[8u] RFR 8258833: Cancel multi-part cipher operations in SunPKCS11 after failures

Andrew Hughes gnu.andrew at redhat.com
Mon Feb 8 05:45:06 UTC 2021 

On 16:38 Wed 27 Jan     , Martin Balao wrote:
> Hi,
> 
> I'd like to propose an 8u backport of JDK-8258833 [1].
> 
> Webrev.00:
> 
>  *
> http://cr.openjdk.java.net/~mbalao/webrevs/8258833/8258833.webrev.8u.jdk.00
> 
> The 11u patch does not apply cleanly because of the following conflicts:
> 
>  * src/share/classes/sun/security/pkcs11/P11Signature.java
>   * JDK-8149802 was not backported to 8u, so the context for one of the
> hunks is different. In particular, "pe" was expected to be the
> PKCS11Exception exception variable name -in 8u the name is "e"-, and a
> catch "SignatureException | ProviderException e" line was expected
> after. None of this affects the 8u backport of 8258833; which, in the
> aforementioned hunk, adds documentation only. Backporting 8149802 to 8u
> would require further analysis; as the fix is quite old now and many
> changes have been applied on top of it. For example, the most-updated
> jdk/jdk code just re-throws the SignatureException and ProviderException
> exceptions. In other words, the cancelOperation call introduced by
> 8149802 was removed and it's a no-operation now. Please notice that both
> jdk/jdk and 8u do a cancel call from the 'finally' block (which did not
> exist by the time 8149802 was developed). As a result, my suggestion
> here would be not to block the 8u backport of 8258833 enforcing a
> dependency on 8149802. The conflict has been trivially fixed rebasing
> the hunk context to 8u.
> 
>  * test/sun/security/pkcs11/Cipher/CancelMultipart.java
>   * '@modules jdk.crypto.cryptoki/sun.security.pkcs11:open' does not
> apply to 8u
>   * '/test/lib' library path replaced with '/lib/security'
> 
>  * File paths converted to the pre-modules scheme.
> 
> Testing: no regressions observed in the sun/security/pkcs11 category.
> 
> Thanks,
> Martin.-
> 
> --
> [1] - https://bugs.openjdk.java.net/browse/JDK-8258833
> 

Looks good to me. Approved.
-- 
Andrew :)

Senior Free Java Software Engineer
OpenJDK Package Owner
Red Hat, Inc. (http://www.redhat.com)

PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04  C5A0 CFDA 0F9B 3596 4222

More information about the jdk8u-dev mailing list