diff --git a/jdk/make/common/Release.gmk b/jdk/make/common/Release.gmk index b584781eb50..b8c57625f10 100644 --- a/jdk/make/common/Release.gmk +++ b/jdk/make/common/Release.gmk @@ -835,10 +835,6 @@ endif $(BOOT_JAVA_CMD) -jar $(BUILDMETAINDEX_JARFILE) \ -o meta-index *.jar @$(CD) $(JRE_IMAGE_DIR)/lib/ext && $(java-vm-cleanup) -ifeq ($(PLATFORM), macosx) - @#install jobjc, apple mac only - $(CP) $(OUTPUTDIR)/JObjC.build/JObjC.jar $(JRE_IMAGE_DIR)/lib/JObjC.jar -endif ifeq ($(PLATFORM), windows) @# Remove certain *.lib files $(CD) $(JRE_IMAGE_DIR)/lib && \ diff --git a/jdk/make/java/Makefile b/jdk/make/java/Makefile index 80c97d27f58..13d7dc3db0b 100644 --- a/jdk/make/java/Makefile +++ b/jdk/make/java/Makefile @@ -57,10 +57,6 @@ ifeq ($(PLATFORM), linux) SUBDIRS += jexec endif # PLATFORM -ifeq ($(PLATFORM), macosx) - SUBDIRS += jobjc -endif # PLATFORM - include $(BUILDDIR)/common/Subdirs.gmk all build clean clobber:: diff --git a/jdk/makefiles/CompileJavaClasses.gmk b/jdk/makefiles/CompileJavaClasses.gmk index a015846e39f..fda3c89ca8b 100644 --- a/jdk/makefiles/CompileJavaClasses.gmk +++ b/jdk/makefiles/CompileJavaClasses.gmk @@ -271,11 +271,6 @@ ifeq ($(OPENJDK_TARGET_OS),macosx) $(JDK_TOPDIR)/src/solaris/classes/sun/util/locale/provider/HostLocaleProviderAdapterImpl.java \ $(JDK_TOPDIR)/src/solaris/classes/sun/nio/fs/GnomeFileTypeDetector.java - # JObjC.jar contains 1.5 byte-code...so skip it here :-( - # MACOSX_SRC_DIRS += $(JDK_TOPDIR)/src/macosx/native/jobjc/src - # EXCLUDES+= tests/java/com/apple/jobjc - - EXCLUDES+= com/apple/jobjc endif # The exception handling of swing beaninfo @@ -327,44 +322,6 @@ $(JDK_OUTPUTDIR)/classes/META-INF/services/com.sun.tools.xjc.Plugin: ########################################################################################## -ifeq ($(OPENJDK_TARGET_OS),macosx) -# -# JObjC.jar is compiled with BOOT_JAVAC which (may) not support the "-h" flag. -# so we first compile classes with BOOT_JAVAC and then with JDK_JAVAC :-( -# -$(eval $(call SetupJavaCompiler,GENERATE_15BYTECODE,\ - JAVAC:=$(JAVAC),\ - FLAGS:=-source 1.5 -target 1.5 -g -bootclasspath $(BOOT_RTJAR) -cp $(JDK_OUTPUTDIR)/../langtools/dist/lib/classes.jar $(DISABLE_WARNINGS),\ - SERVER_DIR:=$(SJAVAC_SERVER_DIR),\ - SERVER_JVM:=$(SJAVAC_SERVER_JAVA))) - -$(eval $(call SetupJavaCompilation,BUILD_JOBJC,\ - SETUP:=GENERATE_15BYTECODE,\ - DISABLE_SJAVAC:=true,\ - SRC:=$(JDK_TOPDIR)/src/macosx/native/jobjc/src/core/java \ - $(JDK_TOPDIR)/src/macosx/native/jobjc/src/runtime-additions/java \ - $(JDK_OUTPUTDIR)/gensrc_jobjc/src, \ - INCLUDES := com/apple/jobjc,\ - EXCLUDES := tests/java/com/apple/jobjc,\ - BIN:=$(JDK_OUTPUTDIR)/jobjc_classes,\ - JAR:=$(JDK_OUTPUTDIR)/lib/JObjC.jar, \ - JARINDEX := true)) - -$(BUILD_JOBJC) : $(BUILD_JDK) - -$(eval $(call SetupJavaCompilation,BUILD_JOBJC_HEADERS,\ - SETUP:=GENERATE_JDKBYTECODE,\ - SRC:=$(JDK_TOPDIR)/src/macosx/native/jobjc/src/core/java \ - $(JDK_TOPDIR)/src/macosx/native/jobjc/src/runtime-additions/java \ - $(JDK_OUTPUTDIR)/gensrc_jobjc/src, \ - INCLUDES := com/apple/jobjc,\ - EXCLUDES := tests/java/com/apple/jobjc,\ - BIN:=$(JDK_OUTPUTDIR)/jobjc_classes_headers,\ - HEADERS:=$(JDK_OUTPUTDIR)/gensrc_headers_jobjc)) - -$(BUILD_JOBJC_HEADERS) : $(BUILD_JDK) - -endif ########################################################################################## @@ -403,7 +360,7 @@ endif ########################################################################################## -all: $(BUILD_JDK) $(BUILD_ALTCLASSES) $(BUILD_JOBJC) $(BUILD_JOBJC_HEADERS) $(COPY_EXTRA) \ +all: $(BUILD_JDK) $(BUILD_ALTCLASSES) $(COPY_EXTRA) \ $(JDK_OUTPUTDIR)/classes/META-INF/services/com.sun.tools.xjc.Plugin \ $(BUILD_ACCESSBRIDGE_32) $(BUILD_ACCESSBRIDGE_64) \ $(BUILD_ACCESSBRIDGE_LEGACY) diff --git a/jdk/makefiles/CompileNativeLibraries.gmk b/jdk/makefiles/CompileNativeLibraries.gmk index 29289eaedcb..2ddf08511a9 100644 --- a/jdk/makefiles/CompileNativeLibraries.gmk +++ b/jdk/makefiles/CompileNativeLibraries.gmk @@ -3296,67 +3296,6 @@ endif ########################################################################################## -ifeq ($(OPENJDK_TARGET_OS), macosx) - -# Ugly hack to mimic behaviour in old build where this is built as an xcode project. -SET_SHARED_LIBRARY_NAME=-Xlinker -install_name -Xlinker /usr/local/lib/libJObjC.dylib - -$(eval $(call SetupNativeCompilation,BUILD_LIBJOBJC32,\ - LIBRARY:=JObjC,\ - OUTPUT_DIR:=$(JDK_OUTPUTDIR)/objs/libjobjc32,\ - SRC:=$(JDK_TOPDIR)/src/macosx/native/jobjc/src/core/native \ - $(JDK_TOPDIR)/src/macosx/native/jobjc/src/runtime-additions/native ,\ - LANG:=C,\ - OPTIMIZATION:=LOW, \ - CFLAGS:=-fpascal-strings \ - -fobjc-gc \ - -gdwarf-2 \ - $(CFLAGS_JDKLIB) -I$(JDK_OUTPUTDIR)/gensrc_headers_jobjc \ - -F/System/Library/Frameworks/JavaVM.framework/Frameworks \ - -m32,\ - LDFLAGS:=$(LDFLAGS_JDKLIB)\ - -m32, \ - LDFLAGS_SUFFIX:=-framework Foundation -framework JavaVM \ - -F/System/Library/Frameworks/JavaVM.framework/Frameworks \ - -framework JavaNativeFoundation \ - -lffi, \ - OBJECT_DIR:=$(JDK_OUTPUTDIR)/objs/libjobjc32,\ - DEBUG_SYMBOLS:=$(DEBUG_ALL_BINARIES))) - -$(eval $(call SetupNativeCompilation,BUILD_LIBJOBJC64,\ - LIBRARY:=JObjC,\ - OUTPUT_DIR:=$(JDK_OUTPUTDIR)/objs/libjobjc64,\ - SRC:=$(JDK_TOPDIR)/src/macosx/native/jobjc/src/core/native \ - $(JDK_TOPDIR)/src/macosx/native/jobjc/src/runtime-additions/native ,\ - LANG:=C,\ - OPTIMIZATION:=LOW, \ - CFLAGS:=-fpascal-strings \ - -fobjc-gc \ - -gdwarf-2 \ - $(CFLAGS_JDKLIB) -I$(JDK_OUTPUTDIR)/gensrc_headers_jobjc \ - -F/System/Library/Frameworks/JavaVM.framework/Frameworks \ - , \ - LDFLAGS:=-fpascal-strings \ - -fobjc-gc \ - -gdwarf-2 \ - $(LDFLAGS_JDKLIB)\ - $(call SET_SHARED_LIBRARY_ORIGIN), \ - LDFLAGS_SUFFIX:=-framework Foundation -framework JavaVM \ - -F/System/Library/Frameworks/JavaVM.framework/Frameworks \ - -framework JavaNativeFoundation \ - -lffi, \ - OBJECT_DIR:=$(JDK_OUTPUTDIR)/objs/libjobjc64,\ - DEBUG_SYMBOLS:=$(DEBUG_ALL_BINARIES))) - -$(INSTALL_LIBRARIES_HERE)/$(LIBRARY_PREFIX)JObjC$(SHARED_LIBRARY_SUFFIX): $(BUILD_LIBJOBJC32) $(BUILD_LIBJOBJC64) - $(LIPO) -create -output $@ $(BUILD_LIBJOBJC32) $(BUILD_LIBJOBJC64) - -BUILD_LIBRARIES += $(INSTALL_LIBRARIES_HERE)/$(LIBRARY_PREFIX)JObjC$(SHARED_LIBRARY_SUFFIX) - -endif - -########################################################################################## - ifndef OPENJDK ifeq ($(OPENJDK_TARGET_OS), windows) diff --git a/jdk/makefiles/CreateJars.gmk b/jdk/makefiles/CreateJars.gmk index be721548d04..4222f71953b 100644 --- a/jdk/makefiles/CreateJars.gmk +++ b/jdk/makefiles/CreateJars.gmk @@ -994,15 +994,6 @@ $(IMAGES_OUTPUTDIR)/lib/ext/zipfs.jar : $(JDK_OUTPUTDIR)/demo/nio/zipfs/zipfs.ja ########################################################################################## -ifeq ($(OPENJDK_TARGET_OS),macosx) - $(eval $(call SetupArchive,BUILD_JOBJC_JAR,,\ - SRCS:=$(JDK_OUTPUTDIR)/jobjc_classes,\ - JAR:=$(IMAGES_OUTPUTDIR)/lib/JObjC.jar, \ - JARINDEX:=true)) -endif - -########################################################################################## - ifndef OPENJDK $(eval $(call SetupArchive,BUILD_ALT_RT_JAR,,\ SRCS:=$(JDK_OUTPUTDIR)/altclasses_classes,\ diff --git a/jdk/makefiles/GenerateJavaSources.gmk b/jdk/makefiles/GenerateJavaSources.gmk index 7bc05989ce9..91e34cc118b 100644 --- a/jdk/makefiles/GenerateJavaSources.gmk +++ b/jdk/makefiles/GenerateJavaSources.gmk @@ -83,11 +83,6 @@ GENSRC += $(GENSRC_CLDR) include GensrcSwing.gmk GENSRC += $(GENSRC_SWING_BEANINFO) $(GENSRC_SWING_NIMBUS) -ifeq ($(OPENJDK_TARGET_OS), macosx) - include GensrcJObjC.gmk - GENSRC += $(GENSRC_JOBJC) -endif - $(GENSRC) : $(BUILD_TOOLS) all: $(GENSRC) diff --git a/jdk/makefiles/Images.gmk b/jdk/makefiles/Images.gmk index d3c01e8a8f3..2136be0f86a 100644 --- a/jdk/makefiles/Images.gmk +++ b/jdk/makefiles/Images.gmk @@ -303,14 +303,13 @@ $(JDK_IMAGE_DIR)/jre/lib/applet: $(ECHO) $(LOG_INFO) Creating $(patsubst $(OUTPUT_ROOT)/%,%,$@) $(MKDIR) -p $@ -# In the old build, JObjC.jar is not part of the meta-index $(JRE_IMAGE_DIR)/lib/meta-index: $(JRE_LIB_TARGETS) $(ECHO) $(LOG_INFO) Generating $(patsubst $(OUTPUT_ROOT)/%,%,$@) - $(CD) $(@D) && $(TOOL_BUILDMETAINDEX) -o meta-index `$(LS) *.jar | $(SED) 's/JObjC\.jar//g'` + $(CD) $(@D) && $(TOOL_BUILDMETAINDEX) -o meta-index *.jar $(JDK_IMAGE_DIR)/jre/lib/meta-index: $(JDKJRE_LIB_TARGETS) $(ECHO) $(LOG_INFO) Generating $(patsubst $(OUTPUT_ROOT)/%,%,$@) - $(CD) $(@D) && $(TOOL_BUILDMETAINDEX) -o meta-index `$(LS) *.jar | $(SED) 's/JObjC\.jar//g'` + $(CD) $(@D) && $(TOOL_BUILDMETAINDEX) -o meta-index *.jar $(JRE_IMAGE_DIR)/lib/ext/meta-index: $(JRE_LIB_TARGETS) $(ECHO) $(LOG_INFO) Generating $(patsubst $(OUTPUT_ROOT)/%,%,$@) diff --git a/jdk/makefiles/Profiles.gmk b/jdk/makefiles/Profiles.gmk index 9e79b2b27ac..7249a8832e8 100644 --- a/jdk/makefiles/Profiles.gmk +++ b/jdk/makefiles/Profiles.gmk @@ -109,10 +109,6 @@ ifeq ($(OPENJDK_TARGET_OS),windows) ALL_JARS += $(IMAGES_OUTPUTDIR)/lib/ext/sunmscapi.jar endif -ifeq ($(OPENJDK_TARGET_OS),macosx) - ALL_JARS += $(IMAGES_OUTPUTDIR)/lib/JObjC.jar -endif - ifeq ($(PROFILE), profile_1) PROFILE_JARS := $(PROFILE_1_JARS) else ifeq ($(PROFILE), profile_2) diff --git a/jdk/src/macosx/native/sun/awt/splashscreen/splashscreen_sys.m b/jdk/src/macosx/native/sun/awt/splashscreen/splashscreen_sys.m index bbe54aeb811..fcc0e0df23f 100644 --- a/jdk/src/macosx/native/sun/awt/splashscreen/splashscreen_sys.m +++ b/jdk/src/macosx/native/sun/awt/splashscreen/splashscreen_sys.m @@ -290,8 +290,8 @@ SplashEventLoop(Splash * splash) { SplashUnlock(splash); rc = poll(pfd, 1, timeout); SplashLock(splash); - if (splash->isVisible>0 && SplashTime() >= splash->time + - splash->frames[splash->currentFrame].delay) { + if (splash->isVisible > 0 && splash->currentFrame >= 0 && + SplashTime() >= splash->time + splash->frames[splash->currentFrame].delay) { SplashNextFrame(splash); SplashRedrawWindow(splash); } diff --git a/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java b/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java index 4bbb8f4a201..84fbca4be39 100644 --- a/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java +++ b/jdk/src/share/classes/com/sun/beans/decoder/DocumentHandler.java @@ -29,6 +29,7 @@ import com.sun.beans.finder.ClassFinder; import java.beans.ExceptionListener; import java.io.IOException; +import java.io.StringReader; import java.lang.ref.Reference; import java.lang.ref.WeakReference; @@ -245,6 +246,14 @@ public final class DocumentHandler extends DefaultHandler { this.objects.add(object); } + /** + * Disables any external entities. + */ + @Override + public InputSource resolveEntity(String publicId, String systemId) { + return new InputSource(new StringReader("")); + } + /** * Prepares this handler to read objects from XML document. */ diff --git a/jdk/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java b/jdk/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java index 1820ee8cbc3..ef9098f24f7 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -72,13 +72,17 @@ public final class TlsRsaPremasterSecretGenerator extends KeyGeneratorSpi { throw new IllegalStateException( "TlsRsaPremasterSecretGenerator must be initialized"); } - if (random == null) { - random = new SecureRandom(); + byte[] b = spec.getEncodedSecret(); + if (b == null) { + if (random == null) { + random = new SecureRandom(); + } + b = new byte[48]; + random.nextBytes(b); + b[0] = (byte)spec.getMajorVersion(); + b[1] = (byte)spec.getMinorVersion(); } - byte[] b = new byte[48]; - random.nextBytes(b); - b[0] = (byte)spec.getMajorVersion(); - b[1] = (byte)spec.getMinorVersion(); + return new SecretKeySpec(b, "TlsRsaPremasterSecret"); } diff --git a/jdk/src/share/classes/com/sun/rowset/internal/XmlReaderContentHandler.java b/jdk/src/share/classes/com/sun/rowset/internal/XmlReaderContentHandler.java index 5c30d2712f4..31d714187aa 100644 --- a/jdk/src/share/classes/com/sun/rowset/internal/XmlReaderContentHandler.java +++ b/jdk/src/share/classes/com/sun/rowset/internal/XmlReaderContentHandler.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -660,7 +660,7 @@ public class XmlReaderContentHandler extends DefaultHandler { //Added the handling for Class tags to take care of maps //Makes an entry into the map upon end of class tag try{ - typeMap.put(Key_map,Class.forName(Value_map)); + typeMap.put(Key_map,sun.reflect.misc.ReflectUtil.forName(Value_map)); }catch(ClassNotFoundException ex) { throw new SAXException(MessageFormat.format(resBundle.handleGetObject("xmlrch.errmap").toString(), ex.getMessage())); diff --git a/jdk/src/share/classes/java/util/jar/JarVerifier.java b/jdk/src/share/classes/java/util/jar/JarVerifier.java index 30459e54324..2b6b1451a5a 100644 --- a/jdk/src/share/classes/java/util/jar/JarVerifier.java +++ b/jdk/src/share/classes/java/util/jar/JarVerifier.java @@ -179,7 +179,9 @@ class JarVerifier { name = name.substring(1); // only set the jev object for entries that have a signature - if (sigFileSigners.get(name) != null) { + // (either verified or not) + if (sigFileSigners.get(name) != null || + verifiedSigners.get(name) != null) { mev.setEntry(name, je); return; } diff --git a/jdk/src/share/classes/javax/security/auth/Subject.java b/jdk/src/share/classes/javax/security/auth/Subject.java index 23ffd229534..23197b79935 100644 --- a/jdk/src/share/classes/javax/security/auth/Subject.java +++ b/jdk/src/share/classes/javax/security/auth/Subject.java @@ -964,6 +964,10 @@ public final class Subject implements java.io.Serializable { s.defaultReadObject(); + // Rewrap the principals into a SecureSet + principals = Collections.synchronizedSet(new SecureSet + (this, PRINCIPAL_SET, principals)); + // The Credential {@code Set} is not serialized, but we do not // want the default deserialization routine to set it to null. this.pubCredentials = Collections.synchronizedSet diff --git a/jdk/src/share/classes/javax/sql/rowset/spi/SyncFactory.java b/jdk/src/share/classes/javax/sql/rowset/spi/SyncFactory.java index 6797dc0d397..308d1beef49 100644 --- a/jdk/src/share/classes/javax/sql/rowset/spi/SyncFactory.java +++ b/jdk/src/share/classes/javax/sql/rowset/spi/SyncFactory.java @@ -35,6 +35,8 @@ import java.io.FileInputStream; import java.io.InputStream; import java.io.IOException; import java.io.FileNotFoundException; +import java.security.AccessController; +import java.security.PrivilegedAction; import javax.naming.*; @@ -348,7 +350,17 @@ public class SyncFactory { /* * Dependent on application */ - String strRowsetProperties = System.getProperty("rowset.properties"); + String strRowsetProperties; + try { + strRowsetProperties = AccessController.doPrivileged(new PrivilegedAction() { + public String run() { + return System.getProperty("rowset.properties"); + } + }, null, new PropertyPermission("rowset.properties","read")); + } catch (Exception ex) { + strRowsetProperties = null; + } + if (strRowsetProperties != null) { // Load user's implementation of SyncProvider // here. -Drowset.properties=/abc/def/pqr.txt @@ -393,7 +405,16 @@ public class SyncFactory { * load additional properties from -D command line */ properties.clear(); - String providerImpls = System.getProperty(ROWSET_SYNC_PROVIDER); + String providerImpls; + try { + providerImpls = AccessController.doPrivileged(new PrivilegedAction() { + public String run() { + return System.getProperty(ROWSET_SYNC_PROVIDER); + } + }, null, new PropertyPermission(ROWSET_SYNC_PROVIDER,"read")); + } catch (Exception ex) { + providerImpls = null; + } if (providerImpls != null) { int i = 0; diff --git a/jdk/src/share/classes/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java b/jdk/src/share/classes/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java index 7ff1d7ff80f..a38a7faecf2 100644 --- a/jdk/src/share/classes/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java +++ b/jdk/src/share/classes/sun/security/internal/spec/TlsRsaPremasterSecretParameterSpec.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -45,11 +45,12 @@ public class TlsRsaPremasterSecretParameterSpec private final int majorVersion; private final int minorVersion; + private final byte[] encodedSecret; /** * Constructs a new TlsRsaPremasterSecretParameterSpec. - * - *

The version numbers will be placed inside the premaster secret to + *

+ * The version numbers will be placed inside the premaster secret to * detect version rollbacks attacks as described in the TLS specification. * Note that they do not indicate the protocol version negotiated for * the handshake. @@ -65,7 +66,42 @@ public class TlsRsaPremasterSecretParameterSpec this.majorVersion = TlsMasterSecretParameterSpec.checkVersion(majorVersion); this.minorVersion = - TlsMasterSecretParameterSpec.checkVersion(minorVersion); } + TlsMasterSecretParameterSpec.checkVersion(minorVersion); + this.encodedSecret = null; + } + + /** + * Constructs a new TlsRsaPremasterSecretParameterSpec. + *

+ * The version numbers will be placed inside the premaster secret to + * detect version rollbacks attacks as described in the TLS specification. + * Note that they do not indicate the protocol version negotiated for + * the handshake. + *

+ * Usually, the encoded secret key is a random number that acts as + * dummy pre_master_secret to avoid vulnerabilities described by + * section 7.4.7.1, RFC 5246. + * + * @param majorVersion the major number of the protocol version + * @param minorVersion the minor number of the protocol version + * @param encodedSecret the encoded secret key + * + * @throws IllegalArgumentException if minorVersion or majorVersion are + * negative or larger than 255, or encodedSecret is not exactly 48 bytes. + */ + public TlsRsaPremasterSecretParameterSpec(int majorVersion, + int minorVersion, byte[] encodedSecret) { + this.majorVersion = + TlsMasterSecretParameterSpec.checkVersion(majorVersion); + this.minorVersion = + TlsMasterSecretParameterSpec.checkVersion(minorVersion); + + if (encodedSecret == null || encodedSecret.length != 48) { + throw new IllegalArgumentException( + "Encoded secret is not exactly 48 bytes"); + } + this.encodedSecret = encodedSecret.clone(); + } /** * Returns the major version. @@ -84,4 +120,13 @@ public class TlsRsaPremasterSecretParameterSpec public int getMinorVersion() { return minorVersion; } + + /** + * Returns the encoded secret. + * + * @return the encoded secret, may be null if no encoded secret. + */ + public byte[] getEncodedSecret() { + return encodedSecret == null ? null : encodedSecret.clone(); + } } diff --git a/jdk/src/share/classes/sun/security/pkcs11/P11RSACipher.java b/jdk/src/share/classes/sun/security/pkcs11/P11RSACipher.java index 61cc1b33f7b..e2ff0fc73e4 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/P11RSACipher.java +++ b/jdk/src/share/classes/sun/security/pkcs11/P11RSACipher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -451,30 +451,7 @@ final class P11RSACipher extends CipherSpi { // see JCE spec protected Key engineUnwrap(byte[] wrappedKey, String algorithm, int type) throws InvalidKeyException, NoSuchAlgorithmException { - if (algorithm.equals("TlsRsaPremasterSecret")) { - // the instance variable "session" has been initialized for - // decrypt mode, so use a local variable instead. - Session s = null; - try { - s = token.getObjSession(); - long keyType = CKK_GENERIC_SECRET; - CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { - new CK_ATTRIBUTE(CKA_CLASS, CKO_SECRET_KEY), - new CK_ATTRIBUTE(CKA_KEY_TYPE, keyType), - }; - attributes = token.getAttributes - (O_IMPORT, CKO_SECRET_KEY, keyType, attributes); - long keyID = token.p11.C_UnwrapKey(s.id(), - new CK_MECHANISM(mechanism), p11Key.keyID, wrappedKey, - attributes); - return P11Key.secretKey(s, keyID, algorithm, 48 << 3, - attributes); - } catch (PKCS11Exception e) { - throw new InvalidKeyException("unwrap() failed", e); - } finally { - token.releaseSession(s); - } - } + // XXX implement unwrap using C_Unwrap() for all keys implInit(Cipher.DECRYPT_MODE, p11Key); if (wrappedKey.length > maxInputSize) { diff --git a/jdk/src/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java b/jdk/src/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java index f9ef1c4ba0b..ff9b183ee26 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java +++ b/jdk/src/share/classes/sun/security/pkcs11/P11TlsRsaPremasterSecretGenerator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -88,23 +88,33 @@ final class P11TlsRsaPremasterSecretGenerator extends KeyGeneratorSpi { throw new IllegalStateException ("TlsRsaPremasterSecretGenerator must be initialized"); } - CK_VERSION version = - new CK_VERSION(spec.getMajorVersion(), spec.getMinorVersion()); - Session session = null; - try { - session = token.getObjSession(); - CK_ATTRIBUTE[] attributes = token.getAttributes - (O_GENERATE, CKO_SECRET_KEY, CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]); - long keyID = token.p11.C_GenerateKey - (session.id(), new CK_MECHANISM(mechanism, version), attributes); - SecretKey key = P11Key.secretKey - (session, keyID, "TlsRsaPremasterSecret", 48 << 3, attributes); - return key; - } catch (PKCS11Exception e) { - throw new ProviderException("Could not generate premaster secret", e); - } finally { - token.releaseSession(session); + + byte[] b = spec.getEncodedSecret(); + if (b == null) { + CK_VERSION version = new CK_VERSION( + spec.getMajorVersion(), spec.getMinorVersion()); + Session session = null; + try { + session = token.getObjSession(); + CK_ATTRIBUTE[] attributes = token.getAttributes( + O_GENERATE, CKO_SECRET_KEY, + CKK_GENERIC_SECRET, new CK_ATTRIBUTE[0]); + long keyID = token.p11.C_GenerateKey(session.id(), + new CK_MECHANISM(mechanism, version), attributes); + SecretKey key = P11Key.secretKey(session, + keyID, "TlsRsaPremasterSecret", 48 << 3, attributes); + return key; + } catch (PKCS11Exception e) { + throw new ProviderException( + "Could not generate premaster secret", e); + } finally { + token.releaseSession(session); + } } + + // Won't worry, the TlsRsaPremasterSecret will be soon converted to + // TlsMasterSecret. + return new SecretKeySpec(b, "TlsRsaPremasterSecret"); } } diff --git a/jdk/src/share/classes/sun/security/provider/ByteArrayAccess.java b/jdk/src/share/classes/sun/security/provider/ByteArrayAccess.java index 1c7641372ab..e06832bf3c6 100644 --- a/jdk/src/share/classes/sun/security/provider/ByteArrayAccess.java +++ b/jdk/src/share/classes/sun/security/provider/ByteArrayAccess.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -43,10 +43,8 @@ import sun.misc.Unsafe; * These are the only platforms we currently support, but other optimized * variants could be added as needed. * - * NOTE that because this code performs unchecked direct memory access, it - * MUST be restricted to trusted code. It is imperative that the caller protects - * against out of bounds memory access by performing the necessary bounds - * checks before calling methods in this class. + * NOTE that ArrayIndexOutOfBoundsException will be thrown if the bounds checks + * failed. * * This class may also be helpful in improving the performance of the * crypto code in the SunJCE provider. However, for now it is only accessible by @@ -103,6 +101,10 @@ final class ByteArrayAccess { * byte[] to int[] conversion, little endian byte order. */ static void b2iLittle(byte[] in, int inOfs, int[] out, int outOfs, int len) { + if ((inOfs < 0) || ((in.length - inOfs) < len) || + (outOfs < 0) || ((out.length - outOfs) < len/4)) { + throw new ArrayIndexOutOfBoundsException(); + } if (littleEndianUnaligned) { inOfs += byteArrayOfs; len += inOfs; @@ -131,6 +133,10 @@ final class ByteArrayAccess { // Special optimization of b2iLittle(in, inOfs, out, 0, 64) static void b2iLittle64(byte[] in, int inOfs, int[] out) { + if ((inOfs < 0) || ((in.length - inOfs) < 64) || + (out.length < 16)) { + throw new ArrayIndexOutOfBoundsException(); + } if (littleEndianUnaligned) { inOfs += byteArrayOfs; out[ 0] = unsafe.getInt(in, (long)(inOfs )); @@ -176,6 +182,10 @@ final class ByteArrayAccess { * int[] to byte[] conversion, little endian byte order. */ static void i2bLittle(int[] in, int inOfs, byte[] out, int outOfs, int len) { + if ((inOfs < 0) || ((in.length - inOfs) < len/4) || + (outOfs < 0) || ((out.length - outOfs) < len)) { + throw new ArrayIndexOutOfBoundsException(); + } if (littleEndianUnaligned) { outOfs += byteArrayOfs; len += outOfs; @@ -204,6 +214,9 @@ final class ByteArrayAccess { // Store one 32-bit value into out[outOfs..outOfs+3] in little endian order. static void i2bLittle4(int val, byte[] out, int outOfs) { + if ((outOfs < 0) || ((out.length - outOfs) < 4)) { + throw new ArrayIndexOutOfBoundsException(); + } if (littleEndianUnaligned) { unsafe.putInt(out, (long)(byteArrayOfs + outOfs), val); } else if (bigEndian && ((outOfs & 3) == 0)) { @@ -220,6 +233,10 @@ final class ByteArrayAccess { * byte[] to int[] conversion, big endian byte order. */ static void b2iBig(byte[] in, int inOfs, int[] out, int outOfs, int len) { + if ((inOfs < 0) || ((in.length - inOfs) < len) || + (outOfs < 0) || ((out.length - outOfs) < len/4)) { + throw new ArrayIndexOutOfBoundsException(); + } if (littleEndianUnaligned) { inOfs += byteArrayOfs; len += inOfs; @@ -248,6 +265,10 @@ final class ByteArrayAccess { // Special optimization of b2iBig(in, inOfs, out, 0, 64) static void b2iBig64(byte[] in, int inOfs, int[] out) { + if ((inOfs < 0) || ((in.length - inOfs) < 64) || + (out.length < 16)) { + throw new ArrayIndexOutOfBoundsException(); + } if (littleEndianUnaligned) { inOfs += byteArrayOfs; out[ 0] = reverseBytes(unsafe.getInt(in, (long)(inOfs ))); @@ -293,6 +314,10 @@ final class ByteArrayAccess { * int[] to byte[] conversion, big endian byte order. */ static void i2bBig(int[] in, int inOfs, byte[] out, int outOfs, int len) { + if ((inOfs < 0) || ((in.length - inOfs) < len/4) || + (outOfs < 0) || ((out.length - outOfs) < len)) { + throw new ArrayIndexOutOfBoundsException(); + } if (littleEndianUnaligned) { outOfs += byteArrayOfs; len += outOfs; @@ -321,6 +346,9 @@ final class ByteArrayAccess { // Store one 32-bit value into out[outOfs..outOfs+3] in big endian order. static void i2bBig4(int val, byte[] out, int outOfs) { + if ((outOfs < 0) || ((out.length - outOfs) < 4)) { + throw new ArrayIndexOutOfBoundsException(); + } if (littleEndianUnaligned) { unsafe.putInt(out, (long)(byteArrayOfs + outOfs), reverseBytes(val)); } else if (bigEndian && ((outOfs & 3) == 0)) { @@ -337,6 +365,10 @@ final class ByteArrayAccess { * byte[] to long[] conversion, big endian byte order. */ static void b2lBig(byte[] in, int inOfs, long[] out, int outOfs, int len) { + if ((inOfs < 0) || ((in.length - inOfs) < len) || + (outOfs < 0) || ((out.length - outOfs) < len/8)) { + throw new ArrayIndexOutOfBoundsException(); + } if (littleEndianUnaligned) { inOfs += byteArrayOfs; len += inOfs; @@ -378,6 +410,10 @@ final class ByteArrayAccess { // Special optimization of b2lBig(in, inOfs, out, 0, 128) static void b2lBig128(byte[] in, int inOfs, long[] out) { + if ((inOfs < 0) || ((in.length - inOfs) < 128) || + (out.length < 16)) { + throw new ArrayIndexOutOfBoundsException(); + } if (littleEndianUnaligned) { inOfs += byteArrayOfs; out[ 0] = reverseBytes(unsafe.getLong(in, (long)(inOfs ))); @@ -406,6 +442,10 @@ final class ByteArrayAccess { * long[] to byte[] conversion, big endian byte order. */ static void l2bBig(long[] in, int inOfs, byte[] out, int outOfs, int len) { + if ((inOfs < 0) || ((in.length - inOfs) < len/8) || + (outOfs < 0) || ((out.length - outOfs) < len)) { + throw new ArrayIndexOutOfBoundsException(); + } len += outOfs; while (outOfs < len) { long i = in[inOfs++]; @@ -419,5 +459,4 @@ final class ByteArrayAccess { out[outOfs++] = (byte)(i ); } } - } diff --git a/jdk/src/share/classes/sun/security/rsa/RSAPadding.java b/jdk/src/share/classes/sun/security/rsa/RSAPadding.java index 76f0d81c20b..35def8b25f2 100644 --- a/jdk/src/share/classes/sun/security/rsa/RSAPadding.java +++ b/jdk/src/share/classes/sun/security/rsa/RSAPadding.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2013 Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -318,33 +318,53 @@ public final class RSAPadding { /** * PKCS#1 v1.5 unpadding (blocktype 1 and 2). + * + * Note that we want to make it a constant-time operation */ private byte[] unpadV15(byte[] padded) throws BadPaddingException { int k = 0; + BadPaddingException bpe = null; + if (padded[k++] != 0) { - throw new BadPaddingException("Data must start with zero"); + bpe = new BadPaddingException("Data must start with zero"); } - if (padded[k++] != type) { - throw new BadPaddingException("Blocktype mismatch: " + padded[1]); + if (padded[k++] != type && bpe == null) { + bpe = new BadPaddingException("Blocktype mismatch: " + padded[1]); } - while (true) { + int p = 0; + while (k < padded.length) { int b = padded[k++] & 0xff; - if (b == 0) { - break; + if (b == 0 && p == 0) { + p = k; } - if (k == padded.length) { - throw new BadPaddingException("Padding string not terminated"); + if (k == padded.length && p == 0 && bpe == null) { + bpe = new BadPaddingException("Padding string not terminated"); } - if ((type == PAD_BLOCKTYPE_1) && (b != 0xff)) { - throw new BadPaddingException("Padding byte not 0xff: " + b); + if ((type == PAD_BLOCKTYPE_1) && (b != 0xff) && + p == 0 && bpe == null) { + bpe = new BadPaddingException("Padding byte not 0xff: " + b); } } - int n = padded.length - k; - if (n > maxDataSize) { - throw new BadPaddingException("Padding string too short"); + int n = padded.length - p; + if (n > maxDataSize && bpe == null) { + bpe = new BadPaddingException("Padding string too short"); } + + // copy useless padding array for a constant-time method + // + // Is it necessary? + byte[] padding = new byte[p]; + System.arraycopy(padded, 0, padding, 0, p); + byte[] data = new byte[n]; - System.arraycopy(padded, padded.length - n, data, 0, n); + System.arraycopy(padded, p, data, 0, n); + + if (bpe == null) { + bpe = new BadPaddingException("Unused exception"); + } else { + throw bpe; + } + return data; } diff --git a/jdk/src/share/classes/sun/security/ssl/Handshaker.java b/jdk/src/share/classes/sun/security/ssl/Handshaker.java index a92320451e0..6ae55d48e40 100644 --- a/jdk/src/share/classes/sun/security/ssl/Handshaker.java +++ b/jdk/src/share/classes/sun/security/ssl/Handshaker.java @@ -1112,94 +1112,23 @@ abstract class Handshaker { clnt_random.random_bytes, svr_random.random_bytes, prfHashAlg, prfHashLength, prfBlockSize); - SecretKey masterSecret; try { KeyGenerator kg = JsseJce.getKeyGenerator(masterAlg); kg.init(spec); - masterSecret = kg.generateKey(); - } catch (GeneralSecurityException e) { + return kg.generateKey(); + } catch (InvalidAlgorithmParameterException | + NoSuchAlgorithmException iae) { + // unlikely to happen, otherwise, must be a provider exception + // // For RSA premaster secrets, do not signal a protocol error // due to the Bleichenbacher attack. See comments further down. - if (!preMasterSecret.getAlgorithm().equals( - "TlsRsaPremasterSecret")) { - throw new ProviderException(e); - } - if (debug != null && Debug.isOn("handshake")) { System.out.println("RSA master secret generation error:"); - e.printStackTrace(System.out); + iae.printStackTrace(System.out); } + throw new ProviderException(iae); - if (requestedVersion != null) { - preMasterSecret = - RSAClientKeyExchange.generateDummySecret(requestedVersion); - } else { - preMasterSecret = - RSAClientKeyExchange.generateDummySecret(protocolVersion); - } - - // recursive call with new premaster secret - return calculateMasterSecret(preMasterSecret, null); } - - // if no version check requested (client side handshake), or version - // information is not available (not an RSA premaster secret), - // return master secret immediately. - if ((requestedVersion == null) || - !(masterSecret instanceof TlsMasterSecret)) { - return masterSecret; - } - - // we have checked the ClientKeyExchange message when reading TLS - // record, the following check is necessary to ensure that - // JCE provider does not ignore the checking, or the previous - // checking process bypassed the premaster secret version checking. - TlsMasterSecret tlsKey = (TlsMasterSecret)masterSecret; - int major = tlsKey.getMajorVersion(); - int minor = tlsKey.getMinorVersion(); - if ((major < 0) || (minor < 0)) { - return masterSecret; - } - - // check if the premaster secret version is ok - // the specification says that it must be the maximum version supported - // by the client from its ClientHello message. However, many - // implementations send the negotiated version, so accept both - // for SSL v3.0 and TLS v1.0. - // NOTE that we may be comparing two unsupported version numbers, which - // is why we cannot use object reference equality in this special case. - ProtocolVersion premasterVersion = - ProtocolVersion.valueOf(major, minor); - boolean versionMismatch = (premasterVersion.v != requestedVersion.v); - - /* - * we never checked the client_version in server side - * for TLS v1.0 and SSL v3.0. For compatibility, we - * maintain this behavior. - */ - if (versionMismatch && requestedVersion.v <= ProtocolVersion.TLS10.v) { - versionMismatch = (premasterVersion.v != protocolVersion.v); - } - - if (versionMismatch == false) { - // check passed, return key - return masterSecret; - } - - // Due to the Bleichenbacher attack, do not signal a protocol error. - // Generate a random premaster secret and continue with the handshake, - // which will fail when verifying the finished messages. - // For more information, see comments in PreMasterSecret. - if (debug != null && Debug.isOn("handshake")) { - System.out.println("RSA PreMasterSecret version error: expected" - + protocolVersion + " or " + requestedVersion + ", decrypted: " - + premasterVersion); - } - preMasterSecret = - RSAClientKeyExchange.generateDummySecret(requestedVersion); - - // recursive call with new premaster secret - return calculateMasterSecret(preMasterSecret, null); } /* diff --git a/jdk/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java b/jdk/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java index d77229adb8d..36e4310fef1 100644 --- a/jdk/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java +++ b/jdk/src/share/classes/sun/security/ssl/RSAClientKeyExchange.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -133,26 +133,37 @@ final class RSAClientKeyExchange extends HandshakeMessage { } else { encrypted = new byte [messageSize]; if (input.read(encrypted) != messageSize) { - throw new SSLProtocolException - ("SSL: read PreMasterSecret: short read"); + throw new SSLProtocolException( + "SSL: read PreMasterSecret: short read"); } } + Exception failover = null; + byte[] encoded = null; try { Cipher cipher = JsseJce.getCipher(JsseJce.CIPHER_RSA_PKCS1); - cipher.init(Cipher.UNWRAP_MODE, privateKey); - preMaster = (SecretKey)cipher.unwrap(encrypted, - "TlsRsaPremasterSecret", Cipher.SECRET_KEY); - - // polish the premaster secret - preMaster = polishPreMasterSecretKey(currentVersion, maxVersion, - generator, preMaster, null); + // Cannot generate key here, please don't use Cipher.UNWRAP_MODE! + cipher.init(Cipher.DECRYPT_MODE, privateKey); + encoded = cipher.doFinal(encrypted); + } catch (BadPaddingException bpe) { + failover = bpe; + encoded = null; + } catch (IllegalBlockSizeException ibse) { + // the message it too big to process with RSA + throw new SSLProtocolException( + "Unable to process PreMasterSecret, may be too big"); } catch (Exception e) { - // polish the premaster secret - preMaster = - polishPreMasterSecretKey(currentVersion, maxVersion, - generator, null, e); + // unlikely to happen, otherwise, must be a provider exception + if (debug != null && Debug.isOn("handshake")) { + System.out.println("RSA premaster secret decryption error:"); + e.printStackTrace(System.out); + } + throw new RuntimeException("Could not generate dummy secret", e); } + + // polish the premaster secret + preMaster = polishPreMasterSecretKey( + currentVersion, maxVersion, generator, encoded, failover); } /** @@ -163,85 +174,74 @@ final class RSAClientKeyExchange extends HandshakeMessage { * * RFC 5246 describes the approach as : * - * 1. Generate a string R of 46 random bytes + * 1. Generate a string R of 48 random bytes * * 2. Decrypt the message to recover the plaintext M * * 3. If the PKCS#1 padding is not correct, or the length of message * M is not exactly 48 bytes: - * pre_master_secret = ClientHello.client_version || R + * pre_master_secret = R * else If ClientHello.client_version <= TLS 1.0, and version * number check is explicitly disabled: - * pre_master_secret = M + * premaster secret = M + * else If M[0..1] != ClientHello.client_version: + * premaster secret = R * else: - * pre_master_secret = ClientHello.client_version || M[2..47] + * premaster secret = M + * + * Note that #2 has completed before the call of this method. */ private SecretKey polishPreMasterSecretKey(ProtocolVersion currentVersion, ProtocolVersion clientHelloVersion, SecureRandom generator, - SecretKey secretKey, Exception failoverException) { + byte[] encoded, Exception failoverException) { this.protocolVersion = clientHelloVersion; + if (generator == null) { + generator = new SecureRandom(); + } + byte[] random = new byte[48]; + generator.nextBytes(random); - if (failoverException == null && secretKey != null) { + if (failoverException == null && encoded != null) { // check the length - byte[] encoded = secretKey.getEncoded(); - if (encoded == null) { // unable to get the encoded key - if (debug != null && Debug.isOn("handshake")) { - System.out.println( - "unable to get the plaintext of the premaster secret"); - } - - int keySize = KeyUtil.getKeySize(secretKey); - if (keySize > 0 && keySize != 384) { // 384 = 48 * 8 - if (debug != null && Debug.isOn("handshake")) { - System.out.println( - "incorrect length of premaster secret: " + - (keySize/8)); - } - - return generateDummySecret(clientHelloVersion); - } - - // The key size is exactly 48 bytes or not accessible. - // - // Conservatively, pass the checking to master secret - // calculation. - return secretKey; - } else if (encoded.length == 48) { - // check the version - if (clientHelloVersion.major == encoded[0] && - clientHelloVersion.minor == encoded[1]) { - - return secretKey; - } else if (clientHelloVersion.v <= ProtocolVersion.TLS10.v && - currentVersion.major == encoded[0] && - currentVersion.minor == encoded[1]) { - /* - * For compatibility, we maintain the behavior that the - * version in pre_master_secret can be the negotiated - * version for TLS v1.0 and SSL v3.0. - */ - this.protocolVersion = currentVersion; - return secretKey; - } - - if (debug != null && Debug.isOn("handshake")) { - System.out.println("Mismatching Protocol Versions, " + - "ClientHello.client_version is " + clientHelloVersion + - ", while PreMasterSecret.client_version is " + - ProtocolVersion.valueOf(encoded[0], encoded[1])); - } - - return generateDummySecret(clientHelloVersion); - } else { + if (encoded.length != 48) { if (debug != null && Debug.isOn("handshake")) { System.out.println( "incorrect length of premaster secret: " + encoded.length); } - return generateDummySecret(clientHelloVersion); + return generatePreMasterSecret( + clientHelloVersion, random, generator); } + + if (clientHelloVersion.major != encoded[0] || + clientHelloVersion.minor != encoded[1]) { + + if (clientHelloVersion.v <= ProtocolVersion.TLS10.v && + currentVersion.major == encoded[0] && + currentVersion.minor == encoded[1]) { + /* + * For compatibility, we maintain the behavior that the + * version in pre_master_secret can be the negotiated + * version for TLS v1.0 and SSL v3.0. + */ + this.protocolVersion = currentVersion; + } else { + if (debug != null && Debug.isOn("handshake")) { + System.out.println("Mismatching Protocol Versions, " + + "ClientHello.client_version is " + + clientHelloVersion + + ", while PreMasterSecret.client_version is " + + ProtocolVersion.valueOf(encoded[0], encoded[1])); + } + + encoded = random; + } + } + + return generatePreMasterSecret( + clientHelloVersion, encoded, generator); } if (debug != null && Debug.isOn("handshake") && @@ -250,11 +250,14 @@ final class RSAClientKeyExchange extends HandshakeMessage { failoverException.printStackTrace(System.out); } - return generateDummySecret(clientHelloVersion); + return generatePreMasterSecret(clientHelloVersion, random, generator); } // generate a premaster secret with the specified version number - static SecretKey generateDummySecret(ProtocolVersion version) { + private static SecretKey generatePreMasterSecret( + ProtocolVersion version, byte[] encodedSecret, + SecureRandom generator) { + if (debug != null && Debug.isOn("handshake")) { System.out.println("Generating a random fake premaster secret"); } @@ -263,11 +266,17 @@ final class RSAClientKeyExchange extends HandshakeMessage { String s = ((version.v >= ProtocolVersion.TLS12.v) ? "SunTls12RsaPremasterSecret" : "SunTlsRsaPremasterSecret"); KeyGenerator kg = JsseJce.getKeyGenerator(s); - kg.init(new TlsRsaPremasterSecretParameterSpec - (version.major, version.minor)); + kg.init(new TlsRsaPremasterSecretParameterSpec( + version.major, version.minor, encodedSecret), generator); return kg.generateKey(); - } catch (GeneralSecurityException e) { - throw new RuntimeException("Could not generate dummy secret", e); + } catch (InvalidAlgorithmParameterException | + NoSuchAlgorithmException iae) { + // unlikely to happen, otherwise, must be a provider exception + if (debug != null && Debug.isOn("handshake")) { + System.out.println("RSA premaster secret generation error:"); + iae.printStackTrace(System.out); + } + throw new RuntimeException("Could not generate dummy secret", iae); } } diff --git a/jdk/src/share/lib/security/java.security-linux b/jdk/src/share/lib/security/java.security-linux index 2c5f5f6c32a..bc36d699804 100644 --- a/jdk/src/share/lib/security/java.security-linux +++ b/jdk/src/share/lib/security/java.security-linux @@ -182,6 +182,7 @@ package.access=sun.,\ com.sun.istack.internal.,\ com.sun.jmx.,\ com.sun.media.sound.,\ + com.sun.naming.internal.,\ com.sun.proxy.,\ com.sun.org.apache.bcel.internal.,\ com.sun.org.apache.regexp.internal.,\ @@ -204,7 +205,7 @@ package.access=sun.,\ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ + oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\ @@ -227,6 +228,7 @@ package.definition=sun.,\ com.sun.istack.internal.,\ com.sun.jmx.,\ com.sun.media.sound.,\ + com.sun.naming.internal.,\ com.sun.proxy.,\ com.sun.org.apache.bcel.internal.,\ com.sun.org.apache.regexp.internal.,\ @@ -249,7 +251,7 @@ package.definition=sun.,\ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ + oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\ diff --git a/jdk/src/share/lib/security/java.security-macosx b/jdk/src/share/lib/security/java.security-macosx index 44791b241f4..eeecdbdd5a6 100644 --- a/jdk/src/share/lib/security/java.security-macosx +++ b/jdk/src/share/lib/security/java.security-macosx @@ -183,6 +183,7 @@ package.access=sun.,\ com.sun.istack.internal.,\ com.sun.jmx.,\ com.sun.media.sound.,\ + com.sun.naming.internal.,\ com.sun.proxy.,\ com.sun.org.apache.bcel.internal.,\ com.sun.org.apache.regexp.internal.,\ @@ -228,6 +229,7 @@ package.definition=sun.,\ com.sun.istack.internal.,\ com.sun.jmx.,\ com.sun.media.sound.,\ + com.sun.naming.internal.,\ com.sun.proxy.,\ com.sun.org.apache.bcel.internal.,\ com.sun.org.apache.regexp.internal.,\ diff --git a/jdk/src/share/lib/security/java.security-solaris b/jdk/src/share/lib/security/java.security-solaris index a6ce253df8a..4f52c4c3a6d 100644 --- a/jdk/src/share/lib/security/java.security-solaris +++ b/jdk/src/share/lib/security/java.security-solaris @@ -184,6 +184,7 @@ package.access=sun.,\ com.sun.istack.internal.,\ com.sun.jmx.,\ com.sun.media.sound.,\ + com.sun.naming.internal.,\ com.sun.proxy.,\ com.sun.org.apache.bcel.internal.,\ com.sun.org.apache.regexp.internal.,\ @@ -206,7 +207,7 @@ package.access=sun.,\ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ + oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\ @@ -228,6 +229,7 @@ package.definition=sun.,\ com.sun.istack.internal.,\ com.sun.jmx.,\ com.sun.media.sound.,\ + com.sun.naming.internal.,\ com.sun.proxy.,\ com.sun.org.apache.bcel.internal.,\ com.sun.org.apache.regexp.internal.,\ @@ -250,7 +252,7 @@ package.definition=sun.,\ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ + oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\ diff --git a/jdk/src/share/lib/security/java.security-windows b/jdk/src/share/lib/security/java.security-windows index cca53ae3961..6ac3c4297e6 100644 --- a/jdk/src/share/lib/security/java.security-windows +++ b/jdk/src/share/lib/security/java.security-windows @@ -183,6 +183,7 @@ package.access=sun.,\ com.sun.istack.internal.,\ com.sun.jmx.,\ com.sun.media.sound.,\ + com.sun.naming.internal.,\ com.sun.proxy.,\ com.sun.org.apache.bcel.internal.,\ com.sun.org.apache.regexp.internal.,\ @@ -205,7 +206,7 @@ package.access=sun.,\ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ + oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\ @@ -228,6 +229,7 @@ package.definition=sun.,\ com.sun.istack.internal.,\ com.sun.jmx.,\ com.sun.media.sound.,\ + com.sun.naming.internal.,\ com.sun.proxy.,\ com.sun.org.apache.bcel.internal.,\ com.sun.org.apache.regexp.internal.,\ @@ -250,7 +252,7 @@ package.definition=sun.,\ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ + oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\ diff --git a/jdk/src/share/native/sun/awt/splashscreen/splashscreen_impl.c b/jdk/src/share/native/sun/awt/splashscreen/splashscreen_impl.c index 437f81a8632..021447e287f 100644 --- a/jdk/src/share/native/sun/awt/splashscreen/splashscreen_impl.c +++ b/jdk/src/share/native/sun/awt/splashscreen/splashscreen_impl.c @@ -111,8 +111,9 @@ SplashDone(Splash * splash) int SplashIsStillLooping(Splash * splash) { - if (splash->currentFrame < 0) + if (splash->currentFrame < 0) { return 0; + } return splash->loopCount != 1 || splash->currentFrame + 1 < splash->frameCount; } @@ -121,17 +122,22 @@ void SplashUpdateScreenData(Splash * splash) { ImageRect srcRect, dstRect; + if (splash->currentFrame < 0) { + return; + } initRect(&srcRect, 0, 0, splash->width, splash->height, 1, splash->width * sizeof(rgbquad_t), splash->frames[splash->currentFrame].bitmapBits, &splash->imageFormat); - if (splash->screenData) + if (splash->screenData) { free(splash->screenData); + } splash->screenStride = splash->width * splash->screenFormat.depthBytes; - if (splash->byteAlignment > 1) + if (splash->byteAlignment > 1) { splash->screenStride = (splash->screenStride + splash->byteAlignment - 1) & ~(splash->byteAlignment - 1); + } splash->screenData = malloc(splash->height * splash->screenStride); initRect(&dstRect, 0, 0, splash->width, splash->height, 1, splash->screenStride, splash->screenData, &splash->screenFormat); @@ -146,16 +152,19 @@ SplashUpdateScreenData(Splash * splash) void SplashNextFrame(Splash * splash) { - if (splash->currentFrame < 0) + if (splash->currentFrame < 0) { return; + } do { - if (!SplashIsStillLooping(splash)) + if (!SplashIsStillLooping(splash)) { return; + } splash->time += splash->frames[splash->currentFrame].delay; if (++splash->currentFrame >= splash->frameCount) { splash->currentFrame = 0; - if (splash->loopCount > 0) + if (splash->loopCount > 0) { splash->loopCount--; + } } } while (splash->time + splash->frames[splash->currentFrame].delay - SplashTime() <= 0); @@ -183,8 +192,9 @@ BitmapToYXBandedRectangles(ImageRect * pSrcRect, RECT_T * out) pSrc += pSrcRect->depthBytes; ++i; } - if (i >= pSrcRect->numSamples) + if (i >= pSrcRect->numSamples) { break; + } i0 = i; while (i < pSrcRect->numSamples && getRGBA(pSrc, pSrcRect->format) >= ALPHA_THRESHOLD) { diff --git a/jdk/src/share/native/sun/font/layout/LookupProcessor.cpp b/jdk/src/share/native/sun/font/layout/LookupProcessor.cpp index 29bedfa352c..8e667da1bcb 100644 --- a/jdk/src/share/native/sun/font/layout/LookupProcessor.cpp +++ b/jdk/src/share/native/sun/font/layout/LookupProcessor.cpp @@ -138,7 +138,7 @@ le_uint32 LookupProcessor::applySingleLookup(le_uint16 lookupTableIndex, GlyphIt le_int32 LookupProcessor::selectLookups(const LEReferenceTo &featureTable, FeatureMask featureMask, le_int32 order, LEErrorCode &success) { le_uint16 lookupCount = featureTable.isValid()? SWAPW(featureTable->lookupCount) : 0; - le_int32 store = order; + le_uint32 store = (le_uint32)order; LEReferenceToArrayOf lookupListIndexArray(featureTable, success, featureTable->lookupListIndexArray, lookupCount); @@ -147,6 +147,9 @@ le_int32 LookupProcessor::selectLookups(const LEReferenceTo &featu if (lookupListIndex >= lookupSelectCount) { continue; } + if (store >= lookupOrderCount) { + continue; + } lookupSelectArray[lookupListIndex] |= featureMask; lookupOrderArray[store++] = lookupListIndex; @@ -246,7 +249,7 @@ LookupProcessor::LookupProcessor(const LETableReference &baseAddress, if (requiredFeatureIndex != 0xFFFF) { requiredFeatureTable = featureListTable->getFeatureTable(featureListTable, requiredFeatureIndex, &requiredFeatureTag, success); - featureReferences += SWAPW(featureTable->lookupCount); + featureReferences += SWAPW(requiredFeatureTable->lookupCount); } lookupOrderArray = LE_NEW_ARRAY(le_uint16, featureReferences); @@ -254,6 +257,7 @@ LookupProcessor::LookupProcessor(const LETableReference &baseAddress, success = LE_MEMORY_ALLOCATION_ERROR; return; } + lookupOrderCount = featureReferences; for (le_int32 f = 0; f < featureMapCount; f += 1) { FeatureMap fm = featureMap[f]; diff --git a/jdk/src/share/native/sun/java2d/cmm/lcms/cmsintrp.c b/jdk/src/share/native/sun/java2d/cmm/lcms/cmsintrp.c index 183d2f84d01..51ec140cfbe 100644 --- a/jdk/src/share/native/sun/java2d/cmm/lcms/cmsintrp.c +++ b/jdk/src/share/native/sun/java2d/cmm/lcms/cmsintrp.c @@ -215,6 +215,11 @@ void LinLerp1D(register const cmsUInt16Number Value[], Output[0] = LinearInterp(rest, y0, y1); } +// To prevent out of bounds indexing +cmsINLINE cmsFloat32Number fclamp(cmsFloat32Number v) +{ + return v < 0.0f ? 0.0f : (v > 1.0f ? 1.0f : v); +} // Floating-point version of 1D interpolation static @@ -227,13 +232,15 @@ void LinLerp1Dfloat(const cmsFloat32Number Value[], int cell0, cell1; const cmsFloat32Number* LutTable = (cmsFloat32Number*) p ->Table; + val2 = fclamp(Value[0]); + // if last value... - if (Value[0] == 1.0) { + if (val2 == 1.0) { Output[0] = LutTable[p -> Domain[0]]; return; } - val2 = p -> Domain[0] * Value[0]; + val2 *= p -> Domain[0]; cell0 = (int) floor(val2); cell1 = (int) ceil(val2); @@ -292,13 +299,15 @@ void Eval1InputFloat(const cmsFloat32Number Value[], cmsUInt32Number OutChan; const cmsFloat32Number* LutTable = (cmsFloat32Number*) p ->Table; + val2 = fclamp(Value[0]); + // if last value... - if (Value[0] == 1.0) { + if (val2 == 1.0) { Output[0] = LutTable[p -> Domain[0]]; return; } - val2 = p -> Domain[0] * Value[0]; + val2 *= p -> Domain[0]; cell0 = (int) floor(val2); cell1 = (int) ceil(val2); @@ -339,8 +348,8 @@ void BilinearInterpFloat(const cmsFloat32Number Input[], dxy; TotalOut = p -> nOutputs; - px = Input[0] * p->Domain[0]; - py = Input[1] * p->Domain[1]; + px = fclamp(Input[0]) * p->Domain[0]; + py = fclamp(Input[1]) * p->Domain[1]; x0 = (int) _cmsQuickFloor(px); fx = px - (cmsFloat32Number) x0; y0 = (int) _cmsQuickFloor(py); fy = py - (cmsFloat32Number) y0; @@ -454,20 +463,9 @@ void TrilinearInterpFloat(const cmsFloat32Number Input[], TotalOut = p -> nOutputs; // We need some clipping here - px = Input[0]; - py = Input[1]; - pz = Input[2]; - - if (px < 0) px = 0; - if (px > 1) px = 1; - if (py < 0) py = 0; - if (py > 1) py = 1; - if (pz < 0) pz = 0; - if (pz > 1) pz = 1; - - px *= p->Domain[0]; - py *= p->Domain[1]; - pz *= p->Domain[2]; + px = fclamp(Input[0]) * p->Domain[0]; + py = fclamp(Input[1]) * p->Domain[1]; + pz = fclamp(Input[2]) * p->Domain[2]; x0 = (int) _cmsQuickFloor(px); fx = px - (cmsFloat32Number) x0; y0 = (int) _cmsQuickFloor(py); fy = py - (cmsFloat32Number) y0; @@ -609,20 +607,9 @@ void TetrahedralInterpFloat(const cmsFloat32Number Input[], TotalOut = p -> nOutputs; // We need some clipping here - px = Input[0]; - py = Input[1]; - pz = Input[2]; - - if (px < 0) px = 0; - if (px > 1) px = 1; - if (py < 0) py = 0; - if (py > 1) py = 1; - if (pz < 0) pz = 0; - if (pz > 1) pz = 1; - - px *= p->Domain[0]; - py *= p->Domain[1]; - pz *= p->Domain[2]; + px = fclamp(Input[0]) * p->Domain[0]; + py = fclamp(Input[1]) * p->Domain[1]; + pz = fclamp(Input[2]) * p->Domain[2]; x0 = (int) _cmsQuickFloor(px); rx = (px - (cmsFloat32Number) x0); y0 = (int) _cmsQuickFloor(py); ry = (py - (cmsFloat32Number) y0); @@ -1039,8 +1026,7 @@ void Eval4InputsFloat(const cmsFloat32Number Input[], cmsFloat32Number Tmp1[MAX_STAGE_CHANNELS], Tmp2[MAX_STAGE_CHANNELS]; cmsInterpParams p1; - - pk = Input[0] * p->Domain[0]; + pk = fclamp(Input[0]) * p->Domain[0]; k0 = _cmsQuickFloor(pk); rest = pk - (cmsFloat32Number) k0; @@ -1127,7 +1113,7 @@ void Eval5InputsFloat(const cmsFloat32Number Input[], cmsFloat32Number Tmp1[MAX_STAGE_CHANNELS], Tmp2[MAX_STAGE_CHANNELS]; cmsInterpParams p1; - pk = Input[0] * p->Domain[0]; + pk = fclamp(Input[0]) * p->Domain[0]; k0 = _cmsQuickFloor(pk); rest = pk - (cmsFloat32Number) k0; @@ -1214,7 +1200,7 @@ void Eval6InputsFloat(const cmsFloat32Number Input[], cmsFloat32Number Tmp1[MAX_STAGE_CHANNELS], Tmp2[MAX_STAGE_CHANNELS]; cmsInterpParams p1; - pk = Input[0] * p->Domain[0]; + pk = fclamp(Input[0]) * p->Domain[0]; k0 = _cmsQuickFloor(pk); rest = pk - (cmsFloat32Number) k0; @@ -1299,7 +1285,7 @@ void Eval7InputsFloat(const cmsFloat32Number Input[], cmsFloat32Number Tmp1[MAX_STAGE_CHANNELS], Tmp2[MAX_STAGE_CHANNELS]; cmsInterpParams p1; - pk = Input[0] * p->Domain[0]; + pk = fclamp(Input[0]) * p->Domain[0]; k0 = _cmsQuickFloor(pk); rest = pk - (cmsFloat32Number) k0; @@ -1384,7 +1370,7 @@ void Eval8InputsFloat(const cmsFloat32Number Input[], cmsFloat32Number Tmp1[MAX_STAGE_CHANNELS], Tmp2[MAX_STAGE_CHANNELS]; cmsInterpParams p1; - pk = Input[0] * p->Domain[0]; + pk = fclamp(Input[0]) * p->Domain[0]; k0 = _cmsQuickFloor(pk); rest = pk - (cmsFloat32Number) k0; diff --git a/jdk/src/solaris/native/sun/awt/splashscreen/splashscreen_sys.c b/jdk/src/solaris/native/sun/awt/splashscreen/splashscreen_sys.c index e43ebcaf236..930f7ebbeb9 100644 --- a/jdk/src/solaris/native/sun/awt/splashscreen/splashscreen_sys.c +++ b/jdk/src/solaris/native/sun/awt/splashscreen/splashscreen_sys.c @@ -577,8 +577,8 @@ SplashEventLoop(Splash * splash) { SplashUnlock(splash); rc = poll(pfd, 2, timeout); SplashLock(splash); - if (splash->isVisible>0 && SplashTime() >= splash->time + - splash->frames[splash->currentFrame].delay) { + if (splash->isVisible > 0 && splash->currentFrame >= 0 && + SplashTime() >= splash->time + splash->frames[splash->currentFrame].delay) { SplashNextFrame(splash); SplashUpdateShape(splash); SplashRedrawWindow(splash); diff --git a/jdk/test/java/lang/SecurityManager/CheckPackageAccess.java b/jdk/test/java/lang/SecurityManager/CheckPackageAccess.java index c6b9a1e59be..7bd9cfa9400 100644 --- a/jdk/test/java/lang/SecurityManager/CheckPackageAccess.java +++ b/jdk/test/java/lang/SecurityManager/CheckPackageAccess.java @@ -23,7 +23,7 @@ /* * @test - * @bug 6741606 7146431 8000450 8019830 + * @bug 6741606 7146431 8000450 8019830 8022945 * @summary Make sure all restricted packages listed in the package.access * property in the java.security file are blocked * @run main/othervm CheckPackageAccess @@ -55,6 +55,7 @@ public class CheckPackageAccess { "com.sun.istack.internal.", "com.sun.jmx.", "com.sun.media.sound.", + "com.sun.naming.internal.", "com.sun.proxy.", "com.sun.org.apache.bcel.internal.", "com.sun.org.apache.regexp.internal.",