diff --git a/make/com/sun/crypto/provider/Makefile b/make/com/sun/crypto/provider/Makefile
index 5dccb9f81b3e169ab634dc9dd6d7a30f46888e3e..8cf809dc46964cb809f7eefa72778862db6c5696 100644
--- a/make/com/sun/crypto/provider/Makefile
+++ b/make/com/sun/crypto/provider/Makefile
@@ -1,5 +1,5 @@
#
-# Copyright 2007-2008 Sun Microsystems, Inc. All Rights Reserved.
+# Copyright 2007-2009 Sun Microsystems, Inc. All Rights Reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@@ -45,54 +45,49 @@
# For OpenJDK, the jar files built here are installed directly into the
# OpenJDK.
#
-# For JDK, the binaries use pre-built/pre-signed/pre-obfuscated binary
-# files stored in the closed workspace that are not shipped in the
-# OpenJDK workspaces. We still build the JDK files here to verify the
-# files compile, and in preparation for possible signing and
-# obfuscation. Developers working on JCE in JDK must sign the JCE files
-# before testing: obfuscation is optional during development. The JCE
-# signing key is kept separate from the JDK workspace to prevent its
-# disclosure. The obfuscation tool has not been licensed for general
-# usage.
-#
+# For JDK, the binaries use pre-built/pre-signed binary files stored in
+# the closed workspace that are not shipped in the OpenJDK workspaces.
+# We still build the JDK files here to verify the files compile, and in
+# preparation for possible signing. Developers working on JCE in JDK
+# must sign the JCE files before testing. The JCE signing key is kept
+# separate from the JDK workspace to prevent its disclosure.
+#
# SPECIAL NOTE TO JCE/JDK developers: The source files must eventually
-# be built, obfuscated, signed, and then the resulting jar files MUST BE
-# CHECKED INTO THE CLOSED PART OF THE WORKSPACE*. This separate step
-# *MUST NOT BE FORGOTTEN*, otherwise a bug fixed in the source code will
-# not be reflected in the shipped binaries. The "release" target should be
+# be built and signed, and the resulting jar files MUST BE CHECKED INTO
+# THE CLOSED PART OF THE WORKSPACE*. This separate step *MUST NOT BE
+# FORGOTTEN*, otherwise a bug fixed in the source code will not be
+# reflected in the shipped binaries. The "release" target should be
# used to generate the required files.
#
# There are a number of targets to help both JDK/OpenJDK developers.
#
# Main Targets (JDK/OPENJDK):
#
-# all/clobber/clean The usual.
-# If OpenJDK, installs sunjce_provider.jar.
-# If JDK, installs prebuilt
-# sunjce_provider.jar.
+# all/clobber/clean The usual.
+# If OpenJDK, installs sunjce_provider.jar.
+# If JDK, installs prebuilt
+# sunjce_provider.jar.
#
-# jar Builds/installs sunjce_provider.jar
-# If OpenJDK, does not sign.
-# If JDK, tries to sign.
+# jar Builds/installs sunjce_provider.jar
+# If OpenJDK, does not sign.
+# If JDK, tries to sign.
#
# Other lesser-used Targets (JDK/OPENJDK):
#
-# build-jar Builds sunjce_provider.jar
-# (does not sign/install)
+# build-jar Builds sunjce_provider.jar
+# (does not sign/install)
#
-# install-jar Alias for "jar" above.
+# install-jar Alias for "jar" above.
#
# Other targets (JDK only):
#
-# sign Alias for sign-jar
-# sign-jar Builds/signs sunjce_provider.jar (no install)
-#
-# obfus Builds/obfuscates/signs sunjce_provider.jar
+# sign Alias for sign-jar
+# sign-jar Builds/signs sunjce_provider.jar (no install)
#
-# release Builds all targets in preparation
-# for workspace integration.
+# release Builds all targets in preparation
+# for workspace integration.
#
-# install-prebuilt Installs the pre-built jar files
+# install-prebuilt Installs the pre-built jar files
#
# This makefile was written to support parallel target execution.
#
@@ -103,7 +98,7 @@ PRODUCT = sun
#
# The following is for when we need to do postprocessing
-# (signing/obfuscation) against a read-only build. If the OUTPUTDIR
+# (signing) against a read-only build. If the OUTPUTDIR
# isn't writable, the build currently crashes out.
#
ifndef OPENJDK
@@ -158,8 +153,8 @@ endif # OPENJDK
#
# We use a variety of subdirectories in the $(TEMPDIR) depending on what
# part of the build we're doing. Both OPENJDK/JDK builds are initially
-# done in the unsigned area. When files are signed or obfuscated in JDK,
-# they will be placed in the appropriate areas.
+# done in the unsigned area. When files are signed in JDK, they will be
+# placed in the appropriate areas.
#
UNSIGNED_DIR = $(TEMPDIR)/unsigned
@@ -223,62 +218,15 @@ $(SIGNED_DIR)/sunjce_provider.jar:
endif
$(call sign-file, $(UNSIGNED_DIR)/sunjce_provider.jar)
-# =====================================================
-# Obfuscate/sign/install the JDK build. Not needed for OpenJDK.
-#
-
-OBFUS_DIR = $(JCE_BUILD_DIR)/obfus/sunjce
-
-CLOSED_DIR = $(BUILDDIR)/closed/com/sun/crypto/provider
-
-obfus: $(OBFUS_DIR)/sunjce_provider.jar
- $(release-warning)
-
-ifndef ALT_JCE_BUILD_DIR
-$(OBFUS_DIR)/sunjce_provider.jar: build-jar $(JCE_MANIFEST_FILE) \
- $(OBFUS_DIR)/sunjce.dox
-else
-$(OBFUS_DIR)/sunjce_provider.jar: $(JCE_MANIFEST_FILE) $(OBFUS_DIR)/sunjce.dox
- @if [ ! -d $(CLASSDESTDIR) ] ; then \
- $(ECHO) "Couldn't find $(CLASSDESTDIR)"; \
- exit 1; \
- fi
-endif
- @$(ECHO) ">>>Obfuscating SunJCE Provider..."
- $(presign)
- $(preobfus)
- $(prep-target)
- $(CD) $(OBFUS_DIR); \
- $(OBFUSCATOR) -fv sunjce.dox
- @$(CD) $(OBFUS_DIR); $(java-vm-cleanup)
- $(BOOT_JAR_CMD) cmf $(JCE_MANIFEST_FILE) $@ \
- -C $(OBFUS_DIR)/build com \
- $(BOOT_JAR_JFLAGS)
- $(sign-target)
- @$(java-vm-cleanup)
-
-$(OBFUS_DIR)/sunjce.dox: $(CLOSED_DIR)/obfus/sunjce.dox
- @$(ECHO) ">>>Creating sunjce.dox"
- $(prep-target)
- $(SED) "s:@@TEMPDIR@@:$(ABS_TEMPDIR):" $< > $@
-
-#
-# The current obfuscator has a limitation in that it currently only
-# supports up to v49 class file format. Force v49 classfiles in our
-# builds for now.
-#
-SOURCE_LANGUAGE_VERSION = 5
-TARGET_CLASS_VERSION = 5
-
# =====================================================
-# Create the Release Engineering files. Obfuscated builds, etc.
+# Create the Release Engineering files. Signed builds, etc.
#
-release: $(OBFUS_DIR)/sunjce_provider.jar
+release: $(SIGNED_DIR)/sunjce_provider.jar
$(RM) $(JCE_BUILD_DIR)/release/sunjce_provider.jar
$(MKDIR) -p $(JCE_BUILD_DIR)/release
- $(CP) $(OBFUS_DIR)/sunjce_provider.jar $(JCE_BUILD_DIR)/release
+ $(CP) $(SIGNED_DIR)/sunjce_provider.jar $(JCE_BUILD_DIR)/release
$(release-warning)
endif # OPENJDK
@@ -320,5 +268,5 @@ clobber clean::
.PHONY: build-jar jar install-jar
ifndef OPENJDK
-.PHONY: sign sign-jar obfus release install-prebuilt
+.PHONY: sign sign-jar release install-prebuilt
endif
diff --git a/make/javax/crypto/Defs-jce.gmk b/make/javax/crypto/Defs-jce.gmk
index 46fe1118dcac52774daa8fc986850e168b33ed51..0b75bceb98483f204e90f8422ebc6cc9a7edc037 100644
--- a/make/javax/crypto/Defs-jce.gmk
+++ b/make/javax/crypto/Defs-jce.gmk
@@ -1,5 +1,5 @@
#
-# Copyright 2007-2008 Sun Microsystems, Inc. All Rights Reserved.
+# Copyright 2007-2009 Sun Microsystems, Inc. All Rights Reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@@ -61,7 +61,7 @@ SIGNING_PASSPHRASE = $(SIGNING_KEY_DIR)/passphrase.txt
SIGNING_ALIAS = jce_rsa
#
-# Defines for signing/obfuscating the various jar files.
+# Defines for signing the various jar files.
#
define presign
@@ -100,19 +100,4 @@ define sign-file
$(sign-target)
endef
-#
-# Location for the Obfuscation product. JDK currently has
-# the requirement that we obfuscate our JCE jars.
-#
-OBFUSCATOR = /security/tools/bin/obfus
-OBFUS_DIR = $(TEMPDIR)/obfus
-
-define preobfus
- @if [ ! -f $(OBFUSCATOR) ]; then \
- $(ECHO) "\n$(OBFUSCATOR): Obfuscator *NOT* available..." \
- $(README-MAKEFILE_WARNING); \
- exit 2; \
- fi
-endef
-
endif # !OPENJDK
diff --git a/make/javax/crypto/Makefile b/make/javax/crypto/Makefile
index 815a530ce274d53eb91819e9c4f59b6ac07582a4..fe07ed5edf7a33178b4528bf5b095f86d6f3eacc 100644
--- a/make/javax/crypto/Makefile
+++ b/make/javax/crypto/Makefile
@@ -1,5 +1,5 @@
#
-# Copyright 2007-2008 Sun Microsystems, Inc. All Rights Reserved.
+# Copyright 2007-2009 Sun Microsystems, Inc. All Rights Reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@@ -44,64 +44,65 @@
# For OpenJDK, the jar files built here are installed directly into the
# OpenJDK.
#
-# For JDK, the binaries use pre-built/pre-signed/pre-obfuscated binary
-# files stored in the closed workspace that are not shipped in the
-# OpenJDK workspaces. We still build the JDK files here to verify the
-# files compile, and in preparation for possible signing and
-# obfuscation. Developers working on JCE in JDK must sign the JCE files
-# before testing: obfuscation is optional during development. The JCE
-# signing key is kept separate from the JDK workspace to prevent its
-# disclosure. The obfuscation tool has not been licensed for general
-# usage.
+# For JDK, the binaries use pre-built/pre-signed binary files stored in
+# the closed workspace that are not shipped in the OpenJDK workspaces.
+# We still build the JDK files here to verify the files compile, and in
+# preparation for possible signing. Developers working on JCE in JDK
+# must sign the JCE files before testing. The JCE signing key is kept
+# separate from the JDK workspace to prevent its disclosure.
#
# SPECIAL NOTE TO JCE/JDK developers: The source files must eventually
-# be built, obfuscated, signed, and the resulting jar files *MUST BE
-# CHECKED INTO THE CLOSED PART OF THE WORKSPACE*. This separate step
-# *MUST NOT BE FORGOTTEN*, otherwise a bug fixed in the source code will
-# not be reflected in the shipped binaries. The "release" target should
-# be used to generate the required files.
+# be built and signed, and the resulting jar files *MUST BE CHECKED INTO
+# THE CLOSED PART OF THE WORKSPACE*. This separate step *MUST NOT BE
+# FORGOTTEN*, otherwise a bug fixed in the source code will not be
+# reflected in the shipped binaries. The "release" target should be
+# used to generate the required files.
#
# There are a number of targets to help both JDK/OpenJDK developers.
#
# Main Targets (JDK/OPENJDK):
#
-# all/clobber/clean The usual.
-# If OpenJDK, installs
-# jce.jar/limited policy files.
-# If JDK, installs prebuilt
-# jce.jar/limited policy files.
-#
-# jar Builds/installs jce.jar
-# If OpenJDK, does not sign
-# If JDK, tries to sign
+# all/clobber/clean The usual.
+# If OpenJDK: builds/installs the
+# jce.jar/limited policy files.
+# If JDK: builds but does not install.
+# During full tops-down builds,
+# prebuilt/presigned jce.jar &
+# limited policy files are copied
+# in by make/java/redist/Makefile.
+# If you are working in this directory
+# and want to install the prebuilts,
+# use the "install-prebuilt" target.
+#
+# jar Builds/installs jce.jar
+# If OpenJDK, does not sign
+# If JDK, tries to sign
#
# Other lesser-used Targets (JDK/OPENJDK):
#
-# build-jar Builds jce.jar (does not sign/install)
+# build-jar Builds jce.jar (does not sign/install)
#
-# build-policy Builds policy files (does not sign/install)
+# build-policy Builds policy files (does not sign/install)
#
-# install-jar Alias for "jar" above
+# install-jar Alias for "jar" above
#
-# install-limited Builds/installs limited policy files
-# If OpenJDK, does not sign
-# If JDK, tries to sign
-# install-unlimited Builds/nstalls unlimited policy files
-# If OpenJDK, does not sign
-# If JDK, tries to sign
+# install-limited Builds/installs limited policy files
+# If OpenJDK, does not sign
+# If JDK, tries to sign
+# install-unlimited Builds/nstalls unlimited policy files
+# If OpenJDK, does not sign
+# If JDK, tries to sign
#
# Other targets (JDK only):
#
-# sign Alias for sign-jar and sign-policy
-# sign-jar Builds/signs jce.jar file (no install)
-# sign-policy Builds/signs policy files (no install)
-#
-# obfus Builds/obfuscates/signs jce.jar
+# sign Alias for sign-jar and sign-policy
+# sign-jar Builds/signs jce.jar file (no install)
+# sign-policy Builds/signs policy files (no install)
#
-# release Builds all targets in preparation
-# for workspace integration.
+# release Builds all targets in preparation
+# for workspace integration.
#
-# install-prebuilt Installs the pre-built jar files
+# install-prebuilt Installs the pre-built jar files
#
# This makefile was written to support parallel target execution.
#
@@ -112,7 +113,7 @@ PRODUCT = sun
#
# The following is for when we need to do postprocessing
-# (signing/obfuscation) against a read-only build. If the OUTPUTDIR
+# (signing) against a read-only build. If the OUTPUTDIR
# isn't writable, the build currently crashes out.
#
ifndef OPENJDK
@@ -169,8 +170,8 @@ endif # OPENJDK
#
# We use a variety of subdirectories in the $(TEMPDIR) depending on what
# part of the build we're doing. Both OPENJDK/JDK builds are initially
-# done in the unsigned area. When files are signed or obfuscated in JDK,
-# they will be placed in the appropriate areas.
+# done in the unsigned area. When files are signed in JDK, they will be
+# placed in the appropriate areas.
#
UNSIGNED_DIR = $(TEMPDIR)/unsigned
@@ -178,7 +179,7 @@ include Defs-jce.gmk
# =====================================================
-# Build the unsigned jce.jar file. Signing/obfuscation comes later.
+# Build the unsigned jce.jar file. Signing comes later.
#
JAR_DESTFILE = $(LIBDIR)/jce.jar
@@ -363,69 +364,13 @@ $(SIGNED_POLICY_BUILDDIR)/limited/local_policy.jar: \
# =====================================================
-# Obfuscate/sign/install the JDK build. Not needed for OpenJDK.
+# Create the Release Engineering files. Signed builds,
+# unlimited policy file distribution, etc.
#
-OBFUS_DIR = $(JCE_BUILD_DIR)/obfus/jce
-
CLOSED_DIR = $(BUILDDIR)/closed/javax/crypto
-obfus: $(OBFUS_DIR)/jce.jar
- $(release-warning)
-
-ifndef ALT_JCE_BUILD_DIR
-$(OBFUS_DIR)/jce.jar: build-jar $(JCE_MANIFEST_FILE) $(OBFUS_DIR)/framework.dox
-else
-#
-# We have to remove the build dependency, otherwise, we'll try to rebuild it
-# which we can't do on a read-only filesystem.
-#
-$(OBFUS_DIR)/jce.jar: $(JCE_MANIFEST_FILE) $(OBFUS_DIR)/framework.dox
- @if [ ! -d $(CLASSDESTDIR) ] ; then \
- $(ECHO) "Couldn't find $(CLASSDESTDIR)"; \
- exit 1; \
- fi
-endif
- @$(ECHO) ">>>Obfuscating JCE framework..."
- $(presign)
- $(preobfus)
- $(prep-target)
- $(CD) $(OBFUS_DIR); \
- $(OBFUSCATOR) -fv framework.dox
- @$(CD) $(OBFUS_DIR); $(java-vm-cleanup)
- @#
- @# The sun.security.internal classes are currently not obfuscated
- @# due to an obfus problem. Manually copy them to the build directory
- @# so that they are included in the jce.jar file.
- @#
- $(CP) -r $(CLASSDESTDIR)/sun $(OBFUS_DIR)/build
- $(BOOT_JAR_CMD) cmf $(JCE_MANIFEST_FILE) $@ \
- -C $(OBFUS_DIR)/build javax \
- -C $(OBFUS_DIR)/build sun \
- $(BOOT_JAR_JFLAGS)
- $(sign-target)
- @$(java-vm-cleanup)
-
-$(OBFUS_DIR)/framework.dox: $(CLOSED_DIR)/obfus/framework.dox
- @$(ECHO) ">>>Creating framework.dox"
- $(prep-target)
- $(SED) "s:@@TEMPDIR@@:$(ABS_TEMPDIR):" $< > $@
-
-#
-# The current obfuscator has a limitation in that it currently only
-# supports up to v49 class file format. Force v49 classfiles in our
-# builds for now.
-#
-SOURCE_LANGUAGE_VERSION = 5
-TARGET_CLASS_VERSION = 5
-
-
-# =====================================================
-# Create the Release Engineering files. Obfuscated builds,
-# unlimited policy file distribution, etc.
-#
-
-release: $(OBFUS_DIR)/jce.jar sign-policy $(CLOSED_DIR)/doc/COPYRIGHT.html \
+release: $(SIGNED_DIR)/jce.jar sign-policy $(CLOSED_DIR)/doc/COPYRIGHT.html \
$(CLOSED_DIR)/doc/README.txt
$(RM) -r \
$(JCE_BUILD_DIR)/release/UnlimitedJCEPolicy \
@@ -434,7 +379,7 @@ release: $(OBFUS_DIR)/jce.jar sign-policy $(CLOSED_DIR)/doc/COPYRIGHT.html \
$(JCE_BUILD_DIR)/release/local_policy.jar \
$(JCE_BUILD_DIR)/release/UnlimitedJCEPolicy.zip
$(MKDIR) -p $(JCE_BUILD_DIR)/release/UnlimitedJCEPolicy
- $(CP) $(OBFUS_DIR)/jce.jar $(JCE_BUILD_DIR)/release
+ $(CP) $(SIGNED_DIR)/jce.jar $(JCE_BUILD_DIR)/release
$(CP) \
$(SIGNED_POLICY_BUILDDIR)/limited/US_export_policy.jar \
$(SIGNED_POLICY_BUILDDIR)/limited/local_policy.jar \
@@ -530,5 +475,5 @@ clobber clean::
.PHONY: build-jar jar build-policy unlimited limited install-jar \
install-limited install-unlimited
ifndef OPENJDK
-.PHONY: sign sign-jar sign-policy obfus release install-prebuilt
+.PHONY: sign sign-jar sign-policy release install-prebuilt
endif
diff --git a/make/sun/security/mscapi/Makefile b/make/sun/security/mscapi/Makefile
index 08d6609e166173aacf2cd61bbf3bf1e06994d75b..c16d130504f044c7b0989e2bd5e7847ac40cb124 100644
--- a/make/sun/security/mscapi/Makefile
+++ b/make/sun/security/mscapi/Makefile
@@ -1,5 +1,5 @@
#
-# Copyright 2005-2008 Sun Microsystems, Inc. All Rights Reserved.
+# Copyright 2005-2009 Sun Microsystems, Inc. All Rights Reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@@ -59,31 +59,31 @@
#
# Main Targets (JDK/OPENJDK):
#
-# all/clobber/clean The usual, plus the native libraries.
-# If OpenJDK, installs sunmscapi.jar.
-# If JDK, installs prebuilt
-# sunmscapi.jar.
+# all/clobber/clean The usual, plus the native libraries.
+# If OpenJDK, installs sunmscapi.jar.
+# If JDK, installs prebuilt
+# sunmscapi.jar.
#
-# jar Builds/installs sunmscapi.jar
-# If OpenJDK, does not sign.
-# If JDK, tries to sign.
+# jar Builds/installs sunmscapi.jar
+# If OpenJDK, does not sign.
+# If JDK, tries to sign.
#
# Other lesser-used Targets (JDK/OPENJDK):
#
-# build-jar Builds sunmscapi.jar
-# (does not sign/install)
+# build-jar Builds sunmscapi.jar
+# (does not sign/install)
#
-# install-jar Alias for "jar" above.
+# install-jar Alias for "jar" above.
#
# Other targets (JDK only):
#
-# sign Alias for sign-jar
-# sign-jar Builds/signs sunmscapi.jar (no install)
+# sign Alias for sign-jar
+# sign-jar Builds/signs sunmscapi.jar (no install)
#
-# release Builds all targets in preparation
-# for workspace integration.
+# release Builds all targets in preparation
+# for workspace integration.
#
-# install-prebuilt Installs the pre-built jar files
+# install-prebuilt Installs the pre-built jar files
#
# This makefile was written to support parallel target execution.
#
diff --git a/make/sun/security/pkcs11/Makefile b/make/sun/security/pkcs11/Makefile
index f20910b7ed2add513d2c19c6cb02613f01e21226..9a4a4089be4e3a08ce18ade8e1612500ebb8aabe 100644
--- a/make/sun/security/pkcs11/Makefile
+++ b/make/sun/security/pkcs11/Makefile
@@ -1,5 +1,5 @@
#
-# Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved.
+# Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@@ -59,31 +59,31 @@
#
# Main Targets (JDK/OPENJDK):
#
-# all/clobber/clean The usual, plus the native libraries.
-# If OpenJDK, installs sunpkcs11.jar.
-# If JDK, installs prebuilt
-# sunpkcs11.jar.
+# all/clobber/clean The usual, plus the native libraries.
+# If OpenJDK, installs sunpkcs11.jar.
+# If JDK, installs prebuilt
+# sunpkcs11.jar.
#
-# jar Builds/installs sunpkcs11.jar
-# If OpenJDK, does not sign.
-# If JDK, tries to sign.
+# jar Builds/installs sunpkcs11.jar
+# If OpenJDK, does not sign.
+# If JDK, tries to sign.
#
# Other lesser-used Targets (JDK/OPENJDK):
#
-# build-jar Builds sunpkcs11.jar
-# (does not sign/install)
+# build-jar Builds sunpkcs11.jar
+# (does not sign/install)
#
-# install-jar Alias for "jar" above.
+# install-jar Alias for "jar" above.
#
# Other targets (JDK only):
#
-# sign Alias for sign-jar
-# sign-jar Builds/signs sunpkcs11.jar (no install)
+# sign Alias for sign-jar
+# sign-jar Builds/signs sunpkcs11.jar (no install)
#
-# release Builds all targets in preparation
-# for workspace integration.
+# release Builds all targets in preparation
+# for workspace integration.
#
-# install-prebuilt Installs the pre-built jar files
+# install-prebuilt Installs the pre-built jar files
#
# This makefile was written to support parallel target execution.
#
diff --git a/src/share/classes/com/sun/crypto/provider/AESCipher.java b/src/share/classes/com/sun/crypto/provider/AESCipher.java
index 1809f6d82aed8520edb167f3fc0bcdcfedff7788..1d58e21edd0c6b9455e523d98c26665190c2de81 100644
--- a/src/share/classes/com/sun/crypto/provider/AESCipher.java
+++ b/src/share/classes/com/sun/crypto/provider/AESCipher.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2002-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -56,12 +56,8 @@ public final class AESCipher extends CipherSpi {
/**
* Creates an instance of AES cipher with default ECB mode and
* PKCS5Padding.
- *
- * @exception SecurityException if this constructor fails to verify
- * its own integrity
*/
public AESCipher() {
- SunJCE.ensureIntegrity(getClass());
core = new CipherCore(new AESCrypt(), AESConstants.AES_BLOCK_SIZE);
}
diff --git a/src/share/classes/com/sun/crypto/provider/AESKeyGenerator.java b/src/share/classes/com/sun/crypto/provider/AESKeyGenerator.java
index d6a715d8e5566a2fb3016ae8096ae0eed3678966..83cf3223d7563380fee24bac76ed356f5533177b 100644
--- a/src/share/classes/com/sun/crypto/provider/AESKeyGenerator.java
+++ b/src/share/classes/com/sun/crypto/provider/AESKeyGenerator.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2002-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -48,16 +48,9 @@ public final class AESKeyGenerator extends KeyGeneratorSpi {
private int keySize = 16; // default keysize (in number of bytes)
/**
- * Verify the SunJCE provider in the constructor.
- *
- * @exception SecurityException if fails to verify
- * its own integrity
+ * Empty constructor.
*/
public AESKeyGenerator() {
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have " +
- "been tampered.");
- }
}
/**
diff --git a/src/share/classes/com/sun/crypto/provider/AESWrapCipher.java b/src/share/classes/com/sun/crypto/provider/AESWrapCipher.java
index 5bdcb135442948047f1ac4fb37188ade1481f732..501e2b69936c8df9281e3f0ea229cbecd1021755 100644
--- a/src/share/classes/com/sun/crypto/provider/AESWrapCipher.java
+++ b/src/share/classes/com/sun/crypto/provider/AESWrapCipher.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2004-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2004-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -65,12 +65,8 @@ public final class AESWrapCipher extends CipherSpi {
/**
* Creates an instance of AES KeyWrap cipher with default
* mode, i.e. "ECB" and padding scheme, i.e. "NoPadding".
- *
- * @exception SecurityException if this constructor fails to verify
- * its own integrity
*/
public AESWrapCipher() {
- SunJCE.ensureIntegrity(getClass());
cipher = new AESCrypt();
}
diff --git a/src/share/classes/com/sun/crypto/provider/ARCFOURCipher.java b/src/share/classes/com/sun/crypto/provider/ARCFOURCipher.java
index 5876a45dbb36937a945d961cdec560bcd76c3a24..62affa324b6ff004f9447f0635d8cf1cdc3985a8 100644
--- a/src/share/classes/com/sun/crypto/provider/ARCFOURCipher.java
+++ b/src/share/classes/com/sun/crypto/provider/ARCFOURCipher.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2003-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -62,7 +62,6 @@ public final class ARCFOURCipher extends CipherSpi {
// called by the JCE framework
public ARCFOURCipher() {
- SunJCE.ensureIntegrity(getClass());
S = new int[256];
}
diff --git a/src/share/classes/com/sun/crypto/provider/BlowfishCipher.java b/src/share/classes/com/sun/crypto/provider/BlowfishCipher.java
index 2b5f0fb73003e90774e0e6853517b524a194491f..14d049f80378ea7dc8d75e910818bf2e91ca3dbd 100644
--- a/src/share/classes/com/sun/crypto/provider/BlowfishCipher.java
+++ b/src/share/classes/com/sun/crypto/provider/BlowfishCipher.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1998-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -60,12 +60,8 @@ public final class BlowfishCipher extends CipherSpi {
/**
* Creates an instance of Blowfish cipher with default ECB mode and
* PKCS5Padding.
- *
- * @exception SecurityException if this constructor fails to verify
- * its own integrity
*/
public BlowfishCipher() {
- SunJCE.ensureIntegrity(getClass());
core = new CipherCore(new BlowfishCrypt(),
BlowfishConstants.BLOWFISH_BLOCK_SIZE);
}
diff --git a/src/share/classes/com/sun/crypto/provider/BlowfishKeyGenerator.java b/src/share/classes/com/sun/crypto/provider/BlowfishKeyGenerator.java
index 2d8fb85c420839432eddc9f41778fe51fccf72e3..96a2c7186e3e29fb5b6d609f7f03dc479c1f6d54 100644
--- a/src/share/classes/com/sun/crypto/provider/BlowfishKeyGenerator.java
+++ b/src/share/classes/com/sun/crypto/provider/BlowfishKeyGenerator.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1998-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -46,16 +46,9 @@ public final class BlowfishKeyGenerator extends KeyGeneratorSpi {
private int keysize = 16; // default keysize (in number of bytes)
/**
- * Verify the SunJCE provider in the constructor.
- *
- * @exception SecurityException if fails to verify
- * its own integrity
+ * Empty constructor
*/
public BlowfishKeyGenerator() {
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have " +
- "been tampered.");
- }
}
/**
diff --git a/src/share/classes/com/sun/crypto/provider/DESCipher.java b/src/share/classes/com/sun/crypto/provider/DESCipher.java
index 07ddf318ff25d169381ce146eff7009866733ab5..30f36f3b982cb64b8781cec34e70d22f2f2ef39a 100644
--- a/src/share/classes/com/sun/crypto/provider/DESCipher.java
+++ b/src/share/classes/com/sun/crypto/provider/DESCipher.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -56,12 +56,8 @@ public final class DESCipher extends CipherSpi {
/**
* Creates an instance of DES cipher with default ECB mode and
* PKCS5Padding.
- *
- * @exception SecurityException if this constructor fails to verify
- * its own integrity
*/
public DESCipher() {
- SunJCE.ensureIntegrity(getClass());
core = new CipherCore(new DESCrypt(), DESConstants.DES_BLOCK_SIZE);
}
diff --git a/src/share/classes/com/sun/crypto/provider/DESKeyFactory.java b/src/share/classes/com/sun/crypto/provider/DESKeyFactory.java
index 3ffa89d996c419a7ffc36e6fdb9ff8cf3b4ebfc2..968d6f78f430b99e877df731aabe5a3b12a505ab 100644
--- a/src/share/classes/com/sun/crypto/provider/DESKeyFactory.java
+++ b/src/share/classes/com/sun/crypto/provider/DESKeyFactory.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -42,17 +42,11 @@ import java.security.spec.InvalidKeySpecException;
public final class DESKeyFactory extends SecretKeyFactorySpi {
/**
- * Verify the SunJCE provider in the constructor.
- *
- * @exception SecurityException if fails to verify
- * its own integrity
+ * Empty constructor
*/
public DESKeyFactory() {
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have " +
- "been tampered.");
- }
}
+
/**
* Generates a SecretKey object from the provided key
* specification (key material).
diff --git a/src/share/classes/com/sun/crypto/provider/DESKeyGenerator.java b/src/share/classes/com/sun/crypto/provider/DESKeyGenerator.java
index 2a7ac8e0771b413be83ec02f6b2b617a4daad866..cd028d4ac738f554bbff5d133ac10574b21a2408 100644
--- a/src/share/classes/com/sun/crypto/provider/DESKeyGenerator.java
+++ b/src/share/classes/com/sun/crypto/provider/DESKeyGenerator.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -46,16 +46,9 @@ public final class DESKeyGenerator extends KeyGeneratorSpi {
private SecureRandom random = null;
/**
- * Verify the SunJCE provider in the constructor.
- *
- * @exception SecurityException if fails to verify
- * its own integrity
+ * Empty constructor
*/
public DESKeyGenerator() {
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have " +
- "been tampered.");
- }
}
/**
diff --git a/src/share/classes/com/sun/crypto/provider/DESedeCipher.java b/src/share/classes/com/sun/crypto/provider/DESedeCipher.java
index 1514f44eddb0763a19eda9ba840b575c45bb0fc5..394a784215a4f30315a70732107c0fa31823ade6 100644
--- a/src/share/classes/com/sun/crypto/provider/DESedeCipher.java
+++ b/src/share/classes/com/sun/crypto/provider/DESedeCipher.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -53,12 +53,8 @@ public final class DESedeCipher extends CipherSpi {
/**
* Creates an instance of DESede cipher with default ECB mode and
* PKCS5Padding.
- *
- * @exception SecurityException if this constructor fails to verify
- * its own integrity
*/
public DESedeCipher() {
- SunJCE.ensureIntegrity(getClass());
core = new CipherCore(new DESedeCrypt(), DESConstants.DES_BLOCK_SIZE);
}
diff --git a/src/share/classes/com/sun/crypto/provider/DESedeKeyFactory.java b/src/share/classes/com/sun/crypto/provider/DESedeKeyFactory.java
index 831ca8cd7ad59b8b89b6f25495f53d56597165b4..fcd619b7af6c8b54e43073ed9fe38f0ef6f34b47 100644
--- a/src/share/classes/com/sun/crypto/provider/DESedeKeyFactory.java
+++ b/src/share/classes/com/sun/crypto/provider/DESedeKeyFactory.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -42,16 +42,9 @@ import java.security.spec.InvalidKeySpecException;
public final class DESedeKeyFactory extends SecretKeyFactorySpi {
/**
- * Verify the SunJCE provider in the constructor.
- *
- * @exception SecurityException if fails to verify
- * its own integrity
+ * Empty constructor
*/
public DESedeKeyFactory() {
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have been " +
- "tampered.");
- }
}
/**
diff --git a/src/share/classes/com/sun/crypto/provider/DESedeKeyGenerator.java b/src/share/classes/com/sun/crypto/provider/DESedeKeyGenerator.java
index 439c8facc91d82010bae98b6376d75735e8f3d39..333375e3edb19437ec89951f2122faea08357b35 100644
--- a/src/share/classes/com/sun/crypto/provider/DESedeKeyGenerator.java
+++ b/src/share/classes/com/sun/crypto/provider/DESedeKeyGenerator.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -47,16 +47,9 @@ public final class DESedeKeyGenerator extends KeyGeneratorSpi {
private int keysize = 168;
/**
- * Verify the SunJCE provider in the constructor.
- *
- * @exception SecurityException if fails to verify
- * its own integrity
+ * Empty constructor
*/
public DESedeKeyGenerator() {
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have been " +
- "tampered.");
- }
}
/**
diff --git a/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java b/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java
index 48cbb1edbc3d423df127497dead459be5b21c577..c3a36d1e9ceb9043a0249b59ad63df4c5d317064 100644
--- a/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java
+++ b/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2004-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2004-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -74,12 +74,8 @@ public final class DESedeWrapCipher extends CipherSpi {
/**
* Creates an instance of CMS DESede KeyWrap cipher with default
* mode, i.e. "CBC" and padding scheme, i.e. "NoPadding".
- *
- * @exception SecurityException if this constructor fails to verify
- * its own integrity.
*/
public DESedeWrapCipher() {
- SunJCE.ensureIntegrity(getClass());
cipher = new CipherBlockChaining(new DESedeCrypt());
}
diff --git a/src/share/classes/com/sun/crypto/provider/DHKeyAgreement.java b/src/share/classes/com/sun/crypto/provider/DHKeyAgreement.java
index 30bec7261174a6ee5ea371d2114287f3cbd369e4..e2a3cf08daf2c6330f2ee206beccf7bfc3a28a48 100644
--- a/src/share/classes/com/sun/crypto/provider/DHKeyAgreement.java
+++ b/src/share/classes/com/sun/crypto/provider/DHKeyAgreement.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -58,16 +58,9 @@ extends KeyAgreementSpi {
private BigInteger y = BigInteger.ZERO;
/**
- * Verify the SunJCE provider in the constructor.
- *
- * @exception SecurityException if fails to verify
- * its own integrity
+ * Empty constructor
*/
public DHKeyAgreement() {
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have been " +
- "tampered.");
- }
}
/**
diff --git a/src/share/classes/com/sun/crypto/provider/DHKeyFactory.java b/src/share/classes/com/sun/crypto/provider/DHKeyFactory.java
index e7c5f53b4d4291d7517efb9d75748c8c81a2a032..01a449c6a2f8ef6823dfe4a8743cb3212e9b890d 100644
--- a/src/share/classes/com/sun/crypto/provider/DHKeyFactory.java
+++ b/src/share/classes/com/sun/crypto/provider/DHKeyFactory.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -49,16 +49,9 @@ import javax.crypto.spec.DHParameterSpec;
public final class DHKeyFactory extends KeyFactorySpi {
/**
- * Verify the SunJCE provider in the constructor.
- *
- * @exception SecurityException if fails to verify
- * its own integrity
+ * Empty constructor
*/
public DHKeyFactory() {
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have " +
- "been tampered.");
- }
}
/**
diff --git a/src/share/classes/com/sun/crypto/provider/HmacCore.java b/src/share/classes/com/sun/crypto/provider/HmacCore.java
index 9950d112ff1369934c9e3ba7e1fed4ed04bcef11..87d9e04bc0e315ed74ef2cacf9afbbd99dc4785c 100644
--- a/src/share/classes/com/sun/crypto/provider/HmacCore.java
+++ b/src/share/classes/com/sun/crypto/provider/HmacCore.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2002-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -241,7 +241,6 @@ final class HmacCore implements Cloneable {
public static final class HmacSHA256 extends MacSpi implements Cloneable {
private final HmacCore core;
public HmacSHA256() throws NoSuchAlgorithmException {
- SunJCE.ensureIntegrity(getClass());
core = new HmacCore("SHA-256", 64);
}
private HmacSHA256(HmacSHA256 base) throws CloneNotSupportedException {
@@ -278,7 +277,6 @@ final class HmacCore implements Cloneable {
public static final class HmacSHA384 extends MacSpi implements Cloneable {
private final HmacCore core;
public HmacSHA384() throws NoSuchAlgorithmException {
- SunJCE.ensureIntegrity(getClass());
core = new HmacCore("SHA-384", 128);
}
private HmacSHA384(HmacSHA384 base) throws CloneNotSupportedException {
@@ -315,7 +313,6 @@ final class HmacCore implements Cloneable {
public static final class HmacSHA512 extends MacSpi implements Cloneable {
private final HmacCore core;
public HmacSHA512() throws NoSuchAlgorithmException {
- SunJCE.ensureIntegrity(getClass());
core = new HmacCore("SHA-512", 128);
}
private HmacSHA512(HmacSHA512 base) throws CloneNotSupportedException {
diff --git a/src/share/classes/com/sun/crypto/provider/HmacMD5.java b/src/share/classes/com/sun/crypto/provider/HmacMD5.java
index 26e76389d4fa85aad64012c2be90b71a898c9d97..ce3793c917ac12b1a2a397efc2c03f695c1e02c9 100644
--- a/src/share/classes/com/sun/crypto/provider/HmacMD5.java
+++ b/src/share/classes/com/sun/crypto/provider/HmacMD5.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1998-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -44,16 +44,8 @@ public final class HmacMD5 extends MacSpi implements Cloneable {
/**
* Standard constructor, creates a new HmacMD5 instance.
- * Verify the SunJCE provider in the constructor.
- *
- * @exception SecurityException if fails to verify
- * its own integrity
*/
public HmacMD5() throws NoSuchAlgorithmException {
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have " +
- "been tampered.");
- }
hmac = new HmacCore(MessageDigest.getInstance("MD5"),
MD5_BLOCK_LENGTH);
}
diff --git a/src/share/classes/com/sun/crypto/provider/HmacMD5KeyGenerator.java b/src/share/classes/com/sun/crypto/provider/HmacMD5KeyGenerator.java
index c1b6526457170dac812a3353056fe7d11052a4c1..1f73f32c7e9951fad55012e554c45fa595310b68 100644
--- a/src/share/classes/com/sun/crypto/provider/HmacMD5KeyGenerator.java
+++ b/src/share/classes/com/sun/crypto/provider/HmacMD5KeyGenerator.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1999-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -46,16 +46,9 @@ public final class HmacMD5KeyGenerator extends KeyGeneratorSpi {
private int keysize = 64; // default keysize (in number of bytes)
/**
- * Verify the SunJCE provider in the constructor.
- *
- * @exception SecurityException if fails to verify
- * its own integrity
+ * Empty constructor
*/
public HmacMD5KeyGenerator() {
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have " +
- "been tampered.");
- }
}
/**
diff --git a/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java b/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java
index 150477c5ea12604c2e07eae4e5a695772aae5dc7..4508c242e967db3fbf37d062cff189badf6730bb 100644
--- a/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java
+++ b/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2003-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -48,13 +48,8 @@ public final class HmacPKCS12PBESHA1 extends MacSpi implements Cloneable {
/**
* Standard constructor, creates a new HmacSHA1 instance.
- * Verify the SunJCE provider in the constructor.
- *
- * @exception SecurityException if fails to verify
- * its own integrity
*/
public HmacPKCS12PBESHA1() throws NoSuchAlgorithmException {
- SunJCE.ensureIntegrity(this.getClass());
this.hmac = new HmacCore(MessageDigest.getInstance("SHA1"),
SHA1_BLOCK_LENGTH);
}
diff --git a/src/share/classes/com/sun/crypto/provider/HmacSHA1.java b/src/share/classes/com/sun/crypto/provider/HmacSHA1.java
index 1421e855b9bf14d08b80d052acfd5343746fb938..0b4bea2c7f770bd7322409df70df66202c758cdb 100644
--- a/src/share/classes/com/sun/crypto/provider/HmacSHA1.java
+++ b/src/share/classes/com/sun/crypto/provider/HmacSHA1.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1998-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -44,16 +44,8 @@ public final class HmacSHA1 extends MacSpi implements Cloneable {
/**
* Standard constructor, creates a new HmacSHA1 instance.
- * Verify the SunJCE provider in the constructor.
- *
- * @exception SecurityException if fails to verify
- * its own integrity
*/
public HmacSHA1() throws NoSuchAlgorithmException {
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have " +
- "been tampered.");
- }
this.hmac = new HmacCore(MessageDigest.getInstance("SHA1"),
SHA1_BLOCK_LENGTH);
}
diff --git a/src/share/classes/com/sun/crypto/provider/HmacSHA1KeyGenerator.java b/src/share/classes/com/sun/crypto/provider/HmacSHA1KeyGenerator.java
index 561e4f1593c6f850375cce2a76c46a3b5864cce7..2bf214280cef43919b42938f8508e8db3d1b5964 100644
--- a/src/share/classes/com/sun/crypto/provider/HmacSHA1KeyGenerator.java
+++ b/src/share/classes/com/sun/crypto/provider/HmacSHA1KeyGenerator.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1999-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -46,16 +46,9 @@ public final class HmacSHA1KeyGenerator extends KeyGeneratorSpi {
private int keysize = 64; // default keysize (in number of bytes)
/**
- * Verify the SunJCE provider in the constructor.
- *
- * @exception SecurityException if fails to verify
- * its own integrity
+ * Empty constructor
*/
public HmacSHA1KeyGenerator() {
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have " +
- "been tampered.");
- }
}
/**
diff --git a/src/share/classes/com/sun/crypto/provider/JarVerifier.java b/src/share/classes/com/sun/crypto/provider/JarVerifier.java
deleted file mode 100644
index ea5f856955a8d678c84ce4c2ccbf4791e5730ebc..0000000000000000000000000000000000000000
--- a/src/share/classes/com/sun/crypto/provider/JarVerifier.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Copyright 2007 Sun Microsystems, Inc. All Rights Reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation. Sun designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Sun in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
- * CA 95054 USA or visit www.sun.com if you need additional information or
- * have any questions.
- */
-
-package com.sun.crypto.provider;
-
-// NOTE: this class is duplicated amongst SunJCE, SunPKCS11, and SunMSCAPI.
-// All files should be kept in sync.
-
-import java.io.*;
-import java.util.*;
-import java.util.jar.*;
-import java.net.URL;
-import java.net.JarURLConnection;
-import java.net.MalformedURLException;
-
-import java.security.*;
-import java.security.cert.*;
-import java.security.cert.Certificate;
-
-/**
- * This class verifies JAR files (and any supporting JAR files), and
- * determines whether they may be used in this implementation.
- *
- * The JCE in OpenJDK has an open cryptographic interface, meaning it
- * does not restrict which providers can be used. Compliance with
- * United States export controls and with local law governing the
- * import/export of products incorporating the JCE in the OpenJDK is
- * the responsibility of the licensee.
- *
- * @since 1.7
- */
-final class JarVerifier {
-
- private static final boolean debug = false;
-
- /**
- * Verify the JAR file is signed by an entity which has a certificate
- * issued by a trusted CA.
- *
- * Note: this is a temporary method and will change soon to use the
- * exception chaining mechanism, which can provide more details
- * as to why the verification failed.
- *
- * @param c the class to be verified.
- * @return true if verification is successful.
- */
- static boolean verify(final Class c) {
- return true;
- }
-}
diff --git a/src/share/classes/com/sun/crypto/provider/KeyGeneratorCore.java b/src/share/classes/com/sun/crypto/provider/KeyGeneratorCore.java
index 242db61d83fb6302b37d48d16676e668b9667915..6864dad5f7bb47cef74963920d4b9a327c2b556c 100644
--- a/src/share/classes/com/sun/crypto/provider/KeyGeneratorCore.java
+++ b/src/share/classes/com/sun/crypto/provider/KeyGeneratorCore.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2003-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -109,7 +109,6 @@ final class KeyGeneratorCore {
public static final class HmacSHA256KG extends KeyGeneratorSpi {
private final KeyGeneratorCore core;
public HmacSHA256KG() {
- SunJCE.ensureIntegrity(getClass());
core = new KeyGeneratorCore("HmacSHA256", 256);
}
protected void engineInit(SecureRandom random) {
@@ -131,7 +130,6 @@ final class KeyGeneratorCore {
public static final class HmacSHA384KG extends KeyGeneratorSpi {
private final KeyGeneratorCore core;
public HmacSHA384KG() {
- SunJCE.ensureIntegrity(getClass());
core = new KeyGeneratorCore("HmacSHA384", 384);
}
protected void engineInit(SecureRandom random) {
@@ -153,7 +151,6 @@ final class KeyGeneratorCore {
public static final class HmacSHA512KG extends KeyGeneratorSpi {
private final KeyGeneratorCore core;
public HmacSHA512KG() {
- SunJCE.ensureIntegrity(getClass());
core = new KeyGeneratorCore("HmacSHA512", 512);
}
protected void engineInit(SecureRandom random) {
@@ -175,7 +172,6 @@ final class KeyGeneratorCore {
public static final class RC2KeyGenerator extends KeyGeneratorSpi {
private final KeyGeneratorCore core;
public RC2KeyGenerator() {
- SunJCE.ensureIntegrity(getClass());
core = new KeyGeneratorCore("RC2", 128);
}
protected void engineInit(SecureRandom random) {
@@ -201,7 +197,6 @@ final class KeyGeneratorCore {
public static final class ARCFOURKeyGenerator extends KeyGeneratorSpi {
private final KeyGeneratorCore core;
public ARCFOURKeyGenerator() {
- SunJCE.ensureIntegrity(getClass());
core = new KeyGeneratorCore("ARCFOUR", 128);
}
protected void engineInit(SecureRandom random) {
diff --git a/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java b/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java
index 23478f8fc0e8ab375d292ef5518dc1d84f5a931f..f86dad561bf0ce63588dfe1bd44d9b0389962feb 100644
--- a/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java
+++ b/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -49,16 +49,9 @@ abstract class PBEKeyFactory extends SecretKeyFactorySpi {
private static HashSet validTypes;
/**
- * Verify the SunJCE provider in the constructor.
- *
- * @exception SecurityException if fails to verify
- * its own integrity
+ * Simple constructor
*/
private PBEKeyFactory(String keytype) {
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have " +
- "been tampered.");
- }
type = keytype;
}
diff --git a/src/share/classes/com/sun/crypto/provider/PBEWithMD5AndDESCipher.java b/src/share/classes/com/sun/crypto/provider/PBEWithMD5AndDESCipher.java
index 1bf6d6f89e2bab8dcfd89ae2dbdac6b6e6ab068b..8eec23d39981d2f745d928a30b0735d94acceb1b 100644
--- a/src/share/classes/com/sun/crypto/provider/PBEWithMD5AndDESCipher.java
+++ b/src/share/classes/com/sun/crypto/provider/PBEWithMD5AndDESCipher.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -55,16 +55,9 @@ public final class PBEWithMD5AndDESCipher extends CipherSpi {
* unavailable
* @exception NoSuchPaddingException if the required padding mechanism
* (PKCS5Padding) is unavailable
- *
- * @exception SecurityException if this constructor fails to verify
- * its own integrity
*/
public PBEWithMD5AndDESCipher()
throws NoSuchAlgorithmException, NoSuchPaddingException {
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have " +
- "been tampered.");
- }
core = new PBECipherCore("DES");
}
diff --git a/src/share/classes/com/sun/crypto/provider/PBEWithMD5AndTripleDESCipher.java b/src/share/classes/com/sun/crypto/provider/PBEWithMD5AndTripleDESCipher.java
index 7af04b6d81046c1011c52e4e1b91f76deffc716f..c121bd12bfc8badb20a93cd5df5d3230a8d401b0 100644
--- a/src/share/classes/com/sun/crypto/provider/PBEWithMD5AndTripleDESCipher.java
+++ b/src/share/classes/com/sun/crypto/provider/PBEWithMD5AndTripleDESCipher.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1998-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -61,23 +61,14 @@ public final class PBEWithMD5AndTripleDESCipher extends CipherSpi {
* Creates an instance of this cipher, and initializes its mode (CBC) and
* padding (PKCS5).
*
- * Verify the SunJCE provider in the constructor.
- *
* @exception NoSuchAlgorithmException if the required cipher mode (CBC) is
* unavailable
* @exception NoSuchPaddingException if the required padding mechanism
* (PKCS5Padding) is unavailable
- * @exception SecurityException if fails to verify
- * its own integrity
*/
public PBEWithMD5AndTripleDESCipher()
throws NoSuchAlgorithmException, NoSuchPaddingException
{
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have " +
- "been tampered.");
- }
-
// set the encapsulated cipher to do triple DES
core = new PBECipherCore("DESede");
}
diff --git a/src/share/classes/com/sun/crypto/provider/PBKDF2HmacSHA1Factory.java b/src/share/classes/com/sun/crypto/provider/PBKDF2HmacSHA1Factory.java
index 9ba53036a5e12cbe5d76192b4b436aabd967b5d9..205e38cf729204bceffd9963534c1fbdfe11546d 100644
--- a/src/share/classes/com/sun/crypto/provider/PBKDF2HmacSHA1Factory.java
+++ b/src/share/classes/com/sun/crypto/provider/PBKDF2HmacSHA1Factory.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2005-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2005-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -45,16 +45,9 @@ import javax.crypto.spec.SecretKeySpec;
public final class PBKDF2HmacSHA1Factory extends SecretKeyFactorySpi {
/**
- * Verify the SunJCE provider in the constructor.
- *
- * @exception SecurityException if fails to verify
- * its own integrity
+ * Empty constructor
*/
public PBKDF2HmacSHA1Factory() {
- if (!SunJCE.verifySelfIntegrity(this.getClass())) {
- throw new SecurityException("The SunJCE provider may have " +
- "been tampered.");
- }
}
/**
diff --git a/src/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java b/src/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java
index 277a7b30045beedff0ecebd62aed3829ebfc2740..ba7e7fec4f25868c326463f0b7a844f651cc995a 100644
--- a/src/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java
+++ b/src/share/classes/com/sun/crypto/provider/PKCS12PBECipherCore.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2003-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -370,7 +370,6 @@ final class PKCS12PBECipherCore {
public static final class PBEWithSHA1AndDESede extends CipherSpi {
private final PKCS12PBECipherCore core;
public PBEWithSHA1AndDESede() throws NoSuchAlgorithmException {
- SunJCE.ensureIntegrity(this.getClass());
core = new PKCS12PBECipherCore("DESede", 24);
}
protected byte[] engineDoFinal(byte[] in, int inOff, int inLen)
@@ -446,7 +445,6 @@ final class PKCS12PBECipherCore {
public static final class PBEWithSHA1AndRC2_40 extends CipherSpi {
private final PKCS12PBECipherCore core;
public PBEWithSHA1AndRC2_40() throws NoSuchAlgorithmException {
- SunJCE.ensureIntegrity(this.getClass());
core = new PKCS12PBECipherCore("RC2", 5);
}
protected byte[] engineDoFinal(byte[] in, int inOff, int inLen)
diff --git a/src/share/classes/com/sun/crypto/provider/RC2Cipher.java b/src/share/classes/com/sun/crypto/provider/RC2Cipher.java
index c96d07f726a78a8c81e7937512740f254153a774..d119a0688cd7cf27f58c5b5571d8199c0c713aaf 100644
--- a/src/share/classes/com/sun/crypto/provider/RC2Cipher.java
+++ b/src/share/classes/com/sun/crypto/provider/RC2Cipher.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2003-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -45,7 +45,6 @@ public final class RC2Cipher extends CipherSpi {
private final RC2Crypt embeddedCipher;
public RC2Cipher() {
- SunJCE.ensureIntegrity(getClass());
embeddedCipher = new RC2Crypt();
core = new CipherCore(embeddedCipher, 8);
}
diff --git a/src/share/classes/com/sun/crypto/provider/RSACipher.java b/src/share/classes/com/sun/crypto/provider/RSACipher.java
index e5c6c019e0f64057d38554e4e990d67d4040e75a..9f5179e3325754c40870641f296675345f12d750 100644
--- a/src/share/classes/com/sun/crypto/provider/RSACipher.java
+++ b/src/share/classes/com/sun/crypto/provider/RSACipher.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2003-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -111,7 +111,6 @@ public final class RSACipher extends CipherSpi {
private String oaepHashAlgorithm = "SHA-1";
public RSACipher() {
- SunJCE.ensureIntegrity(getClass());
paddingType = PAD_PKCS1;
}
diff --git a/src/share/classes/com/sun/crypto/provider/SslMacCore.java b/src/share/classes/com/sun/crypto/provider/SslMacCore.java
index 7756e73ce77237d1fac1c03eb44d75e9faf6c527..8046a22ed711874f964b56d4903c8691e966c067 100644
--- a/src/share/classes/com/sun/crypto/provider/SslMacCore.java
+++ b/src/share/classes/com/sun/crypto/provider/SslMacCore.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2005-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2005-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -226,9 +226,6 @@ final class SslMacCore {
static final byte[] md5Pad1 = genPad((byte)0x36, 48);
static final byte[] md5Pad2 = genPad((byte)0x5c, 48);
- static {
- SunJCE.ensureIntegrity(SslMacMD5.class);
- }
}
// nested static class for the SslMacMD5 implementation
@@ -262,9 +259,6 @@ final class SslMacCore {
static final byte[] shaPad1 = genPad((byte)0x36, 40);
static final byte[] shaPad2 = genPad((byte)0x5c, 40);
- static {
- SunJCE.ensureIntegrity(SslMacSHA1.class);
- }
}
}
diff --git a/src/share/classes/com/sun/crypto/provider/SunJCE.java b/src/share/classes/com/sun/crypto/provider/SunJCE.java
index 13691b0167b55e8f9d131d7c95380663666d10ff..af46b030a6fd4f4226869f953cc3713137dfa288 100644
--- a/src/share/classes/com/sun/crypto/provider/SunJCE.java
+++ b/src/share/classes/com/sun/crypto/provider/SunJCE.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -93,10 +93,6 @@ public final class SunJCE extends Provider {
static final SecureRandom RANDOM = new SecureRandom();
- // After the SunJCE passed self-integrity checking,
- // verifiedSelfIntegrity will be set to true.
- private static boolean verifiedSelfIntegrity = false;
-
public SunJCE() {
/* We are the "SunJCE" provider */
super("SunJCE", 1.7d, info);
@@ -441,21 +437,4 @@ public final class SunJCE extends Provider {
}
});
}
-
- // set to true once self verification is complete
- private static volatile boolean integrityVerified;
-
- static void ensureIntegrity(Class c) {
- if (verifySelfIntegrity(c) == false) {
- throw new SecurityException("The SunJCE provider may have " +
- "been tampered.");
- }
- }
-
- static final boolean verifySelfIntegrity(Class c) {
- if (verifiedSelfIntegrity) {
- return true;
- }
- return (integrityVerified = JarVerifier.verify(c));
- }
}
diff --git a/src/share/classes/com/sun/crypto/provider/TlsKeyMaterialGenerator.java b/src/share/classes/com/sun/crypto/provider/TlsKeyMaterialGenerator.java
index 260fdd8a946ecfca3e174fd7281ffe8847b16be1..8f27f74c6ee449d89ffb8e12e8fdd71fb2d49f4e 100644
--- a/src/share/classes/com/sun/crypto/provider/TlsKeyMaterialGenerator.java
+++ b/src/share/classes/com/sun/crypto/provider/TlsKeyMaterialGenerator.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2005-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2005-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -52,7 +52,6 @@ public final class TlsKeyMaterialGenerator extends KeyGeneratorSpi {
private int protocolVersion;
public TlsKeyMaterialGenerator() {
- SunJCE.ensureIntegrity(getClass());
}
protected void engineInit(SecureRandom random) {
diff --git a/src/share/classes/com/sun/crypto/provider/TlsMasterSecretGenerator.java b/src/share/classes/com/sun/crypto/provider/TlsMasterSecretGenerator.java
index ad47dda2d324c5e63b746a9e787272fc4876fc9e..d56c3b9afc6cf2850442eeae9ec41f28b7639be9 100644
--- a/src/share/classes/com/sun/crypto/provider/TlsMasterSecretGenerator.java
+++ b/src/share/classes/com/sun/crypto/provider/TlsMasterSecretGenerator.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2005-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2005-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -51,7 +51,6 @@ public final class TlsMasterSecretGenerator extends KeyGeneratorSpi {
private int protocolVersion;
public TlsMasterSecretGenerator() {
- SunJCE.ensureIntegrity(getClass());
}
protected void engineInit(SecureRandom random) {
diff --git a/src/share/classes/com/sun/crypto/provider/TlsPrfGenerator.java b/src/share/classes/com/sun/crypto/provider/TlsPrfGenerator.java
index 5306a720fc52f2c97822b323b1c5d0df613ee7f4..f2c885f5a3004d2616001a25af8658ca7606dcf2 100644
--- a/src/share/classes/com/sun/crypto/provider/TlsPrfGenerator.java
+++ b/src/share/classes/com/sun/crypto/provider/TlsPrfGenerator.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2005-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2005-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -109,7 +109,6 @@ public final class TlsPrfGenerator extends KeyGeneratorSpi {
private TlsPrfParameterSpec spec;
public TlsPrfGenerator() {
- SunJCE.ensureIntegrity(getClass());
}
protected void engineInit(SecureRandom random) {
diff --git a/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java b/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java
index 6986dec21ce05bd7bd14dca0ad2036158c8c14bd..742d3e1bdfdefc141f7b6c9186bac5a9db613138 100644
--- a/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java
+++ b/src/share/classes/com/sun/crypto/provider/TlsRsaPremasterSecretGenerator.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2005-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2005-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -48,7 +48,6 @@ public final class TlsRsaPremasterSecretGenerator extends KeyGeneratorSpi {
private SecureRandom random;
public TlsRsaPremasterSecretGenerator() {
- SunJCE.ensureIntegrity(getClass());
}
protected void engineInit(SecureRandom random) {
diff --git a/src/share/classes/javax/crypto/JarVerifier.java b/src/share/classes/javax/crypto/JarVerifier.java
index 376761012dc592e03d2ec1c7a3baa5c58e976f37..03f80839f905a62720eed36c38cc7a14547a013c 100644
--- a/src/share/classes/javax/crypto/JarVerifier.java
+++ b/src/share/classes/javax/crypto/JarVerifier.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2007-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -28,9 +28,7 @@ package javax.crypto;
import java.io.*;
import java.net.*;
import java.security.*;
-import java.util.*;
import java.util.jar.*;
-import javax.crypto.CryptoPolicyParser.ParsingException;
/**
* This class verifies JAR files (and any supporting JAR files), and
@@ -134,17 +132,6 @@ final class JarVerifier {
}
}
- /**
- * Verify that the provided JarEntry was indeed signed by the
- * framework signing certificate.
- *
- * @param je the URL of the jar entry to be checked.
- * @throws Exception if the jar entry was not signed by
- * the proper certificate
- */
- static void verifyFrameworkSigned(URL je) throws Exception {
- }
-
/**
* Verify that the provided certs include the
* framework signing certificate.
diff --git a/src/share/classes/javax/crypto/JceSecurity.java b/src/share/classes/javax/crypto/JceSecurity.java
index 11b124ac00a998574444cb8d74477bc4df194700..b204f384337fde53453a4b2760bbe161c2543bc3 100644
--- a/src/share/classes/javax/crypto/JceSecurity.java
+++ b/src/share/classes/javax/crypto/JceSecurity.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -25,7 +25,6 @@
package javax.crypto;
-import java.lang.ref.*;
import java.util.*;
import java.util.jar.*;
import java.io.*;
@@ -256,11 +255,6 @@ final class JceSecurity {
("Cannot locate policy or framework files!");
}
- // Enforce the signer restraint, i.e. signer of JCE framework
- // jar should also be the signer of the two jurisdiction policy
- // jar files.
- JarVerifier.verifyFrameworkSigned(jceCipherURL);
-
// Read jurisdiction policies.
CryptoPermissions defaultExport = new CryptoPermissions();
CryptoPermissions exemptExport = new CryptoPermissions();
diff --git a/src/share/classes/sun/security/pkcs11/JarVerifier.java b/src/share/classes/sun/security/pkcs11/JarVerifier.java
deleted file mode 100644
index 092c5725dba54d698f334ae080dc74b5a15cb757..0000000000000000000000000000000000000000
--- a/src/share/classes/sun/security/pkcs11/JarVerifier.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Copyright 2007 Sun Microsystems, Inc. All Rights Reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation. Sun designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Sun in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
- * CA 95054 USA or visit www.sun.com if you need additional information or
- * have any questions.
- */
-
-package sun.security.pkcs11;
-
-// NOTE: this class is duplicated amongst SunJCE, SunPKCS11, and SunMSCAPI.
-// All files should be kept in sync.
-
-import java.io.*;
-import java.util.*;
-import java.util.jar.*;
-import java.net.URL;
-import java.net.JarURLConnection;
-import java.net.MalformedURLException;
-
-import java.security.*;
-import java.security.cert.*;
-import java.security.cert.Certificate;
-
-/**
- * This class verifies JAR files (and any supporting JAR files), and
- * determines whether they may be used in this implementation.
- *
- * The JCE in OpenJDK has an open cryptographic interface, meaning it
- * does not restrict which providers can be used. Compliance with
- * United States export controls and with local law governing the
- * import/export of products incorporating the JCE in the OpenJDK is
- * the responsibility of the licensee.
- *
- * @since 1.7
- */
-final class JarVerifier {
-
- private static final boolean debug = false;
-
- /**
- * Verify the JAR file is signed by an entity which has a certificate
- * issued by a trusted CA.
- *
- * Note: this is a temporary method and will change soon to use the
- * exception chaining mechanism, which can provide more details
- * as to why the verification failed.
- *
- * @param c the class to be verified.
- * @return true if verification is successful.
- */
- static boolean verify(final Class c) {
- return true;
- }
-}
diff --git a/src/share/classes/sun/security/pkcs11/SunPKCS11.java b/src/share/classes/sun/security/pkcs11/SunPKCS11.java
index 6d0e045f2ee811256082a798714ce4ec67b3af71..674092e16178b15c10a2b0f66a6307d656c85871 100644
--- a/src/share/classes/sun/security/pkcs11/SunPKCS11.java
+++ b/src/share/classes/sun/security/pkcs11/SunPKCS11.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -390,24 +390,6 @@ public final class SunPKCS11 extends AuthProvider {
return sb.toString();
}
- // set to true once self verification is complete
- private static volatile boolean integrityVerified;
-
- static void verifySelfIntegrity(Class c) {
- if (integrityVerified) {
- return;
- }
- doVerifySelfIntegrity(c);
- }
-
- private static synchronized void doVerifySelfIntegrity(Class c) {
- integrityVerified = JarVerifier.verify(c);
- if (integrityVerified == false) {
- throw new ProviderException
- ("The SunPKCS11 provider may have been tampered with.");
- }
- }
-
public boolean equals(Object obj) {
return this == obj;
}
@@ -923,7 +905,6 @@ public final class SunPKCS11 extends AuthProvider {
if (type == MD) {
return new P11Digest(token, algorithm, mechanism);
} else if (type == CIP) {
- verifySelfIntegrity(getClass());
if (algorithm.startsWith("RSA")) {
return new P11RSACipher(token, algorithm, mechanism);
} else {
@@ -932,12 +913,10 @@ public final class SunPKCS11 extends AuthProvider {
} else if (type == SIG) {
return new P11Signature(token, algorithm, mechanism);
} else if (type == MAC) {
- verifySelfIntegrity(getClass());
return new P11Mac(token, algorithm, mechanism);
} else if (type == KPG) {
return new P11KeyPairGenerator(token, algorithm, mechanism);
} else if (type == KA) {
- verifySelfIntegrity(getClass());
if (algorithm.equals("ECDH")) {
return new P11ECDHKeyAgreement(token, algorithm, mechanism);
} else {
@@ -946,11 +925,8 @@ public final class SunPKCS11 extends AuthProvider {
} else if (type == KF) {
return token.getKeyFactory(algorithm);
} else if (type == SKF) {
- verifySelfIntegrity(getClass());
return new P11SecretKeyFactory(token, algorithm);
} else if (type == KG) {
- verifySelfIntegrity(getClass());
-
// reference equality
if (algorithm == "SunTlsRsaPremasterSecret") {
return new P11TlsRsaPremasterSecretGenerator(
diff --git a/src/windows/classes/sun/security/mscapi/JarVerifier.java b/src/windows/classes/sun/security/mscapi/JarVerifier.java
deleted file mode 100644
index 1fcd6c997aeca9fe7473f59f08416ef59e2b5609..0000000000000000000000000000000000000000
--- a/src/windows/classes/sun/security/mscapi/JarVerifier.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * Copyright 2007 Sun Microsystems, Inc. All Rights Reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation. Sun designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Sun in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
- * CA 95054 USA or visit www.sun.com if you need additional information or
- * have any questions.
- */
-
-
-package sun.security.mscapi;
-
-// NOTE: this class is duplicated amongst SunJCE, SunPKCS11, and SunMSCAPI.
-// All files should be kept in sync.
-
-import java.io.*;
-import java.util.*;
-import java.util.jar.*;
-import java.net.URL;
-import java.net.JarURLConnection;
-import java.net.MalformedURLException;
-
-import java.security.*;
-import java.security.cert.*;
-import java.security.cert.Certificate;
-
-/**
- * This class verifies JAR files (and any supporting JAR files), and
- * determines whether they may be used in this implementation.
- *
- * The JCE in OpenJDK has an open cryptographic interface, meaning it
- * does not restrict which providers can be used. Compliance with
- * United States export controls and with local law governing the
- * import/export of products incorporating the JCE in the OpenJDK is
- * the responsibility of the licensee.
- *
- * @since 1.7
- */
-final class JarVerifier {
-
- private static final boolean debug = false;
-
- /**
- * Verify the JAR file is signed by an entity which has a certificate
- * issued by a trusted CA.
- *
- * Note: this is a temporary method and will change soon to use the
- * exception chaining mechanism, which can provide more details
- * as to why the verification failed.
- *
- * @param c the class to be verified.
- * @return true if verification is successful.
- */
- static boolean verify(final Class c) {
- return true;
- }
-}
diff --git a/src/windows/classes/sun/security/mscapi/RSACipher.java b/src/windows/classes/sun/security/mscapi/RSACipher.java
index 06a82c5cdde8b88e4ded6f83effa2a4d01afc4a0..9a4a01c7cd6f877a72f131886d75246eaee1cdb0 100644
--- a/src/windows/classes/sun/security/mscapi/RSACipher.java
+++ b/src/windows/classes/sun/security/mscapi/RSACipher.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2005-2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2005-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -93,7 +93,6 @@ public final class RSACipher extends CipherSpi {
private sun.security.mscapi.Key privateKey;
public RSACipher() {
- SunMSCAPI.verifySelfIntegrity(getClass());
paddingType = PAD_PKCS1;
}
diff --git a/src/windows/classes/sun/security/mscapi/SunMSCAPI.java b/src/windows/classes/sun/security/mscapi/SunMSCAPI.java
index 4dcf217117d0c57c769ca56a1784d5fc1a9495e3..009406c60c9b5e5df1ce56fd7be69495ffbdae46 100644
--- a/src/windows/classes/sun/security/mscapi/SunMSCAPI.java
+++ b/src/windows/classes/sun/security/mscapi/SunMSCAPI.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2005-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2005-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -117,22 +117,4 @@ public final class SunMSCAPI extends Provider {
AccessController.doPrivileged(new PutAllAction(this, map));
}
}
-
- // set to true once self verification is complete
- private static volatile boolean integrityVerified;
-
- static void verifySelfIntegrity(Class c) {
- if (integrityVerified) {
- return;
- }
- doVerifySelfIntegrity(c);
- }
-
- private static synchronized void doVerifySelfIntegrity(Class c) {
- integrityVerified = JarVerifier.verify(c);
- if (integrityVerified == false) {
- throw new ProviderException
- ("The SunMSCAPI provider may have been tampered with.");
- }
- }
}