Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
d364bdb8
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
d364bdb8
编写于
4月 03, 2020
作者:
W
weijun
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
8241379: Update JCEKS support
Reviewed-by: ahgross, mullan, rhalade
上级
c5d47660
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
22 addition
and
11 deletion
+22
-11
src/share/classes/com/sun/crypto/provider/JceKeyStore.java
src/share/classes/com/sun/crypto/provider/JceKeyStore.java
+22
-11
未找到文件。
src/share/classes/com/sun/crypto/provider/JceKeyStore.java
浏览文件 @
d364bdb8
/*
/*
* Copyright (c) 1998, 20
19
, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 20
20
, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
*
* This code is free software; you can redistribute it and/or modify it
* This code is free software; you can redistribute it and/or modify it
...
@@ -922,8 +922,6 @@ public final class JceKeyStore extends KeyStoreSpi {
...
@@ -922,8 +922,6 @@ public final class JceKeyStore extends KeyStoreSpi {
*/
*/
private
static
class
DeserializationChecker
implements
ObjectInputFilter
{
private
static
class
DeserializationChecker
implements
ObjectInputFilter
{
private
static
final
int
MAX_NESTED_DEPTH
=
2
;
// Full length of keystore, anything inside a SecretKeyEntry should not
// Full length of keystore, anything inside a SecretKeyEntry should not
// be bigger. Otherwise, must be illegal.
// be bigger. Otherwise, must be illegal.
private
final
int
fullLength
;
private
final
int
fullLength
;
...
@@ -936,16 +934,29 @@ public final class JceKeyStore extends KeyStoreSpi {
...
@@ -936,16 +934,29 @@ public final class JceKeyStore extends KeyStoreSpi {
public
ObjectInputFilter
.
Status
public
ObjectInputFilter
.
Status
checkInput
(
ObjectInputFilter
.
FilterInfo
info
)
{
checkInput
(
ObjectInputFilter
.
FilterInfo
info
)
{
// First run a custom filter
if
(
info
.
arrayLength
()
>
fullLength
)
{
long
nestedDepth
=
info
.
depth
();
if
((
nestedDepth
==
1
&&
info
.
serialClass
()
!=
SealedObjectForKeyProtector
.
class
)
||
info
.
arrayLength
()
>
fullLength
||
(
nestedDepth
>
MAX_NESTED_DEPTH
&&
info
.
serialClass
()
!=
null
&&
info
.
serialClass
()
!=
Object
.
class
))
{
return
Status
.
REJECTED
;
return
Status
.
REJECTED
;
}
}
// First run a custom filter
Class
<?>
clazz
=
info
.
serialClass
();
switch
((
int
)
info
.
depth
())
{
case
1
:
if
(
clazz
!=
SealedObjectForKeyProtector
.
class
)
{
return
Status
.
REJECTED
;
}
break
;
case
2
:
if
(
clazz
!=
null
&&
clazz
!=
SealedObject
.
class
&&
clazz
!=
byte
[].
class
)
{
return
Status
.
REJECTED
;
}
break
;
default
:
if
(
clazz
!=
null
&&
clazz
!=
Object
.
class
)
{
return
Status
.
REJECTED
;
}
break
;
}
// Next run the default filter, if available
// Next run the default filter, if available
ObjectInputFilter
defaultFilter
=
ObjectInputFilter
defaultFilter
=
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录
