RFR: 8267485: Remove the dependency on SecurityManager in JceSecurityManager.java [v4]

Mandy Chung mchung at openjdk.java.net
Thu Jun 3 22:52:00 UTC 2021 

On Thu, 3 Jun 2021 22:27:16 GMT, Bradford Wetmore <wetmore at openjdk.org> wrote:

>> The JceSecurityManager is currently a subclass of java.security.SecurityManager.  Now that JEP 411 has been integrated, this class should be updated to no longer subclass SecurityManager.
>> 
>> The only reason for using SecurityManager to easily get the Class Context (call stack), but we can achieve the same effect by using the JDK 9 API java.lang.StackWalkeer.  None of the other SecurityManager API are used.
>> 
>> I have run mach5 tier1/tier2 plus --test jck:api/java_security,jck:api/javax_crypto,jck:api/javax_net,jck:api/javax_security,jck:api/org_ietf,jck:api/javax_xml/crypto with all green.
>
> Bradford Wetmore has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 14 commits:
> 
>  - More Codereview Comments
>  - Merge branch 'master' into JDK-8267485
>  - Minor typo
>  - Reduced SuppressWarnings scope
>  - Codereview Comments #2
>  - Merge branch 'master' into JDK-8267485
>  - Address codereview comments
>  - Merge branch 'master' into JDK-8267485
>  - Merge branch 'master' into JDK-8267485
>  - Merge branch 'master' into JDK-8267485
>  - ... and 4 more: https://git.openjdk.java.net/jdk/compare/9f05c411...a441778b

src/java.base/share/classes/javax/crypto/JceSecurityManager.java line 109:

> 107:         @SuppressWarnings("removal")
> 108:         List<StackFrame> stack =
> 109:                 AccessController.doPrivileged(pa).walk(Stream::toList);

You can replace line 108-125 with something like this: 

StackWalker walker = AccessController.doPrivileged(pa);
Optional<URL> callerCodeBase = walker.walk(s -> {
    s.map(f -> JceSecurity.getCodeBase(f.getDeclaringClass()))
      .findFirst();
});

src/java.base/share/classes/javax/crypto/JceSecurityManager.java line 245:

> 243:         @SuppressWarnings("removal")
> 244:         Optional<StackFrame> stackFrame = AccessController.doPrivileged(pa)
> 245:                 .walk((s) -> s.skip(2).findFirst());

You can use the same `StackWalker` instance in multiple places. 

`StackWalker::getCallerClass` is the API to get the caller class.   You want to get the caller of the subclass of `Cipher` in this case.    So `Cipher` constructor will call `walker.getCallerClass()` and then pass it to `isCallerTrusted` which will take an additional caller class parameter for validation.

-------------

PR: https://git.openjdk.java.net/jdk/pull/4150

More information about the security-dev mailing list