[jdk17u-dev] Integrated: 8302111: Serialization considerations

Goetz Lindenmaier goetz at openjdk.org
Tue Feb 25 16:22:59 UTC 2025 

On Mon, 17 Feb 2025 16:39:14 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:

> I backport this to match 17.0.13-oracle based on the commit to 21.
> 
> I had to resolve several files, two of them considerably:
> 
> src/java.base/share/classes/com/sun/crypto/provider/DHPrivateKey.java
>   Resolved larger chunk.
> src/java.base/share/classes/com/sun/crypto/provider/DHPublicKey.java
>   Resolved some code.
> 
> The new code in DHPublic/PrivateKey depends on the removal
> of IOExceptions in [JDK-8297065](https://bugs.openjdk.org/browse/JDK-8297065) "DerOutputStream operations should not throw IOExceptions". 
> This change is in 21 but not in 17. Thus code backported from 21 calls functions of 
> DerOutputStream that do not throw an exception in 21, but do so in 17. 
> JDK-8297065 makes the point that these exceptions can never be thrown, which also
> holds for 17.  So I just catch and ignore them.
> 
> Also, I had to adapt code because an exception constructor with cause for
> InvalidObjectException is missing in 17.
> This was added by [JDK-8282696](https://bugs.openjdk.org/browse/JDK-8282696) "Add constructors taking a cause
> to InvalidObjectException and InvalidClassException" in 19.
> I added a call to initCause() to store the causing exception.
> 
> I double-checked that [JDK-8297065](https://bugs.openjdk.org/browse/JDK-8297065) was not backported
> by Oracle. Backporting this change would simplify matters considerably.
> 
> The remaining files only needed trivial resolves:
> 
> src/java.base/share/classes/java/security/Permissions.java
> src/java.base/share/classes/java/security/SignedObject.java
>   Only Copyright.
> src/java.base/share/classes/java/security/Timestamp.java
>   Copyright and import.
> src/java.base/share/classes/java/security/UnresolvedPermissionCollection.java
> src/java.base/share/classes/java/security/cert/CertificateRevokedException.java
> src/java.base/share/classes/sun/security/provider/DRBG.java
> src/java.base/share/classes/sun/security/util/ObjectIdentifier.java
> src/java.base/share/classes/sun/security/x509/AlgIdDSA.java
>   Only Copyright.
> src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5Context.java
>   Resolved imports.
> src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5InitCredential.java
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecureRandom.java
>   Only Copyright.
> 
> I manually ran these tests on linux x86_64:
> 
> test/jdk/com/sun/security
> test/jdk/java/awt/security
> test/jdk/java/net/httpclient/security
> test/jdk/java/net/httpclient/websocket/security
> test/jdk/java/security
> test/jdk/javax/management/security
> test/jdk/javax/security
> t...

This pull request has now been integrated.

Changeset: ae0177b6
Author:    Goetz Lindenmaier <goetz at openjdk.org>
URL:       https://git.openjdk.org/jdk17u-dev/commit/ae0177b6abc1c4b3755ec446f2f35ad2616107a9
Stats:     1092 lines in 21 files changed: 602 ins; 339 del; 151 mod

8302111: Serialization considerations

Reviewed-by: rrich
Backport-of: 369c573383a0120e0d85aeb89a211f38b5261013

-------------

PR: https://git.openjdk.org/jdk17u-dev/pull/3278

More information about the jdk-updates-dev mailing list