> test/jdk/java/awt/security
>> test/jdk/java/net/httpclient/security
>> test/jdk/java/net/httpclient/we...
>
> Goetz Lindenmaier has updated the pull request incrementally with one additional commit since the last revision:
>
> Remove null check before calling initCause
Triggered by the discussion here and offline I had a second look at the exceptions I need to add because JDK-8297065 is not in 17. I committed some code that brings these closer to the origin. One I had added is not really needed as IOException is caught at the callsite anyways.
-------------
PR Comment: https://git.openjdk.org/jdk17u-dev/pull/3278#issuecomment-2674729272
More information about the jdk-updates-dev
mailing list