127 Commits

Author SHA1 Message Date
Sean Mullan
a0f6f2409e 8280890: Cannot use '-Djava.system.class.loader' with class loader in signed JAR
Reviewed-by: weijun, hchao
2022-02-07 14:06:08 +00:00
Weijun Wang
cb25029885 8279800: isAssignableFrom checks in AlgorithmParametersSpi.engineGetParameterSpec appear to be backwards
Reviewed-by: xuelei, valeriep
2022-01-13 00:42:00 +00:00
Jesper Wilhelmsson
844dfb3ab6 Merge 2022-01-06 01:26:50 +00:00
Aleksey Shipilev
0f4807e8fe 8279222: Incorrect legacyMap.get in java.security.Provider after JDK-8276660
Co-authored-by: Valerie Peng <valeriep@openjdk.org>
Reviewed-by: alanb, valeriep
2022-01-05 07:29:17 +00:00
Sergey Bylokhov
7fea10327e 8279134: Fix Amazon copyright in various files
Reviewed-by: xliu, phh
2021-12-26 22:10:54 +00:00
Weijun Wang
0cc989b7d2 8278744: KeyStore:getAttributes() not returning unmodifiable Set
Reviewed-by: mullan
2021-12-14 18:39:22 +00:00
Sibabrata Sahoo
f22d157e55 8277353: java/security/MessageDigest/ThreadSafetyTest.java test times out
Reviewed-by: weijun
2021-12-07 05:10:30 +00:00
Weijun Wang
a5c160c711 8267108: Alternate Subject.getSubject and doAs APIs that do not depend on Security Manager APIs
Reviewed-by: mullan
2021-11-10 19:35:17 +00:00
Sean Mullan
8cc59509fe 8251468: X509Certificate.get{Subject,Issuer}AlternativeNames and getExtendedKeyUsage do not throw CertificateParsingException if extension is unparseable
Reviewed-by: weijun
2021-10-29 12:42:33 +00:00
Weijun Wang
f63c4a832a 8274471: Verification of OCSP Response signed with RSASSA-PSS fails
Reviewed-by: hchao, jnimeh
2021-10-04 15:30:44 +00:00
Sean Mullan
6d91a3eb7b 8269039: Disable SHA-1 Signed JARs
Reviewed-by: weijun
2021-09-21 13:45:47 +00:00
Weijun Wang
ef4ba224c4 8268349: Provide clear run-time warnings about Security Manager deprecation
Reviewed-by: lancea, mullan, alanb
2021-06-22 02:06:59 +00:00
Weijun Wang
6765f90250 8266459: Implement JEP 411: Deprecate the Security Manager for Removal
Co-authored-by: Sean Mullan <mullan@openjdk.org>
Co-authored-by: Lance Andersen <lancea@openjdk.org>
Co-authored-by: Weijun Wang <weijun@openjdk.org>
Reviewed-by: erikj, darcy, chegar, naoto, joehw, alanb, mchung, kcr, prr, lancea
2021-06-02 11:57:31 +00:00
Stuart Marks
7c85f3510c 8267123: Remove RMI Activation
Reviewed-by: erikj, rriggs, alanb
2021-05-27 15:19:45 +00:00
Weijun Wang
640a2afda3 8267184: Add -Djava.security.manager=allow to tests calling System.setSecurityManager
Co-authored-by: Lance Andersen <lancea@openjdk.org>
Co-authored-by: Weijun Wang <weijun@openjdk.org>
Reviewed-by: dholmes, alanb, dfuchs, mchung, mullan, prr
2021-05-24 16:55:55 +00:00
Sean Coffey
276a1bf767 8236671: NullPointerException in JKS keystore
Reviewed-by: hchao, xuelei
2021-04-30 09:32:40 +00:00
Sean Mullan
ddc56d1dbe 8259428: AlgorithmId.getEncodedParams() should return copy
Reviewed-by: weijun, valeriep
2021-04-20 21:45:52 +00:00
Weijun Wang
c70589c68c 8265227: Move Proc.java from security/testlibrary to test/lib
Reviewed-by: rriggs, xuelei, rhalade, ssahoo
2021-04-15 15:07:47 +00:00
Ziyi Luo
a5d7de2351 8263404: RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec
Co-authored-by: Greg Rubin <rubin@amazon.com>
Reviewed-by: valeriep
2021-03-29 20:14:47 +00:00
Valerie Peng
434a399bea 8260274: Cipher.init(int, key) does not use highest priority provider for random bytes
Reviewed-by: ascarpino, xuelei
2021-03-18 23:23:19 +00:00
Igor Ignatyev
e834f99d1d 8263412: ClassFileInstaller can't be used by classes outside of default package
Reviewed-by: iklam, coleenp, mseledtsov
2021-03-12 23:13:16 +00:00
Ziyi Luo
a777e82cd8 8254717: isAssignableFrom checks in KeyFactorySpi.engineGetKeySpec appear to be backwards
Reviewed-by: jnimeh
2021-03-04 15:17:53 +00:00
Roger Riggs
628c546bea 8258796: [test] Apply HexFormat to tests for java.security
Reviewed-by: xuelei
2021-01-08 21:32:54 +00:00
Jamil Nimeh
f5ee356540 8179503: Java should support GET OCSP calls
Reviewed-by: xuelei
2020-12-31 18:03:54 +00:00
Rajan Halade
54b340b44f 8254081: java/security/cert/PolicyNode/GetPolicyQualifiers.java fails due to an expired certificate
Perform backdated validation of test certificate.

Reviewed-by: mullan, xuelei
2020-10-06 16:38:42 +00:00
Anthony Scarpino
0b83fc0150 8235710: Remove the legacy elliptic curves
Reviewed-by: xuelei, erikj
2020-09-25 02:40:36 +00:00
Valerie Peng
40206822f4 8172366: Support SHA-3 based signatures
Enhance default JDK providers including SUN, SunRsaSign, and SunEC, with signatures using SHA-3 family of digests.

Reviewed-by: xuelei
2020-09-15 20:28:48 +00:00
Anthony Scarpino
a0e5043781 8246806: Incorrect copyright header in KeyAgreementTest.java, GroupName.java
Reviewed-by: weijun
2020-07-08 08:58:05 -07:00
Valerie Peng
f4756fdf48 8248505: Unexpected NoSuchAlgorithmException when using secure random impl from BCFIPS provider
Use getService(...) call for Provider.getDefaultSecureRandomService()

Reviewed-by: weijun, coffeys, mullan
2020-07-07 16:55:29 +00:00
John Jiang
45fce6baf9 8242538: java/security/SecureRandom/ThreadSafe.java failed on windows
Reviewed-by: mullan
2020-07-07 06:06:18 +08:00
Valerie Peng
f968f32789 8246077: Cloneable test in HmacCore seems questionable
Updated java.security.MessageDigest and Signature classes to return Cloneable obj for Cloneable spi obj

Reviewed-by: weijun, xuelei, coffeys
2020-06-15 23:30:49 +00:00
Weijun Wang
2536cbf2cf 8245679: KeyStore cannot probe PKCS12 keystore if BouncyCastle is the top security provider
Reviewed-by: mullan
2020-06-13 17:49:15 +08:00
Valerie Peng
0b8f18beda 8246613: Choose the default SecureRandom algo based on registration ordering
Fixed java.security.Provider and SecureRandom to use the 1st registered SecureRandom service

Reviewed-by: weijun, mullan
2020-06-12 02:34:44 +00:00
Mikael Vidstedt
071bd521bc 8244224: Implementation of JEP 381: Remove the Solaris and SPARC Ports
Reviewed-by: alanb, bchristi, dcubed, dfuchs, eosterlund, erikj, glaubitz, ihse, iignatyev, jjiang, kbarrett, ksrini, kvn, naoto, prr, rriggs, serb, sspitsyn, stefank, tschatzl, valeriep, weijun, weijun
2020-05-20 17:33:37 -07:00
Valerie Peng
080b3b83eb 8242151: Improve OID mapping and reuse among JDK security providers for aliases registration
Use sun.security.util.KnownOIDs enum instead of hardcoding oid strings everywhere

Reviewed-by: weijun
2020-05-19 04:05:03 +00:00
Weijun Wang
cc47d0aa61 8244674: Third-party code version check
Reviewed-by: mullan
2020-05-12 15:15:40 +08:00
Sean Mullan
3efd000036 8242565: Policy initialization issues when the denyAfter constraint is enabled
Reviewed-by: weijun
2020-04-16 09:48:32 -04:00
Alexey Bakhtin
76d534986b 8241960: The SHA3 message digests impl of SUN provider are not thread safe after cloned
Fix sun.security.provider.SHA3 class to correctly clone its lanes field

Reviewed-by: valeriep
2020-04-03 22:39:00 +00:00
Anthony Scarpino
b0245c2b54 8237219: Disable native SunEC implementation by default
Reviewed-by: weijun, mullan
2020-03-25 12:41:14 -07:00
Xue-Lei Andrew Fan
4e430ffbb6 8239264: Clearup the legacy ObjectIdentifier constructor from int array
Reviewed-by: jnimeh
2020-02-17 18:52:50 -08:00
Mikael Vidstedt
3318314c7c 8237589: Fix copyright header formatting
Reviewed-by: jjg, serb, iris, jwilhelm
2020-01-21 14:23:01 -08:00
Igor Ignatyev
e2240b714e 8236111: narrow allowSmartActionArgs disabling
Reviewed-by: dholmes, mullan, darcy, rriggs
2020-01-15 21:20:40 -08:00
Weijun Wang
c0d097eac6 8214024: Remove the default keytool -keyalg value
Reviewed-by: mullan
2019-11-15 09:06:58 +08:00
Weijun Wang
9eb755e85e 8209901: Canonical file handling
Reviewed-by: mullan, alanb, ahgross
2019-04-22 13:01:57 +08:00
Tianmin Shi
2b56811616 8231387: java.security.Provider.getService returns random result due to race condition with mutating methods in the same class
Synchronize access to legacyMap in Provider.getService.

Reviewed-by: valeriep
2019-09-25 08:29:03 -07:00
John Jiang
655cf14138 8228967: Trust/Key store and SSL context utilities for tests
Reviewed-by: xuelei
2019-09-05 14:55:21 +08:00
Valerie Peng
effe3eb806 8228613: java.security.Provider#getServices order is no longer deterministic
Changed to use SunEntries.DEF_SECURE_RANDOM_ALGO instead of relying on ordering of SecureRandom services

Reviewed-by: weijun
2019-08-14 00:57:15 +00:00
Vladimir Kozlov
c956e7ca8d 8185139: [Graal] Tests which set too restrictive security manager fail with Graal
Tests should also check default policy

Reviewed-by: mchung, dfuchs, alanb, mullan
2019-06-21 13:04:14 -07:00
Sean Mullan
a7a94701fe 8226307: Curve names should be case-insensitive
Reviewed-by: igerasim, jnimeh, wetmore
2019-06-21 08:38:26 -04:00
Sean Coffey
3f0730930d 8133489: Better messaging for PKIX path validation matching
Reviewed-by: xuelei
2019-06-21 08:07:18 +00:00