diff --git a/src/macosx/classes/apple/security/KeychainStore.java b/src/macosx/classes/apple/security/KeychainStore.java index c6c771a244c690d6701a174628562190929b616b..59d6de7320b7eb34774f0710f5d6405ce5913532 100644 --- a/src/macosx/classes/apple/security/KeychainStore.java +++ b/src/macosx/classes/apple/security/KeychainStore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2011, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -102,6 +102,8 @@ public final class KeychainStore extends KeyStoreSpi { private static final int iterationCount = 1024; private static final int SALT_LEN = 20; + private static final Debug debug = Debug.getInstance("keystore"); + static { AccessController.doPrivileged( new PrivilegedAction() { @@ -771,6 +773,10 @@ public final class KeychainStore extends KeyStoreSpi { entries.clear(); _scanKeychain(); + if (debug != null) { + debug.println("KeychainStore load entry count: " + + entries.size()); + } } } diff --git a/src/share/classes/com/sun/crypto/provider/JceKeyStore.java b/src/share/classes/com/sun/crypto/provider/JceKeyStore.java index d47f5a9c9fd48347e7bbc07d0c10a74f4731442f..a3e9909c7c0bf9430612560f62ebc816618ec621 100644 --- a/src/share/classes/com/sun/crypto/provider/JceKeyStore.java +++ b/src/share/classes/com/sun/crypto/provider/JceKeyStore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,6 +25,8 @@ package com.sun.crypto.provider; +import sun.security.util.Debug; + import java.io.*; import java.util.*; import java.security.AccessController; @@ -61,6 +63,7 @@ import sun.misc.ObjectInputFilter; public final class JceKeyStore extends KeyStoreSpi { + private static final Debug debug = Debug.getInstance("keystore"); private static final int JCEKS_MAGIC = 0xcececece; private static final int JKS_MAGIC = 0xfeedfeed; private static final int VERSION_1 = 0x01; @@ -682,6 +685,7 @@ public final class JceKeyStore extends KeyStoreSpi { Hashtable cfs = null; ByteArrayInputStream bais = null; byte[] encoded = null; + int trustedKeyCount = 0, privateKeyCount = 0, secretKeyCount = 0; if (stream == null) return; @@ -728,7 +732,7 @@ public final class JceKeyStore extends KeyStoreSpi { tag = dis.readInt(); if (tag == 1) { // private-key entry - + privateKeyCount++; PrivateKeyEntry entry = new PrivateKeyEntry(); // read the alias @@ -788,7 +792,7 @@ public final class JceKeyStore extends KeyStoreSpi { entries.put(alias, entry); } else if (tag == 2) { // trusted certificate entry - + trustedKeyCount++; TrustedCertEntry entry = new TrustedCertEntry(); // read the alias @@ -827,7 +831,7 @@ public final class JceKeyStore extends KeyStoreSpi { entries.put(alias, entry); } else if (tag == 3) { // secret-key entry - + secretKeyCount++; SecretKeyEntry entry = new SecretKeyEntry(); // read the alias @@ -860,10 +864,18 @@ public final class JceKeyStore extends KeyStoreSpi { entries.put(alias, entry); } else { - throw new IOException("Unrecognized keystore entry"); + throw new IOException("Unrecognized keystore entry: " + + tag); } } + if (debug != null) { + debug.println("JceKeyStore load: private key count: " + + privateKeyCount + ". trusted key count: " + + trustedKeyCount + ". secret key count: " + + secretKeyCount); + } + /* * If a password has been provided, we check the keyed digest * at the end. If this check fails, the store has been tampered diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheNodeSetData.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheNodeSetData.java index 7b0f23ed53043648570f9e0efa18f4ecfc92ac6b..8cbcaba56feb677566790b384e347aade3cdb385 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheNodeSetData.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/ApacheNodeSetData.java @@ -21,7 +21,7 @@ * under the License. */ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. */ /* * $Id: ApacheNodeSetData.java 1203890 2011-11-18 22:47:56Z mullan $ @@ -47,7 +47,7 @@ public class ApacheNodeSetData implements ApacheData, NodeSetData { this.xi = xi; } - public Iterator iterator() { + public Iterator iterator() { // If nodefilters are set, must execute them first to create node-set if (xi.getNodeFilters() != null && !xi.getNodeFilters().isEmpty()) { return Collections.unmodifiableSet diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfo.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfo.java index 61e511a8fc8b5abefd819f21724b98269c3168c1..eafbf6232931603d056a0b4bfd657577bf596a30 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfo.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfo.java @@ -21,7 +21,7 @@ * under the License. */ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. */ /* * $Id: DOMKeyInfo.java 1333869 2012-05-04 10:42:44Z coheigea $ @@ -138,7 +138,7 @@ public final class DOMKeyInfo extends DOMStructure implements KeyInfo { return id; } - public List getContent() { + public List getContent() { return keyInfoTypes; } diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfoFactory.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfoFactory.java index c241d68c2d75cdb99566d0c04c3b87680216a98a..45b5620ed5da47d1c6f1c498c2565ea6b02e5d13 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfoFactory.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyInfoFactory.java @@ -21,7 +21,7 @@ * under the License. */ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. */ /* * $Id: DOMKeyInfoFactory.java 1333869 2012-05-04 10:42:44Z coheigea $ @@ -48,11 +48,12 @@ public final class DOMKeyInfoFactory extends KeyInfoFactory { public DOMKeyInfoFactory() { } + @SuppressWarnings("rawtypes") public KeyInfo newKeyInfo(List content) { return newKeyInfo(content, null); } - @SuppressWarnings("unchecked") + @SuppressWarnings({ "unchecked", "rawtypes" }) public KeyInfo newKeyInfo(List content, String id) { return new DOMKeyInfo(content, id); } @@ -78,12 +79,12 @@ public final class DOMKeyInfoFactory extends KeyInfoFactory { return newPGPData(keyId, null, null); } - @SuppressWarnings("unchecked") + @SuppressWarnings({ "unchecked", "rawtypes" }) public PGPData newPGPData(byte[] keyId, byte[] keyPacket, List other) { return new DOMPGPData(keyId, keyPacket, other); } - @SuppressWarnings("unchecked") + @SuppressWarnings({ "unchecked", "rawtypes" }) public PGPData newPGPData(byte[] keyPacket, List other) { return new DOMPGPData(keyPacket, other); } @@ -92,7 +93,7 @@ public final class DOMKeyInfoFactory extends KeyInfoFactory { return newRetrievalMethod(uri, null, null); } - @SuppressWarnings("unchecked") + @SuppressWarnings({ "unchecked", "rawtypes" }) public RetrievalMethod newRetrievalMethod(String uri, String type, List transforms) { if (uri == null) { @@ -101,7 +102,7 @@ public final class DOMKeyInfoFactory extends KeyInfoFactory { return new DOMRetrievalMethod(uri, type, transforms); } - @SuppressWarnings("unchecked") + @SuppressWarnings("rawtypes") public X509Data newX509Data(List content) { return new DOMX509Data(content); } diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyValue.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyValue.java index 0dfc5dbe7e27c42b78e1a151b48ad0c1277d8eac..61aa8a6b2463e496cb48d783baa6e5e27443e941 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyValue.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMKeyValue.java @@ -21,7 +21,7 @@ * under the License. */ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. */ /* * $Id: DOMKeyValue.java 1333415 2012-05-03 12:03:51Z coheigea $ @@ -364,15 +364,16 @@ public abstract class DOMKeyValue extends DOMStructure implements KeyValue { } void getMethods() throws ClassNotFoundException, NoSuchMethodException { - Class c = Class.forName("sun.security.ec.ECParameters"); - Class[] params = new Class[] { ECPoint.class, EllipticCurve.class }; + Class c = Class.forName("sun.security.ec.ECParameters"); + Class[] params = new Class[] { ECPoint.class, + EllipticCurve.class }; encodePoint = c.getMethod("encodePoint", params); - params = new Class[] { ECParameterSpec.class }; + params = new Class[] { ECParameterSpec.class }; getCurveName = c.getMethod("getCurveName", params); - params = new Class[] { byte[].class, EllipticCurve.class }; + params = new Class[] { byte[].class, EllipticCurve.class }; decodePoint = c.getMethod("decodePoint", params); c = Class.forName("sun.security.ec.NamedCurve"); - params = new Class[] { String.class }; + params = new Class[] { String.class }; getECParameterSpec = c.getMethod("getECParameterSpec", params); } diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMManifest.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMManifest.java index d8fc21c34312e3ee45dadf9e3f2e34b1a857edc4..c3cf5d203b04577d2b8caa16c211cec75de06140 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMManifest.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMManifest.java @@ -128,7 +128,12 @@ public final class DOMManifest extends DOMStructure implements Manifest { return id; } - public List getReferences() { + @SuppressWarnings("unchecked") + static List getManifestReferences(Manifest mf) { + return mf.getReferences(); + } + + public List getReferences() { return references; } diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMPGPData.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMPGPData.java index 85d52f4b4c46288e73a34823800fafb55b6eb6f6..43a1e7153d57e027ae56c88097da0489345a7bd7 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMPGPData.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMPGPData.java @@ -21,7 +21,7 @@ * under the License. */ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. */ /* * $Id: DOMPGPData.java 1203846 2011-11-18 21:18:17Z mullan $ @@ -184,7 +184,7 @@ public final class DOMPGPData extends DOMStructure implements PGPData { return (keyPacket == null ? null : (byte[])keyPacket.clone()); } - public List getExternalElements() { + public List getExternalElements() { return externalElements; } diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java index dbb9be5e2e2be86784c45b94ee76c9e3d52f0abd..f112f9e843a1f9f685d339d755610fc96e726125 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java @@ -288,7 +288,7 @@ public final class DOMReference extends DOMStructure return type; } - public List getTransforms() { + public List getTransforms() { return Collections.unmodifiableList(allTransforms); } @@ -638,7 +638,7 @@ public final class DOMReference extends DOMStructure try { final Set s = xsi.getNodeSet(); return new NodeSetData() { - public Iterator iterator() { return s.iterator(); } + public Iterator iterator() { return s.iterator(); } }; } catch (Exception e) { // log a warning diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java index 73d801970b2d173bf0edcf7cae1792a1348315fe..e50a5f19debd504c7ea7a6fb012afcf1dd51fa2b 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMRetrievalMethod.java @@ -178,7 +178,7 @@ public final class DOMRetrievalMethod extends DOMStructure return type; } - public List getTransforms() { + public List getTransforms() { return transforms; } @@ -247,7 +247,7 @@ public final class DOMRetrievalMethod extends DOMStructure if ((data instanceof NodeSetData) && Utils.secureValidation(context) && Policy.restrictRetrievalMethodLoops()) { NodeSetData nsd = (NodeSetData)data; - Iterator i = nsd.iterator(); + Iterator i = nsd.iterator(); if (i.hasNext()) { Node root = (Node)i.next(); if ("RetrievalMethod".equals(root.getLocalName())) { diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java index c953cae200bf061c0f9fb23c17aaa0458ce57d3e..26389e9b7aec001b83daceedadc56ba20c41945f 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperties.java @@ -21,7 +21,7 @@ * under the License. */ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. */ /* * $Id: DOMSignatureProperties.java 1333415 2012-05-03 12:03:51Z coheigea $ @@ -125,7 +125,7 @@ public final class DOMSignatureProperties extends DOMStructure } } - public List getProperties() { + public List getProperties() { return properties; } diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperty.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperty.java index b09b21c4a25c7c1d9051017702807f37aff63527..11d2e679ebf09e5ee892eac2aa1be68aa9d664e8 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperty.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignatureProperty.java @@ -21,7 +21,7 @@ * under the License. */ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. */ /* * $Id: DOMSignatureProperty.java 1333415 2012-05-03 12:03:51Z coheigea $ @@ -123,7 +123,7 @@ public final class DOMSignatureProperty extends DOMStructure } } - public List getContent() { + public List getContent() { return content; } diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java index 3e2f799f86142ba4ebc712860ade9beba9b1c1f2..7fef580355631c8c54727e5a3568a531371be48e 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java @@ -193,7 +193,7 @@ public final class DOMSignedInfo extends DOMStructure implements SignedInfo { return id; } - public List getReferences() { + public List getReferences() { return references; } diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSubTreeData.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSubTreeData.java index 9119260c55c149bde31f68b8ea4aad0b96ba8e1c..c0ac945b893ee9756f57b16a39f0e7956451e6b2 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSubTreeData.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSubTreeData.java @@ -21,7 +21,7 @@ * under the License. */ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. */ /* * $Id$ @@ -54,7 +54,7 @@ public class DOMSubTreeData implements NodeSetData { this.excludeComments = excludeComments; } - public Iterator iterator() { + public Iterator iterator() { return new DelayedNodeIterator(root, excludeComments); } diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509Data.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509Data.java index e701ff17e898b7c8e58d26fda238b56516c895ec..72740c709bc9a1aa410303a2467a4a9311894245 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509Data.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMX509Data.java @@ -21,7 +21,7 @@ * under the License. */ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. */ /* * $Id: DOMX509Data.java 1333415 2012-05-03 12:03:51Z coheigea $ @@ -135,7 +135,7 @@ public final class DOMX509Data extends DOMStructure implements X509Data { this.content = Collections.unmodifiableList(content); } - public List getContent() { + public List getContent() { return content; } diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLObject.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLObject.java index 4fa5f56b57d2e65a6373e8208ce5aca6313535fb..7abd1e6352385d50f99660cdb4c1a2753f44d968 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLObject.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLObject.java @@ -21,7 +21,7 @@ * under the License. */ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. */ /* * $Id: DOMXMLObject.java 1333415 2012-05-03 12:03:51Z coheigea $ @@ -139,7 +139,7 @@ public final class DOMXMLObject extends DOMStructure implements XMLObject { this.objectElem = objElem; } - public List getContent() { + public List getContent() { return content; } diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java index 0fbe0df162c1a132f5398e01e2544bc08816f0f6..95f5cc6455c7eb56e4d14c6a4c14cfeac95f6b14 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignature.java @@ -21,7 +21,7 @@ * under the License. */ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. */ /* * =========================================================================== @@ -188,7 +188,7 @@ public final class DOMXMLSignature extends DOMStructure return si; } - public List getObjects() { + public List getObjects() { return objects; } @@ -471,7 +471,8 @@ public final class DOMXMLSignature extends DOMStructure digestReference((DOMReference)xs, signContext); } else if (xs instanceof Manifest) { Manifest man = (Manifest)xs; - List manRefs = man.getReferences(); + List manRefs = + DOMManifest.getManifestReferences(man); for (int i = 0, size = manRefs.size(); i < size; i++) { digestReference((DOMReference)manRefs.get(i), signContext); diff --git a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java index b2ca7ee7d48dff9c589a6072943f4e75cc5a7d38..0e63028c777c8fe5ff0db7cbb6e8ab71720e393e 100644 --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java @@ -58,7 +58,7 @@ public final class DOMXMLSignatureFactory extends XMLSignatureFactory { return new DOMXMLSignature(si, ki, null, null, null); } - @SuppressWarnings("unchecked") + @SuppressWarnings({ "unchecked", "rawtypes" }) public XMLSignature newXMLSignature(SignedInfo si, KeyInfo ki, List objects, String id, String signatureValueId) { return new DOMXMLSignature(si, ki, objects, id, signatureValueId); @@ -68,13 +68,13 @@ public final class DOMXMLSignatureFactory extends XMLSignatureFactory { return newReference(uri, dm, null, null, null); } - @SuppressWarnings("unchecked") + @SuppressWarnings({ "unchecked", "rawtypes" }) public Reference newReference(String uri, DigestMethod dm, List transforms, String type, String id) { return new DOMReference(uri, type, dm, transforms, id, getProvider()); } - @SuppressWarnings("unchecked") + @SuppressWarnings({ "unchecked", "rawtypes" }) public Reference newReference(String uri, DigestMethod dm, List appliedTransforms, Data result, List transforms, String type, String id) { @@ -91,7 +91,7 @@ public final class DOMXMLSignatureFactory extends XMLSignatureFactory { (uri, type, dm, appliedTransforms, result, transforms, id, getProvider()); } - @SuppressWarnings("unchecked") + @SuppressWarnings({ "unchecked", "rawtypes" }) public Reference newReference(String uri, DigestMethod dm, List transforms, String type, String id, byte[] digestValue) { if (digestValue == null) { @@ -101,41 +101,41 @@ public final class DOMXMLSignatureFactory extends XMLSignatureFactory { (uri, type, dm, null, null, transforms, id, digestValue, getProvider()); } - @SuppressWarnings("unchecked") + @SuppressWarnings("rawtypes") public SignedInfo newSignedInfo(CanonicalizationMethod cm, SignatureMethod sm, List references) { return newSignedInfo(cm, sm, references, null); } - @SuppressWarnings("unchecked") + @SuppressWarnings({ "unchecked", "rawtypes" }) public SignedInfo newSignedInfo(CanonicalizationMethod cm, SignatureMethod sm, List references, String id) { return new DOMSignedInfo(cm, sm, references, id); } // Object factory methods - @SuppressWarnings("unchecked") + @SuppressWarnings({ "unchecked", "rawtypes" }) public XMLObject newXMLObject(List content, String id, String mimeType, String encoding) { return new DOMXMLObject(content, id, mimeType, encoding); } - @SuppressWarnings("unchecked") + @SuppressWarnings("rawtypes") public Manifest newManifest(List references) { return newManifest(references, null); } - @SuppressWarnings("unchecked") + @SuppressWarnings({ "unchecked", "rawtypes" }) public Manifest newManifest(List references, String id) { return new DOMManifest(references, id); } - @SuppressWarnings("unchecked") + @SuppressWarnings({ "unchecked", "rawtypes" }) public SignatureProperties newSignatureProperties(List props, String id) { return new DOMSignatureProperties(props, id); } - @SuppressWarnings("unchecked") + @SuppressWarnings({ "unchecked", "rawtypes" }) public SignatureProperty newSignatureProperty (List info, String target, String id) { return new DOMSignatureProperty(info, target, id); diff --git a/src/share/classes/sun/security/pkcs11/P11KeyStore.java b/src/share/classes/sun/security/pkcs11/P11KeyStore.java index aee9542537d175f82da74f8d9dc1544cbec4fa8d..b9449c9a2c357657200cc039ac45e5c960ded6d4 100644 --- a/src/share/classes/sun/security/pkcs11/P11KeyStore.java +++ b/src/share/classes/sun/security/pkcs11/P11KeyStore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -773,6 +773,8 @@ final class P11KeyStore extends KeyStoreSpi { } if (debug != null) { dumpTokenMap(); + debug.println("P11KeyStore load. Entry count: " + + aliasMap.size()); } } catch (KeyStoreException | PKCS11Exception e) { throw new IOException("load failed", e); diff --git a/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java b/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java index 07d8e98a045e4ef8e2b6b3556c164944d074b954..003f171f4cf37460242fe3c348db5a15f670c65b 100644 --- a/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java +++ b/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java @@ -2152,18 +2152,9 @@ public final class PKCS12KeyStore extends KeyStoreSpi { } if (debug != null) { - if (privateKeyCount > 0) { - debug.println("Loaded " + privateKeyCount + - " protected private key(s)"); - } - if (secretKeyCount > 0) { - debug.println("Loaded " + secretKeyCount + - " protected secret key(s)"); - } - if (certificateCount > 0) { - debug.println("Loaded " + certificateCount + - " certificate(s)"); - } + debug.println("PKCS12KeyStore load: private key count: " + + privateKeyCount + ". secret key count: " + secretKeyCount + + ". certificate count: " + certificateCount); } certEntries.clear(); diff --git a/src/share/classes/sun/security/provider/JavaKeyStore.java b/src/share/classes/sun/security/provider/JavaKeyStore.java index 409af47cdffa2ecd143957fd92d75ae7ac2bcec4..e3776a42e3adca4b5d2dbf34617327242cb3b7ed 100644 --- a/src/share/classes/sun/security/provider/JavaKeyStore.java +++ b/src/share/classes/sun/security/provider/JavaKeyStore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -35,6 +35,7 @@ import java.util.*; import sun.misc.IOUtils; import sun.security.pkcs.EncryptedPrivateKeyInfo; import sun.security.pkcs12.PKCS12KeyStore; +import sun.security.util.Debug; /** * This class provides the keystore implementation referred to as "JKS". @@ -73,6 +74,7 @@ abstract class JavaKeyStore extends KeyStoreSpi { } } + private static final Debug debug = Debug.getInstance("keystore"); private static final int MAGIC = 0xfeedfeed; private static final int VERSION_1 = 0x01; private static final int VERSION_2 = 0x02; @@ -642,6 +644,7 @@ abstract class JavaKeyStore extends KeyStoreSpi { Hashtable cfs = null; ByteArrayInputStream bais = null; byte[] encoded = null; + int trustedKeyCount = 0, privateKeyCount = 0; if (stream == null) return; @@ -680,7 +683,7 @@ abstract class JavaKeyStore extends KeyStoreSpi { tag = dis.readInt(); if (tag == 1) { // private key entry - + privateKeyCount++; KeyEntry entry = new KeyEntry(); // Read the alias @@ -729,7 +732,7 @@ abstract class JavaKeyStore extends KeyStoreSpi { entries.put(alias, entry); } else if (tag == 2) { // trusted certificate entry - + trustedKeyCount++; TrustedCertEntry entry = new TrustedCertEntry(); // Read the alias @@ -764,10 +767,16 @@ abstract class JavaKeyStore extends KeyStoreSpi { entries.put(alias, entry); } else { - throw new IOException("Unrecognized keystore entry"); + throw new IOException("Unrecognized keystore entry: " + + tag); } } + if (debug != null) { + debug.println("JavaKeyStore load: private key count: " + + privateKeyCount + ". trusted key count: " + trustedKeyCount); + } + /* * If a password has been provided, we check the keyed digest * at the end. If this check fails, the store has been tampered diff --git a/src/windows/classes/sun/security/mscapi/KeyStore.java b/src/windows/classes/sun/security/mscapi/KeyStore.java index 599b0db9d0f56daeac513bcd15a07141d7813430..6ad2ed08dca964f8d05c76a4e0a030490fdefe98 100644 --- a/src/windows/classes/sun/security/mscapi/KeyStore.java +++ b/src/windows/classes/sun/security/mscapi/KeyStore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -45,6 +45,8 @@ import java.util.*; import sun.security.action.GetPropertyAction; +import sun.security.util.Debug; + /** * Implementation of key store for Windows using the Microsoft Crypto API. * @@ -186,6 +188,7 @@ abstract class KeyStore extends KeyStoreSpi { private static final String KEYSTORE_COMPATIBILITY_MODE_PROP = "sun.security.mscapi.keyStoreCompatibilityMode"; private final boolean keyStoreCompatibilityMode; + private static final Debug debug = Debug.getInstance("keystore"); /* * The keystore entries. @@ -728,6 +731,11 @@ abstract class KeyStore extends KeyStoreSpi { } catch (KeyStoreException e) { throw new IOException(e); } + + if (debug != null) { + debug.println("MSCAPI keystore load: entry count: " + + entries.size()); + } } /**