8308398: Move SunEC crypto provider into java.base

Reviewed-by: valeriep, alanb
This commit is contained in:
Anthony Scarpino 2023-07-17 17:38:54 +00:00
parent 69a46c25cc
commit e737968792
58 changed files with 146 additions and 114 deletions

View File

@ -1,5 +1,5 @@
# #
# Copyright (c) 2014, 2020, Oracle and/or its affiliates. All rights reserved. # Copyright (c) 2014, 2023, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
# #
# This code is free software; you can redistribute it and/or modify it # This code is free software; you can redistribute it and/or modify it
@ -41,7 +41,6 @@ $(eval $(call SetupZipArchive,BUILD_SEC_BIN_ZIP, \
modules/java.base/sun/security/internal/interfaces \ modules/java.base/sun/security/internal/interfaces \
modules/java.base/sun/security/internal/spec \ modules/java.base/sun/security/internal/spec \
modules/java.base/com/sun/crypto/provider \ modules/java.base/com/sun/crypto/provider \
modules/jdk.crypto.ec/sun/security/ec \
modules/jdk.crypto.mscapi/sun/security/mscapi \ modules/jdk.crypto.mscapi/sun/security/mscapi \
modules/jdk.crypto.cryptoki/sun/security/pkcs11 \ modules/jdk.crypto.cryptoki/sun/security/pkcs11 \
modules/jdk.crypto.cryptoki/sun/security/pkcs11/wrapper \ modules/jdk.crypto.cryptoki/sun/security/pkcs11/wrapper \

View File

@ -1,5 +1,5 @@
# #
# Copyright (c) 2014, 2022, Oracle and/or its affiliates. All rights reserved. # Copyright (c) 2014, 2023, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
# #
# This code is free software; you can redistribute it and/or modify it # This code is free software; you can redistribute it and/or modify it
@ -36,7 +36,6 @@ DOCS_MODULES= \
jdk.charsets \ jdk.charsets \
jdk.compiler \ jdk.compiler \
jdk.crypto.cryptoki \ jdk.crypto.cryptoki \
jdk.crypto.ec \
jdk.dynalink \ jdk.dynalink \
jdk.editpad \ jdk.editpad \
jdk.hotspot.agent \ jdk.hotspot.agent \

View File

@ -1,5 +1,5 @@
# #
# Copyright (c) 2014, 2022, Oracle and/or its affiliates. All rights reserved. # Copyright (c) 2014, 2023, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
# #
# This code is free software; you can redistribute it and/or modify it # This code is free software; you can redistribute it and/or modify it
@ -77,7 +77,6 @@ PLATFORM_MODULES= \
jdk.accessibility \ jdk.accessibility \
jdk.charsets \ jdk.charsets \
jdk.crypto.cryptoki \ jdk.crypto.cryptoki \
jdk.crypto.ec \
jdk.dynalink \ jdk.dynalink \
jdk.httpserver \ jdk.httpserver \
jdk.jsobject \ jdk.jsobject \

View File

@ -322,25 +322,21 @@ module java.base {
java.sql.rowset; java.sql.rowset;
exports sun.security.action to exports sun.security.action to
java.desktop, java.desktop,
java.security.jgss, java.security.jgss;
jdk.crypto.ec;
exports sun.security.internal.interfaces to exports sun.security.internal.interfaces to
jdk.crypto.cryptoki; jdk.crypto.cryptoki;
exports sun.security.internal.spec to exports sun.security.internal.spec to
jdk.crypto.cryptoki; jdk.crypto.cryptoki;
exports sun.security.jca to exports sun.security.jca to
java.smartcardio, java.smartcardio,
jdk.crypto.ec,
jdk.crypto.cryptoki, jdk.crypto.cryptoki,
jdk.naming.dns; jdk.naming.dns;
exports sun.security.pkcs to exports sun.security.pkcs to
jdk.crypto.ec,
jdk.jartool; jdk.jartool;
exports sun.security.provider to exports sun.security.provider to
java.rmi, java.rmi,
java.security.jgss, java.security.jgss,
jdk.crypto.cryptoki, jdk.crypto.cryptoki,
jdk.crypto.ec,
jdk.security.auth; jdk.security.auth;
exports sun.security.provider.certpath to exports sun.security.provider.certpath to
java.naming, java.naming,
@ -359,17 +355,11 @@ module java.base {
java.security.sasl, java.security.sasl,
java.smartcardio, java.smartcardio,
java.xml.crypto, java.xml.crypto,
jdk.crypto.ec,
jdk.crypto.cryptoki, jdk.crypto.cryptoki,
jdk.jartool, jdk.jartool,
jdk.security.auth, jdk.security.auth,
jdk.security.jgss; jdk.security.jgss;
exports sun.security.util.math to
jdk.crypto.ec;
exports sun.security.util.math.intpoly to
jdk.crypto.ec;
exports sun.security.x509 to exports sun.security.x509 to
jdk.crypto.ec,
jdk.crypto.cryptoki, jdk.crypto.cryptoki,
jdk.jartool; jdk.jartool;
exports sun.security.validator to exports sun.security.validator to

View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -176,40 +176,42 @@ final class ProviderConfig {
return null; return null;
} }
// Create providers which are in java.base directly p = switch (provName) {
if (provName.equals("SUN") || provName.equals("sun.security.provider.Sun")) { case "SUN", "sun.security.provider.Sun" ->
p = new sun.security.provider.Sun(); new sun.security.provider.Sun();
} else if (provName.equals("SunRsaSign") || provName.equals("sun.security.rsa.SunRsaSign")) { case "SunRsaSign", "sun.security.rsa.SunRsaSign" ->
p = new sun.security.rsa.SunRsaSign(); new sun.security.rsa.SunRsaSign();
} else if (provName.equals("SunJCE") || provName.equals("com.sun.crypto.provider.SunJCE")) { case "SunJCE", "com.sun.crypto.provider.SunJCE" ->
p = new com.sun.crypto.provider.SunJCE(); new com.sun.crypto.provider.SunJCE();
} else if (provName.equals("SunJSSE")) { case "SunJSSE" -> new sun.security.ssl.SunJSSE();
p = new sun.security.ssl.SunJSSE(); case "SunEC" -> new sun.security.ec.SunEC();
} else if (provName.equals("Apple") || provName.equals("apple.security.AppleProvider")) { case "Apple", "apple.security.AppleProvider" -> {
// need to use reflection since this class only exists on MacOsx // Reflection is needed for compile time as the class
// is not available for non-macosx systems
@SuppressWarnings("removal") @SuppressWarnings("removal")
var tmp = AccessController.doPrivileged(new PrivilegedAction<Provider>() { var tmp = AccessController.doPrivileged(
new PrivilegedAction<Provider>() {
public Provider run() { public Provider run() {
try { try {
Class<?> c = Class.forName("apple.security.AppleProvider"); Class<?> c = Class.forName(
"apple.security.AppleProvider");
if (Provider.class.isAssignableFrom(c)) { if (Provider.class.isAssignableFrom(c)) {
@SuppressWarnings("deprecation") @SuppressWarnings("deprecation")
Object tmp = c.newInstance(); Object tmp = c.newInstance();
return (Provider) tmp; return (Provider) tmp;
} else {
return null;
} }
} catch (Exception ex) { } catch (Exception ex) {
if (debug != null) { if (debug != null) {
debug.println("Error loading provider Apple"); debug.println("Error loading provider Apple");
ex.printStackTrace(); ex.printStackTrace();
} }
}
return null; return null;
} }
}
}); });
p = tmp; yield tmp;
} else { }
default -> {
if (isLoading) { if (isLoading) {
// because this method is synchronized, this can only // because this method is synchronized, this can only
// happen if there is recursion. // happen if there is recursion.
@ -217,16 +219,17 @@ final class ProviderConfig {
debug.println("Recursion loading provider: " + this); debug.println("Recursion loading provider: " + this);
new Exception("Call trace").printStackTrace(); new Exception("Call trace").printStackTrace();
} }
return null; yield null;
} }
try { try {
isLoading = true; isLoading = true;
tries++; tries++;
p = doLoadProvider(); yield doLoadProvider();
} finally { } finally {
isLoading = false; isLoading = false;
} }
} }
};
provider = p; provider = p;
} }
return p; return p;

View File

@ -544,8 +544,8 @@ public class AlgorithmId implements Serializable, DerEncoder {
if (pn != null && mn != null) { if (pn != null && mn != null) {
return ((mn.equals("java.base") && return ((mn.equals("java.base") &&
(pn.equals("SUN") || pn.equals("SunRsaSign") || (pn.equals("SUN") || pn.equals("SunRsaSign") ||
pn.equals("SunJCE") || pn.equals("SunJSSE"))) || pn.equals("SunJCE") || pn.equals("SunJSSE") ||
(mn.equals("jdk.crypto.ec") && pn.equals("SunEC")) || pn.equals("SunEC"))) ||
(mn.equals("jdk.crypto.mscapi") && pn.equals("SunMSCAPI")) || (mn.equals("jdk.crypto.mscapi") && pn.equals("SunMSCAPI")) ||
(mn.equals("jdk.crypto.cryptoki") && (mn.equals("jdk.crypto.cryptoki") &&
pn.startsWith("SunPKCS11"))); pn.startsWith("SunPKCS11")));

View File

@ -127,15 +127,6 @@ grant codeBase "jrt:/jdk.charsets" {
permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs"; permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs";
}; };
grant codeBase "jrt:/jdk.crypto.ec" {
permission java.lang.RuntimePermission
"accessClassInPackage.sun.security.*";
permission java.lang.RuntimePermission "loadLibrary.sunec";
permission java.security.SecurityPermission "putProviderProperty.SunEC";
permission java.security.SecurityPermission "clearProviderProperties.SunEC";
permission java.security.SecurityPermission "removeProviderProperty.SunEC";
};
grant codeBase "jrt:/jdk.crypto.cryptoki" { grant codeBase "jrt:/jdk.crypto.cryptoki" {
permission java.lang.RuntimePermission permission java.lang.RuntimePermission
"accessClassInPackage.com.sun.crypto.provider"; "accessClassInPackage.com.sun.crypto.provider";

View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2014, 2017, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2014, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -32,8 +32,5 @@
* @since 9 * @since 9
*/ */
module jdk.crypto.cryptoki { module jdk.crypto.cryptoki {
// Depends on SunEC provider for EC related functionality
requires jdk.crypto.ec;
provides java.security.Provider with sun.security.pkcs11.SunPKCS11; provides java.security.Provider with sun.security.pkcs11.SunPKCS11;
} }

View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2014, 2017, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2014, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -31,6 +31,6 @@
* @moduleGraph * @moduleGraph
* @since 9 * @since 9
*/ */
@Deprecated(since="22", forRemoval = true)
module jdk.crypto.ec { module jdk.crypto.ec {
provides java.security.Provider with sun.security.ec.SunEC;
} }

View File

@ -60,8 +60,7 @@ public class CheckSecurityProvider {
// NOTE: the ordering must match what's defined inside java.security // NOTE: the ordering must match what's defined inside java.security
expected.add("sun.security.provider.Sun"); expected.add("sun.security.provider.Sun");
expected.add("sun.security.rsa.SunRsaSign"); expected.add("sun.security.rsa.SunRsaSign");
layer.findModule("jdk.crypto.ec") expected.add("sun.security.ec.SunEC");
.ifPresent(m -> expected.add("sun.security.ec.SunEC"));
expected.add("sun.security.ssl.SunJSSE"); expected.add("sun.security.ssl.SunJSSE");
expected.add("com.sun.crypto.provider.SunJCE"); expected.add("com.sun.crypto.provider.SunJCE");
layer.findModule("jdk.security.jgss") layer.findModule("jdk.security.jgss")

View File

@ -6,4 +6,4 @@ modules = \
java.security.jgss/sun.security.krb5.internal.ccache \ java.security.jgss/sun.security.krb5.internal.ccache \
java.security.jgss/sun.security.krb5.internal:+open \ java.security.jgss/sun.security.krb5.internal:+open \
java.base/sun.security.util \ java.base/sun.security.util \
jdk.crypto.ec/sun.security.ec java.base/sun.security.ec

View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -25,7 +25,7 @@
* @test * @test
* @bug 8049429 8234723 * @bug 8049429 8234723
* @modules java.management * @modules java.management
* jdk.crypto.ec/sun.security.ec * java.base/sun.security.ec
* @summary Test that all cipher suites work in all versions and all client * @summary Test that all cipher suites work in all versions and all client
* authentication types. The way this is setup the server is stateless * authentication types. The way this is setup the server is stateless
* and all checking is done on the client side. * and all checking is done on the client side.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -25,7 +25,7 @@
* @test * @test
* @bug 8049429 8172273 8234723 * @bug 8049429 8172273 8234723
* @modules java.management * @modules java.management
* jdk.crypto.ec/sun.security.ec * java.base/sun.security.ec
* @summary Test that all cipher suites work in all versions and all client * @summary Test that all cipher suites work in all versions and all client
* authentication types. The way this is setup the server is stateless * authentication types. The way this is setup the server is stateless
* and all checking is done on the client side. * and all checking is done on the client side.
@ -75,4 +75,9 @@
* -DCLIENT_PROTOCOL=TLSv1.3 * -DCLIENT_PROTOCOL=TLSv1.3
* -DCIPHER=TLS_AES_256_GCM_SHA384 * -DCIPHER=TLS_AES_256_GCM_SHA384
* TestJSSE * TestJSSE
* @run main/othervm --limit-modules java.base
* -DSERVER_PROTOCOL=SSLv3,TLSv1,TLSv1.1,TLSv1.2,TLSv1.3
* -DCLIENT_PROTOCOL=TLSv1.3
* -DCIPHER=TLS_AES_256_GCM_SHA384
* TestJSSE
*/ */

View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -25,7 +25,7 @@
* @test * @test
* @bug 8049429 * @bug 8049429
* @modules java.management * @modules java.management
* jdk.crypto.ec/sun.security.ec * java.base/sun.security.ec
* @summary Test that all cipher suites work in all versions and all client * @summary Test that all cipher suites work in all versions and all client
* authentication types. The way this is setup the server is stateless * authentication types. The way this is setup the server is stateless
* and all checking is done on the client side. * and all checking is done on the client side.

View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2016, 2019, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -25,7 +25,7 @@
* @test * @test
* @bug 8049429 8234723 * @bug 8049429 8234723
* @modules java.management * @modules java.management
* jdk.crypto.ec/sun.security.ec * java.base/sun.security.ec
* @summary Test that all cipher suites work in all versions and all client * @summary Test that all cipher suites work in all versions and all client
* authentication types. The way this is setup the server is stateless * authentication types. The way this is setup the server is stateless
* and all checking is done on the client side. * and all checking is done on the client side.
@ -60,4 +60,9 @@
* -DCLIENT_PROTOCOL=TLSv1.3 * -DCLIENT_PROTOCOL=TLSv1.3
* -DCIPHER=TLS_AES_256_GCM_SHA384 * -DCIPHER=TLS_AES_256_GCM_SHA384
* TestJSSE javax.net.ssl.SSLHandshakeException * TestJSSE javax.net.ssl.SSLHandshakeException
* @run main/othervm --limit-modules java.base
* -DSERVER_PROTOCOL=TLSv1.2
* -DCLIENT_PROTOCOL=TLSv1.3
* -DCIPHER=TLS_AES_256_GCM_SHA384
* TestJSSE javax.net.ssl.SSLHandshakeException
*/ */

View File

@ -0,0 +1,46 @@
/*
* Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.lang.module.ModuleFinder;
import static jdk.test.lib.Asserts.*;
/*
* @test
* @bug 8308398
* @library /test/lib
* @summary Verify jdk.crypto.ec empty module
* @run main ecModuleCheck
*/
/* This test verifies jdk.crypto.ec is in the image, but not resolvable.
*/
public class ecModuleCheck {
public static void main(String[] args) throws Exception {
// True if module is found in the image.
assertTrue(ModuleFinder.ofSystem().find("jdk.crypto.ec").isPresent(),
"jdk.crypto.ec was not found in image.");
// Since the module empty, isPresent() should be false.
assertFalse(ModuleLayer.boot().findModule("jdk.crypto.ec").
isPresent(), "jdk.crypto.ec shouldn't be resolvable.");
}
}

View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2020, 2021, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2020, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -30,7 +30,7 @@
* java.base/sun.security.util * java.base/sun.security.util
* java.base/sun.security.util.math * java.base/sun.security.util.math
* java.base/sun.security.util.math.intpoly * java.base/sun.security.util.math.intpoly
* jdk.crypto.ec/sun.security.ec.ed * java.base/sun.security.ec.ed
* @run main TestEdOps * @run main TestEdOps
*/ */

View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2018, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -25,7 +25,7 @@
* @test * @test
* @bug 8171277 * @bug 8171277
* @summary Test XEC curve operations * @summary Test XEC curve operations
* @modules jdk.crypto.ec/sun.security.ec * @modules java.base/sun.security.ec
* @library /test/lib * @library /test/lib
* @build jdk.test.lib.Convert * @build jdk.test.lib.Convert
* @run main TestXECOps * @run main TestXECOps

View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2018, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -27,7 +27,7 @@
* @summary XEC curve operations iterative test vectors * @summary XEC curve operations iterative test vectors
* @library /test/lib * @library /test/lib
* @build jdk.test.lib.Convert * @build jdk.test.lib.Convert
* @modules jdk.crypto.ec/sun.security.ec * @modules java.base/sun.security.ec
* @run main XECIterative 0 10000 * @run main XECIterative 0 10000
* @run main XECIterative 10000 20000 * @run main XECIterative 10000 20000
* @run main XECIterative 20000 30000 * @run main XECIterative 20000 30000

View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2006, 2020, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2006, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -29,7 +29,7 @@
* @library /test/lib .. * @library /test/lib ..
* @library ../../../../java/security/testlibrary * @library ../../../../java/security/testlibrary
* @key randomness * @key randomness
* @modules jdk.crypto.cryptoki jdk.crypto.ec/sun.security.ec * @modules jdk.crypto.cryptoki java.base/sun.security.ec
* @run main/othervm ReadPKCS12 * @run main/othervm ReadPKCS12
* @run main/othervm -Djava.security.manager=allow ReadPKCS12 sm policy * @run main/othervm -Djava.security.manager=allow ReadPKCS12 sm policy
*/ */

View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -64,14 +64,14 @@ public class DefaultPolicy {
} }
private static void checkPolicy(Policy p) throws Exception { private static void checkPolicy(Policy p) throws Exception {
// check if jdk.crypto.ec module has been de-privileged // check if jdk.crypto.cryptoki module has been de-privileged
CodeSource cs = CodeSource cs =
new CodeSource(new URL("jrt:/jdk.crypto.ec"), (CodeSigner[])null); new CodeSource(new URL("jrt:/jdk.crypto.cryptoki"), (CodeSigner[])null);
ProtectionDomain pd = new ProtectionDomain(cs, null, null, null); ProtectionDomain pd = new ProtectionDomain(cs, null, null, null);
if (p.implies(pd, new AllPermission())) { if (p.implies(pd, new AllPermission())) {
throw new Exception("module should not be granted AllPermission"); throw new Exception("module should not be granted AllPermission");
} }
if (!p.implies(pd, new RuntimePermission("loadLibrary.sunec"))) { if (!p.implies(pd, new RuntimePermission("loadLibrary.j2pkcs11"))) {
throw new Exception("module should be granted RuntimePermission"); throw new Exception("module should be granted RuntimePermission");
} }
} }

View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2019, 2022, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2019, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -28,9 +28,11 @@
* @library /test/lib * @library /test/lib
* @build java.base/sun.security.rsa.RSAKeyPairGenerator * @build java.base/sun.security.rsa.RSAKeyPairGenerator
* java.base/sun.security.provider.DSAKeyPairGenerator * java.base/sun.security.provider.DSAKeyPairGenerator
* jdk.crypto.ec/sun.security.ec.ECKeyPairGenerator * java.base/sun.security.ec.ECKeyPairGenerator
* @run main DefaultSignatureAlgorithm * @run main DefaultSignatureAlgorithm
* @modules jdk.crypto.ec *
* This test uses RSA, DSA, and EC inside this test directory, not the providers
* from the jdk
*/ */
import jdk.test.lib.Asserts; import jdk.test.lib.Asserts;
@ -82,10 +84,7 @@ public class DefaultSignatureAlgorithm {
throws Exception { throws Exception {
String patchArg = "-J--patch-module=java.base=" String patchArg = "-J--patch-module=java.base="
+ System.getProperty("test.classes") + System.getProperty("test.classes")
+ File.separator + "patches" + File.separator + "java.base" + File.separator + "patches" + File.separator + "java.base";
+ " -J--patch-module=jdk.crypto.ec="
+ System.getProperty("test.classes")
+ File.separator + "patches" + File.separator + "jdk.crypto.ec";
return kt(patchArg + " -genkeypair -alias " + alias return kt(patchArg + " -genkeypair -alias " + alias
+ " -dname CN=" + alias + " " + options); + " -dname CN=" + alias + " " + options);
} }

View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2020, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -63,7 +63,7 @@ public final class JLinkOptionsTest {
"--bind-services", "--bind-services",
}, },
// with bind-services should have some services // with bind-services should have some services
new String[]{"java.smartcardio", "jdk.crypto.ec"}, new String[]{"java.smartcardio", "jdk.crypto.cryptoki"},
null, null,
}, },
// bind-services // bind-services
@ -80,7 +80,7 @@ public final class JLinkOptionsTest {
"--jlink-options", "--bind-services", "--jlink-options", "--bind-services",
}, },
// with bind-services should have some services // with bind-services should have some services
new String[]{"java.smartcardio", "jdk.crypto.ec"}, new String[]{"java.smartcardio", "jdk.crypto.cryptoki"},
null, null,
}, },
@ -105,7 +105,7 @@ public final class JLinkOptionsTest {
// with bind-services should have some services // with bind-services should have some services
new String[]{"java.smartcardio"}, new String[]{"java.smartcardio"},
// but not limited // but not limited
new String[]{"jdk.crypto.ec"}, new String[]{"jdk.crypto.cryptoki"},
}, },
}); });