From 804c95e758b7081ca6ea509e74dd1cb783bb15a1 Mon Sep 17 00:00:00 2001 From: kuenking111 Date: Thu, 15 Sep 2022 11:12:43 +0800 Subject: [PATCH] I5R4XM: KAE usability enhancement --- 1 | 2715 ----------------------- kae-usability-enhancement.patch | 3640 +++++++++++++++++++++++++++++++ openjdk-1.8.0.spec | 8 +- 3 files changed, 3646 insertions(+), 2717 deletions(-) delete mode 100644 1 create mode 100644 kae-usability-enhancement.patch diff --git a/1 b/1 deleted file mode 100644 index 1d7ca26..0000000 --- a/1 +++ /dev/null @@ -1,2715 +0,0 @@ -# RPM conditionals so as to be able to dynamically produce -# slowdebug/release builds. See: -# http://rpm.org/user_doc/conditional_builds.html -# -# Examples: -# -# Produce release *and* slowdebug builds on x86_64 (default): -# $ rpmbuild -ba java-1.8.0-openjdk.spec -# -# Produce only release builds (no slowdebug builds) on x86_64: -# $ rpmbuild -ba java-1.8.0-openjdk.spec --without slowdebug -# -# Only produce a release build on x86_64: -# $ fedpkg mockbuild --without slowdebug -# -# Only produce a debug build on x86_64: -# $ fedpkg local --without release -# -# Enable slowdebug builds by default on relevant arches. -%bcond_without slowdebug -# Enable release builds by default on relevant arches. -%bcond_without release - -# The -g flag says to use strip -g instead of full strip on DSOs or EXEs. -# This fixes detailed NMT and other tools which need minimal debug info. -%global _find_debuginfo_opts -g - -# note: parametrized macros are order-sensitive (unlike not-parametrized) even with normal macros -# also necessary when passing it as parameter to other macros. If not macro, then it is considered a switch -# see the difference between global and define: -# See https://github.com/rpm-software-management/rpm/issues/127 to comments at "pmatilai commented on Aug 18, 2017" -%global debug_suffix_unquoted -slowdebug -# quoted one for shell operations -%global debug_suffix "%{debug_suffix_unquoted}" -%global normal_suffix "" - -# if you want only debug build but providing java build only normal build but set normalbuild_parameter -%global debug_warning This package has full debug on. Install only in need and remove asap. -%global debug_on with full debug on -%global for_debug for packages with debug on - -%if %{with release} -%global include_normal_build 1 -%else -%global include_normal_build 0 -%endif - -%if %{include_normal_build} -%global build_loop1 %{normal_suffix} -%else -%global build_loop1 %{nil} -%endif - -%global aarch64 aarch64 -%global jit_arches x86_64 %{aarch64} -%global sa_arches x86_64 %{aarch64} -%global jfr_arches x86_64 %{aarch64} - -# By default, we build a debug build during main build on JIT architectures -%global include_debug_build 1 - -%if %{include_debug_build} -%global build_loop2 %{debug_suffix} -%else -%global build_loop2 %{nil} -%endif - -# if you disable both builds, then the build fails -%global build_loop %{build_loop1} %{build_loop2} -# note: that order: normal_suffix debug_suffix, in case of both enabled -# is expected in one single case at the end of the build -%global rev_build_loop %{build_loop2} %{build_loop1} - -%ifarch %{jit_arches} -%global bootstrap_build 1 -%else -%global bootstrap_build 0 -%endif - -%global release_targets images docs-zip -# No docs nor bootcycle for debug builds -%global debug_targets images - -# Filter out flags from the optflags macro that cause problems with the OpenJDK build -# We filter out -Wall which will otherwise cause HotSpot to produce hundreds of thousands of warnings (100+mb logs) -# We filter out -O flags so that the optimization of HotSpot is not lowered from O3 to O2 -# We replace it with -Wformat (required by -Werror=format-security) and -Wno-cpp to avoid FORTIFY_SOURCE warnings -# We filter out -fexceptions as the HotSpot build explicitly does -fno-exceptions and it's otherwise the default for C++ -%global ourflags %(echo %optflags | sed -e 's|-Wall|-Wformat -Wno-cpp|' | sed -r -e 's|-O[0-9]*||') -%global ourcppflags %(echo %ourflags | sed -e 's|-fexceptions||' | sed -e 's|-Werror=format-security||') -%global ourldflags %{__global_ldflags} - -# With disabled nss is NSS deactivated, so NSS_LIBDIR can contain the wrong path -# the initialization must be here. Later the pkg-config have buggy behavior -# looks like openjdk RPM specific bug -# Always set this so the nss.cfg file is not broken -%global NSS_LIBDIR %(pkg-config --variable=libdir nss) -%global NSS_LIBS %(pkg-config --libs nss) -%global NSS_CFLAGS %(pkg-config --cflags nss-softokn) -%global NSSSOFTOKN_BUILDTIME_NUMBER %(pkg-config --modversion nss-softokn || : ) -%global NSS_BUILDTIME_NUMBER %(pkg-config --modversion nss || : ) -# this is workaround for processing of requires during srpm creation -%global NSSSOFTOKN_BUILDTIME_VERSION %(if [ "x%{NSSSOFTOKN_BUILDTIME_NUMBER}" == "x" ] ; then echo "" ;else echo ">= %{NSSSOFTOKN_BUILDTIME_NUMBER}" ;fi) -%global NSS_BUILDTIME_VERSION %(if [ "x%{NSS_BUILDTIME_NUMBER}" == "x" ] ; then echo "" ;else echo ">= %{NSS_BUILDTIME_NUMBER}" ;fi) - -# In some cases, the arch used by the JDK does -# not match _arch. -# Also, in some cases, the machine name used by SystemTap -# does not match that given by _target_cpu -%ifarch x86_64 -%global archinstall amd64 -%global stapinstall x86_64 -%endif -%ifarch %{aarch64} -%global archinstall aarch64 -%global stapinstall arm64 -%endif - -%ifarch %{jit_arches} -%global with_systemtap 1 -%else -%global with_systemtap 0 -%endif - -# New Version-String scheme-style defines -%global majorver 8 - -%global with_openjfx_binding 1 -%global openjfx_path %{_jvmdir}/openjfx8 -# links src directories -%global jfx_jre_libs_dir %{openjfx_path}/rt/lib -%global jfx_jre_native_dir %{jfx_jre_libs_dir}/%{archinstall} -%global jfx_sdk_libs_dir %{openjfx_path}/lib -%global jfx_sdk_bins_dir %{openjfx_path}/bin -%global jfx_jre_exts_dir %{jfx_jre_libs_dir}/ext -# links src files -# maybe depend on jfx and generate the lists in build time? Yes, bad idea to inlcude cyclic depndenci, but this list is aweful -%global jfx_jre_libs jfxswt.jar javafx.properties -%global jfx_jre_native libprism_es2.so libprism_common.so libjavafx_font.so libdecora_sse.so libjavafx_font_freetype.so libprism_sw.so libjavafx_font_pango.so libglass.so libjavafx_iio.so libglassgtk2.so libglassgtk3.so -%global jfx_sdk_libs javafx-mx.jar packager.jar ant-javafx.jar -%global jfx_sdk_bins javafxpackager javapackager -%global jfx_jre_exts jfxrt.jar - -# Standard JPackage naming and versioning defines. -%global origin openjdk -%global origin_nice OpenJDK -%global top_level_dir_name %{origin} -%global repo jdk8u -%global revision jdk8u342-b07 -%global full_revision %{repo}-%{revision} -# Define IcedTea version used for SystemTap tapsets and desktop files -%global icedteaver 3.15.0 - -%global updatever 342 -%global buildver b07 -# priority must be 7 digits in total. The expression is workarounding tip -%global priority 1800%{updatever} - -%global javaver 1.%{majorver}.0 - -# parametrized macros are order-sensitive -%global compatiblename %{name} -%global fullversion %{compatiblename}-%{version}-%{release} -# images stub -%global jdkimage j2sdk-image -# output dir stub -%define buildoutputdir() %{expand:build/jdk8.build%{?1}} -# we can copy the javadoc to not arched dir, or make it not noarch -%define uniquejavadocdir() %{expand:%{fullversion}%{?1}} -# main id and dir of this jdk -%define uniquesuffix() %{expand:%{fullversion}.%{_arch}%{?1}} - -%global _privatelibs libatk-wrapper[.]so.*|libattach[.]so.*|libawt_headless[.]so.*|libawt[.]so.*|libawt_xawt[.]so.*|libdt_socket[.]so.*|libfontmanager[.]so.*|libhprof[.]so.*|libinstrument[.]so.*|libj2gss[.]so.*|libj2pcsc[.]so.*|libj2pkcs11[.]so.*|libjaas_unix[.]so.*|libjava_crw_demo[.]so.*|libjavajpeg[.]so.*|libjdwp[.]so.*|libjli[.]so.*|libjsdt[.]so.*|libjsoundalsa[.]so.*|libjsound[.]so.*|liblcms[.]so.*|libmanagement[.]so.*|libmlib_image[.]so.*|libnet[.]so.*|libnio[.]so.*|libnpt[.]so.*|libsaproc[.]so.*|libsctp[.]so.*|libsplashscreen[.]so.*|libsunec[.]so.*|libunpack[.]so.*|libzip[.]so.*|lib[.]so\\(SUNWprivate_.* -%global _publiclibs libjawt[.]so.*|libjava[.]so.*|libjvm[.]so.*|libverify[.]so.*|libjsig[.]so.* - -%global __provides_exclude ^(%{_privatelibs})$ -%global __requires_exclude ^(%{_privatelibs})$ -# Never generate lib-style provides/requires for slowdebug packages -%global __provides_exclude_from ^.*/%{uniquesuffix -- %{debug_suffix_unquoted}}/.*$ -%global __requires_exclude_from ^.*/%{uniquesuffix -- %{debug_suffix_unquoted}}/.*$ - -%global etcjavasubdir %{_sysconfdir}/java/java-%{javaver}-%{origin} -%define etcjavadir() %{expand:%{etcjavasubdir}/%{uniquesuffix -- %{?1}}} - -# Standard JPackage directories and symbolic links. -%define sdkdir() %{expand:%{uniquesuffix -- %{?1}}} -%define jrelnk() %{expand:jre-%{javaver}-%{origin}-%{version}-%{release}.%{_arch}%{?1}} - -%define jredir() %{expand:%{sdkdir -- %{?1}}/jre} -%define sdkbindir() %{expand:%{_jvmdir}/%{sdkdir -- %{?1}}/bin} -%define jrebindir() %{expand:%{_jvmdir}/%{jredir -- %{?1}}/bin} - -%global rpm_state_dir %{_localstatedir}/lib/rpm-state/ - -%if %{with_systemtap} -# Where to install systemtap tapset (links) -# We would like these to be in a package specific sub-dir, -# but currently systemtap doesn't support that, so we have to -# use the root tapset dir for now. To distinguish between 64 -# and 32 bit architectures we place the tapsets under the arch -# specific dir (note that systemtap will only pickup the tapset -# for the primary arch for now). Systemtap uses the machine name -# aka target_cpu as architecture specific directory name. -%global tapsetroot /usr/share/systemtap -%global tapsetdirttapset %{tapsetroot}/tapset/ -%global tapsetdir %{tapsetdirttapset}/%{stapinstall} -%endif - -# not-duplicated scriptlets for normal/debug packages -%global update_desktop_icons /usr/bin/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : - -%define post_script() %{expand: -update-desktop-database %{_datadir}/applications &> /dev/null || : -/bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null || : -exit 0 -} - -%define post_headless() %{expand: -PRIORITY=%{priority} -if [ "%{?1}" == %{debug_suffix} ]; then - let PRIORITY=PRIORITY-1 -fi - -ext=.gz -alternatives \\ - --install %{_bindir}/java java %{jrebindir -- %{?1}}/java $PRIORITY --family %{name}.%{_arch} \\ - --slave %{_jvmdir}/jre jre %{_jvmdir}/%{jredir -- %{?1}} \\ - --slave %{_bindir}/jjs jjs %{jrebindir -- %{?1}}/jjs \\ - --slave %{_bindir}/keytool keytool %{jrebindir -- %{?1}}/keytool \\ - --slave %{_bindir}/orbd orbd %{jrebindir -- %{?1}}/orbd \\ - --slave %{_bindir}/pack200 pack200 %{jrebindir -- %{?1}}/pack200 \\ - --slave %{_bindir}/rmid rmid %{jrebindir -- %{?1}}/rmid \\ - --slave %{_bindir}/rmiregistry rmiregistry %{jrebindir -- %{?1}}/rmiregistry \\ - --slave %{_bindir}/servertool servertool %{jrebindir -- %{?1}}/servertool \\ - --slave %{_bindir}/tnameserv tnameserv %{jrebindir -- %{?1}}/tnameserv \\ - --slave %{_bindir}/policytool policytool %{jrebindir -- %{?1}}/policytool \\ - --slave %{_bindir}/unpack200 unpack200 %{jrebindir -- %{?1}}/unpack200 \\ - --slave %{_mandir}/man1/java.1$ext java.1$ext \\ - %{_mandir}/man1/java-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jjs.1$ext jjs.1$ext \\ - %{_mandir}/man1/jjs-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/keytool.1$ext keytool.1$ext \\ - %{_mandir}/man1/keytool-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/orbd.1$ext orbd.1$ext \\ - %{_mandir}/man1/orbd-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/pack200.1$ext pack200.1$ext \\ - %{_mandir}/man1/pack200-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/rmid.1$ext rmid.1$ext \\ - %{_mandir}/man1/rmid-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/rmiregistry.1$ext rmiregistry.1$ext \\ - %{_mandir}/man1/rmiregistry-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/servertool.1$ext servertool.1$ext \\ - %{_mandir}/man1/servertool-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/tnameserv.1$ext tnameserv.1$ext \\ - %{_mandir}/man1/tnameserv-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/policytool.1$ext policytool.1$ext \\ - %{_mandir}/man1/policytool-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/unpack200.1$ext unpack200.1$ext \\ - %{_mandir}/man1/unpack200-%{uniquesuffix -- %{?1}}.1$ext - -for X in %{origin} %{javaver} ; do - alternatives --install %{_jvmdir}/jre-"$X" jre_"$X" %{_jvmdir}/%{jredir -- %{?1}} $PRIORITY --family %{name}.%{_arch} -done - -update-alternatives --install %{_jvmdir}/jre-%{javaver}-%{origin} jre_%{javaver}_%{origin} %{_jvmdir}/%{jrelnk -- %{?1}} $PRIORITY --family %{name}.%{_arch} - -update-desktop-database %{_datadir}/applications &> /dev/null || : -/bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null || : - -# see pretrans where this file is declared -# also see that pretrans is only for non-debug -if [ ! "%{?1}" == %{debug_suffix} ]; then - if [ -f %{_libexecdir}/copy_jdk_configs_fixFiles.sh ] ; then - sh %{_libexecdir}/copy_jdk_configs_fixFiles.sh %{rpm_state_dir}/%{name}.%{_arch} %{_jvmdir}/%{sdkdir -- %{?1}} - fi -fi - -exit 0 -} - -%define postun_script() %{expand: -update-desktop-database %{_datadir}/applications &> /dev/null || : -if [ $1 -eq 0 ] ; then - /bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null - %{update_desktop_icons} -fi -exit 0 -} - -%define postun_headless() %{expand: - alternatives --remove java %{jrebindir -- %{?1}}/java - alternatives --remove jre_%{origin} %{_jvmdir}/%{jredir -- %{?1}} - alternatives --remove jre_%{javaver} %{_jvmdir}/%{jredir -- %{?1}} - alternatives --remove jre_%{javaver}_%{origin} %{_jvmdir}/%{jrelnk -- %{?1}} -} - -%define posttrans_script() %{expand: -%{update_desktop_icons} -} - -%define post_devel() %{expand: - -PRIORITY=%{priority} -if [ "%{?1}" == %{debug_suffix} ]; then - let PRIORITY=PRIORITY-1 -fi - -ext=.gz -alternatives \\ - --install %{_bindir}/javac javac %{sdkbindir -- %{?1}}/javac $PRIORITY --family %{name}.%{_arch} \\ - --slave %{_jvmdir}/java java_sdk %{_jvmdir}/%{sdkdir -- %{?1}} \\ - --slave %{_bindir}/appletviewer appletviewer %{sdkbindir -- %{?1}}/appletviewer \\ - --slave %{_bindir}/clhsdb clhsdb %{sdkbindir -- %{?1}}/clhsdb \\ - --slave %{_bindir}/extcheck extcheck %{sdkbindir -- %{?1}}/extcheck \\ - --slave %{_bindir}/hsdb hsdb %{sdkbindir -- %{?1}}/hsdb \\ - --slave %{_bindir}/idlj idlj %{sdkbindir -- %{?1}}/idlj \\ - --slave %{_bindir}/jar jar %{sdkbindir -- %{?1}}/jar \\ - --slave %{_bindir}/jarsigner jarsigner %{sdkbindir -- %{?1}}/jarsigner \\ - --slave %{_bindir}/javadoc javadoc %{sdkbindir -- %{?1}}/javadoc \\ - --slave %{_bindir}/javah javah %{sdkbindir -- %{?1}}/javah \\ - --slave %{_bindir}/javap javap %{sdkbindir -- %{?1}}/javap \\ - --slave %{_bindir}/jcmd jcmd %{sdkbindir -- %{?1}}/jcmd \\ - --slave %{_bindir}/jconsole jconsole %{sdkbindir -- %{?1}}/jconsole \\ - --slave %{_bindir}/jdb jdb %{sdkbindir -- %{?1}}/jdb \\ - --slave %{_bindir}/jdeps jdeps %{sdkbindir -- %{?1}}/jdeps \\ -%ifarch %{jfr_arches} - --slave %{_bindir}/jfr jfr %{sdkbindir -- %{?1}}/jfr \\ -%endif - --slave %{_bindir}/jhat jhat %{sdkbindir -- %{?1}}/jhat \\ - --slave %{_bindir}/jinfo jinfo %{sdkbindir -- %{?1}}/jinfo \\ - --slave %{_bindir}/jmap jmap %{sdkbindir -- %{?1}}/jmap \\ - --slave %{_bindir}/jps jps %{sdkbindir -- %{?1}}/jps \\ - --slave %{_bindir}/jrunscript jrunscript %{sdkbindir -- %{?1}}/jrunscript \\ - --slave %{_bindir}/jsadebugd jsadebugd %{sdkbindir -- %{?1}}/jsadebugd \\ - --slave %{_bindir}/jstack jstack %{sdkbindir -- %{?1}}/jstack \\ - --slave %{_bindir}/jstat jstat %{sdkbindir -- %{?1}}/jstat \\ - --slave %{_bindir}/jstatd jstatd %{sdkbindir -- %{?1}}/jstatd \\ - --slave %{_bindir}/native2ascii native2ascii %{sdkbindir -- %{?1}}/native2ascii \\ - --slave %{_bindir}/rmic rmic %{sdkbindir -- %{?1}}/rmic \\ - --slave %{_bindir}/schemagen schemagen %{sdkbindir -- %{?1}}/schemagen \\ - --slave %{_bindir}/serialver serialver %{sdkbindir -- %{?1}}/serialver \\ - --slave %{_bindir}/wsgen wsgen %{sdkbindir -- %{?1}}/wsgen \\ - --slave %{_bindir}/wsimport wsimport %{sdkbindir -- %{?1}}/wsimport \\ - --slave %{_bindir}/xjc xjc %{sdkbindir -- %{?1}}/xjc \\ - --slave %{_mandir}/man1/appletviewer.1$ext appletviewer.1$ext \\ - %{_mandir}/man1/appletviewer-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/extcheck.1$ext extcheck.1$ext \\ - %{_mandir}/man1/extcheck-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/idlj.1$ext idlj.1$ext \\ - %{_mandir}/man1/idlj-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jar.1$ext jar.1$ext \\ - %{_mandir}/man1/jar-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jarsigner.1$ext jarsigner.1$ext \\ - %{_mandir}/man1/jarsigner-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/javac.1$ext javac.1$ext \\ - %{_mandir}/man1/javac-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/javadoc.1$ext javadoc.1$ext \\ - %{_mandir}/man1/javadoc-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/javah.1$ext javah.1$ext \\ - %{_mandir}/man1/javah-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/javap.1$ext javap.1$ext \\ - %{_mandir}/man1/javap-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jcmd.1$ext jcmd.1$ext \\ - %{_mandir}/man1/jcmd-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jconsole.1$ext jconsole.1$ext \\ - %{_mandir}/man1/jconsole-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jdb.1$ext jdb.1$ext \\ - %{_mandir}/man1/jdb-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jdeps.1$ext jdeps.1$ext \\ - %{_mandir}/man1/jdeps-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jhat.1$ext jhat.1$ext \\ - %{_mandir}/man1/jhat-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jinfo.1$ext jinfo.1$ext \\ - %{_mandir}/man1/jinfo-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jmap.1$ext jmap.1$ext \\ - %{_mandir}/man1/jmap-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jps.1$ext jps.1$ext \\ - %{_mandir}/man1/jps-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jrunscript.1$ext jrunscript.1$ext \\ - %{_mandir}/man1/jrunscript-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jsadebugd.1$ext jsadebugd.1$ext \\ - %{_mandir}/man1/jsadebugd-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jstack.1$ext jstack.1$ext \\ - %{_mandir}/man1/jstack-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jstat.1$ext jstat.1$ext \\ - %{_mandir}/man1/jstat-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/jstatd.1$ext jstatd.1$ext \\ - %{_mandir}/man1/jstatd-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/native2ascii.1$ext native2ascii.1$ext \\ - %{_mandir}/man1/native2ascii-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/rmic.1$ext rmic.1$ext \\ - %{_mandir}/man1/rmic-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/schemagen.1$ext schemagen.1$ext \\ - %{_mandir}/man1/schemagen-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/serialver.1$ext serialver.1$ext \\ - %{_mandir}/man1/serialver-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/wsgen.1$ext wsgen.1$ext \\ - %{_mandir}/man1/wsgen-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/wsimport.1$ext wsimport.1$ext \\ - %{_mandir}/man1/wsimport-%{uniquesuffix -- %{?1}}.1$ext \\ - --slave %{_mandir}/man1/xjc.1$ext xjc.1$ext \\ - %{_mandir}/man1/xjc-%{uniquesuffix -- %{?1}}.1$ext - -for X in %{origin} %{javaver} ; do - alternatives \\ - --install %{_jvmdir}/java-"$X" java_sdk_"$X" %{_jvmdir}/%{sdkdir -- %{?1}} $PRIORITY --family %{name}.%{_arch} -done - -update-alternatives --install %{_jvmdir}/java-%{javaver}-%{origin} java_sdk_%{javaver}_%{origin} %{_jvmdir}/%{sdkdir -- %{?1}} $PRIORITY --family %{name}.%{_arch} - -update-desktop-database %{_datadir}/applications &> /dev/null || : -/bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null || : - -exit 0 -} - -%define postun_devel() %{expand: - alternatives --remove javac %{sdkbindir -- %{?1}}/javac - alternatives --remove java_sdk_%{origin} %{_jvmdir}/%{sdkdir -- %{?1}} - alternatives --remove java_sdk_%{javaver} %{_jvmdir}/%{sdkdir -- %{?1}} - alternatives --remove java_sdk_%{javaver}_%{origin} %{_jvmdir}/%{sdkdir -- %{?1}} - -update-desktop-database %{_datadir}/applications &> /dev/null || : - -if [ $1 -eq 0 ] ; then - /bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null - %{update_desktop_icons} -fi -exit 0 -} - -%define posttrans_devel() %{expand: -%{update_desktop_icons} -} - -%define post_javadoc() %{expand: - -PRIORITY=%{priority} -if [ "%{?1}" == %{debug_suffix} ]; then - let PRIORITY=PRIORITY-1 -fi - -alternatives \\ - --install %{_javadocdir}/java javadocdir %{_javadocdir}/%{uniquejavadocdir -- %{?1}}/api \\ - $PRIORITY --family %{name} -exit 0 -} - -%define postun_javadoc() %{expand: - alternatives --remove javadocdir %{_javadocdir}/%{uniquejavadocdir -- %{?1}}/api -exit 0 -} - -%define post_javadoc_zip() %{expand: - -PRIORITY=%{priority} -if [ "%{?1}" == %{debug_suffix} ]; then - let PRIORITY=PRIORITY-1 -fi - -alternatives \\ - --install %{_javadocdir}/java-zip javadoczip %{_javadocdir}/%{uniquejavadocdir -- %{?1}}.zip \\ - $PRIORITY --family %{name} -exit 0 -} - -%define postun_javadoc_zip() %{expand: - alternatives --remove javadoczip %{_javadocdir}/%{uniquejavadocdir -- %{?1}}.zip -exit 0 -} - - -%define files_jre() %{expand: -%{_datadir}/icons/hicolor/*x*/apps/java-%{javaver}-%{origin}.png -%{_datadir}/applications/*policytool%{?1}.desktop -%{_jvmdir}/%{sdkdir -- %{?1}}/jre/lib/%{archinstall}/libjsoundalsa.so -%{_jvmdir}/%{sdkdir -- %{?1}}/jre/lib/%{archinstall}/libsplashscreen.so -%{_jvmdir}/%{sdkdir -- %{?1}}/jre/lib/%{archinstall}/libawt_xawt.so -%{_jvmdir}/%{sdkdir -- %{?1}}/jre/lib/%{archinstall}/libjawt.so -%{_jvmdir}/%{sdkdir -- %{?1}}/jre/bin/policytool -} - - -%define files_jre_headless() %{expand: -%defattr(-,root,root,-) -%dir %{_sysconfdir}/.java/.systemPrefs -%dir %{_sysconfdir}/.java -%license %{buildoutputdir -- %{?1}}/images/%{jdkimage}/jre/ASSEMBLY_EXCEPTION -%license %{buildoutputdir -- %{?1}}/images/%{jdkimage}/jre/LICENSE -%license %{buildoutputdir -- %{?1}}/images/%{jdkimage}/jre/THIRD_PARTY_README -%dir %{_jvmdir}/%{sdkdir -- %{?1}} -%{_jvmdir}/%{jrelnk -- %{?1}} -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/security -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/cacerts -%dir %{_jvmdir}/%{jredir -- %{?1}} -%dir %{_jvmdir}/%{jredir -- %{?1}}/bin -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib -%{_jvmdir}/%{jredir -- %{?1}}/bin/java -%{_jvmdir}/%{jredir -- %{?1}}/bin/jjs -%{_jvmdir}/%{jredir -- %{?1}}/bin/keytool -%{_jvmdir}/%{jredir -- %{?1}}/bin/orbd -%{_jvmdir}/%{jredir -- %{?1}}/bin/pack200 -%{_jvmdir}/%{jredir -- %{?1}}/bin/rmid -%{_jvmdir}/%{jredir -- %{?1}}/bin/rmiregistry -%{_jvmdir}/%{jredir -- %{?1}}/bin/servertool -%{_jvmdir}/%{jredir -- %{?1}}/bin/tnameserv -%{_jvmdir}/%{jredir -- %{?1}}/bin/unpack200 -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/security/policy/unlimited/ -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/security/policy/limited/ -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/security/policy/ -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/policy/unlimited/US_export_policy.jar -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/policy/unlimited/local_policy.jar -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/policy/limited/US_export_policy.jar -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/policy/limited/local_policy.jar -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/java.policy -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/java.security -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/blacklisted.certs -%config(noreplace) %{etcjavadir -- %{?1}}/lib/logging.properties -%config(noreplace) %{etcjavadir -- %{?1}}/lib/calendars.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/policy/unlimited/US_export_policy.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/policy/unlimited/local_policy.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/policy/limited/US_export_policy.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/policy/limited/local_policy.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/java.policy -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/java.security -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/blacklisted.certs -%{_jvmdir}/%{jredir -- %{?1}}/lib/logging.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/calendars.properties -%{_mandir}/man1/java-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jjs-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/keytool-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/orbd-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/pack200-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/rmid-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/rmiregistry-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/servertool-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/tnameserv-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/unpack200-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/policytool-%{uniquesuffix -- %{?1}}.1* -%{_jvmdir}/%{jredir -- %{?1}}/lib/security/nss.cfg -%config(noreplace) %{etcjavadir -- %{?1}}/lib/security/nss.cfg -%ifarch %{jit_arches} -%attr(444, root, root) %ghost %{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/server/classes.jsa -%attr(444, root, root) %ghost %{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/client/classes.jsa -%endif -%dir %{etcjavasubdir} -%dir %{etcjavadir -- %{?1}} -%dir %{etcjavadir -- %{?1}}/lib -%dir %{etcjavadir -- %{?1}}/lib/security -%{etcjavadir -- %{?1}}/lib/security/cacerts -%dir %{etcjavadir -- %{?1}}/lib/security/policy -%dir %{etcjavadir -- %{?1}}/lib/security/policy/limited -%dir %{etcjavadir -- %{?1}}/lib/security/policy/unlimited -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/server/ -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/client/ -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall} -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/jli -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/jli/libjli.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/jvm.cfg -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libattach.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libawt.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libawt_headless.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libdt_socket.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libfontmanager.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libhprof.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libinstrument.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libj2gss.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libj2pcsc.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libj2pkcs11.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjaas_unix.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjava.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjava_crw_demo.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjpeg.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjdwp.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjsdt.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjsig.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libjsound.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/liblcms.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libmanagement.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libmlib_image.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libnet.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libnio.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libnpt.so -%ifarch %{aarch64} -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libj2kae.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/kaeprovider.conf -%endif -%ifarch %{sa_arches} -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libsaproc.so -%endif -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libsctp.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libsunec.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libunpack.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libverify.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libzip.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/charsets.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/classlist -%{_jvmdir}/%{jredir -- %{?1}}/lib/content-types.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/currency.data -%{_jvmdir}/%{jredir -- %{?1}}/lib/flavormap.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/hijrah-config-umalqura.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/images/cursors/* -%{_jvmdir}/%{jredir -- %{?1}}/lib/jce.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/jexec -%{_jvmdir}/%{jredir -- %{?1}}/lib/jsse.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/jvm.hprof.txt -%{_jvmdir}/%{jredir -- %{?1}}/lib/meta-index -%{_jvmdir}/%{jredir -- %{?1}}/lib/net.properties -%config(noreplace) %{etcjavadir -- %{?1}}/lib/net.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/psfont.properties.ja -%{_jvmdir}/%{jredir -- %{?1}}/lib/psfontj2d.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/resources.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/rt.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/sound.properties -%{_jvmdir}/%{jredir -- %{?1}}/lib/tzdb.dat -%{_jvmdir}/%{jredir -- %{?1}}/lib/management-agent.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/management/* -%{_jvmdir}/%{jredir -- %{?1}}/lib/cmm/* -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/cldrdata.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/dnsns.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/jaccess.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/localedata.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/meta-index -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/nashorn.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/sunec.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/sunjce_provider.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/sunpkcs11.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/zipfs.jar -%ifarch %{aarch64} -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/kae_openssl.jar -%endif -%ifarch %{jfr_arches} -%{_jvmdir}/%{jredir -- %{?1}}/lib/jfr.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/jfr/default.jfc -%{_jvmdir}/%{jredir -- %{?1}}/lib/jfr/profile.jfc -%endif - -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/images -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/images/cursors -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/management -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/cmm -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/ext -%ifarch %{jfr_arches} -%dir %{_jvmdir}/%{jredir -- %{?1}}/lib/jfr -%endif -} - -%define files_devel() %{expand: -%defattr(-,root,root,-) -%license %{buildoutputdir -- %{?1}}/images/%{jdkimage}/ASSEMBLY_EXCEPTION -%license %{buildoutputdir -- %{?1}}/images/%{jdkimage}/LICENSE -%license %{buildoutputdir -- %{?1}}/images/%{jdkimage}/THIRD_PARTY_README -%dir %{_jvmdir}/%{sdkdir -- %{?1}}/bin -%dir %{_jvmdir}/%{sdkdir -- %{?1}}/include -%dir %{_jvmdir}/%{sdkdir -- %{?1}}/lib -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/appletviewer -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/clhsdb -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/extcheck -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/hsdb -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/idlj -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jar -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jarsigner -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/java -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/javac -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/javadoc -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/javah -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/javap -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/java-rmi.cgi -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jcmd -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jconsole -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jdb -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jdeps -%ifarch %{jfr_arches} -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jfr -%endif -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jhat -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jinfo -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jjs -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jmap -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jps -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jrunscript -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jsadebugd -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jstack -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jstat -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/jstatd -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/keytool -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/native2ascii -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/orbd -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/pack200 -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/policytool -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/rmic -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/rmid -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/rmiregistry -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/schemagen -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/serialver -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/servertool -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/tnameserv -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/unpack200 -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/wsgen -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/wsimport -%{_jvmdir}/%{sdkdir -- %{?1}}/bin/xjc -%{_jvmdir}/%{sdkdir -- %{?1}}/include/* -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/%{archinstall} -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/ct.sym -%if %{with_systemtap} -%{_jvmdir}/%{sdkdir -- %{?1}}/tapset -%endif -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/ir.idl -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/jconsole.jar -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/orb.idl -%ifarch %{sa_arches} -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/sa-jdi.jar -%endif -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/dt.jar -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/jexec -%{_jvmdir}/%{sdkdir -- %{?1}}/lib/tools.jar -%{_datadir}/applications/*jconsole%{?1}.desktop -%{_mandir}/man1/appletviewer-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/extcheck-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/idlj-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jar-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jarsigner-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/javac-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/javadoc-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/javah-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/javap-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jconsole-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jcmd-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jdb-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jdeps-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jhat-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jinfo-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jmap-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jps-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jrunscript-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jsadebugd-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jstack-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jstat-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/jstatd-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/native2ascii-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/rmic-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/schemagen-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/serialver-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/wsgen-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/wsimport-%{uniquesuffix -- %{?1}}.1* -%{_mandir}/man1/xjc-%{uniquesuffix -- %{?1}}.1* -%if %{with_systemtap} -%dir %{tapsetroot} -%dir %{tapsetdirttapset} -%dir %{tapsetdir} -%{tapsetdir}/*%{_arch}%{?1}.stp -%endif -} - -%define files_demo() %{expand: -%defattr(-,root,root,-) -%license %{buildoutputdir -- %{?1}}/images/%{jdkimage}/jre/LICENSE -} - -%define files_src() %{expand: -%defattr(-,root,root,-) -%{_jvmdir}/%{sdkdir -- %{?1}}/src.zip -} - -%define files_javadoc() %{expand: -%defattr(-,root,root,-) -%doc %{_javadocdir}/%{uniquejavadocdir -- %{?1}} -%license %{buildoutputdir -- %{?1}}/images/%{jdkimage}/jre/LICENSE -} - -%define files_javadoc_zip() %{expand: -%defattr(-,root,root,-) -%doc %{_javadocdir}/%{uniquejavadocdir -- %{?1}}.zip -%license %{buildoutputdir -- %{?1}}/images/%{jdkimage}/jre/LICENSE -} - -%define files_accessibility() %{expand: -%{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libatk-wrapper.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/java-atk-wrapper.jar -%{_jvmdir}/%{jredir -- %{?1}}/lib/accessibility.properties -} - -# not-duplicated requires/provides/obsoletes for normal/debug packages -%define java_rpo() %{expand: -Requires: fontconfig%{?_isa} -Requires: xorg-x11-fonts-Type1 -# Require libXcomposite explicitly since it's only dynamically loaded -# at runtime. Fixes screenshot issues. See JDK-8150954. -Requires: libXcomposite%{?_isa} -# Requires rest of java -Requires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release} -OrderWithRequires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release} -# for java-X-openjdk package's desktop binding -Recommends: gtk2%{?_isa} - -Provides: java-%{javaver}-%{origin} = %{epoch}:%{version}-%{release} - -# Standard JPackage base provides -Provides: jre%{?1} = %{epoch}:%{version}-%{release} -Provides: jre-%{origin}%{?1} = %{epoch}:%{version}-%{release} -Provides: jre-%{javaver}%{?1} = %{epoch}:%{version}-%{release} -Provides: jre-%{javaver}-%{origin}%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{origin}%{?1} = %{epoch}:%{version}-%{release} -Provides: java%{?1} = %{epoch}:%{version}-%{release} -} - -%define java_headless_rpo() %{expand: -# Require /etc/pki/java/cacerts -Requires: ca-certificates -# Require javapackages-filesystem for ownership of /usr/lib/jvm/ -Requires: javapackages-filesystem -# Require zone-info data provided by tzdata-java sub-package -Requires: tzdata-java >= 2020a -# libsctp.so.1 is being `dlopen`ed on demand -Requires: lksctp-tools%{?_isa} -# there is a need to depend on the exact version of NSS -Requires: nss%{?_isa} %{NSS_BUILDTIME_VERSION} -Requires: nss-softokn%{?_isa} %{NSSSOFTOKN_BUILDTIME_VERSION} -# tool to copy jdk's configs - should be Recommends only, but then only dnf/yum enforce it, -# not rpm transaction and so no configs are persisted when pure rpm -u is run. It may be -# considered as regression -Requires: copy-jdk-configs >= 3.9 -OrderWithRequires: copy-jdk-configs -# for printing support -Requires: cups-libs -# Post requires alternatives to install tool alternatives -Requires(post): %{_sbindir}/alternatives -# in version 1.7 and higher for --family switch -Requires(post): chkconfig >= 1.7 -# Postun requires alternatives to uninstall tool alternatives -Requires(postun): %{_sbindir}/alternatives -# in version 1.7 and higher for --family switch -Requires(postun): chkconfig >= 1.7 -# for optional support of kernel stream control, card reader and printing bindings -Suggests: lksctp-tools%{?_isa}, pcsc-lite-devel%{?_isa}, cups - -# Standard JPackage base provides -Provides: jre-headless%{?1} = %{epoch}:%{version}-%{release} -Provides: jre-%{javaver}-%{origin}-headless%{?1} = %{epoch}:%{version}-%{release} -Provides: jre-%{origin}-headless%{?1} = %{epoch}:%{version}-%{release} -Provides: jre-%{javaver}-headless%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-%{origin}-headless%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-headless%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{origin}-headless%{?1} = %{epoch}:%{version}-%{release} -Provides: java-headless%{?1} = %{epoch}:%{version}-%{release} -} - -%define java_devel_rpo() %{expand: -# Requires base package -Requires: %{name}%{?1}%{?_isa} = %{epoch}:%{version}-%{release} -OrderWithRequires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release} -# Post requires alternatives to install tool alternatives -Requires(post): %{_sbindir}/alternatives -# Postun requires alternatives to uninstall tool alternatives -Requires(postun): %{_sbindir}/alternatives - -# Standard JPackage devel provides -Provides: java-sdk-%{javaver}-%{origin}%{?1} = %{epoch}:%{version}-%{release} -Provides: java-sdk-%{javaver}%{?1} = %{epoch}:%{version}-%{release} -Provides: java-sdk-%{origin}%{?1} = %{epoch}:%{version}-%{release} -Provides: java-sdk%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-devel%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-%{origin}-devel%{?1} = %{epoch}:%{version}-%{release} -Provides: java-devel-%{origin}%{?1} = %{epoch}:%{version}-%{release} -Provides: java-devel%{?1} = %{epoch}:%{version}-%{release} -} - -%define java_demo_rpo() %{expand: -Requires: %{name}%{?1}%{?_isa} = %{epoch}:%{version}-%{release} -OrderWithRequires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release} - -Provides: java-demo%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{origin}-demo%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-demo%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-%{origin}-demo%{?1} = %{epoch}:%{version}-%{release} -} - -%define java_javadoc_rpo() %{expand: -OrderWithRequires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release} -# Post requires alternatives to install javadoc alternative -Requires(post): %{_sbindir}/alternatives -# Postun requires alternatives to uninstall javadoc alternative -Requires(postun): %{_sbindir}/alternatives - -# Standard JPackage javadoc provides -Provides: java-javadoc%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-javadoc%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-%{origin}-javadoc%{?1} = %{epoch}:%{version}-%{release} -} - -%define java_src_rpo() %{expand: -Requires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release} - -# Standard JPackage sources provides -Provides: java-src%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{origin}-src%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-src%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-%{origin}-src%{?1} = %{epoch}:%{version}-%{release} -} - -%define java_accessibility_rpo() %{expand: -Requires: java-atk-wrapper%{?_isa} -Requires: %{name}%{?1}%{?_isa} = %{epoch}:%{version}-%{release} -OrderWithRequires: %{name}-headless%{?1}%{?_isa} = %{epoch}:%{version}-%{release} - -Provides: java-accessibility%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{origin}-accessibility%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-accessibility%{?1} = %{epoch}:%{version}-%{release} -Provides: java-%{javaver}-%{origin}-accessibility%{?1} = %{epoch}:%{version}-%{release} - -} - -# Prevent brp-java-repack-jars from being run -%global __jar_repack 0 - -Name: java-%{javaver}-%{origin} -Version: %{javaver}.%{updatever}.%{buildver} -Release: 2 -# java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons -# and this change was brought into RHEL-4. java-1.5.0-ibm packages -# also included the epoch in their virtual provides. This created a -# situation where in-the-wild java-1.5.0-ibm packages provided "java = -# 1:1.5.0". In RPM terms, "1.6.0 < 1:1.5.0" since 1.6.0 is -# interpreted as 0:1.6.0. So the "java >= 1.6.0" requirement would be -# satisfied by the 1:1.5.0 packages. Thus we need to set the epoch in -# JDK package >= 1.6.0 to 1, and packages referring to JDK virtual -# provides >= 1.6.0 must specify the epoch, "java >= 1:1.6.0". - -Epoch: 1 -Summary: %{origin_nice} Runtime Environment %{majorver} -Group: Development/Languages - -# HotSpot code is licensed under GPLv2 -# JDK library code is licensed under GPLv2 with the Classpath exception -# The Apache license is used in code taken from Apache projects (primarily JAXP & JAXWS) -# DOM levels 2 & 3 and the XML digital signature schemas are licensed under the W3C Software License -# The JSR166 concurrency code is in the public domain -# The BSD and MIT licenses are used for a number of third-party libraries (see THIRD_PARTY_README) -# The OpenJDK source tree includes the JPEG library (IJG), zlib & libpng (zlib), giflib and LCMS (MIT) -# The test code includes copies of NSS under the Mozilla Public License v2.0 -# The PCSClite headers are under a BSD with advertising license -# The elliptic curve cryptography (ECC) source code is licensed under the LGPLv2.1 or any later version -License: ASL 1.1 and ASL 2.0 and BSD and BSD with advertising and GPL+ and GPLv2 and GPLv2 with exceptions and IJG and LGPLv2+ and MIT and MPLv2.0 and Public Domain and W3C and zlib -URL: http://openjdk.java.net/ - -Source0: %{full_revision}.tar.xz - -# Custom README for -src subpackage -Source2: README.md - -# Use 'icedtea_sync.sh' to update the following -# They are based on code contained in the IcedTea project (3.x). -# Systemtap tapsets. Zipped up to keep it small. -Source8: tapsets-icedtea-%{icedteaver}.tar.xz - -# Desktop files. Adapted from IcedTea -Source9: jconsole.desktop.in -Source10: policytool.desktop.in - -# nss configuration file -Source11: nss.cfg.in - - -# Ensure we aren't using the limited crypto policy -Source13: TestCryptoLevel.java - -# Ensure ECDSA is working -Source14: TestECDSA.java - -Source20: repackReproduciblePolycies.sh - -Patch8: replace-vector-to-improve-performance-of-xml.validat.patch -Patch10: 8221658.patch -Patch18: fix-vendor-info.patch -Patch21: 8202952.patch -Patch25: 8196485.patch -Patch26: disable-UseLSE-on-ARMv8.1-by-default.patch -Patch27: 8157570.patch -Patch30: 8191483.patch -Patch31: 8141356.patch -Patch33: 8166253.patch -Patch35: 8186042.patch -Patch36: 8060463.patch -Patch37: 8131600.patch -Patch38: 8138971.patch -Patch41: 8203699.patch -Patch47: 8166197.patch -Patch50: 8158946.patch -Patch51: add-with-company-name-option.patch -Patch57: 8031085.patch -Patch58: Reduce-the-probability-of-the-crash-related-to-ciObj.patch -Patch62: 8165857.patch -Patch63: 8033552.patch -Patch67: 8165860.patch -Patch70: 8164948.patch - -# 8u242 -Patch75: Add-ability-to-configure-third-port-for-remote-JMX.patch -Patch83: 8204947.patch -Patch85: 8139041.patch - -# 8u252 -Patch86: 6858051-Create-GC-worker-threads-dynamically.patch -Patch87: 6858051-Add-a-switch-for-the-dynamic-thread-related-log.patch -Patch88: dismiss-warnings-in-GCC-8.X.patch - -# 8u262 -Patch89: 8144993.patch -Patch90: 8223504.patch -Patch91: add-vm-option-BoxTypeCachedMax-for-Integer-and-Long-cache.patch -Patch92: 8080289-8040213-8189067-move-the-store-out-of-the-loop.patch -Patch94: 8182397.patch -Patch95: 8205921.patch - -# 8u265 -Patch96: fix-Long-cache-range-and-remove-VM-option-java.lang.IntegerCache.high-by-default.patch -Patch97: leaf-optimize-in-ParallelScanvageGC.patch -Patch102: fix-LongCache-s-range-when-BoxTypeCachedMax-number-is-bigger-than-Integer.MAX_VALUE.patch -Patch103: Ddot-intrinsic-implement.patch -Patch104: 8234003.patch -Patch105: 8220159.patch -Patch106: fast-serializer-jdk8.patch -Patch109: Test8167409.sh-fails-to-run-with-32bit-jdk-on-64bit-.patch -Patch112: 8048210-8056152.patch -Patch113: 8160425.patch -Patch114: 8181503.patch -Patch115: 8243670.patch -Patch118: Fix-LineBuffer-vappend-when-buffer-too-small.patch -Patch121: Remove-unused-GenericTaskQueueSet-T-F-tasks.patch -Patch122: optimize-jmap-F-dump-xxx.patch -Patch125: Extend-CDS-to-support-app-class-metadata-sharing.patch -Patch127: add-DumpSharedSpace-guarantee-when-create-anonymous-classes.patch - -# 8u272 -Patch133: 8160369.patch -Patch134: PS-GC-adding-acquire_size-method-for-PSParallelCompa.patch -Patch138: add-appcds-file-lock.patch -Patch139: G1-memory-uncommit.patch -Patch140: 8015927.patch -Patch141: 8040327.patch -Patch142: 8207160.patch -Patch144: add-appcds-test-case.patch - -# 8u282 -Patch147: 8215047.patch -Patch148: 8237894.patch -Patch149: Remove-the-parentheses-around-company-name.patch -Patch151: kae-phase1.patch -Patch153: initialized-value-should-be-0-in-perfInit.patch -Patch154: 8254078-DataOutputStream-is-very-slow-post-disabling.patch -Patch155: Use-atomic-operation-when-G1Uncommit.patch -Patch157: 8140597-Postpone-the-initial-mark-request-until-the-.patch -Patch158: Use-Mutex-when-G1Uncommit.patch -Patch159: C1-typos-repair.patch -Patch162: 8214535-support-Jmap-parallel.patch -Patch163: Fixed-a-copyright-writing-problem.patch -Patch164: fix-arguments.cpp-error-C2131-on-windows.patch -Patch166: add-missing-test-case.patch -Patch167: fix-BoxTypeCachedMax-build-failure-when-jvm-variants.patch -Patch168: fix-windows-compile-fail.patch -Patch169: Code-style-fix.patch -Patch170: kae-phase2.patch -Patch171: add-kaeEngine-to-rsa.patch - -# 8u292 -Patch172: 8031818.patch -Patch173: 8193518.patch -Patch174: Disable-ddot-intrinsic-on-CPUs-that-not-suppo.patch -Patch175: add-appcds-jtreg-test-case-UnusedCPDuringDump.patch -Patch176: add-safe-compilation-flags.patch -Patch177: downgrade-symver-of-memcpy-GLIBC.patch -Patch178: fix-log-bug-enhance-aes-hmac-performance.patch -Patch179: keep-the-binary-equal.patch -Patch180: link-option-use-rpath-instead-of-runpath.patch -Patch183: revert-windows-bugfix.patch -Patch184: set-vm.vendor-by-configure.patch -Patch185: update-cacerts-and-VerifyCACerts.java-test.patch -Patch186: update-to-keep-same-with-master.patch -Patch188: 8247691_incorrect_handling_of_VM_exceptions_in_C1_deopt_stub.patch -Patch192: add_kae_implementation_add_default_conf_file.patch -Patch193: improve_algorithmConstraints_checkAlgorithm_performance.patch -Patch194: modify_the_default_iteration_time_and_forks_in_the_JMH_of_KAEProvider.patch -Patch195: support_CMS_parallel_inspection.patch -Patch196: g1gc-numa-aware-Implementation.patch -Patch197: implementation_of_Blas_hotspot_function_in_Intrinsics.patch -Patch198: fix_G1GC_memory_leak_in_numa.patch -Patch200: Fix-ECDH-and-DH-memory-usage.patch -Patch201: fix_run_SPECjvm2008_failed_on_32_bit_system.patch -Patch202: Fix-RSACipher-memory-usage.patch - -# 8u302 -Patch203: fix-lock-ordering-issue-when-calling-JVMTI-GetLoaded.patch -Patch204: 8069191.patch -Patch205: fix_g1uncommit_ygc_expand_crash.patch -Patch207: fix_bug_in_keypairgenerator.patch -Patch208: C1-assert-is_virtual-failed-type-check.patch -Patch209: 8197387-Run-the-jcmd-tool-as-the-root-user-to-access.patch -Patch210: create-jfr-dump-file-with-pid-or-timestamp-if-specif.patch -Patch212: enhance-the-TimeZone-s-path-solution-on-Euler.patch -Patch214: fix-appcds-s-option-AppCDSLockFile.patch -Patch215: PS-introduce-UsePSRelaxedForwardee-to-enable-using-r.patch -Patch216: Parallel-Full-GC-for-G1.patch -Patch218: 8143251-Thread-suspend-on-VM_G1IncCollectionPause-do.patch -Patch219: G1Uncommit-Introduce-G1PeriodGCNotRetry-control-whet.patch -Patch220: JDK-debug-version-crash-when-using-AppCDS.patch - -# 8u312 -Patch222: 8273111-Default-timezone-should-return-zone-ID-if-locatiome-is-valid-but-not-canonicalization-on-linux.patch -Patch223: 8233280-Remove-GCLockerInvokesConcurrent-relative-logic-for-G1.patch -Patch224: G1Ucommit-Refactor-Trigger-mechanism.patch -Patch225: G1-Full-GC-parallel-mark.patch -Patch226: G1Uncommit-add-G1UncommitLog-limit-before-G1Uncommit.patch -Patch228: add-wrap_memcpy-to-libsaproc.patch -Patch229: downgrade-the-symver-of-fcntl64.patch - -# 8u322 -Patch230: add-system-property-swing.JComboBox.useLegacyMode.patch -Patch232: 8173361-various-crashes-in-JvmtiExport-post_compiled.patch -Patch233: fix-TestUseCompressedOopsErgo-run-failed.patch -Patch235: fix-testme-Test6929067-run-faild.patch -Patch236: penetration_testing_vulnerability_fix.patch -Patch237: 8136577_Make_AbortVMOnException_available_in_product_builds.patch -Patch238: add-environment-variable-ZIP_INVALID_LOC_HEADER_EXIT.patch -Patch239: print-fd-and-file-path-when-a-zip-invalid-loc-header.patch -Patch240: 8207011-Remove-uses-of-the-register-storage-class-specifier.patch -Patch241: 8268819-SA-Remove-libthread_db-dependency-on-Linux.patch - -# 8u332 -Patch243: Fix-compile-and-runtime-failures-for-minimal1-versio.patch -Patch244: fix_X509TrustManagerImpl_symantec_distrust.patch -Patch245: change-sa-jdi.jar-make-file-for-BEP.PATCH -Patch246: 7092821-java.security.Provider.getService-is-synchro.patch -Patch247: 8173339-AArch64-Fix-minimum-stack-size-computations.patch -Patch248: 8067941-TESTBUG-Fix-tests-for-OS-with-64K-page-size.patch - -# 8u342 -Patch249: Improve_AlgorithmConstraints_checkAlgorithm_performance.patch -Patch250: modify_coding_style_and_describe_error.patch -Patch251: fix_wrap_memcpy_undefined_gcc10_3.patch - -############################################# -# -# Upstreamable patches -# -# This section includes patches which need to -# be reviewed & pushed to the current development -# tree of OpenJDK. -############################################# -# PR2888: OpenJDK should check for system cacerts database (e.g. /etc/pki/java/cacerts) -# PR3575, RH1567204: System cacerts database handling should not affect jssecacerts -Patch539: pr2888-openjdk_should_check_for_system_cacerts_database_eg_etc_pki_java_cacerts.patch - -############################################# -# -# Patches which need backporting to 8u -# -# This section includes patches which have -# been pushed upstream to the latest OpenJDK -# development tree, but need to be backported -# to OpenJDK 8u. -############################################# -# S8154313: Generated javadoc scattered all over the place -# 8035341: Allow using a system installed libpng -# Patch202: jdk8035341-allow_using_system_installed_libpng.patch -# 8042159: Allow using a system-installed lcms2 -# Patch203: jdk8042159-allow_using_system_installed_lcms2.patch - -############################################# -# -# Patches ineligible for 8u -# -# This section includes patches which are present -# upstream, but ineligible for upstream 8u backport. -############################################# -# 8043805: Allow using a system-installed libjpeg -# Patch201: jdk8043805-allow_using_system_installed_libjpeg.patch - -############################################# -# -# Non-OpenJDK fixes -# -# This section includes patches to code other -# that from OpenJDK. -############################################# -Patch1000: rh1648249-add_commented_out_nss_cfg_provider_to_java_security.patch - -############################################# -# -# Dependencies -# -############################################# - -BuildRequires: autoconf -BuildRequires: automake -BuildRequires: alsa-lib-devel -BuildRequires: binutils -BuildRequires: cups-devel -BuildRequires: desktop-file-utils -# elfutils only are OK for build without AOT -BuildRequires: elfutils-devel -BuildRequires: fontconfig-devel -BuildRequires: freetype-devel -BuildRequires: giflib-devel -BuildRequires: gcc-c++ -BuildRequires: gdb -BuildRequires: lcms2-devel -BuildRequires: libjpeg-devel -BuildRequires: libpng-devel -BuildRequires: libxslt -BuildRequires: libX11-devel -BuildRequires: libXext-devel -BuildRequires: libXi-devel -BuildRequires: libXinerama-devel -BuildRequires: libXrender-devel -BuildRequires: libXt-devel -BuildRequires: libXtst-devel -# Requirements for setting up the nss.cfg -BuildRequires: nss-devel -BuildRequires: pkgconfig -BuildRequires: xorg-x11-proto-devel -BuildRequires: zip -BuildRequires: unzip -BuildRequires: openssl-devel - -BuildRequires: java-1.8.0-openjdk-devel - -BuildRequires: tzdata-java >= 2015d -# Earlier versions have a bug in tree vectorization on PPC -BuildRequires: gcc >= 4.8.3-8 -# Build requirements for SunEC system NSS support -BuildRequires: nss-softokn-freebl-devel >= 3.16.1 - -%if %{with_systemtap} -BuildRequires: systemtap-sdt-devel -%endif - -# this is always built, also during debug-only build -# when it is built in debug-only this package is just placeholder -%{java_rpo %{nil}} - -%description -The %{origin_nice} runtime environment %{majorver}. - -%if %{include_debug_build} -%package slowdebug -Summary: %{origin_nice} Runtime Environment %{majorver} %{debug_on} -Group: Development/Languages - -%{java_rpo -- %{debug_suffix_unquoted}} -%description slowdebug -The %{origin_nice} runtime environment %{majorver}. -%{debug_warning} -%endif - -%if %{include_normal_build} -%package headless -Summary: %{origin_nice} Headless Runtime Environment %{majorver} -Group: Development/Languages - -%{java_headless_rpo %{nil}} - -%description headless -The %{origin_nice} runtime environment %{majorver} without audio and video support. -%endif - -%if %{include_debug_build} -%package headless-slowdebug -Summary: %{origin_nice} Runtime Environment %{majorver} %{debug_on} -Group: Development/Languages - -%{java_headless_rpo -- %{debug_suffix_unquoted}} - -%description headless-slowdebug -The %{origin_nice} runtime environment %{majorver} without audio and video support. -%{debug_warning} -%endif - -%if %{include_normal_build} -%package devel -Summary: %{origin_nice} Development Environment %{majorver} -Group: Development/Tools - -%{java_devel_rpo %{nil}} - -%description devel -The %{origin_nice} development tools %{majorver}. -%endif - -%if %{include_debug_build} -%package devel-slowdebug -Summary: %{origin_nice} Development Environment %{majorver} %{debug_on} -Group: Development/Tools - -%{java_devel_rpo -- %{debug_suffix_unquoted}} - -%description devel-slowdebug -The %{origin_nice} development tools %{majorver}. -%{debug_warning} -%endif - -%if %{include_normal_build} -%package demo -Summary: %{origin_nice} Demos %{majorver} -Group: Development/Languages - -%{java_demo_rpo %{nil}} - -%description demo -The %{origin_nice} demos %{majorver}. -%endif - -%if %{include_debug_build} -%package demo-slowdebug -Summary: %{origin_nice} Demos %{majorver} %{debug_on} -Group: Development/Languages - -%{java_demo_rpo -- %{debug_suffix_unquoted}} - -%description demo-slowdebug -The %{origin_nice} demos %{majorver}. -%{debug_warning} -%endif - -%if %{include_normal_build} -%package src -Summary: %{origin_nice} Source Bundle %{majorver} -Group: Development/Languages - -%{java_src_rpo %{nil}} - -%description src -The java-%{origin}-src sub-package contains the complete %{origin_nice} %{majorver} -class library source code for use by IDE indexers and debuggers. -%endif - -%if %{include_debug_build} -%package src-slowdebug -Summary: %{origin_nice} Source Bundle %{majorver} %{for_debug} -Group: Development/Languages - -%{java_src_rpo -- %{debug_suffix_unquoted}} - -%description src-slowdebug -The java-%{origin}-src-slowdebug sub-package contains the complete %{origin_nice} %{majorver} - class library source code for use by IDE indexers and debuggers. Debugging %{for_debug}. -%endif - -%if %{include_normal_build} -%package javadoc -Summary: %{origin_nice} %{majorver} API documentation -Group: Documentation -Requires: javapackages-filesystem -Obsoletes: javadoc-slowdebug < 1:1.8.0.222.b10-1 -BuildArch: noarch - -%{java_javadoc_rpo %{nil}} - -%description javadoc -The %{origin_nice} %{majorver} API documentation. -%endif - -%if %{include_normal_build} -%package javadoc-zip -Summary: %{origin_nice} %{majorver} API documentation compressed in a single archive -Requires: javapackages-filesystem -Obsoletes: javadoc-zip-slowdebug < 1:1.8.0.222.b10-1 -BuildArch: noarch - -%{java_javadoc_rpo %{nil}} - -%description javadoc-zip -The %{origin_nice} %{majorver} API documentation compressed in a single archive. -%endif - -%if %{include_normal_build} -%package accessibility -Summary: %{origin_nice} %{majorver} accessibility connector - -%{java_accessibility_rpo %{nil}} - -%description accessibility -Enables accessibility support in %{origin_nice} %{majorver} by using java-atk-wrapper. This allows -compatible at-spi2 based accessibility programs to work for AWT and Swing-based -programs. - -Please note, the java-atk-wrapper is still in beta, and %{origin_nice} %{majorver} itself is still -being tuned to be working with accessibility features. There are known issues -with accessibility on, so please do not install this package unless you really -need to. -%endif - -%if %{include_debug_build} -%package accessibility-slowdebug -Summary: %{origin_nice} %{majorver} accessibility connector %{for_debug} - -%{java_accessibility_rpo -- %{debug_suffix_unquoted}} - -%description accessibility-slowdebug -See normal java-%{version}-openjdk-accessibility description. -%endif - -%if %{with_openjfx_binding} -%package openjfx -Summary: OpenJDK x OpenJFX connector. This package adds symliks finishing Java FX integration to %{name} -Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release} -Requires: openjfx8%{?_isa} -Provides: javafx = %{epoch}:%{version}-%{release} -%description openjfx -Set of links from OpenJDK (jre) to OpenJFX - -%package openjfx-devel -Summary: OpenJDK x OpenJFX connector for FX developers. This package adds symliks finishing Java FX integration to %{name}-devel -Requires: %{name}-devel%{?_isa} = %{epoch}:%{version}-%{release} -Requires: openjfx8-devel%{?_isa} -Provides: javafx-devel = %{epoch}:%{version}-%{release} -%description openjfx-devel -Set of links from OpenJDK (sdk) to OpenJFX - -%if %{include_debug_build} -%package openjfx-slowdebug -Summary: OpenJDK x OpenJFX connector %{for_debug}. his package adds symliks finishing Java FX integration to %{name}-slowdebug -Requires: %{name}-slowdebug%{?_isa} = %{epoch}:%{version}-%{release} -Requires: openjfx8%{?_isa} -Provides: javafx-slowdebug = %{epoch}:%{version}-%{release} -%description openjfx-slowdebug -Set of links from OpenJDK-slowdebug (jre) to normal OpenJFX. OpenJFX do not support debug buuilds of itself - -%package openjfx-devel-slowdebug -Summary: OpenJDK x OpenJFX connector for FX developers %{for_debug}. This package adds symliks finishing Java FX integration to %{name}-devel-slowdebug -Requires: %{name}-devel-slowdebug%{?_isa} = %{epoch}:%{version}-%{release} -Requires: openjfx8-devel%{?_isa} -Provides: javafx-devel-slowdebug = %{epoch}:%{version}-%{release} -%description openjfx-devel-slowdebug -Set of links from OpenJDK-slowdebug (sdk) to normal OpenJFX. OpenJFX do not support debug buuilds of itself -%endif -%endif - -%prep - -# Using the echo macro breaks rpmdev-bumpspec, as it parses the first line of stdout :-( -%if 0%{?stapinstall:1} - echo "CPU: %{_target_cpu}, arch install directory: %{archinstall}, SystemTap install directory: %{stapinstall}" -%else - %{error:Unrecognised architecture %{_target_cpu}} -%endif - -if [ %{include_normal_build} -eq 0 -o %{include_normal_build} -eq 1 ] ; then - echo "include_normal_build is %{include_normal_build}" -else - echo "include_normal_build is %{include_normal_build}, thats invalid. Use 1 for yes or 0 for no" - exit 11 -fi -if [ %{include_debug_build} -eq 0 -o %{include_debug_build} -eq 1 ] ; then - echo "include_debug_build is %{include_debug_build}" -else - echo "include_debug_build is %{include_debug_build}, thats invalid. Use 1 for yes or 0 for no" - exit 12 -fi -if [ %{include_debug_build} -eq 0 -a %{include_normal_build} -eq 0 ] ; then - echo "You have disabled both include_debug_build and include_normal_build. That is a no go." - exit 13 -fi -%setup -q -c -n %{uniquesuffix ""} -T -a 0 -prioritylength=`expr length %{priority}` -if [ $prioritylength -ne 7 ] ; then - echo "priority must be 7 digits in total, violated" - exit 14 -fi -# For old patches -ln -s %{top_level_dir_name} jdk8 - -pushd %{top_level_dir_name} -# OpenJDK patches - -%patch8 -p1 -%patch10 -p1 -%patch18 -p1 -%patch21 -p1 -%patch25 -p1 -%patch26 -p1 -%patch27 -p1 -%patch30 -p1 -%patch31 -p1 -%patch33 -p1 -%patch35 -p1 -%patch36 -p1 -%patch37 -p1 -%patch38 -p1 -%patch41 -p1 -%patch47 -p1 -%patch50 -p1 -%patch51 -p1 -%patch57 -p1 -%patch58 -p1 -%patch62 -p1 -%patch63 -p1 -%patch67 -p1 -%patch70 -p1 -%patch75 -p1 -%patch83 -p1 -%patch85 -p1 -%patch86 -p1 -%patch87 -p1 -%patch88 -p1 -%patch89 -p1 -%patch90 -p1 -%patch91 -p1 -%patch92 -p1 -%patch94 -p1 -%patch95 -p1 -%patch96 -p1 -%patch97 -p1 -%patch102 -p1 -%patch103 -p1 -%patch104 -p1 -%patch105 -p1 -%patch106 -p1 -%patch109 -p1 -%patch112 -p1 -%patch113 -p1 -%patch114 -p1 -%patch115 -p1 -%patch118 -p1 -%patch121 -p1 -%patch122 -p1 -%patch125 -p1 -%patch127 -p1 -%patch133 -p1 -%patch134 -p1 -%patch138 -p1 -%patch139 -p1 -%patch140 -p1 -%patch141 -p1 -%patch142 -p1 -%patch144 -p1 -%patch147 -p1 -%patch148 -p1 -%patch149 -p1 -%patch151 -p1 -%patch153 -p1 -%patch154 -p1 -%patch155 -p1 -%patch157 -p1 -%patch158 -p1 -%patch159 -p1 -%patch162 -p1 -%patch163 -p1 -%patch164 -p1 -%patch166 -p1 -%patch167 -p1 -%patch168 -p1 -%patch169 -p1 -%patch170 -p1 -%patch171 -p1 -%patch172 -p1 -%patch173 -p1 -%patch174 -p1 -%patch175 -p1 -%patch176 -p1 -%patch177 -p1 -%patch178 -p1 -%patch179 -p1 -%patch180 -p1 -%patch183 -p1 -%patch184 -p1 -%patch185 -p1 -%patch186 -p1 -%patch188 -p1 -%patch192 -p1 -%patch194 -p1 -%patch195 -p1 -%patch196 -p1 -%patch197 -p1 -%patch198 -p1 -%patch200 -p1 -%patch201 -p1 -%patch202 -p1 -%patch203 -p1 -%patch204 -p1 -%patch205 -p1 -%patch207 -p1 -%patch208 -p1 -%patch209 -p1 -%patch210 -p1 -%patch212 -p1 -%patch214 -p1 -%patch215 -p1 -%patch216 -p1 -%patch218 -p1 -%patch219 -p1 -%patch220 -p1 -%patch222 -p1 -%patch223 -p1 -%patch224 -p1 -%patch225 -p1 -%patch226 -p1 -%patch228 -p1 -%patch229 -p1 -%patch230 -p1 -%patch232 -p1 -%patch233 -p1 -%patch235 -p1 -%patch236 -p1 -%patch237 -p1 -%patch238 -p1 -%patch239 -p1 -%patch240 -p1 -%patch241 -p1 -%patch243 -p1 -%patch244 -p1 -%patch245 -p1 -%patch246 -p1 -%patch247 -p1 -%patch248 -p1 -%patch249 -p1 -%patch250 -p1 -%patch251 -p1 -popd - -# System library fixes -# %patch201 -# %patch202 -# %patch203 - -# RPM-only fixes -# %patch1000 - -# Extract systemtap tapsets -%if %{with_systemtap} -tar --strip-components=1 -x -I xz -f %{SOURCE8} -%if %{include_debug_build} -cp -r tapset tapset%{debug_suffix} -%endif - -for suffix in %{build_loop} ; do - for file in "tapset"$suffix/*.in; do - OUTPUT_FILE=`echo $file | sed -e "s:\.stp\.in$:-%{version}-%{release}.%{_arch}.stp:g"` - sed -e "s:@ABS_SERVER_LIBJVM_SO@:%{_jvmdir}/%{sdkdir -- $suffix}/jre/lib/%{archinstall}/server/libjvm.so:g" $file > $file.1 -# TODO find out which architectures other than i686 have a client vm -%ifarch %{ix86} - sed -e "s:@ABS_CLIENT_LIBJVM_SO@:%{_jvmdir}/%{sdkdir -- $suffix}/jre/lib/%{archinstall}/client/libjvm.so:g" $file.1 > $OUTPUT_FILE -%else - sed -e "/@ABS_CLIENT_LIBJVM_SO@/d" $file.1 > $OUTPUT_FILE -%endif - sed -i -e "s:@ABS_JAVA_HOME_DIR@:%{_jvmdir}/%{sdkdir -- $suffix}:g" $OUTPUT_FILE - sed -i -e "s:@INSTALL_ARCH_DIR@:%{archinstall}:g" $OUTPUT_FILE - sed -i -e "s:@prefix@:%{_jvmdir}/%{sdkdir -- $suffix}/:g" $OUTPUT_FILE - done -done -# systemtap tapsets ends -%endif - -# Prepare desktop files -# The _X_ syntax indicates variables that are replaced by make upstream -# The @X@ syntax indicates variables that are replaced by configure upstream -for suffix in %{build_loop} ; do -for file in %{SOURCE9} %{SOURCE10} ; do - FILE=`basename $file | sed -e s:\.in$::g` - EXT="${FILE##*.}" - NAME="${FILE%.*}" - OUTPUT_FILE=$NAME$suffix.$EXT - sed -e "s:_SDKBINDIR_:%{sdkbindir -- $suffix}:g" $file > $OUTPUT_FILE - sed -i -e "s:_JREBINDIR_:%{jrebindir -- $suffix}:g" $OUTPUT_FILE - sed -i -e "s:@target_cpu@:%{_arch}:g" $OUTPUT_FILE - sed -i -e "s:@OPENJDK_VER@:%{version}-%{release}.%{_arch}$suffix:g" $OUTPUT_FILE - sed -i -e "s:@JAVA_VER@:%{javaver}:g" $OUTPUT_FILE - sed -i -e "s:@JAVA_VENDOR@:%{origin}:g" $OUTPUT_FILE -done -done - -# Setup nss.cfg -sed -e "s:@NSS_LIBDIR@:%{NSS_LIBDIR}:g" %{SOURCE11} > nss.cfg - - - -%build -# How many CPU's do we have? -export NUM_PROC=%(/usr/bin/getconf _NPROCESSORS_ONLN 2> /dev/null || :) -export NUM_PROC=${NUM_PROC:-1} -%if 0%{?_smp_ncpus_max} -# Honor %%_smp_ncpus_max -[ ${NUM_PROC} -gt %{?_smp_ncpus_max} ] && export NUM_PROC=%{?_smp_ncpus_max} -%endif - -%ifarch %{aarch64} -export ARCH_DATA_MODEL=64 -%endif - -# We use ourcppflags because the OpenJDK build seems to -# pass EXTRA_CFLAGS to the HotSpot C++ compiler... -EXTRA_CFLAGS="%ourcppflags -Wno-error -fcommon -fsigned-char" -EXTRA_CPP_FLAGS="%ourcppflags -Wno-error" - -EXTRA_ASFLAGS="${EXTRA_CFLAGS} -Wa,--generate-missing-build-notes=yes" -export EXTRA_CFLAGS EXTRA_ASFLAGS - -for suffix in %{build_loop} ; do -(if [ "x$suffix" = "x" ] ; then - debugbuild=release -else - # change --something to something - debugbuild=`echo $suffix | sed "s/-//g"` -fi - -# Variable used in hs_err hook on build failures -top_srcdir_abs_path=$(pwd)/%{top_level_dir_name} - -mkdir -p %{buildoutputdir -- $suffix} -pushd %{buildoutputdir -- $suffix} - -bash ${top_srcdir_abs_path}/configure \ -%ifarch %{jfr_arches} - --enable-jfr \ -%endif - --with-native-debug-symbols=internal \ - --with-milestone="fcs" \ - --with-update-version=%{updatever} \ - --with-build-number=%{buildver} \ - --with-company-name="Bisheng" \ - --with-vendor-name="Bisheng" \ - --with-vendor-url="https://openeuler.org/" \ - --with-vendor-bug-url="https://gitee.com/src-openeuler/openjdk-1.8.0/issues/" \ - --with-vendor-vm-bug-url="https://gitee.com/src-openeuler/openjdk-1.8.0/issues/" \ - --with-debug-level=$debugbuild \ - --enable-unlimited-crypto \ - --with-zlib=system \ - --enable-kae=yes \ - --with-stdc++lib=dynamic \ - --with-extra-cflags="$EXTRA_CFLAGS" \ - --with-extra-cxxflags="$EXTRA_CPP_FLAGS" \ - --with-extra-asflags="$EXTRA_ASFLAGS" \ - --with-extra-ldflags="%{ourldflags}" \ - --with-num-cores="$NUM_PROC" \ - --with-boot-jdk-jvmargs=-XX:-UsePerfData - -cat spec.gmk -cat hotspot-spec.gmk - -# Debug builds don't need same targets as release for -# build speed-up -maketargets="%{release_targets}" -if echo $debugbuild | grep -q "debug" ; then - maketargets="%{debug_targets}" -fi - -make JOBS=%(/usr/bin/getconf _NPROCESSORS_ONLN 2> /dev/null || :) \ - JAVAC_FLAGS=-g \ - SCTP_WERROR= \ - ${maketargets} || ( pwd; find $top_dir_abs_path -name "hs_err_pid*.log" | xargs cat && false ) - -# the build (erroneously) removes read permissions from some jars -# this is a regression in OpenJDK 7 (our compiler): -find images/%{jdkimage} -iname '*.jar' -exec chmod ugo+r {} \; -chmod ugo+r images/%{jdkimage}/lib/ct.sym - -# remove redundant *diz and *debuginfo files -find images/%{jdkimage} -iname '*.diz' -exec rm {} \; -find images/%{jdkimage} -iname '*.debuginfo' -exec rm {} \; - -# Build screws up permissions on binaries -# https://bugs.openjdk.java.net/browse/JDK-8173610 -find images/%{jdkimage} -iname '*.so' -exec chmod +x {} \; -find images/%{jdkimage}/bin/ -exec chmod +x {} \; - -popd >& /dev/null - -# Install nss.cfg right away as we will be using the JRE above -export JAVA_HOME=$(pwd)/%{buildoutputdir -- $suffix}/images/%{jdkimage} - -# Install nss.cfg right away as we will be using the JRE above -install -m 644 nss.cfg $JAVA_HOME/jre/lib/security/ - -# Use system-wide tzdata -rm $JAVA_HOME/jre/lib/tzdb.dat -ln -s %{_datadir}/javazi-1.8/tzdb.dat $JAVA_HOME/jre/lib/tzdb.dat - - -# build cycles -)& -done -wait - -%check - -# We test debug first as it will give better diagnostics on a crash -for suffix in %{rev_build_loop} ; do - -export JAVA_HOME=$(pwd)/%{buildoutputdir -- $suffix}/images/%{jdkimage} - -# Check unlimited policy has been used -$JAVA_HOME/bin/javac -d . %{SOURCE13} -$JAVA_HOME/bin/java TestCryptoLevel - -# Check ECC is working -$JAVA_HOME/bin/javac -d . %{SOURCE14} -$JAVA_HOME/bin/java $(echo $(basename %{SOURCE14})|sed "s|\.java||") - -# Check debug symbols are present and can identify code -find "$JAVA_HOME" -iname '*.so' -print0 | while read -d $'\0' lib -do - if [ -f "$lib" ] ; then - echo "Testing $lib for debug symbols" - # All these tests rely on RPM failing the build if the exit code of any set - # of piped commands is non-zero. - - # Test for .debug_* sections in the shared object. This is the main test - # Stripped objects will not contain these - eu-readelf -S "$lib" | grep "] .debug_" - test $(eu-readelf -S "$lib" | grep -E "\]\ .debug_(info|abbrev)" | wc --lines) == 2 - - # Test FILE symbols. These will most likely be removed by anything that - # manipulates symbol tables because it's generally useless. So a nice test - # that nothing has messed with symbols - old_IFS="$IFS" - IFS=$'\n' - for line in $(eu-readelf -s "$lib" | grep "00000000 0 FILE LOCAL DEFAULT") - do - # We expect to see .cpp files, except for architectures like aarch64 and - # s390 where we expect .o and .oS files - echo "$line" | grep -E "ABS ((.*/)?[-_a-zA-Z0-9]+\.(c|cc|cpp|cxx|o|oS))?$" - done - IFS="$old_IFS" - - # If this is the JVM, look for javaCalls.(cpp|o) in FILEs, for extra sanity checking - if [ "`basename $lib`" = "libjvm.so" ]; then - eu-readelf -s "$lib" | \ - grep -E "00000000 0 FILE LOCAL DEFAULT ABS javaCalls.(cpp|o)$" - fi - - # Test that there are no .gnu_debuglink sections pointing to another - # debuginfo file. There shouldn't be any debuginfo files, so the link makes - # no sense either - eu-readelf -S "$lib" | grep 'gnu' - if eu-readelf -S "$lib" | grep '] .gnu_debuglink' | grep PROGBITS; then - echo "bad .gnu_debuglink section." - eu-readelf -x .gnu_debuglink "$lib" - false - fi - fi -done - -# Make sure gdb can do a backtrace based on line numbers on libjvm.so -# javaCalls.cpp:58 should map to: -# http://hg.openjdk.java.net/jdk8u/jdk8u/hotspot/file/ff3b27e6bcc2/src/share/vm/runtime/javaCalls.cpp#l58 -# Using line number 1 might cause build problems. -gdb -q "$JAVA_HOME/bin/java" <> %{name}-demo.files"$suffix" -# Find documentation demo files. -find $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir -- $suffix}/demo \ - $RPM_BUILD_ROOT%{_jvmdir}/%{sdkdir -- $suffix}/sample \ - -type f -o -type l | sort \ - | grep README \ - | sed 's|'$RPM_BUILD_ROOT'||' \ - | sed 's|^|%doc |' \ - >> %{name}-demo.files"$suffix" - -# Create links which leads to separately installed java-atk-bridge and allow configuration -# links points to java-atk-wrapper - an dependence - pushd $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir -- $suffix}/lib/%{archinstall} - ln -s %{_libdir}/java-atk-wrapper/libatk-wrapper.so.0 libatk-wrapper.so - popd - pushd $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir -- $suffix}/lib/ext - ln -s %{_libdir}/java-atk-wrapper/java-atk-wrapper.jar java-atk-wrapper.jar - popd - pushd $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir -- $suffix}/lib/ - echo "#Config file to enable java-atk-wrapper" > accessibility.properties - echo "" >> accessibility.properties - echo "assistive_technologies=org.GNOME.Accessibility.AtkWrapper" >> accessibility.properties - echo "" >> accessibility.properties - popd - -# intentionally after all else, fx links with redirections on its own -%if %{with_openjfx_binding} - FXSDK_FILES=%{name}-openjfx-devel.files"$suffix" - FXJRE_FILES=%{name}-openjfx.files"$suffix" - echo -n "" > $FXJRE_FILES - echo -n "" > $FXSDK_FILES - for file in %{jfx_jre_libs} ; do - srcfile=%{jfx_jre_libs_dir}/$file - targetfile=%{_jvmdir}/%{jredir -- $suffix}/lib/$file - ln -s $srcfile $RPM_BUILD_ROOT/$targetfile - echo $targetfile >> $FXJRE_FILES - done - for file in %{jfx_jre_native} ; do - srcfile=%{jfx_jre_native_dir}/$file - targetfile=%{_jvmdir}/%{jredir -- $suffix}/lib/%{archinstall}/$file - ln -s $srcfile $RPM_BUILD_ROOT/$targetfile - echo $targetfile >> $FXJRE_FILES - done - for file in %{jfx_jre_exts} ; do - srcfile=%{jfx_jre_exts_dir}/$file - targetfile=%{_jvmdir}/%{jredir -- $suffix}/lib/ext/$file - ln -s $srcfile $RPM_BUILD_ROOT/$targetfile - echo $targetfile >> $FXJRE_FILES - done - for file in %{jfx_sdk_libs} ; do - srcfile=%{jfx_sdk_libs_dir}/$file - targetfile=%{_jvmdir}/%{sdkdir -- $suffix}/lib/$file - ln -s $srcfile $RPM_BUILD_ROOT/$targetfile - echo $targetfile >> $FXSDK_FILES - done - for file in %{jfx_sdk_bins} ; do - srcfile=%{jfx_sdk_bins_dir}/$file - targetfile=%{_jvmdir}/%{sdkdir -- $suffix}/bin/$file - ln -s $srcfile $RPM_BUILD_ROOT/$targetfile - echo $targetfile >> $FXSDK_FILES - done -%endif - -bash %{SOURCE20} $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir -- $suffix} %{javaver} -touch -t 201401010000 $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir -- $suffix}/lib/security/java.security - -# moving config files to /etc -mkdir -p $RPM_BUILD_ROOT/%{etcjavadir -- $suffix}/lib/security/policy/unlimited/ -mkdir -p $RPM_BUILD_ROOT/%{etcjavadir -- $suffix}/lib/security/policy/limited/ -for file in lib/security/cacerts lib/security/policy/unlimited/US_export_policy.jar lib/security/policy/unlimited/local_policy.jar lib/security/policy/limited/US_export_policy.jar lib/security/policy/limited/local_policy.jar lib/security/java.policy lib/security/java.security lib/security/blacklisted.certs lib/logging.properties lib/calendars.properties lib/security/nss.cfg lib/net.properties ; do - mv $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir -- $suffix}/$file $RPM_BUILD_ROOT/%{etcjavadir -- $suffix}/$file - ln -sf %{etcjavadir -- $suffix}/$file $RPM_BUILD_ROOT/%{_jvmdir}/%{jredir -- $suffix}/$file -done - -# stabilize permissions -find $RPM_BUILD_ROOT/%{_jvmdir}/%{sdkdir -- $suffix}/ -name "*.so" -exec chmod 755 {} \; ; -find $RPM_BUILD_ROOT/%{_jvmdir}/%{sdkdir -- $suffix}/ -type d -exec chmod 755 {} \; ; -find $RPM_BUILD_ROOT/%{_jvmdir}/%{sdkdir -- $suffix}/ -name "ASSEMBLY_EXCEPTION" -exec chmod 644 {} \; ; -find $RPM_BUILD_ROOT/%{_jvmdir}/%{sdkdir -- $suffix}/ -name "LICENSE" -exec chmod 644 {} \; ; -find $RPM_BUILD_ROOT/%{_jvmdir}/%{sdkdir -- $suffix}/ -name "THIRD_PARTY_README" -exec chmod 644 {} \; ; - -# end, dual install -done - -%if %{include_normal_build} -# intentionally only for non-debug -%pretrans headless -p --- if copy-jdk-configs is in transaction, it installs in pretrans to temp --- if copy_jdk_configs is in temp, then it means that copy-jdk-configs is in transaction and so is --- preferred over one in %%{_libexecdir}. If it is not in transaction, then depends --- whether copy-jdk-configs is installed or not. If so, then configs are copied --- (copy_jdk_configs from %%{_libexecdir} used) or not copied at all -local posix = require "posix" - -if (os.getenv("debug") == "true") then - debug = true; - print("cjc: in spec debug is on") -else - debug = false; -end - -SOURCE1 = "%{rpm_state_dir}/copy_jdk_configs.lua" -SOURCE2 = "%{_libexecdir}/copy_jdk_configs.lua" - -local stat1 = posix.stat(SOURCE1, "type"); -local stat2 = posix.stat(SOURCE2, "type"); - - if (stat1 ~= nil) then - if (debug) then - print(SOURCE1 .." exists - copy-jdk-configs in transaction, using this one.") - end; - package.path = package.path .. ";" .. SOURCE1 -else - if (stat2 ~= nil) then - if (debug) then - print(SOURCE2 .." exists - copy-jdk-configs already installed and NOT in transaction. Using.") - end; - package.path = package.path .. ";" .. SOURCE2 - else - if (debug) then - print(SOURCE1 .." does NOT exists") - print(SOURCE2 .." does NOT exists") - print("No config files will be copied") - end - return - end -end --- run content of included file with fake args -cjc = require "copy_jdk_configs.lua" -arg = {"--currentjvm", "%{uniquesuffix %{nil}}", "--jvmdir", "%{_jvmdir %{nil}}", "--origname", "%{name}", "--origjavaver", "%{javaver}", "--arch", "%{_arch}", "--temp", "%{rpm_state_dir}/%{name}.%{_arch}"} -cjc.mainProgram(arg) - -%post -%{post_script %{nil}} - -%post headless -%{post_headless %{nil}} - -%postun -%{postun_script %{nil}} - -%postun headless -%{postun_headless %{nil}} - -%posttrans -%{posttrans_script %{nil}} - -%post devel -%{post_devel %{nil}} - -%postun devel -%{postun_devel %{nil}} - -%posttrans devel -%{posttrans_devel %{nil}} - -%post javadoc -%{post_javadoc %{nil}} - -%postun javadoc -%{postun_javadoc %{nil}} - -%post javadoc-zip -%{post_javadoc_zip %{nil}} - -%postun javadoc-zip -%{postun_javadoc_zip %{nil}} - -%endif - -%if %{include_debug_build} -%post slowdebug -%{post_script -- %{debug_suffix_unquoted}} - -%post headless-slowdebug -%{post_headless -- %{debug_suffix_unquoted}} - -%postun slowdebug -%{postun_script -- %{debug_suffix_unquoted}} - -%postun headless-slowdebug -%{postun_headless -- %{debug_suffix_unquoted}} - -%posttrans slowdebug -%{posttrans_script -- %{debug_suffix_unquoted}} - -%post devel-slowdebug -%{post_devel -- %{debug_suffix_unquoted}} - -%postun devel-slowdebug -%{postun_devel -- %{debug_suffix_unquoted}} - -%posttrans devel-slowdebug -%{posttrans_devel -- %{debug_suffix_unquoted}} - -%endif - -%if %{include_normal_build} -%files -# main package builds always -%{files_jre %{nil}} -%else -%files -# placeholder -%endif - - -%if %{include_normal_build} -%files headless -%{files_jre_headless %{nil}} - -%files devel -%{files_devel %{nil}} - -%files demo -f %{name}-demo.files -%{files_demo %{nil}} - -%files src -%{files_src %{nil}} - -%files javadoc -%{files_javadoc %{nil}} - -# this puts huge file to /usr/share -# unluckily ti is really a documentation file -# and unluckily it really is architecture-dependent, as eg. aot and grail are now x86_64 only -# same for debug variant -%files javadoc-zip -%{files_javadoc_zip %{nil}} - -%files accessibility -%{files_accessibility %{nil}} - -%if %{with_openjfx_binding} -%files openjfx -f %{name}-openjfx.files - -%files openjfx-devel -f %{name}-openjfx-devel.files -%endif -%endif - -%if %{include_debug_build} -%files slowdebug -%{files_jre -- %{debug_suffix_unquoted}} - -%files headless-slowdebug -%{files_jre_headless -- %{debug_suffix_unquoted}} - -%files devel-slowdebug -%{files_devel -- %{debug_suffix_unquoted}} - -%files demo-slowdebug -f %{name}-demo.files-slowdebug -%{files_demo -- %{debug_suffix_unquoted}} - -%files src-slowdebug -%{files_src -- %{debug_suffix_unquoted}} - -%files accessibility-slowdebug -%{files_accessibility -- %{debug_suffix_unquoted}} - -%if %{with_openjfx_binding} -%files openjfx-slowdebug -f %{name}-openjfx.files-slowdebug - -%files openjfx-devel-slowdebug -f %{name}-openjfx-devel.files-slowdebug -%endif -%endif - -%changelog -* Thu Jul 28 2022 kuenking111 - 1:1.8.0.342-b07.2 -- add modify_coding_style_and_describe_error.patch -- add Improve_AlgorithmConstraints_checkAlgorithm_performance.patch -- add fix_wrap_memcpy_undefined_gcc10_3.patch -- modified implementation_of_Blas_hotspot_function_in_Intrinsics.patch - -* Thu Jul 28 2022 kuenking111 - 1:1.8.0.342-b07.1 -- del hg git files - -* Fri Jul 22 2022 kuenking111 - 1:1.8.0.342-b07.0 -- del 8168926.patch -- del 8194154.patch -- del 8202142-jfr-event-io-TestInstrumentation-is-unstable.patch -- del 8266187_Memory_leak_in_appendBootClassPath.patch -- del debuginfo.diz-should-not-contain-the-path-after-unzip.patch -- del fix-make-bugs-when-git-and-hg-not-exist.patch -- modified 7092821-java.security.Provider.getService-is-synchro.patch -- modified 8268819-SA-Remove-libthread_db-dependency-on-Linux.patch -- modified fix-log-bug-enhance-aes-hmac-performance.patch - -* Fri Jul 15 2022 kuenking111 - 1:1.8.0.332-b09.7 -- del remove-gnu-debuglink-when-using-enable-debug-.patch - -* Mon Jul 4 2022 kuenking111 - 1:1.8.0.332-b09.6 -- add 8067941-TESTBUG-Fix-tests-for-OS-with-64K-page-size.patch - -* Mon Jul 4 2022 kuenking111 - 1:1.8.0.332-b09.5 -- add 8173339-AArch64-Fix-minimum-stack-size-computations.patch - -* Mon Jul 4 2022 kuenking111 - 1:1.8.0.332-b09.4 -- add 7092821-java.security.Provider.getService-is-synchro.patch - -* Thu Jun 30 2022 kuenking111 - 1:1.8.0.332-b09.3 -- add change-sa-jdi.jar-make-file-for-BEP.PATCH - -* Thu Apr 28 2022 kuenking111 - 1:1.8.0.332-b09.2 -- add fix_X509TrustManagerImpl_symantec_distrust.patch - -* Wed Apr 27 2022 kuenking111 - 1:1.8.0.332-b09.1 -- add Fix-compile-and-runtime-failures-for-minimal1-versio.patch - -* Wed Apr 27 2022 kuenking111 - 1:1.8.0.332-b09.0 -- deleted Support-Git-commit-ID-in-the-SOURCE-field-of-the-release.patch -- deleted 8167014-jdeps-failed-with-Missing-message-warn-skippen-entry.patch -- deleted fix-wrong-commitID-in-release-file.patch -- deleted recreate-.java_pid-file-when-deleted-for-attach-mechanism.patch -- modified update-cacerts-and-VerifyCACerts.java-test.patch -- modified 8194154.patch -- modified add-missing-test-case.patch -- add fix-make-bugs-when-git-and-hg-not-exist.patch - -* Wed Mar 2 2022 kuenking111 - 1:1.8.0.322-b06.4 -- add 8268819-SA-Remove-libthread_db-dependency-on-Linux.patch - -* Tue Mar 1 2022 kuenking111 - 1:1.8.0.322-b06.3 -- modified 8233280-Remove-GCLockerInvokesConcurrent-relative-logic-for-G1.patch - -* Wed Feb 16 2022 kuenking111 - 1:1.8.0.322-b06.2 -- add add-system-property-swing.JComboBox.useLegacyMode.patch -- add debuginfo.diz-should-not-contain-the-path-after-unzip.patch -- add 8173361-various-crashes-in-JvmtiExport-post_compiled.patch -- add fix-TestUseCompressedOopsErgo-run-failed.patch -- add fix-testme-Test6929067-run-faild.patch -- add penetration_testing_vulnerability_fix.patch -- add 8136577_Make_AbortVMOnException_available_in_product_builds.patch -- add add-environment-variable-ZIP_INVALID_LOC_HEADER_EXIT.patch -- add print-fd-and-file-path-when-a-zip-invalid-loc-header.patch -- add 8207011-Remove-uses-of-the-register-storage-class-specifier.patch -- modified implementation_of_Blas_hotspot_function_in_Intrinsics.patch - -* Tue Feb 15 2022 eapen - 1:1.8.0.322-b06.1 -- fix makes failure when gcc version is lower than 8 - -* Thu Feb 10 2022 eapen - 1:1.8.0.322-b06.0 -- upgrade to 8u322-b06(ga) -- modified fast-serializer-jdk8.patch to adopt openjdk -- modified update-cacerts-and-VerifyCACerts.java-test.patch -- deleted 8182036.patch -- deleted 8183543-Aarch64-C2-compilation-often-fails-with-fail--last.patch -- deleted Delete-expired-certificate-globalsignr2ca.patch -- deleted inline-optimize-for-aarch64.patch - -* Tue Jan 05 2021 noah - 1:1.8.0.312-b07.11 -- adapted to newst cjc to fix issue with rpm 4.17 - -* Tue Dec 21 2021 kuenking111 - 1:1.8.0.312-b07.10 -- delete stack protection - -* Mon Dec 20 2021 kuenking111 - 1:1.8.0.312-b07.9 -- add downgrade-the-symver-of-fcntl64.patch - -* Mon Dec 20 2021 kuenking111 - 1:1.8.0.312-b07.8 -- add wrap_memcpy to libsaproc - -* Thu Dec 16 2021 kuenking111 - 1:1.8.0.312-b07.7 -- add Delete-expired-certificate-globalsignr2ca.patch - -* Fri Dec 10 2021 kuenking111 - 1:1.8.0.312-b07.6 -- add G1Uncommit-add-G1UncommitLog-limit-before-G1Uncommit.patch - -* Fri Dec 10 2021 kuenking111 - 1:1.8.0.312-b07.5 -- add G1-Full-GC-parallel-mark.patch - -* Fri Dec 10 2021 kuenking111 - 1:1.8.0.312-b07.4 -- add G1Ucommit-Refactor-Trigger-mechanism.patch - -* Fri Dec 10 2021 kuenking111 - 1:1.8.0.312-b07.3 -- add 8233280-Remove-GCLockerInvokesConcurrent-relative-logic-for-G1.patch - -* Fri Dec 10 2021 kuenking111 - 1:1.8.0.312-b07.2 -- add 8273111-Default-timezone-should-return-zone-ID-if-locatiome-is-valid-but-not-canonicalization-on-linux.patch - -* Tue Nov 23 2021 lijingwei - 1:1.8.0.312-b07.1 -- correct spec file release number typo - -* Mon Nov 1 2021 kuenking111 - 1:1.8.0.312-b07.0 -- update to 8u312-b07(ga) -- delete 8194246.patch -- delete 8214418-half-closed-SSLEngine-status-may-cause-appli.patch -- delete 8268453-sun-security-pkcs12-EmptyPassword.java-fails.patch -- modified Parallel-Full-GC-for-G1.patch -- modified update-cacerts-and-VerifyCACerts.java-test.patch -- modified openjdk-1.8.0.spec - -* Fri Oct 15 2021 zhangweiguo - 1:1.8.0.302-b07.5 -- parallelize compilation targets and set make JOBS to cpu number - -* Sat Sep 18 2021 kuenking111 - 1:1.8.0.302-b07.4 -- add 8183543-Aarch64-C2-compilation-often-fails-with-fail--last.patch - -* Fri Sep 17 2021 kuenking111 - 1:1.8.0.302-b07.3 -- add 8167014-jdeps-failed-with-Missing-message-warn-skippen-entry.patch -- add fix_bug_in_keypairgenerator.patch -- add C1-assert-is_virtual-failed-type-check.patch -- add 8197387-Run-the-jcmd-tool-as-the-root-user-to-access.patch -- add create-jfr-dump-file-with-pid-or-timestamp-if-specif.patch -- add 8268453-sun-security-pkcs12-EmptyPassword.java-fails.patch -- add enhance-the-TimeZone-s-path-solution-on-Euler.patch -- add fix-wrong-commitID-in-release-file.patch -- add fix-appcds-s-option-AppCDSLockFile.patch -- add PS-introduce-UsePSRelaxedForwardee-to-enable-using-r.patch -- add Parallel-Full-GC-for-G1.patch -- add 8202142-jfr-event-io-TestInstrumentation-is-unstable.patch -- add 8143251-Thread-suspend-on-VM_G1IncCollectionPause-do.patch -- add G1Uncommit-Introduce-G1PeriodGCNotRetry-control-whet.patch -- add JDK-debug-version-crash-when-using-AppCDS.patch - -* Fri Aug 20 2021 kuenking111 - 1:1.8.0.302-b07.2 -- add fix_g1uncommit_ygc_expand_crash.patch - -* Thu Aug 19 2021 eapen - 1:1.8.0.302-b07.1 -- delete 8266929_huawei_add_oid_mapping_common_sig_types.patch - -* Wed Aug 11 2021 eapen - 1:1.8.0.302-b07.0 -- update to 8u302-b07(ga)(switch to jdk8u from aarch64-port/jdk8u-shenandoah) -- add 8069191.patch -- add fix-lock-ordering-issue-when-calling-JVMTI-GetLoaded.patch -- delete 8134883.patch -- delete 818172_overflow_when_strength_reducing_interger_multiply.patch -- delete 8190332.patch -- delete 8191955.patch -- delete 8203196.patch -- delete 8214345.patch -- delete 8231631.patch -- delete 8231841-debug.cpp-help-is-missing-an-AArch64-line-fo.patch -- delete 8259886-Improve-SSL-session-cache-performance-and-sc.patch -- delete 8264640.patch -- delete delete_untrustworthy_cacert_soneraclass2ca.patch -- delete fix-crash-in-JVMTI-debug.patch -- other adaptations to jdk8u302 - -* Mon Jul 12 2021 noah - 1:1.8.0.292-b10.19 -- add Fix-RSACipher-memory-usage.patch - -* Mon Jul 12 2021 kuenking111 - 1:1.8.0.292-b10.18 -- fix run SPECjvm2008 failed on 32 bit system - -* Thu Jul 8 2021 noah - 1:1.8.0.292-b10.17 -- remove debug log to reduce build time - -* Mon Jul 5 2021 noah - 1:1.8.0.292-b10.16 -- add Fix-ECDH-and-DH-memory-usage.patch - -* Mon Jun 28 2021 kuenking111 - 1:1.8.0.292-b10.15 -- fix delete_untrustworthy_cacert_soneraclass2ca.patch - -* Thu Jun 17 2021 kuenking111 - 1:1.8.0.292-b10.14 -- fix systemDictionary resolve_from_stream ResourceMark - -* Wed Jun 16 2021 kuenking111 - 1:1.8.0.292-b10.13 -- add fix_G1GC_memory_leak_in_numa.patch - -* Sat Jun 12 2021 kuenking111 - 1:1.8.0.292-b10.12 -- add implementation_of_Blas_hotspot_function_in_Intrinsics.patch - -* Sat Jun 12 2021 kuenking111 - 1:1.8.0.292-b10.11 -- add g1gc-numa-aware-Implementation.patch - -* Fri Jun 11 2021 hu_bo_dao - 1:1.8.0.292-b10.10 -- add support_CMS_parallel_inspection.patch - -* Wed Jun 9 2021 noah - 1:1.8.0.292-b10.9 -- add modify_the_default_iteration_time_and_forks_in_the_JMH_of_KAEProvider.patch - -* Tue Jun 8 2021 noah - 1:1.8.0.292-b10.8 -- fix kae exception compatibility - -* Tue Jun 8 2021 kuenking111 - 1:1.8.0.292-b10.7 -- add improve_algorithmConstraints_checkAlgorithm_performance.patch - -* Mon Jun 7 2021 kuenking111 - 1:1.8.0.292-b10.6 -- add add_kae_implementation_add_default_conf_file.patch - -* Fri Jun 4 2021 hedongbo - 1:1.8.0.292-b10.5 -- change the way to get the version in openjdk-1.8.0.spec - -* Thu May 27 2021 kuenking111 - 1:1.8.0.292-b10.4 -- add 8264640.patch - -* Fri May 21 2021 kuenking111 - 1:1.8.0.292-b10.3 -- add 8266929_huawei_add_oid_mapping_common_sig_types.patch - -* Fri May 21 2021 kuenking111 - 1:1.8.0.292-b10.2 -- add 8266187_Memory_leak_in_appendBootClassPath.patch - -* Fri May 21 2021 kuenking111 - 1:1.8.0.292-b10.1 -- add 8247691_incorrect_handling_of_VM_exceptions_in_C1_deopt_stub.patch - -* Tue May 18 2021 eapen - 1:1.8.0.292-b10.0 -- update to jdk8u292-b10 -- split sync-patch to multi patches - -* Wed May 19 2021 Noah - 1:1.8.0.282-b08.19 -- add add-kaeEngine-to-rsa.patch - -* Mon May 17 2021 Noah - 1:1.8.0.282-b08.18 -- add kae-phase2.patch - -* Tue Apr 20 2021 aijm - 1:1.8.0.282-b08.17 -- delete zlib-optimization.patch -- modify src-openeuler-openjdk-1.8.0-resolve-code-inconsistencies.patch - -* Tue Apr 20 2021 aijm - 1:1.8.0.282-b08.16 -- add Code-style-fix.patch - -* Tue Apr 20 2021 aijm - 1:1.8.0.282-b08.15 -- add fix-windows-compile-fail.patch - -* Tue Apr 20 2021 aijm - 1:1.8.0.282-b08.14 -- add fix-BoxTypeCachedMax-build-failure-when-jvm-variants.patch - -* Mon Apr 19 2021 aijm - 1:1.8.0.282-b08.13 -- add add-missing-test-case.patch - -* Thu Apr 15 2021 kuenking - 1:1.8.0.282-b08.12 -- add 818172_overflow_when_strength_reducing_interger_multiply.patch - -* Tue Apr 13 2021 kuenking - 1:1.8.0.282-b08.11 -- add src-openeuler-openjdk-1.8.0-resolve-code-inconsistencies.patch - -* Fri Apr 2 2021 Benshuai5D - 1:1.8.0.282-b08.10 -- delete redundant set-vm.vendor-by-configure.patch -- delete redundant make-disable-precompiled-headers-work.patch -- delete redundant FromCardCache-default-card-index-can-cause.patch -- delete redundant The-runok-method-retrying-another-port-does-not-take.patch -- delete redundant fix-incorrect-offset-for-opp-field-with-weak-memory-.patch -- delete redundant dismiss-company_name-info-of-java-version.patch - -* Sat Mar 27 2021 Noah - 1:1.8.0.282-b08.9 -- add fix_VerifyCerts.java_testcase_bug.patch - -* Fri Mar 19 2021 kuenking111 - 1:1.8.0.282-b08.8 -- add 8214535-support-Jmap-parallel.patch - -* Fri Mar 19 2021 DataAndOperation - 1:1.8.0.282-b08.7 -- add 8231841-debug.cpp-help-is-missing-an-AArch64-line-fo.patch -- add initialized-value-should-be-0-in-perfInit.patch -- add 8254078-DataOutputStream-is-very-slow-post-disabling.patch -- add Use-atomic-operation-when-G1Uncommit.patch -- add 8168996-backport-of-C2-crash-at-postaloc.cpp-140-ass.patch -- add 8140597-Postpone-the-initial-mark-request-until-the-.patch -- add Use-Mutex-when-G1Uncommit.patch -- add C1-typos-repair.patch -- add 8214418-half-closed-SSLEngine-status-may-cause-appli.patch -- add 8259886-Improve-SSL-session-cache-performance-and-sc.patch - -* Wed Mar 17 2021 noah - 1:1.8.0.282-b08.6 -- add kae-phase1.patch - -* Fri Feb 5 2021 noah - 1:1.8.0.282-b08.5 -- delete some file header - -* Thu Feb 4 2021 jdkboy - 1:1.8.0.282-b08.4 -- add 8240353.patch - -* Thu Feb 4 2021 jdkboy - 1:1.8.0.282-b08.3 -- fix wrong patch G1-memory-uncommit.patch - -* Wed Feb 3 2021 jdkboy - 1:1.8.0.282-b08.2 -- add missing mapfile in G1-memory-uncommit.patch - -* Wed Feb 3 2021 jdkboy - 1:1.8.0.282-b08.1 -- update sha512sum of arch64-port-jdk8u-shenandoah-aarch64-shenandoah-jdk8u282-b08.tar.xz - -* Tue Feb 2 2021 jdkboy - 1:1.8.0.282-b08.0 -- updated to aarch64-shenandoah-jdk8u282-b08 (from aarch64-port/jdk8u-shenandoah) -- delete 8160300.patch -- delete The-runok-method-retrying-another-port-does-not-take.patch -- delete 8214440-ldap-over-a-TLS-connection-negotiate-fail.patch -- delete 8165808-Add-release-barriers-when-allocating-objects-with-concurrent-collection.patch -- delete 8166583-Add-oopDesc-klass_or_null_acquire.patch -- delete 8166862-CMS-needs-klass_or_null_acquire.patch -- delete 8223940-Private-key-not-supported-by-chosen-signature.patch -- delete 8236512-PKCS11-Connection-closed-after-Cipher.doFinal-and-NoPadding.patch -- delete 8250861-Crash-in-MinINode-Ideal-PhaseGVN-bool.patch -- add 8080911.patch -- add 8168926.patch -- add 8215047.patch -- add 8237894.patch -- add Remove-the-parentheses-around-company-name.patch - -* Thu Dec 24 2020 lee18767 - 1:1.8.0.272-b10.14 -- add add-appcds-test-case.patch - -* Wed Dec 23 2020 hubodao - 1:1.8.0.272-b10.13 -- add delete-untrustworthy-cacert.patch - -* Wed Dec 23 2020 wujiahua - 1:1.8.0.272-b10.12 -- add 8207160-ClassReader-adjustMethodParams-can-potentially-return-null-if-the-args-list-is-empty.patch - -* Wed Dec 23 2020 DataAndOperation - 1:1.8.0.272-b10.11 -- add 8040327-Eliminate-AnnotatedType-8040319-Clean-up-type-annotation-exception-index.patch - -* Tue Dec 22 2020 miaozhuojun - 1:1.8.0.272-b10.10 -- add 8015927-Class-reference-duplicates-in-constant-pool.patch - -* Tue Dec 22 2020 cruise01 - 1:1.8.0.272-b10.9 -- add G1-memory-uncommit.patch - -* Tue Dec 22 2020 kuenking - 1:1.8.0.272-b10.8 -- add add-appcds-file-lock.patch - -* Mon Dec 21 2020 noah - 1:1.8.0.272-b10.7 -- add a license to this repo - -* Tue Nov 10 2020 ow_wo - 1:1.8.0.272-b10.6 -- add 8236512-PKCS11-Connection-closed-after-Cipher.doFinal-and-NoPadding.patch -- add 8250861-Crash-in-MinINode-Ideal-PhaseGVN-bool.patch - -* Mon Nov 09 2020 ow_wo - 1:1.8.0.272-b10.5 -- add 8223940-Private-key-not-supported-by-chosen-signature.patch - -* Fri Nov 06 2020 jdkboy - 1:1.8.0.272-b10.4 -- add 8165808-Add-release-barriers-when-allocating-objects-with-concurrent-collection.patch -- add 8166583-Add-oopDesc-klass_or_null_acquire.patch -- add 8166862-CMS-needs-klass_or_null_acquire.patch -- add 8160369.patch -- add PS-GC-adding-acquire_size-method-for-PSParallelCompa.patch - -* Fri Nov 06 2020 wuyan - 1:1.8.0.272-b10.3 -- add 8248336-AArch64-C2-offset-overflow-in-BoxLockNode-em.patch - -* Fri Nov 06 2020 xiezhaokun - 1:1.8.0.272-b10.2 -- add 8214440-ldap-over-a-TLS-connection-negotiate-fail.patch - -* Sat Oct 24 2020 noah - 1:1.8.0.272-b10.1 -- rename Boole to Bisheng - -* Fri Oct 23 2020 - 1:1.8.0.272-b10.0 -- updated to aarch64-shenandoah-jdk8u272-b10 (from aarch64-port/jdk8u-shenandoah) -- deleted: 8046294-Generate-the-4-byte-timestamp-randomly.patch -- deleted: 8148754-C2-loop-unrolling-fails-due-to-unexpected-gr.patch -- deleted: 8151788.patch -- deleted: 8161072.patch -- deleted: 8171537.patch -- deleted: 8203481-Incorrect-constraint-for-unextended_sp-in-frame-safe_for_sender.patch -- deleted: 8203699-java-lang-invoke-SpecialInte.patch -- modified: Extend-CDS-to-support-app-class-metadata-sharing.patch -- deleted: Test-SSLSocketSSLEngineTemplate.java-intermittent-fa.patch -- modified: fast-serializer-jdk8.patch -- deleted: fix-CompactibleFreeListSpace-block_size-crash.patch -- deleted: fix-incorrect-klass-field-in-oop-with-weak-memory-model.patch - -* Mon Sep 21 2020 noah -:1.8.0.265-b10.6 -- add add-DumpSharedSpace-guarantee-when-create-anonymous-classes.patch - -* Fri Sep 11 2020 noah -:1.8.0.265-b10.5 -- add 6896810-Pin.java-fails-with-OOME-during-System.out.p.patch -- add 8231631-sun-net-ftp-FtpURLConnectionLeak.java-fails-.patch -- add Test8167409.sh-fails-to-run-with-32bit-jdk-on-64bit-.patch -- add Test-SSLSocketSSLEngineTemplate.java-intermittent-fa.patch -- add The-runok-method-retrying-another-port-does-not-take.patch -- add 8048210-8056152-fix-assert-fail-for-an-InnocuousThre.patch -- add 8160425-Vectorization-with-signalling-NaN-returns-wr.patch -- add 8181503-Can-t-compile-hotspot-with-c-11.patch -- add 8243670-Unexpected-test-result-caused-by-C2-MergeMem.patch -- add fix-crash-in-JVMTI-debug.patch -- add fix-incorrect-klass-field-in-oop-with-weak-memory-model.patch -- add Fix-LineBuffer-vappend-when-buffer-too-small.patch -- add make-disable-precompiled-headers-work.patch -- add fix-CompactibleFreeListSpace-block_size-crash.patch -- add Remove-unused-GenericTaskQueueSet-T-F-tasks.patch -- add optimize-jmap-F-dump-xxx.patch -- add recreate-.java_pid-file-when-deleted-for-attach-mechanism.patch -- add Support-Git-commit-ID-in-the-SOURCE-field-of-the-release.patch -- add Extend-CDS-to-support-app-class-metadata-sharing.patch -- add zlib-optimization.patch - -* Tue Sep 8 2020 noah - 1:1.8.0.265-b10.4 -- add fast-serializer-jdk8.patch - -* Mon Sep 7 2020 noah - 1:1.8.0.265-b10.3 -- Delete some file header information - -* Mon Sep 1 2020 jdkboy - 1:1.8.0.265-b10.2 -- Remove fast-serializer-jdk8.patch - -* Tue Aug 29 2020 jdkboy - 1:1.8.0.265-b10.1 -- Add leaf-optimize-in-ParallelScanvageGC.patch -- Add 8046294-Generate-the-4-byte-timestamp-randomly.patch -- Add 8203481-Incorrect-constraint-for-unextended_sp-in-frame-safe_for_sender.patch -- Add fix-LongCache-s-range-when-BoxTypeCachedMax-number-is-bigger-than-Integer.MAX_VALUE.patch -- Add Ddot-intrinsic-implement.patch -- Add 8234003-Improve-IndexSet-iteration.patch -- Add 8220159-Optimize-various-RegMask-operations-by-introducing-watermarks.patch -- Remove prohibition-of-irreducible-loop-in-mergers.patch - -* Tue Aug 25 2020 noah - 1:1.8.0.265-b10.0 -- Update to aarch64-shenandoah-jdk8u-8u265-b01 -- add fix-Long-cache-range-and-remove-VM-option-java.lang.IntegerCache.high-by-default.patch - -* Mon Jul 21 2020 noah - 1:1.8.0.262-b10.1 -- add 8205921-Optimizing-best-of-2-work-stealing-queue-selection.patch - -* Thu Jul 18 2020 jdkboy - 1:1.8.0.262-b10.0 -- Update to aarch64-shenandoah-jdk8u-8u262-b10 -- add 8144993-Elide-redundant-memory-barrier-after-AllocationNode.patch -- add 8223504-improve-performance-of-forall-loops-by-better.patch -- add add-vm-option-BoxTypeCachedMax-for-Integer-and-Long-cache.patch -- add 8080289-8040213-8189067-move-the-store-out-of-the-loop.patch -- add fast-serializer-jdk8.patch -- add 8182397-race-in-field-updates.patch -- add --with-company-name="Boole" -- remove fix-incorrect-offset-for-oop-field-with-weak-memory-.patch - -* Thu Jun 11 2020 jdkboy - 1:1.8.0.262-b05.9 -- Update to aarch64-shenandoah-jdk8u-8u262-b05 - -* Tue Jun 9 2020 jdkboy - 1:1.8.0.262-b02.8 -- Add some judgement - -* Fri May 29 2020 Noah - 1:1.8.0.262-b02.7 -- Support desktop, nss, systemtap and openjfx. -- Provide slowdebug and java-doc-zip - -* Thu May 21 2020 jdkboy - 1:1.8.0.262-b02.6 -- Update to jdk8u-shenandoah-8u262-b02 -- Create GC worker threads dynamically - -* Fri Mar 20 2020 jdkboy - 1:1.8.0.242-b08.5 -- upgrade openjdk to jdk8u242-b08 - -* Thu Mar 12 2020 jdkboy - 1:1.8.0.232-b09.4 -- add inline optimize for aarch64 - -* Thu Mar 12 2020 jdkboy - 1:1.8.0.232-b09.3 -- add libjpeg.so in jre - -* Tue Jan 21 2020 jdkboy - 1:1.8.0.232-b09.2 -- remove accessibility - -* Sat Dec 14 2019 guoge - 1:1.8.0.232-b09.1 -- Initial build from OpenJDK aarch64-shenandoah-8u232-b09 diff --git a/kae-usability-enhancement.patch b/kae-usability-enhancement.patch new file mode 100644 index 0000000..ec1207a --- /dev/null +++ b/kae-usability-enhancement.patch @@ -0,0 +1,3640 @@ +From 8545f560d406db592303b09fc576c13ba9a8caa0 Mon Sep 17 00:00:00 2001 +From: kuenking111 +Date: Sat, 3 Sep 2022 14:18:42 +0000 +Subject: [PATCH 2/6] kae-usability-enhancement + +--- + jdk/make/CopyFiles.gmk | 2 +- + jdk/make/mapfiles/libj2kae/mapfile-vers | 1 + + jdk/src/share/lib/security/kaeprovider.conf | 65 ++- + .../openeuler/security/openssl/KAEConfig.java | 386 ++++++++++++++++++ + .../openeuler/security/openssl/KAELog.java | 183 +++++++++ + .../security/openssl/KAEProvider.java | 151 ++++--- + .../security/openssl/KAESM4Cipher.java | 181 ++++++++ + .../security/openssl/kae_cipher_rsa.c | 13 +- + .../openeuler/security/openssl/kae_digest.c | 9 +- + .../org/openeuler/security/openssl/kae_hmac.c | 9 +- + .../security/openssl/kae_keyagreement_dh.c | 4 +- + .../openssl/kae_keypairgenerator_dh.c | 4 +- + .../openssl/kae_keypairgenerator_rsa.c | 6 +- + .../openeuler/security/openssl/kae_provider.c | 54 ++- + .../security/openssl/kae_signature_rsa.c | 21 +- + .../security/openssl/kae_symmetric_cipher.c | 9 +- + .../org/openeuler/security/openssl/kae_util.c | 138 ++++++- + .../org/openeuler/security/openssl/kae_util.h | 51 ++- + .../openeuler/security/openssl/AESTest.java | 114 ++++++ + .../openeuler/security/openssl/DHTest.java | 9 +- + .../security/openssl/DigestTest.java | 60 +++ + .../openeuler/security/openssl/ECDHTest.java | 1 + + .../openeuler/security/openssl/HmacTest.java | 88 ++++ + .../security/openssl/KAEConfTest.java | 121 ++++++ + .../openssl/KAEDisabledAlgorithmsTest.java | 164 ++++++++ + .../security/openssl/KAEEngineIdTest.java | 76 ++++ + .../security/openssl/KAELogTest.java | 126 ++++++ + .../security/openssl/KAETestHelper.java | 209 ++++++++++ + .../security/openssl/KAEUseEngineTest.java | 262 ++++++++++++ + .../security/openssl/KaeDebugLogTest.java | 88 ++++ + .../security/openssl/KaeProviderTest.java | 170 ++++++++ + .../openeuler/security/openssl/RSATest.java | 137 +++++++ + .../openeuler/security/openssl/SM3Test.java | 54 --- + .../openeuler/security/openssl/SM4Test.java | 62 ++- + 34 files changed, 2844 insertions(+), 184 deletions(-) + create mode 100644 jdk/src/solaris/classes/org/openeuler/security/openssl/KAEConfig.java + create mode 100644 jdk/src/solaris/classes/org/openeuler/security/openssl/KAELog.java + create mode 100644 jdk/test/org/openeuler/security/openssl/AESTest.java + create mode 100644 jdk/test/org/openeuler/security/openssl/DigestTest.java + create mode 100644 jdk/test/org/openeuler/security/openssl/HmacTest.java + create mode 100644 jdk/test/org/openeuler/security/openssl/KAEConfTest.java + create mode 100644 jdk/test/org/openeuler/security/openssl/KAEDisabledAlgorithmsTest.java + create mode 100644 jdk/test/org/openeuler/security/openssl/KAEEngineIdTest.java + create mode 100644 jdk/test/org/openeuler/security/openssl/KAELogTest.java + create mode 100644 jdk/test/org/openeuler/security/openssl/KAETestHelper.java + create mode 100644 jdk/test/org/openeuler/security/openssl/KAEUseEngineTest.java + create mode 100644 jdk/test/org/openeuler/security/openssl/KaeDebugLogTest.java + create mode 100644 jdk/test/org/openeuler/security/openssl/KaeProviderTest.java + create mode 100644 jdk/test/org/openeuler/security/openssl/RSATest.java + delete mode 100644 jdk/test/org/openeuler/security/openssl/SM3Test.java + +diff --git a/jdk/make/CopyFiles.gmk b/jdk/make/CopyFiles.gmk +index 2a6fc0932..806d7bec1 100644 +--- a/jdk/make/CopyFiles.gmk ++++ b/jdk/make/CopyFiles.gmk +@@ -634,7 +634,7 @@ endif + ifeq ($(ENABLE_KAE), true) + ifeq ($(OPENJDK_TARGET_CPU_ARCH), aarch64) + +- KAE_CONF_PATH= $(JDK_OUTPUTDIR)/lib/ext ++ KAE_CONF_PATH= $(JDK_OUTPUTDIR)/lib + $(KAE_CONF_PATH)/kaeprovider.conf: $(JDK_TOPDIR)/src/share/lib/security/kaeprovider.conf + $(call install-file) + +diff --git a/jdk/make/mapfiles/libj2kae/mapfile-vers b/jdk/make/mapfiles/libj2kae/mapfile-vers +index 128d1e322..a1bdb830b 100644 +--- a/jdk/make/mapfiles/libj2kae/mapfile-vers ++++ b/jdk/make/mapfiles/libj2kae/mapfile-vers +@@ -27,6 +27,7 @@ SUNWprivate_1.1 { + global: + JNI_OnLoad; + Java_org_openeuler_security_openssl_KAEProvider_initOpenssl; ++ Java_org_openeuler_security_openssl_KAEProvider_getEngineFlags; + Java_org_openeuler_security_openssl_KAEDigest_nativeInit; + Java_org_openeuler_security_openssl_KAEDigest_nativeUpdate; + Java_org_openeuler_security_openssl_KAEDigest_nativeDigest; +diff --git a/jdk/src/share/lib/security/kaeprovider.conf b/jdk/src/share/lib/security/kaeprovider.conf +index a48969669..cc50611d1 100644 +--- a/jdk/src/share/lib/security/kaeprovider.conf ++++ b/jdk/src/share/lib/security/kaeprovider.conf +@@ -1,9 +1,13 @@ + # +-# This is the config file for KAEProvider ++# This is the config file for KAEProvider. ++# These configuration properties support the use of jdk system properties, ++# and jdk system properties take precedence over file configuration properties. ++# For detailed usage, please refer to the user manual: ++# https://gitee.com/openeuler/bishengjdk-8/wikis/%E4%B8%AD%E6%96%87%E6%96%87%E6%A1%A3/KAE%20Provider%E7%94%A8%E6%88%B7%E4%BD%BF%E7%94%A8%E6%89%8B%E5%86%8C + # +-# Algorithms are enabled by default if KAEProvider is used. +-# Delete # if you want to disable certain algorithm. + ++# Algorithms are enabled by default if KAEProvider is used. ++# Delete # if you want to disable certain algorithm. + # kae.md5=false + # kae.sha256=false + # kae.sha384=false +@@ -15,5 +19,58 @@ + # kae.dh=false + # kae.ec=false + +-# enable KAEProvider log setting ++# Configure engine id, the default value is kae. ++# kae.engine.id=kae ++ ++# Configure whether libcrypto.so uses GLOBAL mode, uses LOCAL mode by default. ++# If you use uadk_engine, you need to enable this option. ++# kae.libcrypto.useGlobalMode=false ++ ++# The following configuration will only take effect when using KAEProvider. ++# Configure whether to enable KAE hardware acceleration for each category of algorithm. ++# The configurable value are as follows: ++# true : enable KAE hardware acceleration by default ++# false: use openssl soft calculation by default ++# The digest/sm4/rsa/dh category algorithm enable KAE hardware acceleration by default. ++# The aes/hmac/ec category algorithm use openssl soft calculation by default. ++# The ec category algorithm configuration does not take effect temporarily. and it ++# currently does not support KAE hardware acceleration, temporarily use openssl soft calculation. ++# kae.digest.useKaeEngine=true ++# kae.aes.useKaeEngine=false ++# kae.sm4.useKaeEngine=true ++# kae.hmac.useKaeEngine=false ++# kae.rsa.useKaeEngine=true ++# kae.dh.useKaeEngine=true ++# kae.ec.useKaeEngine=false ++# ++# Some engines do not fully support certain categories of algorithms, for example, the digest ++# algorithm implemented by kae engine only supports md5 and sm3.For more information, please refer to: ++# KAE : https://github.com/kunpengcompute/KAE#:~:text=Digest%20algorithm%3A%20SM3/MD5 ++# UADK: https://gitee.com/openeuler/uadk/wikis/%E4%BD%BF%E7%94%A8%E6%96%87%E6%A1%A3/UADK%20quick%20start#11-uadk ++# ++# Users can disable unsupported algorithms through the following property configuration. ++# Disable algorithm to enable KAE hardware acceleration, use openssl soft algorithm instead. ++# The sha256, sha384 algorithms are disabled by default. ++# digest : md5,sha256,sha384,sm3 ++# aes : aes-128-ecb,aes-128-cbc,aes-128-ctr,aes-128-gcm, ++# aes-192-ecb,aes-192-cbc,aes-192-ctr,aes-192-gcm, ++# aes-256-ecb,aes-256-cbc,aes-256-ctr,aes-256-gcm ++# sm4 : sm4-ecb,sm4-cbc,sm4-ctr,sm4-ofb ++# hmac : hmac-md5,hmac-sha1,hmac-sha224,hmac-sha256,hmac-sha384,hmac-sha512 ++# rsa : rsa ++# dh : dh ++# ec : ec ++# kae.engine.disabledAlgorithms=sha256,sha384 ++ ++# SM4 max chunk size of each encryption or decryption. ++# when input data does not have an accessible byte[]. ++# The default value is 4096, when configuring a non-positive Integer type, use the default value of 4096. ++# kae.sm4.maxChunkSize=4096 ++ ++# Enable engine load log. + # kae.log=true ++# ++# It only takes effect when the property kae.log value is true. ++# Configure log file path, default value is System.getProperty("user.dir") + "/ + "kae.log". ++# kae.log.file=/home/user/kae.log ++ +diff --git a/jdk/src/solaris/classes/org/openeuler/security/openssl/KAEConfig.java b/jdk/src/solaris/classes/org/openeuler/security/openssl/KAEConfig.java +new file mode 100644 +index 000000000..07294dbd6 +--- /dev/null ++++ b/jdk/src/solaris/classes/org/openeuler/security/openssl/KAEConfig.java +@@ -0,0 +1,386 @@ ++/* ++ * Copyright (c) 2022, Huawei Technologies Co., Ltd. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++package org.openeuler.security.openssl; ++ ++import sun.security.util.Debug; ++ ++import java.io.BufferedInputStream; ++import java.io.File; ++import java.io.FileInputStream; ++import java.io.IOException; ++import java.io.InputStream; ++import java.security.AccessController; ++import java.security.PrivilegedAction; ++import java.util.Arrays; ++import java.util.HashMap; ++import java.util.Map; ++import java.util.Properties; ++ ++public class KAEConfig { ++ private static final Debug kaeDebug = Debug.getInstance("kae"); ++ ++ // these property names indicates whether each algorithm uses KAEProvider ++ private static final String[] useKaeProviderPropertyNames = new String[]{ ++ "kae.md5", ++ "kae.sha256", ++ "kae.sha384", ++ "kae.sm3", ++ "kae.aes", ++ "kae.sm4", ++ "kae.hmac", ++ "kae.rsa", ++ "kae.dh", ++ "kae.ec" ++ }; ++ ++ // these property names indicate whether KAE hardware acceleration is enabled for each algorithm ++ private static final String[] useKaeEnginePropertyNames = new String[]{ ++ "kae.digest.useKaeEngine", ++ "kae.aes.useKaeEngine", ++ "kae.sm4.useKaeEngine", ++ "kae.hmac.useKaeEngine", ++ "kae.rsa.useKaeEngine", ++ "kae.dh.useKaeEngine", ++ "kae.ec.useKaeEngine" ++ }; ++ ++ // algorithm names ++ private static final String[] algorithmNames = new String[]{ ++ "md5", ++ "sha256", ++ "sha384", ++ "sm3", ++ "aes-128-ecb", ++ "aes-128-cbc", ++ "aes-128-ctr", ++ "aes-128-gcm", ++ "aes-192-ecb", ++ "aes-192-cbc", ++ "aes-192-ctr", ++ "aes-192-gcm", ++ "aes-256-ecb", ++ "aes-256-cbc", ++ "aes-256-ctr", ++ "aes-256-gcm", ++ "sm4-ecb", ++ "sm4-cbc", ++ "sm4-ctr", ++ "sm4-ofb", ++ "hmac-md5", ++ "hmac-sha1", ++ "hmac-sha224", ++ "hmac-sha256", ++ "hmac-sha384", ++ "hmac-sha512", ++ "rsa", ++ "dh", ++ "ec" ++ }; ++ ++ // algorithm name and algorithm index mapping ++ private static final Map algorithmNameIndexMap = new HashMap<>(); ++ ++ // algorithm name and algorithm category index mapping ++ private static final Map algorithmNameCategoryMap = new HashMap<>(); ++ ++ // whether use KAEProvider for each algorithm ++ private static final boolean[] useKaeProviderFlags = new boolean[algorithmNames.length]; ++ ++ // whether use KAEProvider for each category algorithm ++ private static final Map useKaeProviderCategoryMap = new HashMap<>(); ++ ++ // whether enable the Kunpeng acceleration engine for each algorithm ++ private static final boolean[] useKaeEngineFlags = new boolean[algorithmNames.length]; ++ ++ // The kaeprovider.cnf properties ++ private static Properties props; ++ ++ private KAEConfig() { ++ ++ } ++ ++ static { ++ AccessController.doPrivileged(new PrivilegedAction() { ++ public Void run() { ++ initialize(); ++ return null; ++ } ++ }); ++ } ++ ++ private static File kaePropFile(String filename) { ++ String sep = File.separator; ++ String defaultKaeConf = System.getProperty("java.home") + sep + "lib" + sep + filename; ++ String kaeConf = System.getProperty("kae.conf", defaultKaeConf); ++ return new File(kaeConf); ++ } ++ ++ private static void initialize() { ++ initProperties(); ++ initAlgorithmNameMap(); ++ initUseKaeProviderFlags(); ++ initUseKaeEngineFlags(); ++ } ++ ++ private static void initProperties() { ++ props = new Properties(); ++ File propFile = kaePropFile("kaeprovider.conf"); ++ if (propFile.exists()) { ++ InputStream is = null; ++ try { ++ FileInputStream fis = new FileInputStream(propFile); ++ is = new BufferedInputStream(fis); ++ props.load(is); ++ ++ if (kaeDebug != null) { ++ kaeDebug.println("reading kae properties file: " + ++ propFile); ++ } ++ } catch (IOException e) { ++ if (kaeDebug != null) { ++ kaeDebug.println("unable to load kae properties from " + ++ propFile); ++ e.printStackTrace(); ++ } ++ } finally { ++ if (is != null) { ++ try { ++ is.close(); ++ } catch (IOException ioe) { ++ if (kaeDebug != null) { ++ kaeDebug.println("unable to close input stream"); ++ } ++ } ++ } ++ } ++ } else { ++ if (kaeDebug != null) { ++ kaeDebug.println("not found kae properties file: " + ++ propFile); ++ } ++ } ++ } ++ ++ public static Boolean useKaeProvider(String key) { ++ return useKaeProviderCategoryMap.getOrDefault(key, Boolean.TRUE); ++ } ++ ++ private static void initUseKaeProviderFlags() { ++ boolean[] categoryFlagsForProvider = new boolean[useKaeProviderPropertyNames.length]; ++ Arrays.fill(categoryFlagsForProvider, true); ++ for (int i = 0; i < useKaeProviderPropertyNames.length; i++) { ++ String configValue = privilegedGetOverridable(useKaeProviderPropertyNames[i]); ++ if (configValue != null) { ++ categoryFlagsForProvider[i] = Boolean.parseBoolean(configValue); ++ } ++ useKaeProviderCategoryMap.put(useKaeProviderPropertyNames[i], categoryFlagsForProvider[i]); ++ } ++ int offset = useKaeProviderPropertyNames.length - useKaeEnginePropertyNames.length; ++ int digestAlgorithmLen = offset + 1; ++ // digest ++ System.arraycopy(categoryFlagsForProvider, 0, useKaeProviderFlags, 0, digestAlgorithmLen); ++ ++ // non-digest ++ for (int i = digestAlgorithmLen; i < useKaeProviderFlags.length; i++) { ++ Integer algorithmCategoryIndex = algorithmNameCategoryMap.get(algorithmNames[i]); ++ if (categoryFlagsForProvider[algorithmCategoryIndex + offset]) { ++ useKaeProviderFlags[i] = true; ++ } ++ } ++ ++ if (kaeDebug != null) { ++ kaeDebug.println("useKaeProviderPropertyNames: "); ++ for (int i = 0; i < categoryFlagsForProvider.length; i++) { ++ kaeDebug.println(useKaeProviderPropertyNames[i] + "=" + categoryFlagsForProvider[i]); ++ } ++ ++ kaeDebug.println("useKaeProviderFlags: "); ++ for (int i = 0; i < useKaeProviderFlags.length; i++) { ++ kaeDebug.println(algorithmNames[i] + "=" + useKaeProviderFlags[i]); ++ } ++ } ++ } ++ ++ public static boolean[] getUseKaeProviderFlags() { ++ return useKaeProviderFlags; ++ } ++ ++ private static void initUseKaeEngineFlags() { ++ boolean[] categoryFlagsForEngine = new boolean[]{ ++ true, // digest ++ false, // aes ++ true, // sm4 ++ false, // hmac ++ true, // rsa ++ true, // dh ++ false // ec ++ }; ++ for (int i = 0; i < useKaeEnginePropertyNames.length; i++) { ++ String configValue = privilegedGetOverridable(useKaeEnginePropertyNames[i]); ++ if (configValue != null) { ++ categoryFlagsForEngine[i] = Boolean.parseBoolean(configValue); ++ } ++ } ++ ++ // EC algorithm currently does not support KAE hardware acceleration, temporarily use openssl soft calculation. ++ categoryFlagsForEngine[useKaeEnginePropertyNames.length - 1] = false; ++ ++ for (int i = 0; i < useKaeEngineFlags.length; i++) { ++ Integer algorithmCategoryIndex = algorithmNameCategoryMap.get(algorithmNames[i]); ++ if (categoryFlagsForEngine[algorithmCategoryIndex]) { ++ useKaeEngineFlags[i] = true; ++ } ++ } ++ ++ String[] disabledAlgorithms = getDisabledAlgorithms(); ++ for (String disabledAlgorithm : disabledAlgorithms) { ++ Integer algorithmIndex = algorithmNameIndexMap.get(disabledAlgorithm); ++ if (algorithmIndex != null) { ++ useKaeEngineFlags[algorithmIndex] = false; ++ } ++ } ++ if (kaeDebug != null) { ++ kaeDebug.println("useKaeEnginePropertyNames: "); ++ for (int i = 0; i < categoryFlagsForEngine.length; i++) { ++ kaeDebug.println(useKaeEnginePropertyNames[i] + "=" + categoryFlagsForEngine[i]); ++ } ++ ++ kaeDebug.println("disabledAlgorithms: "); ++ for (int i = 0; i < disabledAlgorithms.length; i++) { ++ kaeDebug.println(disabledAlgorithms[i]); ++ } ++ ++ kaeDebug.println("useKaeEngineFlags: "); ++ for (int i = 0; i < useKaeEngineFlags.length; i++) { ++ kaeDebug.println(algorithmNames[i] + "=" + useKaeEngineFlags[i]); ++ } ++ } ++ } ++ ++ public static boolean[] getUseKaeEngineFlags() { ++ return useKaeEngineFlags; ++ } ++ ++ private static void initAlgorithmNameIndexMap() { ++ for (int i = 0; i < algorithmNames.length; i++) { ++ algorithmNameIndexMap.put(algorithmNames[i], i); ++ } ++ } ++ ++ /* ++ * 0 : digest ++ * 1 : aes ++ * 2 : sm4 ++ * 3 : hmac ++ * 4 : rsa ++ * 5 : dh ++ * 6 : ec ++ */ ++ private static void initAlgorithmNameCategoryMap() { ++ algorithmNameCategoryMap.put("md5", 0); ++ algorithmNameCategoryMap.put("sha256", 0); ++ algorithmNameCategoryMap.put("sha384", 0); ++ algorithmNameCategoryMap.put("sm3", 0); ++ algorithmNameCategoryMap.put("aes-128-ecb", 1); ++ algorithmNameCategoryMap.put("aes-128-cbc", 1); ++ algorithmNameCategoryMap.put("aes-128-ctr", 1); ++ algorithmNameCategoryMap.put("aes-128-gcm", 1); ++ algorithmNameCategoryMap.put("aes-192-ecb", 1); ++ algorithmNameCategoryMap.put("aes-192-cbc", 1); ++ algorithmNameCategoryMap.put("aes-192-ctr", 1); ++ algorithmNameCategoryMap.put("aes-192-gcm", 1); ++ algorithmNameCategoryMap.put("aes-256-ecb", 1); ++ algorithmNameCategoryMap.put("aes-256-cbc", 1); ++ algorithmNameCategoryMap.put("aes-256-ctr", 1); ++ algorithmNameCategoryMap.put("aes-256-gcm", 1); ++ algorithmNameCategoryMap.put("sm4-ecb", 2); ++ algorithmNameCategoryMap.put("sm4-cbc", 2); ++ algorithmNameCategoryMap.put("sm4-ctr", 2); ++ algorithmNameCategoryMap.put("sm4-ofb", 2); ++ algorithmNameCategoryMap.put("hmac-md5", 3); ++ algorithmNameCategoryMap.put("hmac-sha1", 3); ++ algorithmNameCategoryMap.put("hmac-sha224", 3); ++ algorithmNameCategoryMap.put("hmac-sha256", 3); ++ algorithmNameCategoryMap.put("hmac-sha384", 3); ++ algorithmNameCategoryMap.put("hmac-sha512", 3); ++ algorithmNameCategoryMap.put("rsa", 4); ++ algorithmNameCategoryMap.put("dh", 5); ++ algorithmNameCategoryMap.put("ec", 6); ++ } ++ ++ private static void initAlgorithmNameMap() { ++ initAlgorithmNameIndexMap(); ++ initAlgorithmNameCategoryMap(); ++ } ++ ++ private static String[] getDisabledAlgorithms() { ++ String disabledAlgorithms = privilegedGetOverridable("kae.engine.disabledAlgorithms", ++ "sha256,sha384"); ++ return disabledAlgorithms.replaceAll(" ", "").split("\\,"); ++ } ++ ++ public static String privilegedGetProperty(String key) { ++ if (System.getSecurityManager() == null) { ++ return getProperty(key); ++ } else { ++ return AccessController.doPrivileged((PrivilegedAction) () -> getOverridableProperty(key)); ++ } ++ } ++ ++ public static String privilegedGetOverridable(String key) { ++ if (System.getSecurityManager() == null) { ++ return getOverridableProperty(key); ++ } else { ++ return AccessController.doPrivileged((PrivilegedAction) () -> getOverridableProperty(key)); ++ } ++ } ++ ++ public static String privilegedGetOverridable(String key, String defaultValue) { ++ String val = privilegedGetOverridable(key); ++ return (val == null) ? defaultValue : val; ++ } ++ ++ private static String getProperty(String key) { ++ String val = props.getProperty(key); ++ if (val != null) ++ val = val.trim(); ++ return val; ++ } ++ ++ private static String getOverridableProperty(String key) { ++ String val = System.getProperty(key); ++ if (val == null) { ++ return getProperty(key); ++ } else { ++ return val; ++ } ++ } ++ ++ public static String getAlgorithmName(int index) { ++ if (index < 0 || index >= algorithmNames.length) { ++ throw new IndexOutOfBoundsException(); ++ } ++ return algorithmNames[index]; ++ } ++} +diff --git a/jdk/src/solaris/classes/org/openeuler/security/openssl/KAELog.java b/jdk/src/solaris/classes/org/openeuler/security/openssl/KAELog.java +new file mode 100644 +index 000000000..434f773a1 +--- /dev/null ++++ b/jdk/src/solaris/classes/org/openeuler/security/openssl/KAELog.java +@@ -0,0 +1,183 @@ ++/* ++ * Copyright (c) 2022, Huawei Technologies Co., Ltd. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++package org.openeuler.security.openssl; ++ ++import sun.security.util.Debug; ++ ++import java.io.BufferedWriter; ++import java.io.File; ++import java.io.IOException; ++import java.nio.file.Files; ++import java.nio.file.Path; ++import java.nio.file.StandardOpenOption; ++import java.security.AccessController; ++import java.security.PrivilegedAction; ++import java.text.SimpleDateFormat; ++import java.util.Arrays; ++import java.util.Date; ++ ++public class KAELog { ++ private static final Debug kaeDebug = Debug.getInstance("kae"); ++ private static File logFile; ++ private static boolean exist; ++ ++ private KAELog() { ++ ++ } ++ ++ static { ++ AccessController.doPrivileged(new PrivilegedAction() { ++ public Void run() { ++ initialize(); ++ return null; ++ } ++ }); ++ } ++ ++ private static void initialize() { ++ if (!enableKaeLog()) { ++ if (kaeDebug != null) { ++ kaeDebug.println("kae logging is not enabled"); ++ } ++ return; ++ } ++ ++ logFile = kaeLogFile("kae.log"); ++ File parentFile = logFile.getParentFile(); ++ if (!parentFile.exists()) { ++ try { ++ Files.createDirectories(parentFile.toPath()); ++ } catch (IOException e) { ++ if (kaeDebug != null) { ++ kaeDebug.println("failed to create directory :" + parentFile); ++ e.printStackTrace(); ++ } ++ return; ++ } ++ } ++ ++ if (logFile.exists()) { ++ if (kaeDebug != null) { ++ kaeDebug.println("found kae log file :" + logFile); ++ } ++ exist = true; ++ } else { ++ if (kaeDebug != null) { ++ kaeDebug.println("not found kae log file :" + logFile); ++ } ++ try { ++ Path path = Files.createFile(logFile.toPath()); ++ if (path != null) { ++ exist = true; ++ } ++ } catch (IOException e) { ++ if (kaeDebug != null) { ++ kaeDebug.println("unable to create new kae log file :" + logFile); ++ e.printStackTrace(); ++ } ++ } ++ ++ if (exist) { ++ if (kaeDebug != null) { ++ kaeDebug.println("create new kae log file :" + logFile); ++ } ++ } ++ } ++ } ++ ++ public static boolean enableKaeLog() { ++ String debug = KAEConfig.privilegedGetOverridable("kae.log"); ++ return Boolean.parseBoolean(debug); ++ } ++ ++ private static File kaeLogFile(String filename) { ++ String sep = File.separator; ++ String defaultKaeLog = System.getProperty("user.dir") + sep + filename; ++ String kaeLog = KAEConfig.privilegedGetOverridable("kae.log.file", defaultKaeLog); ++ return new File(kaeLog); ++ } ++ ++ private static String getLogTime() { ++ SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); ++ return simpleDateFormat.format(new Date()); ++ } ++ ++ public static void log(String engineId, Throwable throwable, boolean[] engineFlags, boolean[] kaeProviderFlags) { ++ if (engineFlags.length != kaeProviderFlags.length) { ++ if (kaeDebug != null) { ++ kaeDebug.println("The length of engineFlags is not equal to the length of kaeProviderFlags."); ++ kaeDebug.println(String.format("engineFlags : %s", Arrays.toString(engineFlags))); ++ kaeDebug.println(String.format("kaeProviderFlags : %s", Arrays.toString(kaeProviderFlags))); ++ } ++ return; ++ } ++ if (!exist) { ++ return; ++ } ++ ++ try (BufferedWriter writer = Files.newBufferedWriter(logFile.toPath(), ++ StandardOpenOption.APPEND)) { ++ logEngine(writer, engineId, throwable); ++ writer.newLine(); ++ logAlgorithmStrategy(writer, engineFlags, kaeProviderFlags); ++ writer.newLine(); ++ } catch (IOException e) { ++ if (kaeDebug != null) { ++ kaeDebug.println("write kae log failed"); ++ e.printStackTrace(); ++ } ++ } ++ } ++ ++ // log engine ++ private static void logEngine(BufferedWriter writer, String engineId, Throwable throwable) throws IOException { ++ writer.write(String.format("[%s] ", getLogTime())); ++ if (throwable == null) { ++ writer.write(String.format("%s engine was found.", engineId)); ++ } else if (throwable instanceof RuntimeException) { ++ writer.write(String.format("%s engine was not found. %s", engineId, throwable.getMessage())); ++ } else { ++ writer.write(throwable.getMessage()); ++ } ++ } ++ ++ // log algorithm strategy ++ private static void logAlgorithmStrategy(BufferedWriter writer, boolean[] engineFlags, boolean[] kaeProviderFlags) ++ throws IOException { ++ writer.write(String.format("[%s] ", getLogTime())); ++ writer.write("The implementation strategy of each algorithm is as follows : "); ++ for (int i = 0; i < engineFlags.length; i++) { ++ writer.newLine(); ++ String algorithmName = KAEConfig.getAlgorithmName(i); ++ String message; ++ if (kaeProviderFlags[i]) { ++ String detail = engineFlags[i] ? "enable KAE hardware acceleration" : "Use openssl soft calculation"; ++ message = String.format(" %-11s => %s: %s", algorithmName, "KAEProvider", detail); ++ } else { ++ message = String.format(" %-11s => %s", algorithmName, "Non-KAEProvider"); ++ } ++ writer.write(message); ++ } ++ } ++} +diff --git a/jdk/src/solaris/classes/org/openeuler/security/openssl/KAEProvider.java b/jdk/src/solaris/classes/org/openeuler/security/openssl/KAEProvider.java +index 83ed8649c..3e7f54638 100644 +--- a/jdk/src/solaris/classes/org/openeuler/security/openssl/KAEProvider.java ++++ b/jdk/src/solaris/classes/org/openeuler/security/openssl/KAEProvider.java +@@ -24,116 +24,103 @@ + + package org.openeuler.security.openssl; + +-import java.io.BufferedWriter; +-import java.io.BufferedInputStream; +-import java.io.File; +-import java.io.FileInputStream; +-import java.io.InputStream; +-import java.io.IOException; +-import java.nio.file.Files; +-import java.nio.file.Path; +-import java.nio.file.Paths; +-import java.nio.file.StandardOpenOption; +-import java.util.Date; +-import java.util.Properties; ++import sun.security.util.Debug; ++ ++import java.security.AccessController; ++import java.security.PrivilegedAction; + import java.security.Provider; + + /** + * KAE Provider + */ + public class KAEProvider extends Provider { +- private static Throwable excp; +- private static boolean needLog = true; ++ private static final Debug kaeDebug = Debug.getInstance("kae"); ++ ++ // default engine id ++ private static final String DEFAULT_ENGINE_ID = "kae"; + + static { +- Throwable status = null; +- try { +- System.loadLibrary("j2kae"); +- initOpenssl(); +- } catch (UnsatisfiedLinkError t) { +- status = t; +- } catch (RuntimeException e) { +- status = e; +- } +- excp = status; ++ initialize(); + } + +- private void logStart(Throwable excp) { +- File file = new File(System.getProperty("user.dir"), "kae.log"); +- Path fpath = file.toPath(); +- if (!Files.exists(fpath)) { +- try { +- file.createNewFile(); +- } catch (IOException e) { +- e.printStackTrace(); +- } +- } ++ private static void initialize() { ++ loadLibrary(); ++ initOpenssl(); ++ } + +- try (BufferedWriter writer = Files.newBufferedWriter(fpath, StandardOpenOption.APPEND)) { +- if (excp != null) { +- writer.write(excp.getMessage()); +- } else { +- writer.write("KAE Engine was found"); ++ // load kae.so ++ private static void loadLibrary() { ++ AccessController.doPrivileged(new PrivilegedAction() { ++ @Override ++ public Object run() { ++ System.loadLibrary("j2kae"); ++ return null; + } +- writer.write(" " + new Date()); +- writer.newLine(); +- } catch (IOException e) { +- e.initCause(excp).printStackTrace(); +- } +- KAEProvider.excp = null; // Exception already logged, clean it. ++ }); + } + +- private Properties getProp() { +- Properties props = new Properties(); +- String sep = File.separator; +- File propFile = new File(System.getProperty("java.home") + sep + "lib" + sep + +- "ext" + sep + "kaeprovider.conf"); +- if (propFile.exists()) { +- try (InputStream is = new BufferedInputStream(new FileInputStream(propFile))) { +- props.load(is); +- } catch (IOException e) { +- e.printStackTrace(); ++ // init openssl ++ private static void initOpenssl() { ++ boolean useGlobalMode = useGlobalMode(); ++ String engineId = getEngineId(); ++ boolean[] algorithmKaeFlags = KAEConfig.getUseKaeEngineFlags(); ++ Throwable throwable = null; ++ try { ++ initOpenssl(useGlobalMode, engineId, algorithmKaeFlags); ++ } catch (Throwable t) { ++ throwable = t; ++ if (kaeDebug != null) { ++ kaeDebug.println("initOpenssl failed : " + throwable.getMessage()); + } + } +- return props; ++ boolean[] engineFlags = getEngineFlags(); ++ boolean[] kaeProviderFlags = KAEConfig.getUseKaeProviderFlags(); ++ KAELog.log(engineId, throwable, engineFlags, kaeProviderFlags); ++ } ++ ++ // get engine id ++ private static String getEngineId() { ++ return KAEConfig.privilegedGetOverridable("kae.engine.id", DEFAULT_ENGINE_ID); ++ } ++ ++ // whether to set libcrypto.so to GLOBAL mode, by default libcrypto.so is LOCAL mode ++ private static boolean useGlobalMode() { ++ String explicitLoad = KAEConfig.privilegedGetOverridable( ++ "kae.libcrypto.useGlobalMode", "false"); ++ return Boolean.parseBoolean(explicitLoad); + } + + public KAEProvider() { + super("KAEProvider", 1.8d, "KAE provider"); +- Properties props = getProp(); +- if (needLog && "true".equalsIgnoreCase(props.getProperty("kae.log"))) { +- logStart(excp); +- needLog = false; // Log only once +- } +- if (!"false".equalsIgnoreCase(props.getProperty("kae.md5"))) { ++ if (KAEConfig.useKaeProvider("kae.md5")) { + putMD5(); + } +- if (!"false".equalsIgnoreCase(props.getProperty("kae.sha256"))) { ++ if (KAEConfig.useKaeProvider("kae.sha256")) { + putSHA256(); + } +- if (!"false".equalsIgnoreCase(props.getProperty("kae.sha384"))) { ++ if (KAEConfig.useKaeProvider("kae.sha384")) { + putSHA384(); + } +- if (!"false".equalsIgnoreCase(props.getProperty("kae.sm3"))) { ++ if (KAEConfig.useKaeProvider("kae.sm3")) { + putSM3(); + } +- if (!"false".equalsIgnoreCase(props.getProperty("kae.aes"))) { ++ if (KAEConfig.useKaeProvider("kae.aes")) { + putAES(); + } +- if (!"false".equalsIgnoreCase(props.getProperty("kae.sm4"))) { ++ if (KAEConfig.useKaeProvider("kae.sm4")) { + putSM4(); + } +- if (!"false".equalsIgnoreCase(props.getProperty("kae.hmac"))) { ++ if (KAEConfig.useKaeProvider("kae.hmac")) { + putHMAC(); + } +- if (!"false".equalsIgnoreCase(props.getProperty("kae.rsa"))) { ++ if (KAEConfig.useKaeProvider("kae.rsa")) { + putRSA(); + putSignatureRSA(); + } +- if (!"false".equalsIgnoreCase(props.getProperty("kae.dh"))) { ++ if (KAEConfig.useKaeProvider("kae.dh")) { + putDH(); + } +- if (!"false".equalsIgnoreCase(props.getProperty("kae.ec"))) { ++ if (KAEConfig.useKaeProvider("kae.ec")) { + putEC(); + } + } +@@ -285,28 +272,28 @@ public class KAEProvider extends Provider { + "org.openeuler.security.openssl.KAERSASignature$SHA512withRSA"); + + // alias +- put("Alg.Alias.Signature.1.2.840.113549.1.1.4", "MD5withRSA"); ++ put("Alg.Alias.Signature.1.2.840.113549.1.1.4", "MD5withRSA"); + put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.4", "MD5withRSA"); + +- put("Alg.Alias.Signature.1.2.840.113549.1.1.5", "SHA1withRSA"); ++ put("Alg.Alias.Signature.1.2.840.113549.1.1.5", "SHA1withRSA"); + put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.5", "SHA1withRSA"); +- put("Alg.Alias.Signature.1.3.14.3.2.29", "SHA1withRSA"); ++ put("Alg.Alias.Signature.1.3.14.3.2.29", "SHA1withRSA"); + +- put("Alg.Alias.Signature.1.2.840.113549.1.1.14", "SHA224withRSA"); ++ put("Alg.Alias.Signature.1.2.840.113549.1.1.14", "SHA224withRSA"); + put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.14", "SHA224withRSA"); + +- put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA256withRSA"); ++ put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA256withRSA"); + put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.11", "SHA256withRSA"); + +- put("Alg.Alias.Signature.1.2.840.113549.1.1.12", "SHA384withRSA"); ++ put("Alg.Alias.Signature.1.2.840.113549.1.1.12", "SHA384withRSA"); + put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.12", "SHA384withRSA"); + +- put("Alg.Alias.Signature.1.2.840.113549.1.1.13", "SHA512withRSA"); ++ put("Alg.Alias.Signature.1.2.840.113549.1.1.13", "SHA512withRSA"); + put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.13", "SHA512withRSA"); + + put("Signature.RSASSA-PSS", "org.openeuler.security.openssl.KAERSAPSSSignature"); + +- put("Alg.Alias.Signature.1.2.840.113549.1.1.10", "RSASSA-PSS"); ++ put("Alg.Alias.Signature.1.2.840.113549.1.1.10", "RSASSA-PSS"); + put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.10", "RSASSA-PSS"); + + // attributes for supported key classes +@@ -326,6 +313,10 @@ public class KAEProvider extends Provider { + put("Alg.Alias.KeyPairGenerator.EllipticCurve", "EC"); + put("KeyAgreement.ECDH", "org.openeuler.security.openssl.KAEECDHKeyAgreement"); + } ++ + // init openssl +- static native void initOpenssl() throws RuntimeException; ++ static native void initOpenssl(boolean useGlobalMode, String engineId, boolean[] algorithmKaeFlags) ++ throws RuntimeException; ++ ++ static native boolean[] getEngineFlags(); + } +diff --git a/jdk/src/solaris/classes/org/openeuler/security/openssl/KAESM4Cipher.java b/jdk/src/solaris/classes/org/openeuler/security/openssl/KAESM4Cipher.java +index b189bea3a..cca619e1a 100644 +--- a/jdk/src/solaris/classes/org/openeuler/security/openssl/KAESM4Cipher.java ++++ b/jdk/src/solaris/classes/org/openeuler/security/openssl/KAESM4Cipher.java +@@ -26,13 +26,20 @@ + + package org.openeuler.security.openssl; + ++import sun.security.util.Debug; ++ ++import java.nio.ByteBuffer; + import java.security.InvalidAlgorithmParameterException; + import java.security.InvalidKeyException; + import java.security.NoSuchAlgorithmException; + import java.security.Key; ++import java.security.ProviderException; + import java.util.Locale; + ++import javax.crypto.BadPaddingException; ++import javax.crypto.IllegalBlockSizeException; + import javax.crypto.NoSuchPaddingException; ++import javax.crypto.ShortBufferException; + + /* + * This class currently supports: +@@ -46,6 +53,55 @@ import javax.crypto.NoSuchPaddingException; + */ + abstract class KAESM4Cipher extends KAESymmetricCipherBase { + ++ private static final Debug debug = Debug.getInstance("kae"); ++ ++ /* ++ * SM4 max chunk size of each encryption or decryption ++ * when input data does not have an accessible byte[] ++ */ ++ private static final int DEFAULT_KAE_SM4_MAX_CHUNK_SIZE = 4096; ++ private static int KAE_SM4_MAX_CHUNK_SIZE; ++ static { ++ initSM4MaxChunkSize(); ++ } ++ ++ private static void initSM4MaxChunkSize() { ++ String maxChunkSize = KAEConfig.privilegedGetOverridable("kae.sm4.maxChunkSize", ++ DEFAULT_KAE_SM4_MAX_CHUNK_SIZE + ""); ++ try { ++ KAE_SM4_MAX_CHUNK_SIZE = Integer.parseInt(maxChunkSize); ++ } catch (NumberFormatException e) { ++ // When parsing string argument to signed decimal integer fails, uses the default chunk size (4096) ++ KAE_SM4_MAX_CHUNK_SIZE = DEFAULT_KAE_SM4_MAX_CHUNK_SIZE; ++ if (debug != null) { ++ debug.println("The configured block size (" + maxChunkSize + ") cannot be converted to an integer, " + ++ "uses the default chunk size (" + DEFAULT_KAE_SM4_MAX_CHUNK_SIZE + ")"); ++ e.printStackTrace(); ++ } ++ return; ++ } ++ // when the configured chunk size is less than or equal to 0, uses the default chunk size (4096) ++ if (KAE_SM4_MAX_CHUNK_SIZE <= 0) { ++ KAE_SM4_MAX_CHUNK_SIZE = DEFAULT_KAE_SM4_MAX_CHUNK_SIZE; ++ if (debug != null) { ++ debug.println("The configured chunk size (" + KAE_SM4_MAX_CHUNK_SIZE + ") is less than " + ++ "or equal to 0, uses the default chunk size (" + DEFAULT_KAE_SM4_MAX_CHUNK_SIZE + ")"); ++ } ++ return; ++ } ++ if (debug != null) { ++ debug.println("The configured chunk size is " + KAE_SM4_MAX_CHUNK_SIZE); ++ } ++ } ++ ++ /** ++ * Used by the engineUpdate(ByteBuffer, ByteBuffer) and ++ * engineDoFinal(ByteBuffer, ByteBuffer) methods. ++ */ ++ private static int getSM4MaxChunkSize(int totalSize) { ++ return Math.min(KAE_SM4_MAX_CHUNK_SIZE, totalSize); ++ } ++ + public static class Sm4 extends KAESM4Cipher { + public Sm4(Mode mode, Padding padding) { + super(mode, padding, 16); +@@ -170,6 +226,131 @@ abstract class KAESM4Cipher extends KAESymmetricCipherBase { + } + } + ++ @Override ++ protected int engineUpdate(ByteBuffer input, ByteBuffer output) throws ShortBufferException { ++ try { ++ return bufferCrypt(input, output, true); ++ } catch (IllegalBlockSizeException e) { ++ // never thrown for engineUpdate() ++ throw new ProviderException("Internal error in update()"); ++ } catch (BadPaddingException e) { ++ // never thrown for engineUpdate() ++ throw new ProviderException("Internal error in update()"); ++ } ++ } ++ ++ @Override ++ protected int engineDoFinal(ByteBuffer input, ByteBuffer output) ++ throws ShortBufferException, IllegalBlockSizeException, BadPaddingException { ++ return bufferCrypt(input, output, false); ++ } ++ ++ /** ++ * Implementation for encryption using ByteBuffers. Used for both ++ * engineUpdate() and engineDoFinal(). ++ */ ++ private int bufferCrypt(ByteBuffer input, ByteBuffer output, ++ boolean isUpdate) throws ShortBufferException, ++ IllegalBlockSizeException, BadPaddingException { ++ if ((input == null) || (output == null)) { ++ throw new NullPointerException ++ ("Input and output buffers must not be null"); ++ } ++ int inPos = input.position(); ++ int inLimit = input.limit(); ++ int inLen = inLimit - inPos; ++ if (isUpdate && (inLen == 0)) { ++ return 0; ++ } ++ int outLenNeeded = engineGetOutputSize(inLen); ++ ++ if (output.remaining() < outLenNeeded) { ++ throw new ShortBufferException("Need at least " + outLenNeeded ++ + " bytes of space in output buffer"); ++ } ++ ++ // detecting input and output buffer overlap may be tricky ++ // we can only write directly into output buffer when we ++ // are 100% sure it's safe to do so ++ ++ boolean a1 = input.hasArray(); ++ boolean a2 = output.hasArray(); ++ int total = 0; ++ ++ if (a1) { // input has an accessible byte[] ++ byte[] inArray = input.array(); ++ int inOfs = input.arrayOffset() + inPos; ++ ++ byte[] outArray; ++ if (a2) { // output has an accessible byte[] ++ outArray = output.array(); ++ int outPos = output.position(); ++ int outOfs = output.arrayOffset() + outPos; ++ ++ // check array address and offsets and use temp output buffer ++ // if output offset is larger than input offset and ++ // falls within the range of input data ++ boolean useTempOut = false; ++ if (inArray == outArray && ++ ((inOfs < outOfs) && (outOfs < inOfs + inLen))) { ++ useTempOut = true; ++ outArray = new byte[outLenNeeded]; ++ outOfs = 0; ++ } ++ if (isUpdate) { ++ total = engineUpdate(inArray, inOfs, inLen, outArray, outOfs); ++ } else { ++ total = engineDoFinal(inArray, inOfs, inLen, outArray, outOfs); ++ } ++ if (useTempOut) { ++ output.put(outArray, outOfs, total); ++ } else { ++ // adjust output position manually ++ output.position(outPos + total); ++ } ++ } else { // output does not have an accessible byte[] ++ if (isUpdate) { ++ outArray = engineUpdate(inArray, inOfs, inLen); ++ } else { ++ outArray = engineDoFinal(inArray, inOfs, inLen); ++ } ++ if (outArray != null && outArray.length != 0) { ++ output.put(outArray); ++ total = outArray.length; ++ } ++ } ++ // adjust input position manually ++ input.position(inLimit); ++ } else { // input does not have an accessible byte[] ++ // have to assume the worst, since we have no way of determine ++ // if input and output overlaps or not ++ byte[] tempOut = new byte[outLenNeeded]; ++ int outOfs = 0; ++ ++ byte[] tempIn = new byte[getSM4MaxChunkSize(inLen)]; ++ do { ++ int chunk = Math.min(inLen, tempIn.length); ++ if (chunk > 0) { ++ input.get(tempIn, 0, chunk); ++ } ++ int n; ++ if (isUpdate || (inLen > chunk)) { ++ n = engineUpdate(tempIn, 0, chunk, tempOut, outOfs); ++ } else { ++ n = engineDoFinal(tempIn, 0, chunk, tempOut, outOfs); ++ } ++ outOfs += n; ++ total += n; ++ inLen -= chunk; ++ } while (inLen > 0); ++ if (total > 0) { ++ output.put(tempOut, 0, total); ++ } ++ } ++ ++ return total; ++ } ++ + protected void checkIvBytes(byte[] ivBytes) throws InvalidAlgorithmParameterException { + if (ivBytes == null) { + throw new InvalidAlgorithmParameterException("Wrong IV length: iv is null "); +diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_cipher_rsa.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_cipher_rsa.c +index 80a0e58b9..d9b16ab9d 100644 +--- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_cipher_rsa.c ++++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_cipher_rsa.c +@@ -24,12 +24,11 @@ + #include + #include + #include ++#include "kae_log.h" + #include "kae_util.h" + #include "kae_exception.h" + #include "org_openeuler_security_openssl_KAERSACipher.h" + +-static ENGINE* kaeEngine = NULL; +- + typedef int RSACryptOperation(int, const unsigned char*, unsigned char*, RSA*, int); + + typedef int EvpPkeyCryptOperation(EVP_PKEY_CTX*, unsigned char*, size_t*, const unsigned char*, size_t); +@@ -176,7 +175,9 @@ static int RSACryptOAEPPadding(JNIEnv* env, jlong keyAddress, jint inLen, jbyteA + // outLen type should be size_t + // EVP_PKEY_encrypt takes the outLen address as a parameter, and the parameter type is size_t* + size_t outLen = 0; +- kaeEngine = (kaeEngine == NULL) ? GetKaeEngine() : kaeEngine; ++ ENGINE* kaeEngine = GetEngineByAlgorithmIndex(RSA_INDEX); ++ KAE_TRACE("RSACryptOAEPPadding: kaeEngine => %p", kaeEngine); ++ + + EVP_PKEY* pkey = (EVP_PKEY*) keyAddress; + +@@ -272,7 +273,8 @@ JNIEXPORT jlong JNICALL Java_org_openeuler_security_openssl_KAERSACipher_nativeC + BIGNUM* bnIQMP = NULL; + RSA* rsa = NULL; + EVP_PKEY* pkey = NULL; +- kaeEngine = (kaeEngine == NULL) ? GetKaeEngine() : kaeEngine; ++ ENGINE* kaeEngine = GetEngineByAlgorithmIndex(RSA_INDEX); ++ KAE_TRACE("KAERSACipher_nativeCreateRSAPrivateCrtKey: kaeEngine => %p", kaeEngine); + + // convert to big num + if ((bnN = KAE_GetBigNumFromByteArray(env, n)) == NULL || +@@ -334,7 +336,8 @@ JNIEXPORT jlong JNICALL Java_org_openeuler_security_openssl_KAERSACipher_nativeC + BIGNUM* bnE = NULL; + RSA* rsa = NULL; + EVP_PKEY* pkey = NULL; +- kaeEngine = (kaeEngine == NULL) ? GetKaeEngine() : kaeEngine; ++ ENGINE* kaeEngine = GetEngineByAlgorithmIndex(RSA_INDEX); ++ KAE_TRACE("KAERSACipher_nativeCreateRSAPublicKey: kaeEngine => %p", kaeEngine); + + // get public key param n + bnN = KAE_GetBigNumFromByteArray(env, n); +diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_digest.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_digest.c +index f0e7b0be4..23b178978 100644 +--- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_digest.c ++++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_digest.c +@@ -42,7 +42,7 @@ JNIEXPORT jlong JNICALL + Java_org_openeuler_security_openssl_KAEDigest_nativeInit(JNIEnv *env, jclass cls, jstring algorithmName) + { + EVP_MD_CTX* ctx = NULL; +- static ENGINE* kaeEngine = NULL; ++ ENGINE* kaeEngine = NULL; + + if (algorithmName == NULL) { + KAE_ThrowNullPointerException(env, "algorithm is null"); +@@ -51,11 +51,8 @@ Java_org_openeuler_security_openssl_KAEDigest_nativeInit(JNIEnv *env, jclass cls + + // EVP_get_digestbyname + const char* algo_utf = (*env)->GetStringUTFChars(env, algorithmName, 0); +- if ((strcasecmp(algo_utf, "md5") == 0) || (strcasecmp(algo_utf, "sm3") == 0)) { +- kaeEngine = (kaeEngine == NULL) ? GetKaeEngine() : kaeEngine; +- } else { +- kaeEngine = NULL; +- } ++ kaeEngine = GetDigestEngineByAlgorithmName(algo_utf); ++ KAE_TRACE("KAEDigest_nativeInit: kaeEngine => %p", kaeEngine); + EVP_MD* md = (EVP_MD*) EVP_get_digestbyname(algo_utf); + (*env)->ReleaseStringUTFChars(env, algorithmName, algo_utf); + if (md == NULL) { +diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_hmac.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_hmac.c +index 554a9750c..1efacbb5b 100644 +--- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_hmac.c ++++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_hmac.c +@@ -73,9 +73,14 @@ JNIEXPORT jlong JNICALL Java_org_openeuler_security_openssl_KAEHMac_nativeInit + HMAC_CTX* ctx = NULL; + jbyte* key_buffer = NULL; + const EVP_MD* md = NULL; ++ ENGINE* kaeEngine = NULL; + + const char* algo = (*env)->GetStringUTFChars(env, algoStr, 0); +- md = EVPGetDigestByName(env, algo); ++ md = EVPGetDigestByName(env, algo); ++ ++ kaeEngine = GetHmacEngineByAlgorithmName(algo); ++ KAE_TRACE("KAEHMac_nativeInit: kaeEngine => %p", kaeEngine); ++ + (*env)->ReleaseStringUTFChars(env, algoStr, algo); + if (md == NULL) { + KAE_ThrowRuntimeException(env, "algorithm unsupport"); +@@ -98,7 +103,7 @@ JNIEXPORT jlong JNICALL Java_org_openeuler_security_openssl_KAEHMac_nativeInit + } + + // init hmac context with sc_key and evp_md +- int result_code = HMAC_Init_ex(ctx, key_buffer, key_len, md, NULL); ++ int result_code = HMAC_Init_ex(ctx, key_buffer, key_len, md, kaeEngine); + if (result_code == 0) { + KAE_ThrowRuntimeException(env, "Hmac_Init_ex invoked failed"); + goto cleanup; +diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keyagreement_dh.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keyagreement_dh.c +index 7cdf790cb..d8d2ee7cb 100644 +--- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keyagreement_dh.c ++++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keyagreement_dh.c +@@ -51,8 +51,8 @@ JNIEXPORT jbyteArray JNICALL Java_org_openeuler_security_openssl_KAEDHKeyAgreeme + int computekeyLength = 0; + unsigned char* secret = NULL; + jbyteArray retByteArray = NULL; +- static ENGINE* kaeEngine = NULL; +- kaeEngine = (kaeEngine == NULL) ? GetKaeEngine() : kaeEngine; ++ ENGINE* kaeEngine = GetEngineByAlgorithmIndex(DH_INDEX); ++ KAE_TRACE("KAEDHKeyAgreement_nativeComputeKey: kaeEngine => %p", kaeEngine); + + // bits to Bytes + int pSizeInByte = (pSize +7) >> 3; +diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keypairgenerator_dh.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keypairgenerator_dh.c +index 54dc07edd..d16b42b41 100644 +--- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keypairgenerator_dh.c ++++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keypairgenerator_dh.c +@@ -50,8 +50,8 @@ JNIEXPORT jobjectArray JNICALL Java_org_openeuler_security_openssl_KAEDHKeyPairG + jobjectArray keys = NULL; + jbyteArray pri_key = NULL; + jbyteArray pub_key = NULL; +- static ENGINE* kaeEngine = NULL; +- kaeEngine = (kaeEngine == NULL) ? GetKaeEngine() : kaeEngine; ++ ENGINE* kaeEngine = GetEngineByAlgorithmIndex(DH_INDEX); ++ KAE_TRACE("KAEDHKeyPairGenerator_nativeGenerateKeyPair: kaeEngine => %p", kaeEngine); + + KAE_TRACE("Java_org_openeuler_security_openssl_KAEDHKeyPairGenerator_nativeGenerateKeyPair start !"); + +diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keypairgenerator_rsa.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keypairgenerator_rsa.c +index 2ca978bbe..9251b56c4 100644 +--- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keypairgenerator_rsa.c ++++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keypairgenerator_rsa.c +@@ -23,6 +23,7 @@ + + #include + #include ++#include "kae_log.h" + #include "kae_util.h" + #include "kae_exception.h" + #include "org_openeuler_security_openssl_KAERSAKeyPairGenerator.h" +@@ -62,8 +63,9 @@ static const BIGNUM* (* GetRSAParamFunctionList[])(const RSA*) = { + * step 3.Generate rsa key, and all key information is stored in RSA + */ + static RSA* NewRSA(JNIEnv* env, jint keySize, jbyteArray publicExponent) { +- static ENGINE* kaeEngine = NULL; +- kaeEngine = (kaeEngine == NULL) ? GetKaeEngine() : kaeEngine; ++ ENGINE* kaeEngine = GetEngineByAlgorithmIndex(RSA_INDEX); ++ KAE_TRACE("NewRSA: kaeEngine => %p", kaeEngine); ++ + // new rsa + RSA* rsa = RSA_new_method(kaeEngine); + if (rsa == NULL) { +diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_provider.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_provider.c +index aa46e737e..fca035b04 100644 +--- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_provider.c ++++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_provider.c +@@ -24,21 +24,53 @@ + #include + #include + #include ++#include + #include "kae_exception.h" + #include "kae_util.h" + #include "org_openeuler_security_openssl_KAEProvider.h" + ++#define KAE_OPENSSL_LIBRARY "libcrypto.so" ++ + /* + * Class: Java_org_openeuler_security_openssl_KAEProvider + * Method: initOpenssl + * Signature: ()V + */ + JNIEXPORT void JNICALL Java_org_openeuler_security_openssl_KAEProvider_initOpenssl +- (JNIEnv *env, jclass cls) { ++ (JNIEnv *env, jclass cls, jboolean useGlobalMode, jstring engineId, jbooleanArray algorithmKaeFlags) { + SSL_load_error_strings(); + ERR_load_BIO_strings(); + OpenSSL_add_all_algorithms(); + ++ /* ++ * If the same shared object is opened again with dlopen(), the same object handle is returned. ++ * The dynamic linker maintains reference counts for object handles. ++ * An object that was previously opened with RTLD_LOCAL can be promoted to RTLD_GLOBAL in a subsequent dlopen(). ++ * ++ * RTLD_GLOBAL ++ * The symbols defined by this shared object will be made ++ * available for symbol resolution of subsequently loaded ++ * shared objects. ++ * RTLD_LOCAL ++ * This is the converse of RTLD_GLOBAL, and the default if ++ * neither flag is specified. Symbols defined in this shared ++ * object are not made available to resolve references in ++ * subsequently loaded shared objects. ++ * For more information see https://man7.org/linux/man-pages/man3/dlopen.3.html. ++ */ ++ if (useGlobalMode) { ++ char msg[1024]; ++ void *handle = NULL; ++ // Promote the flags of the loaded libcrypto.so library from RTLD_LOCAL to RTLD_GLOBAL ++ handle = dlopen(KAE_OPENSSL_LIBRARY, RTLD_LAZY | RTLD_GLOBAL); ++ if (handle == NULL) { ++ snprintf(msg, sizeof(msg), "Cannot load %s (%s)!", KAE_OPENSSL_LIBRARY, dlerror()); ++ KAE_ThrowByName(env, "java/lang/UnsatisfiedLinkError", msg); ++ return; ++ } ++ dlclose(handle); ++ } ++ + // check if KaeEngine holder is already set + ENGINE* e = GetKaeEngine(); + if (e != NULL) { +@@ -47,11 +79,25 @@ JNIEXPORT void JNICALL Java_org_openeuler_security_openssl_KAEProvider_initOpens + } + + // determine whether KAE is loaded successfully +- e = ENGINE_by_id("kae"); ++ const char* id = (*env)->GetStringUTFChars(env, engineId, 0); ++ e = ENGINE_by_id(id); ++ (*env)->ReleaseStringUTFChars(env, engineId, id); + if (e == NULL) { +- ERR_clear_error(); +- KAE_ThrowRuntimeException(env, "kae engine not found"); ++ KAE_ThrowFromOpenssl(env, "ENGINE_by_id", KAE_ThrowRuntimeException); + return; + } + SetKaeEngine(e); ++ ++ // initialize the engine for each algorithm ++ initEngines(env, algorithmKaeFlags); + } ++ ++/* ++ * Class: Java_org_openeuler_security_openssl_KAEProvider ++ * Method: getEngineFlags ++ * Signature: ()V ++ */ ++JNIEXPORT jbooleanArray JNICALL Java_org_openeuler_security_openssl_KAEProvider_getEngineFlags ++ (JNIEnv *env, jclass cls) { ++ return getEngineFlags(env); ++} +\ No newline at end of file +diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_signature_rsa.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_signature_rsa.c +index e81dc1406..6c401356d 100644 +--- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_signature_rsa.c ++++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_signature_rsa.c +@@ -24,6 +24,7 @@ + #include + #include + #include ++#include "kae_log.h" + #include "kae_util.h" + #include "kae_exception.h" + +@@ -99,8 +100,9 @@ JNIEXPORT jbyteArray JNICALL Java_org_openeuler_security_openssl_KAERSASignature + jbyte* digestBytes = NULL; + jbyte* sigBytes = NULL; + jbyteArray sigByteArray = NULL; +- static ENGINE* kaeEngine = NULL; +- kaeEngine = (kaeEngine == NULL) ? GetKaeEngine() : kaeEngine; ++ ENGINE* kaeEngine = GetEngineByAlgorithmIndex(RSA_INDEX); ++ KAE_TRACE("KAERSASignatureNative_rsaSign: kaeEngine => %p", kaeEngine); ++ + // new EVP_PKEY_CTX + if ((pkeyCtx = EVP_PKEY_CTX_new(pkey, kaeEngine)) == NULL) { + KAE_ThrowFromOpenssl(env, "EVP_PKEY_new", KAE_ThrowSignatureException); +@@ -163,8 +165,9 @@ JNIEXPORT jboolean JNICALL Java_org_openeuler_security_openssl_KAERSASignatureNa + jbyte* digestBytes = NULL; + jbyte* sigBytes = NULL; + jboolean isSuccess = JNI_FALSE; +- static ENGINE* kaeEngine = NULL; +- kaeEngine = (kaeEngine == NULL) ? GetKaeEngine() : kaeEngine; ++ ENGINE* kaeEngine = GetEngineByAlgorithmIndex(RSA_INDEX); ++ KAE_TRACE("KAERSASignatureNative_rsaVerify: kaeEngine => %p", kaeEngine); ++ + // new EVP_PKEY_CTX + if ((pkeyCtx = EVP_PKEY_CTX_new(pkey, kaeEngine)) == NULL) { + KAE_ThrowFromOpenssl(env, "EVP_PKEY_new", KAE_ThrowSignatureException); +@@ -255,8 +258,9 @@ JNIEXPORT jbyteArray JNICALL Java_org_openeuler_security_openssl_KAERSASignature + jbyte* digestBytes = NULL; + jbyte* sigBytes = NULL; + jbyteArray sigByteArray = NULL; +- static ENGINE* kaeEngine = NULL; +- kaeEngine = (kaeEngine == NULL) ? GetKaeEngine() : kaeEngine; ++ ENGINE* kaeEngine = GetEngineByAlgorithmIndex(RSA_INDEX); ++ KAE_TRACE("KAERSASignatureNative_pssSign: kaeEngine => %p", kaeEngine); ++ + // new EVP_PKEY_CTX + if ((pkeyCtx = EVP_PKEY_CTX_new(pkey, kaeEngine)) == NULL) { + KAE_ThrowFromOpenssl(env, "EVP_PKEY_new", KAE_ThrowSignatureException); +@@ -320,8 +324,9 @@ JNIEXPORT jboolean JNICALL Java_org_openeuler_security_openssl_KAERSASignatureNa + jbyte* digestBytes = NULL; + jbyte* sigBytes = NULL; + jboolean isSuccess = JNI_FALSE; +- static ENGINE* kaeEngine = NULL; +- kaeEngine = (kaeEngine == NULL) ? GetKaeEngine() : kaeEngine; ++ ENGINE* kaeEngine = GetEngineByAlgorithmIndex(RSA_INDEX); ++ KAE_TRACE("KAERSASignatureNative_pssVerify: kaeEngine => %p", kaeEngine); ++ + // new EVP_PKEY_CTX + if ((pkeyCtx = EVP_PKEY_CTX_new(pkey, kaeEngine)) == NULL) { + KAE_ThrowFromOpenssl(env, "EVP_PKEY_new", KAE_ThrowSignatureException); +diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_symmetric_cipher.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_symmetric_cipher.c +index 71c28bdea..43f6326b2 100644 +--- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_symmetric_cipher.c ++++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_symmetric_cipher.c +@@ -142,16 +142,19 @@ Java_org_openeuler_security_openssl_KAESymmetricCipherBase_nativeInit(JNIEnv* en + jbyte* keyBytes = NULL; + jbyte* ivBytes = NULL; + const EVP_CIPHER* cipher = NULL; +- static ENGINE* kaeEngine = NULL; ++ ENGINE* kaeEngine = NULL; + + const char* algo = (*env)->GetStringUTFChars(env, cipherType, 0); + if (StartsWith("aes", algo)) { + cipher = EVPGetAesCipherByName(env, algo); +- kaeEngine = NULL; ++ kaeEngine = GetAesEngineByAlgorithmName(algo); + } else { + cipher = EVPGetSm4CipherByName(env, algo); +- kaeEngine = (kaeEngine == NULL) ? GetKaeEngine() : kaeEngine; ++ kaeEngine = GetSm4EngineByAlgorithmName(algo); + } ++ ++ KAE_TRACE("KAESymmetricCipherBase_nativeInit: kaeEngine => %p", kaeEngine); ++ + (*env)->ReleaseStringUTFChars(env, cipherType, algo); + if (cipher == NULL) { + KAE_ThrowOOMException(env, "create EVP_CIPHER fail"); +diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_util.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_util.c +index 0e656a834..a16d944c4 100644 +--- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_util.c ++++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_util.c +@@ -22,6 +22,7 @@ + */ + + #include ++#include + #include "kae_util.h" + #include "kae_exception.h" + +@@ -55,7 +56,7 @@ BIGNUM* KAE_GetBigNumFromByteArray(JNIEnv* env, jbyteArray byteArray) { + + jbyte* bytes = (*env)->GetByteArrayElements(env, byteArray, NULL); + if (bytes == NULL) { +- KAE_ThrowNullPointerException(env,"GetByteArrayElements failed"); ++ KAE_ThrowNullPointerException(env, "GetByteArrayElements failed"); + goto cleanup; + } + BIGNUM* result = BN_bin2bn((const unsigned char*) bytes, len, bn); +@@ -109,3 +110,138 @@ cleanup: + (*env)->ReleaseByteArrayElements(env, javaBytes, bytes, 0); + return javaBytes; + } ++ ++#define ENGINE_LENGTH (EC_INDEX + 1) ++static ENGINE* engines[ENGINE_LENGTH] = {NULL}; ++static jboolean engineFlags[ENGINE_LENGTH] = {JNI_FALSE}; ++static KAEAlgorithm kaeAlgorithms[ENGINE_LENGTH] = { ++ {MD5_INDEX, "md5"}, ++ {SHA256_INDEX, "sha256"}, ++ {SHA384_INDEX, "sha384"}, ++ {SM3_INDEX, "sm3"}, ++ {AES_128_ECB_INDEX, "aes-128-ecb"}, ++ {AES_128_CBC_INDEX, "aes-128-cbc"}, ++ {AES_128_CTR_INDEX, "aes-128-ctr"}, ++ {AES_128_GCM_INDEX, "aes-128-gcm"}, ++ {AES_192_ECB_INDEX, "aes-192-ecb"}, ++ {AES_192_CBC_INDEX, "aes-192-cbc"}, ++ {AES_192_CTR_INDEX, "aes-192-ctr"}, ++ {AES_192_GCM_INDEX, "aes-192-gcm"}, ++ {AES_256_ECB_INDEX, "aes-256-ecb"}, ++ {AES_256_CBC_INDEX, "aes-256-cbc"}, ++ {AES_256_CTR_INDEX, "aes-256-ctr"}, ++ {AES_256_GCM_INDEX, "aes-256-gcm"}, ++ {SM4_ECB_INDEX, "sm4-ecb"}, ++ {SM4_CBC_INDEX, "sm4-cbc"}, ++ {SM4_CTR_INDEX, "sm4-ctr"}, ++ {SM4_OFB_INDEX, "sm4-ofb"}, ++ {HMAC_MD5_INDEX, "hmac-md5"}, ++ {HMAC_SHA1_INDEX, "hmac-sha1"}, ++ {HMAC_SHA224_INDEX, "hmac-sha224"}, ++ {HMAC_SHA256_INDEX, "hmac-sha256"}, ++ {HMAC_SHA384_INDEX, "hmac-sha384"}, ++ {HMAC_SHA512_INDEX, "hmac-sha512"}, ++ {RSA_INDEX, "rsa"}, ++ {DH_INDEX, "dh"}, ++ {EC_INDEX, "ec"} ++}; ++ ++void initEngines(JNIEnv* env, jbooleanArray algorithmKaeFlags) { ++ if (algorithmKaeFlags == NULL) { ++ return; ++ } ++ ++ // get jTemp ++ jboolean* jTemp = NULL; ++ int length = (*env)->GetArrayLength(env, algorithmKaeFlags); ++ jTemp = (jboolean*) malloc(length); ++ if (jTemp == NULL) { ++ KAE_ThrowOOMException(env, "initEngines GetArrayLength error"); ++ return; ++ } ++ (*env)->GetBooleanArrayRegion(env, algorithmKaeFlags, 0, length, jTemp); ++ ++ // assign engines ++ int minLen = length < ENGINE_LENGTH ? length : ENGINE_LENGTH; ++ int i; ++ for (i = 0; i < minLen; i++) { ++ if (jTemp[i]) { ++ engines[i] = kaeEngine; ++ engineFlags[i] = JNI_TRUE; ++ } ++ } ++ if (length < ENGINE_LENGTH) { ++ for (i = minLen; i < ENGINE_LENGTH; i++) { ++ engines[i] = kaeEngine; ++ engineFlags[i] = JNI_TRUE; ++ } ++ } ++ ++ // free jTemp ++ if (jTemp != NULL) { ++ free(jTemp); ++ } ++} ++ ++jbooleanArray getEngineFlags(JNIEnv* env) { ++ jbooleanArray array = (*env)->NewBooleanArray(env, ENGINE_LENGTH); ++ (*env)->SetBooleanArrayRegion(env, array, 0, ENGINE_LENGTH, engineFlags); ++ return array; ++} ++ ++ENGINE* GetEngineByAlgorithmIndex(AlgorithmIndex algorithmIndex) { ++ return engines[algorithmIndex]; ++} ++ ++/* ++ * Get the engine used by the specified algorithm. ++ * @param beginIndex the beginning index, inclusive. ++ * @param endIndex the ending index, exclusive. ++ * @param algorithmName algorithm name ++ * @return engine ++ */ ++ENGINE* GetEngineByBeginIndexAndEndIndex(int beginIndex, int endIndex, ++ const char* algorithmName) { ++ if (beginIndex < 0 || endIndex > ENGINE_LENGTH) { ++ return NULL; ++ } ++ ++ int i; ++ for (i = beginIndex; i < endIndex; i++) { ++ if (strcasecmp(kaeAlgorithms[i].algorithmName, algorithmName) == 0) { ++ return engines[kaeAlgorithms[i].algorithmIndex]; ++ } ++ } ++ return NULL; ++} ++ ++ENGINE* GetHmacEngineByAlgorithmName(const char* algorithmName) { ++ char prefix[] = {"hmac-"}; ++ int len = strlen(algorithmName); ++ int newLen = strlen(algorithmName) + strlen(prefix) + 1; ++ char* newAlgorithmName = NULL; ++ newAlgorithmName = malloc(newLen); ++ if (newAlgorithmName == NULL) { ++ return NULL; ++ } ++ strcpy(newAlgorithmName, prefix); ++ strcat(newAlgorithmName, algorithmName); ++ ENGINE* engine = GetEngineByBeginIndexAndEndIndex(HMAC_MD5_INDEX, HMAC_SHA512_INDEX + 1, newAlgorithmName); ++ if (newAlgorithmName != NULL) { ++ free(newAlgorithmName); ++ } ++ return engine; ++} ++ ++ENGINE* GetDigestEngineByAlgorithmName(const char* algorithmName) { ++ return GetEngineByBeginIndexAndEndIndex(MD5_INDEX, SM3_INDEX + 1, algorithmName); ++} ++ ++ENGINE* GetAesEngineByAlgorithmName(const char* algorithmName) { ++ return GetEngineByBeginIndexAndEndIndex(AES_128_ECB_INDEX, AES_256_GCM_INDEX + 1, algorithmName); ++} ++ ++ENGINE* GetSm4EngineByAlgorithmName(const char* algorithmName) { ++ return GetEngineByBeginIndexAndEndIndex(SM4_ECB_INDEX, SM4_OFB_INDEX + 1, algorithmName); ++} ++ +diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_util.h b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_util.h +index 13bd5976d..347337509 100644 +--- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_util.h ++++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_util.h +@@ -27,6 +27,43 @@ + #include + #include + ++typedef enum { ++ MD5_INDEX, ++ SHA256_INDEX, ++ SHA384_INDEX, ++ SM3_INDEX, ++ AES_128_ECB_INDEX, ++ AES_128_CBC_INDEX, ++ AES_128_CTR_INDEX, ++ AES_128_GCM_INDEX, ++ AES_192_ECB_INDEX, ++ AES_192_CBC_INDEX, ++ AES_192_CTR_INDEX, ++ AES_192_GCM_INDEX, ++ AES_256_ECB_INDEX, ++ AES_256_CBC_INDEX, ++ AES_256_CTR_INDEX, ++ AES_256_GCM_INDEX, ++ SM4_ECB_INDEX, ++ SM4_CBC_INDEX, ++ SM4_CTR_INDEX, ++ SM4_OFB_INDEX, ++ HMAC_MD5_INDEX, ++ HMAC_SHA1_INDEX, ++ HMAC_SHA224_INDEX, ++ HMAC_SHA256_INDEX, ++ HMAC_SHA384_INDEX, ++ HMAC_SHA512_INDEX, ++ RSA_INDEX, ++ DH_INDEX, ++ EC_INDEX ++} AlgorithmIndex; ++ ++typedef struct { ++ AlgorithmIndex algorithmIndex; ++ const char* algorithmName; ++} KAEAlgorithm; ++ + /* jbyteArray convert to BIGNUM */ + BIGNUM* KAE_GetBigNumFromByteArray(JNIEnv* env, jbyteArray byteArray); + +@@ -40,8 +77,18 @@ void SetKaeEngine(ENGINE* engine); + + ENGINE* GetKaeEngine(); + +-void SetKaeEngine(ENGINE* engine); ++void initEngines(JNIEnv* env, jbooleanArray algorithmKaeFlags); + +-ENGINE* GetKaeEngine(); ++jbooleanArray getEngineFlags(JNIEnv* env); ++ ++ENGINE* GetEngineByAlgorithmIndex(AlgorithmIndex algorithmIndex); ++ ++ENGINE* GetHmacEngineByAlgorithmName(const char* algorithmName); ++ ++ENGINE* GetDigestEngineByAlgorithmName(const char* algorithmName); ++ ++ENGINE* GetAesEngineByAlgorithmName(const char* algorithmName); ++ ++ENGINE* GetSm4EngineByAlgorithmName(const char* algorithmName); + + #endif +diff --git a/jdk/test/org/openeuler/security/openssl/AESTest.java b/jdk/test/org/openeuler/security/openssl/AESTest.java +new file mode 100644 +index 000000000..77da5ecc2 +--- /dev/null ++++ b/jdk/test/org/openeuler/security/openssl/AESTest.java +@@ -0,0 +1,114 @@ ++/* ++ * Copyright (c) 2022, Huawei Technologies Co., Ltd. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++import org.openeuler.security.openssl.KAEProvider; ++ ++import java.nio.charset.StandardCharsets; ++import java.security.Security; ++import java.security.spec.AlgorithmParameterSpec; ++import javax.crypto.Cipher; ++import javax.crypto.KeyGenerator; ++import javax.crypto.SecretKey; ++import javax.crypto.spec.IvParameterSpec; ++ ++/** ++ * @test ++ * @summary Basic test for AES ++ * @requires os.arch=="aarch64" ++ * @run main AESTest ++ */ ++ ++public class AESTest { ++ private static final String[] ALGORITHM = {"AES", "AES_128", "AES_192", "AES_256"}; ++ private static final String[] MODES = {"ECB", "CBC", "CTR", "GCM"}; ++ private static final String[] PADDING = {"NoPadding", "PKCS5Padding"}; ++ private static final int AES_128_KEY_LENGTH = 128; ++ private static final int AES_192_KEY_LENGTH = 192; ++ private static final int AES_256_KEY_LENGTH = 256; ++ private static String plainText = "helloworldhellow"; // 16bytes for NoPadding ++ private static String shortPlainText = "helloworld"; // 5 bytes for padding ++ ++ public static void main(String[] args) throws Exception { ++ Security.insertProviderAt(new KAEProvider(), 1); ++ for (String algo : ALGORITHM) { ++ for (String mode : MODES) { ++ int padKinds = 2; ++ if (mode.equalsIgnoreCase("CTR")) { ++ padKinds = 1; ++ } ++ for (int k = 0; k < padKinds; k++) { ++ test(algo, mode, PADDING[k]); ++ } ++ } ++ } ++ } ++ ++ public static void test(String algo, String mo, String pad) throws Exception { ++ AlgorithmParameterSpec aps = null; ++ ++ Cipher cipher = Cipher.getInstance(algo + "/" + mo + "/" + pad); ++ ++ KeyGenerator kg = KeyGenerator.getInstance("AES"); ++ if (algo.equalsIgnoreCase("AES_192")) { ++ kg.init(AES_192_KEY_LENGTH); ++ } else if (algo.equalsIgnoreCase("AES_256")) { ++ kg.init(AES_256_KEY_LENGTH); ++ } else { ++ kg.init(AES_128_KEY_LENGTH); ++ } ++ ++ SecretKey key = kg.generateKey(); ++ ++ // encrypt ++ if (!mo.equalsIgnoreCase("GCM")) { ++ cipher.init(Cipher.ENCRYPT_MODE, key, aps); ++ } else { ++ cipher.init(Cipher.ENCRYPT_MODE, key); ++ } ++ ++ String cipherString = null; ++ if (!pad.equalsIgnoreCase("NoPadding")) { ++ cipherString = shortPlainText; ++ } else { ++ cipherString = plainText; ++ } ++ byte[] cipherText = cipher.doFinal(cipherString.getBytes(StandardCharsets.UTF_8)); ++ if (!mo.equalsIgnoreCase("ECB")) { ++ aps = new IvParameterSpec(cipher.getIV()); ++ } else { ++ aps = null; ++ } ++ ++ if (!mo.equalsIgnoreCase("GCM")) { ++ cipher.init(Cipher.DECRYPT_MODE, key, aps); ++ } else { ++ cipher.init(Cipher.DECRYPT_MODE, key, cipher.getParameters()); ++ } ++ ++ String decryptPlainText = new String(cipher.doFinal(cipherText)); ++ ++ if (!cipherString.equals(decryptPlainText)) { ++ throw new RuntimeException("aes decryption failed, algo = " + algo + ", mo = " + mo + ", pad = " + pad); ++ } ++ } ++} +diff --git a/jdk/test/org/openeuler/security/openssl/DHTest.java b/jdk/test/org/openeuler/security/openssl/DHTest.java +index 6eb5e7c96..ee5d63684 100644 +--- a/jdk/test/org/openeuler/security/openssl/DHTest.java ++++ b/jdk/test/org/openeuler/security/openssl/DHTest.java +@@ -28,7 +28,6 @@ import java.io.Serializable; + import java.math.BigInteger; + import java.security.*; + import java.util.Arrays; +-import java.util.Date; + import javax.crypto.KeyAgreement; + import javax.crypto.spec.*; + import org.openeuler.security.openssl.KAEProvider; +@@ -75,18 +74,16 @@ import org.openeuler.security.openssl.KAEProvider; + /** + * @test + * @summary Basic test for DH ++ * @requires os.arch=="aarch64" + * @run main DHTest + */ + +-final class DHTest implements Serializable { +- private static int bitLength = 8192; ++public class DHTest implements Serializable { + private static BigInteger g512; + private static BigInteger p512; +- Throwable t = null; + + private static volatile Provider sunJceProvider; + private static volatile Provider kaeProvider; +- Date d = new Date(); + + public static void main(String[] args) throws Exception { + Security.addProvider(new KAEProvider()); +@@ -97,8 +94,6 @@ final class DHTest implements Serializable { + + p512 = new BigInteger("27672987386729926592037876826877634387173876890702920770064392919138769821035856568775311919542560094764667151024449425954917954337048895981297730855891532066350935045229294626339548842381843985759061682551900379979643117695834175891578650111093016914264824311693147701566019122696621248493126219217339690346346921463135605151471303957324058301097079967414639146647429422884520134312590056632178576758580657240245655739869017244657144448267757255018625514803292549109401806336918448001843022629625467069714240279603204909633404992842479161100500474744098408277938070656334892106100534117209709263785505019003765693651"); + +- DHTest.bitLength = 0; +- + DHParameterSpec dhParams = new DHParameterSpec(p512, g512); + KeyPairGenerator SunJCEkeyGen = KeyPairGenerator.getInstance("DH", sunJceProvider); + KeyPairGenerator KAEkeyGen = KeyPairGenerator.getInstance("DH", kaeProvider); +diff --git a/jdk/test/org/openeuler/security/openssl/DigestTest.java b/jdk/test/org/openeuler/security/openssl/DigestTest.java +new file mode 100644 +index 000000000..a293f7268 +--- /dev/null ++++ b/jdk/test/org/openeuler/security/openssl/DigestTest.java +@@ -0,0 +1,60 @@ ++import org.openeuler.security.openssl.KAEProvider; ++ ++import java.nio.charset.StandardCharsets; ++import java.security.MessageDigest; ++import java.security.Security; ++import java.util.Arrays; ++import java.util.HashMap; ++import java.util.Map; ++ ++/** ++ * @test ++ * @summary Basic test for MD5 SHA256 SHA384 ++ * @requires os.arch=="aarch64" ++ * @run main/othervm DigestTest ++ */ ++public class DigestTest { ++ private static String PLAIN_TEXT = "hello world"; ++ ++ private static Map alg = new HashMap(); ++ ++ static { ++ alg.put("MD5", new byte[] {94, -74, 59, -69, -32, 30, -18, -48, -109, -53, 34, -69, -113, 90, -51, -61}); ++ alg.put( ++ "SHA-256", ++ new byte[] { ++ -71, 77, 39, -71, -109, 77, 62, 8, -91, 46, 82, -41, -38, 125, -85, -6, ++ -60, -124, -17, -29, 122, 83, -128, -18, -112, -120, -9, -84, -30, -17, -51, -23 ++ }); ++ alg.put( ++ "SHA-384", ++ new byte[] { ++ -3, -67, -114, 117, -90, 127, 41, -9, 1, -92, -32, 64, 56, 94, 46, 35, ++ -104, 99, 3, -22, 16, 35, -110, 17, -81, -112, 127, -53, -72, 53, 120, -77, ++ -28, 23, -53, 113, -50, 100, 110, -3, 8, 25, -35, -116, 8, -115, -31, -67 ++ }); ++ alg.put( ++ "SM3", ++ new byte[] { ++ 68, -16, 6, 30, 105, -6, 111, -33, -62, -112, -60, -108, 101, 74, 5, ++ -36, 12, 5, 61, -89, -27, -59, 43, -124, -17, -109, -87, -42, 125, 63, ++ -1, -120 ++ }); ++ } ++ ++ public static void main(String[] args) throws Exception { ++ Security.insertProviderAt(new KAEProvider(), 1); ++ for (String key : alg.keySet()) { ++ test(PLAIN_TEXT, key, alg.get(key)); ++ } ++ } ++ ++ public static void test(String plainText, String algo, byte[] expectRes) throws Exception { ++ MessageDigest md = MessageDigest.getInstance(algo); ++ md.update(plainText.getBytes(StandardCharsets.UTF_8)); ++ byte[] res = md.digest(); ++ if (!Arrays.equals(res, expectRes)) { ++ throw new RuntimeException(algo + " failed"); ++ } ++ } ++} +diff --git a/jdk/test/org/openeuler/security/openssl/ECDHTest.java b/jdk/test/org/openeuler/security/openssl/ECDHTest.java +index 590c31154..069c32295 100644 +--- a/jdk/test/org/openeuler/security/openssl/ECDHTest.java ++++ b/jdk/test/org/openeuler/security/openssl/ECDHTest.java +@@ -41,6 +41,7 @@ import java.nio.charset.StandardCharsets; + /** + * @test + * @summary Basic test for ECDH ++ * @requires os.arch=="aarch64" + * @run main ECDHTest + */ + +diff --git a/jdk/test/org/openeuler/security/openssl/HmacTest.java b/jdk/test/org/openeuler/security/openssl/HmacTest.java +new file mode 100644 +index 000000000..9ff328629 +--- /dev/null ++++ b/jdk/test/org/openeuler/security/openssl/HmacTest.java +@@ -0,0 +1,88 @@ ++/* ++ * Copyright (c) 2022, Huawei Technologies Co., Ltd. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++import org.openeuler.security.openssl.KAEProvider; ++ ++import javax.crypto.Mac; ++import javax.crypto.spec.SecretKeySpec; ++import java.security.Key; ++import java.security.Security; ++import java.util.Arrays; ++ ++/** ++ * @test ++ * @summary test for Hmac ++ * @requires os.arch=="aarch64" ++ * @run main/othervm HmacTest ++ */ ++public class HmacTest { ++ private static final byte[] PLAIN_BYTES = "hello world".getBytes(); ++ private static final String[] ALGORITHMS = new String[]{ ++ "HmacMD5", ++ "HmacSHA1", ++ "HmacSHA224", ++ "HmacSHA256", ++ "HmacSHA384", ++ "HmacSHA512", ++ }; ++ private static final byte[][] EXPECTED_BYTES = { ++ {-40, 63, -96, 13, 107, -33, -1, -53, -116, 117, 75, -6, 85, -88, -112, -90}, ++ {-68, 104, 112, -36, 123, 123, -92, 104, 89, -90, 63, 56, 84, 45, 12, -7, 41, 103, -105, -27}, ++ {-31, 0, 103, 51, -119, -61, 2, -76, -83, -113, 95, 86, 8, 46, 91, 20, ++ -15, -23, -71, 62, -50, 86, -54, 71, -94, -47, -103, 43}, ++ {-69, -83, -3, 7, 61, 38, -122, -59, 7, -53, 106, 114, 58, 102, 65, -118, ++ 54, -50, 116, -56, 110, 54, -71, 36, 60, 84, 14, 97, 78, 18, -119, -24}, ++ {100, -58, 106, 64, -96, 91, 99, -33, 36, -78, -53, -50, -78, 116, -110, 85, ++ 84, -5, -63, 17, 51, -69, -39, -122, 65, 8, -122, -43, 39, 13, -41, -52, ++ 45, -38, -59, 70, 17, -87, -63, -126, 4, 120, -77, 71, 119, 96, -2, -68}, ++ {-89, 47, -98, -12, 110, -88, 23, 2, 28, 26, -71, 53, -108, 54, -52, 1, ++ -121, -121, 87, 6, -78, 123, -14, -86, 127, 114, 124, -73, -98, 79, -122, 69, ++ -32, 50, 48, -79, -110, 66, 38, 70, -3, -76, 95, 55, 74, 48, 57, -121, ++ 22, 60, -83, -109, 59, 79, 0, -49, 107, 88, -82, -35, 87, -36, 49, -54} ++ }; ++ private static final Key key = new SecretKeySpec("mac".getBytes(), ""); ++ ++ public static void main(String[] args) throws Exception { ++ Security.insertProviderAt(new KAEProvider(), 1); ++ for (int i = 0; i < ALGORITHMS.length; i++) { ++ test(ALGORITHMS[i], key, PLAIN_BYTES, EXPECTED_BYTES[i]); ++ } ++ } ++ ++ private static void test(String algorithm, Key key, byte[] inputBytes, byte[] expectedBytes) throws Exception { ++ Mac mac = Mac.getInstance(algorithm); ++ mac.init(key); ++ mac.update(inputBytes); ++ byte[] bytes = mac.doFinal(); ++ if (!(mac.getProvider() instanceof KAEProvider)) { ++ throw new RuntimeException(algorithm + " failed," + ++ "provider=" + mac.getProvider().getClass() + "," + ++ "expectedProvider=" + KAEProvider.class); ++ } ++ if (!Arrays.equals(bytes, expectedBytes)) { ++ throw new RuntimeException(algorithm + " failed," + ++ "bytes=" + Arrays.toString(bytes) + "," + ++ "expectedBytes=" + Arrays.toString(expectedBytes)); ++ } ++ } ++} +diff --git a/jdk/test/org/openeuler/security/openssl/KAEConfTest.java b/jdk/test/org/openeuler/security/openssl/KAEConfTest.java +new file mode 100644 +index 000000000..9028d28b5 +--- /dev/null ++++ b/jdk/test/org/openeuler/security/openssl/KAEConfTest.java +@@ -0,0 +1,121 @@ ++/* ++ * Copyright (c) 2022, Huawei Technologies Co., Ltd. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++import org.openeuler.security.openssl.KAEConfig; ++import org.openeuler.security.openssl.KAEProvider; ++ ++import java.io.File; ++import java.io.FileWriter; ++import java.io.IOException; ++import java.nio.file.Files; ++import java.util.ArrayList; ++import java.util.List; ++ ++/* ++ * @test ++ * @summary Test KAE Conf ++ * @requires os.arch=="aarch64" ++ * @run main/othervm KAEConfTest DEFAULT ++ * @run main/othervm KAEConfTest SPECIFY ++ */ ++public class KAEConfTest { ++ private static final String DEFAULT_CONF = System.getProperty("java.home") + ++ File.separator + "lib" + File.separator + "kaeprovider.conf"; ++ ++ private static final String SPECIFY_CONF = System.getProperty("user.dir") + ++ File.separator + "kaeprovider.conf"; ++ ++ private static final String SPECIFY_LOG_PATH = System.getProperty("user.dir") + File.separator + "kae.log"; ++ private static final List files = new ArrayList<>(); ++ ++ enum Mode { ++ DEFAULT, ++ SPECIFY ++ } ++ ++ public static void main(String[] args) throws IOException { ++ Mode mode = getMode(args); ++ try { ++ init(mode); ++ new KAEProvider(); ++ test(mode); ++ } finally { ++ KAETestHelper.cleanUp(files); ++ } ++ } ++ ++ private static Mode getMode(String[] args) { ++ if (args.length <= 0) { ++ return Mode.DEFAULT; ++ } ++ return Mode.valueOf(args[0]); ++ } ++ ++ private static void init(Mode mode) throws IOException { ++ if (Mode.SPECIFY.equals(mode)) { ++ System.setProperty("kae.conf", SPECIFY_CONF); ++ File file = new File(SPECIFY_CONF); ++ if (!file.exists()) { ++ Files.createFile(file.toPath()); ++ } ++ files.add(file); ++ try (FileWriter fileWriter = new FileWriter(file)) { ++ fileWriter.write("kae.log=true"); ++ fileWriter.flush(); ++ } ++ } ++ } ++ ++ private static void testDefault() { ++ File file = new File(DEFAULT_CONF); ++ if (!file.exists()) { ++ throw new RuntimeException("test failed"); ++ } ++ } ++ ++ private static void testSpecify() { ++ String value = KAEConfig.privilegedGetOverridable("kae.log"); ++ if (!"true".equals(value)) { ++ throw new RuntimeException("test failed : kae.log=" + value); ++ } ++ File file = new File(SPECIFY_LOG_PATH); ++ if (!file.exists()) { ++ throw new RuntimeException(SPECIFY_LOG_PATH + "does not exist"); ++ } ++ // kae log file ++ files.add(file); ++ } ++ ++ private static void test(Mode mode) { ++ switch (mode) { ++ case DEFAULT: ++ testDefault(); ++ break; ++ case SPECIFY: ++ testSpecify(); ++ break; ++ default: ++ throw new IllegalArgumentException("invalid mode"); ++ } ++ } ++} +diff --git a/jdk/test/org/openeuler/security/openssl/KAEDisabledAlgorithmsTest.java b/jdk/test/org/openeuler/security/openssl/KAEDisabledAlgorithmsTest.java +new file mode 100644 +index 000000000..6301b6d76 +--- /dev/null ++++ b/jdk/test/org/openeuler/security/openssl/KAEDisabledAlgorithmsTest.java +@@ -0,0 +1,164 @@ ++/* ++ * Copyright (c) 2022, Huawei Technologies Co., Ltd. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++import org.openeuler.security.openssl.KAEConfig; ++import org.openeuler.security.openssl.KAEProvider; ++ ++import java.util.HashSet; ++import java.util.Set; ++ ++/* ++ * @test ++ * @summary Test property kae.engine.disableAlgorithms ++ * @requires os.arch=="aarch64" ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=md5 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=sha256 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=sha384 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=sm3 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=aes-128-ecb KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=aes-128-cbc KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=aes-128-ctr KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=aes-128-gcm KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=aes-192-ecb KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=aes-192-cbc KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=aes-192-ctr KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=aes-192-gcm KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=aes-256-ecb KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=aes-256-cbc KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=aes-256-ctr KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=aes-256-gcm KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=sm4-ecb KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=sm4-cbc KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=sm4-ctr KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=sm4-ofb KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=hmac-md5 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=hmac-sha1 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=hmac-sha224 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=hmac-sha256 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=hmac-sha384 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=hmac-sha512 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=rsa KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=dh KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=ec KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=aes-128-gcm,aes-192-gcm,aes-256-gcm KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.disabledAlgorithms=md5,aes-128-ecb,sm4-ecb,hmac-sha1,rsa,dh,ec KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=md5 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=sha256 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=sha384 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=sm3 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=aes-128-ecb KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=aes-128-cbc KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=aes-128-ctr KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=aes-128-gcm KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=aes-192-ecb KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=aes-192-cbc KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=aes-192-ctr KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=aes-192-gcm KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=aes-256-ecb KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=aes-256-cbc KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=aes-256-ctr KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=aes-256-gcm KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=sm4-ecb KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=sm4-cbc KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=sm4-ctr KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=sm4-ofb KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=hmac-md5 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=hmac-sha1 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=hmac-sha224 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=hmac-sha256 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=hmac-sha384 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=hmac-sha512 KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=rsa KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=dh KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=ec KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=aes-128-gcm,aes-192-gcm,aes-256-gcm KAEDisabledAlgorithmsTest ++ * @run main/othervm -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.engine.disabledAlgorithms=md5,aes-128-ecb,sm4-ecb,hmac-sha1,rsa,dh,ec KAEDisabledAlgorithmsTest ++ */ ++public class KAEDisabledAlgorithmsTest { ++ ++ public static void main(String[] args) { ++ KAETestHelper.Engine engine = KAETestHelper.getEngine(); ++ if (!engine.isValid()) { ++ System.out.println("Skip test, engine " + engine.getEngineId() + " does not exist."); ++ return; ++ } ++ String[] disabledAlgorithms = getDisabledAlgorithms(); ++ init(); ++ new KAEProvider(); ++ test(disabledAlgorithms); ++ } ++ ++ private static final String[] PROPERTY_NAMES = new String[]{ ++ "kae.digest.useKaeEngine", ++ "kae.aes.useKaeEngine", ++ "kae.sm4.useKaeEngine", ++ "kae.hmac.useKaeEngine", ++ "kae.rsa.useKaeEngine", ++ "kae.dh.useKaeEngine", ++ "kae.ec.useKaeEngine" ++ }; ++ ++ private static String[] getDisabledAlgorithms() { ++ String value = System.getProperty("kae.engine.disabledAlgorithms"); ++ if (value == null) { ++ return new String[0]; ++ } ++ return value.split(","); ++ } ++ ++ private static void init() { ++ for (String propertyName : PROPERTY_NAMES) { ++ System.setProperty(propertyName, "true"); ++ } ++ } ++ ++ private static void test(String[] disabledAlgorithms) { ++ boolean[] useKaeEngineFlags = KAEConfig.getUseKaeEngineFlags(); ++ Set disabledAlgorithmIndexSet = new HashSet<>(); ++ ++ // test disabled algorithms ++ for (String disabledAlgorithm : disabledAlgorithms) { ++ Integer index = KAETestHelper.getAlgorithmIndex(disabledAlgorithm); ++ if (index == null || index < 0 || index >= useKaeEngineFlags.length) { ++ continue; ++ } ++ if (useKaeEngineFlags[index]) { ++ throw new RuntimeException("test failed"); ++ } ++ disabledAlgorithmIndexSet.add(index); ++ } ++ ++ // test other algorithms that are not disabled (except ec) ++ for (int i = 0; i < useKaeEngineFlags.length - 1; i++) { ++ if (!disabledAlgorithmIndexSet.contains(i) && !useKaeEngineFlags[i]) { ++ throw new RuntimeException(KAETestHelper.getAlgorithmName(i) + " algorithm is not disabled"); ++ } ++ } ++ ++ // test whether the ec algorithm is disabled by default ++ if (useKaeEngineFlags[useKaeEngineFlags.length - 1]) { ++ throw new RuntimeException(KAETestHelper.getAlgorithmName(useKaeEngineFlags.length - 1) ++ + " algorithm is disabled by default"); ++ } ++ } ++} +diff --git a/jdk/test/org/openeuler/security/openssl/KAEEngineIdTest.java b/jdk/test/org/openeuler/security/openssl/KAEEngineIdTest.java +new file mode 100644 +index 000000000..2ddaf6712 +--- /dev/null ++++ b/jdk/test/org/openeuler/security/openssl/KAEEngineIdTest.java +@@ -0,0 +1,76 @@ ++/* ++ * Copyright (c) 2022, Huawei Technologies Co., Ltd. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++import org.openeuler.security.openssl.KAEProvider; ++ ++import java.io.BufferedReader; ++import java.io.File; ++import java.io.FileReader; ++import java.io.IOException; ++import java.util.ArrayList; ++import java.util.List; ++ ++/* ++ * @test ++ * @summary Test KAE property kae.engine.id and kae.libcrypto.useGlobalMode ++ * @requires os.arch=="aarch64" ++ * @run main/othervm -Dkae.log=true KAEEngineIdTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=kae KAEEngineIdTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true KAEEngineIdTest ++ */ ++public class KAEEngineIdTest { ++ ++ private static final String LOG_PATH = System.getProperty("user.dir") + ++ File.separator + "kae.log"; ++ ++ private static final List files = new ArrayList<>(); ++ ++ public static void main(String[] args) throws IOException { ++ KAETestHelper.Engine engine = KAETestHelper.getEngine(); ++ if (!engine.isValid()) { ++ System.out.println("Skip test, engine " + engine.getEngineId() + " does not exist."); ++ return; ++ } ++ ++ try { ++ new KAEProvider(); ++ test(engine); ++ } finally { ++ KAETestHelper.cleanUp(files); ++ } ++ } ++ ++ private static void test(KAETestHelper.Engine engine) throws IOException { ++ File file = new File(LOG_PATH); ++ if (!file.exists()) { ++ throw new RuntimeException(LOG_PATH + " does not exist"); ++ } ++ files.add(file); ++ try (BufferedReader bufferedReader = new BufferedReader(new FileReader(file))) { ++ String s = bufferedReader.readLine(); ++ if (!s.contains(engine.getEngineId() + " engine was found")) { ++ throw new RuntimeException("test failed"); ++ } ++ } ++ } ++} +diff --git a/jdk/test/org/openeuler/security/openssl/KAELogTest.java b/jdk/test/org/openeuler/security/openssl/KAELogTest.java +new file mode 100644 +index 000000000..31c8f5d99 +--- /dev/null ++++ b/jdk/test/org/openeuler/security/openssl/KAELogTest.java +@@ -0,0 +1,126 @@ ++/* ++ * Copyright (c) 2022, Huawei Technologies Co., Ltd. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++import org.openeuler.security.openssl.KAEProvider; ++ ++import java.io.File; ++import java.util.ArrayList; ++import java.util.List; ++ ++/* ++ * @test ++ * @summary Test KAE log ++ * @requires os.arch=="aarch64" ++ * @run main/othervm KAELogTest ++ * @run main/othervm -Dkae.log=false KAELogTest ++ * @run main/othervm -Dkae.log=true KAELogTest ++ * @run main/othervm -Dkae.log=true -Dkae.log.file=./KAELogTest/kae.log KAELogTest ++ */ ++public class KAELogTest { ++ private static final String DEFAULT_LOG_PATH = System.getProperty("user.dir") + ++ File.separator + "kae.log"; ++ ++ private static final String SPECIFY_LOG_PATH = System.getProperty("user.dir") + ++ File.separator + "KAELogTest" + File.separator + "kae.log"; ++ ++ private static final List files = new ArrayList<>(); ++ ++ enum Mode { ++ DEFAULT, ++ DISABLE, ++ ENABLE, ++ SPECIFY ++ } ++ ++ public static void main(String[] args) { ++ Mode mode = getMode(); ++ try { ++ new KAEProvider(); ++ test(mode); ++ } finally { ++ KAETestHelper.cleanUp(files); ++ } ++ } ++ ++ private static Mode getMode() { ++ String enableKaeLog = System.getProperty("kae.log"); ++ if (enableKaeLog == null) { ++ return Mode.DEFAULT; ++ } else if ("false".equals(enableKaeLog)) { ++ return Mode.DISABLE; ++ } else { ++ String logPath = System.getProperty("kae.log.file"); ++ if (logPath == null) { ++ return Mode.ENABLE; ++ } ++ return Mode.SPECIFY; ++ } ++ } ++ ++ private static void testDefault() { ++ testDisable(); ++ } ++ ++ private static void testDisable() { ++ File file = new File(DEFAULT_LOG_PATH); ++ if (file.exists()) { ++ throw new RuntimeException("test failed"); ++ } ++ } ++ ++ private static void testEnable() { ++ File file = new File(DEFAULT_LOG_PATH); ++ if (!file.exists()) { ++ throw new RuntimeException("test failed"); ++ } ++ files.add(file); ++ } ++ ++ private static void testSpecify() { ++ File file = new File(KAELogTest.SPECIFY_LOG_PATH); ++ if (!file.exists()) { ++ throw new RuntimeException("test failed"); ++ } ++ files.add(file); ++ files.add(file.getParentFile()); ++ } ++ ++ private static void test(Mode mode) { ++ switch (mode) { ++ case DEFAULT: ++ testDefault(); ++ break; ++ case DISABLE: ++ testDisable(); ++ break; ++ case ENABLE: ++ testEnable(); ++ break; ++ case SPECIFY: ++ testSpecify(); ++ break; ++ default: ++ throw new IllegalArgumentException("invalid mode"); ++ } ++ } ++} +diff --git a/jdk/test/org/openeuler/security/openssl/KAETestHelper.java b/jdk/test/org/openeuler/security/openssl/KAETestHelper.java +new file mode 100644 +index 000000000..31e22493a +--- /dev/null ++++ b/jdk/test/org/openeuler/security/openssl/KAETestHelper.java +@@ -0,0 +1,209 @@ ++/* ++ * Copyright (c) 2022, Huawei Technologies Co., Ltd. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++import java.io.BufferedReader; ++import java.io.File; ++import java.io.FileReader; ++import java.io.IOException; ++import java.util.HashMap; ++import java.util.List; ++import java.util.Map; ++ ++class KAETestHelper { ++ private static final String KAE_ENGINE_ID = "kae"; ++ private static final String UADK_ENGINE_ID = "uadk_engine"; ++ private static boolean hasKaeEngine; ++ private static boolean hasUadkEngine; ++ ++ private static String engineRootPath; ++ ++ // algorithm names ++ private static final String[] ALGORITHM_NAMES = new String[]{ ++ "md5", ++ "sha256", ++ "sha384", ++ "sm3", ++ "aes-128-ecb", ++ "aes-128-cbc", ++ "aes-128-ctr", ++ "aes-128-gcm", ++ "aes-192-ecb", ++ "aes-192-cbc", ++ "aes-192-ctr", ++ "aes-192-gcm", ++ "aes-256-ecb", ++ "aes-256-cbc", ++ "aes-256-ctr", ++ "aes-256-gcm", ++ "sm4-ecb", ++ "sm4-cbc", ++ "sm4-ctr", ++ "sm4-ofb", ++ "hmac-md5", ++ "hmac-sha1", ++ "hmac-sha224", ++ "hmac-sha256", ++ "hmac-sha384", ++ "hmac-sha512", ++ "rsa", ++ "dh", ++ "ec" ++ }; ++ private static final Map ALGORITHM_NAME_MAP = new HashMap<>(); ++ ++ private static final String PROVIDER_NAME = "KAEProvider"; ++ private static final String USE_OPENSSL_MSG = "Use openssl soft calculation"; ++ private static final String USE_KAE_HARDWARE_MSG = "enable KAE hardware acceleration"; ++ private static final Map ALGORITHM_MSG_MAP = new HashMap<>(); ++ ++ static { ++ init(); ++ } ++ ++ enum Engine { ++ default_engine(hasKaeEngine, KAE_ENGINE_ID), ++ kae(hasKaeEngine, KAE_ENGINE_ID), ++ uadk_engine(hasUadkEngine, UADK_ENGINE_ID); ++ private final boolean isValid; ++ private final String engineId; ++ ++ Engine(boolean isValid, String engineId) { ++ this.isValid = isValid; ++ this.engineId = engineId; ++ } ++ ++ public boolean isValid() { ++ return isValid; ++ } ++ ++ public String getEngineId() { ++ return engineId; ++ } ++ } ++ ++ private static void init() { ++ engineRootPath = System.getenv("OPENSSL_ENGINES"); ++ if (engineRootPath == null || engineRootPath.equals("")) { ++ System.out.println("Environment variable OPENSSL_ENGINES is not configured"); ++ } ++ hasKaeEngine = hasEngine(KAE_ENGINE_ID); ++ hasUadkEngine = hasEngine(UADK_ENGINE_ID); ++ ++ for (int i = 0; i < ALGORITHM_NAMES.length; i++) { ++ ALGORITHM_NAME_MAP.put(ALGORITHM_NAMES[i], i); ++ } ++ ++ ALGORITHM_MSG_MAP.put(USE_OPENSSL_MSG, false); ++ ALGORITHM_MSG_MAP.put(USE_KAE_HARDWARE_MSG, true); ++ } ++ ++ static Integer getAlgorithmIndex(String algorithmName) { ++ return ALGORITHM_NAME_MAP.get(algorithmName); ++ } ++ ++ static String getAlgorithmName(Integer algorithmIndex) { ++ return ALGORITHM_NAMES[algorithmIndex]; ++ } ++ ++ private static boolean hasEngine(String engineId) { ++ String filePath = engineRootPath + File.separator + engineId + ".so"; ++ File file = new File(filePath); ++ return file.exists(); ++ } ++ ++ static boolean hasKaeEngine() { ++ return hasKaeEngine; ++ } ++ ++ static boolean hasUadkEngine() { ++ return hasUadkEngine; ++ } ++ ++ static void cleanUp(List files) { ++ for (File file : files) { ++ System.out.println("delete file : " + file); ++ file.delete(); ++ } ++ } ++ ++ static boolean[] parseLog(Engine engine, File file) throws IOException { ++ boolean[] kaeUseEngineFlags; ++ String expectedEngineMsg = engine.getEngineId() + " engine was found"; ++ try (BufferedReader reader = new BufferedReader(new FileReader(file))) { ++ // load engine message ++ String engineMsg = reader.readLine(); ++ if (engineMsg == null || !engineMsg.contains(expectedEngineMsg)) { ++ throw new RuntimeException("test failed : actual message :" + engineMsg); ++ } ++ ++ // summary message ++ String summaryMessage = reader.readLine(); ++ if (summaryMessage == null) { ++ throw new RuntimeException("test failed : summary message is null"); ++ } ++ ++ kaeUseEngineFlags = new boolean[ALGORITHM_NAMES.length]; ++ // strategy of each algorithm ++ String strategy; ++ while ((strategy = reader.readLine()) != null) { ++ String[] splitArray = strategy.split("=>"); ++ if (splitArray.length < 2) { ++ throw new RuntimeException("test failed : strategy = " + strategy); ++ } ++ ++ // algorithm Index ++ String algorithm = splitArray[0].replace(" ", ""); ++ Integer algorithmIndex = ALGORITHM_NAME_MAP.get(algorithm); ++ if (algorithmIndex == null) { ++ throw new RuntimeException("test failed : illegal algorithm " + algorithm); ++ } ++ ++ // provider and algorithm value ++ String detail = splitArray[1]; ++ String[] detailArray = detail.split(":"); ++ if (detailArray.length < 2) { ++ throw new RuntimeException("test failed : detail=" + strategy); ++ } ++ String provider = detailArray[0].replace(" ", ""); ++ if (!PROVIDER_NAME.equals(provider)) { ++ throw new RuntimeException("test failed : provider= " + provider); ++ } ++ String algorithmMsg = detailArray[1].trim(); ++ Boolean algorithmValue = ALGORITHM_MSG_MAP.get(algorithmMsg); ++ if (algorithmValue == null) { ++ throw new RuntimeException("test failed : algorithmMsg= " + algorithmMsg); ++ } ++ kaeUseEngineFlags[algorithmIndex] = algorithmValue; ++ } ++ } ++ return kaeUseEngineFlags; ++ } ++ ++ static KAETestHelper.Engine getEngine() { ++ String engineId = System.getProperty("kae.engine.id"); ++ if (engineId == null) { ++ return KAETestHelper.Engine.default_engine; ++ } ++ return KAETestHelper.Engine.valueOf(engineId); ++ } ++} +diff --git a/jdk/test/org/openeuler/security/openssl/KAEUseEngineTest.java b/jdk/test/org/openeuler/security/openssl/KAEUseEngineTest.java +new file mode 100644 +index 000000000..4e57f775e +--- /dev/null ++++ b/jdk/test/org/openeuler/security/openssl/KAEUseEngineTest.java +@@ -0,0 +1,262 @@ ++/* ++ * Copyright (c) 2022, Huawei Technologies Co., Ltd. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++import org.openeuler.security.openssl.KAEProvider; ++ ++import java.io.File; ++import java.io.IOException; ++import java.util.ArrayList; ++import java.util.Arrays; ++import java.util.HashMap; ++import java.util.List; ++import java.util.Map; ++ ++/* ++ * @test ++ * @summary Test KAE property kae..useKaeEngine ++ * @requires os.arch=="aarch64" ++ * @run main/othervm -Dkae.log=true -Dall.test=default KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.digest.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.aes.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.sm4.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.hmac.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.rsa.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.dh.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.ec.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dall.test=enable -Dkae.digest.useKaeEngine=true -Dkae.aes.useKaeEngine=true -Dkae.sm4.useKaeEngine=true -Dkae.hmac.useKaeEngine=true -Dkae.rsa.useKaeEngine=true -Dkae.dh.useKaeEngine=true -Dkae.ec.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.digest.useKaeEngine=false KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.aes.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.sm4.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.hmac.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.rsa.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.dh.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.ec.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dall.test=disable -Dkae.digest.useKaeEngine=false -Dkae.aes.useKaeEngine=false -Dkae.sm4.useKaeEngine=false -Dkae.hmac.useKaeEngine=false -Dkae.rsa.useKaeEngine=false -Dkae.dh.useKaeEngine=false -Dkae.ec.useKaeEngine=false KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dall.test=default -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.digest.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.aes.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.sm4.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.hmac.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.rsa.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.dh.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.ec.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dall.test=enable -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.digest.useKaeEngine=true -Dkae.aes.useKaeEngine=true -Dkae.sm4.useKaeEngine=true -Dkae.hmac.useKaeEngine=true -Dkae.rsa.useKaeEngine=true -Dkae.dh.useKaeEngine=true -Dkae.ec.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.digest.useKaeEngine=false KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.aes.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.sm4.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.hmac.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.rsa.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.dh.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.ec.useKaeEngine=true KAEUseEngineTest ++ * @run main/othervm -Dkae.log=true -Dall.test=disable -Dkae.engine.id=uadk_engine -Dkae.libcrypto.useGlobalMode=true -Dkae.digest.useKaeEngine=false -Dkae.aes.useKaeEngine=false -Dkae.sm4.useKaeEngine=false -Dkae.hmac.useKaeEngine=false -Dkae.rsa.useKaeEngine=false -Dkae.dh.useKaeEngine=false -Dkae.ec.useKaeEngine=false KAEUseEngineTest ++ */ ++public class KAEUseEngineTest { ++ enum Mode { ++ DEFAULT(new boolean[]{ ++ true, false, false, true, false, false, false, false, false, false, ++ false, false, false, false, false, false, true, true, true, true, ++ false, false, false, false, false, false, true, true, false ++ }), ++ DIGEST_ENABLE(new boolean[]{ ++ true, false, false, true, false, false, false, false, false, false, ++ false, false, false, false, false, false, true, true, true, true, ++ false, false, false, false, false, false, true, true, false ++ }, 0, true), ++ AES_ENABLE(new boolean[]{ ++ true, false, false, true, true, true, true, true, true, true, ++ true, true, true, true, true, true, true, true, true, true, ++ false, false, false, false, false, false, true, true, false ++ }, 1, true), ++ SM4_ENABLE(new boolean[]{ ++ true, false, false, true, false, false, false, false, false, false, ++ false, false, false, false, false, false, true, true, true, true, ++ false, false, false, false, false, false, true, true, false ++ }, 2, true), ++ HMAC_ENABLE(new boolean[]{ ++ true, false, false, true, false, false, false, false, false, false, ++ false, false, false, false, false, false, true, true, true, true, ++ true, true, true, true, true, true, true, true, false ++ }, 3, true), ++ RSA_ENABLE(new boolean[]{ ++ true, false, false, true, false, false, false, false, false, false, ++ false, false, false, false, false, false, true, true, true, true, ++ false, false, false, false, false, false, true, true, false ++ }, 4, true), ++ DH_ENABLE(new boolean[]{ ++ true, false, false, true, false, false, false, false, false, false, ++ false, false, false, false, false, false, true, true, true, true, ++ false, false, false, false, false, false, true, true, false ++ }, 5, true), ++ EC_ENABLE(new boolean[]{ ++ true, false, false, true, false, false, false, false, false, false, ++ false, false, false, false, false, false, true, true, true, true, ++ false, false, false, false, false, false, true, true, false ++ }, 6, true), ++ ALL_ENABLE(new boolean[]{ ++ true, false, false, true, true, true, true, true, true, true, ++ true, true, true, true, true, true, true, true, true, true, ++ true, true, true, true, true, true, true, true, false ++ }, true), ++ DIGEST_DISABLE(new boolean[]{ ++ false, false, false, false, false, false, false, false, false, false, ++ false, false, false, false, false, false, true, true, true, true, ++ false, false, false, false, false, false, true, true, false ++ }, 0, false), ++ AES_DISABLE(new boolean[]{ ++ true, false, false, true, false, false, false, false, false, false, ++ false, false, false, false, false, false, true, true, true, true, ++ false, false, false, false, false, false, true, true, false ++ }, 1, false), ++ SM4_DISABLE(new boolean[]{ ++ true, false, false, true, false, false, false, false, false, false, ++ false, false, false, false, false, false, false, false, false, false, ++ false, false, false, false, false, false, true, true, false ++ }, 2, false), ++ HMAC_DISABLE(new boolean[]{ ++ true, false, false, true, false, false, false, false, false, false, ++ false, false, false, false, false, false, true, true, true, true, ++ false, false, false, false, false, false, true, true, false ++ }, 3, false), ++ RSA_DISABLE(new boolean[]{ ++ true, false, false, true, false, false, false, false, false, false, ++ false, false, false, false, false, false, true, true, true, true, ++ false, false, false, false, false, false, false, true, false ++ }, 4, false), ++ DH_DISABLE(new boolean[]{ ++ true, false, false, true, false, false, false, false, false, false, ++ false, false, false, false, false, false, true, true, true, true, ++ false, false, false, false, false, false, true, false, false ++ }, 5, false), ++ EC_DISABLE(new boolean[]{ ++ true, false, false, true, false, false, false, false, false, false, ++ false, false, false, false, false, false, true, true, true, true, ++ false, false, false, false, false, false, true, true, false ++ }, 6, false), ++ ALL_DISABLE(new boolean[]{ ++ false, false, false, false, false, false, false, false, false, false, ++ false, false, false, false, false, false, false, false, false, false, ++ false, false, false, false, false, false, false, false, false ++ }, false); ++ private final boolean[] expectedResult; ++ private final Integer propertyNameIndex; ++ private final boolean enable; ++ private static final Map modeMap = new HashMap<>(); ++ ++ static { ++ Mode[] modes = Mode.values(); ++ for (Mode mode : modes) { ++ if (mode.propertyNameIndex != null) { ++ modeMap.put(PROPERTY_NAMES[mode.propertyNameIndex] + ":" + mode.enable, mode); ++ } ++ } ++ modeMap.put("default", DEFAULT); ++ modeMap.put("disable", ALL_DISABLE); ++ modeMap.put("enable", ALL_ENABLE); ++ } ++ ++ Mode(boolean[] expectedResult) { ++ this(expectedResult, false); ++ } ++ ++ Mode(boolean[] expectedResult, boolean enable) { ++ this(expectedResult, null, enable); ++ } ++ ++ Mode(boolean[] expectedResult, Integer propertyNameIndex, boolean enable) { ++ this.expectedResult = expectedResult; ++ this.propertyNameIndex = propertyNameIndex; ++ this.enable = enable; ++ } ++ ++ static Mode getMode(String name, Boolean enable) { ++ return modeMap.get(name + ":" + enable); ++ } ++ ++ static Mode getMode(String key) { ++ return modeMap.get(key); ++ } ++ } ++ ++ private static final String KAE_LOG_PATH = System.getProperty("user.dir") + ++ File.separator + "kae.log"; ++ ++ private static final String[] PROPERTY_NAMES = new String[]{ ++ "kae.digest.useKaeEngine", ++ "kae.aes.useKaeEngine", ++ "kae.sm4.useKaeEngine", ++ "kae.hmac.useKaeEngine", ++ "kae.rsa.useKaeEngine", ++ "kae.dh.useKaeEngine", ++ "kae.ec.useKaeEngine" ++ }; ++ ++ private static final List files = new ArrayList<>(); ++ ++ public static void main(String[] args) throws IOException { ++ KAETestHelper.Engine engine = KAETestHelper.getEngine(); ++ if (!engine.isValid()) { ++ System.out.println("Skip test, engine " + engine.getEngineId() + " does not exist."); ++ return; ++ } ++ Mode mode = getMode(); ++ if (mode == null) { ++ throw new RuntimeException("test failed: mode is null"); ++ } ++ ++ try { ++ new KAEProvider(); ++ test(mode, engine); ++ } finally { ++ KAETestHelper.cleanUp(files); ++ } ++ } ++ ++ private static Mode getMode() { ++ String value = System.getProperty("all.test"); ++ if (value != null) { ++ return Mode.getMode(value); ++ } ++ for (String propertyName : PROPERTY_NAMES) { ++ String property = System.getProperty(propertyName); ++ Boolean enable = null; ++ if (property != null) { ++ enable = Boolean.valueOf(property); ++ } ++ Mode mode = Mode.getMode(propertyName, enable); ++ if (mode != null) { ++ return mode; ++ } ++ } ++ return null; ++ } ++ ++ private static void test(Mode mode, KAETestHelper.Engine engine) throws IOException { ++ File file = new File(KAE_LOG_PATH); ++ files.add(file); ++ boolean[] kaeUseEngineFlags = KAETestHelper.parseLog(engine, file); ++ if (!Arrays.equals(mode.expectedResult, kaeUseEngineFlags)) { ++ throw new RuntimeException("test failed : expected : " + Arrays.toString(mode.expectedResult) + "," + ++ "actual:" + Arrays.toString(kaeUseEngineFlags)); ++ } ++ } ++} +diff --git a/jdk/test/org/openeuler/security/openssl/KaeDebugLogTest.java b/jdk/test/org/openeuler/security/openssl/KaeDebugLogTest.java +new file mode 100644 +index 000000000..bcce9cb8b +--- /dev/null ++++ b/jdk/test/org/openeuler/security/openssl/KaeDebugLogTest.java +@@ -0,0 +1,88 @@ ++/* ++ * Copyright (c) 2021, Huawei Technologies Co., Ltd. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++import org.openeuler.security.openssl.KAEProvider; ++ ++import javax.crypto.Cipher; ++import javax.crypto.spec.SecretKeySpec; ++import java.io.PrintStream; ++import java.nio.charset.StandardCharsets; ++import java.nio.file.Files; ++import java.nio.file.Paths; ++import java.security.Security; ++import java.util.Objects; ++import java.util.stream.Collectors; ++import java.util.stream.Stream; ++ ++/** ++ * @test ++ * @summary test for KaeDebugLogTest ++ * @requires os.arch=="aarch64" ++ * @run main/othervm -Djava.security.debug=kae -Dkae.sm4.maxChunkSize=65536 KaeDebugLogTest ++ * @run main/othervm -Djava.security.debug=kae KaeDebugLogTest ++ * @run main/othervm -Djava.security.auth.debug=kae KaeDebugLogTest ++ * @run main/othervm KaeDebugLogTest ++ */ ++ ++public class KaeDebugLogTest { ++ ++ private static final PrintStream err = System.err; ++ ++ public static void main(String[] args) throws Exception { ++ PrintStream printStream = new PrintStream("kaetest.out"); ++ System.setErr(printStream); ++ testDebugLog(); ++ System.setErr(printStream); ++ testSm4ChunkSize(); ++ } ++ ++ public static void testDebugLog() throws Exception { ++ new KAEProvider(); ++ Stream lines = Files.lines(Paths.get("kaetest.out")); ++ System.setErr(err); ++ String content = lines.collect(Collectors.joining(System.lineSeparator())); ++ if(("kae".equals(System.getProperty("java.security.debug")) ++ || "kae".equals(System.getProperty("java.security..auth.debug"))) ++ && !content.contains("reading kae properties file:")){ ++ throw new RuntimeException("KaeDebugLogTest Failed! Failed to set the debug log."); ++ } ++ lines.close(); ++ } ++ ++ public static void testSm4ChunkSize() throws Exception { ++ Security.insertProviderAt(new KAEProvider(), 1); ++ Cipher cipher = Cipher.getInstance("SM4"); ++ cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec("sm4EncryptionKey".getBytes(StandardCharsets.UTF_8), "SM4")); ++ Stream lines = Files.lines(Paths.get("kaetest.out")); ++ System.setErr(err); ++ String content = lines.collect(Collectors.joining(System.lineSeparator())); ++ String log = "The configured chunk size is " + System.getProperty("kae.sm4.maxChunkSize"); ++ if(("kae".equals(System.getProperty("java.security.debug")) ++ || "kae".equals(System.getProperty("java.security..auth.debug"))) ++ && Objects.nonNull(System.getProperty("kae.sm4.maxChunkSize")) &&!content.contains(log)){ ++ throw new RuntimeException("KaeDebugLogTest Failed! Failed to set the kae.sm4.maxChunkSize = " + System.getProperty("kae.sm4.maxChunkSize")); ++ } ++ lines.close(); ++ } ++ ++} +diff --git a/jdk/test/org/openeuler/security/openssl/KaeProviderTest.java b/jdk/test/org/openeuler/security/openssl/KaeProviderTest.java +new file mode 100644 +index 000000000..d8587891b +--- /dev/null ++++ b/jdk/test/org/openeuler/security/openssl/KaeProviderTest.java +@@ -0,0 +1,170 @@ ++/* ++ * Copyright (c) 2021, Huawei Technologies Co., Ltd. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++import org.openeuler.security.openssl.KAEProvider; ++ ++import javax.crypto.Cipher; ++import javax.crypto.Mac; ++import javax.crypto.NoSuchPaddingException; ++import java.security.KeyPairGenerator; ++import java.security.MessageDigest; ++import java.security.NoSuchAlgorithmException; ++import java.security.Security; ++ ++/** ++ * @test ++ * @requires os.arch=="aarch64" ++ * @summary test for KaeProviderTest ++ * @run main/othervm KaeProviderTest ++ * @run main/othervm KaeProviderTest true ++ * @run main/othervm KaeProviderTest false ++ * @run main/othervm KaeProviderTest wrong ++ */ ++ ++public class KaeProviderTest { ++ ++ private static final String[] algorithmKaeProviderPropertyNames = new String[]{ ++ "kae.md5", ++ "kae.sha256", ++ "kae.sha384", ++ "kae.sm3", ++ "kae.aes", ++ "kae.sm4", ++ "kae.hmac", ++ "kae.rsa", ++ "kae.dh", ++ "kae.ec" ++ }; ++ ++ private static final String KAE = "KAEProvider"; ++ ++ public static void main(String[] args) throws Exception { ++ initProperty(args); ++ Security.insertProviderAt(new KAEProvider(), 1); ++ testALL(); ++ } ++ ++ private static void initProperty(String[] args) { ++ if (args.length <= 0) { ++ return; ++ } ++ String value = args[0]; ++ for (String name : algorithmKaeProviderPropertyNames){ ++ System.setProperty(name,value); ++ } ++ } ++ ++ public static void testALL() throws Exception { ++ testMd5(); ++ testSha256(); ++ testSha384(); ++ testSm3(); ++ testAes(); ++ testSm4(); ++ testHmac(); ++ testRsa(); ++ testDh(); ++ testEc(); ++ } ++ ++ public static void testMd5() throws NoSuchAlgorithmException { ++ MessageDigest messageDigest = MessageDigest.getInstance("MD5"); ++ judge("kae.md5",messageDigest.getProvider().getName()); ++ ++ } ++ ++ public static void testSha256() throws NoSuchAlgorithmException { ++ MessageDigest messageDigest = MessageDigest.getInstance("SHA-256"); ++ judge("kae.sha256",messageDigest.getProvider().getName()); ++ } ++ ++ public static void testSha384() throws NoSuchAlgorithmException { ++ MessageDigest messageDigest = MessageDigest.getInstance("SHA-384"); ++ judge("kae.sha384",messageDigest.getProvider().getName()); ++ } ++ ++ public static void testSm3() throws NoSuchAlgorithmException { ++ try{ ++ MessageDigest messageDigest = MessageDigest.getInstance("SM3"); ++ judge("kae.sm3",messageDigest.getProvider().getName()); ++ }catch (NoSuchAlgorithmException e){ ++ if(Boolean.parseBoolean(System.getProperty("kae.sm3"))){ ++ throw e; ++ } ++ } ++ } ++ ++ public static void testAes() throws NoSuchAlgorithmException, NoSuchPaddingException { ++ Cipher cipher = Cipher.getInstance("AES"); ++ judge("kae.aes",cipher.getProvider().getName()); ++ } ++ ++ public static void testSm4() throws NoSuchAlgorithmException, NoSuchPaddingException { ++ try{ ++ Cipher cipher = Cipher.getInstance("SM4"); ++ judge("kae.sm4",cipher.getProvider().getName()); ++ }catch (NoSuchAlgorithmException e){ ++ if(Boolean.parseBoolean(System.getProperty("kae.sm4"))){ ++ throw e; ++ } ++ } ++ } ++ ++ public static void testHmac() throws NoSuchAlgorithmException { ++ Mac mac = Mac.getInstance("HmacMD5"); ++ judge("kae.hmac",mac.getProvider().getName()); ++ } ++ ++ public static void testRsa() throws NoSuchAlgorithmException, NoSuchPaddingException { ++ Cipher cipher = Cipher.getInstance("RSA"); ++ judge("kae.rsa",cipher.getProvider().getName()); ++ } ++ ++ public static void testDh() throws NoSuchAlgorithmException { ++ KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DH"); ++ judge("kae.dh",keyPairGenerator.getProvider().getName()); ++ } ++ ++ public static void testEc() throws NoSuchAlgorithmException { ++ KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC"); ++ judge("kae.ec",keyPairGenerator.getProvider().getName()); ++ } ++ ++ private static void judge(String algorithm , String providerName){ ++ String value = System.getProperty(algorithm); ++ if (value == null) { ++ if (!KAE.equals(providerName)) { ++ throw new RuntimeException("KaeProviderTest Failed! default Provider.name is not right!"); ++ } ++ } else { ++ if (Boolean.parseBoolean(value) && !KAE.equals(providerName)) { ++ throw new RuntimeException("KaeProviderTest Failed! " + algorithm + " is " + value + "," + ++ " Provider.name is not right!"); ++ } ++ if (!Boolean.parseBoolean(value) && KAE.equals(providerName)) { ++ throw new RuntimeException("KaeProviderTest Failed! " + algorithm + " is " + value + ", " + ++ " Provider.name is not right!"); ++ } ++ } ++ } ++} +diff --git a/jdk/test/org/openeuler/security/openssl/RSATest.java b/jdk/test/org/openeuler/security/openssl/RSATest.java +new file mode 100644 +index 000000000..1f740af0b +--- /dev/null ++++ b/jdk/test/org/openeuler/security/openssl/RSATest.java +@@ -0,0 +1,137 @@ ++/* ++ * Copyright (c) 2022, Huawei Technologies Co., Ltd. All rights reserved. ++ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ++ * ++ * This code is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License version 2 only, as ++ * published by the Free Software Foundation. ++ * ++ * This code is distributed in the hope that it will be useful, but WITHOUT ++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * version 2 for more details (a copy is included in the LICENSE file that ++ * accompanied this code). ++ * ++ * You should have received a copy of the GNU General Public License version ++ * 2 along with this work; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ++ * ++ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ++ * or visit www.oracle.com if you need additional information or have any ++ * questions. ++ */ ++ ++import org.openeuler.security.openssl.KAEProvider; ++ ++import java.nio.charset.StandardCharsets; ++import java.security.*; ++import java.security.spec.*; ++import javax.crypto.Cipher; ++ ++/** ++ * @test ++ * @summary Basic test for RSA ++ * @run main RSATest ++ */ ++ ++public class RSATest { ++ private static final String algorithm = "RSA"; ++ private static KeyPairGenerator keyPairGenerator; ++ private static byte[] privateKey; ++ private static byte[] publicKey; ++ private static String plainText = "helloworld"; ++ // 512, 768, ++ private static int[] keySizes = {1024, 2048, 4096, 5120, 6144}; ++ private static String[] signAlgorithms = { ++ "MD2withRSA", "MD5withRSA", "SHA1withRSA", "SHA224withRSA", "SHA256withRSA", "SHA384withRSA", "SHA512withRSA" ++ }; ++ private static String[] signAlgorithmsPSS = {"SHA-1", "SHA-224", "SHA-256", "SHA-384", "SHA-512"}; ++ ++ public static void main(String[] args) throws Exception { ++ Security.insertProviderAt(new KAEProvider(), 1); ++ ++ for (int keySize : keySizes) { ++ testKeyPairByKeySize(keySize); ++ testRSACipher(keySize); ++ testSignature(); ++ testPSSSignature(keySize); ++ } ++ } ++ ++ public static void testKeyPairByKeySize(int keySize) throws Exception { ++ keyPairGenerator = KeyPairGenerator.getInstance(algorithm); ++ keyPairGenerator.initialize(keySize); ++ KeyPair keyPair = keyPairGenerator.generateKeyPair(); ++ ++ PrivateKey pairPrivate = keyPair.getPrivate(); ++ PublicKey pairPublic = keyPair.getPublic(); ++ ++ privateKey = pairPrivate.getEncoded(); ++ publicKey = pairPublic.getEncoded(); ++ } ++ ++ public static void testRSACipher(int keySize) throws Exception { ++ PublicKey pubKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(publicKey)); ++ Cipher cipher = Cipher.getInstance("RSA"); ++ cipher.init(Cipher.ENCRYPT_MODE, pubKey); ++ ++ byte[] cipherText = cipher.doFinal(plainText.getBytes(StandardCharsets.UTF_8)); ++ ++ PrivateKey priKey = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(privateKey)); ++ ++ cipher.init(Cipher.DECRYPT_MODE, priKey); ++ ++ String decryptText = new String(cipher.doFinal(cipherText)); ++ ++ if (!plainText.equals(decryptText)) { ++ throw new RuntimeException("rsa decryption failed. keySize = " + keySize); ++ } ++ } ++ ++ public static void testSignature() throws Exception { ++ PrivateKey priKey = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(privateKey)); ++ PublicKey pubKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(publicKey)); ++ ++ for (String algorithm : signAlgorithms) { ++ Signature sign = Signature.getInstance(algorithm); ++ sign.initSign(priKey); ++ sign.update(plainText.getBytes()); ++ byte[] signInfo = sign.sign(); ++ ++ sign.initVerify(pubKey); ++ sign.update(plainText.getBytes()); ++ if (!sign.verify(signInfo)) { ++ throw new RuntimeException("rsa testSignature failed. digest algorithm = " + algorithm); ++ } ++ } ++ } ++ ++ public static void testPSSSignature(int keySize) throws Exception { ++ PrivateKey priKey = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(privateKey)); ++ PublicKey pubKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(publicKey)); ++ ++ Signature sign = Signature.getInstance("RSASSA-PSS"); ++ ++ for (String algorithm : signAlgorithmsPSS) { ++ if (algorithm.equals(signAlgorithmsPSS[4]) && keySize <= 1024) { ++ continue; ++ } ++ sign.initSign(priKey); ++ ++ MessageDigest digest = MessageDigest.getInstance(algorithm); ++ byte[] digestByte = digest.digest(plainText.getBytes()); ++ sign.setParameter( ++ new PSSParameterSpec(algorithm, "MGF1", new MGF1ParameterSpec(algorithm), digestByte.length, 1)); ++ ++ sign.update(plainText.getBytes()); ++ byte[] signInfo = sign.sign(); ++ ++ sign.initVerify(pubKey); ++ ++ sign.update(plainText.getBytes()); ++ if (!sign.verify(signInfo)) { ++ throw new RuntimeException("rsa testPSSSignature failed. digest algorithm = " + algorithm); ++ } ++ } ++ } ++} +diff --git a/jdk/test/org/openeuler/security/openssl/SM3Test.java b/jdk/test/org/openeuler/security/openssl/SM3Test.java +deleted file mode 100644 +index 181f708ff..000000000 +--- a/jdk/test/org/openeuler/security/openssl/SM3Test.java ++++ /dev/null +@@ -1,54 +0,0 @@ +-/* +- * Copyright (c) 2021, Huawei Technologies Co., Ltd. All rights reserved. +- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +- * +- * This code is free software; you can redistribute it and/or modify it +- * under the terms of the GNU General Public License version 2 only, as +- * published by the Free Software Foundation. +- * +- * This code is distributed in the hope that it will be useful, but WITHOUT +- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +- * version 2 for more details (a copy is included in the LICENSE file that +- * accompanied this code). +- * +- * You should have received a copy of the GNU General Public License version +- * 2 along with this work; if not, write to the Free Software Foundation, +- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +- * +- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +- * or visit www.oracle.com if you need additional information or have any +- * questions. +- */ +- +-import org.openeuler.security.openssl.KAEProvider; +-import java.nio.charset.StandardCharsets; +-import java.util.Arrays; +-import java.security.MessageDigest; +-import java.security.Security; +- +-/** +- * @test +- * @summary Basic test for sm3 +- * @run main SM3Test +- */ +- +-public class SM3Test { +- +- private static String plainText = "helloworldhellow"; +- +- public static void main(String[] args) throws Exception { +- Security.insertProviderAt(new KAEProvider(), 1); +- test(plainText, "SM3", new byte[]{40, -103, -71, 4, -80, -49, 94, 112, 11, -75, -66, 121, 63, 80, 62, -14, -45, -75, -34, 66, -77, -34, -26, 26, 33, -23, 45, 52, -74, 67, -18, 118}); +- } +- +- public static void test(String plainText, String algo, byte[] expectRes) throws Exception { +- MessageDigest md = MessageDigest.getInstance(algo); +- md.update(plainText.getBytes(StandardCharsets.UTF_8)); +- byte[] res = md.digest(); +- if (!Arrays.equals(res, expectRes)) { +- throw new RuntimeException("sm3 failed"); +- } +- } +- +-} +diff --git a/jdk/test/org/openeuler/security/openssl/SM4Test.java b/jdk/test/org/openeuler/security/openssl/SM4Test.java +index 4c28dc5b6..1029fe897 100644 +--- a/jdk/test/org/openeuler/security/openssl/SM4Test.java ++++ b/jdk/test/org/openeuler/security/openssl/SM4Test.java +@@ -22,9 +22,10 @@ + */ + + import org.openeuler.security.openssl.KAEProvider; ++ ++import java.nio.ByteBuffer; + import java.nio.charset.StandardCharsets; + import java.util.Arrays; +-import java.security.NoSuchAlgorithmException; + import java.security.Security; + import javax.crypto.Cipher; + import javax.crypto.spec.IvParameterSpec; +@@ -55,6 +56,25 @@ public class SM4Test { + test(shortPlainText, "SM4/OFB/PKCS5Padding", new byte[]{32, 108, 35, 108, -16, 119, -111, 114, 94, 110}); + + testCtrShortIv(plainText, "SM4/CTR/NOPADDING", new byte[]{-13, 73, 40, -36, -64, -67, 75, -72, 90, 58, 73, -4, -36, 115, 126, -48}); ++ ++ testByteBuffer(plainText, "SM4/CBC/NOPADDING", new byte[]{86, 69, 47, -115, -63, 54, 35, 24, -2, 114, 113, 102, 82, 20, 69, 59}); ++ testByteBuffer(shortPlainText, "SM4/CBC/PKCS5Padding", new byte[]{10, 105, 75, -80, -85, -68, 13, -53, 42, 91, -64, 99, 104, 35, -85, 8}); ++ testByteBuffer(plainText, "SM4/ECB/NOPADDING", new byte[]{103, 36, -31, -53, -109, -12, -71, -79, -54, 106, 10, -3, -35, -22, -122, -67}); ++ testByteBuffer(shortPlainText, "SM4/ECB/PKCS5Padding", new byte[]{-10, 99, -9, 90, 58, -36, -109, 54, -55, -52, 7, -49, 110, -88, 72, 40}); ++ testByteBuffer(plainText, "SM4/CTR/NOPADDING", new byte[]{32, 108, 35, 108, -16, 119, -111, 114, 94, 110, -100, -113, -46, -29, -11, 71}); ++ testByteBuffer(plainText, "SM4/OFB/NOPADDING", new byte[]{32, 108, 35, 108, -16, 119, -111, 114, 94, 110, -100, -113, -46, -29, -11, 71}); ++ testByteBuffer(shortPlainText, "SM4/OFB/PKCS5Padding", new byte[]{32, 108, 35, 108, -16, 119, -111, 114, 94, 110}); ++ ++ System.setProperty("kae.sm4.maxChunkSize", "65536"); ++ testByteBuffer(plainText, "SM4/CBC/NOPADDING", new byte[]{86, 69, 47, -115, -63, 54, 35, 24, -2, 114, 113, 102, 82, 20, 69, 59}); ++ testByteBuffer(shortPlainText, "SM4/CBC/PKCS5Padding", new byte[]{10, 105, 75, -80, -85, -68, 13, -53, 42, 91, -64, 99, 104, 35, -85, 8}); ++ testByteBuffer(plainText, "SM4/ECB/NOPADDING", new byte[]{103, 36, -31, -53, -109, -12, -71, -79, -54, 106, 10, -3, -35, -22, -122, -67}); ++ testByteBuffer(shortPlainText, "SM4/ECB/PKCS5Padding", new byte[]{-10, 99, -9, 90, 58, -36, -109, 54, -55, -52, 7, -49, 110, -88, 72, 40}); ++ testByteBuffer(plainText, "SM4/CTR/NOPADDING", new byte[]{32, 108, 35, 108, -16, 119, -111, 114, 94, 110, -100, -113, -46, -29, -11, 71}); ++ testByteBuffer(plainText, "SM4/OFB/NOPADDING", new byte[]{32, 108, 35, 108, -16, 119, -111, 114, 94, 110, -100, -113, -46, -29, -11, 71}); ++ testByteBuffer(shortPlainText, "SM4/OFB/PKCS5Padding", new byte[]{32, 108, 35, 108, -16, 119, -111, 114, 94, 110}); ++ ++ + } + + public static void test(String plainText, String algo, byte[] expectRes) throws Exception { +@@ -92,4 +112,44 @@ public class SM4Test { + throw new RuntimeException("sm4 decryption failed, algo = " + algo); + } + } ++ ++ public static void testByteBuffer(String plainText, String algo, byte[] expectRes) throws Exception { ++ // encrypt ++ Cipher encryptCipher = Cipher.getInstance(algo); ++ if (algo.contains("ECB")) { ++ encryptCipher.init(Cipher.ENCRYPT_MODE, ks); ++ } else { ++ encryptCipher.init(Cipher.ENCRYPT_MODE, ks, iv); ++ } ++ int inputLen = plainText.length(); ++ ByteBuffer sourceByteBuffer = ByteBuffer.allocateDirect(inputLen); ++ sourceByteBuffer.put(plainText.getBytes()); ++ sourceByteBuffer.flip(); ++ int outputLen = encryptCipher.getOutputSize(inputLen); ++ ByteBuffer encryptedByteBuffer = ByteBuffer.allocate(outputLen); ++ encryptCipher.doFinal(sourceByteBuffer,encryptedByteBuffer); ++ encryptedByteBuffer.flip(); ++ byte[] encryptedBytes = new byte[encryptedByteBuffer.limit()]; ++ encryptedByteBuffer.get(encryptedBytes); ++ if (!Arrays.equals(encryptedBytes, expectRes)) { ++ throw new RuntimeException("sm4 encryption failed, algo = " + algo); ++ } ++ sourceByteBuffer.clear(); ++ encryptedByteBuffer.flip(); ++ ++ // decrypt ++ Cipher decryptCipher = Cipher.getInstance(algo); ++ decryptCipher.init(Cipher.DECRYPT_MODE, ks, encryptCipher.getParameters()); ++ outputLen = decryptCipher.getOutputSize(encryptedBytes.length); ++ ByteBuffer decryptedByteBuffer = ByteBuffer.allocate(outputLen); ++ decryptCipher.doFinal(encryptedByteBuffer, decryptedByteBuffer); ++ decryptedByteBuffer.flip(); ++ byte[] decryptedBytes = new byte[decryptedByteBuffer.limit()]; ++ decryptedByteBuffer.get(decryptedBytes); ++ if (!Arrays.equals(plainText.getBytes(), decryptedBytes)) { ++ throw new RuntimeException("sm4 decryption failed, algo = " + algo); ++ } ++ encryptedByteBuffer.clear(); ++ decryptedByteBuffer.clear(); ++ } + } +-- +2.17.1 + diff --git a/openjdk-1.8.0.spec b/openjdk-1.8.0.spec index c5b3d01..99e4e66 100644 --- a/openjdk-1.8.0.spec +++ b/openjdk-1.8.0.spec @@ -583,7 +583,7 @@ exit 0 %{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libnpt.so %ifarch %{aarch64} %{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libj2kae.so -%{_jvmdir}/%{jredir -- %{?1}}/lib/ext/kaeprovider.conf +%{_jvmdir}/%{jredir -- %{?1}}/lib/kaeprovider.conf %endif %ifarch %{sa_arches} %{_jvmdir}/%{jredir -- %{?1}}/lib/%{archinstall}/libsaproc.so @@ -916,7 +916,7 @@ Provides: java-%{javaver}-%{origin}-accessibility%{?1} = %{epoch}:%{version}-%{r Name: java-%{javaver}-%{origin} Version: %{javaver}.%{updatever}.%{buildver} -Release: 4 +Release: 5 # java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons # and this change was brought into RHEL-4. java-1.5.0-ibm packages # also included the epoch in their virtual provides. This created a @@ -1140,6 +1140,7 @@ Patch250: modify_coding_style_and_describe_error.patch Patch251: fix_wrap_memcpy_undefined_gcc10_3.patch Patch252: 8290705_fix_StringConcat_validate_mem_flow_asserts_with_unexpected_userStoreI.patch Patch253: 8143925-enhancing-CounterMode.crypt-for-AESCrypt.patch +Patch254: kae-usability-enhancement.patch ############################################# # @@ -1620,6 +1621,7 @@ pushd %{top_level_dir_name} %patch251 -p1 %patch252 -p1 %patch253 -p1 +%patch254 -p1 popd # System library fixes @@ -2244,6 +2246,8 @@ cjc.mainProgram(arg) %endif %changelog +* Thu Sep 15 2022 kuenking111 - 1:1.8.0.342-b07.5 +- add kae-usability-enhancement.patch * Thu Sep 15 2022 kuenking111 - 1:1.8.0.342-b07.4 - add 8143925-enhancing-CounterMode.crypt-for-AESCrypt.patch