diff --git a/8295068-SSLEngine-throws-NPE-parsing-CertificateRequ.patch b/8295068-SSLEngine-throws-NPE-parsing-CertificateRequ.patch deleted file mode 100644 index 6be4b395d62f36ef1fbb912f5cd490d266160b58..0000000000000000000000000000000000000000 --- a/8295068-SSLEngine-throws-NPE-parsing-CertificateRequ.patch +++ /dev/null @@ -1,23 +0,0 @@ -From 32dbeb16c3fd9e63ebc16b69861b15bb6d2f48bb Mon Sep 17 00:00:00 2001 -Subject: 8295068: SSLEngine throws NPE parsing CertificateRequests - ---- - .../share/classes/sun/security/ssl/CertificateRequest.java | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/java.base/share/classes/sun/security/ssl/CertificateRequest.java b/src/java.base/share/classes/sun/security/ssl/CertificateRequest.java -index 4def03c67..1f6147e4a 100644 ---- a/src/java.base/share/classes/sun/security/ssl/CertificateRequest.java -+++ b/src/java.base/share/classes/sun/security/ssl/CertificateRequest.java -@@ -136,7 +136,7 @@ final class CertificateRequest { - ArrayList keyTypes = new ArrayList<>(3); - for (byte id : ids) { - ClientCertificateType cct = ClientCertificateType.valueOf(id); -- if (cct.isAvailable) { -+ if (cct != null && cct.isAvailable) { - cct.keyAlgorithm.forEach(key -> { - if (!keyTypes.contains(key)) { - keyTypes.add(key); --- -2.22.0 - diff --git a/jdk-updates-jdk17u-jdk-17.0.10+7.tar.gz b/jdk-updates-jdk17u-jdk-17.0.11+9.tar.gz similarity index 73% rename from jdk-updates-jdk17u-jdk-17.0.10+7.tar.gz rename to jdk-updates-jdk17u-jdk-17.0.11+9.tar.gz index 184d8270104af62eae77b4f8cfc4a98b73e0c8f8..c5cd2dc37dd573e10e709a0e68efccdb870f0e20 100644 Binary files a/jdk-updates-jdk17u-jdk-17.0.10+7.tar.gz and b/jdk-updates-jdk17u-jdk-17.0.11+9.tar.gz differ diff --git a/openjdk-17.spec b/openjdk-17.spec index ecbbfee374a546c9f1e4d7fdb8e37938e7f5dabf..24e8021e72a007f212837ebbdfd4a618408e8417 100644 --- a/openjdk-17.spec +++ b/openjdk-17.spec @@ -161,7 +161,7 @@ # Used via new version scheme. JDK 17 was # GA'ed in March 2021 => 21.9 %global vendor_version_string 21.9 -%global securityver 10 +%global securityver 11 # buildjdkver is usually same as %%{majorver}, # but in time of bootstrap of next jdk, it is majorver-1, # and this it is better to change it here, on single place @@ -183,7 +183,7 @@ %global origin_nice OpenJDK %global top_level_dir_name %{origin} %global minorver 0 -%global buildver 7 +%global buildver 9 # priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit %if %is_system_jdk %global priority %( printf '%02d%02d%02d%02d' %{majorver} %{minorver} %{securityver} %{buildver} ) @@ -893,7 +893,7 @@ Provides: java-src%{?1} = %{epoch}:%{version}-%{release} Name: java-%{javaver}-%{origin} Version: %{newjavaver}.%{buildver} -Release: 2 +Release: 0 # java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons # and this change was brought into RHEL-4. java-1.5.0-ibm packages @@ -995,7 +995,6 @@ Patch31: add-8292296-Use-multiple-threads-to-process-Par.patch Patch32: fix-cds-SignedJar_java-test-fails.patch # 17.0.9 -Patch33: 8295068-SSLEngine-throws-NPE-parsing-CertificateRequ.patch Patch36: 8314236-Overflow-in-Collections.rotate.patch Patch41: 8312200-Fix-Parse-catch_call_exceptions-memory-leak.patch Patch42: Add-problemlist.patch @@ -1252,7 +1251,6 @@ pushd %{top_level_dir_name} %patch30 -p1 %patch31 -p1 %patch32 -p1 -%patch33 -p1 %patch36 -p1 %patch41 -p1 %patch42 -p1 @@ -1822,6 +1820,10 @@ cjc.mainProgram(arg) %changelog +* Thu Apr 18 2024 Autistic_boyya - 1:17.0.11.9-0.rolling +- del 8295068-SSLEngine-throws-NPE-parsing-CertificateRequ.patch +- modify puyuan-jdk17.0.9-patch.patch + * Mon Feb 26 2024 misaka00251 - 1:17.0.10.9-2 - Remove riscv64 support patch, already upstreamed diff --git a/puyuan-jdk17.0.9-patch.patch b/puyuan-jdk17.0.9-patch.patch index 0d34bd63ce46a06f6dae82f0135067248b75b925..f70f91117abc92c214497ebec6cdb1373fc2d7ac 100644 --- a/puyuan-jdk17.0.9-patch.patch +++ b/puyuan-jdk17.0.9-patch.patch @@ -175,20 +175,6 @@ index 6c6ded24c..823aa6975 100644 static volatile bool _has_work; -diff --git a/src/hotspot/share/gc/shenandoah/shenandoahFullGC.cpp b/src/hotspot/share/gc/shenandoah/shenandoahFullGC.cpp -index 26c31356f..5e0b3ebdb 100644 ---- a/src/hotspot/share/gc/shenandoah/shenandoahFullGC.cpp -+++ b/src/hotspot/share/gc/shenandoah/shenandoahFullGC.cpp -@@ -908,6 +908,9 @@ public: - // Make empty regions that have been allocated into regular - if (r->is_empty() && live > 0) { - r->make_regular_bypass(); -+ if (ZapUnusedHeapArea) { -+ SpaceMangler::mangle_region(MemRegion(r->top(), r->end())); -+ } - } - - // Reclaim regular regions that became empty diff --git a/src/hotspot/share/opto/compile.cpp b/src/hotspot/share/opto/compile.cpp index 4b22284f9..56471d69a 100644 --- a/src/hotspot/share/opto/compile.cpp @@ -258,21 +244,6 @@ index d47a1d260..7e16e6a67 100644 private class ZipEntryIterator implements Enumeration, Iterator { -diff --git a/src/java.base/share/classes/sun/security/pkcs/PKCS7.java b/src/java.base/share/classes/sun/security/pkcs/PKCS7.java -index f7df9934f..44df67ec0 100644 ---- a/src/java.base/share/classes/sun/security/pkcs/PKCS7.java -+++ b/src/java.base/share/classes/sun/security/pkcs/PKCS7.java -@@ -153,7 +153,9 @@ public class PKCS7 { - ContentInfo block = new ContentInfo(derin, oldStyle); - contentType = block.contentType; - DerValue content = block.getContent(); -- -+ if (content == null) { -+ throw new ParsingException("content is null"); -+ } - if (contentType.equals(ContentInfo.SIGNED_DATA_OID)) { - parseSignedData(content); - } else if (contentType.equals(ContentInfo.OLD_SIGNED_DATA_OID)) { diff --git a/src/java.base/windows/classes/java/io/WinNTFileSystem.java b/src/java.base/windows/classes/java/io/WinNTFileSystem.java index 0fabd6f2b..d910beb44 100644 --- a/src/java.base/windows/classes/java/io/WinNTFileSystem.java @@ -368,63 +339,6 @@ diff --git a/src/java.desktop/windows/native/libjsound/PLATFORM_API_WinOS_Direct index ea188e934..8585eda01 100644 --- a/src/java.desktop/windows/native/libjsound/PLATFORM_API_WinOS_DirectSound.cpp +++ b/src/java.desktop/windows/native/libjsound/PLATFORM_API_WinOS_DirectSound.cpp -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -184,6 +184,12 @@ INT32 DAUDIO_GetDirectAudioDeviceCount() { - return 0; - } - -+ HRESULT hr = ::CoInitializeEx(NULL, COINIT_MULTITHREADED | COINIT_DISABLE_OLE1DDE); -+ if (FAILED(hr) && hr != RPC_E_CHANGED_MODE) { -+ DS_unlockCache(); -+ return 0; -+ } -+ - if (g_lastCacheRefreshTime == 0 - || (UINT64) timeGetTime() > (UINT64) (g_lastCacheRefreshTime + WAIT_BETWEEN_CACHE_REFRESH_MILLIS)) { - /* first, initialize any old cache items */ -@@ -224,6 +230,11 @@ INT32 DAUDIO_GetDirectAudioDeviceCount() { - - g_lastCacheRefreshTime = (UINT64) timeGetTime(); - } -+ -+ if (hr != RPC_E_CHANGED_MODE) { -+ ::CoUninitialize(); -+ } -+ - DS_unlockCache(); - /*TRACE1("DirectSound: %d installed devices\n", g_mixerCount);*/ - return g_mixerCount; -@@ -258,6 +269,13 @@ INT32 DAUDIO_GetDirectAudioDeviceDescription(INT32 mixerIndex, DirectAudioDevice - DS_unlockCache(); - return FALSE; - } -+ -+ HRESULT hr = ::CoInitializeEx(NULL, COINIT_MULTITHREADED | COINIT_DISABLE_OLE1DDE); -+ if (FAILED(hr) && hr != RPC_E_CHANGED_MODE) { -+ DS_unlockCache(); -+ return 0; -+ } -+ - desc->maxSimulLines = 0; - if (g_audioDeviceCache[desc->deviceID].isSource) { - DirectSoundEnumerateW((LPDSENUMCALLBACKW) DS_GetDescEnum, desc); -@@ -267,6 +285,10 @@ INT32 DAUDIO_GetDirectAudioDeviceDescription(INT32 mixerIndex, DirectAudioDevice - strncpy(desc->description, "DirectSound Capture", DAUDIO_STRING_LENGTH); - } - -+ if (hr != RPC_E_CHANGED_MODE) { -+ ::CoUninitialize(); -+ } -+ - /*desc->vendor; - desc->version;*/ - @@ -357,7 +379,7 @@ typedef struct { } DS_Info; @@ -447,26 +361,6 @@ index 5a229ed1e..ec9734d7c 100644 nested = th; this.location = location; } -diff --git a/test/hotspot/jtreg/gc/arguments/TestArrayAllocatorMallocLimit.java b/test/hotspot/jtreg/gc/arguments/TestArrayAllocatorMallocLimit.java -index ca4d2d5d7..b66a43d85 100644 ---- a/test/hotspot/jtreg/gc/arguments/TestArrayAllocatorMallocLimit.java -+++ b/test/hotspot/jtreg/gc/arguments/TestArrayAllocatorMallocLimit.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2014, 2020, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2014, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -52,7 +52,7 @@ public class TestArrayAllocatorMallocLimit { - private static final String printFlagsFinalPattern = " *size_t *" + flagName + " *:?= *(\\d+) *\\{experimental\\} *"; - - public static void testDefaultValue() throws Exception { -- ProcessBuilder pb = GCArguments.createJavaProcessBuilder( -+ ProcessBuilder pb = GCArguments.createTestJvm( - "-XX:+UnlockExperimentalVMOptions", "-XX:+PrintFlagsFinal", "-version"); - - OutputAnalyzer output = new OutputAnalyzer(pb.start()); diff --git a/test/hotspot/jtreg/runtime/CommandLine/UnrecognizedProperty.java b/test/hotspot/jtreg/runtime/CommandLine/UnrecognizedProperty.java new file mode 100644 index 000000000..78ec54bbc @@ -1028,759 +922,4 @@ index 000000000..0997f1f45 + assertEquals(file.isAbsolute(), that.isAbsolute()); + } +} -diff --git a/test/jdk/javax/sound/sampled/Lines/OpenLineAfterScreenLock.java b/test/jdk/javax/sound/sampled/Lines/OpenLineAfterScreenLock.java -new file mode 100644 -index 000000000..c9bb4c4ee ---- /dev/null -+++ b/test/jdk/javax/sound/sampled/Lines/OpenLineAfterScreenLock.java -@@ -0,0 +1,144 @@ -+/* -+ * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. -+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. -+ * -+ * This code is free software; you can redistribute it and/or modify it -+ * under the terms of the GNU General Public License version 2 only, as -+ * published by the Free Software Foundation. -+ * -+ * This code is distributed in the hope that it will be useful, but WITHOUT -+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or -+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License -+ * version 2 for more details (a copy is included in the LICENSE file that -+ * accompanied this code). -+ * -+ * You should have received a copy of the GNU General Public License version -+ * 2 along with this work; if not, write to the Free Software Foundation, -+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -+ * -+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA -+ * or visit www.oracle.com if you need additional information or have any -+ * questions. -+ */ -+ -+import java.awt.BorderLayout; -+import java.awt.event.WindowAdapter; -+import java.awt.event.WindowEvent; -+import java.util.Arrays; -+import java.util.concurrent.CountDownLatch; -+import java.util.concurrent.TimeUnit; -+ -+import javax.sound.sampled.AudioSystem; -+import javax.sound.sampled.Line; -+import javax.sound.sampled.LineUnavailableException; -+import javax.sound.sampled.Mixer; -+import javax.sound.sampled.TargetDataLine; -+import javax.swing.JButton; -+import javax.swing.JFileChooser; -+import javax.swing.JFrame; -+import javax.swing.JScrollPane; -+import javax.swing.JTextArea; -+ -+import static javax.swing.SwingUtilities.invokeAndWait; -+ -+/* -+ * @test -+ * @bug 8301846 -+ * @requires (os.family == "windows") -+ * @summary Sound recording fails after screen lock and unlock. -+ * @run main/manual OpenLineAfterScreenLock -+ */ -+public class OpenLineAfterScreenLock { -+ -+ private static final String INSTRUCTIONS = String.join(System.lineSeparator(), -+ "This test verifies it can record sound from the first sound capture device after", -+ "locking and unlocking the screen. The first part of the test has already completed.", -+ "", -+ "Lock the screen and unlock it. Then click Continue to complete the test.", -+ "", -+ "The test will finish automatically." -+ ); -+ -+ private static final CountDownLatch latch = new CountDownLatch(1); -+ -+ private static JFrame frame; -+ -+ public static void main(String[] args) throws Exception { -+ try { -+ runTest(); -+ -+ // Creating JFileChooser initializes COM -+ // which affects ability to open audio lines -+ new JFileChooser(); -+ -+ invokeAndWait(OpenLineAfterScreenLock::createInstructionsUI); -+ if (!latch.await(2, TimeUnit.MINUTES)) { -+ throw new RuntimeException("Test failed: Test timed out!!"); -+ } -+ -+ runTest(); -+ } finally { -+ invokeAndWait(() -> { -+ if (frame != null) { -+ frame.dispose(); -+ } -+ }); -+ } -+ System.out.println("Test Passed"); -+ } -+ -+ private static void runTest() { -+ try { -+ Mixer mixer = getMixer(); -+ TargetDataLine line = -+ (TargetDataLine) mixer.getLine(mixer.getTargetLineInfo()[0]); -+ line.open(); -+ line.close(); -+ } catch (LineUnavailableException e) { -+ throw new RuntimeException("Test failed: Line unavailable", e); -+ } -+ } -+ -+ private static Mixer getMixer() { -+ return Arrays.stream(AudioSystem.getMixerInfo()) -+ .map(AudioSystem::getMixer) -+ .filter(OpenLineAfterScreenLock::isRecordingDevice) -+ .skip(1) // Skip the primary driver and choose one directly -+ .findAny() -+ .orElseThrow(); -+ } -+ -+ private static boolean isRecordingDevice(Mixer mixer) { -+ Line.Info[] lineInfos = mixer.getTargetLineInfo(); -+ return lineInfos.length > 0 -+ && lineInfos[0].getLineClass() == TargetDataLine.class; -+ } -+ -+ private static void createInstructionsUI() { -+ frame = new JFrame("Instructions for OpenLineAfterScreenLock"); -+ -+ JTextArea textArea = new JTextArea(INSTRUCTIONS); -+ textArea.setEditable(false); -+ -+ JScrollPane pane = new JScrollPane(textArea); -+ frame.getContentPane().add(pane, BorderLayout.NORTH); -+ -+ JButton button = new JButton("Continue"); -+ button.addActionListener(e -> latch.countDown()); -+ frame.getContentPane().add(button, BorderLayout.PAGE_END); -+ -+ frame.pack(); -+ frame.setLocationRelativeTo(null); -+ -+ frame.addWindowListener(new CloseWindowHandler()); -+ frame.setVisible(true); -+ } -+ -+ private static class CloseWindowHandler extends WindowAdapter { -+ @Override -+ public void windowClosing(WindowEvent e) { -+ latch.countDown(); -+ throw new RuntimeException("Test window closed abruptly"); -+ } -+ } -+} -diff --git a/test/jdk/sun/security/pkcs11/MessageDigest/TestCloning.java b/test/jdk/sun/security/pkcs11/MessageDigest/TestCloning.java -index c37f6d332..58635671f 100644 ---- a/test/jdk/sun/security/pkcs11/MessageDigest/TestCloning.java -+++ b/test/jdk/sun/security/pkcs11/MessageDigest/TestCloning.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2012, 2020, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2012, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -39,6 +39,8 @@ import java.util.Arrays; - import java.util.Random; - import java.util.List; - -+import jtreg.SkippedException; -+ - public class TestCloning extends PKCS11Test { - - public static void main(String[] args) throws Exception { -@@ -57,15 +59,31 @@ public class TestCloning extends PKCS11Test { - r.nextBytes(data1); - r.nextBytes(data2); - System.out.println("Testing against provider " + p.getName()); -+ -+ boolean skipTest = true; -+ - for (String alg : ALGS) { -- System.out.println("Testing " + alg); -+ System.out.println("Digest algo: " + alg); - MessageDigest md = MessageDigest.getInstance(alg, p); -- md = testCloning(md, p); -+ try { -+ md = testCloning(md, p);; -+ } catch (CloneNotSupportedException cnse) { -+ // skip test if clone isn't supported -+ System.out.println("=> Clone not supported; skip!"); -+ continue; -+ } -+ -+ // start testing below -+ skipTest = false; -+ - // repeat the test again after generating digest once - for (int j = 0; j < 10; j++) { - md = testCloning(md, p); - } - } -+ if (skipTest) { -+ throw new SkippedException("Test Skipped!"); -+ } - } - - private static MessageDigest testCloning(MessageDigest mdObj, Provider p) -@@ -125,4 +143,3 @@ public class TestCloning extends PKCS11Test { - } - } - } -- -diff --git a/test/jdk/sun/security/pkcs11/PSSUtil.java b/test/jdk/sun/security/pkcs11/PSSUtil.java -new file mode 100644 -index 000000000..d1848804f ---- /dev/null -+++ b/test/jdk/sun/security/pkcs11/PSSUtil.java -@@ -0,0 +1,84 @@ -+/* -+ * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved. -+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. -+ * -+ * This code is free software; you can redistribute it and/or modify it -+ * under the terms of the GNU General Public License version 2 only, as -+ * published by the Free Software Foundation. -+ * -+ * This code is distributed in the hope that it will be useful, but WITHOUT -+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or -+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License -+ * version 2 for more details (a copy is included in the LICENSE file that -+ * accompanied this code). -+ * -+ * You should have received a copy of the GNU General Public License version -+ * 2 along with this work; if not, write to the Free Software Foundation, -+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -+ * -+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA -+ * or visit www.oracle.com if you need additional information or have any -+ * questions. -+ */ -+import java.security.KeyPair; -+import java.security.KeyPairGenerator; -+import java.security.MessageDigest; -+import java.security.NoSuchAlgorithmException; -+import java.security.Provider; -+import java.security.Signature; -+ -+public class PSSUtil { -+ -+ /** -+ * ALGORITHM name, fixed as RSA for PKCS11 -+ */ -+ private static final String KEYALG = "RSA"; -+ private static final String SIGALG = "RSASSA-PSS"; -+ -+ public static enum AlgoSupport { -+ NO, MAYBE, YES -+ }; -+ -+ public static boolean isSignatureSupported(Provider p) { -+ try { -+ Signature.getInstance(SIGALG, p); -+ return true; -+ } catch (NoSuchAlgorithmException e) { -+ System.out.println("Skip testing " + SIGALG + -+ " due to no support"); -+ return false; -+ } -+ } -+ -+ public static AlgoSupport isHashSupported(Provider p, String... hashAlgs) { -+ -+ AlgoSupport status = AlgoSupport.YES; -+ for (String h : hashAlgs) { -+ String sigAlg = (h.startsWith("SHA3-") ? -+ h : h.replace("-", "")) + "with" + SIGALG; -+ try { -+ Signature.getInstance(sigAlg, p); -+ // Yes, proceed to check next hash algorithm -+ continue; -+ } catch (NoSuchAlgorithmException e) { -+ // continue trying other checks -+ } -+ try { -+ MessageDigest.getInstance(h, p); -+ status = AlgoSupport.MAYBE; -+ } catch (NoSuchAlgorithmException e) { -+ // if not supported as a standalone digest algo, chance of it -+ // being supported by PSS is very very low -+ return AlgoSupport.NO; -+ } -+ } -+ return status; -+ } -+ -+ public static KeyPair generateKeys(Provider p, int size) -+ throws NoSuchAlgorithmException { -+ KeyPairGenerator kpg = KeyPairGenerator.getInstance(KEYALG, p); -+ kpg.initialize(size); -+ return kpg.generateKeyPair(); -+ } -+} -diff --git a/test/jdk/sun/security/pkcs11/Signature/KeyAndParamCheckForPSS.java b/test/jdk/sun/security/pkcs11/Signature/KeyAndParamCheckForPSS.java -index f1c0492b5..adf7a0890 100644 ---- a/test/jdk/sun/security/pkcs11/Signature/KeyAndParamCheckForPSS.java -+++ b/test/jdk/sun/security/pkcs11/Signature/KeyAndParamCheckForPSS.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2019, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -24,6 +24,8 @@ import java.security.*; - import java.security.interfaces.*; - import java.security.spec.*; - -+import jtreg.SkippedException; -+ - /** - * @test - * @bug 8080462 8226651 8242332 -@@ -35,25 +37,19 @@ import java.security.spec.*; - */ - public class KeyAndParamCheckForPSS extends PKCS11Test { - -- /** -- * ALGORITHM name, fixed as RSA for PKCS11 -- */ -- private static final String KEYALG = "RSA"; - private static final String SIGALG = "RSASSA-PSS"; - - public static void main(String[] args) throws Exception { - main(new KeyAndParamCheckForPSS(), args); - } - -+ private static boolean skipTest = true; -+ - @Override - public void main(Provider p) throws Exception { -- Signature sig; -- try { -- sig = Signature.getInstance(SIGALG, p); -- } catch (NoSuchAlgorithmException e) { -- System.out.println("Skip testing RSASSA-PSS" + -- " due to no support"); -- return; -+ if (!PSSUtil.isSignatureSupported(p)) { -+ throw new SkippedException("Skip due to no support for " + -+ SIGALG); - } - - // NOTE: key length >= (digest length + 2) in bytes -@@ -76,27 +72,26 @@ public class KeyAndParamCheckForPSS extends PKCS11Test { - runTest(p, 1040, "SHA3-512", "SHA3-256"); - runTest(p, 1040, "SHA3-512", "SHA3-384"); - runTest(p, 1040, "SHA3-512", "SHA3-512"); -+ -+ if (skipTest) { -+ throw new SkippedException("Test Skipped"); -+ } - } - -- private void runTest(Provider p, int keySize, String hashAlg, -+ private static void runTest(Provider p, int keySize, String hashAlg, - String mgfHashAlg) throws Exception { - -- // skip further test if this provider does not support hashAlg or -- // mgfHashAlg -- try { -- MessageDigest.getInstance(hashAlg, p); -- MessageDigest.getInstance(mgfHashAlg, p); -- } catch (NoSuchAlgorithmException nsae) { -- System.out.println("No support for " + hashAlg + ", skip"); -+ System.out.println("Testing " + hashAlg + " and MGF1" + mgfHashAlg); -+ PSSUtil.AlgoSupport s = PSSUtil.isHashSupported(p, hashAlg, mgfHashAlg); -+ if (s == PSSUtil.AlgoSupport.NO) { -+ System.out.println("=> Skip; no support"); - return; - } - -- System.out.println("Testing [" + keySize + " " + hashAlg + "]"); -+ Signature sig = Signature.getInstance(SIGALG, p); - - // create a key pair with the supplied size -- KeyPairGenerator kpg = KeyPairGenerator.getInstance(KEYALG, p); -- kpg.initialize(keySize); -- KeyPair kp = kpg.generateKeyPair(); -+ KeyPair kp = PSSUtil.generateKeys(p, keySize); - - int bigSaltLen = keySize/8 - 14; - AlgorithmParameterSpec paramsBad = new PSSParameterSpec(hashAlg, -@@ -108,58 +103,71 @@ public class KeyAndParamCheckForPSS extends PKCS11Test { - PublicKey pub = kp.getPublic(); - - // test#1 - setParameter then initSign -- Signature sig = Signature.getInstance("RSASSA-PSS", p); -- sig.setParameter(paramsBad); -+ sig = Signature.getInstance(SIGALG, p); -+ try { -+ sig.setParameter(paramsGood); -+ sig.initSign(priv); -+ // algorithm support confirmed -+ skipTest = false; -+ } catch (Exception ex) { -+ if (s == PSSUtil.AlgoSupport.MAYBE) { -+ // confirmed to be unsupported; skip the rest of the test -+ System.out.println("=> Skip; no PSS support"); -+ return; -+ } else { -+ throw new RuntimeException("Unexpected Exception", ex); -+ } -+ } -+ -+ sig = Signature.getInstance(SIGALG, p); - try { -+ sig.setParameter(paramsBad); - sig.initSign(priv); - throw new RuntimeException("Expected IKE not thrown"); - } catch (InvalidKeyException ike) { -- System.out.println("test#1: got expected IKE"); -+ // expected - } - -+ // test#2 - setParameter then initVerify -+ sig = Signature.getInstance(SIGALG, p); - sig.setParameter(paramsGood); -- sig.initSign(priv); -- System.out.println("test#1: pass"); -+ sig.initVerify(pub); - -- // test#2 - setParameter then initVerify -- sig = Signature.getInstance("RSASSA-PSS", p); -- sig.setParameter(paramsBad); -+ sig = Signature.getInstance(SIGALG, p); - try { -+ sig.setParameter(paramsBad); - sig.initVerify(pub); - throw new RuntimeException("Expected IKE not thrown"); - } catch (InvalidKeyException ike) { -- System.out.println("test#2: got expected IKE"); -+ // expected - } - -- sig.setParameter(paramsGood); -- sig.initVerify(pub); -- -- System.out.println("test#2: pass"); -- - // test#3 - initSign, then setParameter -- sig = Signature.getInstance("RSASSA-PSS", p); -+ sig = Signature.getInstance(SIGALG, p); - sig.initSign(priv); -+ sig.setParameter(paramsGood); -+ -+ sig = Signature.getInstance(SIGALG, p); - try { -+ sig.initSign(priv); - sig.setParameter(paramsBad); - throw new RuntimeException("Expected IAPE not thrown"); - } catch (InvalidAlgorithmParameterException iape) { -- System.out.println("test#3: got expected IAPE"); -+ // expected - } - -- sig.setParameter(paramsGood); -- System.out.println("test#3: pass"); -- - // test#4 - initVerify, then setParameter -- sig = Signature.getInstance("RSASSA-PSS", p); -+ sig = Signature.getInstance(SIGALG, p); -+ sig.setParameter(paramsGood); - sig.initVerify(pub); -+ -+ sig = Signature.getInstance(SIGALG, p); - try { -+ sig.initVerify(pub); - sig.setParameter(paramsBad); - throw new RuntimeException("Expected IAPE not thrown"); - } catch (InvalidAlgorithmParameterException iape) { -- System.out.println("test#4: got expected IAPE"); -+ // expected - } -- -- sig.setParameter(paramsGood); -- System.out.println("test#4: pass"); - } - } -diff --git a/test/jdk/sun/security/pkcs11/Signature/SignatureTestPSS.java b/test/jdk/sun/security/pkcs11/Signature/SignatureTestPSS.java -index 4c1f7284b..c87554a51 100644 ---- a/test/jdk/sun/security/pkcs11/Signature/SignatureTestPSS.java -+++ b/test/jdk/sun/security/pkcs11/Signature/SignatureTestPSS.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2019, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -24,6 +24,7 @@ import java.security.*; - import java.security.interfaces.*; - import java.security.spec.*; - import java.util.stream.IntStream; -+import jtreg.SkippedException; - - /** - * @test -@@ -35,8 +36,6 @@ import java.util.stream.IntStream; - */ - public class SignatureTestPSS extends PKCS11Test { - -- // PKCS11 does not support RSASSA-PSS keys yet -- private static final String KEYALG = "RSA"; - private static final String SIGALG = "RSASSA-PSS"; - - private static final int[] KEYSIZES = { 2048, 3072 }; -@@ -44,7 +43,7 @@ public class SignatureTestPSS extends PKCS11Test { - "SHA-224", "SHA-256", "SHA-384" , "SHA-512", - "SHA3-224", "SHA3-256", "SHA3-384" , "SHA3-512", - }; -- private Provider prov; -+ private static final byte[] DATA = generateData(100); - - /** - * How much times signature updated. -@@ -56,88 +55,72 @@ public class SignatureTestPSS extends PKCS11Test { - */ - private static final int UPDATE_TIMES_HUNDRED = 100; - -+ private static boolean skipTest = true; -+ - public static void main(String[] args) throws Exception { - main(new SignatureTestPSS(), args); - } - - @Override - public void main(Provider p) throws Exception { -- Signature sig; -- try { -- sig = Signature.getInstance(SIGALG, p); -- } catch (NoSuchAlgorithmException e) { -- System.out.println("Skip testing RSASSA-PSS" + -- " due to no support"); -- return; -+ if (!PSSUtil.isSignatureSupported(p)) { -+ throw new SkippedException("Skip due to no support for " + SIGALG); - } -- this.prov = p; -- for (int i : KEYSIZES) { -- runTest(i); -- } -- } - -- private void runTest(int keySize) throws Exception { -- byte[] data = new byte[100]; -- IntStream.range(0, data.length).forEach(j -> { -- data[j] = (byte) j; -- }); -- System.out.println("[KEYSIZE = " + keySize + "]"); -- -- // create a key pair -- KeyPair kpair = generateKeys(KEYALG, keySize); -- test(DIGESTS, kpair.getPrivate(), kpair.getPublic(), data); -- } -- -- private void test(String[] digestAlgs, PrivateKey privKey, -- PublicKey pubKey, byte[] data) throws RuntimeException { -- // For signature algorithm, create and verify a signature -- for (String hash : digestAlgs) { -- for (String mgfHash : digestAlgs) { -- try { -- checkSignature(data, pubKey, privKey, hash, mgfHash); -- } catch (NoSuchAlgorithmException | InvalidKeyException | -- SignatureException | NoSuchProviderException ex) { -- throw new RuntimeException(ex); -- } catch (InvalidAlgorithmParameterException ex2) { -- System.out.println("Skip test due to " + ex2); -+ for (int kSize : KEYSIZES) { -+ System.out.println("[KEYSIZE = " + kSize + "]"); -+ KeyPair kp = PSSUtil.generateKeys(p, kSize); -+ PrivateKey privKey = kp.getPrivate(); -+ PublicKey pubKey = kp.getPublic(); -+ for (String hash : DIGESTS) { -+ for (String mgfHash : DIGESTS) { -+ System.out.println(" [Hash = " + hash + -+ ", MGF1 Hash = " + mgfHash + "]"); -+ PSSUtil.AlgoSupport s = -+ PSSUtil.isHashSupported(p, hash, mgfHash); -+ if (s == PSSUtil.AlgoSupport.NO) { -+ System.out.println(" => Skip; no support"); -+ continue; -+ } -+ checkSignature(p, DATA, pubKey, privKey, hash, mgfHash, s); - } -- } -- }; -- } -+ }; -+ } - -- private KeyPair generateKeys(String keyalg, int size) -- throws NoSuchAlgorithmException { -- KeyPairGenerator kpg = KeyPairGenerator.getInstance(keyalg, prov); -- kpg.initialize(size); -- return kpg.generateKeyPair(); -+ // start testing below -+ if (skipTest) { -+ throw new SkippedException("Test Skipped"); -+ } - } - -- private void checkSignature(byte[] data, PublicKey pub, -- PrivateKey priv, String hash, String mgfHash) -+ private static void checkSignature(Provider p, byte[] data, PublicKey pub, -+ PrivateKey priv, String hash, String mgfHash, PSSUtil.AlgoSupport s) - throws NoSuchAlgorithmException, InvalidKeyException, - SignatureException, NoSuchProviderException, - InvalidAlgorithmParameterException { - -- String testName = hash + " and MGF1_" + mgfHash; - // only test RSASSA-PSS signature against the supplied hash/mgfHash - // if they are supported; otherwise PKCS11 library will throw - // CKR_MECHANISM_PARAM_INVALID at Signature.initXXX calls -+ Signature sig = Signature.getInstance(SIGALG, p); -+ AlgorithmParameterSpec params = new PSSParameterSpec( -+ hash, "MGF1", new MGF1ParameterSpec(mgfHash), 0, 1); -+ sig.initSign(priv); -+ - try { -- MessageDigest md = MessageDigest.getInstance(hash, prov); -- if (!hash.equalsIgnoreCase(mgfHash)) { -- md = MessageDigest.getInstance(mgfHash, prov); -+ sig.setParameter(params); -+ } catch (InvalidAlgorithmParameterException iape) { -+ if (s == PSSUtil.AlgoSupport.MAYBE) { -+ // confirmed to be unsupported; skip the rest of the test -+ System.out.println(" => Skip; no PSS support"); -+ return; -+ } else { -+ throw new RuntimeException("Unexpected Exception", iape); - } -- } catch (NoSuchAlgorithmException nsae) { -- System.out.println("Skip testing " + hash + "/" + mgfHash); -- return; - } -+ // start testing below -+ skipTest = false; - -- System.out.println("Testing against " + testName); -- Signature sig = Signature.getInstance(SIGALG, prov); -- AlgorithmParameterSpec params = new PSSParameterSpec( -- hash, "MGF1", new MGF1ParameterSpec(mgfHash), 0, 1); -- sig.setParameter(params); -- sig.initSign(priv); - for (int i = 0; i < UPDATE_TIMES_HUNDRED; i++) { - sig.update(data); - } -@@ -163,5 +146,6 @@ public class SignatureTestPSS extends PKCS11Test { - if (sig.verify(signedData)) { - throw new RuntimeException("Failed to detect bad signature"); - } -+ System.out.println(" => Passed"); - } - } -diff --git a/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java b/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java -index 8c14c48ee..fb85353ee 100644 ---- a/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java -+++ b/test/jdk/sun/security/x509/X509CRLImpl/UnexpectedNPE.java -@@ -1,5 +1,5 @@ - /* -- * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved. -+ * Copyright (c) 2004, 2023, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -23,56 +23,43 @@ - - /* - * @test -- * @bug 5052433 -- * @summary NullPointerException for generateCRL and generateCRLs methods. -+ * @bug 5052433 8315042 -+ * @summary Verify that generateCRL and generateCRLs methods do not throw -+ * NullPointerException. They should throw CRLException instead. -+ * @library /test/lib - */ - import java.security.NoSuchProviderException; - import java.security.cert.*; - import java.io.ByteArrayInputStream; -+import java.util.Base64; - --public class UnexpectedNPE { -- CertificateFactory cf = null ; -+import jdk.test.lib.Utils; - -- public UnexpectedNPE() {} -+public class UnexpectedNPE { -+ static CertificateFactory cf = null; - -- public static void main( String[] av ) { -+ public static void main(String[] av ) throws CertificateException, -+ NoSuchProviderException { - byte[] encoded_1 = { 0x00, 0x00, 0x00, 0x00 }; - byte[] encoded_2 = { 0x30, 0x01, 0x00, 0x00 }; - byte[] encoded_3 = { 0x30, 0x01, 0x00 }; -+ byte[] encoded_4 = Base64.getDecoder().decode( -+ "MAsGCSqGSMP7TQEHAjI1Bgn///////8wCwUyAQ=="); - -- UnexpectedNPE unpe = new UnexpectedNPE() ; -- -- if(!unpe.run(encoded_1)) { -- throw new SecurityException("CRLException has not been thrown"); -- } -+ cf = CertificateFactory.getInstance("X.509", "SUN"); - -- if(!unpe.run(encoded_2)) { -- throw new SecurityException("CRLException has not been thrown"); -- } -- -- if(!unpe.run(encoded_2)) { -- throw new SecurityException("CRLException has not been thrown"); -- } -+ run(encoded_1); -+ run(encoded_2); -+ run(encoded_3); -+ run(encoded_4); - } - -- private boolean run(byte[] buf) { -- if (cf == null) { -- try { -- cf = CertificateFactory.getInstance("X.509", "SUN"); -- } catch (CertificateException e) { -- throw new SecurityException("Cannot get CertificateFactory"); -- } catch (NoSuchProviderException npe) { -- throw new SecurityException("Cannot get CertificateFactory"); -- } -- } -- try { -- cf.generateCRL(new ByteArrayInputStream(buf)); -- } catch (CRLException ce) { -- System.out.println("NPE checking passed"); -- return true; -- } -- -- System.out.println("CRLException has not been thrown"); -- return false; -+ private static void run(byte[] buf) { -+ Utils.runAndCheckException( -+ () -> cf.generateCRL(new ByteArrayInputStream(buf)), -+ CRLException.class); -+ Utils.runAndCheckException( -+ () -> cf.generateCRLs(new ByteArrayInputStream(buf)), -+ CRLException.class); - } - } --- -2.43.0.windows.1 - +--