From sean.mullan at oracle.com Mon Aug 1 18:26:21 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Mon, 1 Aug 2016 14:26:21 -0400 Subject: Review Request: JDK-8162882: Permission merge issue in jdk.crypto.ucrypto module Message-ID: The fix for JDK-8159752 accidentally put back an older version of the policy permissions for the jdk.crypto.ucrypto module. It is a simple fix to restore the correct permission: diff -r 5584be31a8f9 src/java.base/solaris/lib/security/default.policy --- a/src/java.base/solaris/lib/security/default.policy Mon Aug 01 09:58:36 2016 -0400 +++ b/src/java.base/solaris/lib/security/default.policy Mon Aug 01 14:23:51 2016 -0400 @@ -11,6 +11,6 @@ "clearProviderProperties.OracleUcrypto"; permission java.security.SecurityPermission "removeProviderProperty.OracleUcrypto"; - permission java.io.FilePermission - "${java.home}/conf/security/ucrypto-solaris.cfg", "read"; + // Needed for reading Ucrypto config file + permission java.io.FilePermission "<>", "read"; }; Thanks, Sean From valerie.peng at oracle.com Mon Aug 1 20:45:15 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Mon, 1 Aug 2016 13:45:15 -0700 Subject: Review Request: JDK-8162882: Permission merge issue in jdk.crypto.ucrypto module In-Reply-To: References: Message-ID: <29faa1d0-b6be-b690-a7f2-ef04a74e190d@oracle.com> Looks fine. Thanks, Valerie On 8/1/2016 11:26 AM, Sean Mullan wrote: > The fix for JDK-8159752 accidentally put back an older version of the > policy permissions for the jdk.crypto.ucrypto module. It is a simple > fix to restore the correct permission: > > diff -r 5584be31a8f9 src/java.base/solaris/lib/security/default.policy > --- a/src/java.base/solaris/lib/security/default.policy Mon Aug 01 > 09:58:36 2016 -0400 > +++ b/src/java.base/solaris/lib/security/default.policy Mon Aug 01 > 14:23:51 2016 -0400 > @@ -11,6 +11,6 @@ > "clearProviderProperties.OracleUcrypto"; > permission java.security.SecurityPermission > "removeProviderProperty.OracleUcrypto"; > - permission java.io.FilePermission > - "${java.home}/conf/security/ucrypto-solaris.cfg", "read"; > + // Needed for reading Ucrypto config file > + permission java.io.FilePermission "<>", "read"; > }; > > Thanks, > Sean From ecki at zusammenkunft.net Mon Aug 1 22:13:02 2016 From: ecki at zusammenkunft.net (Bernd Eckenfels) Date: Tue, 2 Aug 2016 00:13:02 +0200 Subject: RFC7525 mapped to JSSE Message-ID: <20160802001302.00005374.ecki@zusammenkunft.net> Hello, because I was asked by a customer I started to map the RFC7525 https://tools.ietf.org/html/rfc7525 recommendations for TLS to JSSE implementation. It is not complete yet but I think I at least have extraced all "normative" requirements from the RFC into this table: https://docs.google.com/spreadsheets/d/135Eqf3RCpYLcmVHOIPb_Q7pzFde9yqJI_oD2jvpnKPE would like to get your feedback. Gruss Bernd From artem.smotrakov at oracle.com Tue Aug 2 01:25:38 2016 From: artem.smotrakov at oracle.com (Artem Smotrakov) Date: Mon, 1 Aug 2016 18:25:38 -0700 Subject: [9] RFR: 8159416: javax/net/ssl/DTLS/CipherSuite.java failed on timeout In-Reply-To: <67fd1bb2-35d2-2c15-6c76-5133e084b461@oracle.com> References: <5771CEF7.8060400@oracle.com> <694f0a14-d67c-567b-e665-d5c71c7c7331@oracle.com> <67fd1bb2-35d2-2c15-6c76-5133e084b461@oracle.com> Message-ID: <59082443-e0ec-165c-d9f6-d337600fe38f@oracle.com> Here is an updated webrev which includes a fix for 8161086 (thanks Xuelei for help): - No updates to the problem list - CustomDatagramSocketImplFactory drops 5% of packets by default - Updated DTLSInputRecord and DTLSOutputRecord to print sequence numbers if -Djavax.net.debug=ssl option is specified - Updated InvalidRecords.java tests not to drop packets by default because handshaking unexpectedly succeeds if an invalid packet was dropped http://cr.openjdk.java.net/~asmotrak/8159416/webrev.03/ Please take a look. Artem On 07/28/2016 04:36 PM, Artem Smotrakov wrote: > Hi Xuelei, > > I updated CustomDatagramSocketImpl class to be able to drop some > packets randomly or by specified numbers. > > While updating the test, I found > https://bugs.openjdk.java.net/browse/JDK-8161086 which I think is the > root cause of these intermittent failures. > > I added a couple of PacketLoss* tests to reproduce and verify 8161086. > These tests drop different packets while handshaking. They use > different cipher suites and modes, so that they take a while. I didn't > notice they fail with timeout, but I suspect that may happen on slower > machines. That's why I increased timeout value for them. I added the > tests to the problem list since 8161086 is not fixed yet. > > There are a couple of other updates to DTLSOverDatagram.java: > - Server tries to receive first application data when it finishes > handshaking. Server re-sends final handshaking messages if timeout > reached while waiting for application data from client. > - Updated client and server to use simple threads instead of thread > pools. This way, it's possible to specify meaningful names for threads > which makes logs more readable if "-Djavax.net.debug=ssl" specified > - Added more logging > - Made some fields final > > At the moment, CustomDatagramSocketImplFactory doesn't drop packets by > default because it may cause intermittent failures of tests which are > based on DTLSOverDatagram class: > > ... > static class CustomDatagramSocketImplFactory > implements DatagramSocketImplFactory { > ... > // if true, it's going to drop some packets > private static boolean dropPackets = false; > ... > > When 8161086 is fixed, it may be set to true by default. Currently the > packet loss rate is 5% which I think is much more than if we use UDP > sockets on localhost, so that we test DTLS impl in worse conditions. > > Could you please take a look at updated webrev? > > http://cr.openjdk.java.net/~asmotrak/8159416/webrev.02/ > > Artem > > On 06/27/2016 06:25 PM, Xuelei Fan wrote: >> On 6/28/2016 9:12 AM, Artem Smotrakov wrote: >>> Hello, >>> >>> Please review this patch for javax/net/ssl/DTLS tests. >>> >>> A couple of DTLS tests fail intermittently on Mac with timeout or "Too >>> many handshake loops ..." error. The tests use UDP to transfer DTLS >>> records. It happens sometimes that server cannot receive UDP packets >>> with DatagramSocket.receive() method even if client tries to re-send >>> them multiple times. Please see logs in the bug. >>> >>> At the moment, it is not clear why UDP packets can't be delivered to >>> server. If someone has seen something similar before, or has some ideas >>> what might be the root cause, please let me know. >>> >> UDP is not reliable. It could happen that the packets get lost. >> >>> I think that the tests and DTLS implementation are fine here. Since the >>> tests are for DTLS, we can workaround this issue by avoiding real UDP >>> connections. To avoid changing test logic much, we can use a custom >>> DatagramSocketImpl and DatagramSocketImplFactory implementations to >>> replace system UDP implementation. >>> >>> The patch below updates the tests with the following: >>> - added custom DatagramSocketImpl and DatagramSocketImplFactory >>> implementations to avoid real UDP connections >> Tests for real connections in practice are needed. If we update this >> test this way, we need to add other tests to test real application >> usage. I don't think this is the right direction to avoid real UDP >> connections. >> >>> - added more test output, so that we can have more info it the tests >>> fail again >>> >> I agree with this point. >> >> Xuelei >> >>> I have run javax/net/ssl/DTLS/CipherSuite.java test in a loop on Mac, >>> and I didn't see it failed. I also have run javax/net/ssl/DTLS tests on >>> all supported generic platforms, and they worked fine. >>> >>> Bug: https://bugs.openjdk.java.net/browse/JDK-8159416 >>> http://cr.openjdk.java.net/~asmotrak/8159416/webrev.00/ >>> >>> Artem > From xuelei.fan at oracle.com Tue Aug 2 04:35:29 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Tue, 2 Aug 2016 12:35:29 +0800 Subject: [9] RFR: 8159416: javax/net/ssl/DTLS/CipherSuite.java failed on timeout In-Reply-To: <59082443-e0ec-165c-d9f6-d337600fe38f@oracle.com> References: <5771CEF7.8060400@oracle.com> <694f0a14-d67c-567b-e665-d5c71c7c7331@oracle.com> <67fd1bb2-35d2-2c15-6c76-5133e084b461@oracle.com> <59082443-e0ec-165c-d9f6-d337600fe38f@oracle.com> Message-ID: DTLSOutputRecord ---------------- 182 int len = destination.remaining(); 235 int len = destination.remaining(); This variable is only use by debug block. I may try to avoid to define it out side of the debug block. I know you want to dump the length in the "record" debug option. But I think the epoch/sequence# belong to the "packet" debug option. The "record" option does not include the header part, so may be, it is not suitable to dump the epoch/seq# here. I may suggest to remove the update as the "packet" option can help if users want to know the epoch/sequence numbers. Please see the comment for DTLSOverDatagram.java, too. 466-470 This is a nice update to get the user friendly handshake type description. There are still a lot similar debug log that need to get similar update. Would you mind to file a new RFE, and make the update together with other places (both TLS and DTLS) all together? DTLSInputRecord --------------- 159 long onlySeqNum = Authenticator.getDTLSSequenceNumber(recordEnS); Using getDTLSSequenceNumber(long) may be more effective. 161-165, if you consider to remove the debug log update in DTLSOutputRecord, you may also want to remove the debug log update here for similar reasons. HandshakeMessage ---------------- See comment for DTLSOutputRecord. I may prefer to file a new RFE, and make the update all together. Authenticator ------------- May not need the update any more if you consider my suggestions above. Otherwise, I think may be only getDTLSSequenceNumber(long recordEnS) is actually used. Other two new methods can be removed. InvalidRecords -------------- I like this find! DTLSOverDatagram ---------------- 50 System.setProperty("javax.net.debug", "ssl,record"); I may suggest to use "ssl,record,packet" for debugging if you won't dump the epoch/seq# in "record" debug option. If the test passed, I may prefer to turn the debug log off. doServerSide() I did not get too much about the update: 1. Is it necessary to combine handshake and reading client application data together? I think the receiveAppData can be reused. 2. Is it necessary to re-send application data? I think if application data is not allowed to drop, may not need to the re-send code. Same for the doClientSide() implementation. disablePacketDrop() is a static method, you may not want to call it exception the initialization stage. The following line need to be very carefully used: 162 CustomDatagramSocketImplFactory.disablePacketDrop(); 334 CustomDatagramSocketImplFactory.disablePacketDrop(); 324-375, may be not necessary, or can be improved to use receiveAppData() method instead. I think the wrap() and unwrap() impl should take care of the retransmission of handshaking messages, but not the application. Resending the previous packet does not comply to DTLS retransmission specification. If you run into problems, would you mind show me the debug log? >> - Updated client and server to use simple threads instead of thread >> pools. This way, it's possible to specify meaningful names for >> threads A more light update may be use Thread.setName(String name) in the ServerCallable.call(). I did not test. If you like, you can have a try. CustomDatagramSocketImpl.addPacket() I may suggest to check application data here. 927 private void addPacket(byte[] data) { 928 // check if a packet should be dropped - 929 if (CustomDatagramSocketImplFactory.losePacket()) { + if (ustomDatagramSocketImplFactory.losePacket() && + (data[0] != (byte)0x17)) { 930 return; 931 } "data[0] != (byte)0x17" means that it is not application data. As would simplify the code a lot. See comments above about the application data re-sending issue. PacketLossXXX.java ------------------ It should not be the common case to split test cases separated with the test code. I would suggest merge them into the PacketLoss.java. If you are worrying about the debug log length, please turn off the debug log. Actually, we should turn off the debug log unless we need more detailed debug log for problematic test. Or alternatively, we can ask the JTREG to consider the behavior more about the debug length restrictions. Thanks, Xuelei On 8/2/2016 9:25 AM, Artem Smotrakov wrote: > Here is an updated webrev which includes a fix for 8161086 (thanks > Xuelei for help): > - No updates to the problem list > - CustomDatagramSocketImplFactory drops 5% of packets by default > - Updated DTLSInputRecord and DTLSOutputRecord to print sequence numbers > if -Djavax.net.debug=ssl option is specified > - Updated InvalidRecords.java tests not to drop packets by default > because handshaking unexpectedly succeeds if an invalid packet was dropped > > http://cr.openjdk.java.net/~asmotrak/8159416/webrev.03/ > > Please take a look. > > Artem > > On 07/28/2016 04:36 PM, Artem Smotrakov wrote: >> Hi Xuelei, >> >> I updated CustomDatagramSocketImpl class to be able to drop some >> packets randomly or by specified numbers. >> >> While updating the test, I found >> https://bugs.openjdk.java.net/browse/JDK-8161086 which I think is the >> root cause of these intermittent failures. >> >> I added a couple of PacketLoss* tests to reproduce and verify 8161086. >> These tests drop different packets while handshaking. They use >> different cipher suites and modes, so that they take a while. I didn't >> notice they fail with timeout, but I suspect that may happen on slower >> machines. That's why I increased timeout value for them. I added the >> tests to the problem list since 8161086 is not fixed yet. >> >> There are a couple of other updates to DTLSOverDatagram.java: >> - Server tries to receive first application data when it finishes >> handshaking. Server re-sends final handshaking messages if timeout >> reached while waiting for application data from client. >> - Updated client and server to use simple threads instead of thread >> pools. This way, it's possible to specify meaningful names for threads >> which makes logs more readable if "-Djavax.net.debug=ssl" specified >> - Added more logging >> - Made some fields final >> >> At the moment, CustomDatagramSocketImplFactory doesn't drop packets by >> default because it may cause intermittent failures of tests which are >> based on DTLSOverDatagram class: >> >> ... >> static class CustomDatagramSocketImplFactory >> implements DatagramSocketImplFactory { >> ... >> // if true, it's going to drop some packets >> private static boolean dropPackets = false; >> ... >> >> When 8161086 is fixed, it may be set to true by default. Currently the >> packet loss rate is 5% which I think is much more than if we use UDP >> sockets on localhost, so that we test DTLS impl in worse conditions. >> >> Could you please take a look at updated webrev? >> >> http://cr.openjdk.java.net/~asmotrak/8159416/webrev.02/ >> >> Artem >> >> On 06/27/2016 06:25 PM, Xuelei Fan wrote: >>> On 6/28/2016 9:12 AM, Artem Smotrakov wrote: >>>> Hello, >>>> >>>> Please review this patch for javax/net/ssl/DTLS tests. >>>> >>>> A couple of DTLS tests fail intermittently on Mac with timeout or "Too >>>> many handshake loops ..." error. The tests use UDP to transfer DTLS >>>> records. It happens sometimes that server cannot receive UDP packets >>>> with DatagramSocket.receive() method even if client tries to re-send >>>> them multiple times. Please see logs in the bug. >>>> >>>> At the moment, it is not clear why UDP packets can't be delivered to >>>> server. If someone has seen something similar before, or has some ideas >>>> what might be the root cause, please let me know. >>>> >>> UDP is not reliable. It could happen that the packets get lost. >>> >>>> I think that the tests and DTLS implementation are fine here. Since the >>>> tests are for DTLS, we can workaround this issue by avoiding real UDP >>>> connections. To avoid changing test logic much, we can use a custom >>>> DatagramSocketImpl and DatagramSocketImplFactory implementations to >>>> replace system UDP implementation. >>>> >>>> The patch below updates the tests with the following: >>>> - added custom DatagramSocketImpl and DatagramSocketImplFactory >>>> implementations to avoid real UDP connections >>> Tests for real connections in practice are needed. If we update this >>> test this way, we need to add other tests to test real application >>> usage. I don't think this is the right direction to avoid real UDP >>> connections. >>> >>>> - added more test output, so that we can have more info it the tests >>>> fail again >>>> >>> I agree with this point. >>> >>> Xuelei >>> >>>> I have run javax/net/ssl/DTLS/CipherSuite.java test in a loop on Mac, >>>> and I didn't see it failed. I also have run javax/net/ssl/DTLS tests on >>>> all supported generic platforms, and they worked fine. >>>> >>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8159416 >>>> http://cr.openjdk.java.net/~asmotrak/8159416/webrev.00/ >>>> >>>> Artem >> > From xuelei.fan at oracle.com Tue Aug 2 15:34:38 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Tue, 2 Aug 2016 23:34:38 +0800 Subject: Code Review Request JDK-8162362, Cannot enable previously default enabled cipher suites In-Reply-To: References: Message-ID: <44fa2f16-55b9-59f7-44f0-b83d259e7980@oracle.com> Ping ... On 7/29/2016 11:23 PM, Xuelei Fan wrote: > Hi, > > Please review the fix for JDK-8162362: > > http://cr.openjdk.java.net/~xuelei/8162362/webrev.00/ > > If a cipher suite is getting weak or vulnerable, it is normally removed > from the default enabled list in JDK. The compatibility impact of the > removing is normally minimal as if there are other available cipher > suites enabled. > > However, some applications may want to support the disabled cipher > suites in JDK. If the source code is not accessible, there is not much > workaround to have the cipher suite back to work if it is removed from > the default enabled list in JDK. > > This fix introduces two new system properties, which can be used to > customize the default enabled cipher suites. > > The system property "jdk.tls.client.cipherSuites" is used to customize > the default enabled cipher suites for client side of SSL/TLS/DTLS > connections. Similarly, the system property > "jdk.tls.server.cipherSuites" is used for server side. > > The system property contains a comma-separated list of supported cipher > suite names specifying the default enabled cipher suites. All other > supported cipher suites are disabled for this default setting. > Unrecognized or unsupported cipher suite name specified in the property > is ignored. Explicit setting of enabled cipher suites will override the > system property. > > Thanks, > Xuelei > From artem.smotrakov at oracle.com Tue Aug 2 21:42:01 2016 From: artem.smotrakov at oracle.com (Artem Smotrakov) Date: Tue, 2 Aug 2016 14:42:01 -0700 Subject: [9] RFR: 8159416: javax/net/ssl/DTLS/CipherSuite.java failed on timeout In-Reply-To: References: <5771CEF7.8060400@oracle.com> <694f0a14-d67c-567b-e665-d5c71c7c7331@oracle.com> <67fd1bb2-35d2-2c15-6c76-5133e084b461@oracle.com> <59082443-e0ec-165c-d9f6-d337600fe38f@oracle.com> Message-ID: <4f1f89f5-8d15-7db2-c891-39a4079edc24@oracle.com> Hi Xuelei, Thank you for review. Please see inline. I'll send an updated webrev soon. On 08/01/2016 09:35 PM, Xuelei Fan wrote: > DTLSOutputRecord > ---------------- > 182 int len = destination.remaining(); > 235 int len = destination.remaining(); > > This variable is only use by debug block. I may try to avoid to define > it out side of the debug block. encrypt() changes "destination" buffer, that's why the "len" variable is defined before it. Probably the length may be calculated some other way. I don't like it much either, but this way is just the most simple and straightforward to me. > I know you want to dump the length in > the "record" debug option. But I think the epoch/sequence# belong to > the "packet" debug option. The "record" option does not include the > header part, so may be, it is not suitable to dump the epoch/seq# here. > > I may suggest to remove the update as the "packet" option can help if > users want to know the epoch/sequence numbers. Please see the comment > for DTLSOverDatagram.java, too. If -Djavax.net.debug=packet is set, then it prints something like the following: [Raw write]: length = 135 0000: 16 FE FD 00 00 00 00 00 00 00 00 00 7A 01 00 00 ............z... 0010: 6E 00 00 00 00 00 00 00 6E FE FD 18 E3 9C 82 DF n.......n....... 0020: 02 6C 42 FF AB EE 0C 9A 82 1B 78 6A 31 93 DC 6A .lB.......xj1..j 0030: DC 70 9F 5A 91 DB D5 04 E1 99 65 00 00 00 02 00 .p.Z......e..... 0040: 3C 01 00 00 42 00 0D 00 1C 00 1A 06 03 06 01 05 <...B........... 0050: 03 05 01 04 03 04 01 04 02 03 03 03 01 03 02 02 ................ 0060: 03 02 01 02 02 00 11 00 10 00 0E 02 00 04 00 00 ................ 0070: 00 00 01 00 04 00 00 00 00 00 05 00 05 01 00 00 ................ 0080: 00 00 FF 01 00 01 00 ....... Well ... I am sure that such a dump contains everything we need, but ... it doesn't look really friendly :) If someone is not an expert in TLS/DTLS like me, than it might be helpful to have some thing more human-readable in logs :) That's why I wanted to print sequence and epoch numbers (it helped me while looking into 8161086). > > 466-470 > This is a nice update to get the user friendly handshake type > description. There are still a lot similar debug log that need to get > similar update. Would you mind to file a new RFE, and make the update > together with other places (both TLS and DTLS) all together? Sure, I filed https://bugs.openjdk.java.net/browse/JDK-8162996 I'll revert all changes related to debut output. They may be integrated in the RFE above. > > > DTLSInputRecord > --------------- > 159 long onlySeqNum = > Authenticator.getDTLSSequenceNumber(recordEnS); > > Using getDTLSSequenceNumber(long) may be more effective. > > 161-165, if you consider to remove the debug log update in > DTLSOutputRecord, you may also want to remove the debug log update here > for similar reasons. > > HandshakeMessage > ---------------- > See comment for DTLSOutputRecord. I may prefer to file a new RFE, and > make the update all together. > > > Authenticator > ------------- > May not need the update any more if you consider my suggestions above. > Otherwise, I think may be only > > getDTLSSequenceNumber(long recordEnS) > > is actually used. Other two new methods can be removed. > > > InvalidRecords > -------------- > I like this find! > > > DTLSOverDatagram > ---------------- > > 50 System.setProperty("javax.net.debug", "ssl,record"); > > I may suggest to use "ssl,record,packet" for debugging if you won't dump > the epoch/seq# in "record" debug option. If the test passed, I may > prefer to turn the debug log off. The tests pass now. I don't mind removing this debug output, but it happens often that we don't have enough info if a test fails intermittently. Then, we may update the test to use -Djavax.net.debug to get more info when it fails next time. I think it might be good to enable debug output for tests by default, so that we have more info to analyze failures. As far as I know, jtreg may be configured to keep jtr files only for failed tests, so additional output shouldn't take much space if someone runs these test often. Is there any other concerns? > doServerSide() > I did not get too much about the update: > 1. Is it necessary to combine handshake and reading client application > data together? Final handshake messages to a client may be lost. Client still will be expecting them, and server needs to re-send them. When server is done with handshaking, it tries to receive first application data. But if client didn't receive final handshake messages (because they were lost), it keeps re-sending handshake messages to server. In this situation, server needs to re-send final handshake messages to client. Those messages are easily accessible while we're in handshake() method, so that's why I added reading first application data there. handshake() method may return final handshake packets to the caller, so that it can re-send them if necessary. This is just another way, I don't think any of them is better that another. > I think the receiveAppData can be reused. I don't think it can be re-used "as is" because it needs to re-send final handshake messages on server side. Okay, I'll update the method, and re-use it. > > 2. Is it necessary to re-send application data? > I think if application data is not allowed to drop, may not need to > the re-send code. You're right. I'll remove those while loops. > > Same for the doClientSide() implementation. > > disablePacketDrop() is a static method, you may not want to call it > exception the initialization stage. The following line need to be very > carefully used: > > 162 CustomDatagramSocketImplFactory.disablePacketDrop(); > 334 CustomDatagramSocketImplFactory.disablePacketDrop(); disablePacketDrop() asks CustomDatagramSocketImpl to stop dropping packets. This method should be called before we start sending application data. It seems like one of these disablePacketDrop() calls is redundant, I'll move it to sendAppData() method. > > 324-375, may be not necessary, or can be improved to use > receiveAppData() method instead. Sure, will do, please see above. > I think the wrap() and unwrap() impl > should take care of the retransmission of handshaking messages, but not > the application. Resending the previous packet does not comply to DTLS > retransmission specification. If you run into problems, would you mind > show me the debug log? I am not sure what logs you are asking about. You can find some logs attached to https://bugs.openjdk.java.net/browse/JDK-8159416 I am also not sure what you mean by retransmission here. As far as I understand, wrap() and unwrap() methods produce/consume (D)TLS records, and client code should take care of sending them over the network to the remote peer. While expecting first application data, the test re-sends the same packets which were generated by last wrap() call on server side. This means that DTLS records with the same sequence numbers are used again. Do you think that server should generate records with new sequence numbers? (I have not tried to call wrap() again to produce final handshake message after server's SSLEngine has finished handshaking, not sure if it works) > >>> - Updated client and server to use simple threads instead of thread >>> pools. This way, it's possible to specify meaningful names for >>> threads > A more light update may be use Thread.setName(String name) in the > ServerCallable.call(). I did not test. If you like, you can have a try. setName() method is not static, so it should be called on an instance of Thread, but I don't know how to access it in ServerCallable.call() method. > > > CustomDatagramSocketImpl.addPacket() > I may suggest to check application data here. > > 927 private void addPacket(byte[] data) { > 928 // check if a packet should be dropped > - 929 if (CustomDatagramSocketImplFactory.losePacket()) { > + if (ustomDatagramSocketImplFactory.losePacket() && > + (data[0] != (byte)0x17)) { > 930 return; > 931 } > > "data[0] != (byte)0x17" means that it is not application data. As would > simplify the code a lot. See comments above about the application data > re-sending issue. It wouldn't simplify the code to me because "0x17" looks like a magic number. Of course, we can define it as a constant with some meaningful name, but to me it is clearer to call a method which just stops dropping packets. It doesn't make the code too complicated to me. If you don't mind, and there is no other issues with it, I would prefer to keep it. > > > PacketLossXXX.java > ------------------ > It should not be the common case to split test cases separated with the > test code. I would suggest merge them into the PacketLoss.java. The problem here is that those test take some time for execution. That's why I splitted them to different files. As far as I remember, there was a concern from people who run those tests in CI systems that some tests take too long. Their point was that tests execution may be faster if we run tests in concurrent mode, and don't have tests which take too long. And if I recall correctly, there was an agreement that we split such tests this way. I am cc'ing Rajan, he may remember more about this. Artem > If you > are worrying about the debug log length, please turn off the debug log. > Actually, we should turn off the debug log unless we need more detailed > debug log for problematic test. Or alternatively, we can ask the JTREG > to consider the behavior more about the debug length restrictions. > > Thanks, > Xuelei > > On 8/2/2016 9:25 AM, Artem Smotrakov wrote: >> Here is an updated webrev which includes a fix for 8161086 (thanks >> Xuelei for help): >> - No updates to the problem list >> - CustomDatagramSocketImplFactory drops 5% of packets by default >> - Updated DTLSInputRecord and DTLSOutputRecord to print sequence numbers >> if -Djavax.net.debug=ssl option is specified >> - Updated InvalidRecords.java tests not to drop packets by default >> because handshaking unexpectedly succeeds if an invalid packet was dropped >> >> http://cr.openjdk.java.net/~asmotrak/8159416/webrev.03/ >> >> Please take a look. >> >> Artem >> >> On 07/28/2016 04:36 PM, Artem Smotrakov wrote: >>> Hi Xuelei, >>> >>> I updated CustomDatagramSocketImpl class to be able to drop some >>> packets randomly or by specified numbers. >>> >>> While updating the test, I found >>> https://bugs.openjdk.java.net/browse/JDK-8161086 which I think is the >>> root cause of these intermittent failures. >>> >>> I added a couple of PacketLoss* tests to reproduce and verify 8161086. >>> These tests drop different packets while handshaking. They use >>> different cipher suites and modes, so that they take a while. I didn't >>> notice they fail with timeout, but I suspect that may happen on slower >>> machines. That's why I increased timeout value for them. I added the >>> tests to the problem list since 8161086 is not fixed yet. >>> >>> There are a couple of other updates to DTLSOverDatagram.java: >>> - Server tries to receive first application data when it finishes >>> handshaking. Server re-sends final handshaking messages if timeout >>> reached while waiting for application data from client. >>> - Updated client and server to use simple threads instead of thread >>> pools. This way, it's possible to specify meaningful names for threads >>> which makes logs more readable if "-Djavax.net.debug=ssl" specified >>> - Added more logging >>> - Made some fields final >>> >>> At the moment, CustomDatagramSocketImplFactory doesn't drop packets by >>> default because it may cause intermittent failures of tests which are >>> based on DTLSOverDatagram class: >>> >>> ... >>> static class CustomDatagramSocketImplFactory >>> implements DatagramSocketImplFactory { >>> ... >>> // if true, it's going to drop some packets >>> private static boolean dropPackets = false; >>> ... >>> >>> When 8161086 is fixed, it may be set to true by default. Currently the >>> packet loss rate is 5% which I think is much more than if we use UDP >>> sockets on localhost, so that we test DTLS impl in worse conditions. >>> >>> Could you please take a look at updated webrev? >>> >>> http://cr.openjdk.java.net/~asmotrak/8159416/webrev.02/ >>> >>> Artem >>> >>> On 06/27/2016 06:25 PM, Xuelei Fan wrote: >>>> On 6/28/2016 9:12 AM, Artem Smotrakov wrote: >>>>> Hello, >>>>> >>>>> Please review this patch for javax/net/ssl/DTLS tests. >>>>> >>>>> A couple of DTLS tests fail intermittently on Mac with timeout or "Too >>>>> many handshake loops ..." error. The tests use UDP to transfer DTLS >>>>> records. It happens sometimes that server cannot receive UDP packets >>>>> with DatagramSocket.receive() method even if client tries to re-send >>>>> them multiple times. Please see logs in the bug. >>>>> >>>>> At the moment, it is not clear why UDP packets can't be delivered to >>>>> server. If someone has seen something similar before, or has some ideas >>>>> what might be the root cause, please let me know. >>>>> >>>> UDP is not reliable. It could happen that the packets get lost. >>>> >>>>> I think that the tests and DTLS implementation are fine here. Since the >>>>> tests are for DTLS, we can workaround this issue by avoiding real UDP >>>>> connections. To avoid changing test logic much, we can use a custom >>>>> DatagramSocketImpl and DatagramSocketImplFactory implementations to >>>>> replace system UDP implementation. >>>>> >>>>> The patch below updates the tests with the following: >>>>> - added custom DatagramSocketImpl and DatagramSocketImplFactory >>>>> implementations to avoid real UDP connections >>>> Tests for real connections in practice are needed. If we update this >>>> test this way, we need to add other tests to test real application >>>> usage. I don't think this is the right direction to avoid real UDP >>>> connections. >>>> >>>>> - added more test output, so that we can have more info it the tests >>>>> fail again >>>>> >>>> I agree with this point. >>>> >>>> Xuelei >>>> >>>>> I have run javax/net/ssl/DTLS/CipherSuite.java test in a loop on Mac, >>>>> and I didn't see it failed. I also have run javax/net/ssl/DTLS tests on >>>>> all supported generic platforms, and they worked fine. >>>>> >>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8159416 >>>>> http://cr.openjdk.java.net/~asmotrak/8159416/webrev.00/ >>>>> >>>>> Artem From valerie.peng at oracle.com Tue Aug 2 22:04:43 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Tue, 2 Aug 2016 15:04:43 -0700 Subject: [9] RFR 8154113: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI") Message-ID: <47578eb2-3adc-acb5-fe6a-330978edc4e8@oracle.com> Sean, Would you be able to review this policy update for SunMSCAPI provider? In addition to the policy update, the test is updated to replace the shell script with @run tags. Bug: https://bugs.openjdk.java.net/browse/JDK-8154113 Webrev: http://cr.openjdk.java.net/~valeriep/8154113/webrev.00/ Thanks, Valerie From artem.smotrakov at oracle.com Tue Aug 2 22:10:54 2016 From: artem.smotrakov at oracle.com (Artem Smotrakov) Date: Tue, 2 Aug 2016 15:10:54 -0700 Subject: [9] RFR: 8159416: javax/net/ssl/DTLS/CipherSuite.java failed on timeout In-Reply-To: <4f1f89f5-8d15-7db2-c891-39a4079edc24@oracle.com> References: <5771CEF7.8060400@oracle.com> <694f0a14-d67c-567b-e665-d5c71c7c7331@oracle.com> <67fd1bb2-35d2-2c15-6c76-5133e084b461@oracle.com> <59082443-e0ec-165c-d9f6-d337600fe38f@oracle.com> <4f1f89f5-8d15-7db2-c891-39a4079edc24@oracle.com> Message-ID: <896290b8-43e0-6125-16b7-db38a041823f@oracle.com> Please see an updated webrev http://cr.openjdk.java.net/~asmotrak/8159416/webrev.04/ Artem On 08/02/2016 02:42 PM, Artem Smotrakov wrote: > Hi Xuelei, > > Thank you for review. Please see inline. I'll send an updated webrev > soon. > > On 08/01/2016 09:35 PM, Xuelei Fan wrote: >> DTLSOutputRecord >> ---------------- >> 182 int len = destination.remaining(); >> 235 int len = destination.remaining(); >> >> This variable is only use by debug block. I may try to avoid to define >> it out side of the debug block. > encrypt() changes "destination" buffer, that's why the "len" variable > is defined before it. Probably the length may be calculated some other > way. I don't like it much either, but this way is just the most simple > and straightforward to me. >> I know you want to dump the length in >> the "record" debug option. But I think the epoch/sequence# belong to >> the "packet" debug option. The "record" option does not include the >> header part, so may be, it is not suitable to dump the epoch/seq# here. >> >> I may suggest to remove the update as the "packet" option can help if >> users want to know the epoch/sequence numbers. Please see the comment >> for DTLSOverDatagram.java, too. > If -Djavax.net.debug=packet is set, then it prints something like the > following: > > [Raw write]: length = 135 > 0000: 16 FE FD 00 00 00 00 00 00 00 00 00 7A 01 00 00 ............z... > 0010: 6E 00 00 00 00 00 00 00 6E FE FD 18 E3 9C 82 DF n.......n....... > 0020: 02 6C 42 FF AB EE 0C 9A 82 1B 78 6A 31 93 DC 6A .lB.......xj1..j > 0030: DC 70 9F 5A 91 DB D5 04 E1 99 65 00 00 00 02 00 .p.Z......e..... > 0040: 3C 01 00 00 42 00 0D 00 1C 00 1A 06 03 06 01 05 <...B........... > 0050: 03 05 01 04 03 04 01 04 02 03 03 03 01 03 02 02 ................ > 0060: 03 02 01 02 02 00 11 00 10 00 0E 02 00 04 00 00 ................ > 0070: 00 00 01 00 04 00 00 00 00 00 05 00 05 01 00 00 ................ > 0080: 00 00 FF 01 00 01 00 ....... > > Well ... I am sure that such a dump contains everything we need, but > ... it doesn't look really friendly :) If someone is not an expert in > TLS/DTLS like me, than it might be helpful to have some thing more > human-readable in logs :) That's why I wanted to print sequence and > epoch numbers (it helped me while looking into 8161086). >> >> 466-470 >> This is a nice update to get the user friendly handshake type >> description. There are still a lot similar debug log that need to get >> similar update. Would you mind to file a new RFE, and make the update >> together with other places (both TLS and DTLS) all together? > Sure, I filed https://bugs.openjdk.java.net/browse/JDK-8162996 > > I'll revert all changes related to debut output. They may be > integrated in the RFE above. >> >> >> DTLSInputRecord >> --------------- >> 159 long onlySeqNum = >> Authenticator.getDTLSSequenceNumber(recordEnS); >> >> Using getDTLSSequenceNumber(long) may be more effective. >> >> 161-165, if you consider to remove the debug log update in >> DTLSOutputRecord, you may also want to remove the debug log update here >> for similar reasons. >> >> HandshakeMessage >> ---------------- >> See comment for DTLSOutputRecord. I may prefer to file a new RFE, and >> make the update all together. >> >> >> Authenticator >> ------------- >> May not need the update any more if you consider my suggestions above. >> Otherwise, I think may be only >> >> getDTLSSequenceNumber(long recordEnS) >> >> is actually used. Other two new methods can be removed. >> >> >> InvalidRecords >> -------------- >> I like this find! >> >> >> DTLSOverDatagram >> ---------------- >> >> 50 System.setProperty("javax.net.debug", "ssl,record"); >> >> I may suggest to use "ssl,record,packet" for debugging if you won't dump >> the epoch/seq# in "record" debug option. If the test passed, I may >> prefer to turn the debug log off. > The tests pass now. I don't mind removing this debug output, but it > happens often that we don't have enough info if a test fails > intermittently. Then, we may update the test to use -Djavax.net.debug > to get more info when it fails next time. I think it might be good to > enable debug output for tests by default, so that we have more info to > analyze failures. As far as I know, jtreg may be configured to keep > jtr files only for failed tests, so additional output shouldn't take > much space if someone runs these test often. Is there any other concerns? >> doServerSide() >> I did not get too much about the update: >> 1. Is it necessary to combine handshake and reading client application >> data together? > Final handshake messages to a client may be lost. Client still will be > expecting them, and server needs to re-send them. When server is done > with handshaking, it tries to receive first application data. But if > client didn't receive final handshake messages (because they were > lost), it keeps re-sending handshake messages to server. In this > situation, server needs to re-send final handshake messages to client. > Those messages are easily accessible while we're in handshake() > method, so that's why I added reading first application data there. > handshake() method may return final handshake packets to the caller, > so that it can re-send them if necessary. This is just another way, I > don't think any of them is better that another. >> I think the receiveAppData can be reused. > I don't think it can be re-used "as is" because it needs to re-send > final handshake messages on server side. Okay, I'll update the method, > and re-use it. >> >> 2. Is it necessary to re-send application data? >> I think if application data is not allowed to drop, may not need to >> the re-send code. > You're right. I'll remove those while loops. >> >> Same for the doClientSide() implementation. >> >> disablePacketDrop() is a static method, you may not want to call it >> exception the initialization stage. The following line need to be very >> carefully used: >> >> 162 CustomDatagramSocketImplFactory.disablePacketDrop(); >> 334 CustomDatagramSocketImplFactory.disablePacketDrop(); > disablePacketDrop() asks CustomDatagramSocketImpl to stop dropping > packets. This method should be called before we start sending > application data. It seems like one of these disablePacketDrop() calls > is redundant, I'll move it to sendAppData() method. >> >> 324-375, may be not necessary, or can be improved to use >> receiveAppData() method instead. > Sure, will do, please see above. >> I think the wrap() and unwrap() impl >> should take care of the retransmission of handshaking messages, but not >> the application. Resending the previous packet does not comply to DTLS >> retransmission specification. If you run into problems, would you mind >> show me the debug log? > I am not sure what logs you are asking about. You can find some logs > attached to https://bugs.openjdk.java.net/browse/JDK-8159416 > > I am also not sure what you mean by retransmission here. As far as I > understand, wrap() and unwrap() methods produce/consume (D)TLS > records, and client code should take care of sending them over the > network to the remote peer. While expecting first application data, > the test re-sends the same packets which were generated by last wrap() > call on server side. This means that DTLS records with the same > sequence numbers are used again. > > Do you think that server should generate records with new sequence > numbers? > > (I have not tried to call wrap() again to produce final handshake > message after server's SSLEngine has finished handshaking, not sure if > it works) > >> >>>> - Updated client and server to use simple threads instead of thread >>>> pools. This way, it's possible to specify meaningful names for >>>> threads >> A more light update may be use Thread.setName(String name) in the >> ServerCallable.call(). I did not test. If you like, you can have a >> try. > setName() method is not static, so it should be called on an instance > of Thread, but I don't know how to access it in ServerCallable.call() > method. >> >> >> CustomDatagramSocketImpl.addPacket() >> I may suggest to check application data here. >> >> 927 private void addPacket(byte[] data) { >> 928 // check if a packet should be dropped >> - 929 if (CustomDatagramSocketImplFactory.losePacket()) { >> + if (ustomDatagramSocketImplFactory.losePacket() && >> + (data[0] != (byte)0x17)) { >> 930 return; >> 931 } >> >> "data[0] != (byte)0x17" means that it is not application data. As would >> simplify the code a lot. See comments above about the application data >> re-sending issue. > It wouldn't simplify the code to me because "0x17" looks like a magic > number. Of course, we can define it as a constant with some meaningful > name, but to me it is clearer to call a method which just stops > dropping packets. It doesn't make the code too complicated to me. If > you don't mind, and there is no other issues with it, I would prefer > to keep it. >> >> >> PacketLossXXX.java >> ------------------ >> It should not be the common case to split test cases separated with the >> test code. I would suggest merge them into the PacketLoss.java. > The problem here is that those test take some time for execution. > That's why I splitted them to different files. > > As far as I remember, there was a concern from people who run those > tests in CI systems that some tests take too long. Their point was > that tests execution may be faster if we run tests in concurrent mode, > and don't have tests which take too long. And if I recall correctly, > there was an agreement that we split such tests this way. > > I am cc'ing Rajan, he may remember more about this. > > Artem >> If you >> are worrying about the debug log length, please turn off the debug log. >> Actually, we should turn off the debug log unless we need more detailed >> debug log for problematic test. Or alternatively, we can ask the JTREG >> to consider the behavior more about the debug length restrictions. >> >> Thanks, >> Xuelei >> >> On 8/2/2016 9:25 AM, Artem Smotrakov wrote: >>> Here is an updated webrev which includes a fix for 8161086 (thanks >>> Xuelei for help): >>> - No updates to the problem list >>> - CustomDatagramSocketImplFactory drops 5% of packets by default >>> - Updated DTLSInputRecord and DTLSOutputRecord to print sequence >>> numbers >>> if -Djavax.net.debug=ssl option is specified >>> - Updated InvalidRecords.java tests not to drop packets by default >>> because handshaking unexpectedly succeeds if an invalid packet was >>> dropped >>> >>> http://cr.openjdk.java.net/~asmotrak/8159416/webrev.03/ >>> >>> Please take a look. >>> >>> Artem >>> >>> On 07/28/2016 04:36 PM, Artem Smotrakov wrote: >>>> Hi Xuelei, >>>> >>>> I updated CustomDatagramSocketImpl class to be able to drop some >>>> packets randomly or by specified numbers. >>>> >>>> While updating the test, I found >>>> https://bugs.openjdk.java.net/browse/JDK-8161086 which I think is the >>>> root cause of these intermittent failures. >>>> >>>> I added a couple of PacketLoss* tests to reproduce and verify 8161086. >>>> These tests drop different packets while handshaking. They use >>>> different cipher suites and modes, so that they take a while. I didn't >>>> notice they fail with timeout, but I suspect that may happen on slower >>>> machines. That's why I increased timeout value for them. I added the >>>> tests to the problem list since 8161086 is not fixed yet. >>>> >>>> There are a couple of other updates to DTLSOverDatagram.java: >>>> - Server tries to receive first application data when it finishes >>>> handshaking. Server re-sends final handshaking messages if timeout >>>> reached while waiting for application data from client. >>>> - Updated client and server to use simple threads instead of thread >>>> pools. This way, it's possible to specify meaningful names for threads >>>> which makes logs more readable if "-Djavax.net.debug=ssl" specified >>>> - Added more logging >>>> - Made some fields final >>>> >>>> At the moment, CustomDatagramSocketImplFactory doesn't drop packets by >>>> default because it may cause intermittent failures of tests which are >>>> based on DTLSOverDatagram class: >>>> >>>> ... >>>> static class CustomDatagramSocketImplFactory >>>> implements DatagramSocketImplFactory { >>>> ... >>>> // if true, it's going to drop some packets >>>> private static boolean dropPackets = false; >>>> ... >>>> >>>> When 8161086 is fixed, it may be set to true by default. Currently the >>>> packet loss rate is 5% which I think is much more than if we use UDP >>>> sockets on localhost, so that we test DTLS impl in worse conditions. >>>> >>>> Could you please take a look at updated webrev? >>>> >>>> http://cr.openjdk.java.net/~asmotrak/8159416/webrev.02/ >>>> >>>> Artem >>>> >>>> On 06/27/2016 06:25 PM, Xuelei Fan wrote: >>>>> On 6/28/2016 9:12 AM, Artem Smotrakov wrote: >>>>>> Hello, >>>>>> >>>>>> Please review this patch for javax/net/ssl/DTLS tests. >>>>>> >>>>>> A couple of DTLS tests fail intermittently on Mac with timeout or >>>>>> "Too >>>>>> many handshake loops ..." error. The tests use UDP to transfer DTLS >>>>>> records. It happens sometimes that server cannot receive UDP packets >>>>>> with DatagramSocket.receive() method even if client tries to re-send >>>>>> them multiple times. Please see logs in the bug. >>>>>> >>>>>> At the moment, it is not clear why UDP packets can't be delivered to >>>>>> server. If someone has seen something similar before, or has some >>>>>> ideas >>>>>> what might be the root cause, please let me know. >>>>>> >>>>> UDP is not reliable. It could happen that the packets get lost. >>>>> >>>>>> I think that the tests and DTLS implementation are fine here. >>>>>> Since the >>>>>> tests are for DTLS, we can workaround this issue by avoiding real >>>>>> UDP >>>>>> connections. To avoid changing test logic much, we can use a custom >>>>>> DatagramSocketImpl and DatagramSocketImplFactory implementations to >>>>>> replace system UDP implementation. >>>>>> >>>>>> The patch below updates the tests with the following: >>>>>> - added custom DatagramSocketImpl and DatagramSocketImplFactory >>>>>> implementations to avoid real UDP connections >>>>> Tests for real connections in practice are needed. If we update this >>>>> test this way, we need to add other tests to test real application >>>>> usage. I don't think this is the right direction to avoid real UDP >>>>> connections. >>>>> >>>>>> - added more test output, so that we can have more info it the tests >>>>>> fail again >>>>>> >>>>> I agree with this point. >>>>> >>>>> Xuelei >>>>> >>>>>> I have run javax/net/ssl/DTLS/CipherSuite.java test in a loop on >>>>>> Mac, >>>>>> and I didn't see it failed. I also have run javax/net/ssl/DTLS >>>>>> tests on >>>>>> all supported generic platforms, and they worked fine. >>>>>> >>>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8159416 >>>>>> http://cr.openjdk.java.net/~asmotrak/8159416/webrev.00/ >>>>>> >>>>>> Artem > From sean.coffey at oracle.com Wed Aug 3 08:13:14 2016 From: sean.coffey at oracle.com (=?UTF-8?Q?Se=c3=a1n_Coffey?=) Date: Wed, 3 Aug 2016 09:13:14 +0100 Subject: Code Review Request JDK-8162362, Cannot enable previously default enabled cipher suites In-Reply-To: <44fa2f16-55b9-59f7-44f0-b83d259e7980@oracle.com> References: <44fa2f16-55b9-59f7-44f0-b83d259e7980@oracle.com> Message-ID: Hi Xuelei, Thanks for taking this one on. I think the approach looks good. Some minor comments .. Can we update bug description to something like "Introduce system property to control enabled ciphersuites" SSLContextImpl.java : typo : getCustomizedCipehrSuites --> getCustomizedCipherSuites line 432, if we're in debug mode, can we print the property name handed in from application code ? e.g. Something like this might appear : jdk.tls.client.cipherSuites property set to : "SSL_RSA_WITH_DES_CBC_SHA" For the testcase, would you mind testing the new value with multiple comma separated values ? e.g. -Djdk.tls.client.cipherSuites="unknown, SSL_RSA_WITH_DES_CBC_SHA, unknown1, TLS_RSA_WITH_AES_128_CBC_SHA" On line 200, 205, I think you can then just change your test to a String.contains("") call. Regards, Sean. On 02/08/2016 16:34, Xuelei Fan wrote: > Ping ... > > On 7/29/2016 11:23 PM, Xuelei Fan wrote: >> Hi, >> >> Please review the fix for JDK-8162362: >> >> http://cr.openjdk.java.net/~xuelei/8162362/webrev.00/ >> >> If a cipher suite is getting weak or vulnerable, it is normally removed >> from the default enabled list in JDK. The compatibility impact of the >> removing is normally minimal as if there are other available cipher >> suites enabled. >> >> However, some applications may want to support the disabled cipher >> suites in JDK. If the source code is not accessible, there is not much >> workaround to have the cipher suite back to work if it is removed from >> the default enabled list in JDK. >> >> This fix introduces two new system properties, which can be used to >> customize the default enabled cipher suites. >> >> The system property "jdk.tls.client.cipherSuites" is used to customize >> the default enabled cipher suites for client side of SSL/TLS/DTLS >> connections. Similarly, the system property >> "jdk.tls.server.cipherSuites" is used for server side. >> >> The system property contains a comma-separated list of supported cipher >> suite names specifying the default enabled cipher suites. All other >> supported cipher suites are disabled for this default setting. >> Unrecognized or unsupported cipher suite name specified in the property >> is ignored. Explicit setting of enabled cipher suites will override the >> system property. >> >> Thanks, >> Xuelei >> From xuelei.fan at oracle.com Wed Aug 3 09:23:19 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Wed, 3 Aug 2016 17:23:19 +0800 Subject: Code Review Request JDK-8162362, Cannot enable previously default enabled cipher suites In-Reply-To: References: <44fa2f16-55b9-59f7-44f0-b83d259e7980@oracle.com> Message-ID: <62063757-5df7-475e-1f30-3bffba040ef6@oracle.com> New webrev: http://cr.openjdk.java.net/~xuelei/8162362/webrev.01/ On 8/3/2016 4:13 PM, Se?n Coffey wrote: > Hi Xuelei, > > Thanks for taking this one on. I think the approach looks good. Some > minor comments .. > > Can we update bug description to something like "Introduce system > property to control enabled ciphersuites" > SSLContextImpl.java : > > typo : getCustomizedCipehrSuites --> getCustomizedCipherSuites > > line 432, if we're in debug mode, can we print the property name handed > in from application code ? > e.g. Something like this might appear : jdk.tls.client.cipherSuites > property set to : "SSL_RSA_WITH_DES_CBC_SHA" > > For the testcase, would you mind testing the new value with multiple > comma separated values ? > > e.g. -Djdk.tls.client.cipherSuites="unknown, SSL_RSA_WITH_DES_CBC_SHA, > unknown1, TLS_RSA_WITH_AES_128_CBC_SHA" > All above comments get addressed in the new webrev. > On line 200, 205, I think you can then just change your test to a > String.contains("") call. > I got the point. I want to use isEmpty() so that it is reminding me that empty string is special in the context. Let me use the old code. Thanks, Xuelei > Regards, > Sean. > > On 02/08/2016 16:34, Xuelei Fan wrote: >> Ping ... >> >> On 7/29/2016 11:23 PM, Xuelei Fan wrote: >>> Hi, >>> >>> Please review the fix for JDK-8162362: >>> >>> http://cr.openjdk.java.net/~xuelei/8162362/webrev.00/ >>> >>> If a cipher suite is getting weak or vulnerable, it is normally removed >>> from the default enabled list in JDK. The compatibility impact of the >>> removing is normally minimal as if there are other available cipher >>> suites enabled. >>> >>> However, some applications may want to support the disabled cipher >>> suites in JDK. If the source code is not accessible, there is not much >>> workaround to have the cipher suite back to work if it is removed from >>> the default enabled list in JDK. >>> >>> This fix introduces two new system properties, which can be used to >>> customize the default enabled cipher suites. >>> >>> The system property "jdk.tls.client.cipherSuites" is used to customize >>> the default enabled cipher suites for client side of SSL/TLS/DTLS >>> connections. Similarly, the system property >>> "jdk.tls.server.cipherSuites" is used for server side. >>> >>> The system property contains a comma-separated list of supported cipher >>> suite names specifying the default enabled cipher suites. All other >>> supported cipher suites are disabled for this default setting. >>> Unrecognized or unsupported cipher suite name specified in the property >>> is ignored. Explicit setting of enabled cipher suites will override the >>> system property. >>> >>> Thanks, >>> Xuelei >>> > From sean.coffey at oracle.com Wed Aug 3 10:23:31 2016 From: sean.coffey at oracle.com (=?UTF-8?Q?Se=c3=a1n_Coffey?=) Date: Wed, 3 Aug 2016 11:23:31 +0100 Subject: Code Review Request JDK-8162362, Cannot enable previously default enabled cipher suites In-Reply-To: <62063757-5df7-475e-1f30-3bffba040ef6@oracle.com> References: <44fa2f16-55b9-59f7-44f0-b83d259e7980@oracle.com> <62063757-5df7-475e-1f30-3bffba040ef6@oracle.com> Message-ID: <57A1C623.8050801@oracle.com> looks good. Regards, Sean. On 03/08/16 10:23, Xuelei Fan wrote: > New webrev: > http://cr.openjdk.java.net/~xuelei/8162362/webrev.01/ > > On 8/3/2016 4:13 PM, Se?n Coffey wrote: >> Hi Xuelei, >> >> Thanks for taking this one on. I think the approach looks good. Some >> minor comments .. >> >> Can we update bug description to something like "Introduce system >> property to control enabled ciphersuites" >> SSLContextImpl.java : >> >> typo : getCustomizedCipehrSuites --> getCustomizedCipherSuites >> >> line 432, if we're in debug mode, can we print the property name handed >> in from application code ? >> e.g. Something like this might appear : jdk.tls.client.cipherSuites >> property set to : "SSL_RSA_WITH_DES_CBC_SHA" >> >> For the testcase, would you mind testing the new value with multiple >> comma separated values ? >> >> e.g. -Djdk.tls.client.cipherSuites="unknown, SSL_RSA_WITH_DES_CBC_SHA, >> unknown1, TLS_RSA_WITH_AES_128_CBC_SHA" >> > All above comments get addressed in the new webrev. > > >> On line 200, 205, I think you can then just change your test to a >> String.contains("") call. >> > I got the point. I want to use isEmpty() so that it is reminding me > that empty string is special in the context. Let me use the old code. > > Thanks, > Xuelei > > >> Regards, >> Sean. >> >> On 02/08/2016 16:34, Xuelei Fan wrote: >>> Ping ... >>> >>> On 7/29/2016 11:23 PM, Xuelei Fan wrote: >>>> Hi, >>>> >>>> Please review the fix for JDK-8162362: >>>> >>>> http://cr.openjdk.java.net/~xuelei/8162362/webrev.00/ >>>> >>>> If a cipher suite is getting weak or vulnerable, it is normally removed >>>> from the default enabled list in JDK. The compatibility impact of the >>>> removing is normally minimal as if there are other available cipher >>>> suites enabled. >>>> >>>> However, some applications may want to support the disabled cipher >>>> suites in JDK. If the source code is not accessible, there is not much >>>> workaround to have the cipher suite back to work if it is removed from >>>> the default enabled list in JDK. >>>> >>>> This fix introduces two new system properties, which can be used to >>>> customize the default enabled cipher suites. >>>> >>>> The system property "jdk.tls.client.cipherSuites" is used to customize >>>> the default enabled cipher suites for client side of SSL/TLS/DTLS >>>> connections. Similarly, the system property >>>> "jdk.tls.server.cipherSuites" is used for server side. >>>> >>>> The system property contains a comma-separated list of supported cipher >>>> suite names specifying the default enabled cipher suites. All other >>>> supported cipher suites are disabled for this default setting. >>>> Unrecognized or unsupported cipher suite name specified in the property >>>> is ignored. Explicit setting of enabled cipher suites will override the >>>> system property. >>>> >>>> Thanks, >>>> Xuelei >>>> From sean.mullan at oracle.com Wed Aug 3 13:09:42 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Wed, 3 Aug 2016 09:09:42 -0400 Subject: [9] RFR 8154113: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI") In-Reply-To: <47578eb2-3adc-acb5-fe6a-330978edc4e8@oracle.com> References: <47578eb2-3adc-acb5-fe6a-330978edc4e8@oracle.com> Message-ID: Hi Valerie, Can you also clean up the noaccess.policy and access.policy files and remove the permissions that are now granted to the jdk.crypto.mscapi module in default.policy? Also, in the test, I would use the java.security.policy== option instead of the policy option. The policy option is an older jtreg option that I think we should phase out from tests. The java.security.policy option is easier to understand because it is consistent with the system property. --Sean On 08/02/2016 06:04 PM, Valerie Peng wrote: > Sean, > > Would you be able to review this policy update for SunMSCAPI provider? > In addition to the policy update, the test is updated to replace the > shell script with @run tags. > > Bug: https://bugs.openjdk.java.net/browse/JDK-8154113 > Webrev: http://cr.openjdk.java.net/~valeriep/8154113/webrev.00/ > > Thanks, > Valerie From valerie.peng at oracle.com Wed Aug 3 23:15:27 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Wed, 3 Aug 2016 16:15:27 -0700 Subject: [9] RFR 8154113: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI") In-Reply-To: References: <47578eb2-3adc-acb5-fe6a-330978edc4e8@oracle.com> Message-ID: <8ff19f74-eaff-34c7-fd00-b8531e50c9df@oracle.com> Sure, webrev updated: http://cr.openjdk.java.net/~valeriep/8154113/webrev.01/ Thanks, Valerie On 8/3/2016 6:09 AM, Sean Mullan wrote: > Hi Valerie, > > Can you also clean up the noaccess.policy and access.policy files and > remove the permissions that are now granted to the jdk.crypto.mscapi > module in default.policy? > > Also, in the test, I would use the java.security.policy== option > instead of the policy option. The policy option is an older jtreg > option that I think we should phase out from tests. The > java.security.policy option is easier to understand because it is > consistent with the system property. > > --Sean > > On 08/02/2016 06:04 PM, Valerie Peng wrote: >> Sean, >> >> Would you be able to review this policy update for SunMSCAPI provider? >> In addition to the policy update, the test is updated to replace the >> shell script with @run tags. >> >> Bug: https://bugs.openjdk.java.net/browse/JDK-8154113 >> Webrev: http://cr.openjdk.java.net/~valeriep/8154113/webrev.00/ >> >> Thanks, >> Valerie From mandy.chung at oracle.com Thu Aug 4 04:42:17 2016 From: mandy.chung at oracle.com (Mandy Chung) Date: Wed, 3 Aug 2016 21:42:17 -0700 Subject: [9] RFR 8154113: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI") In-Reply-To: References: <47578eb2-3adc-acb5-fe6a-330978edc4e8@oracle.com> Message-ID: <5576A0CD-A802-42FD-A38F-2AC4BB7FFC7F@oracle.com> A passing comment: The test can simply specify @modules jdk.crypto.mscapi and this test will only run when jdk.crypto.mscapi is present; in other words, line 45-48 are no longer needed. Mandy > On Aug 3, 2016, at 6:09 AM, Sean Mullan wrote: > > Hi Valerie, > > Can you also clean up the noaccess.policy and access.policy files and remove the permissions that are now granted to the jdk.crypto.mscapi module in default.policy? > > Also, in the test, I would use the java.security.policy== option instead of the policy option. The policy option is an older jtreg option that I think we should phase out from tests. The java.security.policy option is easier to understand because it is consistent with the system property. > > --Sean > > On 08/02/2016 06:04 PM, Valerie Peng wrote: >> Sean, >> >> Would you be able to review this policy update for SunMSCAPI provider? >> In addition to the policy update, the test is updated to replace the >> shell script with @run tags. >> >> Bug: https://bugs.openjdk.java.net/browse/JDK-8154113 >> Webrev: http://cr.openjdk.java.net/~valeriep/8154113/webrev.00/ >> >> Thanks, >> Valerie From sean.mullan at oracle.com Thu Aug 4 14:20:53 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Thu, 4 Aug 2016 10:20:53 -0400 Subject: [9] RFR 8154113: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI") In-Reply-To: <5576A0CD-A802-42FD-A38F-2AC4BB7FFC7F@oracle.com> References: <47578eb2-3adc-acb5-fe6a-330978edc4e8@oracle.com> <5576A0CD-A802-42FD-A38F-2AC4BB7FFC7F@oracle.com> Message-ID: <43c5db63-c57c-6741-4820-4f316d84ce96@oracle.com> On 08/04/2016 12:42 AM, Mandy Chung wrote: > A passing comment: > > The test can simply specify @modules jdk.crypto.mscapi and this test will only run when jdk.crypto.mscapi is present; in other words, line 45-48 are no longer needed. Does that also mean line 27 can be removed: 27 * @requires os.family == "windows" --Sean > > Mandy > >> On Aug 3, 2016, at 6:09 AM, Sean Mullan wrote: >> >> Hi Valerie, >> >> Can you also clean up the noaccess.policy and access.policy files and remove the permissions that are now granted to the jdk.crypto.mscapi module in default.policy? >> >> Also, in the test, I would use the java.security.policy== option instead of the policy option. The policy option is an older jtreg option that I think we should phase out from tests. The java.security.policy option is easier to understand because it is consistent with the system property. >> >> --Sean >> >> On 08/02/2016 06:04 PM, Valerie Peng wrote: >>> Sean, >>> >>> Would you be able to review this policy update for SunMSCAPI provider? >>> In addition to the policy update, the test is updated to replace the >>> shell script with @run tags. >>> >>> Bug: https://bugs.openjdk.java.net/browse/JDK-8154113 >>> Webrev: http://cr.openjdk.java.net/~valeriep/8154113/webrev.00/ >>> >>> Thanks, >>> Valerie > From sean.mullan at oracle.com Thu Aug 4 14:24:51 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Thu, 4 Aug 2016 10:24:51 -0400 Subject: [9] RFR 8154113: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI") In-Reply-To: <8ff19f74-eaff-34c7-fd00-b8531e50c9df@oracle.com> References: <47578eb2-3adc-acb5-fe6a-330978edc4e8@oracle.com> <8ff19f74-eaff-34c7-fd00-b8531e50c9df@oracle.com> Message-ID: <3af6cb00-c951-299d-fa45-3543182ea50b@oracle.com> Looks good. --Sean On 08/03/2016 07:15 PM, Valerie Peng wrote: > > Sure, webrev updated: > http://cr.openjdk.java.net/~valeriep/8154113/webrev.01/ > Thanks, > Valerie > > On 8/3/2016 6:09 AM, Sean Mullan wrote: >> Hi Valerie, >> >> Can you also clean up the noaccess.policy and access.policy files and >> remove the permissions that are now granted to the jdk.crypto.mscapi >> module in default.policy? >> >> Also, in the test, I would use the java.security.policy== option >> instead of the policy option. The policy option is an older jtreg >> option that I think we should phase out from tests. The >> java.security.policy option is easier to understand because it is >> consistent with the system property. >> >> --Sean >> >> On 08/02/2016 06:04 PM, Valerie Peng wrote: >>> Sean, >>> >>> Would you be able to review this policy update for SunMSCAPI provider? >>> In addition to the policy update, the test is updated to replace the >>> shell script with @run tags. >>> >>> Bug: https://bugs.openjdk.java.net/browse/JDK-8154113 >>> Webrev: http://cr.openjdk.java.net/~valeriep/8154113/webrev.00/ >>> >>> Thanks, >>> Valerie > From bradford.wetmore at oracle.com Thu Aug 4 19:35:21 2016 From: bradford.wetmore at oracle.com (Bradford Wetmore) Date: Thu, 4 Aug 2016 12:35:21 -0700 Subject: RFR: 8061842: Package jurisdiction policy files as something other than JAR Message-ID: <65380927-0e9e-c887-8537-b375733e5c0f@oracle.com> https://bugs.openjdk.java.net/browse/JDK-8061842 http://cr.openjdk.java.net/~wetmore/8061842/webrev.00/ The proposal is to move the configuration files from the jar files in /lib/security to a series of subdirectories under a new "policy" subdirectory in /conf/security. Each subdirectory within that directory will represent a complete policy configuration. The existing jar files will be split into flat text files such that the current/existing policies remain. The default set of policy files (i.e. directory) is configured using a new java.security.Security property called "crypto.policy" which will be added to the /conf/security/java.security file. The default initial options are "limited" or "unlimited", however additional directories could potentially be created that specify other as-yet-unknown policies. The default value of this property will be "limited" which corresponds to our current policy for JRE/JDK export/import around the world. However, the build respects the following "configure" option: --enable-unlimited-crypto Enable unlimited crypto policy [disabled] Within the directory, our implementation will look for files using the standard filename prefix above ("default_" or "exempt_"), thus new additional policy restrictions/abstractions can be added with a simple file addition. Brad From ecki at zusammenkunft.net Thu Aug 4 20:41:21 2016 From: ecki at zusammenkunft.net (Bernd Eckenfels) Date: Thu, 4 Aug 2016 22:41:21 +0200 Subject: RFR: 8061842: Package jurisdiction policy files as something other than JAR In-Reply-To: <65380927-0e9e-c887-8537-b375733e5c0f@oracle.com> References: <65380927-0e9e-c887-8537-b375733e5c0f@oracle.com> Message-ID: <20160804224121.00005bb3.ecki@zusammenkunft.net> Hello, I am glad as a user that I am only annoyed by the limited policies and that I do not have to actually implement features to restrict my software. :) However your mail reminded me: will it be a good idea to implement something like a Fips-compliant runtime in terms of (yet another) policy? Related to that: are there any other useful uses for those jce policies? (Never encounter them besides the restricted ciphers). For things like enforcing minimum security (FIPS, PCI-DSS, ...) the policy objects should not only feature maximum keysizes, but also minimum sizes, right? Same is true for denying weakening attributes and such. On the other hand this greatly conflicts with the security properties already existing (at least for JSSE). You mail did not talk about signatures, will the new policies require to be signed by a JCE certifiate (i.e. via Oracle) or can they be customized without? Will there be an option "use strongest available"? That way an JDK upgrade (overwrite the files) will no longer be a problem as the additional policy persists - but I still would need the system property to activate it... Gruss Bernd Am Thu, 4 Aug 2016 12:35:21 -0700 schrieb Bradford Wetmore : > https://bugs.openjdk.java.net/browse/JDK-8061842 > http://cr.openjdk.java.net/~wetmore/8061842/webrev.00/ > > The proposal is to move the configuration files from the jar files in > /lib/security to a series of subdirectories under a new > "policy" subdirectory in /conf/security. Each > subdirectory within that directory will represent a complete policy > configuration. The existing jar files will be split into flat text > files such that the current/existing policies remain. > > The default set of policy files (i.e. directory) is configured using > a new java.security.Security property called "crypto.policy" which > will be added to the /conf/security/java.security file. > The default initial options are "limited" or "unlimited", however > additional directories could potentially be created that specify > other as-yet-unknown policies. > > The default value of this property will be "limited" which > corresponds to our current policy for JRE/JDK export/import around > the world. However, the build respects the following "configure" > option: > > --enable-unlimited-crypto > Enable unlimited crypto policy [disabled] > > Within the directory, our implementation will look for files using > the standard filename prefix above ("default_" or "exempt_"), thus > new additional policy restrictions/abstractions can be added with a > simple file addition. > > Brad > From bradford.wetmore at oracle.com Thu Aug 4 21:38:10 2016 From: bradford.wetmore at oracle.com (Bradford Wetmore) Date: Thu, 4 Aug 2016 14:38:10 -0700 Subject: RFR: 8061842: Package jurisdiction policy files as something other than JAR In-Reply-To: <20160804224121.00005bb3.ecki@zusammenkunft.net> References: <65380927-0e9e-c887-8537-b375733e5c0f@oracle.com> <20160804224121.00005bb3.ecki@zusammenkunft.net> Message-ID: On 8/4/2016 1:41 PM, Bernd Eckenfels wrote: > Hello, > > I am glad as a user that I am only annoyed by the limited policies and > that I do not have to actually implement features to restrict my > software. :) You are indeed fortunate. :) > However your mail reminded me: will it be a good idea to implement > something like a Fips-compliant runtime in terms of (yet another) > policy? This policy is just for enforcing maximum JCE keysizes for import/export purposes, which has been there since pretty much Day 1 of JCE. This is just repackaging existing policy, as the jigsaw team really wanted to get rid of the jar files. JEP 220. A FIPs matrix is a discussion for another release. > Related to that: are there any other useful uses for those jce policies? > (Never encounter them besides the restricted ciphers). I don't think so. I think for most cases, people are able to install the unlimited bundle and are done. This was before my time, but I believe this was only to satisfy export/import requirements. > For things like > enforcing minimum security (FIPS, PCI-DSS, ...) the policy objects > should not only feature maximum keysizes, but also minimum sizes, > right? Same is true for denying weakening attributes and such. On the > other hand this greatly conflicts with the security properties already > existing (at least for JSSE). > > You mail did not talk about signatures, will the new policies require > to be signed by a JCE certifiate (i.e. via Oracle) or can they be > customized without? Customized without. > Will there be an option "use strongest available"? That way an JDK > upgrade (overwrite the files) will no longer be a problem as the > additional policy persists - but I still would need the system property > to activate it... I would expect our limited/unlimited files/directories won't change. The contents have been static for years, but required the extra step of the download/replacement until earlier in JDK 9. There have been 2-3 one-off policy file bundles generated over the last 15 years (with even tighter restrictions), but ivery rare. If you're modifying java.security, that is the only file you'll need for persistent policy going forward. If you are creating your own directories, you'll of course need to copy those over too. BTW, it's a Security property, not a java.lang.System property. Brad > Gruss > Bernd > > > Am Thu, 4 Aug 2016 12:35:21 -0700 schrieb Bradford Wetmore > : > >> https://bugs.openjdk.java.net/browse/JDK-8061842 >> http://cr.openjdk.java.net/~wetmore/8061842/webrev.00/ >> >> The proposal is to move the configuration files from the jar files in >> /lib/security to a series of subdirectories under a new >> "policy" subdirectory in /conf/security. Each >> subdirectory within that directory will represent a complete policy >> configuration. The existing jar files will be split into flat text >> files such that the current/existing policies remain. >> >> The default set of policy files (i.e. directory) is configured using >> a new java.security.Security property called "crypto.policy" which >> will be added to the /conf/security/java.security file. >> The default initial options are "limited" or "unlimited", however >> additional directories could potentially be created that specify >> other as-yet-unknown policies. >> >> The default value of this property will be "limited" which >> corresponds to our current policy for JRE/JDK export/import around >> the world. However, the build respects the following "configure" >> option: >> >> --enable-unlimited-crypto >> Enable unlimited crypto policy [disabled] >> >> Within the directory, our implementation will look for files using >> the standard filename prefix above ("default_" or "exempt_"), thus >> new additional policy restrictions/abstractions can be added with a >> simple file addition. >> >> Brad >> > From valerie.peng at oracle.com Fri Aug 5 02:01:56 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Thu, 4 Aug 2016 19:01:56 -0700 Subject: [9] RFR 8157579: com/sun/crypto/provider/Mac/MacClone.java failed on solaris12(sparcv9 and x86) Message-ID: Anyone has time to review this fix? The code change is in only one file and straightforward if you agree with the approach. Starting S11.3 and S12, OracleUcrypto provider switched to new Ucrypto APIs for message digest operations and there is no clone support. This affects the MAC impls of SunJCE provider which delegates the digest operation to the most preferred provider. To ensure the clone support, I will switch to getting the digest impl from SUN provider if the most preferred one does not. In the case of SUN provider is not available, it will then goes through provider list. Bug: https://bugs.openjdk.java.net/browse/JDK-8157579 Webrev: http://cr.openjdk.java.net/~valeriep/8157579/webrev.00/ No new test as it's covered by existing regression test. Thanks, Valerie From mandy.chung at oracle.com Fri Aug 5 04:07:09 2016 From: mandy.chung at oracle.com (Mandy Chung) Date: Thu, 4 Aug 2016 21:07:09 -0700 Subject: [9] RFR 8154113: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI") In-Reply-To: <43c5db63-c57c-6741-4820-4f316d84ce96@oracle.com> References: <47578eb2-3adc-acb5-fe6a-330978edc4e8@oracle.com> <5576A0CD-A802-42FD-A38F-2AC4BB7FFC7F@oracle.com> <43c5db63-c57c-6741-4820-4f316d84ce96@oracle.com> Message-ID: <445729BB-05DA-4B93-9831-AC7BD06ECEDA@oracle.com> > On Aug 4, 2016, at 7:20 AM, Sean Mullan wrote: > > On 08/04/2016 12:42 AM, Mandy Chung wrote: >> A passing comment: >> >> The test can simply specify @modules jdk.crypto.mscapi and this test will only run when jdk.crypto.mscapi is present; in other words, line 45-48 are no longer needed. > > Does that also mean line 27 can be removed: > > 27 * @requires os.family == ?windows" > I think it should also be removed but you should verify it to make sure jtreg selects this test on windows only (where jdk.crypto.mscap1 is present). Mandy From sibabrata.sahoo at oracle.com Fri Aug 5 10:00:40 2016 From: sibabrata.sahoo at oracle.com (Sibabrata Sahoo) Date: Fri, 5 Aug 2016 03:00:40 -0700 (PDT) Subject: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" Message-ID: Hi, Please review the patch for "deprivilege java.xml.crypto, java.security.jgss, jdk.security.jgss and jdk.security.auth" modules. JBS: https://bugs.openjdk.java.net/browse/JDK-8159964 Webrev: http://cr.openjdk.java.net/~ssahoo/8159964/webrev.00/ Description: This includes a new Test which verifies the classes from "java.xml.crypto, java.security.jgss, jdk.security.jgss and jdk.security.auth" modules get loaded through Platform Classloader. It also includes modifying few existing test to run with Security manager enabled. Thanks, Siba -------------- next part -------------- An HTML attachment was scrubbed... URL: From weijun.wang at oracle.com Fri Aug 5 10:48:50 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Fri, 5 Aug 2016 18:48:50 +0800 Subject: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" In-Reply-To: References: Message-ID: I'm looking at DeprivilegedModuleLoaderTest.java. Why not just call classes.add(XMLSignatureFactory.class); --Max On 8/5/2016 18:00, Sibabrata Sahoo wrote: > Hi, > > > > Please review the patch for ?deprivilege java.xml.crypto, > java.security.jgss, jdk.security.jgss and jdk.security.auth? modules. > > > > JBS: https://bugs.openjdk.java.net/browse/JDK-8159964 > > Webrev: http://cr.openjdk.java.net/~ssahoo/8159964/webrev.00/ > > > > Description: > > This includes a new Test which verifies the classes from > ?java.xml.crypto, java.security.jgss, jdk.security.jgss and > jdk.security.auth? modules get loaded through Platform Classloader. It > also includes modifying few existing test to run with Security manager > enabled. > > > > Thanks, > > Siba > > > From vincent.x.ryan at oracle.com Fri Aug 5 11:02:16 2016 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Fri, 5 Aug 2016 12:02:16 +0100 Subject: [9] RFR 8157579: com/sun/crypto/provider/Mac/MacClone.java failed on solaris12(sparcv9 and x86) In-Reply-To: References: Message-ID: Your fix looks good. One comment is that you could trim the Provider[] to exclude the most-preferred provider (at index=0). Thanks. > On 5 Aug 2016, at 03:01, Valerie Peng wrote: > > > Anyone has time to review this fix? The code change is in only one file and straightforward if you agree with the approach. > Starting S11.3 and S12, OracleUcrypto provider switched to new Ucrypto APIs for message digest operations and there is no clone support. > This affects the MAC impls of SunJCE provider which delegates the digest operation to the most preferred provider. > To ensure the clone support, I will switch to getting the digest impl from SUN provider if the most preferred one does not. > In the case of SUN provider is not available, it will then goes through provider list. > > Bug: https://bugs.openjdk.java.net/browse/JDK-8157579 > Webrev: http://cr.openjdk.java.net/~valeriep/8157579/webrev.00/ > > No new test as it's covered by existing regression test. > > Thanks, > Valerie > > From sibabrata.sahoo at oracle.com Fri Aug 5 13:57:31 2016 From: sibabrata.sahoo at oracle.com (Sibabrata Sahoo) Date: Fri, 5 Aug 2016 06:57:31 -0700 (PDT) Subject: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" In-Reply-To: References:

Message-ID: Hi Max, Here is the updated webrev: http://cr.openjdk.java.net/~ssahoo/8159964/webrev.01/ Thanks, Siba -----Original Message----- From: Weijun Wang Sent: Friday, August 05, 2016 4:19 PM To: Sibabrata Sahoo; security-dev at openjdk.java.net; Valerie Peng Subject: Re: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" I'm looking at DeprivilegedModuleLoaderTest.java. Why not just call classes.add(XMLSignatureFactory.class); --Max On 8/5/2016 18:00, Sibabrata Sahoo wrote: > Hi, > > > > Please review the patch for "deprivilege java.xml.crypto, > java.security.jgss, jdk.security.jgss and jdk.security.auth" modules. > > > > JBS: https://bugs.openjdk.java.net/browse/JDK-8159964 > > Webrev: http://cr.openjdk.java.net/~ssahoo/8159964/webrev.00/ > > > > Description: > > This includes a new Test which verifies the classes from > "java.xml.crypto, java.security.jgss, jdk.security.jgss and > jdk.security.auth" modules get loaded through Platform Classloader. It > also includes modifying few existing test to run with Security manager > enabled. > > > > Thanks, > > Siba > > > From sean.coffey at oracle.com Fri Aug 5 14:25:27 2016 From: sean.coffey at oracle.com (=?UTF-8?Q?Se=c3=a1n_Coffey?=) Date: Fri, 5 Aug 2016 15:25:27 +0100 Subject: 8163104: Unexpected NPE still possible on some Kerberos ticket calls Message-ID: <57A4A1D7.5040203@oracle.com> Post JDK-8147772 , I think we still have a possibility of hitting an NPE in Kerberos ticket management. Could only find one method affected. bug report : https://bugs.openjdk.java.net/browse/JDK-8163104 webrev : http://cr.openjdk.java.net/~coffeys/webrev.8163104.jdk9/webrev/ -- Regards, Sean. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jamil.j.nimeh at oracle.com Sat Aug 6 04:56:48 2016 From: jamil.j.nimeh at oracle.com (Jamil Nimeh) Date: Fri, 5 Aug 2016 21:56:48 -0700 Subject: RFR 8132943: ServerHandshaker may select non-empty OCSPStatusRequest structures when Responder ID selection is not supported Message-ID: <4f2937f4-ba59-ffec-92d3-409b9e420bf9@oracle.com> Hello all, This fixes an issue with OCSPStatusRequest selection by the server when doing OCSP stapling. Since we currently do not support responder ID filtering, the server should not select an OCSPStatusRequest with responder IDs in it, else it could potentially return OCSP responses that the client has already stated it would not trust. This fix takes care of that. If the server cannot find an OCSPStatusRequest that is suitable (in this case, one that has an empty responder ID list) it will not do stapling for that handshake. Bug: https://bugs.openjdk.java.net/browse/JDK-8132943 Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8132943/webrev.01 Thanks, --Jamil From xuelei.fan at oracle.com Mon Aug 8 00:57:29 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Mon, 8 Aug 2016 08:57:29 +0800 Subject: RFC7525 mapped to JSSE In-Reply-To: <20160802001302.00005374.ecki@zusammenkunft.net> References: <20160802001302.00005374.ecki@zusammenkunft.net> Message-ID: <0ff9135c-dd24-cf99-0913-47939d07fd03@oracle.com> Hi Bernd, Thanks for the summary of the compliance. The following comments are mainly about the items marked with "TODO" or "???". JDK 9 will support DTLS 1.0/1.2 and OCSP stapling (both RFC 6066 and RFC 6961). The server preference of cipher suites can be configurable. JDK uses uncompressed EC point format only. JDK does not use EC curves < 224 bits for EC key exchange, default 256+ bits. For TLS 1.2, SHA2 is requested in the signature algorithm extension. JDK does not implement the truncted HMAC extension. JDK supports hostname verification APIs for HTTPS, and support hostname verification during handshaking for HTTPS and LDAP. JDK tests the DH public keys. Thanks & Regards, Xuelei On 8/2/2016 6:13 AM, Bernd Eckenfels wrote: > Hello, > > because I was asked by a customer I started to map the RFC7525 > > https://tools.ietf.org/html/rfc7525 > > recommendations for TLS to JSSE implementation. > > > It is not complete yet but I think I at least have extraced all > "normative" requirements from the RFC into this table: > > https://docs.google.com/spreadsheets/d/135Eqf3RCpYLcmVHOIPb_Q7pzFde9yqJI_oD2jvpnKPE > > would like to get your feedback. > > Gruss > Bernd > From weijun.wang at oracle.com Mon Aug 8 07:28:49 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Mon, 8 Aug 2016 15:28:49 +0800 Subject: RFR 8163303: Remove identity scope information from jarsigner -verbose output Message-ID: Hi All Please review the code change at http://cr.openjdk.java.net/~weijun/8163303/webrev.00 I removed the "@SuppressWarnings("deprecation")" at the beginning. I think this has been unnecessary for quite a while since calls to deprecated classes (ContentSigner and ContentSignerParameters) have been moved to the new JarSigner API. *Leo*: I take the chance to update localized Resourses.java files for Japanese and Chinese, since this is only about removing items. Please confirm this is OK. Thanks Max From sean.mullan at oracle.com Mon Aug 8 13:33:16 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Mon, 8 Aug 2016 09:33:16 -0400 Subject: RFR 8163303: Remove identity scope information from jarsigner -verbose output In-Reply-To: References: Message-ID: Looks good to me. You will need to add an appropriate noreg label to the bug. --Sean On 08/08/2016 03:28 AM, Weijun Wang wrote: > Hi All > > Please review the code change at > > http://cr.openjdk.java.net/~weijun/8163303/webrev.00 > > I removed the "@SuppressWarnings("deprecation")" at the beginning. I > think this has been unnecessary for quite a while since calls to > deprecated classes (ContentSigner and ContentSignerParameters) have been > moved to the new JarSigner API. > > *Leo*: I take the chance to update localized Resourses.java files for > Japanese and Chinese, since this is only about removing items. Please > confirm this is OK. > > Thanks > Max From weijun.wang at oracle.com Mon Aug 8 13:42:51 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Mon, 8 Aug 2016 21:42:51 +0800 Subject: RFR 8163303: Remove identity scope information from jarsigner -verbose output In-Reply-To: References:

Message-ID: <17431033-98d8-b4a5-725c-716766a8fc49@oracle.com> Thanks. I'll add noreg-cleanup. --Max On 8/8/2016 21:33, Sean Mullan wrote: > Looks good to me. You will need to add an appropriate noreg label to the > bug. > > --Sean > > On 08/08/2016 03:28 AM, Weijun Wang wrote: >> Hi All >> >> Please review the code change at >> >> http://cr.openjdk.java.net/~weijun/8163303/webrev.00 >> >> I removed the "@SuppressWarnings("deprecation")" at the beginning. I >> think this has been unnecessary for quite a while since calls to >> deprecated classes (ContentSigner and ContentSignerParameters) have been >> moved to the new JarSigner API. >> >> *Leo*: I take the chance to update localized Resourses.java files for >> Japanese and Chinese, since this is only about removing items. Please >> confirm this is OK. >> >> Thanks >> Max From weijun.wang at oracle.com Mon Aug 8 13:46:24 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Mon, 8 Aug 2016 21:46:24 +0800 Subject: RFR 8162739: Create new keytool option to access cacerts file Message-ID: <6775374d-e095-179b-c5db-f29916b9a273@oracle.com> Please review the code changes at http://cr.openjdk.java.net/~weijun/8162739/webrev.00/ A new -cacerts option is added to keytool so there is no need to provide the full cacerts path on the command line. lib/security/cacerts is considered an implementation detail and subject to change. The conf/security/cacerts file in src/ is moved to lib/security/cacerts, which matches its destination path. A small change in make/ is needed. Thanks Max From erik.joelsson at oracle.com Mon Aug 8 13:54:40 2016 From: erik.joelsson at oracle.com (Erik Joelsson) Date: Mon, 8 Aug 2016 15:54:40 +0200 Subject: RFR 8162739: Create new keytool option to access cacerts file In-Reply-To: <6775374d-e095-179b-c5db-f29916b9a273@oracle.com> References: <6775374d-e095-179b-c5db-f29916b9a273@oracle.com> Message-ID: <11e97489-6ae1-4ed1-5d0b-2fc9abbd0b84@oracle.com> Build change looks fine. /Erik On 2016-08-08 15:46, Weijun Wang wrote: > Please review the code changes at > > http://cr.openjdk.java.net/~weijun/8162739/webrev.00/ > > A new -cacerts option is added to keytool so there is no need to > provide the full cacerts path on the command line. > lib/security/cacerts is considered an implementation detail and > subject to change. > > The conf/security/cacerts file in src/ is moved to > lib/security/cacerts, which matches its destination path. A small > change in make/ is needed. > > Thanks > Max From vincent.x.ryan at oracle.com Mon Aug 8 17:37:14 2016 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Mon, 8 Aug 2016 18:37:14 +0100 Subject: RFR 8162739: Create new keytool option to access cacerts file In-Reply-To: <6775374d-e095-179b-c5db-f29916b9a273@oracle.com> References: <6775374d-e095-179b-c5db-f29916b9a273@oracle.com> Message-ID: Your changes look good to me. Thanks. > On 8 Aug 2016, at 14:46, Weijun Wang wrote: > > Please review the code changes at > > http://cr.openjdk.java.net/~weijun/8162739/webrev.00/ > > A new -cacerts option is added to keytool so there is no need to provide the full cacerts path on the command line. lib/security/cacerts is considered an implementation detail and subject to change. > > The conf/security/cacerts file in src/ is moved to lib/security/cacerts, which matches its destination path. A small change in make/ is needed. > > Thanks > Max From jamil.j.nimeh at oracle.com Mon Aug 8 21:50:52 2016 From: jamil.j.nimeh at oracle.com (Jamil Nimeh) Date: Mon, 8 Aug 2016 14:50:52 -0700 Subject: [Update] RFR 8132943: ServerHandshaker may select non-empty OCSPStatusRequest structures when Responder ID selection is not supported In-Reply-To: <4f2937f4-ba59-ffec-92d3-409b9e420bf9@oracle.com> References: <4f2937f4-ba59-ffec-92d3-409b9e420bf9@oracle.com> Message-ID: Hello all, this update removes an unnecessary change in test/javax/net/ssl, adds in some additional logging, and an early exit condition from the loop if an acceptable status_request_v2 item is found (favoring OCSP_MULTI over OCSP). Also an additional test case that exercises this exit condition was added. Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8132943/webrev.02 Thanks, --Jamil On 08/05/2016 09:56 PM, Jamil Nimeh wrote: > Hello all, > > This fixes an issue with OCSPStatusRequest selection by the server > when doing OCSP stapling. Since we currently do not support responder > ID filtering, the server should not select an OCSPStatusRequest with > responder IDs in it, else it could potentially return OCSP responses > that the client has already stated it would not trust. This fix takes > care of that. If the server cannot find an OCSPStatusRequest that is > suitable (in this case, one that has an empty responder ID list) it > will not do stapling for that handshake. > > Bug: https://bugs.openjdk.java.net/browse/JDK-8132943 > Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8132943/webrev.01 > > Thanks, > --Jamil From valerie.peng at oracle.com Mon Aug 8 23:51:37 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Mon, 8 Aug 2016 16:51:37 -0700 Subject: [9] RFR 8154113: java.security.AccessControlException: access denied ("java.security.SecurityPermission" "authProvider.SunMSCAPI") In-Reply-To: <445729BB-05DA-4B93-9831-AC7BD06ECEDA@oracle.com> References: <47578eb2-3adc-acb5-fe6a-330978edc4e8@oracle.com> <5576A0CD-A802-42FD-A38F-2AC4BB7FFC7F@oracle.com> <43c5db63-c57c-6741-4820-4f316d84ce96@oracle.com> <445729BB-05DA-4B93-9831-AC7BD06ECEDA@oracle.com> Message-ID: <12e10330-f9b5-16a7-5029-802929ec9549@oracle.com> Thanks for the comment, I made the updates and will verify with JPRT. Valerie On 8/4/2016 9:07 PM, Mandy Chung wrote: >> On Aug 4, 2016, at 7:20 AM, Sean Mullan wrote: >> >> On 08/04/2016 12:42 AM, Mandy Chung wrote: >>> A passing comment: >>> >>> The test can simply specify @modules jdk.crypto.mscapi and this test will only run when jdk.crypto.mscapi is present; in other words, line 45-48 are no longer needed. >> Does that also mean line 27 can be removed: >> >> 27 * @requires os.family == ?windows" >> > I think it should also be removed but you should verify it to make sure jtreg selects this test on windows only (where jdk.crypto.mscap1 is present). > > Mandy > From sibabrata.sahoo at oracle.com Tue Aug 9 06:16:37 2016 From: sibabrata.sahoo at oracle.com (Sibabrata Sahoo) Date: Mon, 8 Aug 2016 23:16:37 -0700 (PDT) Subject: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" In-Reply-To: References:

Message-ID: <6f4cb691-e0f6-46da-88ae-7624ccaafa33@default> Ping.. -----Original Message----- From: Sibabrata Sahoo Sent: Friday, August 05, 2016 7:28 PM To: Weijun Wang; security-dev at openjdk.java.net; Valerie Peng Subject: RE: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" Hi Max, Here is the updated webrev: http://cr.openjdk.java.net/~ssahoo/8159964/webrev.01/ Thanks, Siba -----Original Message----- From: Weijun Wang Sent: Friday, August 05, 2016 4:19 PM To: Sibabrata Sahoo; security-dev at openjdk.java.net; Valerie Peng Subject: Re: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" I'm looking at DeprivilegedModuleLoaderTest.java. Why not just call classes.add(XMLSignatureFactory.class); --Max On 8/5/2016 18:00, Sibabrata Sahoo wrote: > Hi, > > > > Please review the patch for "deprivilege java.xml.crypto, > java.security.jgss, jdk.security.jgss and jdk.security.auth" modules. > > > > JBS: https://bugs.openjdk.java.net/browse/JDK-8159964 > > Webrev: http://cr.openjdk.java.net/~ssahoo/8159964/webrev.00/ > > > > Description: > > This includes a new Test which verifies the classes from > "java.xml.crypto, java.security.jgss, jdk.security.jgss and > jdk.security.auth" modules get loaded through Platform Classloader. It > also includes modifying few existing test to run with Security manager > enabled. > > > > Thanks, > > Siba > > > From sha.jiang at oracle.com Tue Aug 9 06:35:10 2016 From: sha.jiang at oracle.com (John Jiang) Date: Tue, 9 Aug 2016 14:35:10 +0800 Subject: [9]RFR 8163435: Update issue number for SupportedDHKeys.java and UnsupportedDHKeys.java in ProblemList Message-ID: <1115cde9-2248-4d63-68d2-72aaed7b3efb@oracle.com> Hi, In ProblemList.txt, the tests sun/security/pkcs11/KeyAgreement/SupportedDHKeys.java and sun/security/pkcs11/KeyAgreement/UnsupportedDHKeys.java are tracked by 8154910. However, JDK-8154910 had been closed as the duplicate of JDK-8077138. So, it has to associate both of the above tests to JDK-8077138. Issue: https://bugs.openjdk.java.net/browse/JDK-8163435 Webrev: http://cr.openjdk.java.net/~jjiang/8163435/webrev.00 Best regards, John Jiang From weijun.wang at oracle.com Tue Aug 9 07:37:37 2016 From: weijun.wang at oracle.com (Wang Weijun) Date: Tue, 9 Aug 2016 15:37:37 +0800 Subject: RFR 8133910: Some sun/security/tools tests failed. Message-ID: <5C5B7CA0-4133-49F3-8DE9-10D4F46BF8F1@oracle.com> Please review the fix at http://cr.openjdk.java.net/~weijun/8133910/webrev.00/ Basically, "-J-Duser.language=en -J-Duser.country=US" is added to keytool and jarsigner calls wherever output needs to be compared to some English text. *Siba*: I modified quite some tests by you. Please confirm it's OK. Thanks Max From weijun.wang at oracle.com Tue Aug 9 07:51:21 2016 From: weijun.wang at oracle.com (Wang Weijun) Date: Tue, 9 Aug 2016 15:51:21 +0800 Subject: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" In-Reply-To: <6f4cb691-e0f6-46da-88ae-7624ccaafa33@default> References:

<6f4cb691-e0f6-46da-88ae-7624ccaafa33@default> Message-ID: <334FB775-E3E9-4A8A-A49F-E1B6D661E3A0@oracle.com> DeprivilegedModuleLoaderTest.java looks good to me. I am not sure why you picked those 2 javax.xml.crypto tests. Have they have covered the common functions? I'll let someone else to judge it. BTW, I would prefer "java.security.policy==test.policy" (or just policy=test.policy) to "java.security.policy=test.policy". Thanks Max > On 2016?8?9?, at ??2:16, Sibabrata Sahoo wrote: > > Ping.. > > -----Original Message----- > From: Sibabrata Sahoo > Sent: Friday, August 05, 2016 7:28 PM > To: Weijun Wang; security-dev at openjdk.java.net; Valerie Peng > Subject: RE: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" > > Hi Max, > > Here is the updated webrev: http://cr.openjdk.java.net/~ssahoo/8159964/webrev.01/ > > Thanks, > Siba > > -----Original Message----- > From: Weijun Wang > Sent: Friday, August 05, 2016 4:19 PM > To: Sibabrata Sahoo; security-dev at openjdk.java.net; Valerie Peng > Subject: Re: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" > > I'm looking at DeprivilegedModuleLoaderTest.java. > > Why not just call > > classes.add(XMLSignatureFactory.class); > > --Max > > On 8/5/2016 18:00, Sibabrata Sahoo wrote: >> Hi, >> >> >> >> Please review the patch for "deprivilege java.xml.crypto, >> java.security.jgss, jdk.security.jgss and jdk.security.auth" modules. >> >> >> >> JBS: https://bugs.openjdk.java.net/browse/JDK-8159964 >> >> Webrev: http://cr.openjdk.java.net/~ssahoo/8159964/webrev.00/ >> >> >> >> Description: >> >> This includes a new Test which verifies the classes from >> "java.xml.crypto, java.security.jgss, jdk.security.jgss and >> jdk.security.auth" modules get loaded through Platform Classloader. It >> also includes modifying few existing test to run with Security manager >> enabled. >> >> >> >> Thanks, >> >> Siba >> >> >> From ivan.gerasimov at oracle.com Tue Aug 9 09:27:26 2016 From: ivan.gerasimov at oracle.com (Ivan Gerasimov) Date: Tue, 9 Aug 2016 12:27:26 +0300 Subject: [jdk9] RFR: 8153438: Avoid repeated "Please insert a smart card" popup windows Message-ID: <1b997be1-1d49-f477-b687-afe32b1563f5@oracle.com> Hello! In order to reduce the number of popup dialog windows during accessing the smartcard, it is proposed to first do a silent "probe" step. Only if this probe succeeded, or if it failed due to that SILENT flag, we'll try to re-acquire the key normally (i.e. not silently). Would you please help review this proposal? BUGURL: https://bugs.openjdk.java.net/browse/JDK-8153438 WEBREV: http://cr.openjdk.java.net/~igerasim/8153438/00/webrev/ With kind regards, Ivan From sean.coffey at oracle.com Tue Aug 9 10:33:03 2016 From: sean.coffey at oracle.com (=?UTF-8?Q?Se=c3=a1n_Coffey?=) Date: Tue, 9 Aug 2016 11:33:03 +0100 Subject: JDK-8152524 In-Reply-To: <1467657865.2758173.1468450659825.JavaMail.yahoo@mail.yahoo.com> References: <1467657865.2758173.1468450659825.JavaMail.yahoo.ref@mail.yahoo.com> <1467657865.2758173.1468450659825.JavaMail.yahoo@mail.yahoo.com> Message-ID: Hi Sheon, only see your mail now. The issue turned out to be a McAfee issue. They issued a new patch. You'll have to contact them. Regards, Sean. On 13/07/2016 23:57, sheon banks wrote: > Hi All, > > This message is actually for Sean Coffey in relation to the > JDK-8152524. I saw the incident on the Web. I am having a similar > issue. In the post, it is stated that this is being tracked > elsewhere. Can you tell me where? I would like to know if it is being > treated as an MS or McAfee issue. > > Sheon Banks -------------- next part -------------- An HTML attachment was scrubbed... URL: From sean.mullan at oracle.com Tue Aug 9 13:38:26 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Tue, 9 Aug 2016 09:38:26 -0400 Subject: [9] RFR 8157579: com/sun/crypto/provider/Mac/MacClone.java failed on solaris12(sparcv9 and x86) In-Reply-To: References: Message-ID: <42279da0-e45a-9809-c1f2-f3fcaaf58951@oracle.com> Is there any way to split the Ucrypto MessageDigest implementation into 2 classes, one that implements Cloneable and the other which doesn't, and use the appropriate one depending on which OS version you are on? This way, instead of calling clone and catching CloneNotSupportedException, you could just check each MessageDigest object to see if it implements Cloneable. --Sean On 08/04/2016 10:01 PM, Valerie Peng wrote: > > Anyone has time to review this fix? The code change is in only one file > and straightforward if you agree with the approach. > Starting S11.3 and S12, OracleUcrypto provider switched to new Ucrypto > APIs for message digest operations and there is no clone support. > This affects the MAC impls of SunJCE provider which delegates the digest > operation to the most preferred provider. > To ensure the clone support, I will switch to getting the digest impl > from SUN provider if the most preferred one does not. > In the case of SUN provider is not available, it will then goes through > provider list. > > Bug: https://bugs.openjdk.java.net/browse/JDK-8157579 > Webrev: http://cr.openjdk.java.net/~valeriep/8157579/webrev.00/ > > No new test as it's covered by existing regression test. > > Thanks, > Valerie > > From weijun.wang at oracle.com Tue Aug 9 15:37:56 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Tue, 9 Aug 2016 23:37:56 +0800 Subject: RFR 8163489: Avoid using Utils.getFreePort() in TsacertOptionTest.java test Message-ID: http://cr.openjdk.java.net/~weijun/8163489/webrev.00 From weijun.wang at oracle.com Tue Aug 9 15:39:36 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Tue, 9 Aug 2016 23:39:36 +0800 Subject: RFR 8133910: Some sun/security/tools tests failed. In-Reply-To: <5C5B7CA0-4133-49F3-8DE9-10D4F46BF8F1@oracle.com> References: <5C5B7CA0-4133-49F3-8DE9-10D4F46BF8F1@oracle.com> Message-ID: <86277a3c-aba6-de44-d09d-a9b3a585184a@oracle.com> I was wrong. The test were written by Artem. --Max On 8/9/2016 15:37, Wang Weijun wrote: > Please review the fix at > > http://cr.openjdk.java.net/~weijun/8133910/webrev.00/ > > Basically, "-J-Duser.language=en -J-Duser.country=US" is added to keytool and jarsigner calls wherever output needs to be compared to some English text. > > *Siba*: I modified quite some tests by you. Please confirm it's OK. > > Thanks > Max > From chris.hegarty at oracle.com Tue Aug 9 15:46:16 2016 From: chris.hegarty at oracle.com (Chris Hegarty) Date: Tue, 9 Aug 2016 16:46:16 +0100 Subject: RFR 8163489: Avoid using Utils.getFreePort() in TsacertOptionTest.java test In-Reply-To: References: Message-ID: On 9 Aug 2016, at 16:37, Weijun Wang wrote: > > http://cr.openjdk.java.net/~weijun/8163489/webrev.00 Thanks Max, this looks good( one less use of the get free port anti-pattern! ). -Chris. From sean.mullan at oracle.com Tue Aug 9 17:43:22 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Tue, 9 Aug 2016 13:43:22 -0400 Subject: [9] RFR 8157579: com/sun/crypto/provider/Mac/MacClone.java failed on solaris12(sparcv9 and x86) In-Reply-To: <42279da0-e45a-9809-c1f2-f3fcaaf58951@oracle.com> References: <42279da0-e45a-9809-c1f2-f3fcaaf58951@oracle.com> Message-ID: <62772189-4c08-8ffc-10e5-26dcf57d92ef@oracle.com> Or better yet, just change the ucrypto impl to not implement Cloneable regardless what Solaris version you are on. Then you can just check each MessageDigest impl to see if it is an instanceof Cloneable rather than calling clone on each. --Sean On 08/09/2016 09:38 AM, Sean Mullan wrote: > Is there any way to split the Ucrypto MessageDigest implementation into > 2 classes, one that implements Cloneable and the other which doesn't, > and use the appropriate one depending on which OS version you are on? > > This way, instead of calling clone and catching > CloneNotSupportedException, you could just check each MessageDigest > object to see if it implements Cloneable. > > --Sean > > > On 08/04/2016 10:01 PM, Valerie Peng wrote: >> >> Anyone has time to review this fix? The code change is in only one file >> and straightforward if you agree with the approach. >> Starting S11.3 and S12, OracleUcrypto provider switched to new Ucrypto >> APIs for message digest operations and there is no clone support. >> This affects the MAC impls of SunJCE provider which delegates the digest >> operation to the most preferred provider. >> To ensure the clone support, I will switch to getting the digest impl >> from SUN provider if the most preferred one does not. >> In the case of SUN provider is not available, it will then goes through >> provider list. >> >> Bug: https://bugs.openjdk.java.net/browse/JDK-8157579 >> Webrev: http://cr.openjdk.java.net/~valeriep/8157579/webrev.00/ >> >> No new test as it's covered by existing regression test. >> >> Thanks, >> Valerie >> >> From artem.smotrakov at oracle.com Tue Aug 9 17:49:39 2016 From: artem.smotrakov at oracle.com (Artem Smotrakov) Date: Tue, 9 Aug 2016 10:49:39 -0700 Subject: RFR 8163489: Avoid using Utils.getFreePort() in TsacertOptionTest.java test In-Reply-To: References:

Message-ID: <2bc5dbc8-532b-7e0d-674e-2c6a8be5d108@oracle.com> +1 Minor: no need a semicolon in "try" block, I originally added it by mistake. You also may want to update a copyright year. Artem On 08/09/2016 08:46 AM, Chris Hegarty wrote: > On 9 Aug 2016, at 16:37, Weijun Wang wrote: >> http://cr.openjdk.java.net/~weijun/8163489/webrev.00 > Thanks Max, this looks good( one less use of the get free port anti-pattern! ). > > -Chris. From artem.smotrakov at oracle.com Tue Aug 9 17:58:04 2016 From: artem.smotrakov at oracle.com (Artem Smotrakov) Date: Tue, 9 Aug 2016 10:58:04 -0700 Subject: RFR 8133910: Some sun/security/tools tests failed. In-Reply-To: <86277a3c-aba6-de44-d09d-a9b3a585184a@oracle.com> References: <5C5B7CA0-4133-49F3-8DE9-10D4F46BF8F1@oracle.com> <86277a3c-aba6-de44-d09d-a9b3a585184a@oracle.com> Message-ID: Hi Max, The update looks good to me. Artem On 08/09/2016 08:39 AM, Weijun Wang wrote: > I was wrong. The test were written by Artem. > > --Max > > On 8/9/2016 15:37, Wang Weijun wrote: >> Please review the fix at >> >> http://cr.openjdk.java.net/~weijun/8133910/webrev.00/ >> >> Basically, "-J-Duser.language=en -J-Duser.country=US" is added to >> keytool and jarsigner calls wherever output needs to be compared to >> some English text. >> >> *Siba*: I modified quite some tests by you. Please confirm it's OK. >> >> Thanks >> Max >> From vincent.x.ryan at oracle.com Tue Aug 9 18:14:14 2016 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Tue, 9 Aug 2016 19:14:14 +0100 Subject: [9] RFR 8163503: PKCS12 keystore cannot store non-X.509 certificates Message-ID: Please review this fix to improve the error handling for attempts to store a Certificate object in PKCS12 keystore. The PKCS12 keystore implementation supports storing only X509Certificate objects but the KeyStore API allows Certificate objects. This fix rejects attempts to store non-X.509 certificates and throws a KeyStoreException. Thanks. Bug: https://bugs.openjdk.java.net/browse/JDK-8163503 Webrev: http://cr.openjdk.java.net/~vinnie/8163503/webrev.00/ From sean.mullan at oracle.com Tue Aug 9 19:19:21 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Tue, 9 Aug 2016 15:19:21 -0400 Subject: RFR 8162739: Create new keytool option to access cacerts file In-Reply-To: <6775374d-e095-179b-c5db-f29916b9a273@oracle.com> References: <6775374d-e095-179b-c5db-f29916b9a273@oracle.com> Message-ID: - src/java.base/share/classes/sun/security/tools/keytool/Resources.java 131 "operates on the cacerts keystore"}, // -cacerts "operates" sounds a little odd. How about "access the cacerts keystore" (so it is consistent with the warning below). 133 "Warning: use -cacerts option to access cacerts keystore"}, Warning: use the -cacerts option to access the cacerts keystore --Sean On 08/08/2016 09:46 AM, Weijun Wang wrote: > Please review the code changes at > > http://cr.openjdk.java.net/~weijun/8162739/webrev.00/ > > A new -cacerts option is added to keytool so there is no need to provide > the full cacerts path on the command line. lib/security/cacerts is > considered an implementation detail and subject to change. > > The conf/security/cacerts file in src/ is moved to lib/security/cacerts, > which matches its destination path. A small change in make/ is needed. > > Thanks > Max From xuelei.fan at oracle.com Tue Aug 9 23:29:09 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Wed, 10 Aug 2016 07:29:09 +0800 Subject: [Update] RFR 8132943: ServerHandshaker may select non-empty OCSPStatusRequest structures when Responder ID selection is not supported In-Reply-To: References: <4f2937f4-ba59-ffec-92d3-409b9e420bf9@oracle.com> Message-ID: Looks fine to me. Thanks, Xuelei On 8/9/2016 5:50 AM, Jamil Nimeh wrote: > Hello all, this update removes an unnecessary change in > test/javax/net/ssl, adds in some additional logging, and an early exit > condition from the loop if an acceptable status_request_v2 item is found > (favoring OCSP_MULTI over OCSP). Also an additional test case that > exercises this exit condition was added. > > Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8132943/webrev.02 > > Thanks, > > --Jamil > > > On 08/05/2016 09:56 PM, Jamil Nimeh wrote: >> Hello all, >> >> This fixes an issue with OCSPStatusRequest selection by the server >> when doing OCSP stapling. Since we currently do not support responder >> ID filtering, the server should not select an OCSPStatusRequest with >> responder IDs in it, else it could potentially return OCSP responses >> that the client has already stated it would not trust. This fix takes >> care of that. If the server cannot find an OCSPStatusRequest that is >> suitable (in this case, one that has an empty responder ID list) it >> will not do stapling for that handshake. >> >> Bug: https://bugs.openjdk.java.net/browse/JDK-8132943 >> Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8132943/webrev.01 >> >> Thanks, >> --Jamil > From valerie.peng at oracle.com Wed Aug 10 00:25:41 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Tue, 9 Aug 2016 17:25:41 -0700 Subject: [9] RFR 8157579: com/sun/crypto/provider/Mac/MacClone.java failed on solaris12(sparcv9 and x86) In-Reply-To: References:

Message-ID: Thanks for the review~ Your point is valid for default configuration. But in the rare case where the new jdk.security.provider.preferred property is set, the most preferred provider may not be the one which supplied the digest object for the generic getInstance() call. So, instead of removing the first provider, I added a check to skip calling getInstance() if the provider name comparison matched. Webrev updated at: http://cr.openjdk.java.net/~valeriep/8157579/webrev.01/ Thanks, Valerie On 8/5/2016 4:02 AM, Vincent Ryan wrote: > Your fix looks good. One comment is that you could trim the Provider[] to exclude the most-preferred provider (at index=0). > Thanks. > > >> On 5 Aug 2016, at 03:01, Valerie Peng wrote: >> >> >> Anyone has time to review this fix? The code change is in only one file and straightforward if you agree with the approach. >> Starting S11.3 and S12, OracleUcrypto provider switched to new Ucrypto APIs for message digest operations and there is no clone support. >> This affects the MAC impls of SunJCE provider which delegates the digest operation to the most preferred provider. >> To ensure the clone support, I will switch to getting the digest impl from SUN provider if the most preferred one does not. >> In the case of SUN provider is not available, it will then goes through provider list. >> >> Bug: https://bugs.openjdk.java.net/browse/JDK-8157579 >> Webrev: http://cr.openjdk.java.net/~valeriep/8157579/webrev.00/ >> >> No new test as it's covered by existing regression test. >> >> Thanks, >> Valerie >> >> From weijun.wang at oracle.com Wed Aug 10 00:38:14 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Wed, 10 Aug 2016 08:38:14 +0800 Subject: [9] RFR 8163503: PKCS12 keystore cannot store non-X.509 certificates In-Reply-To: References: Message-ID: <7d5347f8-d01f-bd22-19a7-1590200f4ac7@oracle.com> I thought I've seen this webrev before. Why not just throw a KeyStoreException in validateChain()? --Max On 8/10/2016 2:14, Vincent Ryan wrote: > Please review this fix to improve the error handling for attempts to store a Certificate object in PKCS12 keystore. > The PKCS12 keystore implementation supports storing only X509Certificate objects but the KeyStore API allows Certificate objects. > This fix rejects attempts to store non-X.509 certificates and throws a KeyStoreException. > > Thanks. > > Bug: https://bugs.openjdk.java.net/browse/JDK-8163503 > Webrev: http://cr.openjdk.java.net/~vinnie/8163503/webrev.00/ > > From xuelei.fan at oracle.com Wed Aug 10 01:04:44 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Wed, 10 Aug 2016 09:04:44 +0800 Subject: [9] RFR 8163503: PKCS12 keystore cannot store non-X.509 certificates In-Reply-To: <7d5347f8-d01f-bd22-19a7-1590200f4ac7@oracle.com> References: <7d5347f8-d01f-bd22-19a7-1590200f4ac7@oracle.com> Message-ID: The for loop at line 1507 and 1520 may be merged together. Xuelei On 8/10/2016 8:38 AM, Weijun Wang wrote: > I thought I've seen this webrev before. > > Why not just throw a KeyStoreException in validateChain()? > > --Max > > On 8/10/2016 2:14, Vincent Ryan wrote: >> Please review this fix to improve the error handling for attempts to >> store a Certificate object in PKCS12 keystore. >> The PKCS12 keystore implementation supports storing only >> X509Certificate objects but the KeyStore API allows Certificate objects. >> This fix rejects attempts to store non-X.509 certificates and throws a >> KeyStoreException. >> >> Thanks. >> >> Bug: https://bugs.openjdk.java.net/browse/JDK-8163503 >> Webrev: http://cr.openjdk.java.net/~vinnie/8163503/webrev.00/ >> >> From valerie.peng at oracle.com Wed Aug 10 02:00:04 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Tue, 9 Aug 2016 19:00:04 -0700 Subject: [9] RFR 8157579: com/sun/crypto/provider/Mac/MacClone.java failed on solaris12(sparcv9 and x86) In-Reply-To: <62772189-4c08-8ffc-10e5-26dcf57d92ef@oracle.com> References: <42279da0-e45a-9809-c1f2-f3fcaaf58951@oracle.com> <62772189-4c08-8ffc-10e5-26dcf57d92ef@oracle.com> Message-ID: <6681bdab-e019-ea5b-1b17-723019839357@oracle.com> OracleUcrypto provider already separates them in two classes: The cloneable libMD digest impls are encapsulated by a class which implements Cloneable and the new un-cloneable Ucrypto digest impls are in a class which does not. I wasn't sure if we can safely assume that an instance supports clone when it implements Cloneable. So I thought better call clone() to be sure. Given your feedback, I have replaced the clone() calls with instanceof checks. Webrev updated: http://cr.openjdk.java.net/~valeriep/8157579/webrev.02 Thanks, Valerie On 8/9/2016 10:43 AM, Sean Mullan wrote: > Or better yet, just change the ucrypto impl to not implement Cloneable > regardless what Solaris version you are on. Then you can just check > each MessageDigest impl to see if it is an instanceof Cloneable rather > than calling clone on each. > > --Sean > > On 08/09/2016 09:38 AM, Sean Mullan wrote: >> Is there any way to split the Ucrypto MessageDigest implementation into >> 2 classes, one that implements Cloneable and the other which doesn't, >> and use the appropriate one depending on which OS version you are on? >> >> This way, instead of calling clone and catching >> CloneNotSupportedException, you could just check each MessageDigest >> object to see if it implements Cloneable. >> >> --Sean >> >> >> On 08/04/2016 10:01 PM, Valerie Peng wrote: >>> >>> Anyone has time to review this fix? The code change is in only one file >>> and straightforward if you agree with the approach. >>> Starting S11.3 and S12, OracleUcrypto provider switched to new Ucrypto >>> APIs for message digest operations and there is no clone support. >>> This affects the MAC impls of SunJCE provider which delegates the >>> digest >>> operation to the most preferred provider. >>> To ensure the clone support, I will switch to getting the digest impl >>> from SUN provider if the most preferred one does not. >>> In the case of SUN provider is not available, it will then goes through >>> provider list. >>> >>> Bug: https://bugs.openjdk.java.net/browse/JDK-8157579 >>> Webrev: http://cr.openjdk.java.net/~valeriep/8157579/webrev.00/ >>> >>> No new test as it's covered by existing regression test. >>> >>> Thanks, >>> Valerie >>> >>> From weijun.wang at oracle.com Wed Aug 10 03:43:47 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Wed, 10 Aug 2016 11:43:47 +0800 Subject: 8163104: Unexpected NPE still possible on some Kerberos ticket calls In-Reply-To: <57A4A1D7.5040203@oracle.com> References: <57A4A1D7.5040203@oracle.com> Message-ID: Change looks fine. Sorry for the late reply. Thanks Max On 8/5/2016 22:25, Se?n Coffey wrote: > Post JDK-8147772 , I > think we still have a possibility of hitting an NPE in Kerberos ticket > management. > > Could only find one method affected. > bug report : https://bugs.openjdk.java.net/browse/JDK-8163104 > webrev : http://cr.openjdk.java.net/~coffeys/webrev.8163104.jdk9/webrev/ > > -- > Regards, > Sean. > From sibabrata.sahoo at oracle.com Wed Aug 10 09:08:57 2016 From: sibabrata.sahoo at oracle.com (Sibabrata Sahoo) Date: Wed, 10 Aug 2016 09:08:57 +0000 (UTC) Subject: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" In-Reply-To: <334FB775-E3E9-4A8A-A49F-E1B6D661E3A0@oracle.com> References:

<6f4cb691-e0f6-46da-88ae-7624ccaafa33@default> <334FB775-E3E9-4A8A-A49F-E1B6D661E3A0@oracle.com> Message-ID: <0542fdf7-61d5-4b19-b3a1-319b212cc4ae@default> Hi Valerie, I have addressed the suggestion provided by Max to add "==" for the test policy files because " lib/security/default.policy" file is included by default. I am waiting for your suggestion to complete this review. Here is the latest webrev: http://cr.openjdk.java.net/~ssahoo/8159964/webrev.02/ Thanks, Siba -----Original Message----- From: Wang Weijun Sent: Tuesday, August 09, 2016 1:21 PM To: Sibabrata Sahoo Cc: security-dev at openjdk.java.net; Valerie Peng Subject: Re: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" DeprivilegedModuleLoaderTest.java looks good to me. I am not sure why you picked those 2 javax.xml.crypto tests. Have they have covered the common functions? I'll let someone else to judge it. BTW, I would prefer "java.security.policy==test.policy" (or just policy=test.policy) to "java.security.policy=test.policy". Thanks Max > On 2016?8?9?, at ??2:16, Sibabrata Sahoo wrote: > > Ping.. > > -----Original Message----- > From: Sibabrata Sahoo > Sent: Friday, August 05, 2016 7:28 PM > To: Weijun Wang; security-dev at openjdk.java.net; Valerie Peng > Subject: RE: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" > > Hi Max, > > Here is the updated webrev: > http://cr.openjdk.java.net/~ssahoo/8159964/webrev.01/ > > Thanks, > Siba > > -----Original Message----- > From: Weijun Wang > Sent: Friday, August 05, 2016 4:19 PM > To: Sibabrata Sahoo; security-dev at openjdk.java.net; Valerie Peng > Subject: Re: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" > > I'm looking at DeprivilegedModuleLoaderTest.java. > > Why not just call > > classes.add(XMLSignatureFactory.class); > > --Max > > On 8/5/2016 18:00, Sibabrata Sahoo wrote: >> Hi, >> >> >> >> Please review the patch for "deprivilege java.xml.crypto, >> java.security.jgss, jdk.security.jgss and jdk.security.auth" modules. >> >> >> >> JBS: https://bugs.openjdk.java.net/browse/JDK-8159964 >> >> Webrev: http://cr.openjdk.java.net/~ssahoo/8159964/webrev.00/ >> >> >> >> Description: >> >> This includes a new Test which verifies the classes from >> "java.xml.crypto, java.security.jgss, jdk.security.jgss and >> jdk.security.auth" modules get loaded through Platform Classloader. >> It also includes modifying few existing test to run with Security >> manager enabled. >> >> >> >> Thanks, >> >> Siba >> >> >> From sean.coffey at oracle.com Wed Aug 10 09:59:05 2016 From: sean.coffey at oracle.com (=?UTF-8?Q?Se=c3=a1n_Coffey?=) Date: Wed, 10 Aug 2016 10:59:05 +0100 Subject: [9] RFR 8163503: PKCS12 keystore cannot store non-X.509 certificates In-Reply-To: References: Message-ID: <57AAFAE9.6050106@oracle.com> It would be good if we can print the cert class type in the new exception if the instanceof check fails. Regards, Sean. On 09/08/16 19:14, Vincent Ryan wrote: > Please review this fix to improve the error handling for attempts to store a Certificate object in PKCS12 keystore. > The PKCS12 keystore implementation supports storing only X509Certificate objects but the KeyStore API allows Certificate objects. > This fix rejects attempts to store non-X.509 certificates and throws a KeyStoreException. > > Thanks. > > Bug: https://bugs.openjdk.java.net/browse/JDK-8163503 > Webrev: http://cr.openjdk.java.net/~vinnie/8163503/webrev.00/ > > From sean.coffey at oracle.com Wed Aug 10 13:48:54 2016 From: sean.coffey at oracle.com (=?UTF-8?Q?Se=c3=a1n_Coffey?=) Date: Wed, 10 Aug 2016 14:48:54 +0100 Subject: RFR : 8147772, 8163104 Message-ID: <57AB30C6.6020600@oracle.com> Looking to backport the following two bug fixes to jdk8u-dev : JDK-8147772 Update KerberosTicket to describe behavior if it has been destroyed and fix NullPointerExceptions JDK-8163104 Unexpected NPE still possible on some Kerberos ticket calls The changes are similar to JDK 9 expect that the @implNote and javadoc edits have been omitted from jdk8u for the 8147772 port. webrev : http://cr.openjdk.java.net/~coffeys/webrev.8147772.8163104.jdk8u/webrev/ -- Regards, Sean. From weijun.wang at oracle.com Wed Aug 10 14:31:40 2016 From: weijun.wang at oracle.com (Wang Weijun) Date: Wed, 10 Aug 2016 22:31:40 +0800 Subject: RFR : 8147772, 8163104 In-Reply-To: <57AB30C6.6020600@oracle.com> References: <57AB30C6.6020600@oracle.com> Message-ID: The changes look fine. Thanks Max > On 2016?8?10?, at ??9:48, Se?n Coffey wrote: > > Looking to backport the following two bug fixes to jdk8u-dev : > > JDK-8147772 Update KerberosTicket to describe behavior if it has been destroyed and fix NullPointerExceptions > JDK-8163104 Unexpected NPE still possible on some Kerberos ticket calls > > The changes are similar to JDK 9 expect that the @implNote and javadoc edits have been omitted from jdk8u for the 8147772 port. > > webrev : http://cr.openjdk.java.net/~coffeys/webrev.8147772.8163104.jdk8u/webrev/ > > -- > Regards, > Sean. > From chris.hegarty at oracle.com Wed Aug 10 15:42:08 2016 From: chris.hegarty at oracle.com (Chris Hegarty) Date: Wed, 10 Aug 2016 16:42:08 +0100 Subject: RFR [9] 8156841: sun.security.pkcs11.SunPKCS11 poller thread retains a strong reference to the context class loader Message-ID: The SunPKCS11 poller thread has no need of any user defined class loader, so should set its context class loader to null before starting, so as to not inadvertently retain a reference to the creating thread?s context class loader. In other areas that suffered from a similar issue we changed to use an InnocuousThread, but I cannot fully satisfy myself that this is a safe substation here, so I opted for the safest minimal fix. A future refactoring exercise should consider using InnocuousThread. diff -r 92c31ec731eb src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/SunPKCS11.java --- a/src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/SunPKCS11.java Wed Aug 10 11:54:12 2016 +0100 +++ b/src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/SunPKCS11.java Wed Aug 10 16:32:41 2016 +0100 @@ -809,20 +809,21 @@ } } // create the poller thread, if not already active private void createPoller() { if (poller != null) { return; } final TokenPoller poller = new TokenPoller(this); Thread t = new Thread(null, poller, "Poller " + getName(), 0, false); + t.setContextClassLoader(null); t.setDaemon(true); t.setPriority(Thread.MIN_PRIORITY); t.start(); this.poller = poller; } // destroy the poller thread, if active private void destroyPoller() { if (poller != null) { poller.disable(); https://bugs.openjdk.java.net/browse/JDK-8156841 -Chris. From sean.mullan at oracle.com Wed Aug 10 16:04:08 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Wed, 10 Aug 2016 12:04:08 -0400 Subject: [9]RFR 8163435: Update issue number for SupportedDHKeys.java and UnsupportedDHKeys.java in ProblemList In-Reply-To: <1115cde9-2248-4d63-68d2-72aaed7b3efb@oracle.com> References: <1115cde9-2248-4d63-68d2-72aaed7b3efb@oracle.com> Message-ID: <571da676-c49c-6f4d-fe4d-c618cac3013c@oracle.com> Looks fine to me. Please add a noreg-trivial or noreg-cleanup label to the bug. --Sean On 08/09/2016 02:35 AM, John Jiang wrote: > Hi, > In ProblemList.txt, the tests > sun/security/pkcs11/KeyAgreement/SupportedDHKeys.java and > sun/security/pkcs11/KeyAgreement/UnsupportedDHKeys.java are tracked by > 8154910. However, JDK-8154910 had been closed as the duplicate of > JDK-8077138. > So, it has to associate both of the above tests to JDK-8077138. > > Issue: https://bugs.openjdk.java.net/browse/JDK-8163435 > Webrev: http://cr.openjdk.java.net/~jjiang/8163435/webrev.00 > > Best regards, > John Jiang > From vincent.x.ryan at oracle.com Wed Aug 10 16:39:36 2016 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Wed, 10 Aug 2016 17:39:36 +0100 Subject: [9] RFR 8163503: PKCS12 keystore cannot store non-X.509 certificates In-Reply-To: <7d5347f8-d01f-bd22-19a7-1590200f4ac7@oracle.com> References: <7d5347f8-d01f-bd22-19a7-1590200f4ac7@oracle.com> Message-ID: <91EFA7E5-0B58-4EC7-9902-EFA9EBCC2798@oracle.com> You?re right. This same issue had been reported as an obscure JCK test failure. I created this new bug to clarify the issue. I?ve updated the webrev to include your suggestion: http://cr.openjdk.java.net/~vinnie/8163503/webrev.01/ Thanks. > On 10 Aug 2016, at 01:38, Weijun Wang wrote: > > I thought I've seen this webrev before. > > Why not just throw a KeyStoreException in validateChain()? > > --Max > > On 8/10/2016 2:14, Vincent Ryan wrote: >> Please review this fix to improve the error handling for attempts to store a Certificate object in PKCS12 keystore. >> The PKCS12 keystore implementation supports storing only X509Certificate objects but the KeyStore API allows Certificate objects. >> This fix rejects attempts to store non-X.509 certificates and throws a KeyStoreException. >> >> Thanks. >> >> Bug: https://bugs.openjdk.java.net/browse/JDK-8163503 >> Webrev: http://cr.openjdk.java.net/~vinnie/8163503/webrev.00/ >> >> From vincent.x.ryan at oracle.com Wed Aug 10 16:39:41 2016 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Wed, 10 Aug 2016 17:39:41 +0100 Subject: [9] RFR 8163503: PKCS12 keystore cannot store non-X.509 certificates In-Reply-To: References: <7d5347f8-d01f-bd22-19a7-1590200f4ac7@oracle.com> Message-ID: <965F1A6E-D41B-4061-A6D9-F21004F95020@oracle.com> Yes they could be merged but the first loop iterates over all the certs and the second one iterates over all but the final cert. And the special case of a 1-cert chain also needs to be handled. I think it?s a little clearer to leave them separate. An updated webrev is at: http://cr.openjdk.java.net/~vinnie/8163503/webrev.01/ Thanks. > On 10 Aug 2016, at 02:04, Xuelei Fan wrote: > > The for loop at line 1507 and 1520 may be merged together. > > Xuelei > > On 8/10/2016 8:38 AM, Weijun Wang wrote: >> I thought I've seen this webrev before. >> >> Why not just throw a KeyStoreException in validateChain()? >> >> --Max >> >> On 8/10/2016 2:14, Vincent Ryan wrote: >>> Please review this fix to improve the error handling for attempts to >>> store a Certificate object in PKCS12 keystore. >>> The PKCS12 keystore implementation supports storing only >>> X509Certificate objects but the KeyStore API allows Certificate objects. >>> This fix rejects attempts to store non-X.509 certificates and throws a >>> KeyStoreException. >>> >>> Thanks. >>> >>> Bug: https://bugs.openjdk.java.net/browse/JDK-8163503 >>> Webrev: http://cr.openjdk.java.net/~vinnie/8163503/webrev.00/ >>> >>> > From vincent.x.ryan at oracle.com Wed Aug 10 16:39:47 2016 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Wed, 10 Aug 2016 17:39:47 +0100 Subject: [9] RFR 8163503: PKCS12 keystore cannot store non-X.509 certificates In-Reply-To: <57AAFAE9.6050106@oracle.com> References: <57AAFAE9.6050106@oracle.com> Message-ID: I?ve updated the webrev to include your suggestion: http://cr.openjdk.java.net/~vinnie/8163503/webrev.01/ Thanks. > On 10 Aug 2016, at 10:59, Se?n Coffey wrote: > > It would be good if we can print the cert class type in the new exception if the instanceof check fails. > > Regards, > Sean. > > On 09/08/16 19:14, Vincent Ryan wrote: >> Please review this fix to improve the error handling for attempts to store a Certificate object in PKCS12 keystore. >> The PKCS12 keystore implementation supports storing only X509Certificate objects but the KeyStore API allows Certificate objects. >> This fix rejects attempts to store non-X.509 certificates and throws a KeyStoreException. >> >> Thanks. >> >> Bug: https://bugs.openjdk.java.net/browse/JDK-8163503 >> Webrev: http://cr.openjdk.java.net/~vinnie/8163503/webrev.00/ >> >> > From sean.coffey at oracle.com Wed Aug 10 16:43:52 2016 From: sean.coffey at oracle.com (=?UTF-8?Q?Se=c3=a1n_Coffey?=) Date: Wed, 10 Aug 2016 17:43:52 +0100 Subject: [9] RFR 8163503: PKCS12 keystore cannot store non-X.509 certificates In-Reply-To: References: <57AAFAE9.6050106@oracle.com> Message-ID: <57AB59C8.5020906@oracle.com> Looks good. Thanks. Regards, Sean. On 10/08/16 17:39, Vincent Ryan wrote: > I?ve updated the webrev to include your suggestion: > http://cr.openjdk.java.net/~vinnie/8163503/webrev.01/ > > Thanks. > >> On 10 Aug 2016, at 10:59, Se?n Coffey wrote: >> >> It would be good if we can print the cert class type in the new exception if the instanceof check fails. >> >> Regards, >> Sean. >> >> On 09/08/16 19:14, Vincent Ryan wrote: >>> Please review this fix to improve the error handling for attempts to store a Certificate object in PKCS12 keystore. >>> The PKCS12 keystore implementation supports storing only X509Certificate objects but the KeyStore API allows Certificate objects. >>> This fix rejects attempts to store non-X.509 certificates and throws a KeyStoreException. >>> >>> Thanks. >>> >>> Bug: https://bugs.openjdk.java.net/browse/JDK-8163503 >>> Webrev: http://cr.openjdk.java.net/~vinnie/8163503/webrev.00/ >>> >>> From valerie.peng at oracle.com Wed Aug 10 16:51:48 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Wed, 10 Aug 2016 09:51:48 -0700 Subject: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" In-Reply-To: <0542fdf7-61d5-4b19-b3a1-319b212cc4ae@default> References:

<6f4cb691-e0f6-46da-88ae-7624ccaafa33@default> <334FB775-E3E9-4A8A-A49F-E1B6D661E3A0@oracle.com> <0542fdf7-61d5-4b19-b3a1-319b212cc4ae@default> Message-ID: <072eb311-c86e-f659-7328-9b77bfaec84e@oracle.com> Changes look fine. Thanks, Valerie On 8/10/2016 2:08 AM, Sibabrata Sahoo wrote: > Hi Valerie, > > I have addressed the suggestion provided by Max to add "==" for the test policy files because " lib/security/default.policy" file is included by default. I am waiting for your suggestion to complete this review. > > Here is the latest webrev: http://cr.openjdk.java.net/~ssahoo/8159964/webrev.02/ > > > Thanks, > Siba > > -----Original Message----- > From: Wang Weijun > Sent: Tuesday, August 09, 2016 1:21 PM > To: Sibabrata Sahoo > Cc: security-dev at openjdk.java.net; Valerie Peng > Subject: Re: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" > > DeprivilegedModuleLoaderTest.java looks good to me. > > I am not sure why you picked those 2 javax.xml.crypto tests. Have they have covered the common functions? I'll let someone else to judge it. > > BTW, I would prefer "java.security.policy==test.policy" (or just policy=test.policy) to "java.security.policy=test.policy". > > Thanks > Max > >> On 2016?8?9?, at ??2:16, Sibabrata Sahoo wrote: >> >> Ping.. >> >> -----Original Message----- >> From: Sibabrata Sahoo >> Sent: Friday, August 05, 2016 7:28 PM >> To: Weijun Wang; security-dev at openjdk.java.net; Valerie Peng >> Subject: RE: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" >> >> Hi Max, >> >> Here is the updated webrev: >> http://cr.openjdk.java.net/~ssahoo/8159964/webrev.01/ >> >> Thanks, >> Siba >> >> -----Original Message----- >> From: Weijun Wang >> Sent: Friday, August 05, 2016 4:19 PM >> To: Sibabrata Sahoo; security-dev at openjdk.java.net; Valerie Peng >> Subject: Re: [9] RFR: 8159964: Update Tests to verify JDK build for "JDK-8159488 Deprivilege java.xml.crypto" >> >> I'm looking at DeprivilegedModuleLoaderTest.java. >> >> Why not just call >> >> classes.add(XMLSignatureFactory.class); >> >> --Max >> >> On 8/5/2016 18:00, Sibabrata Sahoo wrote: >>> Hi, >>> >>> >>> >>> Please review the patch for "deprivilege java.xml.crypto, >>> java.security.jgss, jdk.security.jgss and jdk.security.auth" modules. >>> >>> >>> >>> JBS: https://bugs.openjdk.java.net/browse/JDK-8159964 >>> >>> Webrev: http://cr.openjdk.java.net/~ssahoo/8159964/webrev.00/ >>> >>> >>> >>> Description: >>> >>> This includes a new Test which verifies the classes from >>> "java.xml.crypto, java.security.jgss, jdk.security.jgss and >>> jdk.security.auth" modules get loaded through Platform Classloader. >>> It also includes modifying few existing test to run with Security >>> manager enabled. >>> >>> >>> >>> Thanks, >>> >>> Siba >>> >>> >>> From jamil.j.nimeh at oracle.com Wed Aug 10 18:12:51 2016 From: jamil.j.nimeh at oracle.com (Jamil Nimeh) Date: Wed, 10 Aug 2016 11:12:51 -0700 Subject: RFR [9] 8156841: sun.security.pkcs11.SunPKCS11 poller thread retains a strong reference to the context class loader In-Reply-To: References: Message-ID: Hi Chris, I am not an official reviewer, but this looks pretty straightforward to me. --Jamil On 08/10/2016 08:42 AM, Chris Hegarty wrote: > The SunPKCS11 poller thread has no need of any user defined class loader, > so should set its context class loader to null before starting, so as to not > inadvertently retain a reference to the creating thread?s context class loader. > > In other areas that suffered from a similar issue we changed to use an > InnocuousThread, but I cannot fully satisfy myself that this is a safe > substation here, so I opted for the safest minimal fix. A future refactoring > exercise should consider using InnocuousThread. > > diff -r 92c31ec731eb src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/SunPKCS11.java > --- a/src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/SunPKCS11.java Wed Aug 10 11:54:12 2016 +0100 > +++ b/src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/SunPKCS11.java Wed Aug 10 16:32:41 2016 +0100 > @@ -809,20 +809,21 @@ > } > } > > // create the poller thread, if not already active > private void createPoller() { > if (poller != null) { > return; > } > final TokenPoller poller = new TokenPoller(this); > Thread t = new Thread(null, poller, "Poller " + getName(), 0, false); > + t.setContextClassLoader(null); > t.setDaemon(true); > t.setPriority(Thread.MIN_PRIORITY); > t.start(); > this.poller = poller; > } > > // destroy the poller thread, if active > private void destroyPoller() { > if (poller != null) { > poller.disable(); > > https://bugs.openjdk.java.net/browse/JDK-8156841 > > -Chris. From sean.mullan at oracle.com Wed Aug 10 18:19:39 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Wed, 10 Aug 2016 14:19:39 -0400 Subject: RFR: 8061842: Package jurisdiction policy files as something other than JAR In-Reply-To: <65380927-0e9e-c887-8537-b375733e5c0f@oracle.com> References: <65380927-0e9e-c887-8537-b375733e5c0f@oracle.com> Message-ID: <53680482-2bbf-710f-071d-4277c2d985d7@oracle.com> Hi Brad, Looks pretty good. You should also send this to build-dev to review the Makefile changes. Just a few comments: - src/java.base/share/conf/security/policy/README.txt 17 contain no restrictions on cryptographic strengths, but they must s/must/must be/ 18 specifically activated by updating the "crypto.policy" entry in the s/entry/Security property/ 33 Please see The Java(TM) Cryptography Architecture (JCA) Reference Is "TM" really necessary here? - src/java.base/share/conf/security/policy/unlimited/default_US_export.policy 1 // Manufacturing policy file. The term "Manufacturing" is odd. Can we just say this is the "Default local policy file"? - src/java.base/share/conf/security/java.security 854 crypto.policy=policydir-tbd The policydir-tbd value is a little confusing in that it isn't a real value. What about just setting this to the empty string? - src/java.base/share/classes/javax/crypto/JceSecurity.java 255 String cryptoPolicyDir = Security.getProperty("crypto.policy"); 256 Path cryptoPolicyPath = Paths.get(cryptoPolicyDir); What happens if crypto.policy is not set or is set to ""? 302 // I/O error encounted during the iteration, s/encounted/encountered/ --Sean On 08/04/2016 03:35 PM, Bradford Wetmore wrote: > https://bugs.openjdk.java.net/browse/JDK-8061842 > http://cr.openjdk.java.net/~wetmore/8061842/webrev.00/ > > The proposal is to move the configuration files from the jar files in > /lib/security to a series of subdirectories under a new > "policy" subdirectory in /conf/security. Each subdirectory > within that directory will represent a complete policy configuration. > The existing jar files will be split into flat text files such that the > current/existing policies remain. > > The default set of policy files (i.e. directory) is configured using a > new java.security.Security property called "crypto.policy" which will be > added to the /conf/security/java.security file. The default > initial options are "limited" or "unlimited", however additional > directories could potentially be created that specify other > as-yet-unknown policies. > > The default value of this property will be "limited" which corresponds > to our current policy for JRE/JDK export/import around the world. > However, the build respects the following "configure" option: > > --enable-unlimited-crypto > Enable unlimited crypto policy [disabled] > > Within the directory, our implementation will look for files using the > standard filename prefix above ("default_" or "exempt_"), thus new > additional policy restrictions/abstractions can be added with a simple > file addition. > > Brad > From sean.mullan at oracle.com Wed Aug 10 20:15:33 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Wed, 10 Aug 2016 16:15:33 -0400 Subject: [9] RFR 8163503: PKCS12 keystore cannot store non-X.509 certificates In-Reply-To: <965F1A6E-D41B-4061-A6D9-F21004F95020@oracle.com> References: <7d5347f8-d01f-bd22-19a7-1590200f4ac7@oracle.com> <965F1A6E-D41B-4061-A6D9-F21004F95020@oracle.com> Message-ID: On 08/10/2016 12:39 PM, Vincent Ryan wrote: > Yes they could be merged but the first loop iterates over all the certs and the second one iterates over all but the final cert. > And the special case of a 1-cert chain also needs to be handled. I think it?s a little clearer to leave them separate. Agreed, but it's probably better to check these earlier and bail out if they are not all X509Certificates, for example, right at the beginning of engineSetKeyEntry. There is no need to proceed with decoding keys, etc since it is already a violation of the supported API parameters. --Sean > > An updated webrev is at: > http://cr.openjdk.java.net/~vinnie/8163503/webrev.01/ > > Thanks. > >> On 10 Aug 2016, at 02:04, Xuelei Fan wrote: >> >> The for loop at line 1507 and 1520 may be merged together. >> >> Xuelei >> >> On 8/10/2016 8:38 AM, Weijun Wang wrote: >>> I thought I've seen this webrev before. >>> >>> Why not just throw a KeyStoreException in validateChain()? >>> >>> --Max >>> >>> On 8/10/2016 2:14, Vincent Ryan wrote: >>>> Please review this fix to improve the error handling for attempts to >>>> store a Certificate object in PKCS12 keystore. >>>> The PKCS12 keystore implementation supports storing only >>>> X509Certificate objects but the KeyStore API allows Certificate objects. >>>> This fix rejects attempts to store non-X.509 certificates and throws a >>>> KeyStoreException. >>>> >>>> Thanks. >>>> >>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8163503 >>>> Webrev: http://cr.openjdk.java.net/~vinnie/8163503/webrev.00/ >>>> >>>> >> > From valerie.peng at oracle.com Wed Aug 10 20:27:35 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Wed, 10 Aug 2016 13:27:35 -0700 Subject: RFR [9] 8156841: sun.security.pkcs11.SunPKCS11 poller thread retains a strong reference to the context class loader In-Reply-To: References: Message-ID: Changes look fine. Thanks, Valerie On 8/10/2016 8:42 AM, Chris Hegarty wrote: > The SunPKCS11 poller thread has no need of any user defined class loader, > so should set its context class loader to null before starting, so as to not > inadvertently retain a reference to the creating thread?s context class loader. > > In other areas that suffered from a similar issue we changed to use an > InnocuousThread, but I cannot fully satisfy myself that this is a safe > substation here, so I opted for the safest minimal fix. A future refactoring > exercise should consider using InnocuousThread. > > diff -r 92c31ec731eb src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/SunPKCS11.java > --- a/src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/SunPKCS11.java Wed Aug 10 11:54:12 2016 +0100 > +++ b/src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/SunPKCS11.java Wed Aug 10 16:32:41 2016 +0100 > @@ -809,20 +809,21 @@ > } > } > > // create the poller thread, if not already active > private void createPoller() { > if (poller != null) { > return; > } > final TokenPoller poller = new TokenPoller(this); > Thread t = new Thread(null, poller, "Poller " + getName(), 0, false); > + t.setContextClassLoader(null); > t.setDaemon(true); > t.setPriority(Thread.MIN_PRIORITY); > t.start(); > this.poller = poller; > } > > // destroy the poller thread, if active > private void destroyPoller() { > if (poller != null) { > poller.disable(); > > https://bugs.openjdk.java.net/browse/JDK-8156841 > > -Chris. From sean.mullan at oracle.com Wed Aug 10 20:32:31 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Wed, 10 Aug 2016 16:32:31 -0400 Subject: [9] RFR 8157579: com/sun/crypto/provider/Mac/MacClone.java failed on solaris12(sparcv9 and x86) In-Reply-To: <6681bdab-e019-ea5b-1b17-723019839357@oracle.com> References: <42279da0-e45a-9809-c1f2-f3fcaaf58951@oracle.com> <62772189-4c08-8ffc-10e5-26dcf57d92ef@oracle.com> <6681bdab-e019-ea5b-1b17-723019839357@oracle.com> Message-ID: On 08/09/2016 10:00 PM, Valerie Peng wrote: > > OracleUcrypto provider already separates them in two classes: The > cloneable libMD digest impls are encapsulated by a class which > implements Cloneable and the new un-cloneable Ucrypto digest impls are > in a class which does not. > I wasn't sure if we can safely assume that an instance supports clone > when it implements Cloneable. True, but I think those would be considered bad Cloneable implementations. > So I thought better call clone() to be > sure. Given your feedback, I have replaced the clone() calls with > instanceof checks. > Webrev updated: http://cr.openjdk.java.net/~valeriep/8157579/webrev.02 Looks good. --Sean > > Thanks, > Valerie > > > On 8/9/2016 10:43 AM, Sean Mullan wrote: >> Or better yet, just change the ucrypto impl to not implement Cloneable >> regardless what Solaris version you are on. Then you can just check >> each MessageDigest impl to see if it is an instanceof Cloneable rather >> than calling clone on each. >> >> --Sean >> >> On 08/09/2016 09:38 AM, Sean Mullan wrote: >>> Is there any way to split the Ucrypto MessageDigest implementation into >>> 2 classes, one that implements Cloneable and the other which doesn't, >>> and use the appropriate one depending on which OS version you are on? >>> >>> This way, instead of calling clone and catching >>> CloneNotSupportedException, you could just check each MessageDigest >>> object to see if it implements Cloneable. >>> >>> --Sean >>> >>> >>> On 08/04/2016 10:01 PM, Valerie Peng wrote: >>>> >>>> Anyone has time to review this fix? The code change is in only one file >>>> and straightforward if you agree with the approach. >>>> Starting S11.3 and S12, OracleUcrypto provider switched to new Ucrypto >>>> APIs for message digest operations and there is no clone support. >>>> This affects the MAC impls of SunJCE provider which delegates the >>>> digest >>>> operation to the most preferred provider. >>>> To ensure the clone support, I will switch to getting the digest impl >>>> from SUN provider if the most preferred one does not. >>>> In the case of SUN provider is not available, it will then goes through >>>> provider list. >>>> >>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8157579 >>>> Webrev: http://cr.openjdk.java.net/~valeriep/8157579/webrev.00/ >>>> >>>> No new test as it's covered by existing regression test. >>>> >>>> Thanks, >>>> Valerie >>>> >>>> > From artem.smotrakov at oracle.com Wed Aug 10 22:44:09 2016 From: artem.smotrakov at oracle.com (Artem Smotrakov) Date: Wed, 10 Aug 2016 15:44:09 -0700 Subject: [9] RFR: 8162484: javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails intermittently with "Address already in use" error Message-ID: Hello, Please review this update for OCSP stapling tests. The tests use test/java/security/testlibrary/SimpleOCSPServer.java which try to re-use a server port if the server restarted. Looks like sometimes it may cause "Address already in use" error. The patch updates OCSP stapling tests with the following: - updated SSLSocketWithStapling.java test not to restart OCSP responders - updated SimpleOCSPServer to be able to reject incoming connections - updated SimpleOCSPServer to be able to reproduce a delay without restarting Jamil, Could you please take a look at this update, and confirm if this update doesn't break the original test scenarios? Bug: https://bugs.openjdk.java.net/browse/JDK-8162484 Webrev: http://cr.openjdk.java.net/~asmotrak/8162484/webrev.00/ Artem From jamil.j.nimeh at oracle.com Wed Aug 10 23:16:12 2016 From: jamil.j.nimeh at oracle.com (Jamil Nimeh) Date: Wed, 10 Aug 2016 16:16:12 -0700 Subject: [9] RFR: 8162484: javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails intermittently with "Address already in use" error In-Reply-To: References: Message-ID: <6f25548c-70df-8b24-147c-f61ce89a125a@oracle.com> Hi Artem, I'm not an official reviewer but the solution for making the servers reject connections rather than stop and start looks pretty fair to me and seems like a nice way to simulate a downed OCSP responder instead of having to bounce it. A couple comments/questions: I'm a bit surprised that you get the "Address already in use" error though. Isn't servSocket.setReuseAddress(true) on line 214 supposed to set the SO_REUSEADDR at the system call level and prevent EADDRINUSE when listening or binding? When you create the new ServerSocket on line 212, you're now binding it to the port now where originally it started as an unbound socket. By doing so, the behavior of setReuseAddress() on line 214 is now undefined. While this test no longer stops/starts the server, other tests may wish to do so and their behavior may not be consistent (though apparently it wasn't consistent even in the old scheme where the socket was unbound, then setReuseAddress() was called...) --Jamil On 08/10/2016 03:44 PM, Artem Smotrakov wrote: > Hello, > > Please review this update for OCSP stapling tests. > > The tests use test/java/security/testlibrary/SimpleOCSPServer.java > which try to re-use a server port if the server restarted. Looks like > sometimes it may cause "Address already in use" error. > > The patch updates OCSP stapling tests with the following: > - updated SSLSocketWithStapling.java test not to restart OCSP responders > - updated SimpleOCSPServer to be able to reject incoming connections > - updated SimpleOCSPServer to be able to reproduce a delay without > restarting > > Jamil, > > Could you please take a look at this update, and confirm if this > update doesn't break the original test scenarios? > > Bug: https://bugs.openjdk.java.net/browse/JDK-8162484 > Webrev: http://cr.openjdk.java.net/~asmotrak/8162484/webrev.00/ > > Artem From xuelei.fan at oracle.com Wed Aug 10 23:36:59 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Thu, 11 Aug 2016 07:36:59 +0800 Subject: [9] RFR 8163503: PKCS12 keystore cannot store non-X.509 certificates In-Reply-To: References: <7d5347f8-d01f-bd22-19a7-1590200f4ac7@oracle.com> <965F1A6E-D41B-4061-A6D9-F21004F95020@oracle.com> Message-ID: On 8/11/2016 4:15 AM, Sean Mullan wrote: > On 08/10/2016 12:39 PM, Vincent Ryan wrote: >> Yes they could be merged but the first loop iterates over all the >> certs and the second one iterates over all but the final cert. >> And the special case of a 1-cert chain also needs to be handled. I >> think it?s a little clearer to leave them separate. > > Agreed, but it's probably better to check these earlier and bail out if > they are not all X509Certificates, for example, right at the beginning > of engineSetKeyEntry. There is no need to proceed with decoding keys, > etc since it is already a violation of the supported API parameters. > Good! Xuelei > --Sean > >> >> An updated webrev is at: >> http://cr.openjdk.java.net/~vinnie/8163503/webrev.01/ >> >> Thanks. >> >>> On 10 Aug 2016, at 02:04, Xuelei Fan wrote: >>> >>> The for loop at line 1507 and 1520 may be merged together. >>> >>> Xuelei >>> >>> On 8/10/2016 8:38 AM, Weijun Wang wrote: >>>> I thought I've seen this webrev before. >>>> >>>> Why not just throw a KeyStoreException in validateChain()? >>>> >>>> --Max >>>> >>>> On 8/10/2016 2:14, Vincent Ryan wrote: >>>>> Please review this fix to improve the error handling for attempts to >>>>> store a Certificate object in PKCS12 keystore. >>>>> The PKCS12 keystore implementation supports storing only >>>>> X509Certificate objects but the KeyStore API allows Certificate >>>>> objects. >>>>> This fix rejects attempts to store non-X.509 certificates and throws a >>>>> KeyStoreException. >>>>> >>>>> Thanks. >>>>> >>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8163503 >>>>> Webrev: http://cr.openjdk.java.net/~vinnie/8163503/webrev.00/ >>>>> >>>>> >>> >> From weijun.wang at oracle.com Thu Aug 11 03:31:06 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Thu, 11 Aug 2016 11:31:06 +0800 Subject: RFR 8133910: Some sun/security/tools tests failed. In-Reply-To: <5C5B7CA0-4133-49F3-8DE9-10D4F46BF8F1@oracle.com> References: <5C5B7CA0-4133-49F3-8DE9-10D4F46BF8F1@oracle.com> Message-ID: <4a997619-dffb-f5bb-74ba-469d9f99d92b@oracle.com> Ping again. Thanks. --Max On 8/9/2016 15:37, Wang Weijun wrote: > Please review the fix at > > http://cr.openjdk.java.net/~weijun/8133910/webrev.00/ > > Basically, "-J-Duser.language=en -J-Duser.country=US" is added to keytool and jarsigner calls wherever output needs to be compared to some English text. > From xuelei.fan at oracle.com Thu Aug 11 03:52:17 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Thu, 11 Aug 2016 11:52:17 +0800 Subject: RFR 8133910: Some sun/security/tools tests failed. In-Reply-To: <4a997619-dffb-f5bb-74ba-469d9f99d92b@oracle.com> References: <5C5B7CA0-4133-49F3-8DE9-10D4F46BF8F1@oracle.com> <4a997619-dffb-f5bb-74ba-469d9f99d92b@oracle.com> Message-ID: <74dd3ff3-6e6e-31af-c283-e0366b61b6b4@oracle.com> Looks fine. Xuelei On 8/11/2016 11:31 AM, Weijun Wang wrote: > Ping again. Thanks. --Max > > On 8/9/2016 15:37, Wang Weijun wrote: >> Please review the fix at >> >> http://cr.openjdk.java.net/~weijun/8133910/webrev.00/ >> >> Basically, "-J-Duser.language=en -J-Duser.country=US" is added to >> keytool and jarsigner calls wherever output needs to be compared to >> some English text. >> From sha.jiang at oracle.com Thu Aug 11 06:47:21 2016 From: sha.jiang at oracle.com (John Jiang) Date: Thu, 11 Aug 2016 14:47:21 +0800 Subject: [9] RFR 8161340: ProblemList.txt update for sun/security/tools/keytool/autotest.sh Message-ID: <36f81412-dea3-fb0c-b07f-84a8049dec60@oracle.com> Hi, Please review this patch for removing sun/security/tools/keytool/autotest.sh from ProblemList.txt. Because the associated issue JDK-8130302 has been resolved. Issue: https://bugs.openjdk.java.net/browse/JDK-8161340 Webrev: http://cr.openjdk.java.net/~jjiang/8161340/webrev.00/ Best regards, John Jiang From weijun.wang at oracle.com Thu Aug 11 07:23:00 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Thu, 11 Aug 2016 15:23:00 +0800 Subject: [9] RFR 8161340: ProblemList.txt update for sun/security/tools/keytool/autotest.sh In-Reply-To: <36f81412-dea3-fb0c-b07f-84a8049dec60@oracle.com> References: <36f81412-dea3-fb0c-b07f-84a8049dec60@oracle.com> Message-ID: Change looks fine. Thanks for taking care of it. I should have removed it in my fix. --Max On 8/11/2016 14:47, John Jiang wrote: > Hi, > Please review this patch for removing > sun/security/tools/keytool/autotest.sh from ProblemList.txt. > Because the associated issue JDK-8130302 has been resolved. > > Issue: https://bugs.openjdk.java.net/browse/JDK-8161340 > Webrev: http://cr.openjdk.java.net/~jjiang/8161340/webrev.00/ > > Best regards, > John Jiang > From jamil.j.nimeh at oracle.com Thu Aug 11 07:51:09 2016 From: jamil.j.nimeh at oracle.com (Jamil Nimeh) Date: Thu, 11 Aug 2016 00:51:09 -0700 Subject: RFR 8162808: References to the standard JSSE cipher suite names Message-ID: Hello all, This javadoc-only change adds references to the JSSE cipher suite list in the Standard Names documentation for those methods which return or can set lists of cipher suites by their String names. JBS: https://bugs.openjdk.java.net/browse/JDK-8162808 Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8162808/webrev.01 Thanks, --Jamil From xuelei.fan at oracle.com Thu Aug 11 08:47:43 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Thu, 11 Aug 2016 16:47:43 +0800 Subject: RFR 8162808: References to the standard JSSE cipher suite names In-Reply-To: References: Message-ID: <7ccd2a11-4994-5ec7-a599-4d779c383024@oracle.com> SSLParameters.java May be better to use the same words in the constructors SSLParameters(String[]) and SSLParameters(String[], String[]). Otherwise, looks fine to me. Thanks, Xuelei On 8/11/2016 3:51 PM, Jamil Nimeh wrote: > Hello all, > > This javadoc-only change adds references to the JSSE cipher suite list > in the Standard Names documentation for those methods which return or > can set lists of cipher suites by their String names. > > JBS: https://bugs.openjdk.java.net/browse/JDK-8162808 > Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8162808/webrev.01 > > Thanks, > --Jamil From vincent.x.ryan at oracle.com Thu Aug 11 11:55:20 2016 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Thu, 11 Aug 2016 12:55:20 +0100 Subject: [9] RFR 6877937: The SunJCE PBKDF2KeyImpl is requiring the MAC instance also be from SunJCE. Message-ID: <75EC098D-BE36-410D-AE23-D7BC75021283@oracle.com> Please review this change to unpin the Mac implementation from the SunJCE provider. Since the Mac is a private field there are no issues regarding Clonable implementations for Mac or its MessageDigest. Thanks. Bug: https://bugs.openjdk.java.net/browse/JDK-6977937 diff --git a/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java b/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java --- a/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java @@ -107,7 +107,7 @@ throw new InvalidKeySpecException("Key length is negative"); } try { - this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); + this.prf = Mac.getInstance(prfAlgo); } catch (NoSuchAlgorithmException nsae) { // not gonna happen; re-throw just in case InvalidKeySpecException ike = new InvalidKeySpecException(); -------------- next part -------------- An HTML attachment was scrubbed... URL: From xuelei.fan at oracle.com Thu Aug 11 12:54:04 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Thu, 11 Aug 2016 20:54:04 +0800 Subject: [9] RFR 6877937: The SunJCE PBKDF2KeyImpl is requiring the MAC instance also be from SunJCE. In-Reply-To: <75EC098D-BE36-410D-AE23-D7BC75021283@oracle.com> References: <75EC098D-BE36-410D-AE23-D7BC75021283@oracle.com> Message-ID: <0a338cc5-3238-e348-383b-abc5907c2ec1@oracle.com> Looks fine to me. Xuelei On 8/11/2016 7:55 PM, Vincent Ryan wrote: > Please review this change to unpin the Mac implementation from the > SunJCE provider. > Since the Mac is a private field there are no issues > regarding Clonable implementations for Mac or its MessageDigest. > Thanks. > > Bug: https://bugs.openjdk.java.net/browse/JDK-6977937 > > *diff --git > a/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java > b/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java* > *--- > a/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java* > *+++ > b/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java* > @@ -107,7 +107,7 @@ > throw new InvalidKeySpecException("Key length is negative"); > } > try { > - this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); > + this.prf = Mac.getInstance(prfAlgo); > } catch (NoSuchAlgorithmException nsae) { > // not gonna happen; re-throw just in case > InvalidKeySpecException ike = new InvalidKeySpecException(); From jamil.j.nimeh at oracle.com Thu Aug 11 14:05:56 2016 From: jamil.j.nimeh at oracle.com (Jamil Nimeh) Date: Thu, 11 Aug 2016 07:05:56 -0700 Subject: RFR 8162808: References to the standard JSSE cipher suite names In-Reply-To: <7ccd2a11-4994-5ec7-a599-4d779c383024@oracle.com> References: <7ccd2a11-4994-5ec7-a599-4d779c383024@oracle.com> Message-ID: <8124b559-2233-e6e8-8d66-93fd213ef47e@oracle.com> No problem, I'll get that fixed and remake the Javadocs to sanity check. --Jamil On 8/11/2016 1:47 AM, Xuelei Fan wrote: > SSLParameters.java > May be better to use the same words in the constructors > SSLParameters(String[]) and SSLParameters(String[], String[]). > > Otherwise, looks fine to me. > > Thanks, > Xuelei > > On 8/11/2016 3:51 PM, Jamil Nimeh wrote: >> Hello all, >> >> This javadoc-only change adds references to the JSSE cipher suite list >> in the Standard Names documentation for those methods which return or >> can set lists of cipher suites by their String names. >> >> JBS: https://bugs.openjdk.java.net/browse/JDK-8162808 >> Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8162808/webrev.01 >> >> Thanks, >> --Jamil From artem.smotrakov at oracle.com Thu Aug 11 18:46:39 2016 From: artem.smotrakov at oracle.com (Artem Smotrakov) Date: Thu, 11 Aug 2016 11:46:39 -0700 Subject: [9] RFR: 8162484: javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails intermittently with "Address already in use" error In-Reply-To: <6f25548c-70df-8b24-147c-f61ce89a125a@oracle.com> References: <6f25548c-70df-8b24-147c-f61ce89a125a@oracle.com> Message-ID: Hi Jamil, Thank you for review. Please see inline. On 08/10/2016 04:16 PM, Jamil Nimeh wrote: > Hi Artem, > > I'm not an official reviewer but the solution for making the servers > reject connections rather than stop and start looks pretty fair to me > and seems like a nice way to simulate a downed OCSP responder instead > of having to bounce it. A couple comments/questions: > > I'm a bit surprised that you get the "Address already in use" error > though. Well, to be honest, I was not able to reproduce this failure locally. I was running the test in a loop for a couple of days, and it didn't fail. But the test has been observed to fail in other test runs (jprt, CI, etc). I am not an expert in networking, and I would appreciate if someone more knowledgeable gives an advise how these intermittent failures can be avoided. > Isn't servSocket.setReuseAddress(true) on line 214 supposed to set the > SO_REUSEADDR at the system call level and prevent EADDRINUSE when > listening or binding? If I am not missing something, the test has been observed to fails while re-binding. I am wondering if it's possible that the port becomes busy after the server socket was closed, but before bind() is called again. The probability of this situation seems to be very low which has been actually seen - the test fails very rare. If this is the case, it seems like servSocket.setReuseAddress(true) doesn't help because the port is taken by another process (I am not sure that SO_REUSEADDR prevents from this). Again, this is only my guess, and I may be wrong. > > When you create the new ServerSocket on line 212, you're now binding > it to the port now where originally it started as an unbound socket. > By doing so, the behavior of setReuseAddress() on line 214 is now > undefined. This setReuseAddress() call looks unnecessary now. I'll update the test. > While this test no longer stops/starts the server, other tests may > wish to do so and their behavior may not be consistent (though > apparently it wasn't consistent even in the old scheme where the > socket was unbound, then setReuseAddress() was called...) Correct. I checked other code which depend on SimpleOCSPServer javax/net/ssl/Stapling/HttpsUrlConnClient.java javax/net/ssl/Stapling/SSLEngineWithStapling.java javax/net/ssl/Stapling/SSLSocketWithStapling.java javax/net/ssl/Stapling/StapleEnableProps.java sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java artem at artem-laptop:~/ws/jdk/jdk9_dev_stapling_test/jdk/test$ kate javax/net/ssl/Stapling/HttpsUrlConnClient.java javax/net/ssl/Stapling/SSLEngineWithStapling.java javax/net/ssl/Stapling/SSLSocketWithStapling.java javax/net/ssl/Stapling/StapleEnableProps.java sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java These tests call stop() only once when actual testcases are done. Actually, some of them don't even call stop(), but it seems to work fine. As an enhancement, I would add stop() calls to finally blocks, but it seems to work fine without it anyway. Here is an updated webrev: http://cr.openjdk.java.net/~asmotrak/8162484/webrev.01/ Artem > > --Jamil > > > On 08/10/2016 03:44 PM, Artem Smotrakov wrote: >> Hello, >> >> Please review this update for OCSP stapling tests. >> >> The tests use test/java/security/testlibrary/SimpleOCSPServer.java >> which try to re-use a server port if the server restarted. Looks like >> sometimes it may cause "Address already in use" error. >> >> The patch updates OCSP stapling tests with the following: >> - updated SSLSocketWithStapling.java test not to restart OCSP responders >> - updated SimpleOCSPServer to be able to reject incoming connections >> - updated SimpleOCSPServer to be able to reproduce a delay without >> restarting >> >> Jamil, >> >> Could you please take a look at this update, and confirm if this >> update doesn't break the original test scenarios? >> >> Bug: https://bugs.openjdk.java.net/browse/JDK-8162484 >> Webrev: http://cr.openjdk.java.net/~asmotrak/8162484/webrev.00/ >> >> Artem > From ecki at zusammenkunft.net Thu Aug 11 22:00:43 2016 From: ecki at zusammenkunft.net (Bernd Eckenfels) Date: Fri, 12 Aug 2016 00:00:43 +0200 Subject: RFC7525 mapped to JSSE In-Reply-To: <0ff9135c-dd24-cf99-0913-47939d07fd03@oracle.com> References: <20160802001302.00005374.ecki@zusammenkunft.net> <0ff9135c-dd24-cf99-0913-47939d07fd03@oracle.com> Message-ID: <20160812000043.00006c16.ecki@zusammenkunft.net> Hello, thank you Xuelei and Jamil. I updated the sheet and added an actual column for Java 9. There are still some todos left (mostly for digging up the detauls), but it starts to look complete now. There are only two real non-compliances (for Java 9), that is the support for HSTS in client code (not related to JSSE) and the fallback signalling cipher (with limited usefullness). For Java 8 the EC keySize < 224, can it be added? For OCSP, the status_request(_v2), does it also support the multi certificate variant? https://docs.google.com/spreadsheets/d/135Eqf3RCpYLcmVHOIPb_Q7pzFde9yqJI_oD2jvpnKPE Gruss Bernd Am Mon, 8 Aug 2016 08:57:29 +0800 schrieb Xuelei Fan : > Hi Bernd, > > Thanks for the summary of the compliance. The following comments are > mainly about the items marked with "TODO" or "???". > > JDK 9 will support DTLS 1.0/1.2 and OCSP stapling (both RFC 6066 and > RFC 6961). > > The server preference of cipher suites can be configurable. > > JDK uses uncompressed EC point format only. > > JDK does not use EC curves < 224 bits for EC key exchange, default > 256+ bits. > > For TLS 1.2, SHA2 is requested in the signature algorithm extension. > > JDK does not implement the truncted HMAC extension. > > JDK supports hostname verification APIs for HTTPS, and support > hostname verification during handshaking for HTTPS and LDAP. > > JDK tests the DH public keys. > > Thanks & Regards, > Xuelei > > On 8/2/2016 6:13 AM, Bernd Eckenfels wrote: > > Hello, > > > > because I was asked by a customer I started to map the RFC7525 > > > > https://tools.ietf.org/html/rfc7525 > > > > recommendations for TLS to JSSE implementation. > > > > > > It is not complete yet but I think I at least have extraced all > > "normative" requirements from the RFC into this table: > > > > https://docs.google.com/spreadsheets/d/135Eqf3RCpYLcmVHOIPb_Q7pzFde9yqJI_oD2jvpnKPE > > > > would like to get your feedback. > > > > Gruss > > Bernd > > > From jamil.j.nimeh at oracle.com Thu Aug 11 23:10:11 2016 From: jamil.j.nimeh at oracle.com (Jamil Nimeh) Date: Thu, 11 Aug 2016 16:10:11 -0700 Subject: RFC7525 mapped to JSSE Message-ID: Hi Bernd, For the status_request_v2 extension, both ocsp and ocsp_multi forms are supported, with preference on the latter type. ?The only feature we currently don't support right now is Responder ID selection, ?and that will hopefully come in a 9 update. --Jamil -------- Original message --------From: Bernd Eckenfels Date: 8/11/16 3:00 PM (GMT-08:00) To: security-dev at openjdk.java.net Subject: Re: RFC7525 mapped to JSSE Hello, thank you Xuelei and Jamil. I updated the sheet and added an actual column for Java 9. There are still some todos left (mostly for digging up the detauls), but it starts to look complete now. There are only two real non-compliances (for Java 9), that is the support for HSTS in client code (not related to JSSE) and the fallback signalling cipher (with limited usefullness). For Java 8 the EC keySize < 224, can it be added? For OCSP, the status_request(_v2), does it also support the multi certificate variant? https://docs.google.com/spreadsheets/d/135Eqf3RCpYLcmVHOIPb_Q7pzFde9yqJI_oD2jvpnKPE Gruss Bernd Am Mon, 8 Aug 2016 08:57:29 +0800 schrieb Xuelei Fan : > Hi Bernd, > > Thanks for the summary of the compliance.? The following comments are > mainly about the items marked with "TODO" or "???". > > JDK 9 will support DTLS 1.0/1.2 and OCSP stapling (both RFC 6066 and > RFC 6961). > > The server preference of cipher suites can be configurable. > > JDK uses uncompressed EC point format only. > > JDK does not use EC curves < 224 bits for EC key exchange, default > 256+ bits. > > For TLS 1.2, SHA2 is requested in the signature algorithm extension. > > JDK does not implement the truncted HMAC extension. > > JDK supports hostname verification APIs for HTTPS, and support > hostname verification during handshaking for HTTPS and LDAP. > > JDK tests the DH public keys. > > Thanks & Regards, > Xuelei > > On 8/2/2016 6:13 AM, Bernd Eckenfels wrote: > > Hello, > > > > because I was asked by a customer I started to map the RFC7525 > > > > https://tools.ietf.org/html/rfc7525 > > > > recommendations for TLS to JSSE implementation. > > > > > > It is not complete yet but I think I at least have extraced all > > "normative" requirements from the RFC into this table: > > > > https://docs.google.com/spreadsheets/d/135Eqf3RCpYLcmVHOIPb_Q7pzFde9yqJI_oD2jvpnKPE > > > > would like to get your feedback. > > > > Gruss > > Bernd > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From xuelei.fan at oracle.com Thu Aug 11 23:48:23 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Fri, 12 Aug 2016 07:48:23 +0800 Subject: RFC7525 mapped to JSSE In-Reply-To: References: Message-ID: Thank you, Bernd. > For Java 8 the EC keySize < 224, can it be added? It's a plan of mine. > the fallback signalling cipher (with limited usefullness). It's a plan of mine, too. Note that JDK does not support fallback by default. DH items: JDK does not reuse DH exponents and check the received public keys. Thanks, Xuelei On 8/12/2016 7:10 AM, Jamil Nimeh wrote: > Hi Bernd, > > For the status_request_v2 extension, both ocsp and ocsp_multi forms are > supported, with preference on the latter type. The only feature we > currently don't support right now is Responder ID selection, and that > will hopefully come in a 9 update. > > --Jamil > > -------- Original message -------- > From: Bernd Eckenfels > Date: 8/11/16 3:00 PM (GMT-08:00) > To: security-dev at openjdk.java.net > Subject: Re: RFC7525 mapped to JSSE > > Hello, > > thank you Xuelei and Jamil. I updated the sheet and added an actual > column for Java 9. There are still some todos left (mostly for digging > up the detauls), but it starts to look complete now. > > There are only two real non-compliances (for Java 9), that is the > support for HSTS in client code (not related to JSSE) and the fallback > signalling cipher (with limited usefullness). > > For Java 8 the EC keySize < 224, can it be added? > > For OCSP, the status_request(_v2), does it also support the multi > certificate variant? > > https://docs.google.com/spreadsheets/d/135Eqf3RCpYLcmVHOIPb_Q7pzFde9yqJI_oD2jvpnKPE > > Gruss > Bernd > > > Am Mon, 8 Aug 2016 08:57:29 +0800 > schrieb Xuelei Fan : > >> Hi Bernd, >> >> Thanks for the summary of the compliance. The following comments are >> mainly about the items marked with "TODO" or "???". >> >> JDK 9 will support DTLS 1.0/1.2 and OCSP stapling (both RFC 6066 and >> RFC 6961). >> >> The server preference of cipher suites can be configurable. >> >> JDK uses uncompressed EC point format only. >> >> JDK does not use EC curves < 224 bits for EC key exchange, default >> 256+ bits. >> >> For TLS 1.2, SHA2 is requested in the signature algorithm extension. >> >> JDK does not implement the truncted HMAC extension. >> >> JDK supports hostname verification APIs for HTTPS, and support >> hostname verification during handshaking for HTTPS and LDAP. >> >> JDK tests the DH public keys. >> >> Thanks & Regards, >> Xuelei >> >> On 8/2/2016 6:13 AM, Bernd Eckenfels wrote: >> > Hello, >> > >> > because I was asked by a customer I started to map the RFC7525 >> > >> > https://tools.ietf.org/html/rfc7525 >> > >> > recommendations for TLS to JSSE implementation. >> > >> > >> > It is not complete yet but I think I at least have extraced all >> > "normative" requirements from the RFC into this table: >> > >> > > https://docs.google.com/spreadsheets/d/135Eqf3RCpYLcmVHOIPb_Q7pzFde9yqJI_oD2jvpnKPE >> > >> > would like to get your feedback. >> > >> > Gruss >> > Bernd >> > >> > From vincent.x.ryan at oracle.com Fri Aug 12 15:07:51 2016 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Fri, 12 Aug 2016 16:07:51 +0100 Subject: [9] RFR 8163503: PKCS12 keystore cannot store non-X.509 certificates In-Reply-To: References: <7d5347f8-d01f-bd22-19a7-1590200f4ac7@oracle.com> <965F1A6E-D41B-4061-A6D9-F21004F95020@oracle.com> Message-ID: I?ve moved the X.509 check to earlier in the code and reverted the changes to the validateChain method. Updated webrev is at: http://cr.openjdk.java.net/~vinnie/8163503/webrev.02/ > On 10 Aug 2016, at 21:15, Sean Mullan wrote: > > On 08/10/2016 12:39 PM, Vincent Ryan wrote: >> Yes they could be merged but the first loop iterates over all the certs and the second one iterates over all but the final cert. >> And the special case of a 1-cert chain also needs to be handled. I think it?s a little clearer to leave them separate. > > Agreed, but it's probably better to check these earlier and bail out if they are not all X509Certificates, for example, right at the beginning of engineSetKeyEntry. There is no need to proceed with decoding keys, etc since it is already a violation of the supported API parameters. > > --Sean > >> >> An updated webrev is at: >> http://cr.openjdk.java.net/~vinnie/8163503/webrev.01/ >> >> Thanks. >> >>> On 10 Aug 2016, at 02:04, Xuelei Fan wrote: >>> >>> The for loop at line 1507 and 1520 may be merged together. >>> >>> Xuelei >>> >>> On 8/10/2016 8:38 AM, Weijun Wang wrote: >>>> I thought I've seen this webrev before. >>>> >>>> Why not just throw a KeyStoreException in validateChain()? >>>> >>>> --Max >>>> >>>> On 8/10/2016 2:14, Vincent Ryan wrote: >>>>> Please review this fix to improve the error handling for attempts to >>>>> store a Certificate object in PKCS12 keystore. >>>>> The PKCS12 keystore implementation supports storing only >>>>> X509Certificate objects but the KeyStore API allows Certificate objects. >>>>> This fix rejects attempts to store non-X.509 certificates and throws a >>>>> KeyStoreException. >>>>> >>>>> Thanks. >>>>> >>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8163503 >>>>> Webrev: http://cr.openjdk.java.net/~vinnie/8163503/webrev.00/ >>>>> >>>>> >>> >> From jamil.j.nimeh at oracle.com Fri Aug 12 16:13:22 2016 From: jamil.j.nimeh at oracle.com (Jamil Nimeh) Date: Fri, 12 Aug 2016 09:13:22 -0700 Subject: [9] RFR: 8162484: javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails intermittently with "Address already in use" error In-Reply-To: References: <6f25548c-70df-8b24-147c-f61ce89a125a@oracle.com> Message-ID: Hi Artem, more comments in-line On 8/11/2016 11:46 AM, Artem Smotrakov wrote: > Hi Jamil, > > Thank you for review. Please see inline. > > > On 08/10/2016 04:16 PM, Jamil Nimeh wrote: >> Hi Artem, >> >> I'm not an official reviewer but the solution for making the servers >> reject connections rather than stop and start looks pretty fair to me >> and seems like a nice way to simulate a downed OCSP responder instead >> of having to bounce it. A couple comments/questions: >> >> I'm a bit surprised that you get the "Address already in use" error >> though. > Well, to be honest, I was not able to reproduce this failure locally. > I was running the test in a loop for a couple of days, and it didn't > fail. But the test has been observed to fail in other test runs (jprt, > CI, etc). > > I am not an expert in networking, and I would appreciate if someone > more knowledgeable gives an advise how these intermittent failures can > be avoided. > >> Isn't servSocket.setReuseAddress(true) on line 214 supposed to set >> the SO_REUSEADDR at the system call level and prevent EADDRINUSE when >> listening or binding? > If I am not missing something, the test has been observed to fails > while re-binding. I am wondering if it's possible that the port > becomes busy after the server socket was closed, but before bind() is > called again. The probability of this situation seems to be very low > which has been actually seen - the test fails very rare. > > If this is the case, it seems like servSocket.setReuseAddress(true) > doesn't help because the port is taken by another process (I am not > sure that SO_REUSEADDR prevents from this). Again, this is only my > guess, and I may be wrong. You know, I hadn't thought of that. I've never been able to reproduce that problem either, but I'm running on a local virtual box VM on a laptop, and usually the tests are running sequentially. I could definitely see the case where other processes are soaking up the OCSP responder's port. With those tests, I kind of need the port to remain the same since I'm putting that server and port in the AIA extensions of the certs for which it answers. Given this particular case, it seems like your solution of keeping the server bound but just chopping connections off is the best way to go. >> >> When you create the new ServerSocket on line 212, you're now binding >> it to the port now where originally it started as an unbound socket. >> By doing so, the behavior of setReuseAddress() on line 214 is now >> undefined. > This setReuseAddress() call looks unnecessary now. I'll update the test. >> While this test no longer stops/starts the server, other tests may >> wish to do so and their behavior may not be consistent (though >> apparently it wasn't consistent even in the old scheme where the >> socket was unbound, then setReuseAddress() was called...) > Correct. I checked other code which depend on SimpleOCSPServer > > javax/net/ssl/Stapling/HttpsUrlConnClient.java > javax/net/ssl/Stapling/SSLEngineWithStapling.java > javax/net/ssl/Stapling/SSLSocketWithStapling.java > javax/net/ssl/Stapling/StapleEnableProps.java > sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java > > sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java > > artem at artem-laptop:~/ws/jdk/jdk9_dev_stapling_test/jdk/test$ kate > javax/net/ssl/Stapling/HttpsUrlConnClient.java > javax/net/ssl/Stapling/SSLEngineWithStapling.java > javax/net/ssl/Stapling/SSLSocketWithStapling.java > javax/net/ssl/Stapling/StapleEnableProps.java > sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java > sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java > > > These tests call stop() only once when actual testcases are done. > Actually, some of them don't even call stop(), but it seems to work > fine. As an enhancement, I would add stop() calls to finally blocks, > but it seems to work fine without it anyway. I liked your solution with the stop() calls in finally blocks and I agree that they should have them. I think we get away with it because in most if not all of those cases they are running as othervm tests (because we have properties that we set specific to the tests). So when the JVM exits resources like sockets are closed by the OS. Still, it's better to have the try/finally guards and explicitly and gracefully shutdown the OCSP responders. > > Here is an updated webrev: > > http://cr.openjdk.java.net/~asmotrak/8162484/webrev.01/ I realize that in many of these test cases we're going to move away from a start/stop approach to your accept/reject one, but in general sockets designed to be listening should start unbound, set the SO_REUSEADDR sockopt, then bind and listen. Was there a specific reason to change that code, or was it just to streamline it? Aside from fewer lines of code, I'm not sure what it buys us. > > Artem > > >> >> --Jamil >> >> >> On 08/10/2016 03:44 PM, Artem Smotrakov wrote: >>> Hello, >>> >>> Please review this update for OCSP stapling tests. >>> >>> The tests use test/java/security/testlibrary/SimpleOCSPServer.java >>> which try to re-use a server port if the server restarted. Looks >>> like sometimes it may cause "Address already in use" error. >>> >>> The patch updates OCSP stapling tests with the following: >>> - updated SSLSocketWithStapling.java test not to restart OCSP >>> responders >>> - updated SimpleOCSPServer to be able to reject incoming connections >>> - updated SimpleOCSPServer to be able to reproduce a delay without >>> restarting >>> >>> Jamil, >>> >>> Could you please take a look at this update, and confirm if this >>> update doesn't break the original test scenarios? >>> >>> Bug: https://bugs.openjdk.java.net/browse/JDK-8162484 >>> Webrev: http://cr.openjdk.java.net/~asmotrak/8162484/webrev.00/ >>> >>> Artem >> > From artem.smotrakov at oracle.com Fri Aug 12 18:30:06 2016 From: artem.smotrakov at oracle.com (Artem Smotrakov) Date: Fri, 12 Aug 2016 11:30:06 -0700 Subject: [9] RFR: 8162484: javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails intermittently with "Address already in use" error In-Reply-To: References: <6f25548c-70df-8b24-147c-f61ce89a125a@oracle.com>

Message-ID: Hi Jamil, There was no any specific reason to remove ServerSocket.bind() call. ServerSocket(0) constructor creates a server socket, automatically bound to a random free port. If I am not missing something, it doesn't look necessary to set the SO_REUSEADDR socket options if the server is not going to restart. The code is just shorter if we use ServerSocket(0) constructor to open a server socket, but I can revert it to use bind() with 0 port number if you think it's better. Artem On 08/12/2016 09:13 AM, Jamil Nimeh wrote: > Hi Artem, more comments in-line > > > On 8/11/2016 11:46 AM, Artem Smotrakov wrote: >> Hi Jamil, >> >> Thank you for review. Please see inline. >> >> >> On 08/10/2016 04:16 PM, Jamil Nimeh wrote: >>> Hi Artem, >>> >>> I'm not an official reviewer but the solution for making the servers >>> reject connections rather than stop and start looks pretty fair to >>> me and seems like a nice way to simulate a downed OCSP responder >>> instead of having to bounce it. A couple comments/questions: >>> >>> I'm a bit surprised that you get the "Address already in use" error >>> though. >> Well, to be honest, I was not able to reproduce this failure locally. >> I was running the test in a loop for a couple of days, and it didn't >> fail. But the test has been observed to fail in other test runs >> (jprt, CI, etc). >> >> I am not an expert in networking, and I would appreciate if someone >> more knowledgeable gives an advise how these intermittent failures >> can be avoided. >> >>> Isn't servSocket.setReuseAddress(true) on line 214 supposed to set >>> the SO_REUSEADDR at the system call level and prevent EADDRINUSE >>> when listening or binding? >> If I am not missing something, the test has been observed to fails >> while re-binding. I am wondering if it's possible that the port >> becomes busy after the server socket was closed, but before bind() is >> called again. The probability of this situation seems to be very low >> which has been actually seen - the test fails very rare. >> >> If this is the case, it seems like servSocket.setReuseAddress(true) >> doesn't help because the port is taken by another process (I am not >> sure that SO_REUSEADDR prevents from this). Again, this is only my >> guess, and I may be wrong. > You know, I hadn't thought of that. I've never been able to reproduce > that problem either, but I'm running on a local virtual box VM on a > laptop, and usually the tests are running sequentially. I could > definitely see the case where other processes are soaking up the OCSP > responder's port. With those tests, I kind of need the port to remain > the same since I'm putting that server and port in the AIA extensions > of the certs for which it answers. Given this particular case, it > seems like your solution of keeping the server bound but just chopping > connections off is the best way to go. >>> >>> When you create the new ServerSocket on line 212, you're now binding >>> it to the port now where originally it started as an unbound >>> socket. By doing so, the behavior of setReuseAddress() on line 214 >>> is now undefined. >> This setReuseAddress() call looks unnecessary now. I'll update the test. >>> While this test no longer stops/starts the server, other tests may >>> wish to do so and their behavior may not be consistent (though >>> apparently it wasn't consistent even in the old scheme where the >>> socket was unbound, then setReuseAddress() was called...) >> Correct. I checked other code which depend on SimpleOCSPServer >> >> javax/net/ssl/Stapling/HttpsUrlConnClient.java >> javax/net/ssl/Stapling/SSLEngineWithStapling.java >> javax/net/ssl/Stapling/SSLSocketWithStapling.java >> javax/net/ssl/Stapling/StapleEnableProps.java >> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java >> >> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java >> >> artem at artem-laptop:~/ws/jdk/jdk9_dev_stapling_test/jdk/test$ kate >> javax/net/ssl/Stapling/HttpsUrlConnClient.java >> javax/net/ssl/Stapling/SSLEngineWithStapling.java >> javax/net/ssl/Stapling/SSLSocketWithStapling.java >> javax/net/ssl/Stapling/StapleEnableProps.java >> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java >> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java >> >> >> These tests call stop() only once when actual testcases are done. >> Actually, some of them don't even call stop(), but it seems to work >> fine. As an enhancement, I would add stop() calls to finally blocks, >> but it seems to work fine without it anyway. > I liked your solution with the stop() calls in finally blocks and I > agree that they should have them. I think we get away with it because > in most if not all of those cases they are running as othervm tests > (because we have properties that we set specific to the tests). So > when the JVM exits resources like sockets are closed by the OS. > Still, it's better to have the try/finally guards and explicitly and > gracefully shutdown the OCSP responders. >> >> Here is an updated webrev: >> >> http://cr.openjdk.java.net/~asmotrak/8162484/webrev.01/ > I realize that in many of these test cases we're going to move away > from a start/stop approach to your accept/reject one, but in general > sockets designed to be listening should start unbound, set the > SO_REUSEADDR sockopt, then bind and listen. Was there a specific > reason to change that code, or was it just to streamline it? Aside > from fewer lines of code, I'm not sure what it buys us. >> >> Artem >> >> >>> >>> --Jamil >>> >>> >>> On 08/10/2016 03:44 PM, Artem Smotrakov wrote: >>>> Hello, >>>> >>>> Please review this update for OCSP stapling tests. >>>> >>>> The tests use test/java/security/testlibrary/SimpleOCSPServer.java >>>> which try to re-use a server port if the server restarted. Looks >>>> like sometimes it may cause "Address already in use" error. >>>> >>>> The patch updates OCSP stapling tests with the following: >>>> - updated SSLSocketWithStapling.java test not to restart OCSP >>>> responders >>>> - updated SimpleOCSPServer to be able to reject incoming connections >>>> - updated SimpleOCSPServer to be able to reproduce a delay without >>>> restarting >>>> >>>> Jamil, >>>> >>>> Could you please take a look at this update, and confirm if this >>>> update doesn't break the original test scenarios? >>>> >>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8162484 >>>> Webrev: http://cr.openjdk.java.net/~asmotrak/8162484/webrev.00/ >>>> >>>> Artem >>> >> > From sean.mullan at oracle.com Fri Aug 12 18:53:17 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Fri, 12 Aug 2016 14:53:17 -0400 Subject: [9] RFR 8163503: PKCS12 keystore cannot store non-X.509 certificates In-Reply-To: References: <7d5347f8-d01f-bd22-19a7-1590200f4ac7@oracle.com> <965F1A6E-D41B-4061-A6D9-F21004F95020@oracle.com>

Message-ID: <70ee579b-a506-8c37-4941-093c142c9468@oracle.com> Looks fine, although I would probably avoid calling checkX509Certs on line 970 and just checking the cert right there to avoid creating the array which is not needed. --Sean On 08/12/2016 11:07 AM, Vincent Ryan wrote: > I?ve moved the X.509 check to earlier in the code and reverted the changes to the validateChain method. > Updated webrev is at: > http://cr.openjdk.java.net/~vinnie/8163503/webrev.02/ > > > >> On 10 Aug 2016, at 21:15, Sean Mullan wrote: >> >> On 08/10/2016 12:39 PM, Vincent Ryan wrote: >>> Yes they could be merged but the first loop iterates over all the certs and the second one iterates over all but the final cert. >>> And the special case of a 1-cert chain also needs to be handled. I think it?s a little clearer to leave them separate. >> >> Agreed, but it's probably better to check these earlier and bail out if they are not all X509Certificates, for example, right at the beginning of engineSetKeyEntry. There is no need to proceed with decoding keys, etc since it is already a violation of the supported API parameters. >> >> --Sean >> >>> >>> An updated webrev is at: >>> http://cr.openjdk.java.net/~vinnie/8163503/webrev.01/ >>> >>> Thanks. >>> >>>> On 10 Aug 2016, at 02:04, Xuelei Fan wrote: >>>> >>>> The for loop at line 1507 and 1520 may be merged together. >>>> >>>> Xuelei >>>> >>>> On 8/10/2016 8:38 AM, Weijun Wang wrote: >>>>> I thought I've seen this webrev before. >>>>> >>>>> Why not just throw a KeyStoreException in validateChain()? >>>>> >>>>> --Max >>>>> >>>>> On 8/10/2016 2:14, Vincent Ryan wrote: >>>>>> Please review this fix to improve the error handling for attempts to >>>>>> store a Certificate object in PKCS12 keystore. >>>>>> The PKCS12 keystore implementation supports storing only >>>>>> X509Certificate objects but the KeyStore API allows Certificate objects. >>>>>> This fix rejects attempts to store non-X.509 certificates and throws a >>>>>> KeyStoreException. >>>>>> >>>>>> Thanks. >>>>>> >>>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8163503 >>>>>> Webrev: http://cr.openjdk.java.net/~vinnie/8163503/webrev.00/ >>>>>> >>>>>> >>>> >>> > From jamil.j.nimeh at oracle.com Fri Aug 12 19:02:18 2016 From: jamil.j.nimeh at oracle.com (Jamil Nimeh) Date: Fri, 12 Aug 2016 12:02:18 -0700 Subject: [9] RFR: 8162484: javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails intermittently with "Address already in use" error In-Reply-To: References: <6f25548c-70df-8b24-147c-f61ce89a125a@oracle.com>

Message-ID: <2c1072d4-85d2-7a8b-5729-d77ded672fa0@oracle.com> For the tests as we use them today we don't intend the server to restart. The intent of SimpleOCSPServer was to be of use for a variety of testing purposes. I don't know that we can say for all intended uses that we'll *never* need to restart it. That's why I'd like to keep the unbound socket/set sockopt/bind/listen behavior. I don't think ServerSocket(0) achieves that. --Jamil On 8/12/2016 11:30 AM, Artem Smotrakov wrote: > Hi Jamil, > > There was no any specific reason to remove ServerSocket.bind() call. > ServerSocket(0) constructor creates a server socket, automatically > bound to a random free port. If I am not missing something, it doesn't > look necessary to set the SO_REUSEADDR socket options if the server is > not going to restart. The code is just shorter if we use > ServerSocket(0) constructor to open a server socket, but I can revert > it to use bind() with 0 port number if you think it's better. > > Artem > > > On 08/12/2016 09:13 AM, Jamil Nimeh wrote: >> Hi Artem, more comments in-line >> >> >> On 8/11/2016 11:46 AM, Artem Smotrakov wrote: >>> Hi Jamil, >>> >>> Thank you for review. Please see inline. >>> >>> >>> On 08/10/2016 04:16 PM, Jamil Nimeh wrote: >>>> Hi Artem, >>>> >>>> I'm not an official reviewer but the solution for making the >>>> servers reject connections rather than stop and start looks pretty >>>> fair to me and seems like a nice way to simulate a downed OCSP >>>> responder instead of having to bounce it. A couple >>>> comments/questions: >>>> >>>> I'm a bit surprised that you get the "Address already in use" error >>>> though. >>> Well, to be honest, I was not able to reproduce this failure >>> locally. I was running the test in a loop for a couple of days, and >>> it didn't fail. But the test has been observed to fail in other test >>> runs (jprt, CI, etc). >>> >>> I am not an expert in networking, and I would appreciate if someone >>> more knowledgeable gives an advise how these intermittent failures >>> can be avoided. >>> >>>> Isn't servSocket.setReuseAddress(true) on line 214 supposed to set >>>> the SO_REUSEADDR at the system call level and prevent EADDRINUSE >>>> when listening or binding? >>> If I am not missing something, the test has been observed to fails >>> while re-binding. I am wondering if it's possible that the port >>> becomes busy after the server socket was closed, but before bind() >>> is called again. The probability of this situation seems to be very >>> low which has been actually seen - the test fails very rare. >>> >>> If this is the case, it seems like servSocket.setReuseAddress(true) >>> doesn't help because the port is taken by another process (I am not >>> sure that SO_REUSEADDR prevents from this). Again, this is only my >>> guess, and I may be wrong. >> You know, I hadn't thought of that. I've never been able to >> reproduce that problem either, but I'm running on a local virtual box >> VM on a laptop, and usually the tests are running sequentially. I >> could definitely see the case where other processes are soaking up >> the OCSP responder's port. With those tests, I kind of need the port >> to remain the same since I'm putting that server and port in the AIA >> extensions of the certs for which it answers. Given this particular >> case, it seems like your solution of keeping the server bound but >> just chopping connections off is the best way to go. >>>> >>>> When you create the new ServerSocket on line 212, you're now >>>> binding it to the port now where originally it started as an >>>> unbound socket. By doing so, the behavior of setReuseAddress() on >>>> line 214 is now undefined. >>> This setReuseAddress() call looks unnecessary now. I'll update the >>> test. >>>> While this test no longer stops/starts the server, other tests may >>>> wish to do so and their behavior may not be consistent (though >>>> apparently it wasn't consistent even in the old scheme where the >>>> socket was unbound, then setReuseAddress() was called...) >>> Correct. I checked other code which depend on SimpleOCSPServer >>> >>> javax/net/ssl/Stapling/HttpsUrlConnClient.java >>> javax/net/ssl/Stapling/SSLEngineWithStapling.java >>> javax/net/ssl/Stapling/SSLSocketWithStapling.java >>> javax/net/ssl/Stapling/StapleEnableProps.java >>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java >>> >>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java >>> >>> artem at artem-laptop:~/ws/jdk/jdk9_dev_stapling_test/jdk/test$ kate >>> javax/net/ssl/Stapling/HttpsUrlConnClient.java >>> javax/net/ssl/Stapling/SSLEngineWithStapling.java >>> javax/net/ssl/Stapling/SSLSocketWithStapling.java >>> javax/net/ssl/Stapling/StapleEnableProps.java >>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java >>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java >>> >>> >>> These tests call stop() only once when actual testcases are done. >>> Actually, some of them don't even call stop(), but it seems to work >>> fine. As an enhancement, I would add stop() calls to finally blocks, >>> but it seems to work fine without it anyway. >> I liked your solution with the stop() calls in finally blocks and I >> agree that they should have them. I think we get away with it >> because in most if not all of those cases they are running as othervm >> tests (because we have properties that we set specific to the >> tests). So when the JVM exits resources like sockets are closed by >> the OS. Still, it's better to have the try/finally guards and >> explicitly and gracefully shutdown the OCSP responders. >>> >>> Here is an updated webrev: >>> >>> http://cr.openjdk.java.net/~asmotrak/8162484/webrev.01/ >> I realize that in many of these test cases we're going to move away >> from a start/stop approach to your accept/reject one, but in general >> sockets designed to be listening should start unbound, set the >> SO_REUSEADDR sockopt, then bind and listen. Was there a specific >> reason to change that code, or was it just to streamline it? Aside >> from fewer lines of code, I'm not sure what it buys us. >>> >>> Artem >>> >>> >>>> >>>> --Jamil >>>> >>>> >>>> On 08/10/2016 03:44 PM, Artem Smotrakov wrote: >>>>> Hello, >>>>> >>>>> Please review this update for OCSP stapling tests. >>>>> >>>>> The tests use test/java/security/testlibrary/SimpleOCSPServer.java >>>>> which try to re-use a server port if the server restarted. Looks >>>>> like sometimes it may cause "Address already in use" error. >>>>> >>>>> The patch updates OCSP stapling tests with the following: >>>>> - updated SSLSocketWithStapling.java test not to restart OCSP >>>>> responders >>>>> - updated SimpleOCSPServer to be able to reject incoming connections >>>>> - updated SimpleOCSPServer to be able to reproduce a delay without >>>>> restarting >>>>> >>>>> Jamil, >>>>> >>>>> Could you please take a look at this update, and confirm if this >>>>> update doesn't break the original test scenarios? >>>>> >>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8162484 >>>>> Webrev: http://cr.openjdk.java.net/~asmotrak/8162484/webrev.00/ >>>>> >>>>> Artem >>>> >>> >> > From vincent.x.ryan at oracle.com Fri Aug 12 19:23:50 2016 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Fri, 12 Aug 2016 20:23:50 +0100 Subject: [9] RFR 8163503: PKCS12 keystore cannot store non-X.509 certificates In-Reply-To: <70ee579b-a506-8c37-4941-093c142c9468@oracle.com> References: <7d5347f8-d01f-bd22-19a7-1590200f4ac7@oracle.com> <965F1A6E-D41B-4061-A6D9-F21004F95020@oracle.com>

<70ee579b-a506-8c37-4941-093c142c9468@oracle.com> Message-ID: I?ve made that change at l.970 and updated webrev.02 in-place. Thanks. > On 12 Aug 2016, at 19:53, Sean Mullan wrote: > > Looks fine, although I would probably avoid calling checkX509Certs on line 970 and just checking the cert right there to avoid creating the array which is not needed. > > --Sean > > On 08/12/2016 11:07 AM, Vincent Ryan wrote: >> I?ve moved the X.509 check to earlier in the code and reverted the changes to the validateChain method. >> Updated webrev is at: >> http://cr.openjdk.java.net/~vinnie/8163503/webrev.02/ >> >> >> >>> On 10 Aug 2016, at 21:15, Sean Mullan wrote: >>> >>> On 08/10/2016 12:39 PM, Vincent Ryan wrote: >>>> Yes they could be merged but the first loop iterates over all the certs and the second one iterates over all but the final cert. >>>> And the special case of a 1-cert chain also needs to be handled. I think it?s a little clearer to leave them separate. >>> >>> Agreed, but it's probably better to check these earlier and bail out if they are not all X509Certificates, for example, right at the beginning of engineSetKeyEntry. There is no need to proceed with decoding keys, etc since it is already a violation of the supported API parameters. >>> >>> --Sean >>> >>>> >>>> An updated webrev is at: >>>> http://cr.openjdk.java.net/~vinnie/8163503/webrev.01/ >>>> >>>> Thanks. >>>> >>>>> On 10 Aug 2016, at 02:04, Xuelei Fan wrote: >>>>> >>>>> The for loop at line 1507 and 1520 may be merged together. >>>>> >>>>> Xuelei >>>>> >>>>> On 8/10/2016 8:38 AM, Weijun Wang wrote: >>>>>> I thought I've seen this webrev before. >>>>>> >>>>>> Why not just throw a KeyStoreException in validateChain()? >>>>>> >>>>>> --Max >>>>>> >>>>>> On 8/10/2016 2:14, Vincent Ryan wrote: >>>>>>> Please review this fix to improve the error handling for attempts to >>>>>>> store a Certificate object in PKCS12 keystore. >>>>>>> The PKCS12 keystore implementation supports storing only >>>>>>> X509Certificate objects but the KeyStore API allows Certificate objects. >>>>>>> This fix rejects attempts to store non-X.509 certificates and throws a >>>>>>> KeyStoreException. >>>>>>> >>>>>>> Thanks. >>>>>>> >>>>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8163503 >>>>>>> Webrev: http://cr.openjdk.java.net/~vinnie/8163503/webrev.00/ >>>>>>> >>>>>>> >>>>> >>>> >> From artem.smotrakov at oracle.com Fri Aug 12 20:07:11 2016 From: artem.smotrakov at oracle.com (Artem Smotrakov) Date: Fri, 12 Aug 2016 13:07:11 -0700 Subject: [9] RFR: 8162484: javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails intermittently with "Address already in use" error In-Reply-To: <2c1072d4-85d2-7a8b-5729-d77ded672fa0@oracle.com> References: <6f25548c-70df-8b24-147c-f61ce89a125a@oracle.com>

<2c1072d4-85d2-7a8b-5729-d77ded672fa0@oracle.com> Message-ID: No problem. http://cr.openjdk.java.net/~asmotrak/8162484/webrev.02/ Artem On 08/12/2016 12:02 PM, Jamil Nimeh wrote: > For the tests as we use them today we don't intend the server to > restart. The intent of SimpleOCSPServer was to be of use for a > variety of testing purposes. I don't know that we can say for all > intended uses that we'll *never* need to restart it. That's why I'd > like to keep the unbound socket/set sockopt/bind/listen behavior. I > don't think ServerSocket(0) achieves that. > > --Jamil > > On 8/12/2016 11:30 AM, Artem Smotrakov wrote: >> Hi Jamil, >> >> There was no any specific reason to remove ServerSocket.bind() call. >> ServerSocket(0) constructor creates a server socket, automatically >> bound to a random free port. If I am not missing something, it >> doesn't look necessary to set the SO_REUSEADDR socket options if the >> server is not going to restart. The code is just shorter if we use >> ServerSocket(0) constructor to open a server socket, but I can revert >> it to use bind() with 0 port number if you think it's better. >> >> Artem >> >> >> On 08/12/2016 09:13 AM, Jamil Nimeh wrote: >>> Hi Artem, more comments in-line >>> >>> >>> On 8/11/2016 11:46 AM, Artem Smotrakov wrote: >>>> Hi Jamil, >>>> >>>> Thank you for review. Please see inline. >>>> >>>> >>>> On 08/10/2016 04:16 PM, Jamil Nimeh wrote: >>>>> Hi Artem, >>>>> >>>>> I'm not an official reviewer but the solution for making the >>>>> servers reject connections rather than stop and start looks pretty >>>>> fair to me and seems like a nice way to simulate a downed OCSP >>>>> responder instead of having to bounce it. A couple >>>>> comments/questions: >>>>> >>>>> I'm a bit surprised that you get the "Address already in use" >>>>> error though. >>>> Well, to be honest, I was not able to reproduce this failure >>>> locally. I was running the test in a loop for a couple of days, and >>>> it didn't fail. But the test has been observed to fail in other >>>> test runs (jprt, CI, etc). >>>> >>>> I am not an expert in networking, and I would appreciate if someone >>>> more knowledgeable gives an advise how these intermittent failures >>>> can be avoided. >>>> >>>>> Isn't servSocket.setReuseAddress(true) on line 214 supposed to set >>>>> the SO_REUSEADDR at the system call level and prevent EADDRINUSE >>>>> when listening or binding? >>>> If I am not missing something, the test has been observed to fails >>>> while re-binding. I am wondering if it's possible that the port >>>> becomes busy after the server socket was closed, but before bind() >>>> is called again. The probability of this situation seems to be very >>>> low which has been actually seen - the test fails very rare. >>>> >>>> If this is the case, it seems like servSocket.setReuseAddress(true) >>>> doesn't help because the port is taken by another process (I am not >>>> sure that SO_REUSEADDR prevents from this). Again, this is only my >>>> guess, and I may be wrong. >>> You know, I hadn't thought of that. I've never been able to >>> reproduce that problem either, but I'm running on a local virtual >>> box VM on a laptop, and usually the tests are running sequentially. >>> I could definitely see the case where other processes are soaking up >>> the OCSP responder's port. With those tests, I kind of need the >>> port to remain the same since I'm putting that server and port in >>> the AIA extensions of the certs for which it answers. Given this >>> particular case, it seems like your solution of keeping the server >>> bound but just chopping connections off is the best way to go. >>>>> >>>>> When you create the new ServerSocket on line 212, you're now >>>>> binding it to the port now where originally it started as an >>>>> unbound socket. By doing so, the behavior of setReuseAddress() on >>>>> line 214 is now undefined. >>>> This setReuseAddress() call looks unnecessary now. I'll update the >>>> test. >>>>> While this test no longer stops/starts the server, other tests may >>>>> wish to do so and their behavior may not be consistent (though >>>>> apparently it wasn't consistent even in the old scheme where the >>>>> socket was unbound, then setReuseAddress() was called...) >>>> Correct. I checked other code which depend on SimpleOCSPServer >>>> >>>> javax/net/ssl/Stapling/HttpsUrlConnClient.java >>>> javax/net/ssl/Stapling/SSLEngineWithStapling.java >>>> javax/net/ssl/Stapling/SSLSocketWithStapling.java >>>> javax/net/ssl/Stapling/StapleEnableProps.java >>>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java >>>> >>>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java >>>> >>>> artem at artem-laptop:~/ws/jdk/jdk9_dev_stapling_test/jdk/test$ kate >>>> javax/net/ssl/Stapling/HttpsUrlConnClient.java >>>> javax/net/ssl/Stapling/SSLEngineWithStapling.java >>>> javax/net/ssl/Stapling/SSLSocketWithStapling.java >>>> javax/net/ssl/Stapling/StapleEnableProps.java >>>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java >>>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java >>>> >>>> >>>> These tests call stop() only once when actual testcases are done. >>>> Actually, some of them don't even call stop(), but it seems to work >>>> fine. As an enhancement, I would add stop() calls to finally >>>> blocks, but it seems to work fine without it anyway. >>> I liked your solution with the stop() calls in finally blocks and I >>> agree that they should have them. I think we get away with it >>> because in most if not all of those cases they are running as >>> othervm tests (because we have properties that we set specific to >>> the tests). So when the JVM exits resources like sockets are closed >>> by the OS. Still, it's better to have the try/finally guards and >>> explicitly and gracefully shutdown the OCSP responders. >>>> >>>> Here is an updated webrev: >>>> >>>> http://cr.openjdk.java.net/~asmotrak/8162484/webrev.01/ >>> I realize that in many of these test cases we're going to move away >>> from a start/stop approach to your accept/reject one, but in general >>> sockets designed to be listening should start unbound, set the >>> SO_REUSEADDR sockopt, then bind and listen. Was there a specific >>> reason to change that code, or was it just to streamline it? Aside >>> from fewer lines of code, I'm not sure what it buys us. >>>> >>>> Artem >>>> >>>> >>>>> >>>>> --Jamil >>>>> >>>>> >>>>> On 08/10/2016 03:44 PM, Artem Smotrakov wrote: >>>>>> Hello, >>>>>> >>>>>> Please review this update for OCSP stapling tests. >>>>>> >>>>>> The tests use >>>>>> test/java/security/testlibrary/SimpleOCSPServer.java which try to >>>>>> re-use a server port if the server restarted. Looks like >>>>>> sometimes it may cause "Address already in use" error. >>>>>> >>>>>> The patch updates OCSP stapling tests with the following: >>>>>> - updated SSLSocketWithStapling.java test not to restart OCSP >>>>>> responders >>>>>> - updated SimpleOCSPServer to be able to reject incoming connections >>>>>> - updated SimpleOCSPServer to be able to reproduce a delay >>>>>> without restarting >>>>>> >>>>>> Jamil, >>>>>> >>>>>> Could you please take a look at this update, and confirm if this >>>>>> update doesn't break the original test scenarios? >>>>>> >>>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8162484 >>>>>> Webrev: http://cr.openjdk.java.net/~asmotrak/8162484/webrev.00/ >>>>>> >>>>>> Artem >>>>> >>>> >>> >> > From jamil.j.nimeh at oracle.com Fri Aug 12 21:38:08 2016 From: jamil.j.nimeh at oracle.com (Jamil Nimeh) Date: Fri, 12 Aug 2016 14:38:08 -0700 Subject: [9] RFR: 8162484: javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails intermittently with "Address already in use" error Message-ID: <72walb7qsg2a2j6l62xtybpd.1471037888111@email.android.com> Thank you Artem. ?The fix looks good. ?You just need a +1 from an official reviewer. --Jamil -------- Original message --------From: Artem Smotrakov Date: 8/12/16 1:07 PM (GMT-08:00) To: Jamil Nimeh , Security Dev OpenJDK Subject: Re: [9] RFR: 8162484: javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails intermittently with "Address already in use" error No problem. http://cr.openjdk.java.net/~asmotrak/8162484/webrev.02/ Artem On 08/12/2016 12:02 PM, Jamil Nimeh wrote: > For the tests as we use them today we don't intend the server to > restart.? The intent of SimpleOCSPServer was to be of use for a > variety of testing purposes.? I don't know that we can say for all > intended uses that we'll *never* need to restart it. That's why I'd > like to keep the unbound socket/set sockopt/bind/listen behavior.? I > don't think ServerSocket(0) achieves that. > > --Jamil > > On 8/12/2016 11:30 AM, Artem Smotrakov wrote: >> Hi Jamil, >> >> There was no any specific reason to remove ServerSocket.bind() call. >> ServerSocket(0) constructor creates a server socket, automatically >> bound to a random free port. If I am not missing something, it >> doesn't look necessary to set the SO_REUSEADDR socket options if the >> server is not going to restart. The code is just shorter if we use >> ServerSocket(0) constructor to open a server socket, but I can revert >> it to use bind() with 0 port number if you think it's better. >> >> Artem >> >> >> On 08/12/2016 09:13 AM, Jamil Nimeh wrote: >>> Hi Artem, more comments in-line >>> >>> >>> On 8/11/2016 11:46 AM, Artem Smotrakov wrote: >>>> Hi Jamil, >>>> >>>> Thank you for review. Please see inline. >>>> >>>> >>>> On 08/10/2016 04:16 PM, Jamil Nimeh wrote: >>>>> Hi Artem, >>>>> >>>>> I'm not an official reviewer but the solution for making the >>>>> servers reject connections rather than stop and start looks pretty >>>>> fair to me and seems like a nice way to simulate a downed OCSP >>>>> responder instead of having to bounce it.? A couple >>>>> comments/questions: >>>>> >>>>> I'm a bit surprised that you get the "Address already in use" >>>>> error though. >>>> Well, to be honest, I was not able to reproduce this failure >>>> locally. I was running the test in a loop for a couple of days, and >>>> it didn't fail. But the test has been observed to fail in other >>>> test runs (jprt, CI, etc). >>>> >>>> I am not an expert in networking, and I would appreciate if someone >>>> more knowledgeable gives an advise how these intermittent failures >>>> can be avoided. >>>> >>>>> Isn't servSocket.setReuseAddress(true) on line 214 supposed to set >>>>> the SO_REUSEADDR at the system call level and prevent EADDRINUSE >>>>> when listening or binding? >>>> If I am not missing something, the test has been observed to fails >>>> while re-binding. I am wondering if it's possible that the port >>>> becomes busy after the server socket was closed, but before bind() >>>> is called again. The probability of this situation seems to be very >>>> low which has been actually seen - the test fails very rare. >>>> >>>> If this is the case, it seems like servSocket.setReuseAddress(true) >>>> doesn't help because the port is taken by another process (I am not >>>> sure that SO_REUSEADDR prevents from this). Again, this is only my >>>> guess, and I may be wrong. >>> You know, I hadn't thought of that.? I've never been able to >>> reproduce that problem either, but I'm running on a local virtual >>> box VM on a laptop, and usually the tests are running sequentially. >>> I could definitely see the case where other processes are soaking up >>> the OCSP responder's port.? With those tests, I kind of need the >>> port to remain the same since I'm putting that server and port in >>> the AIA extensions of the certs for which it answers.? Given this >>> particular case, it seems like your solution of keeping the server >>> bound but just chopping connections off is the best way to go. >>>>> >>>>> When you create the new ServerSocket on line 212, you're now >>>>> binding it to the port now where originally it started as an >>>>> unbound socket.? By doing so, the behavior of setReuseAddress() on >>>>> line 214 is now undefined. >>>> This setReuseAddress() call looks unnecessary now. I'll update the >>>> test. >>>>> While this test no longer stops/starts the server, other tests may >>>>> wish to do so and their behavior may not be consistent (though >>>>> apparently it wasn't consistent even in the old scheme where the >>>>> socket was unbound, then setReuseAddress() was called...) >>>> Correct. I checked other code which depend on SimpleOCSPServer >>>> >>>> javax/net/ssl/Stapling/HttpsUrlConnClient.java >>>> javax/net/ssl/Stapling/SSLEngineWithStapling.java >>>> javax/net/ssl/Stapling/SSLSocketWithStapling.java >>>> javax/net/ssl/Stapling/StapleEnableProps.java >>>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java >>>> >>>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java >>>> >>>> artem at artem-laptop:~/ws/jdk/jdk9_dev_stapling_test/jdk/test$ kate >>>> javax/net/ssl/Stapling/HttpsUrlConnClient.java >>>> javax/net/ssl/Stapling/SSLEngineWithStapling.java >>>> javax/net/ssl/Stapling/SSLSocketWithStapling.java >>>> javax/net/ssl/Stapling/StapleEnableProps.java >>>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java >>>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java >>>> >>>> >>>> These tests call stop() only once when actual testcases are done. >>>> Actually, some of them don't even call stop(), but it seems to work >>>> fine. As an enhancement, I would add stop() calls to finally >>>> blocks, but it seems to work fine without it anyway. >>> I liked your solution with the stop() calls in finally blocks and I >>> agree that they should have them.? I think we get away with it >>> because in most if not all of those cases they are running as >>> othervm tests (because we have properties that we set specific to >>> the tests).? So when the JVM exits resources like sockets are closed >>> by the OS.? Still, it's better to have the try/finally guards and >>> explicitly and gracefully shutdown the OCSP responders. >>>> >>>> Here is an updated webrev: >>>> >>>> http://cr.openjdk.java.net/~asmotrak/8162484/webrev.01/ >>> I realize that in many of these test cases we're going to move away >>> from a start/stop approach to your accept/reject one, but in general >>> sockets designed to be listening should start unbound, set the >>> SO_REUSEADDR sockopt, then bind and listen. Was there a specific >>> reason to change that code, or was it just to streamline it?? Aside >>> from fewer lines of code, I'm not sure what it buys us. >>>> >>>> Artem >>>> >>>> >>>>> >>>>> --Jamil >>>>> >>>>> >>>>> On 08/10/2016 03:44 PM, Artem Smotrakov wrote: >>>>>> Hello, >>>>>> >>>>>> Please review this update for OCSP stapling tests. >>>>>> >>>>>> The tests use >>>>>> test/java/security/testlibrary/SimpleOCSPServer.java which try to >>>>>> re-use a server port if the server restarted. Looks like >>>>>> sometimes it may cause "Address already in use" error. >>>>>> >>>>>> The patch updates OCSP stapling tests with the following: >>>>>> - updated SSLSocketWithStapling.java test not to restart OCSP >>>>>> responders >>>>>> - updated SimpleOCSPServer to be able to reject incoming connections >>>>>> - updated SimpleOCSPServer to be able to reproduce a delay >>>>>> without restarting >>>>>> >>>>>> Jamil, >>>>>> >>>>>> Could you please take a look at this update, and confirm if this >>>>>> update doesn't break the original test scenarios? >>>>>> >>>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8162484 >>>>>> Webrev: http://cr.openjdk.java.net/~asmotrak/8162484/webrev.00/ >>>>>> >>>>>> Artem >>>>> >>>> >>> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From artem.smotrakov at oracle.com Fri Aug 12 22:25:03 2016 From: artem.smotrakov at oracle.com (Artem Smotrakov) Date: Fri, 12 Aug 2016 15:25:03 -0700 Subject: [9] RFR: 8162484: javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails intermittently with "Address already in use" error In-Reply-To: <72walb7qsg2a2j6l62xtybpd.1471037888111@email.android.com> References: <72walb7qsg2a2j6l62xtybpd.1471037888111@email.android.com> Message-ID: <90a30187-9739-8bdc-7b25-10ea4fae42a7@oracle.com> Thank you for review Jamil. Xuelei, Could you please take a look? Artem On 08/12/2016 02:38 PM, Jamil Nimeh wrote: > Thank you Artem. The fix looks good. You just need a +1 from an > official reviewer. > > > > --Jamil > > -------- Original message -------- > From: Artem Smotrakov > Date: 8/12/16 1:07 PM (GMT-08:00) > To: Jamil Nimeh , Security Dev OpenJDK > > Subject: Re: [9] RFR: 8162484: > javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails > intermittently with "Address already in use" error > > No problem. > > http://cr.openjdk.java.net/~asmotrak/8162484/webrev.02/ > > Artem > > > On 08/12/2016 12:02 PM, Jamil Nimeh wrote: > > For the tests as we use them today we don't intend the server to > > restart. The intent of SimpleOCSPServer was to be of use for a > > variety of testing purposes. I don't know that we can say for all > > intended uses that we'll *never* need to restart it. That's why I'd > > like to keep the unbound socket/set sockopt/bind/listen behavior. I > > don't think ServerSocket(0) achieves that. > > > > --Jamil > > > > On 8/12/2016 11:30 AM, Artem Smotrakov wrote: > >> Hi Jamil, > >> > >> There was no any specific reason to remove ServerSocket.bind() call. > >> ServerSocket(0) constructor creates a server socket, automatically > >> bound to a random free port. If I am not missing something, it > >> doesn't look necessary to set the SO_REUSEADDR socket options if the > >> server is not going to restart. The code is just shorter if we use > >> ServerSocket(0) constructor to open a server socket, but I can revert > >> it to use bind() with 0 port number if you think it's better. > >> > >> Artem > >> > >> > >> On 08/12/2016 09:13 AM, Jamil Nimeh wrote: > >>> Hi Artem, more comments in-line > >>> > >>> > >>> On 8/11/2016 11:46 AM, Artem Smotrakov wrote: > >>>> Hi Jamil, > >>>> > >>>> Thank you for review. Please see inline. > >>>> > >>>> > >>>> On 08/10/2016 04:16 PM, Jamil Nimeh wrote: > >>>>> Hi Artem, > >>>>> > >>>>> I'm not an official reviewer but the solution for making the > >>>>> servers reject connections rather than stop and start looks pretty > >>>>> fair to me and seems like a nice way to simulate a downed OCSP > >>>>> responder instead of having to bounce it. A couple > >>>>> comments/questions: > >>>>> > >>>>> I'm a bit surprised that you get the "Address already in use" > >>>>> error though. > >>>> Well, to be honest, I was not able to reproduce this failure > >>>> locally. I was running the test in a loop for a couple of days, and > >>>> it didn't fail. But the test has been observed to fail in other > >>>> test runs (jprt, CI, etc). > >>>> > >>>> I am not an expert in networking, and I would appreciate if someone > >>>> more knowledgeable gives an advise how these intermittent failures > >>>> can be avoided. > >>>> > >>>>> Isn't servSocket.setReuseAddress(true) on line 214 supposed to set > >>>>> the SO_REUSEADDR at the system call level and prevent EADDRINUSE > >>>>> when listening or binding? > >>>> If I am not missing something, the test has been observed to fails > >>>> while re-binding. I am wondering if it's possible that the port > >>>> becomes busy after the server socket was closed, but before bind() > >>>> is called again. The probability of this situation seems to be very > >>>> low which has been actually seen - the test fails very rare. > >>>> > >>>> If this is the case, it seems like servSocket.setReuseAddress(true) > >>>> doesn't help because the port is taken by another process (I am not > >>>> sure that SO_REUSEADDR prevents from this). Again, this is only my > >>>> guess, and I may be wrong. > >>> You know, I hadn't thought of that. I've never been able to > >>> reproduce that problem either, but I'm running on a local virtual > >>> box VM on a laptop, and usually the tests are running sequentially. > >>> I could definitely see the case where other processes are soaking up > >>> the OCSP responder's port. With those tests, I kind of need the > >>> port to remain the same since I'm putting that server and port in > >>> the AIA extensions of the certs for which it answers. Given this > >>> particular case, it seems like your solution of keeping the server > >>> bound but just chopping connections off is the best way to go. > >>>>> > >>>>> When you create the new ServerSocket on line 212, you're now > >>>>> binding it to the port now where originally it started as an > >>>>> unbound socket. By doing so, the behavior of setReuseAddress() on > >>>>> line 214 is now undefined. > >>>> This setReuseAddress() call looks unnecessary now. I'll update the > >>>> test. > >>>>> While this test no longer stops/starts the server, other tests may > >>>>> wish to do so and their behavior may not be consistent (though > >>>>> apparently it wasn't consistent even in the old scheme where the > >>>>> socket was unbound, then setReuseAddress() was called...) > >>>> Correct. I checked other code which depend on SimpleOCSPServer > >>>> > >>>> javax/net/ssl/Stapling/HttpsUrlConnClient.java > >>>> javax/net/ssl/Stapling/SSLEngineWithStapling.java > >>>> javax/net/ssl/Stapling/SSLSocketWithStapling.java > >>>> javax/net/ssl/Stapling/StapleEnableProps.java > >>>> > sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java > > >>>> > >>>> > sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java > > >>>> > >>>> artem at artem-laptop:~/ws/jdk/jdk9_dev_stapling_test/jdk/test$ kate > >>>> javax/net/ssl/Stapling/HttpsUrlConnClient.java > >>>> javax/net/ssl/Stapling/SSLEngineWithStapling.java > >>>> javax/net/ssl/Stapling/SSLSocketWithStapling.java > >>>> javax/net/ssl/Stapling/StapleEnableProps.java > >>>> > sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java > > >>>> > sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java > > >>>> > >>>> > >>>> These tests call stop() only once when actual testcases are done. > >>>> Actually, some of them don't even call stop(), but it seems to work > >>>> fine. As an enhancement, I would add stop() calls to finally > >>>> blocks, but it seems to work fine without it anyway. > >>> I liked your solution with the stop() calls in finally blocks and I > >>> agree that they should have them. I think we get away with it > >>> because in most if not all of those cases they are running as > >>> othervm tests (because we have properties that we set specific to > >>> the tests). So when the JVM exits resources like sockets are closed > >>> by the OS. Still, it's better to have the try/finally guards and > >>> explicitly and gracefully shutdown the OCSP responders. > >>>> > >>>> Here is an updated webrev: > >>>> > >>>> http://cr.openjdk.java.net/~asmotrak/8162484/webrev.01/ > >>> I realize that in many of these test cases we're going to move away > >>> from a start/stop approach to your accept/reject one, but in general > >>> sockets designed to be listening should start unbound, set the > >>> SO_REUSEADDR sockopt, then bind and listen. Was there a specific > >>> reason to change that code, or was it just to streamline it? Aside > >>> from fewer lines of code, I'm not sure what it buys us. > >>>> > >>>> Artem > >>>> > >>>> > >>>>> > >>>>> --Jamil > >>>>> > >>>>> > >>>>> On 08/10/2016 03:44 PM, Artem Smotrakov wrote: > >>>>>> Hello, > >>>>>> > >>>>>> Please review this update for OCSP stapling tests. > >>>>>> > >>>>>> The tests use > >>>>>> test/java/security/testlibrary/SimpleOCSPServer.java which try to > >>>>>> re-use a server port if the server restarted. Looks like > >>>>>> sometimes it may cause "Address already in use" error. > >>>>>> > >>>>>> The patch updates OCSP stapling tests with the following: > >>>>>> - updated SSLSocketWithStapling.java test not to restart OCSP > >>>>>> responders > >>>>>> - updated SimpleOCSPServer to be able to reject incoming > connections > >>>>>> - updated SimpleOCSPServer to be able to reproduce a delay > >>>>>> without restarting > >>>>>> > >>>>>> Jamil, > >>>>>> > >>>>>> Could you please take a look at this update, and confirm if this > >>>>>> update doesn't break the original test scenarios? > >>>>>> > >>>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8162484 > >>>>>> Webrev: http://cr.openjdk.java.net/~asmotrak/8162484/webrev.00/ > >>>>>> > >>>>>> Artem > >>>>> > >>>> > >>> > >> > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From ivan.gerasimov at oracle.com Sat Aug 13 01:15:42 2016 From: ivan.gerasimov at oracle.com (Ivan Gerasimov) Date: Sat, 13 Aug 2016 04:15:42 +0300 Subject: [jdk9] RFR: 8163896: Finalizing one key of a KeyPair invalidates the other key Message-ID: <4330543b-37ed-93fb-ea05-1e61ad071bd3@oracle.com> Hello! It was noticed, that SunMSCAPI implementation of a KeyPair has a problem: The public and the private keys share the same native handles. As the result, when one of the keys is finalized, and its resources are freed, the second key becomes invalid. Would you please help review the fix? BUGURL: https://bugs.openjdk.java.net/browse/JDK-8163896 WEBREV: http://cr.openjdk.java.net/~igerasim/8163896/00/webrev/ With kind regards, Ivan From xuelei.fan at oracle.com Sat Aug 13 01:17:21 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Sat, 13 Aug 2016 09:17:21 +0800 Subject: [9] RFR: 8162484: javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails intermittently with "Address already in use" error In-Reply-To: <90a30187-9739-8bdc-7b25-10ea4fae42a7@oracle.com> References: <72walb7qsg2a2j6l62xtybpd.1471037888111@email.android.com> <90a30187-9739-8bdc-7b25-10ea4fae42a7@oracle.com> Message-ID: <97b081a2-b982-41fc-cf46-bb59f6eebbf0@oracle.com> It's a nice find of the port reuse issues. This update will turn into expected connection failure into reading/writing interruption as the server simulate the failure by closing the incoming connections. It's fine for this test, I think. For lines like: 288 intOcsp.rejectConnections(); 289 rootOcsp.rejectConnections(); 290 Thread.sleep(1000); I was wondering as the server does not need to bootup again, is the delay still needed? Otherwise, looks fine to me. Thanks, Xuelei On 8/13/2016 6:25 AM, Artem Smotrakov wrote: > Thank you for review Jamil. > > Xuelei, > > Could you please take a look? > > Artem > > > On 08/12/2016 02:38 PM, Jamil Nimeh wrote: >> Thank you Artem. The fix looks good. You just need a +1 from an >> official reviewer. >> >> >> >> --Jamil >> >> -------- Original message -------- >> From: Artem Smotrakov >> Date: 8/12/16 1:07 PM (GMT-08:00) >> To: Jamil Nimeh , Security Dev OpenJDK >> >> Subject: Re: [9] RFR: 8162484: >> javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails >> intermittently with "Address already in use" error >> >> No problem. >> >> http://cr.openjdk.java.net/~asmotrak/8162484/webrev.02/ >> >> Artem >> >> >> On 08/12/2016 12:02 PM, Jamil Nimeh wrote: >> > For the tests as we use them today we don't intend the server to >> > restart. The intent of SimpleOCSPServer was to be of use for a >> > variety of testing purposes. I don't know that we can say for all >> > intended uses that we'll *never* need to restart it. That's why I'd >> > like to keep the unbound socket/set sockopt/bind/listen behavior. I >> > don't think ServerSocket(0) achieves that. >> > >> > --Jamil >> > >> > On 8/12/2016 11:30 AM, Artem Smotrakov wrote: >> >> Hi Jamil, >> >> >> >> There was no any specific reason to remove ServerSocket.bind() call. >> >> ServerSocket(0) constructor creates a server socket, automatically >> >> bound to a random free port. If I am not missing something, it >> >> doesn't look necessary to set the SO_REUSEADDR socket options if the >> >> server is not going to restart. The code is just shorter if we use >> >> ServerSocket(0) constructor to open a server socket, but I can revert >> >> it to use bind() with 0 port number if you think it's better. >> >> >> >> Artem >> >> >> >> >> >> On 08/12/2016 09:13 AM, Jamil Nimeh wrote: >> >>> Hi Artem, more comments in-line >> >>> >> >>> >> >>> On 8/11/2016 11:46 AM, Artem Smotrakov wrote: >> >>>> Hi Jamil, >> >>>> >> >>>> Thank you for review. Please see inline. >> >>>> >> >>>> >> >>>> On 08/10/2016 04:16 PM, Jamil Nimeh wrote: >> >>>>> Hi Artem, >> >>>>> >> >>>>> I'm not an official reviewer but the solution for making the >> >>>>> servers reject connections rather than stop and start looks pretty >> >>>>> fair to me and seems like a nice way to simulate a downed OCSP >> >>>>> responder instead of having to bounce it. A couple >> >>>>> comments/questions: >> >>>>> >> >>>>> I'm a bit surprised that you get the "Address already in use" >> >>>>> error though. >> >>>> Well, to be honest, I was not able to reproduce this failure >> >>>> locally. I was running the test in a loop for a couple of days, and >> >>>> it didn't fail. But the test has been observed to fail in other >> >>>> test runs (jprt, CI, etc). >> >>>> >> >>>> I am not an expert in networking, and I would appreciate if someone >> >>>> more knowledgeable gives an advise how these intermittent failures >> >>>> can be avoided. >> >>>> >> >>>>> Isn't servSocket.setReuseAddress(true) on line 214 supposed to set >> >>>>> the SO_REUSEADDR at the system call level and prevent EADDRINUSE >> >>>>> when listening or binding? >> >>>> If I am not missing something, the test has been observed to fails >> >>>> while re-binding. I am wondering if it's possible that the port >> >>>> becomes busy after the server socket was closed, but before bind() >> >>>> is called again. The probability of this situation seems to be very >> >>>> low which has been actually seen - the test fails very rare. >> >>>> >> >>>> If this is the case, it seems like servSocket.setReuseAddress(true) >> >>>> doesn't help because the port is taken by another process (I am not >> >>>> sure that SO_REUSEADDR prevents from this). Again, this is only my >> >>>> guess, and I may be wrong. >> >>> You know, I hadn't thought of that. I've never been able to >> >>> reproduce that problem either, but I'm running on a local virtual >> >>> box VM on a laptop, and usually the tests are running sequentially. >> >>> I could definitely see the case where other processes are soaking up >> >>> the OCSP responder's port. With those tests, I kind of need the >> >>> port to remain the same since I'm putting that server and port in >> >>> the AIA extensions of the certs for which it answers. Given this >> >>> particular case, it seems like your solution of keeping the server >> >>> bound but just chopping connections off is the best way to go. >> >>>>> >> >>>>> When you create the new ServerSocket on line 212, you're now >> >>>>> binding it to the port now where originally it started as an >> >>>>> unbound socket. By doing so, the behavior of setReuseAddress() on >> >>>>> line 214 is now undefined. >> >>>> This setReuseAddress() call looks unnecessary now. I'll update the >> >>>> test. >> >>>>> While this test no longer stops/starts the server, other tests may >> >>>>> wish to do so and their behavior may not be consistent (though >> >>>>> apparently it wasn't consistent even in the old scheme where the >> >>>>> socket was unbound, then setReuseAddress() was called...) >> >>>> Correct. I checked other code which depend on SimpleOCSPServer >> >>>> >> >>>> javax/net/ssl/Stapling/HttpsUrlConnClient.java >> >>>> javax/net/ssl/Stapling/SSLEngineWithStapling.java >> >>>> javax/net/ssl/Stapling/SSLSocketWithStapling.java >> >>>> javax/net/ssl/Stapling/StapleEnableProps.java >> >>>> >> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java >> >> >>>> >> >>>> >> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java >> >> >>>> >> >>>> artem at artem-laptop:~/ws/jdk/jdk9_dev_stapling_test/jdk/test$ kate >> >>>> javax/net/ssl/Stapling/HttpsUrlConnClient.java >> >>>> javax/net/ssl/Stapling/SSLEngineWithStapling.java >> >>>> javax/net/ssl/Stapling/SSLSocketWithStapling.java >> >>>> javax/net/ssl/Stapling/StapleEnableProps.java >> >>>> >> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java >> >> >>>> >> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java >> >> >>>> >> >>>> >> >>>> These tests call stop() only once when actual testcases are done. >> >>>> Actually, some of them don't even call stop(), but it seems to work >> >>>> fine. As an enhancement, I would add stop() calls to finally >> >>>> blocks, but it seems to work fine without it anyway. >> >>> I liked your solution with the stop() calls in finally blocks and I >> >>> agree that they should have them. I think we get away with it >> >>> because in most if not all of those cases they are running as >> >>> othervm tests (because we have properties that we set specific to >> >>> the tests). So when the JVM exits resources like sockets are closed >> >>> by the OS. Still, it's better to have the try/finally guards and >> >>> explicitly and gracefully shutdown the OCSP responders. >> >>>> >> >>>> Here is an updated webrev: >> >>>> >> >>>> http://cr.openjdk.java.net/~asmotrak/8162484/webrev.01/ >> >>> I realize that in many of these test cases we're going to move away >> >>> from a start/stop approach to your accept/reject one, but in general >> >>> sockets designed to be listening should start unbound, set the >> >>> SO_REUSEADDR sockopt, then bind and listen. Was there a specific >> >>> reason to change that code, or was it just to streamline it? Aside >> >>> from fewer lines of code, I'm not sure what it buys us. >> >>>> >> >>>> Artem >> >>>> >> >>>> >> >>>>> >> >>>>> --Jamil >> >>>>> >> >>>>> >> >>>>> On 08/10/2016 03:44 PM, Artem Smotrakov wrote: >> >>>>>> Hello, >> >>>>>> >> >>>>>> Please review this update for OCSP stapling tests. >> >>>>>> >> >>>>>> The tests use >> >>>>>> test/java/security/testlibrary/SimpleOCSPServer.java which try to >> >>>>>> re-use a server port if the server restarted. Looks like >> >>>>>> sometimes it may cause "Address already in use" error. >> >>>>>> >> >>>>>> The patch updates OCSP stapling tests with the following: >> >>>>>> - updated SSLSocketWithStapling.java test not to restart OCSP >> >>>>>> responders >> >>>>>> - updated SimpleOCSPServer to be able to reject incoming >> connections >> >>>>>> - updated SimpleOCSPServer to be able to reproduce a delay >> >>>>>> without restarting >> >>>>>> >> >>>>>> Jamil, >> >>>>>> >> >>>>>> Could you please take a look at this update, and confirm if this >> >>>>>> update doesn't break the original test scenarios? >> >>>>>> >> >>>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8162484 >> >>>>>> Webrev: http://cr.openjdk.java.net/~asmotrak/8162484/webrev.00/ >> >>>>>> >> >>>>>> Artem >> >>>>> >> >>>> >> >>> >> >> >> > >> > From sibabrata.sahoo at oracle.com Mon Aug 15 07:34:32 2016 From: sibabrata.sahoo at oracle.com (Sibabrata Sahoo) Date: Mon, 15 Aug 2016 00:34:32 -0700 (PDT) Subject: [9] RFR: 8153146 & 8087144 for sun/security/krb5/auto/MaxRetries.java Message-ID: <1c642c67-8d27-4c2a-929b-6d22a5388fe6@default> Hi, Please review the patch for 2 issues on "sun/security/krb5/auto/MaxRetries.java". JBS: https://bugs.openjdk.java.net/browse/JDK-8153146 https://bugs.openjdk.java.net/browse/JDK-8087144 Webrev: http://cr.openjdk.java.net/~ssahoo/8087144/webrev.00/ Description: MaxRetries was failing frequently with "Retry count is -1 less". When a communication happens to an active KDC there is a chance of getting resent message in case of delayed acknowledgement. The test was expecting certain number of response message but the resent messages was making the count wrong. Due to that the failure was occurring. MaxRetries was a single test file including several test cases, such as tryLast, tryLess etc. I tried to split the cases to multiple files because the single test file was running longer. Now each individual test takes less time comparatively previous but I have observed that doing so increases up to 7second of overall time. About https://bugs.openjdk.java.net/browse/JDK-8087144, based on existing log that is available, it looks like the rare failure occurs when the timeout interval provided is very small(about 2 sec). I have tried to double the exiting timeout interval to avoid such problem for this particular case. Few of difference in "BadKdc.java", is due to NetBeans IDE formatting. Thanks, Siba -------------- next part -------------- An HTML attachment was scrubbed... URL: From sean.coffey at oracle.com Mon Aug 15 10:04:11 2016 From: sean.coffey at oracle.com (=?UTF-8?Q?Se=c3=a1n_Coffey?=) Date: Mon, 15 Aug 2016 11:04:11 +0100 Subject: [jdk9] RFR: 8163896: Finalizing one key of a KeyPair invalidates the other key In-Reply-To: <4330543b-37ed-93fb-ea05-1e61ad071bd3@oracle.com> References: <4330543b-37ed-93fb-ea05-1e61ad071bd3@oracle.com> Message-ID: <57B1939B.9000703@oracle.com> Not sure how you end up finding such issues Ivan! The fix looks good. One suggestion on the testcase. Could you make it more generic ? i.e. don't just test the MSCAPI provider. Let's cycle through all providers available for KeyPairGenerator and ensure no other provider suffers (or introduces) the same issue. Regards, Sean. On 13/08/16 02:15, Ivan Gerasimov wrote: > Hello! > > It was noticed, that SunMSCAPI implementation of a KeyPair has a > problem: The public and the private keys share the same native handles. > > As the result, when one of the keys is finalized, and its resources > are freed, the second key becomes invalid. > > Would you please help review the fix? > > BUGURL: https://bugs.openjdk.java.net/browse/JDK-8163896 > WEBREV: http://cr.openjdk.java.net/~igerasim/8163896/00/webrev/ > > With kind regards, > Ivan > From ivan.gerasimov at oracle.com Mon Aug 15 10:50:35 2016 From: ivan.gerasimov at oracle.com (Ivan Gerasimov) Date: Mon, 15 Aug 2016 13:50:35 +0300 Subject: [jdk9] RFR: 8163896: Finalizing one key of a KeyPair invalidates the other key In-Reply-To: <57B1939B.9000703@oracle.com> References: <4330543b-37ed-93fb-ea05-1e61ad071bd3@oracle.com> <57B1939B.9000703@oracle.com> Message-ID: <084323cf-4ef5-b4ee-b5b7-782c891cb4e1@oracle.com> Thank you Se?n for review! It's a good point about making the testcase more generic; I'll modify it as you suggest. With kind regards, Ivan On 15.08.2016 13:04, Se?n Coffey wrote: > Not sure how you end up finding such issues Ivan! > > The fix looks good. One suggestion on the testcase. Could you make it > more generic ? i.e. don't just test the MSCAPI provider. Let's cycle > through all providers available for KeyPairGenerator and ensure no > other provider suffers (or introduces) the same issue. > > Regards, > Sean. > > On 13/08/16 02:15, Ivan Gerasimov wrote: >> Hello! >> >> It was noticed, that SunMSCAPI implementation of a KeyPair has a >> problem: The public and the private keys share the same native handles. >> >> As the result, when one of the keys is finalized, and its resources >> are freed, the second key becomes invalid. >> >> Would you please help review the fix? >> >> BUGURL: https://bugs.openjdk.java.net/browse/JDK-8163896 >> WEBREV: http://cr.openjdk.java.net/~igerasim/8163896/00/webrev/ >> >> With kind regards, >> Ivan >> > > From vincent.x.ryan at oracle.com Mon Aug 15 16:13:15 2016 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Mon, 15 Aug 2016 17:13:15 +0100 Subject: [jdk9] RFR: 8163896: Finalizing one key of a KeyPair invalidates the other key In-Reply-To: <4330543b-37ed-93fb-ea05-1e61ad071bd3@oracle.com> References: <4330543b-37ed-93fb-ea05-1e61ad071bd3@oracle.com> Message-ID: <5C24EF10-AB61-4FD8-B897-38D2CEBAE4FB@oracle.com> Thanks Ivan. Your fix looks good. > On 13 Aug 2016, at 02:15, Ivan Gerasimov wrote: > > Hello! > > It was noticed, that SunMSCAPI implementation of a KeyPair has a problem: The public and the private keys share the same native handles. > > As the result, when one of the keys is finalized, and its resources are freed, the second key becomes invalid. > > Would you please help review the fix? > > BUGURL: https://bugs.openjdk.java.net/browse/JDK-8163896 > WEBREV: http://cr.openjdk.java.net/~igerasim/8163896/00/webrev/ > > With kind regards, > Ivan > From artem.smotrakov at oracle.com Mon Aug 15 17:31:19 2016 From: artem.smotrakov at oracle.com (Artem Smotrakov) Date: Mon, 15 Aug 2016 10:31:19 -0700 Subject: [9] RFR: 8162484: javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails intermittently with "Address already in use" error In-Reply-To: <97b081a2-b982-41fc-cf46-bb59f6eebbf0@oracle.com> References: <72walb7qsg2a2j6l62xtybpd.1471037888111@email.android.com> <90a30187-9739-8bdc-7b25-10ea4fae42a7@oracle.com> <97b081a2-b982-41fc-cf46-bb59f6eebbf0@oracle.com> Message-ID: Hi Xuelei, Makes sense to me, I removed those 1 second delays http://cr.openjdk.java.net/~asmotrak/8162484/webrev.03/ Artem On 08/12/2016 06:17 PM, Xuelei Fan wrote: > It's a nice find of the port reuse issues. > > This update will turn into expected connection failure into > reading/writing interruption as the server simulate the failure by > closing the incoming connections. It's fine for this test, I think. > > For lines like: > 288 intOcsp.rejectConnections(); > 289 rootOcsp.rejectConnections(); > 290 Thread.sleep(1000); > > I was wondering as the server does not need to bootup again, is the > delay still needed? > > Otherwise, looks fine to me. > > Thanks, > Xuelei > > On 8/13/2016 6:25 AM, Artem Smotrakov wrote: >> Thank you for review Jamil. >> >> Xuelei, >> >> Could you please take a look? >> >> Artem >> >> >> On 08/12/2016 02:38 PM, Jamil Nimeh wrote: >>> Thank you Artem. The fix looks good. You just need a +1 from an >>> official reviewer. >>> >>> >>> >>> --Jamil >>> >>> -------- Original message -------- >>> From: Artem Smotrakov >>> Date: 8/12/16 1:07 PM (GMT-08:00) >>> To: Jamil Nimeh , Security Dev OpenJDK >>> >>> Subject: Re: [9] RFR: 8162484: >>> javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails >>> intermittently with "Address already in use" error >>> >>> No problem. >>> >>> http://cr.openjdk.java.net/~asmotrak/8162484/webrev.02/ >>> >>> Artem >>> >>> >>> On 08/12/2016 12:02 PM, Jamil Nimeh wrote: >>>> For the tests as we use them today we don't intend the server to >>>> restart. The intent of SimpleOCSPServer was to be of use for a >>>> variety of testing purposes. I don't know that we can say for all >>>> intended uses that we'll *never* need to restart it. That's why I'd >>>> like to keep the unbound socket/set sockopt/bind/listen behavior. I >>>> don't think ServerSocket(0) achieves that. >>>> >>>> --Jamil >>>> >>>> On 8/12/2016 11:30 AM, Artem Smotrakov wrote: >>>>> Hi Jamil, >>>>> >>>>> There was no any specific reason to remove ServerSocket.bind() call. >>>>> ServerSocket(0) constructor creates a server socket, automatically >>>>> bound to a random free port. If I am not missing something, it >>>>> doesn't look necessary to set the SO_REUSEADDR socket options if the >>>>> server is not going to restart. The code is just shorter if we use >>>>> ServerSocket(0) constructor to open a server socket, but I can revert >>>>> it to use bind() with 0 port number if you think it's better. >>>>> >>>>> Artem >>>>> >>>>> >>>>> On 08/12/2016 09:13 AM, Jamil Nimeh wrote: >>>>>> Hi Artem, more comments in-line >>>>>> >>>>>> >>>>>> On 8/11/2016 11:46 AM, Artem Smotrakov wrote: >>>>>>> Hi Jamil, >>>>>>> >>>>>>> Thank you for review. Please see inline. >>>>>>> >>>>>>> >>>>>>> On 08/10/2016 04:16 PM, Jamil Nimeh wrote: >>>>>>>> Hi Artem, >>>>>>>> >>>>>>>> I'm not an official reviewer but the solution for making the >>>>>>>> servers reject connections rather than stop and start looks pretty >>>>>>>> fair to me and seems like a nice way to simulate a downed OCSP >>>>>>>> responder instead of having to bounce it. A couple >>>>>>>> comments/questions: >>>>>>>> >>>>>>>> I'm a bit surprised that you get the "Address already in use" >>>>>>>> error though. >>>>>>> Well, to be honest, I was not able to reproduce this failure >>>>>>> locally. I was running the test in a loop for a couple of days, and >>>>>>> it didn't fail. But the test has been observed to fail in other >>>>>>> test runs (jprt, CI, etc). >>>>>>> >>>>>>> I am not an expert in networking, and I would appreciate if someone >>>>>>> more knowledgeable gives an advise how these intermittent failures >>>>>>> can be avoided. >>>>>>> >>>>>>>> Isn't servSocket.setReuseAddress(true) on line 214 supposed to set >>>>>>>> the SO_REUSEADDR at the system call level and prevent EADDRINUSE >>>>>>>> when listening or binding? >>>>>>> If I am not missing something, the test has been observed to fails >>>>>>> while re-binding. I am wondering if it's possible that the port >>>>>>> becomes busy after the server socket was closed, but before bind() >>>>>>> is called again. The probability of this situation seems to be very >>>>>>> low which has been actually seen - the test fails very rare. >>>>>>> >>>>>>> If this is the case, it seems like servSocket.setReuseAddress(true) >>>>>>> doesn't help because the port is taken by another process (I am not >>>>>>> sure that SO_REUSEADDR prevents from this). Again, this is only my >>>>>>> guess, and I may be wrong. >>>>>> You know, I hadn't thought of that. I've never been able to >>>>>> reproduce that problem either, but I'm running on a local virtual >>>>>> box VM on a laptop, and usually the tests are running sequentially. >>>>>> I could definitely see the case where other processes are soaking up >>>>>> the OCSP responder's port. With those tests, I kind of need the >>>>>> port to remain the same since I'm putting that server and port in >>>>>> the AIA extensions of the certs for which it answers. Given this >>>>>> particular case, it seems like your solution of keeping the server >>>>>> bound but just chopping connections off is the best way to go. >>>>>>>> When you create the new ServerSocket on line 212, you're now >>>>>>>> binding it to the port now where originally it started as an >>>>>>>> unbound socket. By doing so, the behavior of setReuseAddress() on >>>>>>>> line 214 is now undefined. >>>>>>> This setReuseAddress() call looks unnecessary now. I'll update the >>>>>>> test. >>>>>>>> While this test no longer stops/starts the server, other tests may >>>>>>>> wish to do so and their behavior may not be consistent (though >>>>>>>> apparently it wasn't consistent even in the old scheme where the >>>>>>>> socket was unbound, then setReuseAddress() was called...) >>>>>>> Correct. I checked other code which depend on SimpleOCSPServer >>>>>>> >>>>>>> javax/net/ssl/Stapling/HttpsUrlConnClient.java >>>>>>> javax/net/ssl/Stapling/SSLEngineWithStapling.java >>>>>>> javax/net/ssl/Stapling/SSLSocketWithStapling.java >>>>>>> javax/net/ssl/Stapling/StapleEnableProps.java >>>>>>> >>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java >>> >>>>>>> >>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java >>> >>>>>>> artem at artem-laptop:~/ws/jdk/jdk9_dev_stapling_test/jdk/test$ kate >>>>>>> javax/net/ssl/Stapling/HttpsUrlConnClient.java >>>>>>> javax/net/ssl/Stapling/SSLEngineWithStapling.java >>>>>>> javax/net/ssl/Stapling/SSLSocketWithStapling.java >>>>>>> javax/net/ssl/Stapling/StapleEnableProps.java >>>>>>> >>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java >>> >>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java >>> >>>>>>> >>>>>>> These tests call stop() only once when actual testcases are done. >>>>>>> Actually, some of them don't even call stop(), but it seems to work >>>>>>> fine. As an enhancement, I would add stop() calls to finally >>>>>>> blocks, but it seems to work fine without it anyway. >>>>>> I liked your solution with the stop() calls in finally blocks and I >>>>>> agree that they should have them. I think we get away with it >>>>>> because in most if not all of those cases they are running as >>>>>> othervm tests (because we have properties that we set specific to >>>>>> the tests). So when the JVM exits resources like sockets are closed >>>>>> by the OS. Still, it's better to have the try/finally guards and >>>>>> explicitly and gracefully shutdown the OCSP responders. >>>>>>> Here is an updated webrev: >>>>>>> >>>>>>> http://cr.openjdk.java.net/~asmotrak/8162484/webrev.01/ >>>>>> I realize that in many of these test cases we're going to move away >>>>>> from a start/stop approach to your accept/reject one, but in general >>>>>> sockets designed to be listening should start unbound, set the >>>>>> SO_REUSEADDR sockopt, then bind and listen. Was there a specific >>>>>> reason to change that code, or was it just to streamline it? Aside >>>>>> from fewer lines of code, I'm not sure what it buys us. >>>>>>> Artem >>>>>>> >>>>>>> >>>>>>>> --Jamil >>>>>>>> >>>>>>>> >>>>>>>> On 08/10/2016 03:44 PM, Artem Smotrakov wrote: >>>>>>>>> Hello, >>>>>>>>> >>>>>>>>> Please review this update for OCSP stapling tests. >>>>>>>>> >>>>>>>>> The tests use >>>>>>>>> test/java/security/testlibrary/SimpleOCSPServer.java which try to >>>>>>>>> re-use a server port if the server restarted. Looks like >>>>>>>>> sometimes it may cause "Address already in use" error. >>>>>>>>> >>>>>>>>> The patch updates OCSP stapling tests with the following: >>>>>>>>> - updated SSLSocketWithStapling.java test not to restart OCSP >>>>>>>>> responders >>>>>>>>> - updated SimpleOCSPServer to be able to reject incoming >>> connections >>>>>>>>> - updated SimpleOCSPServer to be able to reproduce a delay >>>>>>>>> without restarting >>>>>>>>> >>>>>>>>> Jamil, >>>>>>>>> >>>>>>>>> Could you please take a look at this update, and confirm if this >>>>>>>>> update doesn't break the original test scenarios? >>>>>>>>> >>>>>>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8162484 >>>>>>>>> Webrev: http://cr.openjdk.java.net/~asmotrak/8162484/webrev.00/ >>>>>>>>> >>>>>>>>> Artem From ivan.gerasimov at oracle.com Mon Aug 15 20:52:16 2016 From: ivan.gerasimov at oracle.com (Ivan Gerasimov) Date: Mon, 15 Aug 2016 23:52:16 +0300 Subject: [jdk9] RFR: 8163896: Finalizing one key of a KeyPair invalidates the other key In-Reply-To: <5C24EF10-AB61-4FD8-B897-38D2CEBAE4FB@oracle.com> References: <4330543b-37ed-93fb-ea05-1e61ad071bd3@oracle.com> <5C24EF10-AB61-4FD8-B897-38D2CEBAE4FB@oracle.com> Message-ID: <8934ceed-ac0a-ed0d-694a-55460cb8486a@oracle.com> Thank you Vincent for review! With kind regards, Ivan On 15.08.2016 19:13, Vincent Ryan wrote: > Thanks Ivan. Your fix looks good. > > >> On 13 Aug 2016, at 02:15, Ivan Gerasimov wrote: >> >> Hello! >> >> It was noticed, that SunMSCAPI implementation of a KeyPair has a problem: The public and the private keys share the same native handles. >> >> As the result, when one of the keys is finalized, and its resources are freed, the second key becomes invalid. >> >> Would you please help review the fix? >> >> BUGURL: https://bugs.openjdk.java.net/browse/JDK-8163896 >> WEBREV: http://cr.openjdk.java.net/~igerasim/8163896/00/webrev/ >> >> With kind regards, >> Ivan >> > From xuelei.fan at oracle.com Mon Aug 15 23:29:13 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Tue, 16 Aug 2016 07:29:13 +0800 Subject: [9] RFR: 8162484: javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails intermittently with "Address already in use" error In-Reply-To: References: <72walb7qsg2a2j6l62xtybpd.1471037888111@email.android.com> <90a30187-9739-8bdc-7b25-10ea4fae42a7@oracle.com> <97b081a2-b982-41fc-cf46-bb59f6eebbf0@oracle.com> Message-ID: <8675cd04-2a70-bebb-c202-9dfe6f9ad1bc@oracle.com> Looks fine to me. Thanks, Xuelei On 8/16/2016 1:31 AM, Artem Smotrakov wrote: > Hi Xuelei, > > Makes sense to me, I removed those 1 second delays > > http://cr.openjdk.java.net/~asmotrak/8162484/webrev.03/ > > Artem > > > On 08/12/2016 06:17 PM, Xuelei Fan wrote: >> It's a nice find of the port reuse issues. >> >> This update will turn into expected connection failure into >> reading/writing interruption as the server simulate the failure by >> closing the incoming connections. It's fine for this test, I think. >> >> For lines like: >> 288 intOcsp.rejectConnections(); >> 289 rootOcsp.rejectConnections(); >> 290 Thread.sleep(1000); >> >> I was wondering as the server does not need to bootup again, is the >> delay still needed? >> >> Otherwise, looks fine to me. >> >> Thanks, >> Xuelei >> >> On 8/13/2016 6:25 AM, Artem Smotrakov wrote: >>> Thank you for review Jamil. >>> >>> Xuelei, >>> >>> Could you please take a look? >>> >>> Artem >>> >>> >>> On 08/12/2016 02:38 PM, Jamil Nimeh wrote: >>>> Thank you Artem. The fix looks good. You just need a +1 from an >>>> official reviewer. >>>> >>>> >>>> >>>> --Jamil >>>> >>>> -------- Original message -------- >>>> From: Artem Smotrakov >>>> Date: 8/12/16 1:07 PM (GMT-08:00) >>>> To: Jamil Nimeh , Security Dev OpenJDK >>>> >>>> Subject: Re: [9] RFR: 8162484: >>>> javax/net/ssl/Stapling/SSLSocketWithStapling.java test fails >>>> intermittently with "Address already in use" error >>>> >>>> No problem. >>>> >>>> http://cr.openjdk.java.net/~asmotrak/8162484/webrev.02/ >>>> >>>> Artem >>>> >>>> >>>> On 08/12/2016 12:02 PM, Jamil Nimeh wrote: >>>>> For the tests as we use them today we don't intend the server to >>>>> restart. The intent of SimpleOCSPServer was to be of use for a >>>>> variety of testing purposes. I don't know that we can say for all >>>>> intended uses that we'll *never* need to restart it. That's why I'd >>>>> like to keep the unbound socket/set sockopt/bind/listen behavior. I >>>>> don't think ServerSocket(0) achieves that. >>>>> >>>>> --Jamil >>>>> >>>>> On 8/12/2016 11:30 AM, Artem Smotrakov wrote: >>>>>> Hi Jamil, >>>>>> >>>>>> There was no any specific reason to remove ServerSocket.bind() call. >>>>>> ServerSocket(0) constructor creates a server socket, automatically >>>>>> bound to a random free port. If I am not missing something, it >>>>>> doesn't look necessary to set the SO_REUSEADDR socket options if the >>>>>> server is not going to restart. The code is just shorter if we use >>>>>> ServerSocket(0) constructor to open a server socket, but I can revert >>>>>> it to use bind() with 0 port number if you think it's better. >>>>>> >>>>>> Artem >>>>>> >>>>>> >>>>>> On 08/12/2016 09:13 AM, Jamil Nimeh wrote: >>>>>>> Hi Artem, more comments in-line >>>>>>> >>>>>>> >>>>>>> On 8/11/2016 11:46 AM, Artem Smotrakov wrote: >>>>>>>> Hi Jamil, >>>>>>>> >>>>>>>> Thank you for review. Please see inline. >>>>>>>> >>>>>>>> >>>>>>>> On 08/10/2016 04:16 PM, Jamil Nimeh wrote: >>>>>>>>> Hi Artem, >>>>>>>>> >>>>>>>>> I'm not an official reviewer but the solution for making the >>>>>>>>> servers reject connections rather than stop and start looks pretty >>>>>>>>> fair to me and seems like a nice way to simulate a downed OCSP >>>>>>>>> responder instead of having to bounce it. A couple >>>>>>>>> comments/questions: >>>>>>>>> >>>>>>>>> I'm a bit surprised that you get the "Address already in use" >>>>>>>>> error though. >>>>>>>> Well, to be honest, I was not able to reproduce this failure >>>>>>>> locally. I was running the test in a loop for a couple of days, and >>>>>>>> it didn't fail. But the test has been observed to fail in other >>>>>>>> test runs (jprt, CI, etc). >>>>>>>> >>>>>>>> I am not an expert in networking, and I would appreciate if someone >>>>>>>> more knowledgeable gives an advise how these intermittent failures >>>>>>>> can be avoided. >>>>>>>> >>>>>>>>> Isn't servSocket.setReuseAddress(true) on line 214 supposed to set >>>>>>>>> the SO_REUSEADDR at the system call level and prevent EADDRINUSE >>>>>>>>> when listening or binding? >>>>>>>> If I am not missing something, the test has been observed to fails >>>>>>>> while re-binding. I am wondering if it's possible that the port >>>>>>>> becomes busy after the server socket was closed, but before bind() >>>>>>>> is called again. The probability of this situation seems to be very >>>>>>>> low which has been actually seen - the test fails very rare. >>>>>>>> >>>>>>>> If this is the case, it seems like servSocket.setReuseAddress(true) >>>>>>>> doesn't help because the port is taken by another process (I am not >>>>>>>> sure that SO_REUSEADDR prevents from this). Again, this is only my >>>>>>>> guess, and I may be wrong. >>>>>>> You know, I hadn't thought of that. I've never been able to >>>>>>> reproduce that problem either, but I'm running on a local virtual >>>>>>> box VM on a laptop, and usually the tests are running sequentially. >>>>>>> I could definitely see the case where other processes are soaking up >>>>>>> the OCSP responder's port. With those tests, I kind of need the >>>>>>> port to remain the same since I'm putting that server and port in >>>>>>> the AIA extensions of the certs for which it answers. Given this >>>>>>> particular case, it seems like your solution of keeping the server >>>>>>> bound but just chopping connections off is the best way to go. >>>>>>>>> When you create the new ServerSocket on line 212, you're now >>>>>>>>> binding it to the port now where originally it started as an >>>>>>>>> unbound socket. By doing so, the behavior of setReuseAddress() on >>>>>>>>> line 214 is now undefined. >>>>>>>> This setReuseAddress() call looks unnecessary now. I'll update the >>>>>>>> test. >>>>>>>>> While this test no longer stops/starts the server, other tests may >>>>>>>>> wish to do so and their behavior may not be consistent (though >>>>>>>>> apparently it wasn't consistent even in the old scheme where the >>>>>>>>> socket was unbound, then setReuseAddress() was called...) >>>>>>>> Correct. I checked other code which depend on SimpleOCSPServer >>>>>>>> >>>>>>>> javax/net/ssl/Stapling/HttpsUrlConnClient.java >>>>>>>> javax/net/ssl/Stapling/SSLEngineWithStapling.java >>>>>>>> javax/net/ssl/Stapling/SSLSocketWithStapling.java >>>>>>>> javax/net/ssl/Stapling/StapleEnableProps.java >>>>>>>> >>>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java >>>> >>>> >>>>>>>> >>>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java >>>> >>>> >>>>>>>> artem at artem-laptop:~/ws/jdk/jdk9_dev_stapling_test/jdk/test$ kate >>>>>>>> javax/net/ssl/Stapling/HttpsUrlConnClient.java >>>>>>>> javax/net/ssl/Stapling/SSLEngineWithStapling.java >>>>>>>> javax/net/ssl/Stapling/SSLSocketWithStapling.java >>>>>>>> javax/net/ssl/Stapling/StapleEnableProps.java >>>>>>>> >>>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusReqSelection.java >>>> >>>> >>>> sun/security/ssl/StatusStapling/java.base/sun/security/ssl/StatusResponseManagerTests.java >>>> >>>> >>>>>>>> >>>>>>>> These tests call stop() only once when actual testcases are done. >>>>>>>> Actually, some of them don't even call stop(), but it seems to work >>>>>>>> fine. As an enhancement, I would add stop() calls to finally >>>>>>>> blocks, but it seems to work fine without it anyway. >>>>>>> I liked your solution with the stop() calls in finally blocks and I >>>>>>> agree that they should have them. I think we get away with it >>>>>>> because in most if not all of those cases they are running as >>>>>>> othervm tests (because we have properties that we set specific to >>>>>>> the tests). So when the JVM exits resources like sockets are closed >>>>>>> by the OS. Still, it's better to have the try/finally guards and >>>>>>> explicitly and gracefully shutdown the OCSP responders. >>>>>>>> Here is an updated webrev: >>>>>>>> >>>>>>>> http://cr.openjdk.java.net/~asmotrak/8162484/webrev.01/ >>>>>>> I realize that in many of these test cases we're going to move away >>>>>>> from a start/stop approach to your accept/reject one, but in general >>>>>>> sockets designed to be listening should start unbound, set the >>>>>>> SO_REUSEADDR sockopt, then bind and listen. Was there a specific >>>>>>> reason to change that code, or was it just to streamline it? Aside >>>>>>> from fewer lines of code, I'm not sure what it buys us. >>>>>>>> Artem >>>>>>>> >>>>>>>> >>>>>>>>> --Jamil >>>>>>>>> >>>>>>>>> >>>>>>>>> On 08/10/2016 03:44 PM, Artem Smotrakov wrote: >>>>>>>>>> Hello, >>>>>>>>>> >>>>>>>>>> Please review this update for OCSP stapling tests. >>>>>>>>>> >>>>>>>>>> The tests use >>>>>>>>>> test/java/security/testlibrary/SimpleOCSPServer.java which try to >>>>>>>>>> re-use a server port if the server restarted. Looks like >>>>>>>>>> sometimes it may cause "Address already in use" error. >>>>>>>>>> >>>>>>>>>> The patch updates OCSP stapling tests with the following: >>>>>>>>>> - updated SSLSocketWithStapling.java test not to restart OCSP >>>>>>>>>> responders >>>>>>>>>> - updated SimpleOCSPServer to be able to reject incoming >>>> connections >>>>>>>>>> - updated SimpleOCSPServer to be able to reproduce a delay >>>>>>>>>> without restarting >>>>>>>>>> >>>>>>>>>> Jamil, >>>>>>>>>> >>>>>>>>>> Could you please take a look at this update, and confirm if this >>>>>>>>>> update doesn't break the original test scenarios? >>>>>>>>>> >>>>>>>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8162484 >>>>>>>>>> Webrev: http://cr.openjdk.java.net/~asmotrak/8162484/webrev.00/ >>>>>>>>>> >>>>>>>>>> Artem > From xuelei.fan at oracle.com Mon Aug 15 23:57:26 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Tue, 16 Aug 2016 07:57:26 +0800 Subject: RFR: 8164052 Fix legal notices in JDK tests In-Reply-To: References: Message-ID: <75b34d1c-de47-e43c-47e3-f80258e268e0@oracle.com> CC security-dev. The security part looks fine to me. Thanks, Xuelei On 8/16/2016 2:39 AM, Alexandre (Shura) Iline wrote: > Hi, > > Please review this bulk update of JDK test sources which is fixing legal notices formatting and content. > > http://cr.openjdk.java.net/~shurailine/8164052/webrev_00/ > > I am sending this to the jdk9-dev at openjdk.java.net hoping that would be enough. Otherwise I would send the request to multiple aliases which have tests in idk repository. > > Shura > From li.jiang at oracle.com Mon Aug 8 08:59:14 2016 From: li.jiang at oracle.com (Leo Jiang) Date: Mon, 8 Aug 2016 16:59:14 +0800 Subject: RFR 8163303: Remove identity scope information from jarsigner -verbose output In-Reply-To: References: Message-ID: <9fd222ac-b891-9329-81b0-da800c6c061d@oracle.com> The change of L10n resource files looks good from L10n perspective. Thanks, Leo On 08/08/2016 03:28 PM, Weijun Wang wrote: > Hi All > > Please review the code change at > > http://cr.openjdk.java.net/~weijun/8163303/webrev.00 > > I removed the "@SuppressWarnings("deprecation")" at the beginning. I think this has been unnecessary for quite a while > since calls to deprecated classes (ContentSigner and ContentSignerParameters) have been moved to the new JarSigner API. > > *Leo*: I take the chance to update localized Resourses.java files for Japanese and Chinese, since this is only about > removing items. Please confirm this is OK. > > Thanks > Max From weijun.wang at oracle.com Tue Aug 16 06:10:21 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Tue, 16 Aug 2016 14:10:21 +0800 Subject: RFR 8141411: keytool can wrongly parse the start date value given by the -startdate option Message-ID: <53a6c6c6-5c45-4334-2ab8-19802e064bb4@oracle.com> Please review the fix for this embarrassing bug: http://cr.openjdk.java.net/~weijun/8141411/webrev.00 Thanks Max From xuelei.fan at oracle.com Tue Aug 16 08:44:34 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Tue, 16 Aug 2016 16:44:34 +0800 Subject: RFR 8141411: keytool can wrongly parse the start date value given by the -startdate option In-Reply-To: <53a6c6c6-5c45-4334-2ab8-19802e064bb4@oracle.com> References: <53a6c6c6-5c45-4334-2ab8-19802e064bb4@oracle.com> Message-ID: Looks fine to me. Thanks, Xuelei On 8/16/2016 2:10 PM, Weijun Wang wrote: > Please review the fix for this embarrassing bug: > > http://cr.openjdk.java.net/~weijun/8141411/webrev.00 > > Thanks > Max From ivan.gerasimov at oracle.com Tue Aug 16 12:56:41 2016 From: ivan.gerasimov at oracle.com (Ivan Gerasimov) Date: Tue, 16 Aug 2016 15:56:41 +0300 Subject: PING - [jdk9] RFR: 8153438: Avoid repeated "Please insert a smart card" popup windows In-Reply-To: <1b997be1-1d49-f477-b687-afe32b1563f5@oracle.com> References: <1b997be1-1d49-f477-b687-afe32b1563f5@oracle.com> Message-ID: A gentle reminder. Would you please help review at your convenience. With kind regards, Ivan On 09.08.2016 12:27, Ivan Gerasimov wrote: > Hello! > > In order to reduce the number of popup dialog windows during accessing > the smartcard, it is proposed to first do a silent "probe" step. > Only if this probe succeeded, or if it failed due to that SILENT flag, > we'll try to re-acquire the key normally (i.e. not silently). > > Would you please help review this proposal? > > BUGURL: https://bugs.openjdk.java.net/browse/JDK-8153438 > WEBREV: http://cr.openjdk.java.net/~igerasim/8153438/00/webrev/ > > With kind regards, > Ivan > > From vincent.x.ryan at oracle.com Tue Aug 16 13:27:20 2016 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Tue, 16 Aug 2016 14:27:20 +0100 Subject: PING - [jdk9] RFR: 8153438: Avoid repeated "Please insert a smart card" popup windows In-Reply-To: References: <1b997be1-1d49-f477-b687-afe32b1563f5@oracle.com> Message-ID: <1A59DF96-4E31-4738-A70F-E499793879BF@oracle.com> That fix looks fine. Is there any significant performance impact due to calling CryptAcquireCertificatePrivateKey twice? Thanks. > On 16 Aug 2016, at 13:56, Ivan Gerasimov wrote: > > A gentle reminder. > > Would you please help review at your convenience. > > With kind regards, > Ivan > > > On 09.08.2016 12:27, Ivan Gerasimov wrote: >> Hello! >> >> In order to reduce the number of popup dialog windows during accessing the smartcard, it is proposed to first do a silent "probe" step. >> Only if this probe succeeded, or if it failed due to that SILENT flag, we'll try to re-acquire the key normally (i.e. not silently). >> >> Would you please help review this proposal? >> >> BUGURL: https://bugs.openjdk.java.net/browse/JDK-8153438 >> WEBREV: http://cr.openjdk.java.net/~igerasim/8153438/00/webrev/ >> >> With kind regards, >> Ivan >> >> > From weijun.wang at oracle.com Tue Aug 16 15:52:07 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Tue, 16 Aug 2016 23:52:07 +0800 Subject: RFR 8087144/8153146: sun/security/krb5/auto/MaxRetries.java fails Message-ID: <4a645b15-be96-841e-a4ae-409b8fec58ca@oracle.com> Please take a review at http://cr.openjdk.java.net/~weijun/8087144/webrev.00/ for 8087144: sun/security/krb5/auto/MaxRetries.java fails with Retry count is -1 less 8153146: sun/security/krb5/auto/MaxRetries.java failed with timeout The test fails because a timeout happens on a real KDC. If a retry is permitted, this retry is treated as unexpected (8087144), otherwise, a timeout exception is thrown (8153146). The rewritten test does not always pursue for a single correct result. Instead, it encodes the test output into a string, and compares it to both an ideal exact result (real KDC never timeout) or a relaxed one (real KDC could timeout once for a while) and succeeds if either matches. The relaxed result is a regular expression. Before this change, the stability of the test is guaranteed (although not successfully) by using a big timeout value (say, 5 seconds). Now that we have the relaxed match, I am thinking it can be smaller. The current code change uses BadKdc.setRatio() to change the effective timeout value to 1 second. The test execution time is reduced from 180s to 30s on my machine. If the test still fails intermittently, maybe the relaxed match is not relaxed enough, or I should set a higher ratio. Let's wait and see. Thanks Max From alexandre.iline at oracle.com Tue Aug 16 17:17:27 2016 From: alexandre.iline at oracle.com (Alexandre (Shura) Iline) Date: Tue, 16 Aug 2016 10:17:27 -0700 Subject: RFR: 8163126 Wrong @modules in some of jdk/* tests Message-ID: <242C9427-C6B3-4E06-AA8A-708AA670CADE@oracle.com> Hi. Please review fixes related to module dependencies in a few jdk tests: http://cr.openjdk.java.net/~shurailine/8163126/webrev.00/index.html The review contains a few cases where jdk.zipfs is added to the module list. This is happening because all TestNG tests which use compiler API require jdk.zipfs to be able to read the testng jar. This is unfortunate but there is no easy way around that. Shura From valerie.peng at oracle.com Tue Aug 16 19:18:45 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Tue, 16 Aug 2016 12:18:45 -0700 Subject: PING - [jdk9] RFR: 8153438: Avoid repeated "Please insert a smart card" popup windows In-Reply-To: <1A59DF96-4E31-4738-A70F-E499793879BF@oracle.com> References: <1b997be1-1d49-f477-b687-afe32b1563f5@oracle.com> <1A59DF96-4E31-4738-A70F-E499793879BF@oracle.com> Message-ID: <24339fa6-9f25-0863-6fff-3eca3d97e65b@oracle.com> I am not familiar with the general behavior of CryptAcquireCertificatePrivateKey API. Would the first CryptAcquireCertificatePrivateKey(.., CRYPT_ACQUIRE_SILENT_FLAG, ...) ever return TRUE? If yes, then do we need to release the context and call CryptAcquireCertificatePrivateKey(..) again? I'd expect the overall logic to be something like: if (::CryptAcquireCertificatePrivateKey(pCertContext, CRYPT_ACQUIRE_SILENT_FLAG, NULL,&hCryptProv, &dwKeySpec, &bCallerFreeProv) == FALSE) { if (GetLastError() == NTE_SILENT_CONTEXT) { // Try acquiring the key normally (not silently)if (::CryptAcquireCertificatePrivateKey(pCertContext, 0, NULL, &hCryptProv, &dwKeySpec, &bCallerFreeProv) == FALSE) {bHasNoPrivateKey = TRUE; } } else { bHasNoPrivateKey = TRUE; } } // Then proceed on different code paths based on bHasNoPrivateKey value Anything that I missed? Valerie On 8/16/2016 6:27 AM, Vincent Ryan wrote: > That fix looks fine. Is there any significant performance impact due to calling CryptAcquireCertificatePrivateKey twice? > Thanks. > >> On 16 Aug 2016, at 13:56, Ivan Gerasimov wrote: >> >> A gentle reminder. >> >> Would you please help review at your convenience. >> >> With kind regards, >> Ivan >> >> >> On 09.08.2016 12:27, Ivan Gerasimov wrote: >>> Hello! >>> >>> In order to reduce the number of popup dialog windows during accessing the smartcard, it is proposed to first do a silent "probe" step. >>> Only if this probe succeeded, or if it failed due to that SILENT flag, we'll try to re-acquire the key normally (i.e. not silently). >>> >>> Would you please help review this proposal? >>> >>> BUGURL: https://bugs.openjdk.java.net/browse/JDK-8153438 >>> WEBREV: http://cr.openjdk.java.net/~igerasim/8153438/00/webrev/ >>> >>> With kind regards, >>> Ivan >>> >>> -------------- next part -------------- An HTML attachment was scrubbed... URL: From ivan.gerasimov at oracle.com Tue Aug 16 20:06:21 2016 From: ivan.gerasimov at oracle.com (Ivan Gerasimov) Date: Tue, 16 Aug 2016 23:06:21 +0300 Subject: PING - [jdk9] RFR: 8153438: Avoid repeated "Please insert a smart card" popup windows In-Reply-To: <24339fa6-9f25-0863-6fff-3eca3d97e65b@oracle.com> References: <1b997be1-1d49-f477-b687-afe32b1563f5@oracle.com> <1A59DF96-4E31-4738-A70F-E499793879BF@oracle.com> <24339fa6-9f25-0863-6fff-3eca3d97e65b@oracle.com> Message-ID: Thank you Valerie for looking into this! On 16.08.2016 22:18, Valerie Peng wrote: > > > I am not familiar with the general behavior of > CryptAcquireCertificatePrivateKey API. > > Would the first CryptAcquireCertificatePrivateKey(.., > CRYPT_ACQUIRE_SILENT_FLAG, ...) ever return TRUE? Yes. It returns TRUE if the key could be acquired silently, and I've seen this happening. > If yes, then do we need to release the context and call > CryptAcquireCertificatePrivateKey(..) again? > > I'd expect the overall logic to be something like: > > if (::CryptAcquireCertificatePrivateKey(pCertContext, > CRYPT_ACQUIRE_SILENT_FLAG, NULL,&hCryptProv, &dwKeySpec, > &bCallerFreeProv) == FALSE) { if (GetLastError() == > NTE_SILENT_CONTEXT) { // Try acquiring the key normally (not > silently)if (::CryptAcquireCertificatePrivateKey(pCertContext, 0, > NULL, &hCryptProv, &dwKeySpec, &bCallerFreeProv) == FALSE) > {bHasNoPrivateKey = TRUE; } } else { bHasNoPrivateKey = TRUE; } > } // Then proceed on different code paths based on > bHasNoPrivateKey value > This was the first thing I attempted to do. However, some subsequent operations with the key started to fail, throwing SignatureException (with the message "Provider could not perform the action since the context was acquired as silent.") That's why I switched to what is in this proposal: Silent probing and then re-acquiring the key normally (not silently). With kind regards, Ivan > Anything that I missed? > Valerie > > On 8/16/2016 6:27 AM, Vincent Ryan wrote: >> That fix looks fine. Is there any significant performance impact due to calling CryptAcquireCertificatePrivateKey twice? >> Thanks. >> >>> On 16 Aug 2016, at 13:56, Ivan Gerasimov wrote: >>> >>> A gentle reminder. >>> >>> Would you please help review at your convenience. >>> >>> With kind regards, >>> Ivan >>> >>> >>> On 09.08.2016 12:27, Ivan Gerasimov wrote: >>>> Hello! >>>> >>>> In order to reduce the number of popup dialog windows during accessing the smartcard, it is proposed to first do a silent "probe" step. >>>> Only if this probe succeeded, or if it failed due to that SILENT flag, we'll try to re-acquire the key normally (i.e. not silently). >>>> >>>> Would you please help review this proposal? >>>> >>>> BUGURL:https://bugs.openjdk.java.net/browse/JDK-8153438 >>>> WEBREV:http://cr.openjdk.java.net/~igerasim/8153438/00/webrev/ >>>> >>>> With kind regards, >>>> Ivan >>>> >>>> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From ivan.gerasimov at oracle.com Tue Aug 16 20:25:08 2016 From: ivan.gerasimov at oracle.com (Ivan Gerasimov) Date: Tue, 16 Aug 2016 23:25:08 +0300 Subject: PING - [jdk9] RFR: 8153438: Avoid repeated "Please insert a smart card" popup windows In-Reply-To: <1A59DF96-4E31-4738-A70F-E499793879BF@oracle.com> References: <1b997be1-1d49-f477-b687-afe32b1563f5@oracle.com> <1A59DF96-4E31-4738-A70F-E499793879BF@oracle.com> Message-ID: <19781d99-2424-c0cb-56d5-a8b4cf4f8292@oracle.com> Thank you Vincent! On 16.08.2016 16:27, Vincent Ryan wrote: > That fix looks fine. Is there any significant performance impact due to calling CryptAcquireCertificatePrivateKey twice? One of the intermittent attempts of implementing this enhancement was to also get the handle to the private key (CryptGetUserKey), using the silently acquired provider. And only if *that* succeeded, we treated the probe successful and tried to re-acquire the key normally. However, that approach really introduced a significant slowdown (approximately x2 times). On the other hand, with the proposed variant, the slowdown isn't noticeable by eye, but it surely will be worthwhile to do some benchmarking. With kind regards, Ivan > Thanks. > >> On 16 Aug 2016, at 13:56, Ivan Gerasimov wrote: >> >> A gentle reminder. >> >> Would you please help review at your convenience. >> >> With kind regards, >> Ivan >> >> >> On 09.08.2016 12:27, Ivan Gerasimov wrote: >>> Hello! >>> >>> In order to reduce the number of popup dialog windows during accessing the smartcard, it is proposed to first do a silent "probe" step. >>> Only if this probe succeeded, or if it failed due to that SILENT flag, we'll try to re-acquire the key normally (i.e. not silently). >>> >>> Would you please help review this proposal? >>> >>> BUGURL: https://bugs.openjdk.java.net/browse/JDK-8153438 >>> WEBREV: http://cr.openjdk.java.net/~igerasim/8153438/00/webrev/ >>> >>> With kind regards, >>> Ivan >>> >>> > From valerie.peng at oracle.com Tue Aug 16 22:25:59 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Tue, 16 Aug 2016 15:25:59 -0700 Subject: PING - [jdk9] RFR: 8153438: Avoid repeated "Please insert a smart card" popup windows In-Reply-To: References: <1b997be1-1d49-f477-b687-afe32b1563f5@oracle.com> <1A59DF96-4E31-4738-A70F-E499793879BF@oracle.com> <24339fa6-9f25-0863-6fff-3eca3d97e65b@oracle.com> Message-ID: Hmm, interesting... So, if the first call succeeded and you release the context and re-try. Does the popup window show up for the second call? Just curious. Changes look fine. Valerie On 8/16/2016 1:06 PM, Ivan Gerasimov wrote: > > Thank you Valerie for looking into this! > > > On 16.08.2016 22:18, Valerie Peng wrote: >> >> >> I am not familiar with the general behavior of >> CryptAcquireCertificatePrivateKey API. >> >> Would the first CryptAcquireCertificatePrivateKey(.., >> CRYPT_ACQUIRE_SILENT_FLAG, ...) ever return TRUE? > > Yes. It returns TRUE if the key could be acquired silently, and I've > seen this happening. > >> If yes, then do we need to release the context and call >> CryptAcquireCertificatePrivateKey(..) again? >> >> I'd expect the overall logic to be something like: >> >> if (::CryptAcquireCertificatePrivateKey(pCertContext, >> CRYPT_ACQUIRE_SILENT_FLAG, NULL,&hCryptProv, &dwKeySpec, >> &bCallerFreeProv) == FALSE) { if (GetLastError() == >> NTE_SILENT_CONTEXT) { // Try acquiring the key normally (not >> silently)if (::CryptAcquireCertificatePrivateKey(pCertContext, 0, >> NULL, &hCryptProv, &dwKeySpec, &bCallerFreeProv) == FALSE) >> {bHasNoPrivateKey = TRUE; } } else { bHasNoPrivateKey = TRUE; } >> } // Then proceed on different code paths based on >> bHasNoPrivateKey value >> > This was the first thing I attempted to do. > However, some subsequent operations with the key started to fail, > throwing SignatureException (with the message "Provider could not > perform the action since the context was acquired as silent.") > > That's why I switched to what is in this proposal: Silent probing and > then re-acquiring the key normally (not silently). > > With kind regards, > Ivan > >> Anything that I missed? >> Valerie >> >> On 8/16/2016 6:27 AM, Vincent Ryan wrote: >>> That fix looks fine. Is there any significant performance impact due to calling CryptAcquireCertificatePrivateKey twice? >>> Thanks. >>> >>>> On 16 Aug 2016, at 13:56, Ivan Gerasimov wrote: >>>> >>>> A gentle reminder. >>>> >>>> Would you please help review at your convenience. >>>> >>>> With kind regards, >>>> Ivan >>>> >>>> >>>> On 09.08.2016 12:27, Ivan Gerasimov wrote: >>>>> Hello! >>>>> >>>>> In order to reduce the number of popup dialog windows during accessing the smartcard, it is proposed to first do a silent "probe" step. >>>>> Only if this probe succeeded, or if it failed due to that SILENT flag, we'll try to re-acquire the key normally (i.e. not silently). >>>>> >>>>> Would you please help review this proposal? >>>>> >>>>> BUGURL:https://bugs.openjdk.java.net/browse/JDK-8153438 >>>>> WEBREV:http://cr.openjdk.java.net/~igerasim/8153438/00/webrev/ >>>>> >>>>> With kind regards, >>>>> Ivan >>>>> >>>>> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From weijun.wang at oracle.com Wed Aug 17 00:30:53 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Wed, 17 Aug 2016 08:30:53 +0800 Subject: RFR: 8163126 Wrong @modules in some of jdk/* tests In-Reply-To: <242C9427-C6B3-4E06-AA8A-708AA670CADE@oracle.com> References: <242C9427-C6B3-4E06-AA8A-708AA670CADE@oracle.com> Message-ID: <3b1f5d47-e64f-1f46-1486-889fa823841c@oracle.com> Hi Shura I am looking at test/jdk/security/jarsigner/Spec.java. IMHO, even on a Solaris, without the SunPKCS11 provider at runtime, this test should be able to find Signature and MessageDigest implementations from the SunRsaSign and SUN provider. Is the new @modules dependency necessary? In fact, I am curious how you note this test. Does it fail with some special settings? Thanks Max On 8/17/2016 1:17, Alexandre (Shura) Iline wrote: > Hi. > > Please review fixes related to module dependencies in a few jdk tests: > http://cr.openjdk.java.net/~shurailine/8163126/webrev.00/index.html > > The review contains a few cases where jdk.zipfs is added to the module list. This is happening because all TestNG tests which use compiler API require jdk.zipfs to be able to read the testng jar. This is unfortunate but there is no easy way around that. > > Shura > > > From valerie.peng at oracle.com Wed Aug 17 01:24:26 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Tue, 16 Aug 2016 18:24:26 -0700 Subject: [9] RFR 8078661: [SunPKCS11] Fails to cast into RSAPrivateCrtKey after RSA KeyPair Generation Message-ID: Anyone has time to review a straightforward fix? The current PKCS11 code assume that if public exponent is available for RSA Private Key, then it's a RSA CRT key. However, not all vendor implementation works this way. Changing to a tighter check and did minor code-refactoring to avoid re-retrieving the attribute values. Bug: https://bugs.openjdk.java.net/browse/JDK-8078661 Webrev: http://cr.openjdk.java.net/~valeriep/8078661/webrev.00/ Thanks, Valerie From alexandre.iline at oracle.com Wed Aug 17 01:26:26 2016 From: alexandre.iline at oracle.com (Alexandre (Shura) Iline) Date: Tue, 16 Aug 2016 18:26:26 -0700 Subject: RFR: 8163126 Wrong @modules in some of jdk/* tests In-Reply-To: <3b1f5d47-e64f-1f46-1486-889fa823841c@oracle.com> References: <242C9427-C6B3-4E06-AA8A-708AA670CADE@oracle.com> <3b1f5d47-e64f-1f46-1486-889fa823841c@oracle.com> Message-ID: Hi, Max. Excerpt from JTReg documentation: ========================================================================================================= @modules [/]+ Express a dependence on a modules in the system being tested, and optionally, on selected internal packages in some or all of those modules. If no dependencies are specified explicitly, a default set of dependencies will be read from the modules entry in test suite configuration files. A test will not be run if the system being tested does not contain all of the specified modules. Note: Specifying an entry that includes a dependence on an internal package is essentially equivalent to using -XaddExports:/ALL-UNNAMED when the test is compiled and run. ========================================================================================================= Before the suggested fix, the test in question would fail on a system with no jdk.crypto.pkcs11. That could be emulated by: $ jtreg ... -javaoptions:"-limitmods jdk.jartool" jdk/security/jarsigner/Spec.java ... FAILED: jdk/security/jarsigner/Spec.java ... $ jtreg ... -javaoptions:"-limitmods jdk.jartool,jdk.crypto.pkcs11" jdk/security/jarsigner/Spec.java ... Passed: jdk/security/jarsigner/Spec.java ... $ With my fix, the test will not be selected for execution when there is no jdk.crypto.pkcs11: $ jtreg ... -javaoptions:"-limitmods jdk.jartool" jdk/security/jarsigner/Spec.java ... Test results: no tests selected ? $ Shura > On Aug 16, 2016, at 5:30 PM, Weijun Wang wrote: > > Hi Shura > > I am looking at test/jdk/security/jarsigner/Spec.java. > > IMHO, even on a Solaris, without the SunPKCS11 provider at runtime, this test should be able to find Signature and MessageDigest implementations from the SunRsaSign and SUN provider. > > Is the new @modules dependency necessary? In fact, I am curious how you note this test. Does it fail with some special settings? > > Thanks > Max > > On 8/17/2016 1:17, Alexandre (Shura) Iline wrote: >> Hi. >> >> Please review fixes related to module dependencies in a few jdk tests: >> http://cr.openjdk.java.net/~shurailine/8163126/webrev.00/index.html >> >> The review contains a few cases where jdk.zipfs is added to the module list. This is happening because all TestNG tests which use compiler API require jdk.zipfs to be able to read the testng jar. This is unfortunate but there is no easy way around that. >> >> Shura >> >> >> From Xuelei.Fan at Oracle.COM Wed Aug 17 01:28:45 2016 From: Xuelei.Fan at Oracle.COM (Xuelei Fan) Date: Wed, 17 Aug 2016 09:28:45 +0800 Subject: RFR 8087144/8153146: sun/security/krb5/auto/MaxRetries.java fails In-Reply-To: <4a645b15-be96-841e-a4ae-409b8fec58ca@oracle.com> References: <4a645b15-be96-841e-a4ae-409b8fec58ca@oracle.com> Message-ID: <57B3BDCD.1060806@Oracle.COM> Looks fine to me. Xuelei On 8/16/2016 11:52 PM, Weijun Wang wrote: > Please take a review at > > http://cr.openjdk.java.net/~weijun/8087144/webrev.00/ > > for > > 8087144: sun/security/krb5/auto/MaxRetries.java fails with Retry > count is -1 less > 8153146: sun/security/krb5/auto/MaxRetries.java failed with timeout > > The test fails because a timeout happens on a real KDC. If a retry is > permitted, this retry is treated as unexpected (8087144), otherwise, a > timeout exception is thrown (8153146). > > The rewritten test does not always pursue for a single correct result. > Instead, it encodes the test output into a string, and compares it to > both an ideal exact result (real KDC never timeout) or a relaxed one > (real KDC could timeout once for a while) and succeeds if either > matches. The relaxed result is a regular expression. > > Before this change, the stability of the test is guaranteed (although > not successfully) by using a big timeout value (say, 5 seconds). Now > that we have the relaxed match, I am thinking it can be smaller. The > current code change uses BadKdc.setRatio() to change the effective > timeout value to 1 second. The test execution time is reduced from 180s > to 30s on my machine. > > If the test still fails intermittently, maybe the relaxed match is not > relaxed enough, or I should set a higher ratio. Let's wait and see. > > Thanks > Max From weijun.wang at oracle.com Wed Aug 17 01:48:52 2016 From: weijun.wang at oracle.com (Wang Weijun) Date: Wed, 17 Aug 2016 09:48:52 +0800 Subject: RFR: 8163126 Wrong @modules in some of jdk/* tests In-Reply-To: References: <242C9427-C6B3-4E06-AA8A-708AA670CADE@oracle.com> <3b1f5d47-e64f-1f46-1486-889fa823841c@oracle.com> Message-ID: <8D77C9ED-BA5E-4F94-BE2D-C73E418C666F@oracle.com> > On Aug 17, 2016, at 9:26 AM, Alexandre (Shura) Iline wrote: > > Before the suggested fix, the test in question would fail on a system with no jdk.crypto.pkcs11. That could be emulated by: > $ jtreg ... -javaoptions:"-limitmods jdk.jartool" jdk/security/jarsigner/Spec.java > ... > FAILED: jdk/security/jarsigner/Spec.java > ... > $ jtreg ... -javaoptions:"-limitmods jdk.jartool,jdk.crypto.pkcs11" jdk/security/jarsigner/Spec.java > ... > Passed: jdk/security/jarsigner/Spec.java > ... > $ Thanks very much for the detailed answer. Just a small suggestion: Can you try using jdk.crypto.ec module instead? It also provides all EC-related algorithms and it is available and loaded out-of-box on all platforms? --Max From ivan.gerasimov at oracle.com Wed Aug 17 10:48:47 2016 From: ivan.gerasimov at oracle.com (Ivan Gerasimov) Date: Wed, 17 Aug 2016 13:48:47 +0300 Subject: PING - [jdk9] RFR: 8153438: Avoid repeated "Please insert a smart card" popup windows In-Reply-To: References: <1b997be1-1d49-f477-b687-afe32b1563f5@oracle.com> <1A59DF96-4E31-4738-A70F-E499793879BF@oracle.com> <24339fa6-9f25-0863-6fff-3eca3d97e65b@oracle.com>

Message-ID: Hi Valerie! On 17.08.2016 1:25, Valerie Peng wrote: > > Hmm, interesting... > > So, if the first call succeeded and you release the context and > re-try. Does the popup window show up for the second call? > Just curious. > I assume that CryptAcquireCertificatePrivateKey() only displays the UI when necessary, so if the context could be acquired silently (i.e. the result is TRUE), it will be possible to acquire it with no UI and without explicit SILENT flag. With kind regards, Ivan > Changes look fine. > Valerie > On 8/16/2016 1:06 PM, Ivan Gerasimov wrote: >> >> Thank you Valerie for looking into this! >> >> >> On 16.08.2016 22:18, Valerie Peng wrote: >>> >>> >>> I am not familiar with the general behavior of >>> CryptAcquireCertificatePrivateKey API. >>> >>> Would the first CryptAcquireCertificatePrivateKey(.., >>> CRYPT_ACQUIRE_SILENT_FLAG, ...) ever return TRUE? >> >> Yes. It returns TRUE if the key could be acquired silently, and I've >> seen this happening. >> >>> If yes, then do we need to release the context and call >>> CryptAcquireCertificatePrivateKey(..) again? >>> >>> I'd expect the overall logic to be something like: >>> >>> if (::CryptAcquireCertificatePrivateKey(pCertContext, >>> CRYPT_ACQUIRE_SILENT_FLAG, NULL,&hCryptProv, &dwKeySpec, >>> &bCallerFreeProv) == FALSE) { if (GetLastError() == >>> NTE_SILENT_CONTEXT) { // Try acquiring the key normally (not >>> silently)if (::CryptAcquireCertificatePrivateKey(pCertContext, >>> 0, NULL, &hCryptProv, &dwKeySpec, &bCallerFreeProv) == FALSE) >>> {bHasNoPrivateKey = TRUE; } } else { bHasNoPrivateKey = TRUE; >>> } } // Then proceed on different code paths based on >>> bHasNoPrivateKey value >>> >> This was the first thing I attempted to do. >> However, some subsequent operations with the key started to fail, >> throwing SignatureException (with the message "Provider could not >> perform the action since the context was acquired as silent.") >> >> That's why I switched to what is in this proposal: Silent probing and >> then re-acquiring the key normally (not silently). >> >> With kind regards, >> Ivan >> >>> Anything that I missed? >>> Valerie >>> >>> On 8/16/2016 6:27 AM, Vincent Ryan wrote: >>>> That fix looks fine. Is there any significant performance impact due to calling CryptAcquireCertificatePrivateKey twice? >>>> Thanks. >>>> >>>>> On 16 Aug 2016, at 13:56, Ivan Gerasimov wrote: >>>>> >>>>> A gentle reminder. >>>>> >>>>> Would you please help review at your convenience. >>>>> >>>>> With kind regards, >>>>> Ivan >>>>> >>>>> >>>>> On 09.08.2016 12:27, Ivan Gerasimov wrote: >>>>>> Hello! >>>>>> >>>>>> In order to reduce the number of popup dialog windows during accessing the smartcard, it is proposed to first do a silent "probe" step. >>>>>> Only if this probe succeeded, or if it failed due to that SILENT flag, we'll try to re-acquire the key normally (i.e. not silently). >>>>>> >>>>>> Would you please help review this proposal? >>>>>> >>>>>> BUGURL:https://bugs.openjdk.java.net/browse/JDK-8153438 >>>>>> WEBREV:http://cr.openjdk.java.net/~igerasim/8153438/00/webrev/ >>>>>> >>>>>> With kind regards, >>>>>> Ivan >>>>>> >>>>>> >>> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From vincent.x.ryan at oracle.com Wed Aug 17 11:10:40 2016 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Wed, 17 Aug 2016 12:10:40 +0100 Subject: [9] RFR 8078661: [SunPKCS11] Fails to cast into RSAPrivateCrtKey after RSA KeyPair Generation In-Reply-To: References: Message-ID: Your fix looks good to me. Thanks. > On 17 Aug 2016, at 02:24, Valerie Peng wrote: > > > Anyone has time to review a straightforward fix? The current PKCS11 code assume that if public exponent is available for RSA Private Key, then it's a RSA CRT key. However, not all vendor implementation works this way. Changing to a tighter check and did minor code-refactoring to avoid re-retrieving the attribute values. > > Bug: https://bugs.openjdk.java.net/browse/JDK-8078661 > Webrev: http://cr.openjdk.java.net/~valeriep/8078661/webrev.00/ > > Thanks, > Valerie From sean.mullan at oracle.com Wed Aug 17 16:18:49 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Wed, 17 Aug 2016 12:18:49 -0400 Subject: RFR: 8164071: Default.policy file missing content for solaris Message-ID: Please review this simple fix to append the solaris default.policy file to the overall default.policy file. Bug: https://bugs.openjdk.java.net/browse/JDK-8164071 diff -r 551f7617b2c0 make/copy/Copy-java.base.gmk --- a/make/copy/Copy-java.base.gmk Wed Aug 17 10:08:18 2016 +0800 +++ b/make/copy/Copy-java.base.gmk Wed Aug 17 12:17:19 2016 -0400 @@ -185,6 +185,8 @@ ifeq ($(OPENJDK_TARGET_OS), windows) DEF_POLICY_SRC_LIST += $(JDK_TOPDIR)/src/java.base/$(OPENJDK_TARGET_OS)/lib/security/default.policy +else ifeq ($(OPENJDK_TARGET_OS), solaris) + DEF_POLICY_SRC_LIST += $(JDK_TOPDIR)/src/java.base/$(OPENJDK_TARGET_OS)/lib/security/default.policy endif # Allow imported modules to modify the java.policy Thanks, Sean From erik.joelsson at oracle.com Wed Aug 17 16:33:52 2016 From: erik.joelsson at oracle.com (Erik Joelsson) Date: Wed, 17 Aug 2016 18:33:52 +0200 Subject: RFR: 8164071: Default.policy file missing content for solaris In-Reply-To: References: Message-ID: <7c8dae94-4f67-d176-c39e-22f1cc12aa6a@oracle.com> Hello Sean, The change looks ok, but it could also be expressed like this to avoid duplication: ifneq ($(filter $(OPENJDK_TARGET_OS), windows solaris), ) DEF_POLICY_SRC_LIST += $(JDK_TOPDIR)/src/java.base/$(OPENJDK_TARGET_OS)/lib/security/default.policy endif /Erik On 2016-08-17 18:18, Sean Mullan wrote: > Please review this simple fix to append the solaris default.policy > file to the overall default.policy file. > > Bug: https://bugs.openjdk.java.net/browse/JDK-8164071 > > diff -r 551f7617b2c0 make/copy/Copy-java.base.gmk > --- a/make/copy/Copy-java.base.gmk Wed Aug 17 10:08:18 2016 +0800 > +++ b/make/copy/Copy-java.base.gmk Wed Aug 17 12:17:19 2016 -0400 > @@ -185,6 +185,8 @@ > > ifeq ($(OPENJDK_TARGET_OS), windows) > DEF_POLICY_SRC_LIST += > $(JDK_TOPDIR)/src/java.base/$(OPENJDK_TARGET_OS)/lib/security/default.policy > +else ifeq ($(OPENJDK_TARGET_OS), solaris) > + DEF_POLICY_SRC_LIST += > $(JDK_TOPDIR)/src/java.base/$(OPENJDK_TARGET_OS)/lib/security/default.policy > > endif > > # Allow imported modules to modify the java.policy > > > Thanks, > Sean From alexandre.iline at oracle.com Wed Aug 17 16:40:58 2016 From: alexandre.iline at oracle.com (Alexandre (Shura) Iline) Date: Wed, 17 Aug 2016 09:40:58 -0700 Subject: RFR: 8163126 Wrong @modules in some of jdk/* tests In-Reply-To: <8D77C9ED-BA5E-4F94-BE2D-C73E418C666F@oracle.com> References: <242C9427-C6B3-4E06-AA8A-708AA670CADE@oracle.com> <3b1f5d47-e64f-1f46-1486-889fa823841c@oracle.com> <8D77C9ED-BA5E-4F94-BE2D-C73E418C666F@oracle.com> Message-ID: <4371BA82-A2A1-4AC5-8477-F46A589F52E3@oracle.com> Thank you! Fixed in place: http://cr.openjdk.java.net/~shurailine/8163126/webrev.00/test/jdk/security/jarsigner/Spec.java.sdiff.html Shura > On Aug 16, 2016, at 6:48 PM, Wang Weijun wrote: > > >> On Aug 17, 2016, at 9:26 AM, Alexandre (Shura) Iline wrote: >> >> Before the suggested fix, the test in question would fail on a system with no jdk.crypto.pkcs11. That could be emulated by: >> $ jtreg ... -javaoptions:"-limitmods jdk.jartool" jdk/security/jarsigner/Spec.java >> ... >> FAILED: jdk/security/jarsigner/Spec.java >> ... >> $ jtreg ... -javaoptions:"-limitmods jdk.jartool,jdk.crypto.pkcs11" jdk/security/jarsigner/Spec.java >> ... >> Passed: jdk/security/jarsigner/Spec.java >> ... >> $ > > Thanks very much for the detailed answer. > > Just a small suggestion: Can you try using jdk.crypto.ec module instead? It also provides all EC-related algorithms and it is available and loaded out-of-box on all platforms? > > --Max > From sean.mullan at oracle.com Wed Aug 17 16:43:46 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Wed, 17 Aug 2016 12:43:46 -0400 Subject: RFR: 8164071: Default.policy file missing content for solaris In-Reply-To: <7c8dae94-4f67-d176-c39e-22f1cc12aa6a@oracle.com> References: <7c8dae94-4f67-d176-c39e-22f1cc12aa6a@oracle.com> Message-ID: <57B49442.6090406@oracle.com> On 8/17/2016 12:33 PM, Erik Joelsson wrote: > Hello Sean, > > The change looks ok, but it could also be expressed like this to avoid > duplication: > > ifneq ($(filter $(OPENJDK_TARGET_OS), windows solaris), ) > DEF_POLICY_SRC_LIST += > $(JDK_TOPDIR)/src/java.base/$(OPENJDK_TARGET_OS)/lib/security/default.policy > endif Thanks. However, shouldn't that be "ifeq" and not "ifneq"? --Sean > > > /Erik > > On 2016-08-17 18:18, Sean Mullan wrote: >> Please review this simple fix to append the solaris default.policy >> file to the overall default.policy file. >> >> Bug: https://bugs.openjdk.java.net/browse/JDK-8164071 >> >> diff -r 551f7617b2c0 make/copy/Copy-java.base.gmk >> --- a/make/copy/Copy-java.base.gmk Wed Aug 17 10:08:18 2016 +0800 >> +++ b/make/copy/Copy-java.base.gmk Wed Aug 17 12:17:19 2016 -0400 >> @@ -185,6 +185,8 @@ >> >> ifeq ($(OPENJDK_TARGET_OS), windows) >> DEF_POLICY_SRC_LIST += >> $(JDK_TOPDIR)/src/java.base/$(OPENJDK_TARGET_OS)/lib/security/default.policy >> +else ifeq ($(OPENJDK_TARGET_OS), solaris) >> + DEF_POLICY_SRC_LIST += >> $(JDK_TOPDIR)/src/java.base/$(OPENJDK_TARGET_OS)/lib/security/default.policy >> >> endif >> >> # Allow imported modules to modify the java.policy >> >> >> Thanks, >> Sean > From erik.joelsson at oracle.com Wed Aug 17 16:48:52 2016 From: erik.joelsson at oracle.com (Erik Joelsson) Date: Wed, 17 Aug 2016 18:48:52 +0200 Subject: RFR: 8164071: Default.policy file missing content for solaris In-Reply-To: <57B49442.6090406@oracle.com> References: <7c8dae94-4f67-d176-c39e-22f1cc12aa6a@oracle.com> <57B49442.6090406@oracle.com> Message-ID: On 2016-08-17 18:43, Sean Mullan wrote: > > On 8/17/2016 12:33 PM, Erik Joelsson wrote: >> Hello Sean, >> >> The change looks ok, but it could also be expressed like this to >> avoid duplication: >> >> ifneq ($(filter $(OPENJDK_TARGET_OS), windows solaris), ) >> DEF_POLICY_SRC_LIST += >> $(JDK_TOPDIR)/src/java.base/$(OPENJDK_TARGET_OS)/lib/security/default.policy >> endif > Thanks. However, shouldn't that be "ifeq" and not "ifneq"? > Actually no, if OPENJDK_TARGET_OS is either windows or solaris, the filter function will return exactly that, otherwise it will return empty. The if(n)eq compares the result of filter to the empty string. This construct is a bit convoluted but is our standard construct for this situation. /Erik > --Sean >> >> >> /Erik >> >> On 2016-08-17 18:18, Sean Mullan wrote: >>> Please review this simple fix to append the solaris default.policy >>> file to the overall default.policy file. >>> >>> Bug: https://bugs.openjdk.java.net/browse/JDK-8164071 >>> >>> diff -r 551f7617b2c0 make/copy/Copy-java.base.gmk >>> --- a/make/copy/Copy-java.base.gmk Wed Aug 17 10:08:18 2016 +0800 >>> +++ b/make/copy/Copy-java.base.gmk Wed Aug 17 12:17:19 2016 -0400 >>> @@ -185,6 +185,8 @@ >>> >>> ifeq ($(OPENJDK_TARGET_OS), windows) >>> DEF_POLICY_SRC_LIST += >>> $(JDK_TOPDIR)/src/java.base/$(OPENJDK_TARGET_OS)/lib/security/default.policy >>> +else ifeq ($(OPENJDK_TARGET_OS), solaris) >>> + DEF_POLICY_SRC_LIST += >>> $(JDK_TOPDIR)/src/java.base/$(OPENJDK_TARGET_OS)/lib/security/default.policy >>> >>> endif >>> >>> # Allow imported modules to modify the java.policy >>> >>> >>> Thanks, >>> Sean >> > From sean.coffey at oracle.com Wed Aug 17 16:53:47 2016 From: sean.coffey at oracle.com (=?UTF-8?Q?Se=c3=a1n_Coffey?=) Date: Wed, 17 Aug 2016 17:53:47 +0100 Subject: RFR: (XS) 8162916:Test sun/security/krb5/auto/UnboundSSL.java fails Message-ID: <57B4969B.4030904@oracle.com> A recently added test case lacks sufficient permissions to read a conf file when running with security manager. bug report : https://bugs.openjdk.java.net/browse/JDK-8162916 proposed patch : diff --git a/test/sun/security/krb5/auto/unbound.ssl.policy b/test/sun/security/krb5/auto/unbound.ssl.policy --- a/test/sun/security/krb5/auto/unbound.ssl.policy +++ b/test/sun/security/krb5/auto/unbound.ssl.policy @@ -1,7 +1,13 @@ +// Standard extensions get all permissions by default + +grant codeBase "file:${{java.ext.dirs}}/*" { + permission java.security.AllPermission; +}; + grant { permission java.util.PropertyPermission "*", "read,write"; permission java.net.SocketPermission "*:*", "listen,resolve,accept,connect"; - permission java.io.FilePermission "*", "read,write,delete"; + permission java.io.FilePermission "<>", "read,write,delete"; permission java.lang.RuntimePermission "accessDeclaredMembers"; permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; permission java.lang.RuntimePermission "accessClassInPackage.*"; -- Regards, Sean. From mstjohns at comcast.net Wed Aug 17 16:55:09 2016 From: mstjohns at comcast.net (Michael StJohns) Date: Wed, 17 Aug 2016 12:55:09 -0400 Subject: [9] RFR 8078661: [SunPKCS11] Fails to cast into RSAPrivateCrtKey after RSA KeyPair Generation In-Reply-To: References: Message-ID: On 8/16/2016 9:24 PM, Valerie Peng wrote: > > Anyone has time to review a straightforward fix? The current PKCS11 > code assume that if public exponent is available for RSA Private Key, > then it's a RSA CRT key. However, not all vendor implementation works > this way. Changing to a tighter check and did minor code-refactoring > to avoid re-retrieving the attribute values. > > Bug: https://bugs.openjdk.java.net/browse/JDK-8078661 > Webrev: http://cr.openjdk.java.net/~valeriep/8078661/webrev.00/ > > Thanks, > Valerie Given that there's a change to PKCS11 for 2.40 that says that all RSA private key objects MUST also store CKA_PUBLIC_EXPONENT, some change needed to be made. Sorry - I don't think this fix will work. Or if its working on your version of PKCS11, your version of PKCS11 is doing it wrong. The problem is that if you specify attributes that don't exist on the object, the underlying PKCS11 library is supposed to return CKR_ATTRIBUTE_TYPE_INVALID. And that should trigger a thrown exception before you ever get anything copied to your attributes. 1) Get modulus and private exponent first. That gives you the stuff for a generic RSA private key - and if it fails, there's no reason to continue. 2) Then get the rest of the stuff. If that fails, then you already have the stuff you need for a normal private key. > boolean crtKey; > try { > session.token.p11.C_GetAttributeValue > (session.id(), keyID, attrs2); > - crtKey = (attrs2[0].pValue instanceof byte[]); > + crtKey = ((attrs2[1].pValue instanceof byte[]) && > + (attrs2[3].pValue instanceof byte[]) && > + (attrs2[4].pValue instanceof byte[]) && > + (attrs2[5].pValue instanceof byte[]) && > + (attrs2[6].pValue instanceof byte[]) && > + (attrs2[7].pValue instanceof byte[])) ; > } catch (PKCS11Exception e) { > // ignore, assume not available > crtKey = false; > } // Change attrs2 so it only has the additional CRT attributes (e.g. delete CKA_MODULUS, CKA_PRIVATE_EXPONENT from the list Replace the above with CK_ATTRIBUTE[] attrs3 = new CK_ATTRIBUTE[] { new CK_ATTRIBUTE(CKA_MODULUS), new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT) }; // no try block needed here - we want to throw the error if it occurs session.token.p11.C_GetAttributeValue (session.id(), keyID, attrs3); // So far so good - we have the base attributes, let's see if we can get the additional attributes; try { session.token.p11.C_GetAttributeValue(session.id(),keyID, attrs2); } catch (PKCS11Exception e) { // we really should check the return value for one of the non-fatal values, but let's just assume its not a CRT key return new P11RSAPrivateNonCRTKey (session, keyID, algorithm, keyLength, attrs2, attrs3); } // if we fall through then its a CRT key // -- we should check for byte[] ness of each of the components, and throw an error if they arent - but which error? return new P11RSAPrivateKey (session, keyID, algorithm, keyLength, attrs2, attrs3); // there are cleanups necessary in other places. I'd suggest rather than depending on the ordering of attributes, you do assignment by CKA_ values just so someone coming later doesn't mess things up by mistake. Also, a hell of a lot more readable. static CK_ATTRIBUTE getAttribute (CK_ATTRIBUTE[] attrs, long attrType) { for (CK_ATTRIBUTE a : attrs) { if (a.type == attrType) return a; } return null; // or throw something? } coeff = getAtttribute(attrs,CKA_COEFFICIENT).getBigInteger(); The other possibility is to change the C code for C_GetAttributeValues so it doesn't error out for the non-fatal error codes and instead returns a null value attribute when the attribute is missing. Mike -------------- next part -------------- An HTML attachment was scrubbed... URL: From artem.smotrakov at oracle.com Wed Aug 17 17:10:41 2016 From: artem.smotrakov at oracle.com (Artem Smotrakov) Date: Wed, 17 Aug 2016 10:10:41 -0700 Subject: RFR: (XS) 8162916:Test sun/security/krb5/auto/UnboundSSL.java fails In-Reply-To: <57B4969B.4030904@oracle.com> References: <57B4969B.4030904@oracle.com> Message-ID: <0ee91f5b-bcd5-7c93-d99d-13c00797d8f3@oracle.com> Hi Sean, If I remember correctly, there is no ext directory in JDK 9 any more. I don't see in jtr file that "java.ext.dirs" system property is passed to the test. If I understand correctly, "file:${{java.ext.dirs}}/*" becomes "file:/*" which seems to grand all permissions to all the code. It doesn't look correct for this test. It looks like the test overrides the default policy, please see in jtr file -Djava.security.policy==/export/home/gtee/scripts/Results/workDir/scratch_2/unbound.ssl.policy_new \\ If I recall correctly, there should be a way to specify a policy file in @run without overriding the default one. May be it is "@run main/othervm/java.security.policy=unbound.ssl.policy_new" Artem On 08/17/2016 09:53 AM, Se?n Coffey wrote: > A recently added test case lacks sufficient permissions to read a conf > file when running with security manager. > > bug report : https://bugs.openjdk.java.net/browse/JDK-8162916 > > proposed patch : > diff --git a/test/sun/security/krb5/auto/unbound.ssl.policy > b/test/sun/security/krb5/auto/unbound.ssl.policy > --- a/test/sun/security/krb5/auto/unbound.ssl.policy > +++ b/test/sun/security/krb5/auto/unbound.ssl.policy > @@ -1,7 +1,13 @@ > +// Standard extensions get all permissions by default > + > +grant codeBase "file:${{java.ext.dirs}}/*" { > + permission java.security.AllPermission; > +}; > + > grant { > permission java.util.PropertyPermission "*", "read,write"; > permission java.net.SocketPermission "*:*", > "listen,resolve,accept,connect"; > - permission java.io.FilePermission "*", "read,write,delete"; > + permission java.io.FilePermission "<>", > "read,write,delete"; > permission java.lang.RuntimePermission "accessDeclaredMembers"; > permission java.lang.reflect.ReflectPermission > "suppressAccessChecks"; > permission java.lang.RuntimePermission "accessClassInPackage.*"; > From sean.coffey at oracle.com Wed Aug 17 17:12:56 2016 From: sean.coffey at oracle.com (=?UTF-8?Q?Se=c3=a1n_Coffey?=) Date: Wed, 17 Aug 2016 18:12:56 +0100 Subject: RFR: (XS) 8162916:Test sun/security/krb5/auto/UnboundSSL.java fails In-Reply-To: <0ee91f5b-bcd5-7c93-d99d-13c00797d8f3@oracle.com> References: <57B4969B.4030904@oracle.com> <0ee91f5b-bcd5-7c93-d99d-13c00797d8f3@oracle.com> Message-ID: <57B49B18.3030505@oracle.com> Hi Artem, Sorry - should have said that this is for jdk8u-dev. The bug is marked 9-na. The provider loading changes made in this area for 9 mean that it's not affected. Regards, Sean. On 17/08/16 18:10, Artem Smotrakov wrote: > Hi Sean, > > If I remember correctly, there is no ext directory in JDK 9 any more. > > I don't see in jtr file that "java.ext.dirs" system property is passed > to the test. If I understand correctly, "file:${{java.ext.dirs}}/*" > becomes "file:/*" which seems to grand all permissions to all the > code. It doesn't look correct for this test. > > It looks like the test overrides the default policy, please see in jtr > file > > -Djava.security.policy==/export/home/gtee/scripts/Results/workDir/scratch_2/unbound.ssl.policy_new > \\ > > If I recall correctly, there should be a way to specify a policy file > in @run without overriding the default one. May be it is "@run > main/othervm/java.security.policy=unbound.ssl.policy_new" > > Artem > > > On 08/17/2016 09:53 AM, Se?n Coffey wrote: >> A recently added test case lacks sufficient permissions to read a >> conf file when running with security manager. >> >> bug report : https://bugs.openjdk.java.net/browse/JDK-8162916 >> >> proposed patch : >> diff --git a/test/sun/security/krb5/auto/unbound.ssl.policy >> b/test/sun/security/krb5/auto/unbound.ssl.policy >> --- a/test/sun/security/krb5/auto/unbound.ssl.policy >> +++ b/test/sun/security/krb5/auto/unbound.ssl.policy >> @@ -1,7 +1,13 @@ >> +// Standard extensions get all permissions by default >> + >> +grant codeBase "file:${{java.ext.dirs}}/*" { >> + permission java.security.AllPermission; >> +}; >> + >> grant { >> permission java.util.PropertyPermission "*", "read,write"; >> permission java.net.SocketPermission "*:*", >> "listen,resolve,accept,connect"; >> - permission java.io.FilePermission "*", "read,write,delete"; >> + permission java.io.FilePermission "<>", >> "read,write,delete"; >> permission java.lang.RuntimePermission "accessDeclaredMembers"; >> permission java.lang.reflect.ReflectPermission >> "suppressAccessChecks"; >> permission java.lang.RuntimePermission "accessClassInPackage.*"; >> > From artem.smotrakov at oracle.com Wed Aug 17 17:18:48 2016 From: artem.smotrakov at oracle.com (Artem Smotrakov) Date: Wed, 17 Aug 2016 10:18:48 -0700 Subject: RFR: (XS) 8162916:Test sun/security/krb5/auto/UnboundSSL.java fails In-Reply-To: <57B49B18.3030505@oracle.com> References: <57B4969B.4030904@oracle.com> <0ee91f5b-bcd5-7c93-d99d-13c00797d8f3@oracle.com> <57B49B18.3030505@oracle.com> Message-ID: <27699872-c744-7ae6-249b-c3562c5a882e@oracle.com> Sorry, my bad, I didn't notice '9-na' label. I suppose that code from ext directory should have all permissions: artem at artem-laptop:$ cat ~/jdk/jdk1.8.0_92b14/jre/lib/security/java.policy // Standard extensions get all permissions by default grant codeBase "file:${{java.ext.dirs}}/*" { permission java.security.AllPermission; }; // default permissions granted to all domains ... I am wondering if it would be better it the test didn't override the default policy. Artem On 08/17/2016 10:12 AM, Se?n Coffey wrote: > Hi Artem, > > Sorry - should have said that this is for jdk8u-dev. The bug is marked > 9-na. The provider loading changes made in this area for 9 mean that > it's not affected. > > Regards, > Sean. > > On 17/08/16 18:10, Artem Smotrakov wrote: >> Hi Sean, >> >> If I remember correctly, there is no ext directory in JDK 9 any more. >> >> I don't see in jtr file that "java.ext.dirs" system property is >> passed to the test. If I understand correctly, >> "file:${{java.ext.dirs}}/*" becomes "file:/*" which seems to grand >> all permissions to all the code. It doesn't look correct for this test. >> >> It looks like the test overrides the default policy, please see in >> jtr file >> >> -Djava.security.policy==/export/home/gtee/scripts/Results/workDir/scratch_2/unbound.ssl.policy_new >> \\ >> >> If I recall correctly, there should be a way to specify a policy file >> in @run without overriding the default one. May be it is "@run >> main/othervm/java.security.policy=unbound.ssl.policy_new" >> >> Artem >> >> >> On 08/17/2016 09:53 AM, Se?n Coffey wrote: >>> A recently added test case lacks sufficient permissions to read a >>> conf file when running with security manager. >>> >>> bug report : https://bugs.openjdk.java.net/browse/JDK-8162916 >>> >>> proposed patch : >>> diff --git a/test/sun/security/krb5/auto/unbound.ssl.policy >>> b/test/sun/security/krb5/auto/unbound.ssl.policy >>> --- a/test/sun/security/krb5/auto/unbound.ssl.policy >>> +++ b/test/sun/security/krb5/auto/unbound.ssl.policy >>> @@ -1,7 +1,13 @@ >>> +// Standard extensions get all permissions by default >>> + >>> +grant codeBase "file:${{java.ext.dirs}}/*" { >>> + permission java.security.AllPermission; >>> +}; >>> + >>> grant { >>> permission java.util.PropertyPermission "*", "read,write"; >>> permission java.net.SocketPermission "*:*", >>> "listen,resolve,accept,connect"; >>> - permission java.io.FilePermission "*", "read,write,delete"; >>> + permission java.io.FilePermission "<>", >>> "read,write,delete"; >>> permission java.lang.RuntimePermission "accessDeclaredMembers"; >>> permission java.lang.reflect.ReflectPermission >>> "suppressAccessChecks"; >>> permission java.lang.RuntimePermission "accessClassInPackage.*"; >>> >> > From rajan.halade at oracle.com Wed Aug 17 17:54:31 2016 From: rajan.halade at oracle.com (Rajan Halade) Date: Wed, 17 Aug 2016 10:54:31 -0700 Subject: RFR: 9: 8164229: Redundant "sun/net/www/protocol/https" tests in jdk_security3 group Message-ID: <191bdeb1-a52d-ac36-e331-64eebd060b2d@oracle.com> sun/net/www/protocol/https tests are redundant in jdk_security3 group, these are included in jdk_net group. Webrev: http://cr.openjdk.java.net/~rhalade/8164229/webrev.00/ Thanks, Rajan From artem.smotrakov at oracle.com Wed Aug 17 18:29:23 2016 From: artem.smotrakov at oracle.com (Artem Smotrakov) Date: Wed, 17 Aug 2016 11:29:23 -0700 Subject: [9] RFR: 8164100: com/sun/crypto/provider/KeyFactory/TestProviderLeak.java fails with java.util.concurrent.TimeoutException Message-ID: <177be901-0377-a912-6ee4-2684e31e710a@oracle.com> Hello, Please review the following patch for com/sun/crypto/provider/KeyFactory/TestProviderLeak.java test. This is a request to make the test take into account a test timeout factor. Timeout factor can be specified with "-timeout" jtreg's command line option. This option is used in some test runs to make test runs more stable (for example, VM SQE uses it while running regression tests with different JVM options). Bug: https://bugs.openjdk.java.net/browse/JDK-8164100 Webrev: http://cr.openjdk.java.net/~asmotrak/8164100/webrev.00/ Artem From chris.hegarty at oracle.com Wed Aug 17 18:36:49 2016 From: chris.hegarty at oracle.com (Chris Hegarty) Date: Wed, 17 Aug 2016 19:36:49 +0100 Subject: RFR: 9: 8164229: Redundant "sun/net/www/protocol/https" tests in jdk_security3 group In-Reply-To: <191bdeb1-a52d-ac36-e331-64eebd060b2d@oracle.com> References: <191bdeb1-a52d-ac36-e331-64eebd060b2d@oracle.com> Message-ID: On 17 Aug 2016, at 18:54, Rajan Halade wrote: > > sun/net/www/protocol/https tests are redundant in jdk_security3 group, these are included in jdk_net group. Yes they are, but it is very important that anyone touching TLS verify that HTTPS still works. If the jdk_net tests will be run to verity such changes, then this should be fine. Out of curiosity, how many tests are in sun/net/www/protocol/https, and approximately how long do they run for? -Chris. From bradford.wetmore at oracle.com Wed Aug 17 18:52:16 2016 From: bradford.wetmore at oracle.com (Bradford Wetmore) Date: Wed, 17 Aug 2016 11:52:16 -0700 Subject: [9] RFR 6877937: The SunJCE PBKDF2KeyImpl is requiring the MAC instance also be from SunJCE. In-Reply-To: <75EC098D-BE36-410D-AE23-D7BC75021283@oracle.com> References: <75EC098D-BE36-410D-AE23-D7BC75021283@oracle.com> Message-ID: Looks ok, probably better than the initial proposed fix from April 2014. Brad On 8/11/2016 4:55 AM, Vincent Ryan wrote: > Please review this change to unpin the Mac implementation from the > SunJCE provider. > Since the Mac is a private field there are no issues > regarding Clonable implementations for Mac or its MessageDigest. > Thanks. > > Bug: https://bugs.openjdk.java.net/browse/JDK-6977937 > > *diff --git > a/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java > b/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java* > *--- > a/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java* > *+++ > b/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java* > @@ -107,7 +107,7 @@ > throw new InvalidKeySpecException("Key length is negative"); > } > try { > - this.prf = Mac.getInstance(prfAlgo, SunJCE.getInstance()); > + this.prf = Mac.getInstance(prfAlgo); > } catch (NoSuchAlgorithmException nsae) { > // not gonna happen; re-throw just in case > InvalidKeySpecException ike = new InvalidKeySpecException(); From rajan.halade at oracle.com Wed Aug 17 18:52:26 2016 From: rajan.halade at oracle.com (Rajan Halade) Date: Wed, 17 Aug 2016 11:52:26 -0700 Subject: RFR: 9: 8164229: Redundant "sun/net/www/protocol/https" tests in jdk_security3 group In-Reply-To: References: <191bdeb1-a52d-ac36-e331-64eebd060b2d@oracle.com> Message-ID: On 8/17/16 11:36 AM, Chris Hegarty wrote: > On 17 Aug 2016, at 18:54, Rajan Halade wrote: >> sun/net/www/protocol/https tests are redundant in jdk_security3 group, these are included in jdk_net group. > Yes they are, but it is very important that anyone touching TLS verify > that HTTPS still works. If the jdk_net tests will be run to verity > such changes, then this should be fine. Yes, these are useful tests to run with https changes. I don't think they need to be duplicated in jdk_security group as jdk_security and jdk_net are part of core tests and with continuous integration system in place to run all tests with each changeset, this duplication is not required. > > Out of curiosity, how many tests are in sun/net/www/protocol/https, > and approximately how long do they run for? There are 27 tests and I see each of those finish within seconds (max I saw was 8 secs for ReadTimeout.java). Thanks, Rajan > > -Chris. > From anthony.scarpino at oracle.com Wed Aug 17 20:11:46 2016 From: anthony.scarpino at oracle.com (Anthony Scarpino) Date: Wed, 17 Aug 2016 13:11:46 -0700 Subject: RFR: 8156192: Provider#compute and #merge methods expect wrong permission & #compute ClassCastException even with wrong permission. Message-ID: <57B4C502.7000106@oracle.com> Hi, I need a simple review on fixing some cut-n-paste errors that the JCK tests found. I didn't include the tests because the functionality is covered by the JCK tests and I don't feel typos need a regression test. http://cr.openjdk.java.net/~ascarpino/8156192/webrev/ Tony From sean.mullan at oracle.com Wed Aug 17 20:47:58 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Wed, 17 Aug 2016 16:47:58 -0400 Subject: RFR: 8156192: Provider#compute and #merge methods expect wrong permission & #compute ClassCastException even with wrong permission. In-Reply-To: <57B4C502.7000106@oracle.com> References: <57B4C502.7000106@oracle.com> Message-ID: <673529b2-f7d7-2596-7d9f-e4113164c50b@oracle.com> Looks fine to me. --Sean On 08/17/2016 04:11 PM, Anthony Scarpino wrote: > Hi, > > I need a simple review on fixing some cut-n-paste errors that the JCK > tests found. > > I didn't include the tests because the functionality is covered by the > JCK tests and I don't feel typos need a regression test. > > http://cr.openjdk.java.net/~ascarpino/8156192/webrev/ > > Tony > From anthony.scarpino at oracle.com Wed Aug 17 20:48:41 2016 From: anthony.scarpino at oracle.com (Anthony Scarpino) Date: Wed, 17 Aug 2016 13:48:41 -0700 Subject: RFR: 8156192: Provider#compute and #merge methods expect wrong permission & #compute ClassCastException even with wrong permission. In-Reply-To: <673529b2-f7d7-2596-7d9f-e4113164c50b@oracle.com> References: <57B4C502.7000106@oracle.com> <673529b2-f7d7-2596-7d9f-e4113164c50b@oracle.com> Message-ID: <57B4CDA9.9080801@oracle.com> Thanks Tony On 08/17/2016 01:47 PM, Sean Mullan wrote: > Looks fine to me. > > --Sean > > On 08/17/2016 04:11 PM, Anthony Scarpino wrote: >> Hi, >> >> I need a simple review on fixing some cut-n-paste errors that the JCK >> tests found. >> >> I didn't include the tests because the functionality is covered by the >> JCK tests and I don't feel typos need a regression test. >> >> http://cr.openjdk.java.net/~ascarpino/8156192/webrev/ >> >> Tony >> From bradford.wetmore at oracle.com Wed Aug 17 23:22:58 2016 From: bradford.wetmore at oracle.com (Bradford Wetmore) Date: Wed, 17 Aug 2016 16:22:58 -0700 Subject: RFR: 8061842: Package jurisdiction policy files as something other than JAR In-Reply-To: <53680482-2bbf-710f-071d-4277c2d985d7@oracle.com> References: <65380927-0e9e-c887-8537-b375733e5c0f@oracle.com> <53680482-2bbf-710f-071d-4277c2d985d7@oracle.com> Message-ID: <2d5572f1-5dc8-726a-9f44-2eed573f6157@oracle.com> New webrev: https://bugs.openjdk.java.net/browse/JDK-8061842 http://cr.openjdk.java.net/~wetmore/8061842/webrev.01/ On 8/10/2016 11:19 AM, Sean Mullan wrote: > Hi Brad, > > Looks pretty good. You should also send this to build-dev to review the > Makefile changes. Just a few comments: > > - src/java.base/share/conf/security/policy/README.txt > > 17 contain no restrictions on cryptographic strengths, but they must > > s/must/must be/ Ok. > 18 specifically activated by updating the "crypto.policy" entry in the > > s/entry/Security property/ Ok. I've updated to: ---begin--- specifically activated by updating the "crypto.policy" Security property (e.g. /conf/security/java.security) to point to the appropriate directory. ----end--- > 33 Please see The Java(TM) Cryptography Architecture (JCA) Reference > > Is "TM" really necessary here? It was required in previous versions of the unlimited crypto policy bundle. We could run it by PM if you feel we should. > src/java.base/share/conf/security/policy/unlimited/default_US_export.policy > > 1 // Manufacturing policy file. > > The term "Manufacturing" is odd. Can we just say this is the "Default > local policy file"? Sure. > - src/java.base/share/conf/security/java.security > > 854 crypto.policy=policydir-tbd > > The policydir-tbd value is a little confusing in that it isn't a real > value. What about just setting this to the empty string? It's a similar marker for the string replacement like was done for security.provider.tbd. I could change it to be delineated with <>: "" if you like? > - src/java.base/share/classes/javax/crypto/JceSecurity.java > > 255 String cryptoPolicyDir = > Security.getProperty("crypto.policy"); > 256 Path cryptoPolicyPath = Paths.get(cryptoPolicyDir); > > What happens if crypto.policy is not set or is set to ""? Good catch. Not set would NPE, "" would simply look at /conf/security/policy and fail to iterate the directory if no files were actually there. I've added code for both those conditions, and also switched to use Path.resolve(). > 302 // I/O error encounted during the iteration, > > s/encounted/encountered/ Thanks! Brad > --Sean > > On 08/04/2016 03:35 PM, Bradford Wetmore wrote: >> https://bugs.openjdk.java.net/browse/JDK-8061842 >> http://cr.openjdk.java.net/~wetmore/8061842/webrev.00/ >> >> The proposal is to move the configuration files from the jar files in >> /lib/security to a series of subdirectories under a new >> "policy" subdirectory in /conf/security. Each subdirectory >> within that directory will represent a complete policy configuration. >> The existing jar files will be split into flat text files such that the >> current/existing policies remain. >> >> The default set of policy files (i.e. directory) is configured using a >> new java.security.Security property called "crypto.policy" which will be >> added to the /conf/security/java.security file. The default >> initial options are "limited" or "unlimited", however additional >> directories could potentially be created that specify other >> as-yet-unknown policies. >> >> The default value of this property will be "limited" which corresponds >> to our current policy for JRE/JDK export/import around the world. >> However, the build respects the following "configure" option: >> >> --enable-unlimited-crypto >> Enable unlimited crypto policy [disabled] >> >> Within the directory, our implementation will look for files using the >> standard filename prefix above ("default_" or "exempt_"), thus new >> additional policy restrictions/abstractions can be added with a simple >> file addition. >> >> Brad >> From valerie.peng at oracle.com Thu Aug 18 02:31:10 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Wed, 17 Aug 2016 19:31:10 -0700 Subject: [9] RFR 8078661: [SunPKCS11] Fails to cast into RSAPrivateCrtKey after RSA KeyPair Generation In-Reply-To: References:

Message-ID: <12ea9fa0-b166-ad89-17cc-80dcb40865f0@oracle.com> Thanks for the input. SunPKCS11 provider always generate RSA CRT keys if I recall correctly, so it's hard to test the non-CRT scenarios. Thus, I made the changes basing on the suggestions in the bug report. I will update the webrev accordingly. Valerie On 8/17/2016 9:55 AM, Michael StJohns wrote: > On 8/16/2016 9:24 PM, Valerie Peng wrote: >> >> Anyone has time to review a straightforward fix? The current PKCS11 >> code assume that if public exponent is available for RSA Private Key, >> then it's a RSA CRT key. However, not all vendor implementation works >> this way. Changing to a tighter check and did minor code-refactoring >> to avoid re-retrieving the attribute values. >> >> Bug: https://bugs.openjdk.java.net/browse/JDK-8078661 >> Webrev: http://cr.openjdk.java.net/~valeriep/8078661/webrev.00/ >> >> Thanks, >> Valerie > > Given that there's a change to PKCS11 for 2.40 that says that all RSA > private key objects MUST also store CKA_PUBLIC_EXPONENT, some change > needed to be made. > > Sorry - I don't think this fix will work. Or if its working on your > version of PKCS11, your version of PKCS11 is doing it wrong. The > problem is that if you specify attributes that don't exist on the > object, the underlying PKCS11 library is supposed to return > CKR_ATTRIBUTE_TYPE_INVALID. And that should trigger a thrown > exception before you ever get anything copied to your attributes. > > 1) Get modulus and private exponent first. That gives you the stuff > for a generic RSA private key - and if it fails, there's no reason to > continue. > > 2) Then get the rest of the stuff. If that fails, then you already > have the stuff you need for a normal private key. > > >> boolean crtKey; >> try { >> session.token.p11.C_GetAttributeValue >> (session.id(), keyID, attrs2); >> - crtKey = (attrs2[0].pValue instanceof byte[]); >> + crtKey = ((attrs2[1].pValue instanceof byte[]) && >> + (attrs2[3].pValue instanceof byte[]) && >> + (attrs2[4].pValue instanceof byte[]) && >> + (attrs2[5].pValue instanceof byte[]) && >> + (attrs2[6].pValue instanceof byte[]) && >> + (attrs2[7].pValue instanceof byte[])) ; >> } catch (PKCS11Exception e) { >> // ignore, assume not available >> crtKey = false; >> } > > // Change attrs2 so it only has the additional CRT attributes (e.g. > delete CKA_MODULUS, CKA_PRIVATE_EXPONENT from the list > > Replace the above with > > CK_ATTRIBUTE[] attrs3 = new CK_ATTRIBUTE[] { > new CK_ATTRIBUTE(CKA_MODULUS), > new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT) > }; > // no try block needed here - we want to throw the error if it occurs > session.token.p11.C_GetAttributeValue (session.id(), keyID, attrs3); > > // So far so good - we have the base attributes, let's see if we can > get the additional attributes; > > try { > session.token.p11.C_GetAttributeValue(session.id(),keyID, attrs2); > } catch (PKCS11Exception e) { > // we really should check the return value for one of the non-fatal > values, but let's just assume its not a CRT key > return new P11RSAPrivateNonCRTKey (session, keyID, algorithm, > keyLength, attrs2, attrs3); > } > > // if we fall through then its a CRT key > // -- we should check for byte[] ness of each of the components, and > throw an error if they arent - but which error? > > return new P11RSAPrivateKey (session, keyID, algorithm, keyLength, > attrs2, attrs3); > > // there are cleanups necessary in other places. I'd suggest rather > than depending on the ordering of attributes, you do assignment by > CKA_ values just so someone coming later doesn't mess things up by > mistake. Also, a hell of a lot more readable. > > static CK_ATTRIBUTE getAttribute (CK_ATTRIBUTE[] attrs, long attrType) { > for (CK_ATTRIBUTE a : attrs) { > if (a.type == attrType) > return a; > } > return null; // or throw something? > } > > > coeff = getAtttribute(attrs,CKA_COEFFICIENT).getBigInteger(); > > > The other possibility is to change the C code for C_GetAttributeValues > so it doesn't error out for the non-fatal error codes and instead > returns a null value attribute when the attribute is missing. > > Mike > -------------- next part -------------- An HTML attachment was scrubbed... URL: From weijun.wang at oracle.com Thu Aug 18 03:11:16 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Thu, 18 Aug 2016 11:11:16 +0800 Subject: RFR: (XS) 8162916:Test sun/security/krb5/auto/UnboundSSL.java fails In-Reply-To: <27699872-c744-7ae6-249b-c3562c5a882e@oracle.com> References: <57B4969B.4030904@oracle.com> <0ee91f5b-bcd5-7c93-d99d-13c00797d8f3@oracle.com> <57B49B18.3030505@oracle.com> <27699872-c744-7ae6-249b-c3562c5a882e@oracle.com> Message-ID: >>> If I recall correctly, there should be a way to specify a policy file >>> in @run without overriding the default one. May be it is "@run >>> main/othervm/java.security.policy=unbound.ssl.policy_new" Yes, I think this should work. I've also just learned about it and don't know from which jtreg it is supported. Hopefully the minimized-required version of jtreg for jdk8u already has it. --Max From valerie.peng at oracle.com Thu Aug 18 03:36:55 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Wed, 17 Aug 2016 20:36:55 -0700 Subject: [9] RFR 8078661: [SunPKCS11] Fails to cast into RSAPrivateCrtKey after RSA KeyPair Generation In-Reply-To: References:

Message-ID: <89d1e859-a988-627d-6b7c-c5ad6f062f18@oracle.com> Regression tests are still running, but thought that I will send the updated webrev out and see if there are more comments. Webrev is updated at: http://cr.openjdk.java.net/~valeriep/8078661/webrev.01/ Thanks, Valerie On 8/17/2016 9:55 AM, Michael StJohns wrote: > On 8/16/2016 9:24 PM, Valerie Peng wrote: >> >> Anyone has time to review a straightforward fix? The current PKCS11 >> code assume that if public exponent is available for RSA Private Key, >> then it's a RSA CRT key. However, not all vendor implementation works >> this way. Changing to a tighter check and did minor code-refactoring >> to avoid re-retrieving the attribute values. >> >> Bug: https://bugs.openjdk.java.net/browse/JDK-8078661 >> Webrev: http://cr.openjdk.java.net/~valeriep/8078661/webrev.00/ >> >> Thanks, >> Valerie > > Given that there's a change to PKCS11 for 2.40 that says that all RSA > private key objects MUST also store CKA_PUBLIC_EXPONENT, some change > needed to be made. > > Sorry - I don't think this fix will work. Or if its working on your > version of PKCS11, your version of PKCS11 is doing it wrong. The > problem is that if you specify attributes that don't exist on the > object, the underlying PKCS11 library is supposed to return > CKR_ATTRIBUTE_TYPE_INVALID. And that should trigger a thrown > exception before you ever get anything copied to your attributes. > > 1) Get modulus and private exponent first. That gives you the stuff > for a generic RSA private key - and if it fails, there's no reason to > continue. > > 2) Then get the rest of the stuff. If that fails, then you already > have the stuff you need for a normal private key. > > >> boolean crtKey; >> try { >> session.token.p11.C_GetAttributeValue >> (session.id(), keyID, attrs2); >> - crtKey = (attrs2[0].pValue instanceof byte[]); >> + crtKey = ((attrs2[1].pValue instanceof byte[]) && >> + (attrs2[3].pValue instanceof byte[]) && >> + (attrs2[4].pValue instanceof byte[]) && >> + (attrs2[5].pValue instanceof byte[]) && >> + (attrs2[6].pValue instanceof byte[]) && >> + (attrs2[7].pValue instanceof byte[])) ; >> } catch (PKCS11Exception e) { >> // ignore, assume not available >> crtKey = false; >> } > > // Change attrs2 so it only has the additional CRT attributes (e.g. > delete CKA_MODULUS, CKA_PRIVATE_EXPONENT from the list > > Replace the above with > > CK_ATTRIBUTE[] attrs3 = new CK_ATTRIBUTE[] { > new CK_ATTRIBUTE(CKA_MODULUS), > new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT) > }; > // no try block needed here - we want to throw the error if it occurs > session.token.p11.C_GetAttributeValue (session.id(), keyID, attrs3); > > // So far so good - we have the base attributes, let's see if we can > get the additional attributes; > > try { > session.token.p11.C_GetAttributeValue(session.id(),keyID, attrs2); > } catch (PKCS11Exception e) { > // we really should check the return value for one of the non-fatal > values, but let's just assume its not a CRT key > return new P11RSAPrivateNonCRTKey (session, keyID, algorithm, > keyLength, attrs2, attrs3); > } > > // if we fall through then its a CRT key > // -- we should check for byte[] ness of each of the components, and > throw an error if they arent - but which error? > > return new P11RSAPrivateKey (session, keyID, algorithm, keyLength, > attrs2, attrs3); > > // there are cleanups necessary in other places. I'd suggest rather > than depending on the ordering of attributes, you do assignment by > CKA_ values just so someone coming later doesn't mess things up by > mistake. Also, a hell of a lot more readable. > > static CK_ATTRIBUTE getAttribute (CK_ATTRIBUTE[] attrs, long attrType) { > for (CK_ATTRIBUTE a : attrs) { > if (a.type == attrType) > return a; > } > return null; // or throw something? > } > > > coeff = getAtttribute(attrs,CKA_COEFFICIENT).getBigInteger(); > > > The other possibility is to change the C code for C_GetAttributeValues > so it doesn't error out for the non-fatal error codes and instead > returns a null value attribute when the attribute is missing. > > Mike > -------------- next part -------------- An HTML attachment was scrubbed... URL: From weijun.wang at oracle.com Thu Aug 18 04:26:07 2016 From: weijun.wang at oracle.com (Wang Weijun) Date: Thu, 18 Aug 2016 12:26:07 +0800 Subject: RFR: 8061842: Package jurisdiction policy files as something other than JAR In-Reply-To: <2d5572f1-5dc8-726a-9f44-2eed573f6157@oracle.com> References: <65380927-0e9e-c887-8537-b375733e5c0f@oracle.com> <53680482-2bbf-710f-071d-4277c2d985d7@oracle.com> <2d5572f1-5dc8-726a-9f44-2eed573f6157@oracle.com> Message-ID: <151C5E71-0DC6-4A93-8C2D-36EA599360A5@oracle.com> Before this change, you require default policy in neither export nor import to be empty but do not care about the getMinimum() result. In this change, you make sure the final result is not empty. I assume this is a fix? 283 // Did we find a default perms? What does this line mean? 296 // This should never happen But you can still print out the file name. Can you rename policydir-tbd to something else? I am afraid it will be confused with policy.url.1 etc. The original README.TXT in unlimited says "are exportable from the United States." and you have "is exportable." now. Is this intended? (IANAL) TestUnlimited.java: 45 "// Use the AES are the test Cipher", you mean "Use AES as the test Cipher"? 51 "throw new Exception ("Unlimited policy is NOT active");". No space before "(". No other comment. --Max > On Aug 18, 2016, at 7:22 AM, Bradford Wetmore wrote: > > New webrev: > > https://bugs.openjdk.java.net/browse/JDK-8061842 > http://cr.openjdk.java.net/~wetmore/8061842/webrev.01/ From chris.hegarty at oracle.com Thu Aug 18 07:51:24 2016 From: chris.hegarty at oracle.com (Chris Hegarty) Date: Thu, 18 Aug 2016 08:51:24 +0100 Subject: RFR: 9: 8164229: Redundant "sun/net/www/protocol/https" tests in jdk_security3 group In-Reply-To: References: <191bdeb1-a52d-ac36-e331-64eebd060b2d@oracle.com>

Message-ID: <9B5D8A1C-B998-4286-A402-C0A7E61C758E@oracle.com> > On 17 Aug 2016, at 19:52, Rajan Halade wrote: > > On 8/17/16 11:36 AM, Chris Hegarty wrote: > >> On 17 Aug 2016, at 18:54, Rajan Halade wrote: >>> sun/net/www/protocol/https tests are redundant in jdk_security3 group, these are included in jdk_net group. >> Yes they are, but it is very important that anyone touching TLS verify >> that HTTPS still works. If the jdk_net tests will be run to verity >> such changes, then this should be fine. > Yes, these are useful tests to run with https changes. I don't think they need to be duplicated in jdk_security group as jdk_security and jdk_net are part of core tests and with continuous integration system in place to run all tests with each changeset, this duplication is not required. >> >> Out of curiosity, how many tests are in sun/net/www/protocol/https, >> and approximately how long do they run for? > There are 27 tests and I see each of those finish within seconds (max I saw was 8 secs for ReadTimeout.java). Ok, thanks. No objection from me. -Chris. From chris.hegarty at oracle.com Thu Aug 18 07:51:24 2016 From: chris.hegarty at oracle.com (Chris Hegarty) Date: Thu, 18 Aug 2016 08:51:24 +0100 Subject: RFR: 9: 8164229: Redundant "sun/net/www/protocol/https" tests in jdk_security3 group In-Reply-To: References: <191bdeb1-a52d-ac36-e331-64eebd060b2d@oracle.com>

Message-ID: <22826899-888A-48EA-AE94-C5C6B121A086@oracle.com> > On 17 Aug 2016, at 19:52, Rajan Halade wrote: > > On 8/17/16 11:36 AM, Chris Hegarty wrote: > >> On 17 Aug 2016, at 18:54, Rajan Halade wrote: >>> sun/net/www/protocol/https tests are redundant in jdk_security3 group, these are included in jdk_net group. >> Yes they are, but it is very important that anyone touching TLS verify >> that HTTPS still works. If the jdk_net tests will be run to verity >> such changes, then this should be fine. > Yes, these are useful tests to run with https changes. I don't think they need to be duplicated in jdk_security group as jdk_security and jdk_net are part of core tests and with continuous integration system in place to run all tests with each changeset, this duplication is not required. >> >> Out of curiosity, how many tests are in sun/net/www/protocol/https, >> and approximately how long do they run for? > There are 27 tests and I see each of those finish within seconds (max I saw was 8 secs for ReadTimeout.java). Ok, thanks. No objection from me. -Chris. From sean.coffey at oracle.com Thu Aug 18 07:51:58 2016 From: sean.coffey at oracle.com (=?UTF-8?Q?Se=c3=a1n_Coffey?=) Date: Thu, 18 Aug 2016 08:51:58 +0100 Subject: [8u-dev] Request for Approval: Backport of 8144566: Custom HostnameVerifier disables SNI extension In-Reply-To: <9F591029-13DD-478C-BA0C-CCEE87F1F440@oracle.com> References: <9F591029-13DD-478C-BA0C-CCEE87F1F440@oracle.com> Message-ID: Changes look good Ramanand. Reviewed. Regards, Sean. On 18/08/2016 07:03, David Buck wrote: > Hi Ramanand! > > As there are (minor) changes between the two change sets, you will need to get a code review of the backported changes. I have included the security-dev alias in the CC list. > > Cheers, > -Buck > >> On Aug 18, 2016, at 14:34, Ramanand Patil wrote: >> >> Hi, >> >> Please review and approve the backport of 8144566 to 8u-dev. >> >> Bug: https://bugs.openjdk.java.net/browse/JDK-8144566 >> >> JDK9 Changeset: http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/1781aba4f7e3 >> >> JDK9 Review Thread: http://mail.openjdk.java.net/pipermail/security-dev/2015-December/013171.html >> >> JDK8u-dev Webrev: http://cr.openjdk.java.net/~rpatil/8144566/webrev.00/ >> >> Changes apply semi-cleanly to jdk8u-dev after path reshuffling. Below are few reasons for manual edits in the jdk8u-dev patch: >> >> 1. JDK9 class name for "JavaNetAccess" is changed to " JavaNetInetAddressAccess". >> 2. test/javax/net/ssl/ServerName/BestEffortOnLazyConnected.java pathToStores(keystore path) doesn't exist in JDK8u, hence changed the variable to point to available path. >> 3. test/sun/net/www/protocol/https/HttpsURLConnection/ImpactOnSNI.java pathToStores(keystore path) doesn't exist in JDK8u, hence changed the variable to point to available path. >> >> >> Regards, >> Ramanand. From daniel.fuchs at oracle.com Thu Aug 18 10:06:53 2016 From: daniel.fuchs at oracle.com (Daniel Fuchs) Date: Thu, 18 Aug 2016 11:06:53 +0100 Subject: RFR [9] 8156841: sun.security.pkcs11.SunPKCS11 poller thread retains a strong reference to the context class loader In-Reply-To: <455B517D-D665-4E4F-9B8F-4396BD33DE14@oracle.com> References: <455B517D-D665-4E4F-9B8F-4396BD33DE14@oracle.com> Message-ID: Hi Chris, I agree that resetting the TCCL makes sense, and looks like the minimal safer thing to do here. InnocuousThread should probably be considered for the future, but that's a first step in this direction :-) best regards, -- daniel On 18/08/16 08:58, Chris Hegarty wrote: >> The SunPKCS11 poller thread has no need of any user defined class loader, >> so should set its context class loader to null before starting, so as to not >> inadvertently retain a reference to the creating thread?s context class loader. >> >> In other areas that suffered from a similar issue we changed to use an >> InnocuousThread, but I cannot fully satisfy myself that this is a safe >> substation here, so I opted for the safest minimal fix. A future refactoring >> exercise should consider using InnocuousThread. >> >> diff -r 92c31ec731eb src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/SunPKCS11.java >> --- a/src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/SunPKCS11.java Wed Aug 10 11:54:12 2016 +0100 >> +++ b/src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/SunPKCS11.java Wed Aug 10 16:32:41 2016 +0100 >> @@ -809,20 +809,21 @@ >> } >> } >> >> // create the poller thread, if not already active >> private void createPoller() { >> if (poller != null) { >> return; >> } >> final TokenPoller poller = new TokenPoller(this); >> Thread t = new Thread(null, poller, "Poller " + getName(), 0, false); >> + t.setContextClassLoader(null); >> t.setDaemon(true); >> t.setPriority(Thread.MIN_PRIORITY); >> t.start(); >> this.poller = poller; >> } >> >> // destroy the poller thread, if active >> private void destroyPoller() { >> if (poller != null) { >> poller.disable(); >> >> https://bugs.openjdk.java.net/browse/JDK-8156841 >> >> -Chris. > From Alan.Bateman at oracle.com Thu Aug 18 12:34:00 2016 From: Alan.Bateman at oracle.com (Alan Bateman) Date: Thu, 18 Aug 2016 13:34:00 +0100 Subject: RFR: 8163126 Wrong @modules in some of jdk/* tests In-Reply-To: <4371BA82-A2A1-4AC5-8477-F46A589F52E3@oracle.com> References: <242C9427-C6B3-4E06-AA8A-708AA670CADE@oracle.com> <3b1f5d47-e64f-1f46-1486-889fa823841c@oracle.com> <8D77C9ED-BA5E-4F94-BE2D-C73E418C666F@oracle.com> <4371BA82-A2A1-4AC5-8477-F46A589F52E3@oracle.com> Message-ID: <477840f1-9358-d41f-9649-1da5ca7d1773@oracle.com> On 17/08/2016 17:40, Alexandre (Shura) Iline wrote: > Thank you! > > Fixed in place: > http://cr.openjdk.java.net/~shurailine/8163126/webrev.00/test/jdk/security/jarsigner/Spec.java.sdiff.html > > Shura > The updated patch looks good to me. Slightly off-topic but how close do you think we are to dropping completely the test groups in the TEST.groups that are defined under the heading "Profile-based Test Group Definition"? -Alan From sean.coffey at oracle.com Thu Aug 18 13:10:05 2016 From: sean.coffey at oracle.com (=?UTF-8?Q?Se=c3=a1n_Coffey?=) Date: Thu, 18 Aug 2016 14:10:05 +0100 Subject: RFR: 8061842: Package jurisdiction policy files as something other than JAR In-Reply-To: <151C5E71-0DC6-4A93-8C2D-36EA599360A5@oracle.com> References: <65380927-0e9e-c887-8537-b375733e5c0f@oracle.com> <53680482-2bbf-710f-071d-4277c2d985d7@oracle.com> <2d5572f1-5dc8-726a-9f44-2eed573f6157@oracle.com> <151C5E71-0DC6-4A93-8C2D-36EA599360A5@oracle.com> Message-ID: Hi Brad, nice to have this going in. Some comments. 1. Bug synopsis, can you edit it perhaps. "Introduce security property to control strong crypto" seems more descriptive. 2. Exception handling. Alot of your new exceptions don't include context. That makes debugging more difficult than needs be. > + throw new SecurityException( > + "Invalid cryptographic jurisdiction policy directory value"); > + if (!Files.isDirectory(path) || !Files.isReadable(path)) { > + throw new Exception("Can't read cryptographic policy directory"); > + throw new SecurityException( > + "Unexpected jurisdiction policy filename found"); > + } catch (Exception e) { > + throw new SecurityException( > + "Couldn't parse jurisdiction policy files"); Please include the exception 'e' in your last exception here. > + } catch (DirectoryIteratorException ex) { > + // I/O error encountered during the iteration, > + // the cause is an IOException > + throw new SecurityException( > + "Couldn't iterate through the jurisdiction policy files"); > + } Can you add the DirectoryIteratorException to the final exception that you're throwing ? 3. Test case. The TestUnlimited.java testcase seems to be lacking. Do you want to test other values for crypto.policy ? 'limited' would be one. Throwing in some dummy value would also be good so that the exception handling code gets exercised. It needs to be run in ovm mode since you're setting a Security property. Regards, Sean. On 18/08/2016 05:26, Wang Weijun wrote: > Before this change, you require default policy in neither export nor import to be empty but do not care about the getMinimum() result. In this change, you make sure the final result is not empty. I assume this is a fix? > > 283 // Did we find a default perms? > > What does this line mean? > > 296 // This should never happen > > But you can still print out the file name. > > > Can you rename policydir-tbd to something else? I am afraid it will be confused with policy.url.1 etc. > > The original README.TXT in unlimited says "are exportable from the United States." and you have "is exportable." now. Is this intended? (IANAL) > > TestUnlimited.java: > 45 "// Use the AES are the test Cipher", you mean "Use AES as the test Cipher"? > 51 "throw new Exception ("Unlimited policy is NOT active");". No space before "(". > > No other comment. > > --Max > >> On Aug 18, 2016, at 7:22 AM, Bradford Wetmore wrote: >> >> New webrev: >> >> https://bugs.openjdk.java.net/browse/JDK-8061842 >> http://cr.openjdk.java.net/~wetmore/8061842/webrev.01/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From sean.coffey at oracle.com Thu Aug 18 15:28:15 2016 From: sean.coffey at oracle.com (=?UTF-8?Q?Se=c3=a1n_Coffey?=) Date: Thu, 18 Aug 2016 16:28:15 +0100 Subject: RFR: (XS) 8162916:Test sun/security/krb5/auto/UnboundSSL.java fails In-Reply-To: References: <57B4969B.4030904@oracle.com> <0ee91f5b-bcd5-7c93-d99d-13c00797d8f3@oracle.com> <57B49B18.3030505@oracle.com> <27699872-c744-7ae6-249b-c3562c5a882e@oracle.com> Message-ID: Thanks for the tip Artem, Max. No need to modify the policy file then. Below is the new suggested patch for jdk8u-dev. JPRT results are good. diff --git a/test/sun/security/krb5/auto/UnboundSSL.java b/test/sun/security/krb5/auto/UnboundSSL.java --- a/test/sun/security/krb5/auto/UnboundSSL.java +++ b/test/sun/security/krb5/auto/UnboundSSL.java @@ -34,9 +34,9 @@ * @bug 8025123 * @summary Checks if an unbound server can handle connections * only for allowed service principals - * @run main/othervm/policy=unbound.ssl.policy UnboundSSL + * @run main/othervm/java.security.policy=unbound.ssl.policy UnboundSSL * unbound.ssl.jaas.conf server_star - * @run main/othervm/policy=unbound.ssl.policy UnboundSSL + * @run main/othervm/java.security.policy=unbound.ssl.policy UnboundSSL * unbound.ssl.jaas.conf server_multiple_principals */ public class UnboundSSL { Regards, Sean. On 18/08/2016 04:11, Weijun Wang wrote: >>>> If I recall correctly, there should be a way to specify a policy file >>>> in @run without overriding the default one. May be it is "@run >>>> main/othervm/java.security.policy=unbound.ssl.policy_new" > > Yes, I think this should work. I've also just learned about it and > don't know from which jtreg it is supported. Hopefully the > minimized-required version of jtreg for jdk8u already has it. > > --Max > From mstjohns at comcast.net Thu Aug 18 15:40:36 2016 From: mstjohns at comcast.net (Michael StJohns) Date: Thu, 18 Aug 2016 11:40:36 -0400 Subject: [9] RFR 8078661: [SunPKCS11] Fails to cast into RSAPrivateCrtKey after RSA KeyPair Generation In-Reply-To: <89d1e859-a988-627d-6b7c-c5ad6f062f18@oracle.com> References:

<89d1e859-a988-627d-6b7c-c5ad6f062f18@oracle.com> Message-ID: <851c0000-8341-294c-e62b-f15334d417a1@comcast.net> On 8/17/2016 11:36 PM, Valerie Peng wrote: > Regression tests are still running, but thought that I will send the > updated webrev out and see if there are more comments. > > Webrev is updated at: > http://cr.openjdk.java.net/~valeriep/8078661/webrev.01/ > > Thanks, > Valerie Hi Valerie - You know - re-reading this code I'm reminding of why PKCS11 annoys me so much. At line 333 (of the "new" P11Key) you grab the Token, Sensitive and Extractable values and if the private data is sensitive or not extractable you create a generic P11PrivateKey and return that. However the contract for RSAKey requires that the public modulus be returned if available, and, since its not a sensitive attribute it probably should be available. Also, even if the key is sensitive - if its a sensitive CRT key, then CKA_PUBLIC_EXPONENT should be available. That's going to be a surprise if someone tries to cast this return to an (RSAKey) or (RSAPrivateKey). _This should be changed so a key of the appropriate type is always created._ Also, checking for CKA_EXTRACTABLE being true, doesn't actually get you access to the clear text information. If a key is extractable, then it can be wrapped out under another key. The components themselves aren't available. It's possible to have a non-sensitive, non-extractable key where the components are retrievable, but the key can't be wrapped out. (Hmm... the public exponent is in RSAPublicKey and RSAPrivateCRTKey, but should probably be in RSAKey instead). So: All RSA keys - even the sensitive private ones - should return CKA_MODULUS. All RSA Private CRT Keys - even the sensitive ones - should also return CKA_PUBLIC_EXPONENT. All non-sensitive RSA Private keys - should also return CKA_PRIVATE_EXPONENT All non-sensitive RSA Private CRT Keys - should also return CKA_PRIME_1, CKA_PRIME_2, CKA_EXPONENT_1, CKA_EXPONENT_2 and CKA_COEFFICIENT. This is harder to do than it needs to be due to how p11_objmgt.c::Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetAttributeValue is built. At lines 248 and 270, it does a check for an error return and throws an exception if any error occurs. However, for C_GetAttributeValue, there are a number of "non-fatal" errors that indicate either buffer size errors or sensitivity of one or more components or unavailability of one or more components. > Note that the error codes CKR_ATTRIBUTE_SENSITIVE, > CKR_ATTRIBUTE_TYPE_INVALID, and CKR_BUFFER_TOO_SMALL do not denote > true errors for *C_GetAttributeValue*. If a call to > *C_GetAttributeValue* returns any of these three values, then the call > must nonetheless have processed /every/ attribute in the template > supplied to *C_GetAttributeValue*. Each attribute in the template > whose value /can be/ returned by the call to *C_GetAttributeValue* > /will be/ returned by the call to *C_GetAttributeValue*. If you updated this slightly - maybe by adding a new method to wrapper.PKCS11 (say GetAttributeValuesNoError) - to return the attributes it was able to get in the call with nulls elsewhere, then you could do all of the above in one pass. Sorry to complicate this. Mike ps - I don't have a current build environment set up for the JDK, otherwise I'd code it and test it myself. I'm happy to take a swing at it and provide you unverified code you can integrate. > > On 8/17/2016 9:55 AM, Michael StJohns wrote: >> On 8/16/2016 9:24 PM, Valerie Peng wrote: >>> >>> Anyone has time to review a straightforward fix? The current PKCS11 >>> code assume that if public exponent is available for RSA Private >>> Key, then it's a RSA CRT key. However, not all vendor implementation >>> works this way. Changing to a tighter check and did minor >>> code-refactoring to avoid re-retrieving the attribute values. >>> >>> Bug: https://bugs.openjdk.java.net/browse/JDK-8078661 >>> Webrev: http://cr.openjdk.java.net/~valeriep/8078661/webrev.00/ >>> >>> Thanks, >>> Valerie >> >> Given that there's a change to PKCS11 for 2.40 that says that all RSA >> private key objects MUST also store CKA_PUBLIC_EXPONENT, some change >> needed to be made. >> >> Sorry - I don't think this fix will work. Or if its working on your >> version of PKCS11, your version of PKCS11 is doing it wrong. The >> problem is that if you specify attributes that don't exist on the >> object, the underlying PKCS11 library is supposed to return >> CKR_ATTRIBUTE_TYPE_INVALID. And that should trigger a thrown >> exception before you ever get anything copied to your attributes. >> >> 1) Get modulus and private exponent first. That gives you the stuff >> for a generic RSA private key - and if it fails, there's no reason to >> continue. >> >> 2) Then get the rest of the stuff. If that fails, then you already >> have the stuff you need for a normal private key. >> >> >>> boolean crtKey; >>> try { >>> session.token.p11.C_GetAttributeValue >>> (session.id(), keyID, attrs2); >>> - crtKey = (attrs2[0].pValue instanceof byte[]); >>> + crtKey = ((attrs2[1].pValue instanceof byte[]) && >>> + (attrs2[3].pValue instanceof byte[]) && >>> + (attrs2[4].pValue instanceof byte[]) && >>> + (attrs2[5].pValue instanceof byte[]) && >>> + (attrs2[6].pValue instanceof byte[]) && >>> + (attrs2[7].pValue instanceof byte[])) ; >>> } catch (PKCS11Exception e) { >>> // ignore, assume not available >>> crtKey = false; >>> } >> >> // Change attrs2 so it only has the additional CRT attributes (e.g. >> delete CKA_MODULUS, CKA_PRIVATE_EXPONENT from the list >> >> Replace the above with >> >> CK_ATTRIBUTE[] attrs3 = new CK_ATTRIBUTE[] { >> new CK_ATTRIBUTE(CKA_MODULUS), >> new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT) >> }; >> // no try block needed here - we want to throw the error if it occurs >> session.token.p11.C_GetAttributeValue (session.id(), keyID, attrs3); >> >> // So far so good - we have the base attributes, let's see if we can >> get the additional attributes; >> >> try { >> session.token.p11.C_GetAttributeValue(session.id(),keyID, attrs2); >> } catch (PKCS11Exception e) { >> // we really should check the return value for one of the >> non-fatal values, but let's just assume its not a CRT key >> return new P11RSAPrivateNonCRTKey (session, keyID, algorithm, >> keyLength, attrs2, attrs3); >> } >> >> // if we fall through then its a CRT key >> // -- we should check for byte[] ness of each of the components, and >> throw an error if they arent - but which error? >> >> return new P11RSAPrivateKey (session, keyID, algorithm, keyLength, >> attrs2, attrs3); >> >> // there are cleanups necessary in other places. I'd suggest rather >> than depending on the ordering of attributes, you do assignment by >> CKA_ values just so someone coming later doesn't mess things up by >> mistake. Also, a hell of a lot more readable. >> >> static CK_ATTRIBUTE getAttribute (CK_ATTRIBUTE[] attrs, long attrType) { >> for (CK_ATTRIBUTE a : attrs) { >> if (a.type == attrType) >> return a; >> } >> return null; // or throw something? >> } >> >> >> coeff = getAtttribute(attrs,CKA_COEFFICIENT).getBigInteger(); >> >> >> The other possibility is to change the C code for >> C_GetAttributeValues so it doesn't error out for the non-fatal error >> codes and instead returns a null value attribute when the attribute >> is missing. >> >> Mike >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mstjohns at comcast.net Thu Aug 18 15:56:33 2016 From: mstjohns at comcast.net (Michael StJohns) Date: Thu, 18 Aug 2016 11:56:33 -0400 Subject: RSA Key Interfaces Was: Re: [9] RFR 8078661: [SunPKCS11] Fails to cast into RSAPrivateCrtKey after RSA KeyPair Generation In-Reply-To: <89d1e859-a988-627d-6b7c-c5ad6f062f18@oracle.com> References:

<89d1e859-a988-627d-6b7c-c5ad6f062f18@oracle.com> Message-ID: Hi - Looking at Valeries changes to the above made me take a closer look at the current definitions of the various RSA key interfaces. What would be the impact of the following changes?: Make RSAMultiPrimePrivateCrtKeySpec extend RSAPrivateCrtKeyKeySpec instead of RSAPrivateKeySpec. RSAMultiPrimePrivateCrtKeySpec would then only define the RSAOtherPrimeInfo[] getOtherPrimeInfo() method. Ditto for RSAMultiPrimePrivateCrtKey and RSAPrivateCrtKey Move getPublicExponent() from RSAPublicKey and RSAPrivateCrtKey to RSAKey. Ditto for the Spec versions. I think the first two changes can be done without adverse impact and are more correct than the current definitions. The latter two are more problematic, but can probably be handled using the default method mechanism. The API documents would indicate that these functions would return null if the values are unavailable. Mike From artem.smotrakov at oracle.com Thu Aug 18 16:45:44 2016 From: artem.smotrakov at oracle.com (Artem Smotrakov) Date: Thu, 18 Aug 2016 09:45:44 -0700 Subject: RFR: (XS) 8162916:Test sun/security/krb5/auto/UnboundSSL.java fails In-Reply-To: References: <57B4969B.4030904@oracle.com> <0ee91f5b-bcd5-7c93-d99d-13c00797d8f3@oracle.com> <57B49B18.3030505@oracle.com> <27699872-c744-7ae6-249b-c3562c5a882e@oracle.com>

Message-ID: <5bee7906-e5ea-0e8c-4d74-3fdf9a12b8cb@oracle.com> Hi Sean, The patch below looks fine to me, but I am not an official reviewer. Artem On 08/18/2016 08:28 AM, Se?n Coffey wrote: > Thanks for the tip Artem, Max. No need to modify the policy file then. > Below is the new suggested patch for jdk8u-dev. JPRT results are good. > > diff --git a/test/sun/security/krb5/auto/UnboundSSL.java > b/test/sun/security/krb5/auto/UnboundSSL.java > --- a/test/sun/security/krb5/auto/UnboundSSL.java > +++ b/test/sun/security/krb5/auto/UnboundSSL.java > @@ -34,9 +34,9 @@ > * @bug 8025123 > * @summary Checks if an unbound server can handle connections > * only for allowed service principals > - * @run main/othervm/policy=unbound.ssl.policy UnboundSSL > + * @run main/othervm/java.security.policy=unbound.ssl.policy UnboundSSL > * unbound.ssl.jaas.conf server_star > - * @run main/othervm/policy=unbound.ssl.policy UnboundSSL > + * @run main/othervm/java.security.policy=unbound.ssl.policy UnboundSSL > * unbound.ssl.jaas.conf > server_multiple_principals > */ > public class UnboundSSL { > > Regards, > Sean. > > On 18/08/2016 04:11, Weijun Wang wrote: >>>>> If I recall correctly, there should be a way to specify a policy file >>>>> in @run without overriding the default one. May be it is "@run >>>>> main/othervm/java.security.policy=unbound.ssl.policy_new" >> >> Yes, I think this should work. I've also just learned about it and >> don't know from which jtreg it is supported. Hopefully the >> minimized-required version of jtreg for jdk8u already has it. >> >> --Max >> > From bradford.wetmore at oracle.com Thu Aug 18 16:59:05 2016 From: bradford.wetmore at oracle.com (Bradford Wetmore) Date: Thu, 18 Aug 2016 09:59:05 -0700 Subject: RFR: 9: 8164229: Redundant "sun/net/www/protocol/https" tests in jdk_security3 group In-Reply-To: <22826899-888A-48EA-AE94-C5C6B121A086@oracle.com> References: <191bdeb1-a52d-ac36-e331-64eebd060b2d@oracle.com>

<22826899-888A-48EA-AE94-C5C6B121A086@oracle.com> Message-ID: <1f8a6d0a-c6aa-64bc-fe62-3bcc419d78e6@oracle.com> This was probably more important when the Security group had direct responsibility for the https code. Brad On 8/18/2016 12:51 AM, Chris Hegarty wrote: > >> On 17 Aug 2016, at 19:52, Rajan Halade wrote: >> >> On 8/17/16 11:36 AM, Chris Hegarty wrote: >> >>> On 17 Aug 2016, at 18:54, Rajan Halade wrote: >>>> sun/net/www/protocol/https tests are redundant in jdk_security3 group, these are included in jdk_net group. >>> Yes they are, but it is very important that anyone touching TLS verify >>> that HTTPS still works. If the jdk_net tests will be run to verity >>> such changes, then this should be fine. >> Yes, these are useful tests to run with https changes. I don't think they need to be duplicated in jdk_security group as jdk_security and jdk_net are part of core tests and with continuous integration system in place to run all tests with each changeset, this duplication is not required. >>> >>> Out of curiosity, how many tests are in sun/net/www/protocol/https, >>> and approximately how long do they run for? >> There are 27 tests and I see each of those finish within seconds (max I saw was 8 secs for ReadTimeout.java). > > Ok, thanks. No objection from me. > > -Chris. > From david.buck at oracle.com Thu Aug 18 06:03:36 2016 From: david.buck at oracle.com (David Buck) Date: Thu, 18 Aug 2016 15:03:36 +0900 Subject: [8u-dev] Request for Approval: Backport of 8144566: Custom HostnameVerifier disables SNI extension In-Reply-To: References: Message-ID: <9F591029-13DD-478C-BA0C-CCEE87F1F440@oracle.com> Hi Ramanand! As there are (minor) changes between the two change sets, you will need to get a code review of the backported changes. I have included the security-dev alias in the CC list. Cheers, -Buck > On Aug 18, 2016, at 14:34, Ramanand Patil wrote: > > Hi, > > Please review and approve the backport of 8144566 to 8u-dev. > > Bug: https://bugs.openjdk.java.net/browse/JDK-8144566 > > JDK9 Changeset: http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/1781aba4f7e3 > > JDK9 Review Thread: http://mail.openjdk.java.net/pipermail/security-dev/2015-December/013171.html > > JDK8u-dev Webrev: http://cr.openjdk.java.net/~rpatil/8144566/webrev.00/ > > Changes apply semi-cleanly to jdk8u-dev after path reshuffling. Below are few reasons for manual edits in the jdk8u-dev patch: > > 1. JDK9 class name for "JavaNetAccess" is changed to " JavaNetInetAddressAccess". > 2. test/javax/net/ssl/ServerName/BestEffortOnLazyConnected.java pathToStores(keystore path) doesn't exist in JDK8u, hence changed the variable to point to available path. > 3. test/sun/net/www/protocol/https/HttpsURLConnection/ImpactOnSNI.java pathToStores(keystore path) doesn't exist in JDK8u, hence changed the variable to point to available path. > > > Regards, > Ramanand. From david.buck at oracle.com Thu Aug 18 07:55:31 2016 From: david.buck at oracle.com (david buck) Date: Thu, 18 Aug 2016 16:55:31 +0900 Subject: [8u-dev] Request for Approval: Backport of 8144566: Custom HostnameVerifier disables SNI extension In-Reply-To: References: <9F591029-13DD-478C-BA0C-CCEE87F1F440@oracle.com> Message-ID: approved for push to 8u-dev Cheers, -Buck On 2016/08/18 16:51, Se?n Coffey wrote: > Changes look good Ramanand. Reviewed. > > Regards, > Sean. > > On 18/08/2016 07:03, David Buck wrote: >> Hi Ramanand! >> >> As there are (minor) changes between the two change sets, you will >> need to get a code review of the backported changes. I have included >> the security-dev alias in the CC list. >> >> Cheers, >> -Buck >> >>> On Aug 18, 2016, at 14:34, Ramanand Patil >>> wrote: >>> >>> Hi, >>> >>> Please review and approve the backport of 8144566 to 8u-dev. >>> >>> Bug: https://bugs.openjdk.java.net/browse/JDK-8144566 >>> >>> JDK9 Changeset: >>> http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/1781aba4f7e3 >>> >>> JDK9 Review Thread: >>> http://mail.openjdk.java.net/pipermail/security-dev/2015-December/013171.html >>> >>> >>> JDK8u-dev Webrev: http://cr.openjdk.java.net/~rpatil/8144566/webrev.00/ >>> >>> Changes apply semi-cleanly to jdk8u-dev after path reshuffling. Below >>> are few reasons for manual edits in the jdk8u-dev patch: >>> >>> 1. JDK9 class name for "JavaNetAccess" is changed to " >>> JavaNetInetAddressAccess". >>> 2. test/javax/net/ssl/ServerName/BestEffortOnLazyConnected.java >>> pathToStores(keystore path) doesn't exist in JDK8u, hence changed the >>> variable to point to available path. >>> 3. >>> test/sun/net/www/protocol/https/HttpsURLConnection/ImpactOnSNI.java >>> pathToStores(keystore path) doesn't exist in JDK8u, hence changed the >>> variable to point to available path. >>> >>> >>> Regards, >>> Ramanand. > From ramanand.patil at oracle.com Thu Aug 18 07:57:01 2016 From: ramanand.patil at oracle.com (Ramanand Patil) Date: Thu, 18 Aug 2016 00:57:01 -0700 (PDT) Subject: [8u-dev] Request for Approval: Backport of 8144566: Custom HostnameVerifier disables SNI extension In-Reply-To: References: <9F591029-13DD-478C-BA0C-CCEE87F1F440@oracle.com>

Message-ID: <3191d787-dc45-4584-b99d-b717afdfa96c@default> Thank you Sean and David. Regards, Ramanand. -----Original Message----- From: david buck Sent: Thursday, August 18, 2016 1:26 PM To: Se?n Coffey; Ramanand Patil Cc: jdk8u-dev; security-dev at openjdk.java.net Subject: Re: [8u-dev] Request for Approval: Backport of 8144566: Custom HostnameVerifier disables SNI extension approved for push to 8u-dev Cheers, -Buck On 2016/08/18 16:51, Se?n Coffey wrote: > Changes look good Ramanand. Reviewed. > > Regards, > Sean. > > On 18/08/2016 07:03, David Buck wrote: >> Hi Ramanand! >> >> As there are (minor) changes between the two change sets, you will >> need to get a code review of the backported changes. I have included >> the security-dev alias in the CC list. >> >> Cheers, >> -Buck >> >>> On Aug 18, 2016, at 14:34, Ramanand Patil >>> >>> wrote: >>> >>> Hi, >>> >>> Please review and approve the backport of 8144566 to 8u-dev. >>> >>> Bug: https://bugs.openjdk.java.net/browse/JDK-8144566 >>> >>> JDK9 Changeset: >>> http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/1781aba4f7e3 >>> >>> JDK9 Review Thread: >>> http://mail.openjdk.java.net/pipermail/security-dev/2015-December/01 >>> 3171.html >>> >>> >>> JDK8u-dev Webrev: >>> http://cr.openjdk.java.net/~rpatil/8144566/webrev.00/ >>> >>> Changes apply semi-cleanly to jdk8u-dev after path reshuffling. >>> Below are few reasons for manual edits in the jdk8u-dev patch: >>> >>> 1. JDK9 class name for "JavaNetAccess" is changed to " >>> JavaNetInetAddressAccess". >>> 2. test/javax/net/ssl/ServerName/BestEffortOnLazyConnected.java >>> pathToStores(keystore path) doesn't exist in JDK8u, hence changed >>> the variable to point to available path. >>> 3. >>> test/sun/net/www/protocol/https/HttpsURLConnection/ImpactOnSNI.java >>> pathToStores(keystore path) doesn't exist in JDK8u, hence changed >>> the variable to point to available path. >>> >>> >>> Regards, >>> Ramanand. > From sean.mullan at oracle.com Thu Aug 18 17:53:35 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Thu, 18 Aug 2016 13:53:35 -0400 Subject: RFR: 8061842: Package jurisdiction policy files as something other than JAR In-Reply-To: <2d5572f1-5dc8-726a-9f44-2eed573f6157@oracle.com> References: <65380927-0e9e-c887-8537-b375733e5c0f@oracle.com> <53680482-2bbf-710f-071d-4277c2d985d7@oracle.com> <2d5572f1-5dc8-726a-9f44-2eed573f6157@oracle.com> Message-ID: On 08/17/2016 07:22 PM, Bradford Wetmore wrote: >> - src/java.base/share/conf/security/java.security >> >> 854 crypto.policy=policydir-tbd >> >> The policydir-tbd value is a little confusing in that it isn't a real >> value. What about just setting this to the empty string? > > It's a similar marker for the string replacement like was done for > security.provider.tbd. Ok, but those are property names. What about setting the default value to "limited"? And then this would only be changed to "unlimited" if the build --enable-unlimited-crypto option is specified? > I could change it to be delineated with <>: > "" if you like? >> - src/java.base/share/classes/javax/crypto/JceSecurity.java >> >> 255 String cryptoPolicyDir = >> Security.getProperty("crypto.policy"); >> 256 Path cryptoPolicyPath = Paths.get(cryptoPolicyDir); >> >> What happens if crypto.policy is not set or is set to ""? > > Good catch. Not set would NPE, "" would simply look at > /conf/security/policy and fail to iterate the directory if no > files were actually there. I've added code for both those conditions, > and also switched to use Path.resolve(). 253 // Sanity check the crypto.policy Security property. Single 254 // directory entry, no pseudo- or subdirectories. 255 String cryptoPolicyDir = Security.getProperty("crypto.policy"); 256 257 if (cryptoPolicyDir == null) { 258 throw new SecurityException( 259 "No cryptographic jurisdiction policy directory value"); 260 } Instead of throwing an exception here, I wonder if it would make more sense to assume a default value of "limited" if the property is not set or is empty. --Sean From valerie.peng at oracle.com Thu Aug 18 20:49:22 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Thu, 18 Aug 2016 13:49:22 -0700 Subject: [9] RFR 8078661: [SunPKCS11] Fails to cast into RSAPrivateCrtKey after RSA KeyPair Generation In-Reply-To: <851c0000-8341-294c-e62b-f15334d417a1@comcast.net> References:

<89d1e859-a988-627d-6b7c-c5ad6f062f18@oracle.com> <851c0000-8341-294c-e62b-f15334d417a1@comcast.net> Message-ID: <4a33b5ec-816e-5ee5-ae77-f865c6b42fb3@oracle.com> Hi Mike, Thanks for the feedback and the detailed write up. The scenario here is complicated by the sensitive/non-extractable keys of PKCS#11 and the fact that java key and key specification classes assume all relevant values being available. Only when all relevant values are available, then we will construct the corresponding key objects. This is necessary as there are other providers which may receive such keys and they can't handle keys like this. I am sure that the current PKCS11 provider code needs many improvement/finer handlings. But I don't see a straightforward way of "making CKA_PUBLIC_EXPONENT available" across various RSA Key classes. This should be tracked in a different issue. Given the current release schedule, the deadline for this fix (P4) is coming up in 10 days and I will be on vacation next week. If you agree with the value of addressing this with the proposed changes for JDK 9, then we can proceed. Otherwise, I will defer this bug to the update release and we can spend more time to polish this. Valerie On 8/18/2016 8:40 AM, Michael StJohns wrote: > On 8/17/2016 11:36 PM, Valerie Peng wrote: >> Regression tests are still running, but thought that I will send the >> updated webrev out and see if there are more comments. >> >> Webrev is updated at: >> http://cr.openjdk.java.net/~valeriep/8078661/webrev.01/ >> >> Thanks, >> Valerie > Hi Valerie - > > You know - re-reading this code I'm reminding of why PKCS11 annoys me > so much. > > At line 333 (of the "new" P11Key) you grab the Token, Sensitive and > Extractable values and if the private data is sensitive or not > extractable you create a generic P11PrivateKey and return that. > However the contract for RSAKey requires that the public modulus be > returned if available, and, since its not a sensitive attribute it > probably should be available. Also, even if the key is sensitive - if > its a sensitive CRT key, then CKA_PUBLIC_EXPONENT should be available. > > That's going to be a surprise if someone tries to cast this return to > an (RSAKey) or (RSAPrivateKey). _This should be changed so a key of > the appropriate type is always created._ > > Also, checking for CKA_EXTRACTABLE being true, doesn't actually get > you access to the clear text information. If a key is extractable, > then it can be wrapped out under another key. The components > themselves aren't available. It's possible to have a non-sensitive, > non-extractable key where the components are retrievable, but the key > can't be wrapped out. > > > (Hmm... the public exponent is in RSAPublicKey and RSAPrivateCRTKey, > but should probably be in RSAKey instead). > > So: > > All RSA keys - even the sensitive private ones - should return > CKA_MODULUS. > All RSA Private CRT Keys - even the sensitive ones - should also > return CKA_PUBLIC_EXPONENT. > All non-sensitive RSA Private keys - should also return > CKA_PRIVATE_EXPONENT > All non-sensitive RSA Private CRT Keys - should also return > CKA_PRIME_1, CKA_PRIME_2, CKA_EXPONENT_1, CKA_EXPONENT_2 and > CKA_COEFFICIENT. > > This is harder to do than it needs to be due to how > p11_objmgt.c::Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetAttributeValue > is built. At lines 248 and 270, it does a check for an error return > and throws an exception if any error occurs. However, for > C_GetAttributeValue, there are a number of "non-fatal" errors that > indicate either buffer size errors or sensitivity of one or more > components or unavailability of one or more components. >> Note that the error codes CKR_ATTRIBUTE_SENSITIVE, >> CKR_ATTRIBUTE_TYPE_INVALID, and CKR_BUFFER_TOO_SMALL do not denote >> true errors for *C_GetAttributeValue*. If a call to >> *C_GetAttributeValue* returns any of these three values, then the >> call must nonetheless have processed /every/ attribute in the >> template supplied to *C_GetAttributeValue*. Each attribute in the >> template whose value /can be/ returned by the call to >> *C_GetAttributeValue* /will be/ returned by the call to >> *C_GetAttributeValue*. > > > > If you updated this slightly - maybe by adding a new method to > wrapper.PKCS11 (say GetAttributeValuesNoError) - to return the > attributes it was able to get in the call with nulls elsewhere, then > you could do all of the above in one pass. > > Sorry to complicate this. Mike > > ps - I don't have a current build environment set up for the JDK, > otherwise I'd code it and test it myself. I'm happy to take a swing > at it and provide you unverified code you can integrate. > >> >> On 8/17/2016 9:55 AM, Michael StJohns wrote: >>> On 8/16/2016 9:24 PM, Valerie Peng wrote: >>>> >>>> Anyone has time to review a straightforward fix? The current PKCS11 >>>> code assume that if public exponent is available for RSA Private >>>> Key, then it's a RSA CRT key. However, not all vendor >>>> implementation works this way. Changing to a tighter check and did >>>> minor code-refactoring to avoid re-retrieving the attribute values. >>>> >>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8078661 >>>> Webrev: http://cr.openjdk.java.net/~valeriep/8078661/webrev.00/ >>>> >>>> Thanks, >>>> Valerie >>> >>> Given that there's a change to PKCS11 for 2.40 that says that all >>> RSA private key objects MUST also store CKA_PUBLIC_EXPONENT, some >>> change needed to be made. >>> >>> Sorry - I don't think this fix will work. Or if its working on your >>> version of PKCS11, your version of PKCS11 is doing it wrong. The >>> problem is that if you specify attributes that don't exist on the >>> object, the underlying PKCS11 library is supposed to return >>> CKR_ATTRIBUTE_TYPE_INVALID. And that should trigger a thrown >>> exception before you ever get anything copied to your attributes. >>> >>> 1) Get modulus and private exponent first. That gives you the stuff >>> for a generic RSA private key - and if it fails, there's no reason >>> to continue. >>> >>> 2) Then get the rest of the stuff. If that fails, then you already >>> have the stuff you need for a normal private key. >>> >>> >>>> boolean crtKey; >>>> try { >>>> session.token.p11.C_GetAttributeValue >>>> (session.id(), keyID, attrs2); >>>> - crtKey = (attrs2[0].pValue instanceof byte[]); >>>> + crtKey = ((attrs2[1].pValue instanceof byte[]) && >>>> + (attrs2[3].pValue instanceof byte[]) && >>>> + (attrs2[4].pValue instanceof byte[]) && >>>> + (attrs2[5].pValue instanceof byte[]) && >>>> + (attrs2[6].pValue instanceof byte[]) && >>>> + (attrs2[7].pValue instanceof byte[])) ; >>>> } catch (PKCS11Exception e) { >>>> // ignore, assume not available >>>> crtKey = false; >>>> } >>> >>> // Change attrs2 so it only has the additional CRT attributes (e.g. >>> delete CKA_MODULUS, CKA_PRIVATE_EXPONENT from the list >>> >>> Replace the above with >>> >>> CK_ATTRIBUTE[] attrs3 = new CK_ATTRIBUTE[] { >>> new CK_ATTRIBUTE(CKA_MODULUS), >>> new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT) >>> }; >>> // no try block needed here - we want to throw the error if it occurs >>> session.token.p11.C_GetAttributeValue (session.id(), keyID, attrs3); >>> >>> // So far so good - we have the base attributes, let's see if we can >>> get the additional attributes; >>> >>> try { >>> session.token.p11.C_GetAttributeValue(session.id(),keyID, attrs2); >>> } catch (PKCS11Exception e) { >>> // we really should check the return value for one of the >>> non-fatal values, but let's just assume its not a CRT key >>> return new P11RSAPrivateNonCRTKey (session, keyID, algorithm, >>> keyLength, attrs2, attrs3); >>> } >>> >>> // if we fall through then its a CRT key >>> // -- we should check for byte[] ness of each of the components, and >>> throw an error if they arent - but which error? >>> >>> return new P11RSAPrivateKey (session, keyID, algorithm, keyLength, >>> attrs2, attrs3); >>> >>> // there are cleanups necessary in other places. I'd suggest rather >>> than depending on the ordering of attributes, you do assignment by >>> CKA_ values just so someone coming later doesn't mess things up by >>> mistake. Also, a hell of a lot more readable. >>> >>> static CK_ATTRIBUTE getAttribute (CK_ATTRIBUTE[] attrs, long attrType) { >>> for (CK_ATTRIBUTE a : attrs) { >>> if (a.type == attrType) >>> return a; >>> } >>> return null; // or throw something? >>> } >>> >>> >>> coeff = getAtttribute(attrs,CKA_COEFFICIENT).getBigInteger(); >>> >>> >>> The other possibility is to change the C code for >>> C_GetAttributeValues so it doesn't error out for the non-fatal error >>> codes and instead returns a null value attribute when the attribute >>> is missing. >>> >>> Mike >>> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From vincent.x.ryan at oracle.com Thu Aug 18 21:17:29 2016 From: vincent.x.ryan at oracle.com (Vincent Ryan) Date: Thu, 18 Aug 2016 22:17:29 +0100 Subject: [9] RFR 8164398: Add test sun/security/krb5/auto/EmptyPassword.java to ProblemList Message-ID: <2D473677-B0D3-464C-B854-846EB5412C6A@oracle.com> Please approve this change to add a failing test to jdk/test/ProblemList.txt so we can investigate further. Thanks. diff --git a/test/ProblemList.txt b/test/ProblemList.txt --- a/test/ProblemList.txt +++ b/test/ProblemList.txt @@ -289,6 +289,8 @@ sun/security/ssl/SSLSocketImpl/AsyncSSLSocketClose.java 8161232 macosx-all +sun/security/krb5/auto/EmptyPassword.java 8164307 solaris-all + ############################################################################ # jdk_sound -------------- next part -------------- An HTML attachment was scrubbed... URL: From mstjohns at comcast.net Thu Aug 18 21:25:29 2016 From: mstjohns at comcast.net (Michael StJohns) Date: Thu, 18 Aug 2016 17:25:29 -0400 Subject: [9] RFR 8078661: [SunPKCS11] Fails to cast into RSAPrivateCrtKey after RSA KeyPair Generation In-Reply-To: <4a33b5ec-816e-5ee5-ae77-f865c6b42fb3@oracle.com> References:

<89d1e859-a988-627d-6b7c-c5ad6f062f18@oracle.com> <851c0000-8341-294c-e62b-f15334d417a1@comcast.net> <4a33b5ec-816e-5ee5-ae77-f865c6b42fb3@oracle.com> Message-ID: <3419f99e-d4d4-0802-8baa-b1fe89ddf545@comcast.net> On 8/18/2016 4:49 PM, Valerie Peng wrote: > Hi Mike, > > Thanks for the feedback and the detailed write up. > > The scenario here is complicated by the sensitive/non-extractable keys > of PKCS#11 and the fact that java key and key specification classes > assume all relevant values being available. Um... I think that's true for any PublicKey, but not for Secret or Private keys. At worst, the Key object is a handle for the real key that contains all those items, but they might not be available. At best, most of those components will be available. I say at best, because of the language in RSAMultiPrimePrivateCRTKey for getOtherPrimeInfo() which says it can return null. > Only when all relevant values are available, then we will construct > the corresponding key objects. This is necessary as there are other > providers which may receive such keys and they can't handle keys like > this. Keys can't generally move across providers AIRC? You can try and use a key factory to convert them, but that's not guaranteed. A PKCS11 derived key isn't going to be portable to another provider without extraction to a keyspec in any case. Hmm.. I went back and read the JDK8 p11 guide (https://docs.oracle.com/javase/8/docs/technotes/guides/security/p11guide.html) and section 3.2 gives the guidance that you only use the generic interfaces for unextractable keys. I actually think that's wrong, given the general guidance in the JCA documentation with respect to Opaque Keys vs transparent KeySpecs. (Hmm... I wonder if this guidance was in the originally submitted code package documentation). Then there's the point that even a generic Public or Private key has a "getEncoded()" method. *bleah* > > I am sure that the current PKCS11 provider code needs many > improvement/finer handlings. But I don't see a straightforward way of > "making CKA_PUBLIC_EXPONENT available" across various RSA Key classes. > This should be tracked in a different issue. That's just one of the items. As I mentioned in another email, I think the RSA key classes and interfaces need a bit more work and tweaking. I wouldn't try and accomplish that quite yet. > > Given the current release schedule, the deadline for this fix (P4) is > coming up in 10 days and I will be on vacation next week. > > If you agree with the value of addressing this with the proposed > changes for JDK 9, then we can proceed. > Otherwise, I will defer this bug to the update release and we can > spend more time to polish this. I think you might as well go ahead with this change. The fix you've got should work as long as someone who generates a RSA Key pair on a PKCS11 which is both sensitive and unextractable doesn't try to cast the keys to RSAPublic or RSAPrivate. Mike > Valerie > > On 8/18/2016 8:40 AM, Michael StJohns wrote: >> On 8/17/2016 11:36 PM, Valerie Peng wrote: >>> Regression tests are still running, but thought that I will send the >>> updated webrev out and see if there are more comments. >>> >>> Webrev is updated at: >>> http://cr.openjdk.java.net/~valeriep/8078661/webrev.01/ >>> >>> Thanks, >>> Valerie >> Hi Valerie - >> >> You know - re-reading this code I'm reminding of why PKCS11 annoys me >> so much. >> >> At line 333 (of the "new" P11Key) you grab the Token, Sensitive and >> Extractable values and if the private data is sensitive or not >> extractable you create a generic P11PrivateKey and return that. >> However the contract for RSAKey requires that the public modulus be >> returned if available, and, since its not a sensitive attribute it >> probably should be available. Also, even if the key is sensitive - >> if its a sensitive CRT key, then CKA_PUBLIC_EXPONENT should be >> available. >> >> That's going to be a surprise if someone tries to cast this return to >> an (RSAKey) or (RSAPrivateKey). _This should be changed so a key of >> the appropriate type is always created._ >> >> Also, checking for CKA_EXTRACTABLE being true, doesn't actually get >> you access to the clear text information. If a key is extractable, >> then it can be wrapped out under another key. The components >> themselves aren't available. It's possible to have a non-sensitive, >> non-extractable key where the components are retrievable, but the key >> can't be wrapped out. >> >> >> (Hmm... the public exponent is in RSAPublicKey and RSAPrivateCRTKey, >> but should probably be in RSAKey instead). >> >> So: >> >> All RSA keys - even the sensitive private ones - should return >> CKA_MODULUS. >> All RSA Private CRT Keys - even the sensitive ones - should also >> return CKA_PUBLIC_EXPONENT. >> All non-sensitive RSA Private keys - should also return >> CKA_PRIVATE_EXPONENT >> All non-sensitive RSA Private CRT Keys - should also return >> CKA_PRIME_1, CKA_PRIME_2, CKA_EXPONENT_1, CKA_EXPONENT_2 and >> CKA_COEFFICIENT. >> >> This is harder to do than it needs to be due to how >> p11_objmgt.c::Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetAttributeValue >> is built. At lines 248 and 270, it does a check for an error return >> and throws an exception if any error occurs. However, for >> C_GetAttributeValue, there are a number of "non-fatal" errors that >> indicate either buffer size errors or sensitivity of one or more >> components or unavailability of one or more components. >>> Note that the error codes CKR_ATTRIBUTE_SENSITIVE, >>> CKR_ATTRIBUTE_TYPE_INVALID, and CKR_BUFFER_TOO_SMALL do not denote >>> true errors for *C_GetAttributeValue*. If a call to >>> *C_GetAttributeValue* returns any of these three values, then the >>> call must nonetheless have processed /every/ attribute in the >>> template supplied to *C_GetAttributeValue*. Each attribute in the >>> template whose value /can be/ returned by the call to >>> *C_GetAttributeValue* /will be/ returned by the call to >>> *C_GetAttributeValue*. >> >> >> >> If you updated this slightly - maybe by adding a new method to >> wrapper.PKCS11 (say GetAttributeValuesNoError) - to return the >> attributes it was able to get in the call with nulls elsewhere, then >> you could do all of the above in one pass. >> >> Sorry to complicate this. Mike >> >> ps - I don't have a current build environment set up for the JDK, >> otherwise I'd code it and test it myself. I'm happy to take a swing >> at it and provide you unverified code you can integrate. >> >>> >>> On 8/17/2016 9:55 AM, Michael StJohns wrote: >>>> On 8/16/2016 9:24 PM, Valerie Peng wrote: >>>>> >>>>> Anyone has time to review a straightforward fix? The current >>>>> PKCS11 code assume that if public exponent is available for RSA >>>>> Private Key, then it's a RSA CRT key. However, not all vendor >>>>> implementation works this way. Changing to a tighter check and did >>>>> minor code-refactoring to avoid re-retrieving the attribute values. >>>>> >>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8078661 >>>>> Webrev: http://cr.openjdk.java.net/~valeriep/8078661/webrev.00/ >>>>> >>>>> Thanks, >>>>> Valerie >>>> >>>> Given that there's a change to PKCS11 for 2.40 that says that all >>>> RSA private key objects MUST also store CKA_PUBLIC_EXPONENT, some >>>> change needed to be made. >>>> >>>> Sorry - I don't think this fix will work. Or if its working on >>>> your version of PKCS11, your version of PKCS11 is doing it wrong. >>>> The problem is that if you specify attributes that don't exist on >>>> the object, the underlying PKCS11 library is supposed to return >>>> CKR_ATTRIBUTE_TYPE_INVALID. And that should trigger a thrown >>>> exception before you ever get anything copied to your attributes. >>>> >>>> 1) Get modulus and private exponent first. That gives you the >>>> stuff for a generic RSA private key - and if it fails, there's no >>>> reason to continue. >>>> >>>> 2) Then get the rest of the stuff. If that fails, then you already >>>> have the stuff you need for a normal private key. >>>> >>>> >>>>> boolean crtKey; >>>>> try { >>>>> session.token.p11.C_GetAttributeValue >>>>> (session.id(), keyID, attrs2); >>>>> - crtKey = (attrs2[0].pValue instanceof byte[]); >>>>> + crtKey = ((attrs2[1].pValue instanceof byte[]) && >>>>> + (attrs2[3].pValue instanceof byte[]) && >>>>> + (attrs2[4].pValue instanceof byte[]) && >>>>> + (attrs2[5].pValue instanceof byte[]) && >>>>> + (attrs2[6].pValue instanceof byte[]) && >>>>> + (attrs2[7].pValue instanceof byte[])) ; >>>>> } catch (PKCS11Exception e) { >>>>> // ignore, assume not available >>>>> crtKey = false; >>>>> } >>>> >>>> // Change attrs2 so it only has the additional CRT attributes (e.g. >>>> delete CKA_MODULUS, CKA_PRIVATE_EXPONENT from the list >>>> >>>> Replace the above with >>>> >>>> CK_ATTRIBUTE[] attrs3 = new CK_ATTRIBUTE[] { >>>> new CK_ATTRIBUTE(CKA_MODULUS), >>>> new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT) >>>> }; >>>> // no try block needed here - we want to throw the error if it occurs >>>> session.token.p11.C_GetAttributeValue (session.id(), keyID, attrs3); >>>> >>>> // So far so good - we have the base attributes, let's see if we >>>> can get the additional attributes; >>>> >>>> try { >>>> session.token.p11.C_GetAttributeValue(session.id(),keyID, attrs2); >>>> } catch (PKCS11Exception e) { >>>> // we really should check the return value for one of the >>>> non-fatal values, but let's just assume its not a CRT key >>>> return new P11RSAPrivateNonCRTKey (session, keyID, algorithm, >>>> keyLength, attrs2, attrs3); >>>> } >>>> >>>> // if we fall through then its a CRT key >>>> // -- we should check for byte[] ness of each of the components, >>>> and throw an error if they arent - but which error? >>>> >>>> return new P11RSAPrivateKey (session, keyID, algorithm, keyLength, >>>> attrs2, attrs3); >>>> >>>> // there are cleanups necessary in other places. I'd suggest >>>> rather than depending on the ordering of attributes, you do >>>> assignment by CKA_ values just so someone coming later doesn't mess >>>> things up by mistake. Also, a hell of a lot more readable. >>>> >>>> static CK_ATTRIBUTE getAttribute (CK_ATTRIBUTE[] attrs, long >>>> attrType) { >>>> for (CK_ATTRIBUTE a : attrs) { >>>> if (a.type == attrType) >>>> return a; >>>> } >>>> return null; // or throw something? >>>> } >>>> >>>> >>>> coeff = getAtttribute(attrs,CKA_COEFFICIENT).getBigInteger(); >>>> >>>> >>>> The other possibility is to change the C code for >>>> C_GetAttributeValues so it doesn't error out for the non-fatal >>>> error codes and instead returns a null value attribute when the >>>> attribute is missing. >>>> >>>> Mike >>>> >>> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From valerie.peng at oracle.com Thu Aug 18 23:55:29 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Thu, 18 Aug 2016 16:55:29 -0700 Subject: [9] RFR: 8164100: com/sun/crypto/provider/KeyFactory/TestProviderLeak.java fails with java.util.concurrent.TimeoutException In-Reply-To: <177be901-0377-a912-6ee4-2684e31e710a@oracle.com> References: <177be901-0377-a912-6ee4-2684e31e710a@oracle.com> Message-ID: <6ca0ae71-0fc1-df50-1e59-a2c7806300d4@oracle.com> Changes look fine. Valerie On 8/17/2016 11:29 AM, Artem Smotrakov wrote: > Hello, > > Please review the following patch for > com/sun/crypto/provider/KeyFactory/TestProviderLeak.java test. > > This is a request to make the test take into account a test timeout > factor. Timeout factor can be specified with "-timeout" jtreg's > command line option. This option is used in some test runs to make > test runs more stable (for example, VM SQE uses it while running > regression tests with different JVM options). > > Bug: https://bugs.openjdk.java.net/browse/JDK-8164100 > Webrev: http://cr.openjdk.java.net/~asmotrak/8164100/webrev.00/ > > Artem From valerie.peng at oracle.com Fri Aug 19 00:48:06 2016 From: valerie.peng at oracle.com (Valerie Peng) Date: Thu, 18 Aug 2016 17:48:06 -0700 Subject: [9] RFR 8078661: [SunPKCS11] Fails to cast into RSAPrivateCrtKey after RSA KeyPair Generation In-Reply-To: <3419f99e-d4d4-0802-8baa-b1fe89ddf545@comcast.net> References:

<89d1e859-a988-627d-6b7c-c5ad6f062f18@oracle.com> <851c0000-8341-294c-e62b-f15334d417a1@comcast.net> <4a33b5ec-816e-5ee5-ae77-f865c6b42fb3@oracle.com> <3419f99e-d4d4-0802-8baa-b1fe89ddf545@comcast.net> Message-ID: I share your view on most things. It's just that the APIs are there before the PKCS11 provider is added. So, there are some history reason as to why things are as they are today. Re-structuring the public classes are almost impossible considering the compatibility impact. However, we can explore other functional fixes if necessary. Thanks for the review and feedback, it's very helpful, Valerie On 8/18/2016 2:25 PM, Michael StJohns wrote: > On 8/18/2016 4:49 PM, Valerie Peng wrote: >> Hi Mike, >> >> Thanks for the feedback and the detailed write up. >> >> The scenario here is complicated by the sensitive/non-extractable >> keys of PKCS#11 and the fact that java key and key specification >> classes assume all relevant values being available. > Um... I think that's true for any PublicKey, but not for Secret or > Private keys. At worst, the Key object is a handle for the real key > that contains all those items, but they might not be available. At > best, most of those components will be available. I say at best, > because of the language in RSAMultiPrimePrivateCRTKey for > getOtherPrimeInfo() which says it can return null. > >> Only when all relevant values are available, then we will construct >> the corresponding key objects. This is necessary as there are other >> providers which may receive such keys and they can't handle keys like >> this. > > Keys can't generally move across providers AIRC? You can try and use > a key factory to convert them, but that's not guaranteed. A PKCS11 > derived key isn't going to be portable to another provider without > extraction to a keyspec in any case. > > Hmm.. I went back and read the JDK8 p11 guide > (https://docs.oracle.com/javase/8/docs/technotes/guides/security/p11guide.html) > and section 3.2 gives the guidance that you only use the generic > interfaces for unextractable keys. I actually think that's wrong, > given the general guidance in the JCA documentation with respect to > Opaque Keys vs transparent KeySpecs. (Hmm... I wonder if this > guidance was in the originally submitted code package documentation). > > Then there's the point that even a generic Public or Private key has a > "getEncoded()" method. *bleah* > > >> >> I am sure that the current PKCS11 provider code needs many >> improvement/finer handlings. But I don't see a straightforward way of >> "making CKA_PUBLIC_EXPONENT available" across various RSA Key >> classes. This should be tracked in a different issue. > > That's just one of the items. As I mentioned in another email, I > think the RSA key classes and interfaces need a bit more work and > tweaking. I wouldn't try and accomplish that quite yet. > >> >> Given the current release schedule, the deadline for this fix (P4) is >> coming up in 10 days and I will be on vacation next week. >> >> If you agree with the value of addressing this with the proposed >> changes for JDK 9, then we can proceed. >> Otherwise, I will defer this bug to the update release and we can >> spend more time to polish this. > > I think you might as well go ahead with this change. The fix you've > got should work as long as someone who generates a RSA Key pair on a > PKCS11 which is both sensitive and unextractable doesn't try to cast > the keys to RSAPublic or RSAPrivate. > > Mike > > >> Valerie >> >> On 8/18/2016 8:40 AM, Michael StJohns wrote: >>> On 8/17/2016 11:36 PM, Valerie Peng wrote: >>>> Regression tests are still running, but thought that I will send >>>> the updated webrev out and see if there are more comments. >>>> >>>> Webrev is updated at: >>>> http://cr.openjdk.java.net/~valeriep/8078661/webrev.01/ >>>> >>>> Thanks, >>>> Valerie >>> Hi Valerie - >>> >>> You know - re-reading this code I'm reminding of why PKCS11 annoys >>> me so much. >>> >>> At line 333 (of the "new" P11Key) you grab the Token, Sensitive and >>> Extractable values and if the private data is sensitive or not >>> extractable you create a generic P11PrivateKey and return that. >>> However the contract for RSAKey requires that the public modulus be >>> returned if available, and, since its not a sensitive attribute it >>> probably should be available. Also, even if the key is sensitive - >>> if its a sensitive CRT key, then CKA_PUBLIC_EXPONENT should be >>> available. >>> >>> That's going to be a surprise if someone tries to cast this return >>> to an (RSAKey) or (RSAPrivateKey). _This should be changed so a key >>> of the appropriate type is always created._ >>> >>> Also, checking for CKA_EXTRACTABLE being true, doesn't actually get >>> you access to the clear text information. If a key is extractable, >>> then it can be wrapped out under another key. The components >>> themselves aren't available. It's possible to have a non-sensitive, >>> non-extractable key where the components are retrievable, but the >>> key can't be wrapped out. >>> >>> >>> (Hmm... the public exponent is in RSAPublicKey and RSAPrivateCRTKey, >>> but should probably be in RSAKey instead). >>> >>> So: >>> >>> All RSA keys - even the sensitive private ones - should return >>> CKA_MODULUS. >>> All RSA Private CRT Keys - even the sensitive ones - should also >>> return CKA_PUBLIC_EXPONENT. >>> All non-sensitive RSA Private keys - should also return >>> CKA_PRIVATE_EXPONENT >>> All non-sensitive RSA Private CRT Keys - should also return >>> CKA_PRIME_1, CKA_PRIME_2, CKA_EXPONENT_1, CKA_EXPONENT_2 and >>> CKA_COEFFICIENT. >>> >>> This is harder to do than it needs to be due to how >>> p11_objmgt.c::Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetAttributeValue >>> is built. At lines 248 and 270, it does a check for an error return >>> and throws an exception if any error occurs. However, for >>> C_GetAttributeValue, there are a number of "non-fatal" errors that >>> indicate either buffer size errors or sensitivity of one or more >>> components or unavailability of one or more components. >>>> Note that the error codes CKR_ATTRIBUTE_SENSITIVE, >>>> CKR_ATTRIBUTE_TYPE_INVALID, and CKR_BUFFER_TOO_SMALL do not denote >>>> true errors for *C_GetAttributeValue*. If a call to >>>> *C_GetAttributeValue* returns any of these three values, then the >>>> call must nonetheless have processed /every/ attribute in the >>>> template supplied to *C_GetAttributeValue*. Each attribute in the >>>> template whose value /can be/ returned by the call to >>>> *C_GetAttributeValue* /will be/ returned by the call to >>>> *C_GetAttributeValue*. >>> >>> >>> >>> If you updated this slightly - maybe by adding a new method to >>> wrapper.PKCS11 (say GetAttributeValuesNoError) - to return the >>> attributes it was able to get in the call with nulls elsewhere, then >>> you could do all of the above in one pass. >>> >>> Sorry to complicate this. Mike >>> >>> ps - I don't have a current build environment set up for the JDK, >>> otherwise I'd code it and test it myself. I'm happy to take a swing >>> at it and provide you unverified code you can integrate. >>> >>>> >>>> On 8/17/2016 9:55 AM, Michael StJohns wrote: >>>>> On 8/16/2016 9:24 PM, Valerie Peng wrote: >>>>>> >>>>>> Anyone has time to review a straightforward fix? The current >>>>>> PKCS11 code assume that if public exponent is available for RSA >>>>>> Private Key, then it's a RSA CRT key. However, not all vendor >>>>>> implementation works this way. Changing to a tighter check and >>>>>> did minor code-refactoring to avoid re-retrieving the attribute >>>>>> values. >>>>>> >>>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-8078661 >>>>>> Webrev: http://cr.openjdk.java.net/~valeriep/8078661/webrev.00/ >>>>>> >>>>>> Thanks, >>>>>> Valerie >>>>> >>>>> Given that there's a change to PKCS11 for 2.40 that says that all >>>>> RSA private key objects MUST also store CKA_PUBLIC_EXPONENT, some >>>>> change needed to be made. >>>>> >>>>> Sorry - I don't think this fix will work. Or if its working on >>>>> your version of PKCS11, your version of PKCS11 is doing it wrong. >>>>> The problem is that if you specify attributes that don't exist on >>>>> the object, the underlying PKCS11 library is supposed to return >>>>> CKR_ATTRIBUTE_TYPE_INVALID. And that should trigger a thrown >>>>> exception before you ever get anything copied to your attributes. >>>>> >>>>> 1) Get modulus and private exponent first. That gives you the >>>>> stuff for a generic RSA private key - and if it fails, there's no >>>>> reason to continue. >>>>> >>>>> 2) Then get the rest of the stuff. If that fails, then you >>>>> already have the stuff you need for a normal private key. >>>>> >>>>> >>>>>> boolean crtKey; >>>>>> try { >>>>>> session.token.p11.C_GetAttributeValue >>>>>> (session.id(), keyID, attrs2); >>>>>> - crtKey = (attrs2[0].pValue instanceof byte[]); >>>>>> + crtKey = ((attrs2[1].pValue instanceof byte[]) && >>>>>> + (attrs2[3].pValue instanceof byte[]) && >>>>>> + (attrs2[4].pValue instanceof byte[]) && >>>>>> + (attrs2[5].pValue instanceof byte[]) && >>>>>> + (attrs2[6].pValue instanceof byte[]) && >>>>>> + (attrs2[7].pValue instanceof byte[])) ; >>>>>> } catch (PKCS11Exception e) { >>>>>> // ignore, assume not available >>>>>> crtKey = false; >>>>>> } >>>>> >>>>> // Change attrs2 so it only has the additional CRT attributes >>>>> (e.g. delete CKA_MODULUS, CKA_PRIVATE_EXPONENT from the list >>>>> >>>>> Replace the above with >>>>> >>>>> CK_ATTRIBUTE[] attrs3 = new CK_ATTRIBUTE[] { >>>>> new CK_ATTRIBUTE(CKA_MODULUS), >>>>> new CK_ATTRIBUTE(CKA_PRIVATE_EXPONENT) >>>>> }; >>>>> // no try block needed here - we want to throw the error if it occurs >>>>> session.token.p11.C_GetAttributeValue (session.id(), keyID, attrs3); >>>>> >>>>> // So far so good - we have the base attributes, let's see if we >>>>> can get the additional attributes; >>>>> >>>>> try { >>>>> session.token.p11.C_GetAttributeValue(session.id(),keyID, attrs2); >>>>> } catch (PKCS11Exception e) { >>>>> // we really should check the return value for one of the >>>>> non-fatal values, but let's just assume its not a CRT key >>>>> return new P11RSAPrivateNonCRTKey (session, keyID, algorithm, >>>>> keyLength, attrs2, attrs3); >>>>> } >>>>> >>>>> // if we fall through then its a CRT key >>>>> // -- we should check for byte[] ness of each of the components, >>>>> and throw an error if they arent - but which error? >>>>> >>>>> return new P11RSAPrivateKey (session, keyID, algorithm, keyLength, >>>>> attrs2, attrs3); >>>>> >>>>> // there are cleanups necessary in other places. I'd suggest >>>>> rather than depending on the ordering of attributes, you do >>>>> assignment by CKA_ values just so someone coming later doesn't >>>>> mess things up by mistake. Also, a hell of a lot more readable. >>>>> >>>>> static CK_ATTRIBUTE getAttribute (CK_ATTRIBUTE[] attrs, long >>>>> attrType) { >>>>> for (CK_ATTRIBUTE a : attrs) { >>>>> if (a.type == attrType) >>>>> return a; >>>>> } >>>>> return null; // or throw something? >>>>> } >>>>> >>>>> >>>>> coeff = getAtttribute(attrs,CKA_COEFFICIENT).getBigInteger(); >>>>> >>>>> >>>>> The other possibility is to change the C code for >>>>> C_GetAttributeValues so it doesn't error out for the non-fatal >>>>> error codes and instead returns a null value attribute when the >>>>> attribute is missing. >>>>> >>>>> Mike >>>>> >>>> >>> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From xuelei.fan at oracle.com Fri Aug 19 00:48:10 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Fri, 19 Aug 2016 08:48:10 +0800 Subject: [9] RFR 8164398: Add test sun/security/krb5/auto/EmptyPassword.java to ProblemList In-Reply-To: <2D473677-B0D3-464C-B854-846EB5412C6A@oracle.com> References: <2D473677-B0D3-464C-B854-846EB5412C6A@oracle.com> Message-ID: Looks fine to me. Xuelei On 8/19/2016 5:17 AM, Vincent Ryan wrote: > Please approve this change to add a failing test to > jdk/test/ProblemList.txt so we can investigate further. > Thanks. > > > diff --git a/test/ProblemList.txt b/test/ProblemList.txt > --- a/test/ProblemList.txt > +++ b/test/ProblemList.txt > @@ -289,6 +289,8 @@ > > sun/security/ssl/SSLSocketImpl/AsyncSSLSocketClose.java 8161232 > macosx-all > > +sun/security/krb5/auto/EmptyPassword.java 8164307 > solaris-all > + > ############################################################################ > > # jdk_sound From weijun.wang at oracle.com Fri Aug 19 02:17:27 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Fri, 19 Aug 2016 10:17:27 +0800 Subject: RFR: (XS) 8162916:Test sun/security/krb5/auto/UnboundSSL.java fails In-Reply-To: References: <57B4969B.4030904@oracle.com> <0ee91f5b-bcd5-7c93-d99d-13c00797d8f3@oracle.com> <57B49B18.3030505@oracle.com> <27699872-c744-7ae6-249b-c3562c5a882e@oracle.com>

Message-ID: <692b286f-3f1d-b7d2-3828-14b645faf89f@oracle.com> This is great. Change looks fine to me. Thanks Max On 8/18/2016 23:28, Se?n Coffey wrote: > Thanks for the tip Artem, Max. No need to modify the policy file then. > Below is the new suggested patch for jdk8u-dev. JPRT results are good. > > diff --git a/test/sun/security/krb5/auto/UnboundSSL.java > b/test/sun/security/krb5/auto/UnboundSSL.java > --- a/test/sun/security/krb5/auto/UnboundSSL.java > +++ b/test/sun/security/krb5/auto/UnboundSSL.java > @@ -34,9 +34,9 @@ > * @bug 8025123 > * @summary Checks if an unbound server can handle connections > * only for allowed service principals > - * @run main/othervm/policy=unbound.ssl.policy UnboundSSL > + * @run main/othervm/java.security.policy=unbound.ssl.policy UnboundSSL > * unbound.ssl.jaas.conf server_star > - * @run main/othervm/policy=unbound.ssl.policy UnboundSSL > + * @run main/othervm/java.security.policy=unbound.ssl.policy UnboundSSL > * unbound.ssl.jaas.conf > server_multiple_principals > */ > public class UnboundSSL { > > Regards, > Sean. > > On 18/08/2016 04:11, Weijun Wang wrote: >>>>> If I recall correctly, there should be a way to specify a policy file >>>>> in @run without overriding the default one. May be it is "@run >>>>> main/othervm/java.security.policy=unbound.ssl.policy_new" >> >> Yes, I think this should work. I've also just learned about it and >> don't know from which jtreg it is supported. Hopefully the >> minimized-required version of jtreg for jdk8u already has it. >> >> --Max >> > From weijun.wang at oracle.com Fri Aug 19 06:34:46 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Fri, 19 Aug 2016 14:34:46 +0800 Subject: RFR 8164437: Test for JDK-8042900 Message-ID: <4d0f4f0e-605a-5c6e-99a3-c3e190e9711d@oracle.com> Please review the code change at http://cr.openjdk.java.net/~weijun/8164437/webrev.00 The updated test shows that with the jdk.security.jgss package, the result of GSSManager::createContext is of an enhanced type. Thanks Max From xuelei.fan at oracle.com Fri Aug 19 08:48:39 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Fri, 19 Aug 2016 16:48:39 +0800 Subject: RFR 8164437: Test for JDK-8042900 In-Reply-To: <4d0f4f0e-605a-5c6e-99a3-c3e190e9711d@oracle.com> References: <4d0f4f0e-605a-5c6e-99a3-c3e190e9711d@oracle.com> Message-ID: Looks fine to me. BTW, why not check the class name right after the object is created? Xuelei On 8/19/2016 2:34 PM, Weijun Wang wrote: > Please review the code change at > > http://cr.openjdk.java.net/~weijun/8164437/webrev.00 > > The updated test shows that with the jdk.security.jgss package, the > result of GSSManager::createContext is of an enhanced type. > > Thanks > Max From weijun.wang at oracle.com Fri Aug 19 11:47:04 2016 From: weijun.wang at oracle.com (Weijun Wang) Date: Fri, 19 Aug 2016 19:47:04 +0800 Subject: RFR 8164437: Test for JDK-8042900 In-Reply-To: References: <4d0f4f0e-605a-5c6e-99a3-c3e190e9711d@oracle.com> Message-ID: <9d7df04c-64b8-c338-33d2-d074e05e1803@oracle.com> On 8/19/2016 16:48, Xuelei Fan wrote: > Looks fine to me. > > BTW, why not check the class name right after the object is created? This is just a small enhancement to an existing test, and I don't want to break the existing block. I added a comment there. And I've enhanced the test a little to compare with module names, this looks more natural. http://cr.openjdk.java.net/~weijun/8164437/webrev.01 Thanks Max > > Xuelei > > On 8/19/2016 2:34 PM, Weijun Wang wrote: >> Please review the code change at >> >> http://cr.openjdk.java.net/~weijun/8164437/webrev.00 >> >> The updated test shows that with the jdk.security.jgss package, the >> result of GSSManager::createContext is of an enhanced type. >> >> Thanks >> Max From xuelei.fan at oracle.com Fri Aug 19 13:11:56 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Fri, 19 Aug 2016 21:11:56 +0800 Subject: RFR 8164437: Test for JDK-8042900 In-Reply-To: <9d7df04c-64b8-c338-33d2-d074e05e1803@oracle.com> References: <4d0f4f0e-605a-5c6e-99a3-c3e190e9711d@oracle.com> <9d7df04c-64b8-c338-33d2-d074e05e1803@oracle.com> Message-ID: <1da01c0e-0b01-35c8-12cc-56ca7f80c4bc@oracle.com> OK. Xuelei On 8/19/2016 7:47 PM, Weijun Wang wrote: > > On 8/19/2016 16:48, Xuelei Fan wrote: >> Looks fine to me. >> >> BTW, why not check the class name right after the object is created? > > This is just a small enhancement to an existing test, and I don't want > to break the existing block. I added a comment there. > > And I've enhanced the test a little to compare with module names, this > looks more natural. > > http://cr.openjdk.java.net/~weijun/8164437/webrev.01 > > Thanks > Max > > >> >> Xuelei >> >> On 8/19/2016 2:34 PM, Weijun Wang wrote: >>> Please review the code change at >>> >>> http://cr.openjdk.java.net/~weijun/8164437/webrev.00 >>> >>> The updated test shows that with the jdk.security.jgss package, the >>> result of GSSManager::createContext is of an enhanced type. >>> >>> Thanks >>> Max From sean.mullan at oracle.com Fri Aug 19 14:25:48 2016 From: sean.mullan at oracle.com (Sean Mullan) Date: Fri, 19 Aug 2016 10:25:48 -0400 Subject: RFR: 8164397: Provide javadoc descriptions for jdk.security.auth, jdk.security.jgss modules Message-ID: Please review this docs-only fix to provide descriptions for the jdk.security.auth and jdk.security.jgss modules: diff -r 657a5b92e26e src/jdk.security.auth/share/classes/module-info.java --- a/src/jdk.security.auth/share/classes/module-info.java Fri Aug 19 13:50:03 2016 +0200 +++ b/src/jdk.security.auth/share/classes/module-info.java Fri Aug 19 10:24:47 2016 -0400 @@ -1,3 +1,3 @@ /* - * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. @@ -25,2 +25,6 @@ +/** + * Contains the implementation of the javax.security.auth.* interfaces and + * authentication modules. + */ module jdk.security.auth { diff -r 657a5b92e26e src/jdk.security.jgss/share/classes/module-info.java --- a/src/jdk.security.jgss/share/classes/module-info.java Fri Aug 19 13:50:03 2016 +0200 +++ b/src/jdk.security.jgss/share/classes/module-info.java Fri Aug 19 10:24:47 2016 -0400 @@ -1,3 +1,3 @@ /* - * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. @@ -25,2 +25,6 @@ +/** + * Defines Java extensions to the GSS-API and an implementation of the SASL + * GSSAPI mechanism. + */ module jdk.security.jgss { --Sean From xuelei.fan at oracle.com Fri Aug 19 15:11:59 2016 From: xuelei.fan at oracle.com (Xuelei Fan) Date: Fri, 19 Aug 2016 23:11:59 +0800 Subject: RFR: 8164397: Provide javadoc descriptions for jdk.security.auth, jdk.security.jgss modules In-Reply-To: