Tue, 25 Aug 2020 08:39:43 +0300
8245470: Fix JDK8 compatibility issues
Reviewed-by: mbalao
1.1 --- a/src/share/classes/java/security/MessageDigest.java Tue Aug 25 08:35:10 2020 +0300 1.2 +++ b/src/share/classes/java/security/MessageDigest.java Tue Aug 25 08:39:43 2020 +0300 1.3 @@ -32,10 +32,13 @@ 1.4 import java.io.PrintStream; 1.5 import java.io.InputStream; 1.6 import java.io.ByteArrayInputStream; 1.7 - 1.8 +import java.security.InvalidKeyException; 1.9 import java.nio.ByteBuffer; 1.10 1.11 import sun.security.util.Debug; 1.12 +import sun.security.util.MessageDigestSpi2; 1.13 + 1.14 +import javax.crypto.SecretKey; 1.15 1.16 /** 1.17 * This MessageDigest class provides applications the functionality of a 1.18 @@ -549,7 +552,7 @@ 1.19 * and its original parent (Object). 1.20 */ 1.21 1.22 - static class Delegate extends MessageDigest { 1.23 + static class Delegate extends MessageDigest implements MessageDigestSpi2 { 1.24 1.25 // The provider implementation (delegate) 1.26 private MessageDigestSpi digestSpi; 1.27 @@ -602,6 +605,14 @@ 1.28 digestSpi.engineUpdate(input); 1.29 } 1.30 1.31 + public void engineUpdate(SecretKey key) throws InvalidKeyException { 1.32 + if (digestSpi instanceof MessageDigestSpi2) { 1.33 + ((MessageDigestSpi2)digestSpi).engineUpdate(key); 1.34 + } else { 1.35 + throw new UnsupportedOperationException 1.36 + ("Digest does not support update of SecretKey object"); 1.37 + } 1.38 + } 1.39 protected byte[] engineDigest() { 1.40 return digestSpi.engineDigest(); 1.41 }
2.1 --- a/src/share/classes/sun/security/pkcs11/P11Digest.java Tue Aug 25 08:35:10 2020 +0300 2.2 +++ b/src/share/classes/sun/security/pkcs11/P11Digest.java Tue Aug 25 08:39:43 2020 +0300 2.3 @@ -34,6 +34,8 @@ 2.4 2.5 import sun.nio.ch.DirectBuffer; 2.6 2.7 +import sun.security.util.MessageDigestSpi2; 2.8 + 2.9 import sun.security.pkcs11.wrapper.*; 2.10 import static sun.security.pkcs11.wrapper.PKCS11Constants.*; 2.11 2.12 @@ -49,7 +51,8 @@ 2.13 * @author Andreas Sterbenz 2.14 * @since 1.5 2.15 */ 2.16 -final class P11Digest extends MessageDigestSpi implements Cloneable { 2.17 +final class P11Digest extends MessageDigestSpi implements Cloneable, 2.18 + MessageDigestSpi2 { 2.19 2.20 /* fields initialized, no session acquired */ 2.21 private final static int S_BLANK = 1; 2.22 @@ -234,10 +237,11 @@ 2.23 } 2.24 2.25 // Called by SunJSSE via reflection during the SSL 3.0 handshake if 2.26 - // the master secret is sensitive. We may want to consider making this 2.27 - // method public in a future release. 2.28 - protected void implUpdate(SecretKey key) throws InvalidKeyException { 2.29 - 2.30 + // the master secret is sensitive. 2.31 + // Note: Change to protected after this method is moved from 2.32 + // sun.security.util.MessageSpi2 interface to 2.33 + // java.security.MessageDigestSpi class 2.34 + public void engineUpdate(SecretKey key) throws InvalidKeyException { 2.35 // SunJSSE calls this method only if the key does not have a RAW 2.36 // encoding, i.e. if it is sensitive. Therefore, no point in calling 2.37 // SecretKeyFactory to try to convert it. Just verify it ourselves.
3.1 --- a/src/share/classes/sun/security/ssl/BaseSSLSocketImpl.java Tue Aug 25 08:35:10 2020 +0300 3.2 +++ b/src/share/classes/sun/security/ssl/BaseSSLSocketImpl.java Tue Aug 25 08:39:43 2020 +0300 3.3 @@ -640,34 +640,6 @@ 3.4 } 3.5 } 3.6 3.7 - @Override 3.8 - public <T> Socket setOption(SocketOption<T> name, 3.9 - T value) throws IOException { 3.10 - if (self == this) { 3.11 - return super.setOption(name, value); 3.12 - } else { 3.13 - return self.setOption(name, value); 3.14 - } 3.15 - } 3.16 - 3.17 - @Override 3.18 - public <T> T getOption(SocketOption<T> name) throws IOException { 3.19 - if (self == this) { 3.20 - return super.getOption(name); 3.21 - } else { 3.22 - return self.getOption(name); 3.23 - } 3.24 - } 3.25 - 3.26 - @Override 3.27 - public Set<SocketOption<?>> supportedOptions() { 3.28 - if (self == this) { 3.29 - return super.supportedOptions(); 3.30 - } else { 3.31 - return self.supportedOptions(); 3.32 - } 3.33 - } 3.34 - 3.35 boolean isLayered() { 3.36 return (self != this); 3.37 }
4.1 --- a/src/share/classes/sun/security/ssl/CertSignAlgsExtension.java Tue Aug 25 08:35:10 2020 +0300 4.2 +++ b/src/share/classes/sun/security/ssl/CertSignAlgsExtension.java Tue Aug 25 08:39:43 2020 +0300 4.3 @@ -27,6 +27,8 @@ 4.4 4.5 import java.io.IOException; 4.6 import java.nio.ByteBuffer; 4.7 +import java.util.Arrays; 4.8 +import java.util.Collections; 4.9 import java.util.List; 4.10 import sun.security.ssl.SSLExtension.ExtensionConsumer; 4.11 import sun.security.ssl.SSLHandshake.HandshakeMessage; 4.12 @@ -242,10 +244,11 @@ 4.13 } 4.14 4.15 // Produce the extension. 4.16 + List<ProtocolVersion> protocols = Arrays.asList(shc.negotiatedProtocol); 4.17 + protocols = Collections.unmodifiableList(protocols); 4.18 List<SignatureScheme> sigAlgs = 4.19 SignatureScheme.getSupportedAlgorithms( 4.20 - shc.algorithmConstraints, 4.21 - List.of(shc.negotiatedProtocol)); 4.22 + shc.algorithmConstraints, protocols); 4.23 4.24 int vectorLen = SignatureScheme.sizeInRecord() * sigAlgs.size(); 4.25 byte[] extData = new byte[vectorLen + 2];
5.1 --- a/src/share/classes/sun/security/ssl/CertStatusExtension.java Tue Aug 25 08:35:10 2020 +0300 5.2 +++ b/src/share/classes/sun/security/ssl/CertStatusExtension.java Tue Aug 25 08:39:43 2020 +0300 5.3 @@ -44,7 +44,7 @@ 5.4 import sun.security.ssl.SSLHandshake.HandshakeMessage; 5.5 import sun.security.util.DerInputStream; 5.6 import sun.security.util.DerValue; 5.7 -import sun.security.util.HexDumpEncoder; 5.8 +import sun.misc.HexDumpEncoder; 5.9 5.10 /** 5.11 * Pack of "status_request" and "status_request_v2" extensions.
6.1 --- a/src/share/classes/sun/security/ssl/CertificateVerify.java Tue Aug 25 08:35:10 2020 +0300 6.2 +++ b/src/share/classes/sun/security/ssl/CertificateVerify.java Tue Aug 25 08:39:43 2020 +0300 6.3 @@ -34,7 +34,7 @@ 6.4 import sun.security.ssl.SSLHandshake.HandshakeMessage; 6.5 import sun.security.ssl.X509Authentication.X509Credentials; 6.6 import sun.security.ssl.X509Authentication.X509Possession; 6.7 -import sun.security.util.HexDumpEncoder; 6.8 +import sun.misc.HexDumpEncoder; 6.9 6.10 /** 6.11 * Pack of the CertificateVerify handshake message.
7.1 --- a/src/share/classes/sun/security/ssl/CookieExtension.java Tue Aug 25 08:35:10 2020 +0300 7.2 +++ b/src/share/classes/sun/security/ssl/CookieExtension.java Tue Aug 25 08:39:43 2020 +0300 7.3 @@ -36,7 +36,7 @@ 7.4 import sun.security.ssl.SSLHandshake.HandshakeMessage; 7.5 import sun.security.ssl.SSLExtension.SSLExtensionSpec; 7.6 import sun.security.ssl.ServerHello.ServerHelloMessage; 7.7 -import sun.security.util.HexDumpEncoder; 7.8 +import sun.misc.HexDumpEncoder; 7.9 7.10 public class CookieExtension { 7.11 static final HandshakeProducer chNetworkProducer =
8.1 --- a/src/share/classes/sun/security/ssl/DHClientKeyExchange.java Tue Aug 25 08:35:10 2020 +0300 8.2 +++ b/src/share/classes/sun/security/ssl/DHClientKeyExchange.java Tue Aug 25 08:39:43 2020 +0300 8.3 @@ -43,7 +43,7 @@ 8.4 import sun.security.ssl.DHKeyExchange.DHEPossession; 8.5 import sun.security.ssl.SSLHandshake.HandshakeMessage; 8.6 import sun.security.ssl.SupportedGroupsExtension.NamedGroup; 8.7 -import sun.security.util.HexDumpEncoder; 8.8 +import sun.misc.HexDumpEncoder; 8.9 8.10 /** 8.11 * Pack of the "ClientKeyExchange" handshake message.
9.1 --- a/src/share/classes/sun/security/ssl/DHServerKeyExchange.java Tue Aug 25 08:35:10 2020 +0300 9.2 +++ b/src/share/classes/sun/security/ssl/DHServerKeyExchange.java Tue Aug 25 08:39:43 2020 +0300 9.3 @@ -51,7 +51,7 @@ 9.4 import sun.security.ssl.SupportedGroupsExtension.NamedGroup; 9.5 import sun.security.ssl.X509Authentication.X509Credentials; 9.6 import sun.security.ssl.X509Authentication.X509Possession; 9.7 -import sun.security.util.HexDumpEncoder; 9.8 +import sun.misc.HexDumpEncoder; 9.9 import sun.security.util.KeyUtil; 9.10 9.11 /**
10.1 --- a/src/share/classes/sun/security/ssl/ECDHClientKeyExchange.java Tue Aug 25 08:35:10 2020 +0300 10.2 +++ b/src/share/classes/sun/security/ssl/ECDHClientKeyExchange.java Tue Aug 25 08:39:43 2020 +0300 10.3 @@ -47,7 +47,7 @@ 10.4 import sun.security.ssl.SupportedGroupsExtension.NamedGroup; 10.5 import sun.security.ssl.X509Authentication.X509Credentials; 10.6 import sun.security.ssl.X509Authentication.X509Possession; 10.7 -import sun.security.util.HexDumpEncoder; 10.8 +import sun.misc.HexDumpEncoder; 10.9 10.10 /** 10.11 * Pack of the "ClientKeyExchange" handshake message.
11.1 --- a/src/share/classes/sun/security/ssl/ECDHServerKeyExchange.java Tue Aug 25 08:35:10 2020 +0300 11.2 +++ b/src/share/classes/sun/security/ssl/ECDHServerKeyExchange.java Tue Aug 25 08:39:43 2020 +0300 11.3 @@ -52,7 +52,7 @@ 11.4 import sun.security.ssl.SupportedGroupsExtension.SupportedGroups; 11.5 import sun.security.ssl.X509Authentication.X509Credentials; 11.6 import sun.security.ssl.X509Authentication.X509Possession; 11.7 -import sun.security.util.HexDumpEncoder; 11.8 +import sun.misc.HexDumpEncoder; 11.9 11.10 /** 11.11 * Pack of the ServerKeyExchange handshake message.
12.1 --- a/src/share/classes/sun/security/ssl/Finished.java Tue Aug 25 08:35:10 2020 +0300 12.2 +++ b/src/share/classes/sun/security/ssl/Finished.java Tue Aug 25 08:39:43 2020 +0300 12.3 @@ -51,7 +51,7 @@ 12.4 import sun.security.ssl.SSLCipher.SSLReadCipher; 12.5 import sun.security.ssl.SSLCipher.SSLWriteCipher; 12.6 import sun.security.ssl.SSLHandshake.HandshakeMessage; 12.7 -import sun.security.util.HexDumpEncoder; 12.8 +import sun.misc.HexDumpEncoder; 12.9 12.10 /** 12.11 * Pack of the Finished handshake message.
13.1 --- a/src/share/classes/sun/security/ssl/HandshakeContext.java Tue Aug 25 08:35:10 2020 +0300 13.2 +++ b/src/share/classes/sun/security/ssl/HandshakeContext.java Tue Aug 25 08:39:43 2020 +0300 13.3 @@ -409,7 +409,7 @@ 13.4 ByteBuffer fragment = ByteBuffer.wrap( 13.5 new byte[plaintext.fragment.remaining()]); 13.6 fragment.put(plaintext.fragment); 13.7 - fragment = fragment.rewind(); 13.8 + fragment = (ByteBuffer)fragment.rewind(); 13.9 13.10 delegatedActions.add(new SimpleImmutableEntry<>( 13.11 handshakeType,
14.1 --- a/src/share/classes/sun/security/ssl/KeyShareExtension.java Tue Aug 25 08:35:10 2020 +0300 14.2 +++ b/src/share/classes/sun/security/ssl/KeyShareExtension.java Tue Aug 25 08:39:43 2020 +0300 14.3 @@ -49,7 +49,7 @@ 14.4 import sun.security.ssl.SupportedGroupsExtension.NamedGroup; 14.5 import sun.security.ssl.SupportedGroupsExtension.NamedGroupType; 14.6 import sun.security.ssl.SupportedGroupsExtension.SupportedGroups; 14.7 -import sun.security.util.HexDumpEncoder; 14.8 +import sun.misc.HexDumpEncoder; 14.9 14.10 /** 14.11 * Pack of the "key_share" extensions.
15.1 --- a/src/share/classes/sun/security/ssl/PredefinedDHParameterSpecs.java Tue Aug 25 08:35:10 2020 +0300 15.2 +++ b/src/share/classes/sun/security/ssl/PredefinedDHParameterSpecs.java Tue Aug 25 08:39:43 2020 +0300 15.3 @@ -288,11 +288,12 @@ 15.4 PROPERTY_NAME + ", definition"); 15.5 } 15.6 } 15.7 + BigInteger TWO = BigInteger.valueOf(2); 15.8 15.9 Map<Integer,DHParameterSpec> tempFFDHEs = new HashMap<>(); 15.10 for (BigInteger p : ffdhePrimes) { 15.11 int primeLen = p.bitLength(); 15.12 - DHParameterSpec dhps = new DHParameterSpec(p, BigInteger.TWO); 15.13 + DHParameterSpec dhps = new DHParameterSpec(p, TWO); 15.14 tempFFDHEs.put(primeLen, dhps); 15.15 defaultParams.putIfAbsent(primeLen, dhps); 15.16 } 15.17 @@ -301,7 +302,7 @@ 15.18 int primeLen = p.bitLength(); 15.19 if (defaultParams.get(primeLen) == null) { 15.20 defaultParams.put(primeLen, 15.21 - new DHParameterSpec(p, BigInteger.TWO)); 15.22 + new DHParameterSpec(p, TWO)); 15.23 } 15.24 } 15.25
16.1 --- a/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java Tue Aug 25 08:35:10 2020 +0300 16.2 +++ b/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java Tue Aug 25 08:39:43 2020 +0300 16.3 @@ -39,7 +39,7 @@ 16.4 import sun.security.ssl.SSLHandshake.HandshakeMessage; 16.5 import sun.security.ssl.X509Authentication.X509Credentials; 16.6 import sun.security.ssl.X509Authentication.X509Possession; 16.7 -import sun.security.util.HexDumpEncoder; 16.8 +import sun.misc.HexDumpEncoder; 16.9 16.10 /** 16.11 * Pack of the "ClientKeyExchange" handshake message.
17.1 --- a/src/share/classes/sun/security/ssl/RSAServerKeyExchange.java Tue Aug 25 08:35:10 2020 +0300 17.2 +++ b/src/share/classes/sun/security/ssl/RSAServerKeyExchange.java Tue Aug 25 08:39:43 2020 +0300 17.3 @@ -45,7 +45,7 @@ 17.4 import sun.security.ssl.SSLHandshake.HandshakeMessage; 17.5 import sun.security.ssl.X509Authentication.X509Credentials; 17.6 import sun.security.ssl.X509Authentication.X509Possession; 17.7 -import sun.security.util.HexDumpEncoder; 17.8 +import sun.misc.HexDumpEncoder; 17.9 17.10 /** 17.11 * Pack of the ServerKeyExchange handshake message.
18.1 --- a/src/share/classes/sun/security/ssl/RandomCookie.java Tue Aug 25 08:35:10 2020 +0300 18.2 +++ b/src/share/classes/sun/security/ssl/RandomCookie.java Tue Aug 25 08:39:43 2020 +0300 18.3 @@ -130,10 +130,10 @@ 18.4 } 18.5 18.6 private boolean isT12Downgrade() { 18.7 - return Arrays.equals(randomBytes, 24, 32, t12Protection, 0, 8); 18.8 + return Utilities.equals(randomBytes, 24, 32, t12Protection, 0, 8); 18.9 } 18.10 18.11 private boolean isT11Downgrade() { 18.12 - return Arrays.equals(randomBytes, 24, 32, t11Protection, 0, 8); 18.13 + return Utilities.equals(randomBytes, 24, 32, t11Protection, 0, 8); 18.14 } 18.15 }
19.1 --- a/src/share/classes/sun/security/ssl/RenegoInfoExtension.java Tue Aug 25 08:35:10 2020 +0300 19.2 +++ b/src/share/classes/sun/security/ssl/RenegoInfoExtension.java Tue Aug 25 08:39:43 2020 +0300 19.3 @@ -470,14 +470,14 @@ 19.4 } 19.5 19.6 byte[] cvd = chc.conContext.clientVerifyData; 19.7 - if (!Arrays.equals(spec.renegotiatedConnection, 19.8 + if (!Utilities.equals(spec.renegotiatedConnection, 19.9 0, cvd.length, cvd, 0, cvd.length)) { 19.10 throw chc.conContext.fatal(Alert.HANDSHAKE_FAILURE, 19.11 "Invalid renegotiation_info in ServerHello: " + 19.12 "unmatched client_verify_data value"); 19.13 } 19.14 byte[] svd = chc.conContext.serverVerifyData; 19.15 - if (!Arrays.equals(spec.renegotiatedConnection, 19.16 + if (!Utilities.equals(spec.renegotiatedConnection, 19.17 cvd.length, infoLen, svd, 0, svd.length)) { 19.18 throw chc.conContext.fatal(Alert.HANDSHAKE_FAILURE, 19.19 "Invalid renegotiation_info in ServerHello: " +
20.1 --- a/src/share/classes/sun/security/ssl/SSLCipher.java Tue Aug 25 08:35:10 2020 +0300 20.2 +++ b/src/share/classes/sun/security/ssl/SSLCipher.java Tue Aug 25 08:39:43 2020 +0300 20.3 @@ -2307,7 +2307,7 @@ 20.4 20.5 // The padding data should be filled with the padding length value. 20.6 int[] results = checkPadding( 20.7 - bb.duplicate().position(offset + newLen), 20.8 + (ByteBuffer)(bb.duplicate()).position(offset + newLen), 20.9 (byte)(padLen & 0xFF)); 20.10 if (protocolVersion.useTLS10PlusSpec()) { 20.11 if (results[0] != 0) { // padding data has invalid bytes
21.1 --- a/src/share/classes/sun/security/ssl/SSLEngineInputRecord.java Tue Aug 25 08:35:10 2020 +0300 21.2 +++ b/src/share/classes/sun/security/ssl/SSLEngineInputRecord.java Tue Aug 25 08:39:43 2020 +0300 21.3 @@ -272,7 +272,7 @@ 21.4 handshakeBuffer.remaining() + fragment.remaining()]); 21.5 bb.put(handshakeBuffer); 21.6 bb.put(fragment); 21.7 - handshakeFrag = bb.rewind(); 21.8 + handshakeFrag = (ByteBuffer)bb.rewind(); 21.9 handshakeBuffer = null; 21.10 } 21.11
22.1 --- a/src/share/classes/sun/security/ssl/SSLExtension.java Tue Aug 25 08:35:10 2020 +0300 22.2 +++ b/src/share/classes/sun/security/ssl/SSLExtension.java Tue Aug 25 08:39:43 2020 +0300 22.3 @@ -33,7 +33,7 @@ 22.4 import java.util.LinkedList; 22.5 import java.util.Locale; 22.6 import sun.security.ssl.SSLHandshake.HandshakeMessage; 22.7 -import sun.security.util.HexDumpEncoder; 22.8 +import sun.misc.HexDumpEncoder; 22.9 22.10 enum SSLExtension implements SSLStringizer { 22.11 // Extensions defined in RFC 6066
23.1 --- a/src/share/classes/sun/security/ssl/SSLExtensions.java Tue Aug 25 08:35:10 2020 +0300 23.2 +++ b/src/share/classes/sun/security/ssl/SSLExtensions.java Tue Aug 25 08:39:43 2020 +0300 23.3 @@ -31,7 +31,7 @@ 23.4 import java.util.*; 23.5 23.6 import sun.security.ssl.SSLHandshake.HandshakeMessage; 23.7 -import sun.security.util.HexDumpEncoder; 23.8 +import sun.misc.HexDumpEncoder; 23.9 23.10 /** 23.11 * SSL/TLS extensions in a handshake message.
24.1 --- a/src/share/classes/sun/security/ssl/SSLLogger.java Tue Aug 25 08:35:10 2020 +0300 24.2 +++ b/src/share/classes/sun/security/ssl/SSLLogger.java Tue Aug 25 08:39:43 2020 +0300 24.3 @@ -29,8 +29,6 @@ 24.4 import java.io.ByteArrayOutputStream; 24.5 import java.io.IOException; 24.6 import java.io.PrintStream; 24.7 -import java.lang.System.Logger; 24.8 -import java.lang.System.Logger.Level; 24.9 import java.nio.ByteBuffer; 24.10 import java.security.cert.Certificate; 24.11 import java.security.cert.Extension; 24.12 @@ -39,10 +37,13 @@ 24.13 import java.text.SimpleDateFormat; 24.14 import java.util.Date; 24.15 import java.util.Locale; 24.16 +import java.util.logging.LogRecord; 24.17 +import java.util.logging.Logger; 24.18 +import java.util.logging.Level; 24.19 import java.util.Map; 24.20 import java.util.ResourceBundle; 24.21 import sun.security.action.GetPropertyAction; 24.22 -import sun.security.util.HexDumpEncoder; 24.23 +import sun.misc.HexDumpEncoder; 24.24 import sun.security.x509.*; 24.25 24.26 /** 24.27 @@ -56,7 +57,7 @@ 24.28 * and non-empty, a private debug logger implemented in this class is used. 24.29 */ 24.30 public final class SSLLogger { 24.31 - private static final System.Logger logger; 24.32 + private static final Logger logger; 24.33 private static final String property; 24.34 public static final boolean isOn; 24.35 24.36 @@ -65,7 +66,7 @@ 24.37 if (p != null) { 24.38 if (p.isEmpty()) { 24.39 property = ""; 24.40 - logger = System.getLogger("javax.net.ssl"); 24.41 + logger = Logger.getLogger("javax.net.ssl"); 24.42 } else { 24.43 property = p.toLowerCase(Locale.ENGLISH); 24.44 if (property.equals("help")) { 24.45 @@ -155,7 +156,7 @@ 24.46 } 24.47 24.48 public static void severe(String msg, Object... params) { 24.49 - SSLLogger.log(Level.ERROR, msg, params); 24.50 + SSLLogger.log(Level.SEVERE, msg, params); 24.51 } 24.52 24.53 public static void warning(String msg, Object... params) { 24.54 @@ -167,11 +168,11 @@ 24.55 } 24.56 24.57 public static void fine(String msg, Object... params) { 24.58 - SSLLogger.log(Level.DEBUG, msg, params); 24.59 + SSLLogger.log(Level.FINE, msg, params); 24.60 } 24.61 24.62 public static void finer(String msg, Object... params) { 24.63 - SSLLogger.log(Level.TRACE, msg, params); 24.64 + SSLLogger.log(Level.FINER, msg, params); 24.65 } 24.66 24.67 public static void finest(String msg, Object... params) { 24.68 @@ -202,53 +203,47 @@ 24.69 } 24.70 } 24.71 24.72 - private static class SSLConsoleLogger implements Logger { 24.73 + private static class SSLConsoleLogger extends Logger { 24.74 private final String loggerName; 24.75 private final boolean useCompactFormat; 24.76 24.77 SSLConsoleLogger(String loggerName, String options) { 24.78 + super(loggerName, null); 24.79 this.loggerName = loggerName; 24.80 options = options.toLowerCase(Locale.ENGLISH); 24.81 this.useCompactFormat = !options.contains("expand"); 24.82 } 24.83 24.84 - @Override 24.85 public String getName() { 24.86 return loggerName; 24.87 } 24.88 24.89 - @Override 24.90 public boolean isLoggable(Level level) { 24.91 return (level != Level.OFF); 24.92 } 24.93 24.94 @Override 24.95 - public void log(Level level, 24.96 - ResourceBundle rb, String message, Throwable thrwbl) { 24.97 - if (isLoggable(level)) { 24.98 + public void log(LogRecord record) { 24.99 + if (isLoggable(record.getLevel())) { 24.100 try { 24.101 - String formatted = 24.102 - SSLSimpleFormatter.format(this, level, message, thrwbl); 24.103 + String formatted = null; 24.104 + if (record.getThrown() != null) { 24.105 + formatted = 24.106 + SSLSimpleFormatter.format(this, record.getLevel(), 24.107 + record.getMessage(), 24.108 + record.getThrown()); 24.109 + } else { 24.110 + formatted = 24.111 + SSLSimpleFormatter.format(this, record.getLevel(), 24.112 + record.getMessage(), 24.113 + record.getParameters()); 24.114 + } 24.115 System.err.write(formatted.getBytes("UTF-8")); 24.116 } catch (Exception exp) { 24.117 // ignore it, just for debugging. 24.118 } 24.119 } 24.120 - } 24.121 - 24.122 - @Override 24.123 - public void log(Level level, 24.124 - ResourceBundle rb, String message, Object... params) { 24.125 - if (isLoggable(level)) { 24.126 - try { 24.127 - String formatted = 24.128 - SSLSimpleFormatter.format(this, level, message, params); 24.129 - System.err.write(formatted.getBytes("UTF-8")); 24.130 - } catch (Exception exp) { 24.131 - // ignore it, just for debugging. 24.132 - } 24.133 - } 24.134 - } 24.135 + }; 24.136 } 24.137 24.138 private static class SSLSimpleFormatter { 24.139 @@ -388,12 +383,15 @@ 24.140 } 24.141 24.142 private static String formatCaller() { 24.143 - return StackWalker.getInstance().walk(s -> 24.144 - s.dropWhile(f -> 24.145 - f.getClassName().startsWith("sun.security.ssl.SSLLogger") || 24.146 - f.getClassName().startsWith("java.lang.System")) 24.147 - .map(f -> f.getFileName() + ":" + f.getLineNumber()) 24.148 - .findFirst().orElse("unknown caller")); 24.149 + StackTraceElement[] stElements = Thread.currentThread().getStackTrace(); 24.150 + for (int i=1; i<stElements.length; i++) { 24.151 + StackTraceElement ste = stElements[i]; 24.152 + if (!ste.getClassName().startsWith(SSLLogger.class.getName()) && 24.153 + !ste.getClassName().startsWith("java.lang.System")) { 24.154 + return ste.getFileName() + ":" + ste.getLineNumber(); 24.155 + } 24.156 + } 24.157 + return "unknown caller"; 24.158 } 24.159 24.160 private static String formatParameters(Object ... parameters) {
25.1 --- a/src/share/classes/sun/security/ssl/SSLSessionContextImpl.java Tue Aug 25 08:35:10 2020 +0300 25.2 +++ b/src/share/classes/sun/security/ssl/SSLSessionContextImpl.java Tue Aug 25 08:39:43 2020 +0300 25.3 @@ -25,6 +25,7 @@ 25.4 25.5 package sun.security.ssl; 25.6 25.7 +import java.security.AccessController; 25.8 import java.util.ArrayList; 25.9 import java.util.Collections; 25.10 import java.util.Enumeration; 25.11 @@ -199,9 +200,9 @@ 25.12 25.13 private static int getDefaultCacheLimit() { 25.14 try { 25.15 - int defaultCacheLimit = GetIntegerAction.privilegedGetProperty( 25.16 - "javax.net.ssl.sessionCacheSize", DEFAULT_MAX_CACHE_SIZE); 25.17 - 25.18 + int defaultCacheLimit = AccessController.doPrivileged( 25.19 + new GetIntegerAction("javax.net.ssl.sessionCacheSize", 25.20 + DEFAULT_MAX_CACHE_SIZE)); 25.21 if (defaultCacheLimit >= 0) { 25.22 return defaultCacheLimit; 25.23 } else if (SSLLogger.isOn && SSLLogger.isOn("ssl")) {
26.1 --- a/src/share/classes/sun/security/ssl/SSLSocketImpl.java Tue Aug 25 08:35:10 2020 +0300 26.2 +++ b/src/share/classes/sun/security/ssl/SSLSocketImpl.java Tue Aug 25 08:39:43 2020 +0300 26.3 @@ -1,5 +1,5 @@ 26.4 /* 26.5 - * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved. 26.6 + * Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved. 26.7 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 26.8 * 26.9 * This code is free software; you can redistribute it and/or modify it 26.10 @@ -47,8 +47,7 @@ 26.11 import javax.net.ssl.SSLServerSocket; 26.12 import javax.net.ssl.SSLSession; 26.13 import javax.net.ssl.SSLSocket; 26.14 -import jdk.internal.misc.JavaNetInetAddressAccess; 26.15 -import jdk.internal.misc.SharedSecrets; 26.16 +import sun.misc.SharedSecrets; 26.17 26.18 /** 26.19 * Implementation of an SSL socket. 26.20 @@ -1228,9 +1227,7 @@ 26.21 return; 26.22 } 26.23 26.24 - JavaNetInetAddressAccess jna = 26.25 - SharedSecrets.getJavaNetInetAddressAccess(); 26.26 - String originalHostname = jna.getOriginalHostName(inetAddress); 26.27 + String originalHostname = SharedSecrets.getJavaNetAccess().getOriginalHostName(inetAddress); 26.28 if (originalHostname != null && !originalHostname.isEmpty()) { 26.29 26.30 this.peerHost = originalHostname;
27.1 --- a/src/share/classes/sun/security/ssl/SSLSocketInputRecord.java Tue Aug 25 08:35:10 2020 +0300 27.2 +++ b/src/share/classes/sun/security/ssl/SSLSocketInputRecord.java Tue Aug 25 08:39:43 2020 +0300 27.3 @@ -287,7 +287,7 @@ 27.4 handshakeBuffer.remaining() + fragment.remaining()]); 27.5 bb.put(handshakeBuffer); 27.6 bb.put(fragment); 27.7 - handshakeFrag = bb.rewind(); 27.8 + handshakeFrag = (ByteBuffer)bb.rewind(); 27.9 handshakeBuffer = null; 27.10 } 27.11
28.1 --- a/src/share/classes/sun/security/ssl/SignatureAlgorithmsExtension.java Tue Aug 25 08:35:10 2020 +0300 28.2 +++ b/src/share/classes/sun/security/ssl/SignatureAlgorithmsExtension.java Tue Aug 25 08:39:43 2020 +0300 28.3 @@ -29,6 +29,7 @@ 28.4 import java.nio.ByteBuffer; 28.5 import java.text.MessageFormat; 28.6 import java.util.Arrays; 28.7 +import java.util.Collections; 28.8 import java.util.LinkedList; 28.9 import java.util.List; 28.10 import java.util.Locale; 28.11 @@ -408,10 +409,11 @@ 28.12 } 28.13 28.14 // Produce the extension. 28.15 + List<ProtocolVersion> protocols = Arrays.asList(shc.negotiatedProtocol); 28.16 + protocols = Collections.unmodifiableList(protocols); 28.17 List<SignatureScheme> sigAlgs = 28.18 SignatureScheme.getSupportedAlgorithms( 28.19 - shc.algorithmConstraints, 28.20 - List.of(shc.negotiatedProtocol)); 28.21 + shc.algorithmConstraints, protocols); 28.22 28.23 int vectorLen = SignatureScheme.sizeInRecord() * sigAlgs.size(); 28.24 byte[] extData = new byte[vectorLen + 2];
29.1 --- a/src/share/classes/sun/security/ssl/SunJSSE.java Tue Aug 25 08:35:10 2020 +0300 29.2 +++ b/src/share/classes/sun/security/ssl/SunJSSE.java Tue Aug 25 08:39:43 2020 +0300 29.3 @@ -26,6 +26,8 @@ 29.4 29.5 package sun.security.ssl; 29.6 29.7 +import static sun.security.util.SecurityConstants.PROVIDER_VER; 29.8 + 29.9 import java.security.*; 29.10 29.11 /** 29.12 @@ -132,7 +134,7 @@ 29.13 29.14 private SunJSSE(java.security.Provider cryptoProvider, 29.15 String providerName) { 29.16 - super("SunJSSE", 1.8d, fipsInfo + providerName + ")"); 29.17 + super("SunJSSE", PROVIDER_VER, fipsInfo + providerName + ")"); 29.18 subclassCheck(); 29.19 if (cryptoProvider == null) { 29.20 // Calling Security.getProvider() will cause other providers to be
30.1 --- a/src/share/classes/sun/security/ssl/TransportContext.java Tue Aug 25 08:35:10 2020 +0300 30.2 +++ b/src/share/classes/sun/security/ssl/TransportContext.java Tue Aug 25 08:39:43 2020 +0300 30.3 @@ -613,8 +613,7 @@ 30.4 null, 30.5 new NotifyHandshake(sslConfig.handshakeListeners, hce), 30.6 "HandshakeCompletedNotify-Thread", 30.7 - 0, 30.8 - false); 30.9 + 0); 30.10 thread.start(); 30.11 } 30.12
31.1 --- a/src/share/classes/sun/security/ssl/Utilities.java Tue Aug 25 08:35:10 2020 +0300 31.2 +++ b/src/share/classes/sun/security/ssl/Utilities.java Tue Aug 25 08:39:43 2020 +0300 31.3 @@ -232,4 +232,41 @@ 31.4 } 31.5 return b; 31.6 } 31.7 + 31.8 + /** 31.9 + * Checks that {@code fromIndex} and {@code toIndex} are in 31.10 + * the range and throws an exception if they aren't. 31.11 + */ 31.12 + private static void rangeCheck(int arrayLength, int fromIndex, int toIndex) { 31.13 + if (fromIndex > toIndex) { 31.14 + throw new IllegalArgumentException( 31.15 + "fromIndex(" + fromIndex + ") > toIndex(" + toIndex + ")"); 31.16 + } 31.17 + if (fromIndex < 0) { 31.18 + throw new ArrayIndexOutOfBoundsException(fromIndex); 31.19 + } 31.20 + if (toIndex > arrayLength) { 31.21 + throw new ArrayIndexOutOfBoundsException(toIndex); 31.22 + } 31.23 + } 31.24 + 31.25 + /** 31.26 + * Returns true if the two specified arrays of bytes, over the specified 31.27 + * ranges, are <i>equal</i> to one another. 31.28 + */ 31.29 + static boolean equals(byte[] arr1, int st1, int end1, byte[] arr2, int st2, int end2) { 31.30 + rangeCheck(arr1.length, st1, end1); 31.31 + rangeCheck(arr2.length, st2, end2); 31.32 + 31.33 + int aLength = end1 - st1; 31.34 + int bLength = end2 - st2; 31.35 + if (aLength != bLength) 31.36 + return false; 31.37 + 31.38 + for(int i=0; i<aLength; i++) 31.39 + if(arr1[i + st1] != arr2[i + st2]) 31.40 + return false; 31.41 + return true; 31.42 + } 31.43 + 31.44 }
32.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 32.2 +++ b/src/share/classes/sun/security/util/MessageDigestSpi2.java Tue Aug 25 08:39:43 2020 +0300 32.3 @@ -0,0 +1,44 @@ 32.4 +/* 32.5 + * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. 32.6 + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 32.7 + * 32.8 + * This code is free software; you can redistribute it and/or modify it 32.9 + * under the terms of the GNU General Public License version 2 only, as 32.10 + * published by the Free Software Foundation. Oracle designates this 32.11 + * particular file as subject to the "Classpath" exception as provided 32.12 + * by Oracle in the LICENSE file that accompanied this code. 32.13 + * 32.14 + * This code is distributed in the hope that it will be useful, but WITHOUT 32.15 + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 32.16 + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 32.17 + * version 2 for more details (a copy is included in the LICENSE file that 32.18 + * accompanied this code). 32.19 + * 32.20 + * You should have received a copy of the GNU General Public License version 32.21 + * 2 along with this work; if not, write to the Free Software Foundation, 32.22 + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 32.23 + * 32.24 + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 32.25 + * or visit www.oracle.com if you need additional information or have any 32.26 + * questions. 32.27 + */ 32.28 + 32.29 +package sun.security.util; 32.30 + 32.31 +import java.security.InvalidKeyException; 32.32 +import javax.crypto.SecretKey; 32.33 + 32.34 +/** 32.35 + * Special interface for additional MessageDigestSpi method(s). 32.36 + */ 32.37 +public interface MessageDigestSpi2 { 32.38 + 32.39 + /** 32.40 + * Updates the digest using the specified key. 32.41 + * This is used for SSL 3.0 only, we may deprecate and remove the support 32.42 + * of this in the future 32.43 + * 32.44 + * @param key the key whose value is to be digested. 32.45 + */ 32.46 + void engineUpdate(SecretKey key) throws InvalidKeyException; 32.47 +}
33.1 --- a/src/share/classes/sun/security/util/SecurityConstants.java Tue Aug 25 08:35:10 2020 +0300 33.2 +++ b/src/share/classes/sun/security/util/SecurityConstants.java Tue Aug 25 08:39:43 2020 +0300 33.3 @@ -227,4 +227,6 @@ 33.4 // java.lang.SecurityManager 33.5 public static final SocketPermission LOCAL_LISTEN_PERMISSION = 33.6 new SocketPermission("localhost:0", SOCKET_LISTEN_ACTION); 33.7 + 33.8 + public static final Double PROVIDER_VER = 1.8d; 33.9 }