From adca97b659d725b0dd320322297dcbd1b443a047 Mon Sep 17 00:00:00 2001 From: Bradford Wetmore Date: Fri, 19 May 2023 00:58:30 +0000 Subject: [PATCH] 8286503: Enhance security classes Reviewed-by: rhalade, mullan, skoivu, weijun --- .../com/sun/crypto/provider/DESKey.java | 19 ++++-- .../com/sun/crypto/provider/DESedeKey.java | 21 +++++-- .../com/sun/crypto/provider/DHPrivateKey.java | 32 +++++++++-- .../com/sun/crypto/provider/DHPublicKey.java | 32 +++++++++-- .../com/sun/crypto/provider/PBEKey.java | 30 ++++++++-- .../sun/crypto/provider/PBKDF2KeyImpl.java | 46 +++++++++++---- .../provider/TlsMasterSecretGenerator.java | 27 +++++++-- .../classes/java/security/CodeSigner.java | 13 +++-- .../javax/crypto/spec/SecretKeySpec.java | 27 ++++++++- .../auth/callback/ChoiceCallback.java | 53 ++++++++++++++--- .../auth/callback/ConfirmationCallback.java | 47 ++++++++++----- .../auth/callback/PasswordCallback.java | 28 ++++++++- .../sun/security/ec/ECPrivateKeyImpl.java | 21 ++++++- .../sun/security/ec/ECPublicKeyImpl.java | 26 ++++++++- .../sun/security/ec/XDHPrivateKeyImpl.java | 18 +++++- .../sun/security/ec/XDHPublicKeyImpl.java | 25 +++++++- .../security/ec/ed/EdDSAPrivateKeyImpl.java | 21 ++++++- .../security/ec/ed/EdDSAPublicKeyImpl.java | 25 +++++++- .../security/provider/DSAPublicKeyImpl.java | 27 +++++++-- .../sun/security/provider/PolicyFile.java | 29 +++++++++- .../sun/security/provider/SecureRandom.java | 54 +++++++++++++++--- .../provider/certpath/X509CertPath.java | 22 +++++-- .../security/rsa/RSAPrivateCrtKeyImpl.java | 22 ++++++- .../sun/security/rsa/RSAPrivateKeyImpl.java | 30 ++++++++-- .../sun/security/rsa/RSAPublicKeyImpl.java | 24 +++++++- .../sun/security/x509/X509CertImpl.java | 22 ++++++- .../classes/sun/security/pkcs11/Token.java | 24 +++++++- .../sun/security/mscapi/CPrivateKey.java | 26 ++++++++- .../sun/security/mscapi/CPublicKey.java | 29 +++++++++- .../com/sun/security/auth/LdapPrincipal.java | 33 ++++++++++- .../sun/security/auth/NTDomainPrincipal.java | 30 ++++++++-- .../classes/com/sun/security/auth/NTSid.java | 38 ++++++++++-- .../sun/security/auth/NTUserPrincipal.java | 31 ++++++++-- .../auth/UnixNumericGroupPrincipal.java | 32 +++++++++-- .../auth/UnixNumericUserPrincipal.java | 30 ++++++++-- .../com/sun/security/auth/UnixPrincipal.java | 30 ++++++++-- .../com/sun/security/auth/UserPrincipal.java | 22 ++++++- test/jdk/java/security/KeyRep/RSA.pre.1.5.key | Bin 1803 -> 0 bytes test/jdk/java/security/KeyRep/SerialOld.java | 14 +++-- 39 files changed, 931 insertions(+), 149 deletions(-) delete mode 100644 test/jdk/java/security/KeyRep/RSA.pre.1.5.key diff --git a/src/java.base/share/classes/com/sun/crypto/provider/DESKey.java b/src/java.base/share/classes/com/sun/crypto/provider/DESKey.java index 87aa1753eb5..17f82b2eacc 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/DESKey.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/DESKey.java @@ -25,6 +25,8 @@ package com.sun.crypto.provider; +import java.io.IOException; +import java.io.InvalidObjectException; import java.lang.ref.Reference; import java.security.MessageDigest; import java.security.KeyRep; @@ -45,7 +47,7 @@ import jdk.internal.ref.CleanerFactory; final class DESKey implements SecretKey { @java.io.Serial - static final long serialVersionUID = 7724971015953279128L; + private static final long serialVersionUID = 7724971015953279128L; private byte[] key; @@ -143,17 +145,26 @@ final class DESKey implements SecretKey { } /** - * readObject is called to restore the state of this key from - * a stream. + * Restores the state of this object from the stream. + * + * @param s the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded */ @java.io.Serial private void readObject(java.io.ObjectInputStream s) - throws java.io.IOException, ClassNotFoundException + throws IOException, ClassNotFoundException { s.defaultReadObject(); + if ((key == null) || (key.length != DESKeySpec.DES_KEY_LEN)) { + throw new InvalidObjectException("Wrong key size"); + } byte[] temp = key; key = temp.clone(); Arrays.fill(temp, (byte)0x00); + + DESKeyGenerator.setParityBit(key, 0); + // Use the cleaner to zero the key when no longer referenced final byte[] k = this.key; CleanerFactory.cleaner().register(this, diff --git a/src/java.base/share/classes/com/sun/crypto/provider/DESedeKey.java b/src/java.base/share/classes/com/sun/crypto/provider/DESedeKey.java index 938fd217eee..f5c3d8384df 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/DESedeKey.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/DESedeKey.java @@ -25,6 +25,8 @@ package com.sun.crypto.provider; +import java.io.IOException; +import java.io.InvalidObjectException; import java.lang.ref.Reference; import java.security.MessageDigest; import java.security.KeyRep; @@ -45,7 +47,7 @@ import jdk.internal.ref.CleanerFactory; final class DESedeKey implements SecretKey { @java.io.Serial - static final long serialVersionUID = 2463986565756745178L; + private static final long serialVersionUID = 2463986565756745178L; private byte[] key; @@ -144,17 +146,28 @@ final class DESedeKey implements SecretKey { } /** - * readObject is called to restore the state of this key from - * a stream. + * Restores the state of this object from the stream. + * + * @param s the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded */ @java.io.Serial private void readObject(java.io.ObjectInputStream s) - throws java.io.IOException, ClassNotFoundException + throws IOException, ClassNotFoundException { s.defaultReadObject(); + if ((key == null) || (key.length != DESedeKeySpec.DES_EDE_KEY_LEN)) { + throw new InvalidObjectException("Wrong key size"); + } byte[] temp = key; this.key = temp.clone(); java.util.Arrays.fill(temp, (byte)0x00); + + DESKeyGenerator.setParityBit(key, 0); + DESKeyGenerator.setParityBit(key, 8); + DESKeyGenerator.setParityBit(key, 16); + // Use the cleaner to zero the key when no longer referenced final byte[] k = this.key; CleanerFactory.cleaner().register(this, diff --git a/src/java.base/share/classes/com/sun/crypto/provider/DHPrivateKey.java b/src/java.base/share/classes/com/sun/crypto/provider/DHPrivateKey.java index 6d908721b4a..c08357b37bb 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/DHPrivateKey.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/DHPrivateKey.java @@ -40,8 +40,6 @@ import sun.security.util.*; * algorithm. * * @author Jan Luehe - * - * * @see DHPublicKey * @see javax.crypto.KeyAgreement */ @@ -49,7 +47,7 @@ final class DHPrivateKey implements PrivateKey, javax.crypto.interfaces.DHPrivateKey, Serializable { @java.io.Serial - static final long serialVersionUID = 7565477590005668886L; + private static final long serialVersionUID = 7565477590005668886L; // only supported version of PKCS#8 PrivateKeyInfo private static final BigInteger PKCS8_VERSION = BigInteger.ZERO; @@ -64,10 +62,10 @@ final class DHPrivateKey implements PrivateKey, private byte[] encodedKey; // the prime modulus - private BigInteger p; + private final BigInteger p; // the base generator - private BigInteger g; + private final BigInteger g; // the private-value length (optional) private int l; @@ -321,4 +319,28 @@ final class DHPrivateKey implements PrivateKey, getFormat(), encodedKey); } + + /** + * Restores the state of this object from the stream. + *

+ * JDK 1.5+ objects use KeyReps instead. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + if ((key == null) || (key.length == 0)) { + throw new InvalidObjectException("key not deserializable"); + } + this.key = key.clone(); + if ((encodedKey == null) || (encodedKey.length == 0)) { + throw new InvalidObjectException( + "encoded key not deserializable"); + } + this.encodedKey = encodedKey.clone(); + } } diff --git a/src/java.base/share/classes/com/sun/crypto/provider/DHPublicKey.java b/src/java.base/share/classes/com/sun/crypto/provider/DHPublicKey.java index 78d7d71b1c1..7a0607f1227 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/DHPublicKey.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/DHPublicKey.java @@ -39,8 +39,6 @@ import sun.security.util.*; * A public key in X.509 format for the Diffie-Hellman key agreement algorithm. * * @author Jan Luehe - * - * * @see DHPrivateKey * @see javax.crypto.KeyAgreement */ @@ -48,7 +46,7 @@ final class DHPublicKey implements PublicKey, javax.crypto.interfaces.DHPublicKey, Serializable { @java.io.Serial - static final long serialVersionUID = 7647557958927458271L; + private static final long serialVersionUID = 7647557958927458271L; // the public key private BigInteger y; @@ -60,10 +58,10 @@ javax.crypto.interfaces.DHPublicKey, Serializable { private byte[] encodedKey; // the prime modulus - private BigInteger p; + private final BigInteger p; // the base generator - private BigInteger g; + private final BigInteger g; // the private-value length (optional) private int l; @@ -313,4 +311,28 @@ javax.crypto.interfaces.DHPublicKey, Serializable { getFormat(), getEncoded()); } + + /** + * Restores the state of this object from the stream. + *

+ * JDK 1.5+ objects use KeyReps instead. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + if ((key == null) || (key.length == 0)) { + throw new InvalidObjectException("key not deserializable"); + } + this.key = key.clone(); + if ((encodedKey == null) || (encodedKey.length == 0)) { + throw new InvalidObjectException( + "encoded key not deserializable"); + } + this.encodedKey = encodedKey.clone(); + } } diff --git a/src/java.base/share/classes/com/sun/crypto/provider/PBEKey.java b/src/java.base/share/classes/com/sun/crypto/provider/PBEKey.java index 71efeb535aa..480a0810425 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/PBEKey.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/PBEKey.java @@ -25,6 +25,8 @@ package com.sun.crypto.provider; +import java.io.IOException; +import java.io.InvalidObjectException; import java.lang.ref.Reference; import java.lang.ref.Cleaner.Cleanable; import java.security.MessageDigest; @@ -46,11 +48,11 @@ import jdk.internal.ref.CleanerFactory; final class PBEKey implements SecretKey { @java.io.Serial - static final long serialVersionUID = -2234768909660948176L; + private static final long serialVersionUID = -2234768909660948176L; private byte[] key; - private String type; + private final String type; private transient Cleanable cleanable; @@ -162,17 +164,35 @@ final class PBEKey implements SecretKey { } /** - * readObject is called to restore the state of this key from - * a stream. + * Restores the state of this object from the stream. + * + * @param s the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded */ @java.io.Serial private void readObject(java.io.ObjectInputStream s) - throws java.io.IOException, ClassNotFoundException + throws IOException, ClassNotFoundException { s.defaultReadObject(); + if (key == null) { + throw new InvalidObjectException( + "PBEKey couldn't be deserialized"); + } byte[] temp = key; key = temp.clone(); Arrays.fill(temp, (byte)0x00); + + // Accept "\0" to signify "zero-length password with no terminator". + if (!(key.length == 1 && key[0] == 0)) { + for (int i = 0; i < key.length; i++) { + if ((key[i] < '\u0020') || (key[i] > '\u007E')) { + throw new InvalidObjectException( + "PBEKey had non-ASCII chars"); + } + } + } + // Use cleaner to zero the key when no longer referenced final byte[] k = this.key; cleanable = CleanerFactory.cleaner().register(this, diff --git a/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java b/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java index 445a8a1814c..8e85221f4bb 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java @@ -25,7 +25,7 @@ package com.sun.crypto.provider; -import java.io.ObjectStreamException; +import java.io.*; import java.lang.ref.Reference; import java.lang.ref.Cleaner; import java.nio.ByteBuffer; @@ -58,16 +58,16 @@ import jdk.internal.ref.CleanerFactory; final class PBKDF2KeyImpl implements javax.crypto.interfaces.PBEKey { @java.io.Serial - static final long serialVersionUID = -2234868909660948157L; + private static final long serialVersionUID = -2234868909660948157L; - private char[] passwd; - private byte[] salt; - private int iterCount; + private final char[] passwd; + private final byte[] salt; + private final int iterCount; private byte[] key; // The following fields are not Serializable. See writeReplace method. - private transient Mac prf; - private transient Cleaner.Cleanable cleaner; + private final transient Mac prf; + private final transient Cleaner.Cleanable cleaner; private static byte[] getPasswordBytes(char[] passwd) { CharBuffer cb = CharBuffer.wrap(passwd); @@ -141,13 +141,14 @@ final class PBKDF2KeyImpl implements javax.crypto.interfaces.PBEKey { int intR = keyLength - (intL - 1)*hlen; // residue byte[] ui = new byte[hlen]; byte[] ti = new byte[hlen]; + String algName = prf.getAlgorithm(); // SecretKeySpec cannot be used, since password can be empty here. SecretKey macKey = new SecretKey() { @java.io.Serial private static final long serialVersionUID = 7874493593505141603L; @Override public String getAlgorithm() { - return prf.getAlgorithm(); + return algName; } @Override public String getFormat() { @@ -160,18 +161,27 @@ final class PBKDF2KeyImpl implements javax.crypto.interfaces.PBEKey { @Override public int hashCode() { return Arrays.hashCode(password) * 41 + - prf.getAlgorithm().toLowerCase(Locale.ENGLISH).hashCode(); + algName.toLowerCase(Locale.ENGLISH).hashCode(); } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null || this.getClass() != obj.getClass()) return false; SecretKey sk = (SecretKey)obj; - return prf.getAlgorithm().equalsIgnoreCase( + return algName.equalsIgnoreCase( sk.getAlgorithm()) && MessageDigest.isEqual(password, sk.getEncoded()); } + // This derived key can't be deserialized. + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "PBKDF2KeyImpl SecretKeys are not " + + "directly deserializable"); + } }; + prf.init(macKey); byte[] ibytes = new byte[4]; @@ -303,4 +313,20 @@ final class PBKDF2KeyImpl implements javax.crypto.interfaces.PBEKey { Reference.reachabilityFence(this); } } + + /** + * Restores the state of this object from the stream. + *

+ * Deserialization of this class is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "PBKDF2KeyImpl keys are not directly deserializable"); + } } diff --git a/src/java.base/share/classes/com/sun/crypto/provider/TlsMasterSecretGenerator.java b/src/java.base/share/classes/com/sun/crypto/provider/TlsMasterSecretGenerator.java index 203d54495f2..14ada1699c1 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/TlsMasterSecretGenerator.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/TlsMasterSecretGenerator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,9 @@ package com.sun.crypto.provider; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.security.*; import java.security.spec.AlgorithmParameterSpec; import java.util.Arrays; @@ -62,11 +65,11 @@ public final class TlsMasterSecretGenerator extends KeyGeneratorSpi { @SuppressWarnings("deprecation") protected void engineInit(AlgorithmParameterSpec params, SecureRandom random) throws InvalidAlgorithmParameterException { - if (params instanceof TlsMasterSecretParameterSpec == false) { + if (!(params instanceof TlsMasterSecretParameterSpec)) { throw new InvalidAlgorithmParameterException(MSG); } this.spec = (TlsMasterSecretParameterSpec)params; - if ("RAW".equals(spec.getPremasterSecret().getFormat()) == false) { + if (!"RAW".equals(spec.getPremasterSecret().getFormat())) { throw new InvalidAlgorithmParameterException( "Key format must be RAW"); } @@ -191,6 +194,22 @@ public final class TlsMasterSecretGenerator extends KeyGeneratorSpi { return key.clone(); } - } + /** + * Restores the state of this object from the stream. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + if ((key == null) || (key.length == 0)) { + throw new InvalidObjectException("TlsMasterSecretKey is null"); + } + key = key.clone(); + } + } } diff --git a/src/java.base/share/classes/java/security/CodeSigner.java b/src/java.base/share/classes/java/security/CodeSigner.java index 76c8be058ba..d14c215b6cc 100644 --- a/src/java.base/share/classes/java/security/CodeSigner.java +++ b/src/java.base/share/classes/java/security/CodeSigner.java @@ -142,9 +142,9 @@ public final class CodeSigner implements Serializable { public String toString() { StringBuilder sb = new StringBuilder(); sb.append("("); - sb.append("Signer: " + signerCertPath.getCertificates().get(0)); + sb.append("Signer: ").append(signerCertPath.getCertificates().get(0)); if (timestamp != null) { - sb.append("timestamp: " + timestamp); + sb.append("timestamp: ").append(timestamp); } sb.append(")"); return sb.toString(); @@ -160,8 +160,11 @@ public final class CodeSigner implements Serializable { */ @java.io.Serial private void readObject(ObjectInputStream ois) - throws IOException, ClassNotFoundException { - ois.defaultReadObject(); - myhash = -1; + throws IOException, ClassNotFoundException { + ois.defaultReadObject(); + if (signerCertPath == null) { + throw new InvalidObjectException("signerCertPath is null"); + } + myhash = -1; } } diff --git a/src/java.base/share/classes/javax/crypto/spec/SecretKeySpec.java b/src/java.base/share/classes/javax/crypto/spec/SecretKeySpec.java index d1326f89175..e76a51e5d68 100644 --- a/src/java.base/share/classes/javax/crypto/spec/SecretKeySpec.java +++ b/src/java.base/share/classes/javax/crypto/spec/SecretKeySpec.java @@ -28,6 +28,9 @@ package javax.crypto.spec; import jdk.internal.access.SharedSecrets; import javax.crypto.SecretKey; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.security.MessageDigest; import java.security.spec.KeySpec; import java.util.Arrays; @@ -60,7 +63,7 @@ public class SecretKeySpec implements KeySpec, SecretKey { * * @serial */ - private final byte[] key; + private byte[] key; /** * The name of the algorithm associated with this key. @@ -251,4 +254,26 @@ public class SecretKeySpec implements KeySpec, SecretKey { void clear() { Arrays.fill(key, (byte)0); } + + /** + * Restores the state of this object from the stream. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + + if (key == null || algorithm == null) { + throw new InvalidObjectException("Missing argument"); + } + + this.key = key.clone(); + if (key.length == 0) { + throw new InvalidObjectException("Invalid key length"); + } + } } diff --git a/src/java.base/share/classes/javax/security/auth/callback/ChoiceCallback.java b/src/java.base/share/classes/javax/security/auth/callback/ChoiceCallback.java index dd6072f5db8..c005b4ea02b 100644 --- a/src/java.base/share/classes/javax/security/auth/callback/ChoiceCallback.java +++ b/src/java.base/share/classes/javax/security/auth/callback/ChoiceCallback.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,10 @@ package javax.security.auth.callback; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; + /** *

Underlying security services instantiate and pass a * {@code ChoiceCallback} to the {@code handle} @@ -48,7 +52,7 @@ public class ChoiceCallback implements Callback, java.io.Serializable { * @serial the list of choices * @since 1.4 */ - private final String[] choices; + private String[] choices; /** * @serial the choice to be used as the default choice * @since 1.4 @@ -72,7 +76,6 @@ public class ChoiceCallback implements Callback, java.io.Serializable { * a list of choices, a default choice, and a boolean specifying * whether multiple selections from the list of choices are allowed. * - * * @param prompt the prompt used to describe the list of choices. * * @param choices the list of choices. The array is cloned to protect @@ -104,15 +107,15 @@ public class ChoiceCallback implements Callback, java.io.Serializable { defaultChoice < 0 || defaultChoice >= choices.length) throw new IllegalArgumentException(); + this.prompt = prompt; + this.defaultChoice = defaultChoice; + this.multipleSelectionsAllowed = multipleSelectionsAllowed; + + this.choices = choices.clone(); for (int i = 0; i < choices.length; i++) { if (choices[i] == null || choices[i].isEmpty()) throw new IllegalArgumentException(); } - - this.prompt = prompt; - this.choices = choices.clone(); - this.defaultChoice = defaultChoice; - this.multipleSelectionsAllowed = multipleSelectionsAllowed; } /** @@ -196,4 +199,38 @@ public class ChoiceCallback implements Callback, java.io.Serializable { public int[] getSelectedIndexes() { return selections == null ? null : selections.clone(); } + + /** + * Restores the state of this object from the stream. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + + if ((prompt == null) || prompt.isEmpty() || + (choices == null) || (choices.length == 0) || + (defaultChoice < 0) || (defaultChoice >= choices.length)) { + throw new InvalidObjectException( + "Missing/invalid prompt/choices"); + } + + choices = choices.clone(); + for (int i = 0; i < choices.length; i++) { + if ((choices[i] == null) || choices[i].isEmpty()) + throw new InvalidObjectException("Null/empty choices"); + } + + if (selections != null) { + selections = selections.clone(); + if (!multipleSelectionsAllowed && (selections.length != 1)) { + throw new InvalidObjectException( + "Multiple selections not allowed"); + } + } + } } diff --git a/src/java.base/share/classes/javax/security/auth/callback/ConfirmationCallback.java b/src/java.base/share/classes/javax/security/auth/callback/ConfirmationCallback.java index 926a3d889e2..437ce7041a7 100644 --- a/src/java.base/share/classes/javax/security/auth/callback/ConfirmationCallback.java +++ b/src/java.base/share/classes/javax/security/auth/callback/ConfirmationCallback.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2020, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,9 @@ package javax.security.auth.callback; +import java.io.IOException; +import java.io.ObjectInputStream; + /** *

Underlying security services instantiate and pass a * {@code ConfirmationCallback} to the {@code handle} @@ -147,7 +150,7 @@ public class ConfirmationCallback implements Callback, java.io.Serializable { * @serial * @since 1.4 */ - private final String[] options; + private String[] options; /** * @serial * @since 1.4 @@ -252,16 +255,16 @@ public class ConfirmationCallback implements Callback, java.io.Serializable { defaultOption < 0 || defaultOption >= options.length) throw new IllegalArgumentException(); + this.prompt = null; + this.messageType = messageType; + this.optionType = UNSPECIFIED_OPTION; + this.defaultOption = defaultOption; + + this.options = options.clone(); for (int i = 0; i < options.length; i++) { if (options[i] == null || options[i].isEmpty()) throw new IllegalArgumentException(); } - - this.prompt = null; - this.messageType = messageType; - this.optionType = UNSPECIFIED_OPTION; - this.options = options.clone(); - this.defaultOption = defaultOption; } /** @@ -372,16 +375,16 @@ public class ConfirmationCallback implements Callback, java.io.Serializable { defaultOption < 0 || defaultOption >= options.length) throw new IllegalArgumentException(); + this.prompt = prompt; + this.messageType = messageType; + this.optionType = UNSPECIFIED_OPTION; + this.defaultOption = defaultOption; + + this.options = options.clone(); for (int i = 0; i < options.length; i++) { if (options[i] == null || options[i].isEmpty()) throw new IllegalArgumentException(); } - - this.prompt = prompt; - this.messageType = messageType; - this.optionType = UNSPECIFIED_OPTION; - this.options = options.clone(); - this.defaultOption = defaultOption; } /** @@ -487,4 +490,20 @@ public class ConfirmationCallback implements Callback, java.io.Serializable { public int getSelectedIndex() { return selection; } + + /** + * Restores the state of this object from the stream. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + if (options != null) { + options = options.clone(); + } + } } diff --git a/src/java.base/share/classes/javax/security/auth/callback/PasswordCallback.java b/src/java.base/share/classes/javax/security/auth/callback/PasswordCallback.java index b0758c012b2..bbe7ab882a6 100644 --- a/src/java.base/share/classes/javax/security/auth/callback/PasswordCallback.java +++ b/src/java.base/share/classes/javax/security/auth/callback/PasswordCallback.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,9 @@ package javax.security.auth.callback; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.lang.ref.Cleaner; import java.util.Arrays; @@ -157,4 +160,27 @@ public class PasswordCallback implements Callback, java.io.Serializable { private static Runnable cleanerFor(char[] password) { return () -> Arrays.fill(password, ' '); } + + /** + * Restores the state of this object from the stream. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + + if (prompt == null || prompt.isEmpty()) { + throw new InvalidObjectException("Missing prompt"); + } + + if (inputPassword != null) { + inputPassword = inputPassword.clone(); + cleanable = CleanerFactory.cleaner().register( + this, cleanerFor(inputPassword)); + } + } } diff --git a/src/java.base/share/classes/sun/security/ec/ECPrivateKeyImpl.java b/src/java.base/share/classes/sun/security/ec/ECPrivateKeyImpl.java index a2a54391c1f..b1b8b2d188f 100644 --- a/src/java.base/share/classes/sun/security/ec/ECPrivateKeyImpl.java +++ b/src/java.base/share/classes/sun/security/ec/ECPrivateKeyImpl.java @@ -26,6 +26,8 @@ package sun.security.ec; import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.math.BigInteger; import java.security.*; @@ -41,7 +43,7 @@ import sun.security.pkcs.PKCS8Key; /** * Key implementation for EC private keys. - * + *

* ASN.1 syntax for EC private keys from SEC 1 v1.5 (draft): * *

@@ -64,6 +66,7 @@ import sun.security.pkcs.PKCS8Key;
  */
 public final class ECPrivateKeyImpl extends PKCS8Key implements ECPrivateKey {
 
+    @java.io.Serial
     private static final long serialVersionUID = 88695385615075129L;
 
     private BigInteger s;       // private value
@@ -218,4 +221,20 @@ public final class ECPrivateKeyImpl extends PKCS8Key implements ECPrivateKey {
                     "Unexpected error calculating public key", e);
         }
     }
+
+    /**
+     * Restores the state of this object from the stream.
+     * 

+ * Deserialization of this object is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "ECPrivateKeyImpl keys are not directly deserializable"); + } } diff --git a/src/java.base/share/classes/sun/security/ec/ECPublicKeyImpl.java b/src/java.base/share/classes/sun/security/ec/ECPublicKeyImpl.java index 8a363607d42..8f099f1e52f 100644 --- a/src/java.base/share/classes/sun/security/ec/ECPublicKeyImpl.java +++ b/src/java.base/share/classes/sun/security/ec/ECPublicKeyImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,6 +27,8 @@ package sun.security.ec; import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.security.*; import java.security.interfaces.*; import java.security.spec.*; @@ -44,6 +46,7 @@ import sun.security.x509.*; */ public final class ECPublicKeyImpl extends X509Key implements ECPublicKey { + @java.io.Serial private static final long serialVersionUID = -2462037275160462289L; @SuppressWarnings("serial") // Type of field is not @@ -123,10 +126,27 @@ public final class ECPublicKeyImpl extends X509Key implements ECPublicKey { + "\n parameters: " + params; } - protected Object writeReplace() throws java.io.ObjectStreamException { + @java.io.Serial + private Object writeReplace() throws java.io.ObjectStreamException { return new KeyRep(KeyRep.Type.PUBLIC, getAlgorithm(), getFormat(), getEncoded()); } -} + + /** + * Restores the state of this object from the stream. + *

+ * Deserialization of this object is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "ECPublicKeyImpl keys are not directly deserializable"); + } +} \ No newline at end of file diff --git a/src/java.base/share/classes/sun/security/ec/XDHPrivateKeyImpl.java b/src/java.base/share/classes/sun/security/ec/XDHPrivateKeyImpl.java index 6eff482816b..dfc0d0f6cd3 100644 --- a/src/java.base/share/classes/sun/security/ec/XDHPrivateKeyImpl.java +++ b/src/java.base/share/classes/sun/security/ec/XDHPrivateKeyImpl.java @@ -37,6 +37,7 @@ import sun.security.util.*; public final class XDHPrivateKeyImpl extends PKCS8Key implements XECPrivateKey { + @java.io.Serial private static final long serialVersionUID = 1L; @SuppressWarnings("serial") // Type of field is not Serializable @@ -114,5 +115,20 @@ public final class XDHPrivateKeyImpl extends PKCS8Key implements XECPrivateKey { "Unexpected error calculating public key", e); } } -} + /** + * Restores the state of this object from the stream. + *

+ * Deserialization of this object is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "XDHPrivateKeyImpl keys are not directly deserializable"); + } +} diff --git a/src/java.base/share/classes/sun/security/ec/XDHPublicKeyImpl.java b/src/java.base/share/classes/sun/security/ec/XDHPublicKeyImpl.java index f1f3c88c1be..e6f8961f412 100644 --- a/src/java.base/share/classes/sun/security/ec/XDHPublicKeyImpl.java +++ b/src/java.base/share/classes/sun/security/ec/XDHPublicKeyImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2018, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,9 @@ package sun.security.ec; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.math.BigInteger; import java.security.InvalidKeyException; import java.security.KeyRep; @@ -39,6 +42,7 @@ import sun.security.x509.X509Key; public final class XDHPublicKeyImpl extends X509Key implements XECPublicKey { + @java.io.Serial private static final long serialVersionUID = 1L; private final BigInteger u; @@ -107,7 +111,8 @@ public final class XDHPublicKeyImpl extends X509Key implements XECPublicKey { return "XDH"; } - protected Object writeReplace() throws java.io.ObjectStreamException { + @java.io.Serial + private Object writeReplace() throws java.io.ObjectStreamException { return new KeyRep(KeyRep.Type.PUBLIC, getAlgorithm(), getFormat(), @@ -130,5 +135,21 @@ public final class XDHPublicKeyImpl extends X509Key implements XECPublicKey { j--; } } + + /** + * Restores the state of this object from the stream. + *

+ * Deserialization of this object is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "XDHPublicKeyImpl keys are not directly deserializable"); + } } diff --git a/src/java.base/share/classes/sun/security/ec/ed/EdDSAPrivateKeyImpl.java b/src/java.base/share/classes/sun/security/ec/ed/EdDSAPrivateKeyImpl.java index 4adea3f857d..661ec9ed1b7 100644 --- a/src/java.base/share/classes/sun/security/ec/ed/EdDSAPrivateKeyImpl.java +++ b/src/java.base/share/classes/sun/security/ec/ed/EdDSAPrivateKeyImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2020, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,8 @@ package sun.security.ec.ed; import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.security.InvalidKeyException; import java.security.interfaces.EdECPrivateKey; import java.util.Optional; @@ -38,6 +40,7 @@ import sun.security.util.*; public final class EdDSAPrivateKeyImpl extends PKCS8Key implements EdECPrivateKey { + @java.io.Serial private static final long serialVersionUID = 1L; @SuppressWarnings("serial") // Type of field is not Serializable @@ -102,4 +105,20 @@ public final class EdDSAPrivateKeyImpl public Optional getBytes() { return Optional.of(getKey()); } + + /** + * Restores the state of this object from the stream. + *

+ * Deserialization of this object is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "EdDSAPrivateKeyImpl keys are not directly deserializable"); + } } diff --git a/src/java.base/share/classes/sun/security/ec/ed/EdDSAPublicKeyImpl.java b/src/java.base/share/classes/sun/security/ec/ed/EdDSAPublicKeyImpl.java index c1cba3a1fb1..671b53e1c6e 100644 --- a/src/java.base/share/classes/sun/security/ec/ed/EdDSAPublicKeyImpl.java +++ b/src/java.base/share/classes/sun/security/ec/ed/EdDSAPublicKeyImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2020, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2020, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,9 @@ package sun.security.ec.ed; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.math.BigInteger; import java.security.InvalidKeyException; import java.security.KeyRep; @@ -39,6 +42,7 @@ import sun.security.x509.X509Key; public final class EdDSAPublicKeyImpl extends X509Key implements EdECPublicKey { + @java.io.Serial private static final long serialVersionUID = 1L; @SuppressWarnings("serial") // Type of field is not Serializable @@ -108,7 +112,8 @@ public final class EdDSAPublicKeyImpl extends X509Key implements EdECPublicKey { return "EdDSA"; } - protected Object writeReplace() throws java.io.ObjectStreamException { + @java.io.Serial + private Object writeReplace() throws java.io.ObjectStreamException { return new KeyRep(KeyRep.Type.PUBLIC, getAlgorithm(), getFormat(), getEncoded()); } @@ -129,4 +134,20 @@ public final class EdDSAPublicKeyImpl extends X509Key implements EdECPublicKey { j--; } } + + /** + * Restores the state of this object from the stream. + *

+ * Deserialization of this object is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "EdDSAPublicKeyImpl keys are not directly deserializable"); + } } diff --git a/src/java.base/share/classes/sun/security/provider/DSAPublicKeyImpl.java b/src/java.base/share/classes/sun/security/provider/DSAPublicKeyImpl.java index 2c402ef2863..ca84d202c14 100644 --- a/src/java.base/share/classes/sun/security/provider/DSAPublicKeyImpl.java +++ b/src/java.base/share/classes/sun/security/provider/DSAPublicKeyImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,17 +25,20 @@ package sun.security.provider; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.math.BigInteger; import java.security.KeyRep; import java.security.InvalidKeyException; /** * An X.509 public key for the Digital Signature Algorithm. - * + *

* The difference between DSAPublicKeyImpl and DSAPublicKey is that * DSAPublicKeyImpl calls writeReplace with KeyRep, and DSAPublicKey * calls writeObject. - * + *

* See the comments in DSAKeyFactory, 4532506, and 6232513. * */ @@ -72,10 +75,26 @@ public final class DSAPublicKeyImpl extends DSAPublicKey { } @java.io.Serial - protected Object writeReplace() throws java.io.ObjectStreamException { + private Object writeReplace() throws java.io.ObjectStreamException { return new KeyRep(KeyRep.Type.PUBLIC, getAlgorithm(), getFormat(), getEncoded()); } + + /** + * Restores the state of this object from the stream. + *

+ * Deserialization of this object is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "DSAPublicKeyImpl keys are not directly deserializable"); + } } diff --git a/src/java.base/share/classes/sun/security/provider/PolicyFile.java b/src/java.base/share/classes/sun/security/provider/PolicyFile.java index 2a5c13b8bc2..f218591ce11 100644 --- a/src/java.base/share/classes/sun/security/provider/PolicyFile.java +++ b/src/java.base/share/classes/sun/security/provider/PolicyFile.java @@ -2098,8 +2098,17 @@ public class PolicyFile extends java.security.Policy { this.actions.equals(that.actions))) return false; - if (this.certs.length != that.certs.length) + if ((this.certs == null) && (that.certs == null)) { + return true; + } + + if ((this.certs == null) || (that.certs == null)) { return false; + } + + if (this.certs.length != that.certs.length) { + return false; + } int i,j; boolean match; @@ -2163,7 +2172,7 @@ public class PolicyFile extends java.security.Policy { } public Certificate[] getCerts() { - return certs; + return (certs == null ? null : certs.clone()); } /** @@ -2176,6 +2185,22 @@ public class PolicyFile extends java.security.Policy { @Override public String toString() { return "(SelfPermission " + type + " " + name + " " + actions + ")"; } + + /** + * Restores the state of this object from the stream. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + if (certs != null) { + this.certs = certs.clone(); + } + } } /** diff --git a/src/java.base/share/classes/sun/security/provider/SecureRandom.java b/src/java.base/share/classes/sun/security/provider/SecureRandom.java index 5df3adf6ea8..a8d82b649b0 100644 --- a/src/java.base/share/classes/sun/security/provider/SecureRandom.java +++ b/src/java.base/share/classes/sun/security/provider/SecureRandom.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,7 @@ package sun.security.provider; import java.io.IOException; +import java.io.InvalidObjectException; import java.security.MessageDigest; import java.security.SecureRandomSpi; import java.security.NoSuchAlgorithmException; @@ -192,7 +193,7 @@ implements java.io.Serializable { /** * This static object will be seeded by SeedGenerator, and used * to seed future instances of SHA1PRNG SecureRandoms. - * + *

* Bloch, Effective Java Second Edition: Item 71 */ private static class SeederHolder { @@ -265,18 +266,24 @@ implements java.io.Serializable { } /* - * readObject is called to restore the state of the random object from - * a stream. We have to create a new instance of MessageDigest, because + * This method is called to restore the state of the random object from + * a stream. + *

+ * We have to create a new instance of {@code MessageDigest}, because * it is not included in the stream (it is marked "transient"). - * - * Note that the engineNextBytes() method invoked on the restored random - * object will yield the exact same (random) bytes as the original. + *

+ * Note that the {@code engineNextBytes()} method invoked on the restored + * random object will yield the exact same (random) bytes as the original. * If you do not want this behaviour, you should re-seed the restored - * random object, using engineSetSeed(). + * random object, using {@code engineSetSeed()}. + * + * @param s the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded */ @java.io.Serial private void readObject(java.io.ObjectInputStream s) - throws IOException, ClassNotFoundException { + throws IOException, ClassNotFoundException { s.defaultReadObject (); @@ -295,5 +302,34 @@ implements java.io.Serializable { "internal error: SHA-1 not available.", exc); } } + + // Various consistency checks + if ((remainder == null) && (remCount > 0)) { + throw new InvalidObjectException( + "Remainder indicated, but no data available"); + } + + // Not yet allocated state + if (state == null) { + if (remainder == null) { + return; + } else { + throw new InvalidObjectException( + "Inconsistent buffer allocations"); + } + } + + // Sanity check on sizes/pointer + if ((state.length != DIGEST_SIZE) || + ((remainder != null) && (remainder.length != DIGEST_SIZE)) || + (remCount < 0 ) || (remCount >= DIGEST_SIZE)) { + throw new InvalidObjectException( + "Inconsistent buffer sizes/state"); + } + + state = state.clone(); + if (remainder != null) { + remainder = remainder.clone(); + } } } diff --git a/src/java.base/share/classes/sun/security/provider/certpath/X509CertPath.java b/src/java.base/share/classes/sun/security/provider/certpath/X509CertPath.java index 41da617e4e4..1a9ba8914e2 100644 --- a/src/java.base/share/classes/sun/security/provider/certpath/X509CertPath.java +++ b/src/java.base/share/classes/sun/security/provider/certpath/X509CertPath.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,9 +25,7 @@ package sun.security.provider.certpath; -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; +import java.io.*; import java.security.cert.CertificateEncodingException; import java.security.cert.Certificate; import java.security.cert.CertificateException; @@ -379,4 +377,20 @@ public class X509CertPath extends CertPath { public List getCertificates() { return certs; } + + /** + * Restores the state of this object from the stream. + *

+ * Deserialization of this object is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "X509CertPaths are not directly deserializable"); + } } diff --git a/src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java b/src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java index 86e063f95cd..99365640ec7 100644 --- a/src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java +++ b/src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,8 @@ package sun.security.rsa; import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.math.BigInteger; import java.security.*; @@ -43,7 +45,7 @@ import sun.security.rsa.RSAUtil.KeyType; * RSA private key implementation for "RSA", "RSASSA-PSS" algorithms in CRT form. * For non-CRT private keys, see RSAPrivateKeyImpl. We need separate classes * to ensure correct behavior in instanceof checks, etc. - * + *

* Note: RSA keys must be at least 512 bits long * * @see RSAPrivateKeyImpl @@ -356,4 +358,20 @@ public final class RSAPrivateCrtKeyImpl throw new InvalidKeyException("Invalid RSA private key", e); } } + + /** + * Restores the state of this object from the stream. + *

+ * Deserialization of this object is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "RSAPrivateCrtKeyImpl keys are not directly deserializable"); + } } diff --git a/src/java.base/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java b/src/java.base/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java index 7285fce33a2..da5474cb26a 100644 --- a/src/java.base/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java +++ b/src/java.base/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,9 @@ package sun.security.rsa; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.math.BigInteger; import java.security.*; @@ -39,10 +42,11 @@ import sun.security.rsa.RSAUtil.KeyType; /** * RSA private key implementation for "RSA", "RSASSA-PSS" algorithms in non-CRT - * form (modulus, private exponent only). For CRT private keys, see - * RSAPrivateCrtKeyImpl. We need separate classes to ensure correct behavior - * in instanceof checks, etc. - * + * form (modulus, private exponent only). + *

+ * For CRT private keys, see RSAPrivateCrtKeyImpl. We need separate classes + * to ensure correct behavior in instanceof checks, etc. + *

* Note: RSA keys must be at least 512 bits long * * @see RSAPrivateCrtKeyImpl @@ -141,4 +145,20 @@ public final class RSAPrivateKeyImpl extends PKCS8Key implements RSAPrivateKey { + " bits" + "\n params: " + keyParams + "\n modulus: " + n + "\n private exponent: " + d; } + + /** + * Restores the state of this object from the stream. + *

+ * Deserialization of this object is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "RSAPrivateKeyImpl keys are not directly deserializable"); + } } diff --git a/src/java.base/share/classes/sun/security/rsa/RSAPublicKeyImpl.java b/src/java.base/share/classes/sun/security/rsa/RSAPublicKeyImpl.java index 0cff2f6768c..5a0745604d2 100644 --- a/src/java.base/share/classes/sun/security/rsa/RSAPublicKeyImpl.java +++ b/src/java.base/share/classes/sun/security/rsa/RSAPublicKeyImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,8 @@ package sun.security.rsa; import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.math.BigInteger; import java.security.*; @@ -39,7 +41,7 @@ import sun.security.rsa.RSAUtil.KeyType; /** * RSA public key implementation for "RSA", "RSASSA-PSS" algorithms. - * + *

* Note: RSA keys must be at least 512 bits long * * @see RSAPrivateCrtKeyImpl @@ -233,10 +235,26 @@ public final class RSAPublicKeyImpl extends X509Key implements RSAPublicKey { } @java.io.Serial - protected Object writeReplace() throws java.io.ObjectStreamException { + private Object writeReplace() throws java.io.ObjectStreamException { return new KeyRep(KeyRep.Type.PUBLIC, getAlgorithm(), getFormat(), getEncoded()); } + + /** + * Restores the state of this object from the stream. + *

+ * Deserialization of this object is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "RSAPublicKeyImpl keys are not directly deserializable"); + } } diff --git a/src/java.base/share/classes/sun/security/x509/X509CertImpl.java b/src/java.base/share/classes/sun/security/x509/X509CertImpl.java index e2e3c2541e7..656e4c168fb 100644 --- a/src/java.base/share/classes/sun/security/x509/X509CertImpl.java +++ b/src/java.base/share/classes/sun/security/x509/X509CertImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -536,7 +536,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder { /** * Return the requested attribute from the certificate. - * + *

* Note that the X509CertInfo is not cloned for performance reasons. * Callers must ensure that they do not modify it. All other * attributes are cloned. @@ -1218,7 +1218,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder { for (GeneralName gname : names.names()) { GeneralNameInterface name = gname.getName(); List nameEntry = new ArrayList<>(2); - nameEntry.add(Integer.valueOf(name.getType())); + nameEntry.add(name.getType()); switch (name.getType()) { case GeneralNameInterface.NAME_RFC822: nameEntry.add(((RFC822Name) name).getName()); @@ -1631,4 +1631,20 @@ public class X509CertImpl extends X509Certificate implements DerEncoder { } } } + + /** + * Restores the state of this object from the stream. + *

+ * Deserialization of this object is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "X509CertImpls are not directly deserializable"); + } } diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java index 3378409ca1c..a6f5f0a8764 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/Token.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -428,13 +428,30 @@ final class Token implements Serializable { // is relatively small private static final List> serializedTokens = new ArrayList<>(); + @java.io.Serial private Object writeReplace() throws ObjectStreamException { if (!isValid()) { - throw new NotSerializableException("Token has been removed"); + throw new InvalidObjectException("Token has been removed"); } return new TokenRep(this); } + /** + * Restores the state of this object from the stream. + *

+ * Deserialization of this object is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "Tokens are not directly deserializable"); + } + // serialized representation of a token // tokens can only be de-serialized within the same VM invocation // and if the token has not been removed in the meantime @@ -449,6 +466,7 @@ final class Token implements Serializable { tokenId = token.getTokenId(); } + @java.io.Serial private Object readResolve() throws ObjectStreamException { for (Reference tokenRef : serializedTokens) { Token token = tokenRef.get(); @@ -458,7 +476,7 @@ final class Token implements Serializable { } } } - throw new NotSerializableException("Could not find token"); + throw new InvalidObjectException("Could not find token"); } } diff --git a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPrivateKey.java b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPrivateKey.java index a65ea445890..91a7775b8bd 100644 --- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPrivateKey.java +++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPrivateKey.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,9 @@ package sun.security.mscapi; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.security.PrivateKey; /** @@ -35,6 +38,7 @@ import java.security.PrivateKey; */ class CPrivateKey extends CKey implements PrivateKey { + @java.io.Serial private static final long serialVersionUID = 8113152807912338063L; private CPrivateKey(String alg, NativeHandles handles, int keyLength) { @@ -72,8 +76,26 @@ class CPrivateKey extends CKey implements PrivateKey { } // This class is not serializable + @java.io.Serial private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException { - throw new java.io.NotSerializableException(); + throw new java.io.InvalidObjectException( + "CPrivateKeys are not serializable"); + } + + /** + * Restores the state of this object from the stream. + *

+ * Deserialization of this object is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "CPrivateKeys are not deserializable"); } } diff --git a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPublicKey.java b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPublicKey.java index 3385b40be56..6c3079c3a72 100644 --- a/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPublicKey.java +++ b/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CPublicKey.java @@ -25,6 +25,9 @@ package sun.security.mscapi; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.math.BigInteger; import java.security.AlgorithmParameters; import java.security.KeyException; @@ -50,6 +53,7 @@ import sun.security.util.ECKeySizeParameterSpec; */ public abstract class CPublicKey extends CKey implements PublicKey { + @java.io.Serial private static final long serialVersionUID = -2289561342425825391L; protected byte[] encoding = null; @@ -58,6 +62,8 @@ public abstract class CPublicKey extends CKey implements PublicKey { @SuppressWarnings("serial") // Type of field is not Serializable; // see writeReplace private ECPoint w = null; + + @java.io.Serial private static final long serialVersionUID = 12L; CECPublicKey(NativeHandles handles, int keyLength) { @@ -109,7 +115,7 @@ public abstract class CPublicKey extends CKey implements PublicKey { public String toString() { StringBuffer sb = new StringBuffer(); - sb.append(algorithm + "PublicKey [size=").append(keyLength) + sb.append(algorithm).append("PublicKey [size=").append(keyLength) .append("]\n ECPoint: ").append(getW()) .append("\n params: ").append(getParams()); return sb.toString(); @@ -120,6 +126,8 @@ public abstract class CPublicKey extends CKey implements PublicKey { private BigInteger modulus = null; private BigInteger exponent = null; + + @java.io.Serial private static final long serialVersionUID = 12L; CRSAPublicKey(NativeHandles handles, int keyLength) { @@ -128,7 +136,7 @@ public abstract class CPublicKey extends CKey implements PublicKey { public String toString() { StringBuffer sb = new StringBuffer(); - sb.append(algorithm + "PublicKey [size=").append(keyLength) + sb.append(algorithm).append("PublicKey [size=").append(keyLength) .append(" bits, type="); if (handles.hCryptKey != 0) { sb.append(getKeyType(handles.hCryptKey)) @@ -215,6 +223,7 @@ public abstract class CPublicKey extends CKey implements PublicKey { return "X.509"; } + @java.io.Serial protected Object writeReplace() throws java.io.ObjectStreamException { return new KeyRep(KeyRep.Type.PUBLIC, getAlgorithm(), @@ -222,6 +231,22 @@ public abstract class CPublicKey extends CKey implements PublicKey { getEncoded()); } + /** + * Restores the state of this object from the stream. + *

+ * Deserialization of this object is not supported. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + throw new InvalidObjectException( + "CPublicKeys are not deserializable"); + } + // Returns the CAPI or CNG representation of the key. native byte[] getPublicKeyBlob(long hCryptProv, long hCryptKey) throws KeyException; diff --git a/src/jdk.security.auth/share/classes/com/sun/security/auth/LdapPrincipal.java b/src/jdk.security.auth/share/classes/com/sun/security/auth/LdapPrincipal.java index 6af39422d5f..9ab71de3cfd 100644 --- a/src/jdk.security.auth/share/classes/com/sun/security/auth/LdapPrincipal.java +++ b/src/jdk.security.auth/share/classes/com/sun/security/auth/LdapPrincipal.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,9 @@ package com.sun.security.auth; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.security.Principal; import javax.naming.InvalidNameException; import javax.naming.ldap.LdapName; @@ -47,6 +50,7 @@ import javax.naming.ldap.LdapName; */ public final class LdapPrincipal implements Principal, java.io.Serializable { + @java.io.Serial private static final long serialVersionUID = 6820120005580754861L; /** @@ -135,4 +139,31 @@ public final class LdapPrincipal implements Principal, java.io.Serializable { private LdapName getLdapName(String name) throws InvalidNameException { return new LdapName(name); } + + /** + * Restores the state of this object from the stream. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + if ((name == null) || (nameString == null)) { + throw new InvalidObjectException( + "null name/nameString is illegal"); + } + try { + if (!name.equals(getLdapName(nameString))) { + throw new InvalidObjectException("Inconsistent names"); + } + } catch (InvalidNameException e) { + InvalidObjectException nse = new InvalidObjectException( + "Invalid Name"); + nse.initCause(e); + throw nse; + } + } } diff --git a/src/jdk.security.auth/share/classes/com/sun/security/auth/NTDomainPrincipal.java b/src/jdk.security.auth/share/classes/com/sun/security/auth/NTDomainPrincipal.java index ed9c2eff568..771df0f6097 100644 --- a/src/jdk.security.auth/share/classes/com/sun/security/auth/NTDomainPrincipal.java +++ b/src/jdk.security.auth/share/classes/com/sun/security/auth/NTDomainPrincipal.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,9 @@ package com.sun.security.auth; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.security.Principal; /** @@ -47,6 +50,7 @@ import java.security.Principal; */ public class NTDomainPrincipal implements Principal, java.io.Serializable { + @java.io.Serial private static final long serialVersionUID = -4408637351440771220L; /** @@ -120,9 +124,7 @@ public class NTDomainPrincipal implements Principal, java.io.Serializable { return false; NTDomainPrincipal that = (NTDomainPrincipal)o; - if (name.equals(that.getName())) - return true; - return false; + return name.equals(that.getName()); } /** @@ -133,4 +135,24 @@ public class NTDomainPrincipal implements Principal, java.io.Serializable { public int hashCode() { return this.getName().hashCode(); } + + /** + * Restores the state of this object from the stream. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + if (name == null) { + java.text.MessageFormat form = new java.text.MessageFormat + (sun.security.util.ResourcesMgr.getAuthResourceString + ("invalid.null.input.value")); + Object[] source = {"name"}; + throw new InvalidObjectException(form.format(source)); + } + } } diff --git a/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSid.java b/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSid.java index b5e2dc7d6d6..1bf37f6461d 100644 --- a/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSid.java +++ b/src/jdk.security.auth/share/classes/com/sun/security/auth/NTSid.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,9 @@ package com.sun.security.auth; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.security.Principal; /** @@ -49,6 +52,7 @@ import java.security.Principal; */ public class NTSid implements Principal, java.io.Serializable { + @java.io.Serial private static final long serialVersionUID = 4412290580770249885L; /** @@ -80,7 +84,7 @@ public class NTSid implements Principal, java.io.Serializable { (sun.security.util.ResourcesMgr.getAuthResourceString ("Invalid.NTSid.value")); } - sid = new String(stringSid); + sid = stringSid; } /** @@ -128,10 +132,7 @@ public class NTSid implements Principal, java.io.Serializable { return false; NTSid that = (NTSid)o; - if (sid.equals(that.sid)) { - return true; - } - return false; + return sid.equals(that.sid); } /** @@ -142,4 +143,29 @@ public class NTSid implements Principal, java.io.Serializable { public int hashCode() { return sid.hashCode(); } + + /** + * Restores the state of this object from the stream. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + if (sid == null) { + java.text.MessageFormat form = new java.text.MessageFormat + (sun.security.util.ResourcesMgr.getAuthResourceString + ("invalid.null.input.value")); + Object[] source = {"stringSid"}; + throw new InvalidObjectException(form.format(source)); + } + if (sid.length() == 0) { + throw new InvalidObjectException + (sun.security.util.ResourcesMgr.getAuthResourceString + ("Invalid.NTSid.value")); + } + } } diff --git a/src/jdk.security.auth/share/classes/com/sun/security/auth/NTUserPrincipal.java b/src/jdk.security.auth/share/classes/com/sun/security/auth/NTUserPrincipal.java index a7c2ce97cd0..d4b9dcef3a9 100644 --- a/src/jdk.security.auth/share/classes/com/sun/security/auth/NTUserPrincipal.java +++ b/src/jdk.security.auth/share/classes/com/sun/security/auth/NTUserPrincipal.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,9 @@ package com.sun.security.auth; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.security.Principal; /** @@ -43,6 +46,7 @@ import java.security.Principal; */ public class NTUserPrincipal implements Principal, java.io.Serializable { + @java.io.Serial private static final long serialVersionUID = -8737649811939033735L; /** @@ -114,9 +118,7 @@ public class NTUserPrincipal implements Principal, java.io.Serializable { return false; NTUserPrincipal that = (NTUserPrincipal)o; - if (name.equals(that.getName())) - return true; - return false; + return name.equals(that.getName()); } /** @@ -127,4 +129,25 @@ public class NTUserPrincipal implements Principal, java.io.Serializable { public int hashCode() { return this.getName().hashCode(); } + + + /** + * Restores the state of this object from the stream. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + if (name == null) { + java.text.MessageFormat form = new java.text.MessageFormat + (sun.security.util.ResourcesMgr.getAuthResourceString + ("invalid.null.input.value")); + Object[] source = {"name"}; + throw new InvalidObjectException(form.format(source)); + } + } } diff --git a/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixNumericGroupPrincipal.java b/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixNumericGroupPrincipal.java index 2780f56ff3b..e8c12e2918d 100644 --- a/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixNumericGroupPrincipal.java +++ b/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixNumericGroupPrincipal.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,9 @@ package com.sun.security.auth; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.security.Principal; import java.util.Objects; @@ -46,6 +49,7 @@ public class UnixNumericGroupPrincipal implements Principal, java.io.Serializable { + @java.io.Serial private static final long serialVersionUID = 3941535899328403223L; /** @@ -184,10 +188,8 @@ public class UnixNumericGroupPrincipal implements return false; UnixNumericGroupPrincipal that = (UnixNumericGroupPrincipal)o; - if (this.getName().equals(that.getName()) && - this.isPrimaryGroup() == that.isPrimaryGroup()) - return true; - return false; + return this.getName().equals(that.getName()) && + this.isPrimaryGroup() == that.isPrimaryGroup(); } /** @@ -198,4 +200,24 @@ public class UnixNumericGroupPrincipal implements public int hashCode() { return Objects.hash(name, isPrimaryGroup()); } + + /** + * Restores the state of this object from the stream. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + if (name == null) { + java.text.MessageFormat form = new java.text.MessageFormat + (sun.security.util.ResourcesMgr.getAuthResourceString + ("invalid.null.input.value")); + Object[] source = {"name"}; + throw new InvalidObjectException(form.format(source)); + } + } } diff --git a/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixNumericUserPrincipal.java b/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixNumericUserPrincipal.java index 30a1e9ca81d..2a48332eedd 100644 --- a/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixNumericUserPrincipal.java +++ b/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixNumericUserPrincipal.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,9 @@ package com.sun.security.auth; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.security.Principal; /** @@ -44,6 +47,7 @@ import java.security.Principal; public class UnixNumericUserPrincipal implements Principal, java.io.Serializable { + @java.io.Serial private static final long serialVersionUID = -4329764253802397821L; /** @@ -146,9 +150,7 @@ public class UnixNumericUserPrincipal implements return false; UnixNumericUserPrincipal that = (UnixNumericUserPrincipal)o; - if (this.getName().equals(that.getName())) - return true; - return false; + return this.getName().equals(that.getName()); } /** @@ -159,4 +161,24 @@ public class UnixNumericUserPrincipal implements public int hashCode() { return name.hashCode(); } + + /** + * Restores the state of this object from the stream. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + if (name == null) { + java.text.MessageFormat form = new java.text.MessageFormat + (sun.security.util.ResourcesMgr.getAuthResourceString + ("invalid.null.input.value")); + Object[] source = {"name"}; + throw new InvalidObjectException(form.format(source)); + } + } } diff --git a/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixPrincipal.java b/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixPrincipal.java index fde93a62a53..b8a80f75aad 100644 --- a/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixPrincipal.java +++ b/src/jdk.security.auth/share/classes/com/sun/security/auth/UnixPrincipal.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,9 @@ package com.sun.security.auth; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.security.Principal; /** @@ -43,6 +46,7 @@ import java.security.Principal; */ public class UnixPrincipal implements Principal, java.io.Serializable { + @java.io.Serial private static final long serialVersionUID = -2951667807323493631L; /** @@ -115,9 +119,7 @@ public class UnixPrincipal implements Principal, java.io.Serializable { return false; UnixPrincipal that = (UnixPrincipal)o; - if (this.getName().equals(that.getName())) - return true; - return false; + return this.getName().equals(that.getName()); } /** @@ -128,4 +130,24 @@ public class UnixPrincipal implements Principal, java.io.Serializable { public int hashCode() { return name.hashCode(); } + + /** + * Restores the state of this object from the stream. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + if (name == null) { + java.text.MessageFormat form = new java.text.MessageFormat + (sun.security.util.ResourcesMgr.getAuthResourceString + ("invalid.null.input.value")); + Object[] source = {"name"}; + throw new InvalidObjectException(form.format(source)); + } + } } diff --git a/src/jdk.security.auth/share/classes/com/sun/security/auth/UserPrincipal.java b/src/jdk.security.auth/share/classes/com/sun/security/auth/UserPrincipal.java index 04b133e4004..03f382d82f7 100644 --- a/src/jdk.security.auth/share/classes/com/sun/security/auth/UserPrincipal.java +++ b/src/jdk.security.auth/share/classes/com/sun/security/auth/UserPrincipal.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,9 @@ package com.sun.security.auth; +import java.io.IOException; +import java.io.InvalidObjectException; +import java.io.ObjectInputStream; import java.security.Principal; /** @@ -44,6 +47,7 @@ import java.security.Principal; */ public final class UserPrincipal implements Principal, java.io.Serializable { + @java.io.Serial private static final long serialVersionUID = 892106070870210969L; /** @@ -109,4 +113,20 @@ public final class UserPrincipal implements Principal, java.io.Serializable { public String toString() { return name; } + + /** + * Restores the state of this object from the stream. + * + * @param stream the {@code ObjectInputStream} from which data is read + * @throws IOException if an I/O error occurs + * @throws ClassNotFoundException if a serialized class cannot be loaded + */ + @java.io.Serial + private void readObject(ObjectInputStream stream) + throws IOException, ClassNotFoundException { + stream.defaultReadObject(); + if (name == null) { + throw new InvalidObjectException("null name is illegal"); + } + } } diff --git a/test/jdk/java/security/KeyRep/RSA.pre.1.5.key b/test/jdk/java/security/KeyRep/RSA.pre.1.5.key deleted file mode 100644 index 0c15a06c9cd1422eeb75657122a85db1111a1485..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1803 zcmZ4UmVvdnh(REy#I0-cTtjYPQX=x=4Vi1#a6H7Amoifus^GZ_FQ;UGs zGo}x?&x^Zy-moU9WY8S*=Lr)lZoBf_KY1%pc z^DSY`F;m?Ocug7l4qg1^75AoV`PY8`@CULxJy$8%|Ls^akx7x^tJHI$TV2WAFBM|u zS}d27tgt$HOtH}0Ejilwl8LwHbfA*u^Ed4JJ@-Nm%X_cCDgS=ld6Blw_nZJvlb-*w z$0dwQGl5F_zuB4W-?(e8wSV@uh?(m9H-FAv_~S!=Fnd`eN6nA<^-Kz00a34Ry;zu7 zl(Zl>=ZGl7O|t=QFY^sw#b)ln-SJ?~Tg{WX*K6_=H; zzhn5@>Bjd~Zmj?&GZAp|1|=0eL{jPbGhcqC^>0~b1~yLyj-<>I=ls&V5>EzBAk!x` zFTEtglR-Ewv#7YlFF&s;wJ6`IvLw~7G}n`XCnvu=wYVfWwZthCsDZ6GGd-^~H=2Pn zH!(dgv!pZyoRT5u?t5(!@-R zB?^SnDN%+HN~S~^LMS^BWeB0{07~nMD1{fSNQD)EQBC2DNxBEy>IQme?hZMMa5~sAVHaKL<+LSRQ8(gH|Rodovh#P^&bo09h#rB7^~H C((W$+ diff --git a/test/jdk/java/security/KeyRep/SerialOld.java b/test/jdk/java/security/KeyRep/SerialOld.java index fe8eb32d045..0729883cd2f 100644 --- a/test/jdk/java/security/KeyRep/SerialOld.java +++ b/test/jdk/java/security/KeyRep/SerialOld.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,14 +23,13 @@ /* * @test 1.1, 03/08/13 - * @bug 4532506 + * @bug 4532506 8301126 * @summary Serializing KeyPair on one VM (Sun), * and Deserializing on another (IBM) fails * @run main/othervm/java.security.policy=SerialOld.policy SerialOld */ import java.io.*; -import java.security.*; public class SerialOld { public static void main(String[] args) throws Exception { @@ -40,10 +39,15 @@ public class SerialOld { deserializeTigerKey("DSA"); deserializeTigerKey("RSA"); - // verify pre-tiger keys still deserialize in our VM + // verify pre-tiger keys still deserialize in our VM. + + // There used to be a RSA test here, but the serialized file contained + // classes introduced in JDK 5.0 (sun.security.rsa.RSA*). The older + // RSA keys from JDK 1.4.2 were of class JSA_* which were removed when + // sun.security.rsa was introduced. (See JDK-8301126 for more + // details.) The test/data has been removed. deserializeKey("DSA"); - deserializeKey("RSA"); deserializeKey("DH"); deserializeKey("AES"); deserializeKey("Blowfish");