packages/openjdk-17
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

I9I36F:update to 17.0.11

Browse Source
This commit is contained in:
Autistic_boyya 2024-04-19 15:20:47 +08:00
parent 1eb0e90c70
commit 7ff969c7e7
4 changed files with 8 additions and 890 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
8295068-SSLEngine-throws-NPE-parsing-CertificateRequ.patch
View File

@ -1,23 +0,0 @@
From 32dbeb16c3fd9e63ebc16b69861b15bb6d2f48bb Mon Sep 17 00:00:00 2001
Subject: 8295068: SSLEngine throws NPE parsing CertificateRequests
---
.../share/classes/sun/security/ssl/CertificateRequest.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/java.base/share/classes/sun/security/ssl/CertificateRequest.java b/src/java.base/share/classes/sun/security/ssl/CertificateRequest.java
index 4def03c67..1f6147e4a 100644
--- a/src/java.base/share/classes/sun/security/ssl/CertificateRequest.java
+++ b/src/java.base/share/classes/sun/security/ssl/CertificateRequest.java
@@ -136,7 +136,7 @@ final class CertificateRequest {
ArrayList<String> keyTypes = new ArrayList<>(3);
for (byte id : ids) {
ClientCertificateType cct = ClientCertificateType.valueOf(id);
- if (cct.isAvailable) {
+ if (cct != null && cct.isAvailable) {
cct.keyAlgorithm.forEach(key -> {
if (!keyTypes.contains(key)) {
keyTypes.add(key);
--
2.22.0

BIN
jdk-updates-jdk17u-jdk-17.0.10+7.tar.gz → jdk-updates-jdk17u-jdk-17.0.11+9.tar.gz
View File

Binary file not shown.

12
openjdk-17.spec
View File

@ -161,7 +161,7 @@
# Used via new version scheme. JDK 17 was
# GA'ed in March 2021 => 21.9
%global vendor_version_string 21.9
%global securityver 10
%global securityver 11
# buildjdkver is usually same as %%{majorver},
# but in time of bootstrap of next jdk, it is majorver-1,
# and this it is better to change it here, on single place
@ -183,7 +183,7 @@
%global origin_nice OpenJDK
%global top_level_dir_name %{origin}
%global minorver 0
%global buildver 7
%global buildver 9
# priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit
%if %is_system_jdk
%global priority %( printf '%02d%02d%02d%02d' %{majorver} %{minorver} %{securityver} %{buildver} )
@ -893,7 +893,7 @@ Provides: java-src%{?1} = %{epoch}:%{version}-%{release}
Name: java-%{javaver}-%{origin}
Version: %{newjavaver}.%{buildver}
Release: 2
Release: 0
# java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons
# and this change was brought into RHEL-4. java-1.5.0-ibm packages
@ -995,7 +995,6 @@ Patch31: add-8292296-Use-multiple-threads-to-process-Par.patch
Patch32: fix-cds-SignedJar_java-test-fails.patch
# 17.0.9
Patch33: 8295068-SSLEngine-throws-NPE-parsing-CertificateRequ.patch
Patch36: 8314236-Overflow-in-Collections.rotate.patch
Patch41: 8312200-Fix-Parse-catch_call_exceptions-memory-leak.patch
Patch42: Add-problemlist.patch
@ -1252,7 +1251,6 @@ pushd %{top_level_dir_name}
%patch30 -p1
%patch31 -p1
%patch32 -p1
%patch33 -p1
%patch36 -p1
%patch41 -p1
%patch42 -p1
@ -1822,6 +1820,10 @@ cjc.mainProgram(arg)
%changelog
* Thu Apr 18 2024 Autistic_boyya <wangzhongyi7@huawei.com> - 1:17.0.11.9-0.rolling
- del 8295068-SSLEngine-throws-NPE-parsing-CertificateRequ.patch
- modify puyuan-jdk17.0.9-patch.patch
* Mon Feb 26 2024 misaka00251 <liuxin@iscas.ac.cn> - 1:17.0.10.9-2
- Remove riscv64 support patch, already upstreamed

861
puyuan-jdk17.0.9-patch.patch
View File

@ -175,20 +175,6 @@ index 6c6ded24c..823aa6975 100644
static volatile bool _has_work;
diff --git a/src/hotspot/share/gc/shenandoah/shenandoahFullGC.cpp b/src/hotspot/share/gc/shenandoah/shenandoahFullGC.cpp
index 26c31356f..5e0b3ebdb 100644
--- a/src/hotspot/share/gc/shenandoah/shenandoahFullGC.cpp
+++ b/src/hotspot/share/gc/shenandoah/shenandoahFullGC.cpp
@@ -908,6 +908,9 @@ public:
// Make empty regions that have been allocated into regular
if (r->is_empty() && live > 0) {
r->make_regular_bypass();
+ if (ZapUnusedHeapArea) {
+ SpaceMangler::mangle_region(MemRegion(r->top(), r->end()));
+ }
}
// Reclaim regular regions that became empty
diff --git a/src/hotspot/share/opto/compile.cpp b/src/hotspot/share/opto/compile.cpp
index 4b22284f9..56471d69a 100644
--- a/src/hotspot/share/opto/compile.cpp
@ -258,21 +244,6 @@ index d47a1d260..7e16e6a67 100644
private class ZipEntryIterator<T extends ZipEntry>
implements Enumeration<T>, Iterator<T> {
diff --git a/src/java.base/share/classes/sun/security/pkcs/PKCS7.java b/src/java.base/share/classes/sun/security/pkcs/PKCS7.java
index f7df9934f..44df67ec0 100644
--- a/src/java.base/share/classes/sun/security/pkcs/PKCS7.java
+++ b/src/java.base/share/classes/sun/security/pkcs/PKCS7.java
@@ -153,7 +153,9 @@ public class PKCS7 {
ContentInfo block = new ContentInfo(derin, oldStyle);
contentType = block.contentType;
DerValue content = block.getContent();
-
+ if (content == null) {
+ throw new ParsingException("content is null");
+ }
if (contentType.equals(ContentInfo.SIGNED_DATA_OID)) {
parseSignedData(content);
} else if (contentType.equals(ContentInfo.OLD_SIGNED_DATA_OID)) {
diff --git a/src/java.base/windows/classes/java/io/WinNTFileSystem.java b/src/java.base/windows/classes/java/io/WinNTFileSystem.java
index 0fabd6f2b..d910beb44 100644
--- a/src/java.base/windows/classes/java/io/WinNTFileSystem.java
@ -368,63 +339,6 @@ diff --git a/src/java.desktop/windows/native/libjsound/PLATFORM_API_WinOS_Direct
index ea188e934..8585eda01 100644
--- a/src/java.desktop/windows/native/libjsound/PLATFORM_API_WinOS_DirectSound.cpp
+++ b/src/java.desktop/windows/native/libjsound/PLATFORM_API_WinOS_DirectSound.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -184,6 +184,12 @@ INT32 DAUDIO_GetDirectAudioDeviceCount() {
return 0;
}
+ HRESULT hr = ::CoInitializeEx(NULL, COINIT_MULTITHREADED | COINIT_DISABLE_OLE1DDE);
+ if (FAILED(hr) && hr != RPC_E_CHANGED_MODE) {
+ DS_unlockCache();
+ return 0;
+ }
+
if (g_lastCacheRefreshTime == 0
|| (UINT64) timeGetTime() > (UINT64) (g_lastCacheRefreshTime + WAIT_BETWEEN_CACHE_REFRESH_MILLIS)) {
/* first, initialize any old cache items */
@@ -224,6 +230,11 @@ INT32 DAUDIO_GetDirectAudioDeviceCount() {
g_lastCacheRefreshTime = (UINT64) timeGetTime();
}
+
+ if (hr != RPC_E_CHANGED_MODE) {
+ ::CoUninitialize();
+ }
+
DS_unlockCache();
/*TRACE1("DirectSound: %d installed devices\n", g_mixerCount);*/
return g_mixerCount;
@@ -258,6 +269,13 @@ INT32 DAUDIO_GetDirectAudioDeviceDescription(INT32 mixerIndex, DirectAudioDevice
DS_unlockCache();
return FALSE;
}
+
+ HRESULT hr = ::CoInitializeEx(NULL, COINIT_MULTITHREADED | COINIT_DISABLE_OLE1DDE);
+ if (FAILED(hr) && hr != RPC_E_CHANGED_MODE) {
+ DS_unlockCache();
+ return 0;
+ }
+
desc->maxSimulLines = 0;
if (g_audioDeviceCache[desc->deviceID].isSource) {
DirectSoundEnumerateW((LPDSENUMCALLBACKW) DS_GetDescEnum, desc);
@@ -267,6 +285,10 @@ INT32 DAUDIO_GetDirectAudioDeviceDescription(INT32 mixerIndex, DirectAudioDevice
strncpy(desc->description, "DirectSound Capture", DAUDIO_STRING_LENGTH);
}
+ if (hr != RPC_E_CHANGED_MODE) {
+ ::CoUninitialize();
+ }
+
/*desc->vendor;
desc->version;*/
@@ -357,7 +379,7 @@ typedef struct {
} DS_Info;
@ -447,26 +361,6 @@ index 5a229ed1e..ec9734d7c 100644
nested = th;
this.location = location;
}
diff --git a/test/hotspot/jtreg/gc/arguments/TestArrayAllocatorMallocLimit.java b/test/hotspot/jtreg/gc/arguments/TestArrayAllocatorMallocLimit.java
index ca4d2d5d7..b66a43d85 100644
--- a/test/hotspot/jtreg/gc/arguments/TestArrayAllocatorMallocLimit.java
+++ b/test/hotspot/jtreg/gc/arguments/TestArrayAllocatorMallocLimit.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2014, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -52,7 +52,7 @@ public class TestArrayAllocatorMallocLimit {
private static final String printFlagsFinalPattern = " *size_t *" + flagName + " *:?= *(\\d+) *\\{experimental\\} *";
public static void testDefaultValue() throws Exception {
- ProcessBuilder pb = GCArguments.createJavaProcessBuilder(
+ ProcessBuilder pb = GCArguments.createTestJvm(
"-XX:+UnlockExperimentalVMOptions", "-XX:+PrintFlagsFinal", "-version");
OutputAnalyzer output = new OutputAnalyzer(pb.start());
diff --git a/test/hotspot/jtreg/runtime/CommandLine/UnrecognizedProperty.java b/test/hotspot/jtreg/runtime/CommandLine/UnrecognizedProperty.java
new file mode 100644
index 000000000..78ec54bbc
@ -1028,759 +922,4 @@ index 000000000..0997f1f45
+ assertEquals(file.isAbsolute(), that.isAbsolute());
+ }
+}
diff --git a/test/jdk/javax/sound/sampled/Lines/OpenLineAfterScreenLock.java b/test/jdk/javax/sound/sampled/Lines/OpenLineAfterScreenLock.java
new file mode 100644
index 000000000..c9bb4c4ee
--- /dev/null
+++ b/test/jdk/javax/sound/sampled/Lines/OpenLineAfterScreenLock.java
@@ -0,0 +1,144 @@
+/*
+ * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.awt.BorderLayout;
+import java.awt.event.WindowAdapter;
+import java.awt.event.WindowEvent;
+import java.util.Arrays;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+
+import javax.sound.sampled.AudioSystem;
+import javax.sound.sampled.Line;
+import javax.sound.sampled.LineUnavailableException;
+import javax.sound.sampled.Mixer;
+import javax.sound.sampled.TargetDataLine;
+import javax.swing.JButton;
+import javax.swing.JFileChooser;
+import javax.swing.JFrame;
+import javax.swing.JScrollPane;
+import javax.swing.JTextArea;
+
+import static javax.swing.SwingUtilities.invokeAndWait;
+
+/*
+ * @test
+ * @bug 8301846
+ * @requires (os.family == "windows")
+ * @summary Sound recording fails after screen lock and unlock.
+ * @run main/manual OpenLineAfterScreenLock
+ */
+public class OpenLineAfterScreenLock {
+
+ private static final String INSTRUCTIONS = String.join(System.lineSeparator(),
+ "This test verifies it can record sound from the first sound capture device after",
+ "locking and unlocking the screen. The first part of the test has already completed.",
+ "",
+ "Lock the screen and unlock it. Then click Continue to complete the test.",
+ "",
+ "The test will finish automatically."
+ );
+
+ private static final CountDownLatch latch = new CountDownLatch(1);
+
+ private static JFrame frame;
+
+ public static void main(String[] args) throws Exception {
+ try {
+ runTest();
+
+ // Creating JFileChooser initializes COM
+ // which affects ability to open audio lines
+ new JFileChooser();
+
+ invokeAndWait(OpenLineAfterScreenLock::createInstructionsUI);
+ if (!latch.await(2, TimeUnit.MINUTES)) {
+ throw new RuntimeException("Test failed: Test timed out!!");
+ }
+
+ runTest();
+ } finally {
+ invokeAndWait(() -> {
+ if (frame != null) {
+ frame.dispose();
+ }
+ });
+ }
+ System.out.println("Test Passed");
+ }
+
+ private static void runTest() {
+ try {
+ Mixer mixer = getMixer();
+ TargetDataLine line =
+ (TargetDataLine) mixer.getLine(mixer.getTargetLineInfo()[0]);
+ line.open();
+ line.close();
+ } catch (LineUnavailableException e) {
+ throw new RuntimeException("Test failed: Line unavailable", e);
+ }
+ }
+
+ private static Mixer getMixer() {
+ return Arrays.stream(AudioSystem.getMixerInfo())
+ .map(AudioSystem::getMixer)
+ .filter(OpenLineAfterScreenLock::isRecordingDevice)
+ .skip(1) // Skip the primary driver and choose one directly
+ .findAny()
+ .orElseThrow();
+ }
+
+ private static boolean isRecordingDevice(Mixer mixer) {
+ Line.Info[] lineInfos = mixer.getTargetLineInfo();
+ return lineInfos.length > 0
+ && lineInfos[0].getLineClass() == TargetDataLine.class;
+ }
+
+ private static void createInstructionsUI() {
+ frame = new JFrame("Instructions for OpenLineAfterScreenLock");
+
+ JTextArea textArea = new JTextArea(INSTRUCTIONS);
+ textArea.setEditable(false);
+
+ JScrollPane pane = new JScrollPane(textArea);
+ frame.getContentPane().add(pane, BorderLayout.NORTH);
+
+ JButton button = new JButton("Continue");
+ button.addActionListener(e -> latch.countDown());
+ frame.getContentPane().add(button, BorderLayout.PAGE_END);
+
+ frame.pack();
+ frame.setLocationRelativeTo(null);
+
+ frame.addWindowListener(new CloseWindowHandler());
+ frame.setVisible(true);
+ }
+
+ private static class CloseWindowHandler extends WindowAdapter {
+ @Override
+ public void windowClosing(WindowEvent e) {
+ latch.countDown();
+ throw new RuntimeException("Test window closed abruptly");
+ }
+ }
+}
diff --git a/test/jdk/sun/security/pkcs11/MessageDigest/TestCloning.java b/test/jdk/sun/security/pkcs11/MessageDigest/TestCloning.java
index c37f6d332..58635671f 100644
--- a/test/jdk/sun/security/pkcs11/MessageDigest/TestCloning.java
+++ b/test/jdk/sun/security/pkcs11/MessageDigest/TestCloning.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -39,6 +39,8 @@ import java.util.Arrays;
import java.util.Random;
import java.util.List;
+import jtreg.SkippedException;
+
public class TestCloning extends PKCS11Test {
public static void main(String[] args) throws Exception {
@@ -57,15 +59,31 @@ public class TestCloning extends PKCS11Test {
r.nextBytes(data1);
r.nextBytes(data2);
System.out.println("Testing against provider " + p.getName());
+
+ boolean skipTest = true;
+
for (String alg : ALGS) {
- System.out.println("Testing " + alg);
+ System.out.println("Digest algo: " + alg);
MessageDigest md = MessageDigest.getInstance(alg, p);
- md = testCloning(md, p);
+ try {
+ md = testCloning(md, p);;
+ } catch (CloneNotSupportedException cnse) {
+ // skip test if clone isn't supported
+ System.out.println("=> Clone not supported; skip!");
+ continue;
+ }
+
+ // start testing below
+ skipTest = false;
+
// repeat the test again after generating digest once
for (int j = 0; j < 10; j++) {
md = testCloning(md, p);
}
}
+ if (skipTest) {
+ throw new SkippedException("Test Skipped!");
+ }
}
private static MessageDigest testCloning(MessageDigest mdObj, Provider p)
@@ -125,4 +143,3 @@ public class TestCloning extends PKCS11Test {
}
}
}
-
diff --git a/test/jdk/sun/security/pkcs11/PSSUtil.java b/test/jdk/sun/security/pkcs11/PSSUtil.java
new file mode 100644
index 000000000..d1848804f
--- /dev/null
+++ b/test/jdk/sun/security/pkcs11/PSSUtil.java
@@ -0,0 +1,84 @@
+/*
+ * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.Provider;
+import java.security.Signature;
+
+public class PSSUtil {
+
+ /**
+ * ALGORITHM name, fixed as RSA for PKCS11
+ */
+ private static final String KEYALG = "RSA";
+ private static final String SIGALG = "RSASSA-PSS";
+
+ public static enum AlgoSupport {
+ NO, MAYBE, YES
+ };
+
+ public static boolean isSignatureSupported(Provider p) {
+ try {
+ Signature.getInstance(SIGALG, p);
+ return true;
+ } catch (NoSuchAlgorithmException e) {
+ System.out.println("Skip testing " + SIGALG +
+ " due to no support");
+ return false;
+ }
+ }
+
+ public static AlgoSupport isHashSupported(Provider p, String... hashAlgs) {
+
+ AlgoSupport status = AlgoSupport.YES;
+ for (String h : hashAlgs) {
+ String sigAlg = (h.startsWith("SHA3-") ?
+ h : h.replace("-", "")) + "with" + SIGALG;
+ try {
+ Signature.getInstance(sigAlg, p);
+ // Yes, proceed to check next hash algorithm
+ continue;
+ } catch (NoSuchAlgorithmException e) {
+ // continue trying other checks
+ }
+ try {
+ MessageDigest.getInstance(h, p);
+ status = AlgoSupport.MAYBE;
+ } catch (NoSuchAlgorithmException e) {
+ // if not supported as a standalone digest algo, chance of it
+ // being supported by PSS is very very low
+ return AlgoSupport.NO;
+ }
+ }
+ return status;
+ }
+
+ public static KeyPair generateKeys(Provider p, int size)
+ throws NoSuchAlgorithmException {
+ KeyPairGenerator kpg = KeyPairGenerator.getInstance(KEYALG, p);
+ kpg.initialize(size);
+ return kpg.generateKeyPair();
+ }
+}
diff --git a/test/jdk/sun/security/pkcs11/Signature/KeyAndParamCheckForPSS.java b/test/jdk/sun/security/pkcs11/Signature/KeyAndParamCheckForPSS.java
index f1c0492b5..adf7a0890 100644
--- a/test/jdk/sun/security/pkcs11/Signature/KeyAndParamCheckForPSS.java
+++ b/test/jdk/sun/security/pkcs11/Signature/KeyAndParamCheckForPSS.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2019, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,8 @@ import java.security.*;
import java.security.interfaces.*;
import java.security.spec.*;
+import jtreg.SkippedException;
+
/**
* @test
* @bug 8080462 8226651 8242332
@@ -35,25 +37,19 @@ import java.security.spec.*;
*/
public class KeyAndParamCheckForPSS extends PKCS11Test {
- /**
- * ALGORITHM name, fixed as RSA for PKCS11
- */
- private static final String KEYALG = "RSA";
private static final String SIGALG = "RSASSA-PSS";
public static void main(String[] args) throws Exception {
main(new KeyAndParamCheckForPSS(), args);
}
+ private static boolean skipTest = true;
+
@Override
public void main(Provider p) throws Exception {
- Signature sig;
- try {
- sig = Signature.getInstance(SIGALG, p);
- } catch (NoSuchAlgorithmException e) {
- System.out.println("Skip testing RSASSA-PSS" +
- " due to no support");
- return;
+ if (!PSSUtil.isSignatureSupported(p)) {
+ throw new SkippedException("Skip due to no support for " +
+ SIGALG);
}
// NOTE: key length >= (digest length + 2) in bytes
@@ -76,27 +72,26 @@ public class KeyAndParamCheckForPSS extends PKCS11Test {
runTest(p, 1040, "SHA3-512", "SHA3-256");
runTest(p, 1040, "SHA3-512", "SHA3-384");
runTest(p, 1040, "SHA3-512", "SHA3-512");
+
+ if (skipTest) {
+ throw new SkippedException("Test Skipped");
+ }
}
- private void runTest(Provider p, int keySize, String hashAlg,
+ private static void runTest(Provider p, int keySize, String hashAlg,
String mgfHashAlg) throws Exception {
- // skip further test if this provider does not support hashAlg or
- // mgfHashAlg
- try {
- MessageDigest.getInstance(hashAlg, p);
- MessageDigest.getInstance(mgfHashAlg, p);
- } catch (NoSuchAlgorithmException nsae) {
- System.out.println("No support for " + hashAlg + ", skip");
+ System.out.println("Testing " + hashAlg + " and MGF1" + mgfHashAlg);
+ PSSUtil.AlgoSupport s = PSSUtil.isHashSupported(p, hashAlg, mgfHashAlg);
+ if (s == PSSUtil.AlgoSupport.NO) {
+ System.out.println("=> Skip; no support");
return;
}
- System.out.println("Testing [" + keySize + " " + hashAlg + "]");
+ Signature sig = Signature.getInstance(SIGALG, p);
// create a key pair with the supplied size
- KeyPairGenerator kpg = KeyPairGenerator.getInstance(KEYALG, p);
- kpg.initialize(keySize);
- KeyPair kp = kpg.generateKeyPair();
+ KeyPair kp = PSSUtil.generateKeys(p, keySize);
int bigSaltLen = keySize/8 - 14;
AlgorithmParameterSpec paramsBad = new PSSParameterSpec(hashAlg,
@@ -108,58 +103,71 @@ public class KeyAndParamCheckForPSS extends PKCS11Test {
PublicKey pub = kp.getPublic();
// test#1 - setParameter then initSign
- Signature sig = Signature.getInstance("RSASSA-PSS", p);
- sig.setParameter(paramsBad);
+ sig = Signature.getInstance(SIGALG, p);
+ try {
+ sig.setParameter(paramsGood);
+ sig.initSign(priv);
+ // algorithm support confirmed
+ skipTest = false;
+ } catch (Exception ex) {
+ if (s == PSSUtil.AlgoSupport.MAYBE) {
+ // confirmed to be unsupported; skip the rest of the test
+ System.out.println("=> Skip; no PSS support");
+ return;
+ } else {
+ throw new RuntimeException("Unexpected Exception", ex);
+ }
+ }
+
+ sig = Signature.getInstance(SIGALG, p);
try {
+ sig.setParameter(paramsBad);
sig.initSign(priv);
throw new RuntimeException("Expected IKE not thrown");
} catch (InvalidKeyException ike) {
- System.out.println("test#1: got expected IKE");
+ // expected
}
+ // test#2 - setParameter then initVerify
+ sig = Signature.getInstance(SIGALG, p);
sig.setParameter(paramsGood);
- sig.initSign(priv);
- System.out.println("test#1: pass");
+ sig.initVerify(pub);
- // test#2 - setParameter then initVerify
- sig = Signature.getInstance("RSASSA-PSS", p);
- sig.setParameter(paramsBad);
+ sig = Signature.getInstance(SIGALG, p);
try {
+ sig.setParameter(paramsBad);
sig.initVerify(pub);
throw new RuntimeException("Expected IKE not thrown");
} catch (InvalidKeyException ike) {
- System.out.println("test#2: got expected IKE");
+ // expected
}
- sig.setParameter(paramsGood);
- sig.initVerify(pub);
-
- System.out.println("test#2: pass");
-
// test#3 - initSign, then setParameter
- sig = Signature.getInstance("RSASSA-PSS", p);
+ sig = Signature.getInstance(SIGALG, p);
sig.initSign(priv);
+ sig.setParameter(paramsGood);
+
+ sig = Signature.getInstance(SIGALG, p);
try {
+ sig.initSign(priv);
sig.setParameter(paramsBad);
throw new RuntimeException("Expected IAPE not thrown");
} catch (InvalidAlgorithmParameterException iape) {
- System.out.println("test#3: got expected IAPE");
+ // expected
}
- sig.setParameter(paramsGood);
- System.out.println("test#3: pass");
-
// test#4 - initVerify, then setParameter
- sig = Signature.getInstance("RSASSA-PSS", p);
+ sig = Signature.getInstance(SIGALG, p);
+ sig.setParameter(paramsGood);
sig.initVerify(pub);
+
+ sig = Signature.getInstance(SIGALG, p);
try {
+ sig.initVerify(pub);
sig.setParameter(paramsBad);
throw new RuntimeException("Expected IAPE not thrown");
} catch (InvalidAlgorithmParameterException iape) {
- System.out.println("test#4: got expected IAPE");
+ // expected
}
-
- sig.setParameter(paramsGood);
- System.out.println("test#4: pass");
}
}
diff --git a/test/jdk/sun/security/pkcs11/Signature/SignatureTestPSS.java b/test/jdk/sun/security/pkcs11/Signature/SignatureTestPSS.java
index 4c1f7284b..c87554a51 100644
--- a/test/jdk/sun/security/pkcs11/Signature/SignatureTestPSS.java
+++ b/test/jdk/sun/security/pkcs11/Signature/SignatureTestPSS.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2019, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,7 @@ import java.security.*;
import java.security.interfaces.*;
import java.security.spec.*;
import java.util.stream.IntStream;
+import jtreg.SkippedException;
/**
* @test
@@ -35,8 +36,6 @@ import java.util.stream.IntStream;
*/
public class SignatureTestPSS extends PKCS11Test {
- // PKCS11 does not support RSASSA-PSS keys yet
- private static final String KEYALG = "RSA";
private static final String SIGALG = "RSASSA-PSS";
private static final int[] KEYSIZES = { 2048, 3072 };
@@ -44,7 +43,7 @@ public class SignatureTestPSS extends PKCS11Test {
"SHA-224", "SHA-256", "SHA-384" , "SHA-512",
"SHA3-224", "SHA3-256", "SHA3-384" , "SHA3-512",
};
- private Provider prov;
+ private static final byte[] DATA = generateData(100);
/**
* How much times signature updated.
@@ -56,88 +55,72 @@ public class SignatureTestPSS extends PKCS11Test {
*/
private static final int UPDATE_TIMES_HUNDRED = 100;
+ private static boolean skipTest = true;
+
public static void main(String[] args) throws Exception {
main(new SignatureTestPSS(), args);
}
@Override
public void main(Provider p) throws Exception {
- Signature sig;
- try {
- sig = Signature.getInstance(SIGALG, p);
- } catch (NoSuchAlgorithmException e) {
- System.out.println("Skip testing RSASSA-PSS" +
- " due to no support");
- return;
+ if (!PSSUtil.isSignatureSupported(p)) {
+ throw new SkippedException("Skip due to no support for " + SIGALG);
}
- this.prov = p;
- for (int i : KEYSIZES) {
- runTest(i);
- }
- }
- private void runTest(int keySize) throws Exception {
- byte[] data = new byte[100];
- IntStream.range(0, data.length).forEach(j -> {
- data[j] = (byte) j;
- });
- System.out.println("[KEYSIZE = " + keySize + "]");
-
- // create a key pair
- KeyPair kpair = generateKeys(KEYALG, keySize);
- test(DIGESTS, kpair.getPrivate(), kpair.getPublic(), data);
- }
-
- private void test(String[] digestAlgs, PrivateKey privKey,
- PublicKey pubKey, byte[] data) throws RuntimeException {
- // For signature algorithm, create and verify a signature
- for (String hash : digestAlgs) {
- for (String mgfHash : digestAlgs) {
- try {
- checkSignature(data, pubKey, privKey, hash, mgfHash);
- } catch (NoSuchAlgorithmException | InvalidKeyException |
- SignatureException | NoSuchProviderException ex) {
- throw new RuntimeException(ex);
- } catch (InvalidAlgorithmParameterException ex2) {
- System.out.println("Skip test due to " + ex2);
+ for (int kSize : KEYSIZES) {
+ System.out.println("[KEYSIZE = " + kSize + "]");
+ KeyPair kp = PSSUtil.generateKeys(p, kSize);
+ PrivateKey privKey = kp.getPrivate();
+ PublicKey pubKey = kp.getPublic();
+ for (String hash : DIGESTS) {
+ for (String mgfHash : DIGESTS) {
+ System.out.println(" [Hash = " + hash +
+ ", MGF1 Hash = " + mgfHash + "]");
+ PSSUtil.AlgoSupport s =
+ PSSUtil.isHashSupported(p, hash, mgfHash);
+ if (s == PSSUtil.AlgoSupport.NO) {
+ System.out.println(" => Skip; no support");
+ continue;
+ }
+ checkSignature(p, DATA, pubKey, privKey, hash, mgfHash, s);
}
- }
- };
- }
+ };
+ }
- private KeyPair generateKeys(String keyalg, int size)
- throws NoSuchAlgorithmException {
- KeyPairGenerator kpg = KeyPairGenerator.getInstance(keyalg, prov);
- kpg.initialize(size);
- return kpg.generateKeyPair();
+ // start testing below
+ if (skipTest) {
+ throw new SkippedException("Test Skipped");
+ }
}
- private void checkSignature(byte[] data, PublicKey pub,
- PrivateKey priv, String hash, String mgfHash)
+ private static void checkSignature(Provider p, byte[] data, PublicKey pub,
+ PrivateKey priv, String hash, String mgfHash, PSSUtil.AlgoSupport s)
throws NoSuchAlgorithmException, InvalidKeyException,
SignatureException, NoSuchProviderException,
InvalidAlgorithmParameterException {
- String testName = hash + " and MGF1_" + mgfHash;
// only test RSASSA-PSS signature against the supplied hash/mgfHash
// if they are supported; otherwise PKCS11 library will throw
// CKR_MECHANISM_PARAM_INVALID at Signature.initXXX calls
+ Signature sig = Signature.getInstance(SIGALG, p);
+ AlgorithmParameterSpec params = new PSSParameterSpec(
+ hash, "MGF1", new MGF1ParameterSpec(mgfHash), 0, 1);
+ sig.initSign(priv);
+
try {
- MessageDigest md = MessageDigest.getInstance(hash, prov);
- if (!hash.equalsIgnoreCase(mgfHash)) {
- md = MessageDigest.getInstance(mgfHash, prov);
+ sig.setParameter(params);
+ } catch (InvalidAlgorithmParameterException iape) {
+ if (s == PSSUtil.AlgoSupport.MAYBE) {
+ // confirmed to be unsupported; skip the rest of the test
+ System.out.println(" => Skip; no PSS support");
+ return;
+ } else {
+ throw new RuntimeException("Unexpected Exception", iape);
}
- } catch (NoSuchAlgorithmException nsae) {
- System.out.println("Skip testing " + hash + "/" + mgfHash);
- return;
}
+ // start testing below
+ skipTest = false;
- System.out.println("Testing against " + testName);
- Signature sig = Signature.getInstance(SIGALG, prov);
- AlgorithmParameterSpec params = new PSSParameterSpec(
- hash, "MGF1", new MGF1ParameterSpec(mgfHash), 0, 1);
- sig.setParameter(params);
- sig.initSign(priv);
for (int i = 0; i < UPDATE_TIMES_HUNDRED; i++) {
sig.update(data);
}
@@ -163,5 +146,6 @@ public class SignatureTestPSS extends PKCS11Test {
if (sig.verify(signedData)) {
throw new RuntimeException("Failed to detect bad signature");
}
+ System.out.println(" => Passed");
}
}
diff --git a/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java b/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java
index 8c14c48ee..fb85353ee 100644
--- a/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java
+++ b/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -23,56 +23,43 @@
/*
* @test
- * @bug 5052433
- * @summary NullPointerException for generateCRL and generateCRLs methods.
+ * @bug 5052433 8315042
+ * @summary Verify that generateCRL and generateCRLs methods do not throw
+ * NullPointerException. They should throw CRLException instead.
+ * @library /test/lib
*/
import java.security.NoSuchProviderException;
import java.security.cert.*;
import java.io.ByteArrayInputStream;
+import java.util.Base64;
-public class UnexpectedNPE {
- CertificateFactory cf = null ;
+import jdk.test.lib.Utils;
- public UnexpectedNPE() {}
+public class UnexpectedNPE {
+ static CertificateFactory cf = null;
- public static void main( String[] av ) {
+ public static void main(String[] av ) throws CertificateException,
+ NoSuchProviderException {
byte[] encoded_1 = { 0x00, 0x00, 0x00, 0x00 };
byte[] encoded_2 = { 0x30, 0x01, 0x00, 0x00 };
byte[] encoded_3 = { 0x30, 0x01, 0x00 };
+ byte[] encoded_4 = Base64.getDecoder().decode(
+ "MAsGCSqGSMP7TQEHAjI1Bgn///////8wCwUyAQ==");
- UnexpectedNPE unpe = new UnexpectedNPE() ;
-
- if(!unpe.run(encoded_1)) {
- throw new SecurityException("CRLException has not been thrown");
- }
+ cf = CertificateFactory.getInstance("X.509", "SUN");
- if(!unpe.run(encoded_2)) {
- throw new SecurityException("CRLException has not been thrown");
- }
-
- if(!unpe.run(encoded_2)) {
- throw new SecurityException("CRLException has not been thrown");
- }
+ run(encoded_1);
+ run(encoded_2);
+ run(encoded_3);
+ run(encoded_4);
}
- private boolean run(byte[] buf) {
- if (cf == null) {
- try {
- cf = CertificateFactory.getInstance("X.509", "SUN");
- } catch (CertificateException e) {
- throw new SecurityException("Cannot get CertificateFactory");
- } catch (NoSuchProviderException npe) {
- throw new SecurityException("Cannot get CertificateFactory");
- }
- }
- try {
- cf.generateCRL(new ByteArrayInputStream(buf));
- } catch (CRLException ce) {
- System.out.println("NPE checking passed");
- return true;
- }
-
- System.out.println("CRLException has not been thrown");
- return false;
+ private static void run(byte[] buf) {
+ Utils.runAndCheckException(
+ () -> cf.generateCRL(new ByteArrayInputStream(buf)),
+ CRLException.class);
+ Utils.runAndCheckException(
+ () -> cf.generateCRLs(new ByteArrayInputStream(buf)),
+ CRLException.class);
}
}
--
2.43.0.windows.1