[jdk8u] RFR: 8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs

[Francisco Ferrari Bihurriet]

Hi, here is a [JDK-8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs](https://bugs.openjdk.org/browse/JDK-8337664) backport, based on openjdk/jdk11u#95.

After adjusting the file paths from 11u to 8u, the backport isn't clean, but conflicts are minimal. These include a copyright line and minor `java.security-<platform>` context mismatches. You can verify this comparing 00beb507c85f335e23e51b025c16fa6940a92262 against openjdk/jdk11u at 90ad5b18de314faca19e322bb21a4c33cec54785.

On top of that, the code still needed adjustments for the 8u codebase, which were addressed in a separate commit, 53e8134702c5967ffd886b8530ee5728907cae91. For these changes, I based on 68e393c051d3b5ed5b490f362c7ba97c75761ad8, the 8u backport of [JDK-8207258: Distrust TLS server certificates anchored by Symantec Root CAs](https://bugs.openjdk.org/browse/JDK-8207258).

#### Testing

I run `jdk/tier1` and all the tests under [`jdk/test/sun/security/ssl`](https://github.com/openjdk/jdk8u/tree/e32d62e2a39510f643b32d615e76f0ff9be3d9f3/jdk/test/sun/security/ssl), using 64-bit _slowdebug_ and _release_ images, locally built in _Fedora Linux 40_. Please note that this includes the new `X509TrustManagerImpl/Entrust/Distrust.java`, which I've also made fail by temporarily undoing the `java.security-linux` changes. I haven't found any regression against `master` (currently e32d62e2a39510f643b32d615e76f0ff9be3d9f3).

Regarding the failures in GitHub Actions, we can see that this also occurred in recent `jdk8u-dev` pull requests. For example:

* `security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#sslrooteccca`
  `security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#sslrootevrsaca`
    * Failed in this PR, in [_Linux x64 (jdk/tier1)_](https://github.com/franferrax/jdk8u/actions/runs/10800436167/job/29958948355), [_Linux x86 (jdk/tier1)_](https://github.com/franferrax/jdk8u/actions/runs/10800436167/job/29959071363), [_Windows x64 (jdk/tier1)_](https://github.com/franferrax/jdk8u/actions/runs/10800436167/job/29959852407) and [_Windows x86 (jdk/tier1)_](https://github.com/franferrax/jdk8u/actions/runs/10800436167/job/29959178259)
    * Same as openjdk/jdk8u-dev#430, in [_Linux x64 (jdk/tier1)_](https://github.com/ktakakuri/jdk8u-dev/actions/runs/10733047585/job/29766007028), [_Linux x86 (jdk/tier1)_](https://github.com/ktakakuri/jdk8u-dev/actions/runs/10733047585/job/29766074280), [_Windows x64 (jdk/tier1)_](https://github.com/ktakakuri/jdk8u-dev/actions/runs/10733047585/job/29766722107) and [_Windows x86 (jdk/tier1)_](https://github.com/ktakakuri/jdk8u-dev/actions/runs/10733047585/job/29766218339)

* `com/sun/jdi/PrivateTransportTest.sh`
  `security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#sslrooteccca`
  `security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#sslrootevrsaca`
  `sun/misc/CopyMemory.java`
    * Failed in this PR, in [_macOS x64 (jdk/tier1)_](https://github.com/franferrax/jdk8u/actions/runs/10800436167/job/29959293433)
    * Same as openjdk/jdk8u-dev#430, in [_macOS x64 (jdk/tier1)_](https://github.com/ktakakuri/jdk8u-dev/actions/runs/10733047585/job/29766091975)

* `gc/concurrentMarkSweep/CheckAllocateAndSystemGC.java`
    * Failed in this PR, in [_Linux x86 (hotspot/tier1)_](https://github.com/franferrax/jdk8u/actions/runs/10800436167/job/29959071966)
    * Same as openjdk/jdk8u-dev#430, in [_Linux x86 (hotspot/tier1)_](https://github.com/ktakakuri/jdk8u-dev/actions/runs/10733047585/job/29766074578)

* `compiler/unsafe/OpaqueAccesses.java`
    * Failed in this PR, in [_macOS x64 (hotspot/tier1)_](https://github.com/franferrax/jdk8u/actions/runs/10800436167/job/29959294007)
    * Same as openjdk/jdk8u-dev#430, in [_macOS x64 (hotspot/tier1)_](https://github.com/ktakakuri/jdk8u-dev/actions/runs/10733047585/job/29766092229)

-------------

Commit messages:
 - Adjust code for OpenJDK 8
 - Backport 7d49c52272b54070a13b02708dd7ce5f8e375a06

Changes: https://git.openjdk.org/jdk8u/pull/61/files
  Webrev: https://webrevs.openjdk.org/?repo=jdk8u&pr=61&range=00
  Issue: https://bugs.openjdk.org/browse/JDK-8337664
  Stats: 1123 lines in 17 files changed: 1117 ins; 0 del; 6 mod
  Patch: https://git.openjdk.org/jdk8u/pull/61.diff
  Fetch: git fetch https://git.openjdk.org/jdk8u.git pull/61/head:pull/61

PR: https://git.openjdk.org/jdk8u/pull/61