RFR: 8327461: KeyStore getEntry is not thread-safe [v6]
Hai-May Chao
hchao at openjdk.org
Fri Mar 8 21:15:45 UTC 2024
> Change was made to engineGetEntry() in PKCS12KeyStore to extract the key and certificate chain from Entry only once. This is because the entry may get updated between engineGetKey() and engineGetCertificateChain() which causes inconsistent result. A new test was added to assess and manipulate PKCS12KeyStore with read and write operations concurrently from multiple threads. Thanks!
Hai-May Chao has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains six additional commits since the last revision:
- Merge
- remove unneeded checks in engineGetEntry
- Update engineDeleteEntry
- Update engineIsKeyEntry and engineIsCertificateEntry
- Update bug number in the test
- 8327461: KeyStore getEntry is not thread-safe
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/18156/files
- new: https://git.openjdk.org/jdk/pull/18156/files/15220c6b..cbea5228
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=18156&range=05
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=18156&range=04-05
Stats: 7994 lines in 136 files changed: 3931 ins; 3807 del; 256 mod
Patch: https://git.openjdk.org/jdk/pull/18156.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/18156/head:pull/18156
PR: https://git.openjdk.org/jdk/pull/18156
More information about the security-dev
mailing list