diff --git a/make/src/classes/build/tools/cldrconverter/ResourceBundleGenerator.java b/make/src/classes/build/tools/cldrconverter/ResourceBundleGenerator.java index b905f75290a59ae224a26313d5cd46451916e4a2..d5eecf25ee816c399b98fa786e55269e1bbd7a73 100644 --- a/make/src/classes/build/tools/cldrconverter/ResourceBundleGenerator.java +++ b/make/src/classes/build/tools/cldrconverter/ResourceBundleGenerator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -30,11 +30,37 @@ import java.io.IOException; import java.io.PrintWriter; import java.util.Formatter; import java.util.HashSet; +import java.util.LinkedHashMap; import java.util.Map; import java.util.Set; import java.util.SortedSet; class ResourceBundleGenerator implements BundleGenerator { + // preferred timezones - keeping compatibility with JDK1.1 3 letter abbreviations + private static final String[] preferredTZIDs = { + "America/Los_Angeles", + "America/Denver", + "America/Phoenix", + "America/Chicago", + "America/New_York", + "America/Indianapolis", + "Pacific/Honolulu", + "America/Anchorage", + "America/Halifax", + "America/Sitka", + "America/St_Johns", + "Europe/Paris", + // Although CLDR does not support abbreviated zones, handle "GMT" as a + // special case here, as it is specified in the javadoc. + "GMT", + "Africa/Casablanca", + "Asia/Jerusalem", + "Asia/Tokyo", + "Europe/Bucharest", + "Asia/Shanghai", + "UTC", + }; + @Override public void generateBundle(String packageName, String baseName, String localeID, boolean useJava, Map map, BundleType type) throws IOException { @@ -89,6 +115,19 @@ class ResourceBundleGenerator implements BundleGenerator { for (String key : metaKeys) { map.remove(key); } + + // Make it preferred ordered + LinkedHashMap newMap = new LinkedHashMap<>(); + for (String preferred : preferredTZIDs) { + if (map.containsKey(preferred)) { + newMap.put(preferred, map.remove(preferred)); + } else if (("GMT".equals(preferred) || "UTC".equals(preferred)) && + metaKeys.contains(CLDRConverter.METAZONE_ID_PREFIX+preferred)) { + newMap.put(preferred, preferred); + } + } + newMap.putAll(map); + map = newMap; } try (PrintWriter out = new PrintWriter(file, encoding)) { diff --git a/src/share/classes/java/lang/Thread.java b/src/share/classes/java/lang/Thread.java index 274801cea6c585a9f7b9f5ebd30298868ac4fa0f..7c8e83ef2b92681121cc35c63b6453d2c504645d 100644 --- a/src/share/classes/java/lang/Thread.java +++ b/src/share/classes/java/lang/Thread.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1994, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -145,7 +145,7 @@ class Thread implements Runnable { registerNatives(); } - private volatile char name[]; + private volatile String name; private int priority; private Thread threadQ; private long eetop; @@ -366,7 +366,7 @@ class Thread implements Runnable { throw new NullPointerException("name cannot be null"); } - this.name = name.toCharArray(); + this.name = name; Thread parent = currentThread(); SecurityManager security = System.getSecurityManager(); @@ -1119,7 +1119,11 @@ class Thread implements Runnable { */ public final synchronized void setName(String name) { checkAccess(); - this.name = name.toCharArray(); + if (name == null) { + throw new NullPointerException("name cannot be null"); + } + + this.name = name; if (threadStatus != 0) { setNativeName(name); } @@ -1132,7 +1136,7 @@ class Thread implements Runnable { * @see #setName(String) */ public final String getName() { - return new String(name, true); + return name; } /** diff --git a/src/share/classes/java/net/URLConnection.java b/src/share/classes/java/net/URLConnection.java index dd66ed26c547a43011f997572511cb1ebdc9e137..7f7f43d94be32ab6687d0a56b96c15122ffce187 100644 --- a/src/share/classes/java/net/URLConnection.java +++ b/src/share/classes/java/net/URLConnection.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1995, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1515,7 +1515,7 @@ public abstract class URLConnection { } if (c1 == 0xFF && c2 == 0xD8 && c3 == 0xFF) { - if (c4 == 0xE0) { + if (c4 == 0xE0 || c4 == 0xEE) { return "image/jpeg"; } @@ -1530,10 +1530,6 @@ public abstract class URLConnection { c11 == 0)) { return "image/jpeg"; } - - if (c4 == 0xEE) { - return "image/jpg"; - } } if (c1 == 0xD0 && c2 == 0xCF && c3 == 0x11 && c4 == 0xE0 && diff --git a/src/share/classes/javax/swing/TimerQueue.java b/src/share/classes/javax/swing/TimerQueue.java index a6791d64fbc701d46af44385a67a88a374479a4c..7092b4538f475e5eb45c8148f60897f4ed416c49 100644 --- a/src/share/classes/javax/swing/TimerQueue.java +++ b/src/share/classes/javax/swing/TimerQueue.java @@ -93,6 +93,9 @@ class TimerQueue implements Runnable void startIfNeeded() { if (! running) { runningLock.lock(); + if (running) { + return; + } try { final ThreadGroup threadGroup = AppContext.getAppContext().getThreadGroup(); @@ -168,15 +171,17 @@ class TimerQueue implements Runnable try { while (running) { try { - Timer timer = queue.take().getTimer(); + DelayedTimer runningTimer = queue.take(); + Timer timer = runningTimer.getTimer(); timer.getLock().lock(); try { DelayedTimer delayedTimer = timer.delayedTimer; - if (delayedTimer != null) { + if (delayedTimer == runningTimer) { /* - * Timer is not removed after we get it from - * the queue and before the lock on the timer is - * acquired + * Timer is not removed (delayedTimer != null) + * or not removed and added (runningTimer == delayedTimer) + * after we get it from the queue and before the + * lock on the timer is acquired */ timer.post(); // have timer post an event timer.delayedTimer = null; diff --git a/src/share/classes/sun/security/pkcs/PKCS7.java b/src/share/classes/sun/security/pkcs/PKCS7.java index fdc295c692df354ce57c5331dca4e231be5cce60..19211ae7b0e58d36d527fca0530b34a8c54ab732 100644 --- a/src/share/classes/sun/security/pkcs/PKCS7.java +++ b/src/share/classes/sun/security/pkcs/PKCS7.java @@ -802,7 +802,8 @@ public class PKCS7 { byte[] content, String signatureAlgorithm, URI tsaURI, - String tSAPolicyID) + String tSAPolicyID, + String tSADigestAlg) throws CertificateException, IOException, NoSuchAlgorithmException { @@ -811,7 +812,8 @@ public class PKCS7 { if (tsaURI != null) { // Timestamp the signature HttpTimestamper tsa = new HttpTimestamper(tsaURI); - byte[] tsToken = generateTimestampToken(tsa, tSAPolicyID, signature); + byte[] tsToken = generateTimestampToken( + tsa, tSAPolicyID, tSADigestAlg, signature); // Insert the timestamp token into the PKCS #7 signer info element // (as an unsigned attribute) @@ -869,6 +871,7 @@ public class PKCS7 { */ private static byte[] generateTimestampToken(Timestamper tsa, String tSAPolicyID, + String tSADigestAlg, byte[] toBeTimestamped) throws IOException, CertificateException { @@ -876,11 +879,10 @@ public class PKCS7 { MessageDigest messageDigest = null; TSRequest tsQuery = null; try { - // SHA-1 is always used. - messageDigest = MessageDigest.getInstance("SHA-1"); + messageDigest = MessageDigest.getInstance(tSADigestAlg); tsQuery = new TSRequest(tSAPolicyID, toBeTimestamped, messageDigest); } catch (NoSuchAlgorithmException e) { - // ignore + throw new IllegalArgumentException(e); } // Generate a nonce @@ -908,9 +910,13 @@ public class PKCS7 { PKCS7 tsToken = tsReply.getToken(); TimestampToken tst = tsReply.getTimestampToken(); - if (!tst.getHashAlgorithm().getName().equals("SHA-1")) { - throw new IOException("Digest algorithm not SHA-1 in " - + "timestamp token"); + try { + if (!tst.getHashAlgorithm().equals(AlgorithmId.get(tSADigestAlg))) { + throw new IOException("Digest algorithm not " + tSADigestAlg + " in " + + "timestamp token"); + } + } catch (NoSuchAlgorithmException nase) { + throw new IllegalArgumentException(); // should have been caught before } if (!MessageDigest.isEqual(tst.getHashedMessage(), tsQuery.getHashedMessage())) { diff --git a/src/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java b/src/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java index c9b31cdc93a9f8473f42a614c21b006c5bf71ea1..256bdf263e5c1a67bd99da02d634ef02ab348802 100644 --- a/src/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java +++ b/src/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java @@ -413,12 +413,16 @@ final class SignatureAndHashAlgorithm { "SHA1withECDSA", --p); if (Security.getProvider("SunMSCAPI") == null) { + supports(HashAlgorithm.SHA224, SignatureAlgorithm.DSA, + "SHA224withDSA", --p); supports(HashAlgorithm.SHA224, SignatureAlgorithm.RSA, "SHA224withRSA", --p); supports(HashAlgorithm.SHA224, SignatureAlgorithm.ECDSA, "SHA224withECDSA", --p); } + supports(HashAlgorithm.SHA256, SignatureAlgorithm.DSA, + "SHA256withDSA", --p); supports(HashAlgorithm.SHA256, SignatureAlgorithm.RSA, "SHA256withRSA", --p); supports(HashAlgorithm.SHA256, SignatureAlgorithm.ECDSA, diff --git a/src/share/classes/sun/security/tools/jarsigner/JarSignerParameters.java b/src/share/classes/sun/security/tools/jarsigner/JarSignerParameters.java new file mode 100644 index 0000000000000000000000000000000000000000..fe75f9d8148a6773f84188b06613af06b557e692 --- /dev/null +++ b/src/share/classes/sun/security/tools/jarsigner/JarSignerParameters.java @@ -0,0 +1,152 @@ +/* + * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.security.tools.jarsigner; + +import java.security.cert.Certificate; +import java.security.cert.X509Certificate; +import java.net.URI; +import java.util.zip.*; + +import com.sun.jarsigner.ContentSignerParameters; + +class JarSignerParameters implements ContentSignerParameters { + + private String[] args; + private URI tsa; + private X509Certificate tsaCertificate; + private byte[] signature; + private String signatureAlgorithm; + private X509Certificate[] signerCertificateChain; + private byte[] content; + private ZipFile source; + private String tSAPolicyID; + private String tSADigestAlg; + + /** + * Create a new object. + */ + JarSignerParameters(String[] args, URI tsa, X509Certificate tsaCertificate, + String tSAPolicyID, String tSADigestAlg, + byte[] signature, String signatureAlgorithm, + X509Certificate[] signerCertificateChain, byte[] content, + ZipFile source) { + + if (signature == null || signatureAlgorithm == null || + signerCertificateChain == null || tSADigestAlg == null) { + throw new NullPointerException(); + } + this.args = args; + this.tsa = tsa; + this.tsaCertificate = tsaCertificate; + this.tSAPolicyID = tSAPolicyID; + this.tSADigestAlg = tSADigestAlg; + this.signature = signature; + this.signatureAlgorithm = signatureAlgorithm; + this.signerCertificateChain = signerCertificateChain; + this.content = content; + this.source = source; + } + + /** + * Retrieves the command-line arguments. + * + * @return The command-line arguments. May be null. + */ + public String[] getCommandLine() { + return args; + } + + /** + * Retrieves the identifier for a Timestamping Authority (TSA). + * + * @return The TSA identifier. May be null. + */ + public URI getTimestampingAuthority() { + return tsa; + } + + /** + * Retrieves the certificate for a Timestamping Authority (TSA). + * + * @return The TSA certificate. May be null. + */ + public X509Certificate getTimestampingAuthorityCertificate() { + return tsaCertificate; + } + + public String getTSAPolicyID() { + return tSAPolicyID; + } + + public String getTSADigestAlg() { + return tSADigestAlg; + } + + /** + * Retrieves the signature. + * + * @return The non-null signature bytes. + */ + public byte[] getSignature() { + return signature; + } + + /** + * Retrieves the name of the signature algorithm. + * + * @return The non-null string name of the signature algorithm. + */ + public String getSignatureAlgorithm() { + return signatureAlgorithm; + } + + /** + * Retrieves the signer's X.509 certificate chain. + * + * @return The non-null array of X.509 public-key certificates. + */ + public X509Certificate[] getSignerCertificateChain() { + return signerCertificateChain; + } + + /** + * Retrieves the content that was signed. + * + * @return The content bytes. May be null. + */ + public byte[] getContent() { + return content; + } + + /** + * Retrieves the original source ZIP file before it was signed. + * + * @return The original ZIP file. May be null. + */ + public ZipFile getSource() { + return source; + } +} diff --git a/src/share/classes/sun/security/tools/jarsigner/Main.java b/src/share/classes/sun/security/tools/jarsigner/Main.java index 35f33c85b327328fe268cb4d101ff5ec401cd3ff..37b04c9bf8d6b470b1fef206a15dec9270ef042d 100644 --- a/src/share/classes/sun/security/tools/jarsigner/Main.java +++ b/src/share/classes/sun/security/tools/jarsigner/Main.java @@ -139,6 +139,7 @@ public class Main { String tsaAlias; // alias for the Timestamping Authority's certificate String altCertChain; // file to read alternative cert chain from String tSAPolicyID; + String tSADigestAlg = "SHA-256"; boolean verify = false; // verify the jar String verbose = null; // verbose output when signing/verifying boolean showcerts = false; // show certs when verifying @@ -342,6 +343,9 @@ public class Main { } else if (collator.compare(flags, "-tsapolicyid") ==0) { if (++n == args.length) usageNoArg(); tSAPolicyID = args[n]; + } else if (collator.compare(flags, "-tsadigestalg") ==0) { + if (++n == args.length) usageNoArg(); + tSADigestAlg = args[n]; } else if (collator.compare(flags, "-debug") ==0) { debug = true; } else if (collator.compare(flags, "-keypass") ==0) { @@ -535,6 +539,9 @@ public class Main { System.out.println(rb.getString (".tsapolicyid.tsapolicyid.for.Timestamping.Authority")); System.out.println(); + System.out.println(rb.getString + (".tsadigestalg.algorithm.of.digest.data.in.timestamping.request")); + System.out.println(); System.out.println(rb.getString (".altsigner.class.class.name.of.an.alternative.signing.mechanism")); System.out.println(); @@ -1270,8 +1277,8 @@ public class Main { try { block = sf.generateBlock(privateKey, sigalg, certChain, - externalSF, tsaUrl, tsaCert, tSAPolicyID, signingMechanism, args, - zipFile); + externalSF, tsaUrl, tsaCert, tSAPolicyID, tSADigestAlg, + signingMechanism, args, zipFile); } catch (SocketTimeoutException e) { // Provide a helpful message when TSA is beyond a firewall error(rb.getString("unable.to.sign.jar.") + @@ -2268,13 +2275,14 @@ class SignatureFile { boolean externalSF, String tsaUrl, X509Certificate tsaCert, String tSAPolicyID, + String tSADigestAlg, ContentSigner signingMechanism, String[] args, ZipFile zipFile) throws NoSuchAlgorithmException, InvalidKeyException, IOException, SignatureException, CertificateException { return new Block(this, privateKey, sigalg, certChain, externalSF, - tsaUrl, tsaCert, tSAPolicyID, signingMechanism, args, zipFile); + tsaUrl, tsaCert, tSAPolicyID, tSADigestAlg, signingMechanism, args, zipFile); } @@ -2288,8 +2296,8 @@ class SignatureFile { */ Block(SignatureFile sfg, PrivateKey privateKey, String sigalg, X509Certificate[] certChain, boolean externalSF, String tsaUrl, - X509Certificate tsaCert, String tSAPolicyID, ContentSigner signingMechanism, - String[] args, ZipFile zipFile) + X509Certificate tsaCert, String tSAPolicyID, String tSADigestAlg, + ContentSigner signingMechanism, String[] args, ZipFile zipFile) throws NoSuchAlgorithmException, InvalidKeyException, IOException, SignatureException, CertificateException { @@ -2371,7 +2379,8 @@ class SignatureFile { // Assemble parameters for the signing mechanism ContentSignerParameters params = - new JarSignerParameters(args, tsaUri, tsaCert, tSAPolicyID, signature, + new JarSignerParameters(args, tsaUri, tsaCert, tSAPolicyID, + tSADigestAlg, signature, signatureAlgorithm, certChain, content, zipFile); // Generate the signature block @@ -2400,120 +2409,3 @@ class SignatureFile { } } } - - -/* - * This object encapsulates the parameters used to perform content signing. - */ -class JarSignerParameters implements ContentSignerParameters { - - private String[] args; - private URI tsa; - private X509Certificate tsaCertificate; - private byte[] signature; - private String signatureAlgorithm; - private X509Certificate[] signerCertificateChain; - private byte[] content; - private ZipFile source; - private String tSAPolicyID; - - /** - * Create a new object. - */ - JarSignerParameters(String[] args, URI tsa, X509Certificate tsaCertificate, - String tSAPolicyID, - byte[] signature, String signatureAlgorithm, - X509Certificate[] signerCertificateChain, byte[] content, - ZipFile source) { - - if (signature == null || signatureAlgorithm == null || - signerCertificateChain == null) { - throw new NullPointerException(); - } - this.args = args; - this.tsa = tsa; - this.tsaCertificate = tsaCertificate; - this.tSAPolicyID = tSAPolicyID; - this.signature = signature; - this.signatureAlgorithm = signatureAlgorithm; - this.signerCertificateChain = signerCertificateChain; - this.content = content; - this.source = source; - } - - /** - * Retrieves the command-line arguments. - * - * @return The command-line arguments. May be null. - */ - public String[] getCommandLine() { - return args; - } - - /** - * Retrieves the identifier for a Timestamping Authority (TSA). - * - * @return The TSA identifier. May be null. - */ - public URI getTimestampingAuthority() { - return tsa; - } - - /** - * Retrieves the certificate for a Timestamping Authority (TSA). - * - * @return The TSA certificate. May be null. - */ - public X509Certificate getTimestampingAuthorityCertificate() { - return tsaCertificate; - } - - public String getTSAPolicyID() { - return tSAPolicyID; - } - - /** - * Retrieves the signature. - * - * @return The non-null signature bytes. - */ - public byte[] getSignature() { - return signature; - } - - /** - * Retrieves the name of the signature algorithm. - * - * @return The non-null string name of the signature algorithm. - */ - public String getSignatureAlgorithm() { - return signatureAlgorithm; - } - - /** - * Retrieves the signer's X.509 certificate chain. - * - * @return The non-null array of X.509 public-key certificates. - */ - public X509Certificate[] getSignerCertificateChain() { - return signerCertificateChain; - } - - /** - * Retrieves the content that was signed. - * - * @return The content bytes. May be null. - */ - public byte[] getContent() { - return content; - } - - /** - * Retrieves the original source ZIP file before it was signed. - * - * @return The original ZIP file. May be null. - */ - public ZipFile getSource() { - return source; - } -} diff --git a/src/share/classes/sun/security/tools/jarsigner/Resources.java b/src/share/classes/sun/security/tools/jarsigner/Resources.java index 77b0628263660a83e6fbd3adb5f72d3e0a0e7d9b..db35b1e58553a8658d3d060c55751edbb387abb5 100644 --- a/src/share/classes/sun/security/tools/jarsigner/Resources.java +++ b/src/share/classes/sun/security/tools/jarsigner/Resources.java @@ -88,6 +88,8 @@ public class Resources extends java.util.ListResourceBundle { "[-tsacert ] public key certificate for Timestamping Authority"}, {".tsapolicyid.tsapolicyid.for.Timestamping.Authority", "[-tsapolicyid ] TSAPolicyID for Timestamping Authority"}, + {".tsadigestalg.algorithm.of.digest.data.in.timestamping.request", + "[-tsadigestalg ] algorithm of digest data in timestamping request"}, {".altsigner.class.class.name.of.an.alternative.signing.mechanism", "[-altsigner ] class name of an alternative signing mechanism"}, {".altsignerpath.pathlist.location.of.an.alternative.signing.mechanism", diff --git a/src/share/classes/sun/security/tools/jarsigner/TimestampedSigner.java b/src/share/classes/sun/security/tools/jarsigner/TimestampedSigner.java index 3e5041953679073626c60f12ef48a0213a247cc1..c149f8b0f9694270662f2e4e6e00c263fdcc5a03 100644 --- a/src/share/classes/sun/security/tools/jarsigner/TimestampedSigner.java +++ b/src/share/classes/sun/security/tools/jarsigner/TimestampedSigner.java @@ -132,9 +132,14 @@ public final class TimestampedSigner extends ContentSigner { } } } + String tSADigestAlg = "SHA-256"; + if (params instanceof JarSignerParameters) { + tSADigestAlg = ((JarSignerParameters)params).getTSADigestAlg(); + } return PKCS7.generateSignedData(signature, signerChain, content, params.getSignatureAlgorithm(), tsaURI, - params.getTSAPolicyID()); + params.getTSAPolicyID(), + tSADigestAlg); } /** diff --git a/src/share/classes/sun/util/resources/TimeZoneNames.java b/src/share/classes/sun/util/resources/TimeZoneNames.java index fba48a357874917fa287efacccfb978a7ea7dd23..c9c06d04d247d525ac247331a9c82b7606a8f059 100644 --- a/src/share/classes/sun/util/resources/TimeZoneNames.java +++ b/src/share/classes/sun/util/resources/TimeZoneNames.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -307,6 +307,7 @@ public final class TimeZoneNames extends TimeZoneNamesBundle { {"Europe/Bucharest", EET}, {"Asia/Shanghai", CTT}, {"CTT", CTT}, + {"UTC", UTC}, /* Don't change the order of the above zones * to keep compatibility with the previous version. */ @@ -1034,7 +1035,6 @@ public final class TimeZoneNames extends TimeZoneNamesBundle { {"US/Pacific", PST}, {"US/Pacific-New", PST}, {"US/Samoa", SAMOA}, - {"UTC", UTC}, {"VST", ICT}, {"W-SU", MSK}, {"WET", WET}, diff --git a/src/share/classes/sun/util/resources/de/TimeZoneNames_de.java b/src/share/classes/sun/util/resources/de/TimeZoneNames_de.java index 14dce89f91c946a9f30e1f07aa4caed365364cfa..1ba2a14003ce8d364408ebc765d9236f6358f65a 100644 --- a/src/share/classes/sun/util/resources/de/TimeZoneNames_de.java +++ b/src/share/classes/sun/util/resources/de/TimeZoneNames_de.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -308,6 +308,7 @@ public final class TimeZoneNames_de extends TimeZoneNamesBundle { {"Europe/Bucharest", EET}, {"Asia/Shanghai", CTT}, {"CTT", CTT}, + {"UTC", UTC}, /* Don't change the order of the above zones * to keep compatibility with the previous version. */ @@ -1034,7 +1035,6 @@ public final class TimeZoneNames_de extends TimeZoneNamesBundle { {"US/Pacific", PST}, {"US/Pacific-New", PST}, {"US/Samoa", SAMOA}, - {"UTC", UTC}, {"VST", ICT}, {"W-SU", MSK}, {"WET", WET}, diff --git a/src/share/classes/sun/util/resources/es/TimeZoneNames_es.java b/src/share/classes/sun/util/resources/es/TimeZoneNames_es.java index 081d1a0d56f867c0d0ab71ef7bc7881ee3b362c4..5e39e12fb1c8657b30d6c6c98825d6b77dda47e0 100644 --- a/src/share/classes/sun/util/resources/es/TimeZoneNames_es.java +++ b/src/share/classes/sun/util/resources/es/TimeZoneNames_es.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -308,6 +308,7 @@ public final class TimeZoneNames_es extends TimeZoneNamesBundle { {"Europe/Bucharest", EET}, {"Asia/Shanghai", CTT}, {"CTT", CTT}, + {"UTC", UTC}, /* Don't change the order of the above zones * to keep compatibility with the previous version. */ @@ -1034,7 +1035,6 @@ public final class TimeZoneNames_es extends TimeZoneNamesBundle { {"US/Pacific", PST}, {"US/Pacific-New", PST}, {"US/Samoa", SAMOA}, - {"UTC", UTC}, {"VST", ICT}, {"W-SU", MSK}, {"WET", WET}, diff --git a/src/share/classes/sun/util/resources/fr/TimeZoneNames_fr.java b/src/share/classes/sun/util/resources/fr/TimeZoneNames_fr.java index 426e2be867bdff466fa0d8ba85e23115dcd3ea38..2f7145f0be061a44ab20a126accdf029799dfeb8 100644 --- a/src/share/classes/sun/util/resources/fr/TimeZoneNames_fr.java +++ b/src/share/classes/sun/util/resources/fr/TimeZoneNames_fr.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -308,6 +308,7 @@ public final class TimeZoneNames_fr extends TimeZoneNamesBundle { {"Europe/Bucharest", EET}, {"Asia/Shanghai", CTT}, {"CTT", CTT}, + {"UTC", UTC}, /* Don't change the order of the above zones * to keep compatibility with the previous version. */ @@ -1034,7 +1035,6 @@ public final class TimeZoneNames_fr extends TimeZoneNamesBundle { {"US/Pacific", PST}, {"US/Pacific-New", PST}, {"US/Samoa", SAMOA}, - {"UTC", UTC}, {"VST", ICT}, {"W-SU", MSK}, {"WET", WET}, diff --git a/src/share/classes/sun/util/resources/it/TimeZoneNames_it.java b/src/share/classes/sun/util/resources/it/TimeZoneNames_it.java index 6fb3657965d60a92d4056571ec144bb33c296f98..788ad0e4ba93c64a5cfe44296f38ca798d574352 100644 --- a/src/share/classes/sun/util/resources/it/TimeZoneNames_it.java +++ b/src/share/classes/sun/util/resources/it/TimeZoneNames_it.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -308,6 +308,7 @@ public final class TimeZoneNames_it extends TimeZoneNamesBundle { {"Europe/Bucharest", EET}, {"Asia/Shanghai", CTT}, {"CTT", CTT}, + {"UTC", UTC}, /* Don't change the order of the above zones * to keep compatibility with the previous version. */ @@ -1034,7 +1035,6 @@ public final class TimeZoneNames_it extends TimeZoneNamesBundle { {"US/Pacific", PST}, {"US/Pacific-New", PST}, {"US/Samoa", SAMOA}, - {"UTC", UTC}, {"VST", ICT}, {"W-SU", MSK}, {"WET", WET}, diff --git a/src/share/classes/sun/util/resources/ja/TimeZoneNames_ja.java b/src/share/classes/sun/util/resources/ja/TimeZoneNames_ja.java index 3cf72c4d1ae0ac2c753c22e15f1e0dea13f986a4..3c95a9dd7c89ca2ee4b11fbf2e2343a498d628ba 100644 --- a/src/share/classes/sun/util/resources/ja/TimeZoneNames_ja.java +++ b/src/share/classes/sun/util/resources/ja/TimeZoneNames_ja.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -308,6 +308,7 @@ public final class TimeZoneNames_ja extends TimeZoneNamesBundle { {"Europe/Bucharest", EET}, {"Asia/Shanghai", CTT}, {"CTT", CTT}, + {"UTC", UTC}, /* Don't change the order of the above zones * to keep compatibility with the previous version. */ @@ -1034,7 +1035,6 @@ public final class TimeZoneNames_ja extends TimeZoneNamesBundle { {"US/Pacific", PST}, {"US/Pacific-New", PST}, {"US/Samoa", SAMOA}, - {"UTC", UTC}, {"VST", ICT}, {"W-SU", MSK}, {"WET", WET}, diff --git a/src/share/classes/sun/util/resources/ko/TimeZoneNames_ko.java b/src/share/classes/sun/util/resources/ko/TimeZoneNames_ko.java index 61485c86c32844229b8ea5e88aa4dcf2a027cbaf..7c7ef32c24726609118c77a9bef510465f70c0a1 100644 --- a/src/share/classes/sun/util/resources/ko/TimeZoneNames_ko.java +++ b/src/share/classes/sun/util/resources/ko/TimeZoneNames_ko.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -308,6 +308,7 @@ public final class TimeZoneNames_ko extends TimeZoneNamesBundle { {"Europe/Bucharest", EET}, {"Asia/Shanghai", CTT}, {"CTT", CTT}, + {"UTC", UTC}, /* Don't change the order of the above zones * to keep compatibility with the previous version. */ @@ -1034,7 +1035,6 @@ public final class TimeZoneNames_ko extends TimeZoneNamesBundle { {"US/Pacific", PST}, {"US/Pacific-New", PST}, {"US/Samoa", SAMOA}, - {"UTC", UTC}, {"VST", ICT}, {"W-SU", MSK}, {"WET", WET}, diff --git a/src/share/classes/sun/util/resources/pt/TimeZoneNames_pt_BR.java b/src/share/classes/sun/util/resources/pt/TimeZoneNames_pt_BR.java index 951471b5544682cc5379be03824d3a48674a01c4..65cbcf291976e4ffe44475380c8dc7a1c6e58bb4 100644 --- a/src/share/classes/sun/util/resources/pt/TimeZoneNames_pt_BR.java +++ b/src/share/classes/sun/util/resources/pt/TimeZoneNames_pt_BR.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -308,6 +308,7 @@ public final class TimeZoneNames_pt_BR extends TimeZoneNamesBundle { {"Europe/Bucharest", EET}, {"Asia/Shanghai", CTT}, {"CTT", CTT}, + {"UTC", UTC}, /* Don't change the order of the above zones * to keep compatibility with the previous version. */ @@ -1034,7 +1035,6 @@ public final class TimeZoneNames_pt_BR extends TimeZoneNamesBundle { {"US/Pacific", PST}, {"US/Pacific-New", PST}, {"US/Samoa", SAMOA}, - {"UTC", UTC}, {"VST", ICT}, {"W-SU", MSK}, {"WET", WET}, diff --git a/src/share/classes/sun/util/resources/sv/TimeZoneNames_sv.java b/src/share/classes/sun/util/resources/sv/TimeZoneNames_sv.java index f857b0aeba346fc25ac0ef729c2d89eef1c6c6ba..85f9485407dd6aacc2ac627bc9b696e1f9ed49c4 100644 --- a/src/share/classes/sun/util/resources/sv/TimeZoneNames_sv.java +++ b/src/share/classes/sun/util/resources/sv/TimeZoneNames_sv.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -308,6 +308,7 @@ public final class TimeZoneNames_sv extends TimeZoneNamesBundle { {"Europe/Bucharest", EET}, {"Asia/Shanghai", CTT}, {"CTT", CTT}, + {"UTC", UTC}, /* Don't change the order of the above zones * to keep compatibility with the previous version. */ @@ -1034,7 +1035,6 @@ public final class TimeZoneNames_sv extends TimeZoneNamesBundle { {"US/Pacific", PST}, {"US/Pacific-New", PST}, {"US/Samoa", SAMOA}, - {"UTC", UTC}, {"VST", ICT}, {"W-SU", MSK}, {"WET", WET}, diff --git a/src/share/classes/sun/util/resources/zh/TimeZoneNames_zh_CN.java b/src/share/classes/sun/util/resources/zh/TimeZoneNames_zh_CN.java index 5b1d2e18a396d632b34af92e0589adb09f45d3f0..98fa47e032f4f2385cf9e1ffe8016a8e8544e20a 100644 --- a/src/share/classes/sun/util/resources/zh/TimeZoneNames_zh_CN.java +++ b/src/share/classes/sun/util/resources/zh/TimeZoneNames_zh_CN.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -308,6 +308,7 @@ public final class TimeZoneNames_zh_CN extends TimeZoneNamesBundle { {"Europe/Bucharest", EET}, {"Asia/Shanghai", CTT}, {"CTT", CTT}, + {"UTC", UTC}, /* Don't change the order of the above zones * to keep compatibility with the previous version. */ @@ -1034,7 +1035,6 @@ public final class TimeZoneNames_zh_CN extends TimeZoneNamesBundle { {"US/Pacific", PST}, {"US/Pacific-New", PST}, {"US/Samoa", SAMOA}, - {"UTC", UTC}, {"VST", ICT}, {"W-SU", MSK}, {"WET", WET}, diff --git a/src/share/classes/sun/util/resources/zh/TimeZoneNames_zh_TW.java b/src/share/classes/sun/util/resources/zh/TimeZoneNames_zh_TW.java index 982bcb919d1aca16d09272d0f7fb7328890695cb..7133520ea7487c4a6f4528c76209e7e204783981 100644 --- a/src/share/classes/sun/util/resources/zh/TimeZoneNames_zh_TW.java +++ b/src/share/classes/sun/util/resources/zh/TimeZoneNames_zh_TW.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -308,6 +308,7 @@ public final class TimeZoneNames_zh_TW extends TimeZoneNamesBundle { {"Europe/Bucharest", EET}, {"Asia/Shanghai", CTT}, {"CTT", CTT}, + {"UTC", UTC}, /* Don't change the order of the above zones * to keep compatibility with the previous version. */ @@ -1036,7 +1037,6 @@ public final class TimeZoneNames_zh_TW extends TimeZoneNamesBundle { {"US/Pacific", PST}, {"US/Pacific-New", PST}, {"US/Samoa", SAMOA}, - {"UTC", UTC}, {"VST", ICT}, {"W-SU", MSK}, {"WET", WET}, diff --git a/src/solaris/classes/sun/awt/X11/XBaseWindow.java b/src/solaris/classes/sun/awt/X11/XBaseWindow.java index 25e88528f4af7e630e84f30b93aa7d0d69323ed9..6d6b6a734a16e58a7b9c2e0c9d6e8ced56829816 100644 --- a/src/solaris/classes/sun/awt/X11/XBaseWindow.java +++ b/src/solaris/classes/sun/awt/X11/XBaseWindow.java @@ -79,7 +79,6 @@ public class XBaseWindow { static enum InitialiseState { INITIALISING, - NOT_INITIALISED, INITIALISED, FAILED_INITIALISATION }; @@ -122,7 +121,6 @@ public class XBaseWindow { */ void instantPreInit(XCreateWindowParams params) { state_lock = new StateLock(); - initialising = InitialiseState.NOT_INITIALISED; } /** @@ -131,7 +129,6 @@ public class XBaseWindow { */ void preInit(XCreateWindowParams params) { state_lock = new StateLock(); - initialising = InitialiseState.NOT_INITIALISED; embedded = Boolean.TRUE.equals(params.get(EMBEDDED)); visible = Boolean.TRUE.equals(params.get(VISIBLE)); @@ -223,7 +220,6 @@ public class XBaseWindow { return false; } return true; - case NOT_INITIALISED: case FAILED_INITIALISATION: return false; default: diff --git a/test/java/awt/Paint/ComponentIsNotDrawnAfterRemoveAddTest/ComponentIsNotDrawnAfterRemoveAddTest.java b/test/java/awt/Paint/ComponentIsNotDrawnAfterRemoveAddTest/ComponentIsNotDrawnAfterRemoveAddTest.java new file mode 100644 index 0000000000000000000000000000000000000000..186b572df44dacbd00b5360051440fbb04c90d42 --- /dev/null +++ b/test/java/awt/Paint/ComponentIsNotDrawnAfterRemoveAddTest/ComponentIsNotDrawnAfterRemoveAddTest.java @@ -0,0 +1,187 @@ +/* + * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* @test + @bug 8139581 + @summary AWT components are not drawn after removal and addition to a container + @author Anton Litvinov + */ + +import java.awt.Button; +import java.awt.Color; +import java.awt.Canvas; +import java.awt.Frame; +import java.awt.Graphics; +import java.awt.Panel; +import java.util.ArrayList; + +public class ComponentIsNotDrawnAfterRemoveAddTest { + private final Frame frame; + private final Panel panel; + private final ArrayList compList = new ArrayList(); + + public ComponentIsNotDrawnAfterRemoveAddTest() { + frame = new Frame("ComponentIsNotDrawnAfterRemoveAddTest"); + frame.setSize(500, 500); + frame.setLocation(200, 200); + frame.setLayout(null); + frame.setBackground(Color.RED); + + panel = new Panel(); + panel.setLayout(null); + panel.setBounds(25, 100, 455, 295); + panel.setBackground(Color.GREEN); + + for (int i = 0; i < 10; i++) { + TestCanvas canv1 = new TestCanvas(); + canv1.setBounds(i * 45 + 5, 15, 30 + i, 30 + i); + panel.add(canv1); + compList.add(canv1); + + TestButton btn1 = new TestButton(); + btn1.setBounds(i * 45 + 5, 60, 30 + i, 30 + i); + panel.add(btn1); + compList.add(btn1); + + TestCanvas canv2 = new TestCanvas(); + canv2.setBounds(i * 45 + 5, 105, 30 + i, 30 + i); + panel.add(canv2); + compList.add(canv2); + + TestButton btn2 = new TestButton(); + btn2.setBounds(i * 45 + 5, 150, 30 + i, 30 + i); + panel.add(btn2); + compList.add(btn2); + + TestCanvas canv3 = new TestCanvas(); + canv3.setBounds(i * 45 + 5, 195, 30 + i, 30 + i); + panel.add(canv3); + compList.add(canv3); + + TestButton btn3 = new TestButton(); + btn3.setBounds(i * 45 + 5, 240, 30 + i, 30 + i); + panel.add(btn3); + compList.add(btn3); + } + + frame.add(panel); + frame.setVisible(true); + } + + private void runTest() { + try { + doSleep(1500); + checkTestableComponents(); + + for (int i = 0; i < 5; i++) { + System.err.println(String.format("Test iteration #%d:", i)); + + frame.remove(panel); + frame.invalidate(); + frame.validate(); + frame.add(panel); + + doSleep(1500); + checkTestableComponents(); + } + } finally { + frame.dispose(); + } + } + + private void doSleep(long millis) { + try { + Thread.sleep(millis); + } catch (InterruptedException ie) { + ie.printStackTrace(); + } + } + + private void checkTestableComponents() throws RuntimeException { + int notDrawnCompsCount = 0; + for (Testable comp : compList) { + if (!comp.wasPaintCalled()) { + notDrawnCompsCount++; + } else { + comp.resetPaintCalledFlag(); + } + } + if (notDrawnCompsCount > 0) { + throw new RuntimeException(String.format( + "'paint' method of %d components was not called.", notDrawnCompsCount)); + } + } + + private interface Testable { + boolean wasPaintCalled(); + void resetPaintCalledFlag(); + } + + private static class TestCanvas extends Canvas implements Testable { + private volatile boolean paintWasCalled = false; + + @Override + public void paint(Graphics g) { + paintWasCalled = true; + super.paint(g); + g.setColor(Color.BLUE); + g.fillRect(0, 0, getWidth(), getHeight()); + } + + @Override + public boolean wasPaintCalled() { + return paintWasCalled; + } + + @Override + public void resetPaintCalledFlag() { + paintWasCalled = false; + } + } + + private static class TestButton extends Button implements Testable { + private volatile boolean paintWasCalled = false; + + @Override + public void paint(Graphics g) { + paintWasCalled = true; + super.paint(g); + g.setColor(Color.YELLOW); + g.fillRect(0, 0, 15, 15); + } + + @Override + public boolean wasPaintCalled() { + return paintWasCalled; + } + + @Override + public void resetPaintCalledFlag() { + paintWasCalled = false; + } + } + + public static void main(String[] args) { + new ComponentIsNotDrawnAfterRemoveAddTest().runTest(); + } +} diff --git a/test/java/text/Format/DateFormat/Bug8141243.java b/test/java/text/Format/DateFormat/Bug8141243.java new file mode 100644 index 0000000000000000000000000000000000000000..8d156b1f777c1e80a81b5ec5dcedf46b82b772d5 --- /dev/null +++ b/test/java/text/Format/DateFormat/Bug8141243.java @@ -0,0 +1,83 @@ +/* + * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8141243 + * @summary Make sure that SimpleDateFormat parses "UTC" as the UTC time zone. + * @run main Bug8141243 + */ + +import java.text.DateFormat; +import java.text.ParseException; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Date; +import java.util.List; +import java.util.Locale; +import java.util.TimeZone; +import static java.util.TimeZone.*; + +public class Bug8141243 { + public static void main(String[] args) { + TimeZone UTC = TimeZone.getTimeZone("UTC"); + TimeZone initTz = TimeZone.getDefault(); + + List errors = new ArrayList<>(); + try { + TimeZone.setDefault(TimeZone.getTimeZone("America/Los_Angeles")); + for (Locale locale : DateFormat.getAvailableLocales()) { + // exclude any locales which localize "UTC". + String utc = UTC.getDisplayName(false, SHORT, locale); + if (!"UTC".equals(utc)) { + System.out.println("Skipping " + locale + " due to localized UTC name: " + utc); + continue; + } + SimpleDateFormat fmt = new SimpleDateFormat("z", locale); + try { + Date date = fmt.parse("UTC"); + // Parsed one may not exactly be UTC. Universal, UCT, etc. are equivalents. + if (!fmt.getTimeZone().getID().matches("(Etc/)?(UTC|Universal|UCT|Zulu)")) { + errors.add("timezone: " + fmt.getTimeZone().getID() + + ", locale: " + locale); + } + } catch (ParseException e) { + errors.add("parse exception: " + e + ", locale: " + locale); + } + } + } finally { + // Restore the default time zone + TimeZone.setDefault(initTz); + } + + if (!errors.isEmpty()) { + System.out.println("Got unexpected results:"); + for (String s : errors) { + System.out.println(" " + s); + } + throw new RuntimeException("Test failed."); + } else { + System.out.println("Test passed."); + } + } +} diff --git a/test/javax/net/ssl/TLSv12/SignatureAlgorithms.java b/test/javax/net/ssl/TLSv12/SignatureAlgorithms.java new file mode 100644 index 0000000000000000000000000000000000000000..cf5ba4773249ed2bc4a84d34199d8dbc68ef5d71 --- /dev/null +++ b/test/javax/net/ssl/TLSv12/SignatureAlgorithms.java @@ -0,0 +1,595 @@ +/* + * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +// +// SunJSSE does not support dynamic system properties, no way to re-use +// system properties in samevm/agentvm mode. +// + +/* + * @test + * @bug 8049321 + * @summary Support SHA256WithDSA in JSSE + * @modules java.base/sun.misc + * @run main/othervm SignatureAlgorithms PKIX "SHA-224,SHA-256" + * TLS_DHE_DSS_WITH_AES_128_CBC_SHA + * @run main/othervm SignatureAlgorithms PKIX "SHA-1,SHA-224" + * TLS_DHE_DSS_WITH_AES_128_CBC_SHA + * @run main/othervm SignatureAlgorithms PKIX "SHA-1,SHA-256" + * TLS_DHE_DSS_WITH_AES_128_CBC_SHA + * @run main/othervm SignatureAlgorithms PKIX "SHA-224,SHA-256" + * TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 + * @run main/othervm SignatureAlgorithms PKIX "SHA-1,SHA-224" + * TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 + * @run main/othervm SignatureAlgorithms PKIX "SHA-1,SHA-256" + * TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 + */ + +import java.net.*; +import java.util.*; +import java.io.*; +import javax.net.ssl.*; +import java.security.Security; +import java.security.KeyStore; +import java.security.KeyFactory; +import java.security.cert.Certificate; +import java.security.cert.X509Certificate; +import java.security.cert.CertificateFactory; +import java.security.spec.*; +import java.security.interfaces.*; +import sun.misc.BASE64Decoder; + + +public class SignatureAlgorithms { + + /* + * ============================================================= + * Set the various variables needed for the tests, then + * specify what tests to run on each side. + */ + + /* + * Should we run the client or server in a separate thread? + * Both sides can throw exceptions, but do you have a preference + * as to which side should be the main thread. + */ + static boolean separateServerThread = true; + + /* + * Where do we find the keystores? + */ + // Certificates and key (DSA) used in the test. + static String trustedCertStr = + "-----BEGIN CERTIFICATE-----\n" + + "MIIDYTCCAyGgAwIBAgIJAK8/gw6zg/DPMAkGByqGSM44BAMwOzELMAkGA1UEBhMC\n" + + "VVMxDTALBgNVBAoTBEphdmExHTAbBgNVBAsTFFN1bkpTU0UgVGVzdCBTZXJpdmNl\n" + + "MB4XDTE1MTIwMzEzNTIyNVoXDTM2MTExMjEzNTIyNVowOzELMAkGA1UEBhMCVVMx\n" + + "DTALBgNVBAoTBEphdmExHTAbBgNVBAsTFFN1bkpTU0UgVGVzdCBTZXJpdmNlMIIB\n" + + "uDCCASwGByqGSM44BAEwggEfAoGBAPH+b+GSMX6KS7jXDRevzc464DFG4X+uxu5V\n" + + "b3U4yhsU8A8cuH4gwin6L/IDkmZQ7N0zC0jRsiGVSMsFETTq10F39pH2eBfUv/hJ\n" + + "cLfBnIjBEtVqV/dExK88Hul2sZ4mQihQ4issPl7hsroS9EWYicnX0oNAqAB9PO5Y\n" + + "zKbfpL7TAhUA13WW48rln2UP/LaAgtnzKhqcNtMCgYEA3Rv0GirTbAaor8iURd82\n" + + "b5FlDTevOCTuq7ZIpfZVV30neS7cBYNet6m/3/4cfUlbbrqhbqIJ2I+I81drnN0Y\n" + + "lyN4KkuxEcB6OTwfWkIUj6rvPaCQrBH8Q213bDq3HHtYNaP8OoeQUyVXW+SEGADC\n" + + "J1+z8uqP3lIB6ltdgOiV/GQDgYUAAoGBAOXRppuJSGdt6AiZkb81P1DCUgIUlZFI\n" + + "J9GxWrjbbHDmGllMwPNhK6dU7LJKJJuYVPW+95rUGlSJEjRqSlHuyHkNb6e3e7qx\n" + + "tmx1/oIyq+oLult50hBS7uBvLLR0JbIKjBzzkudL8Rjze4G/Wq7KDM2T1JOP49tW\n" + + "eocCvaC8h8uQo4GtMIGqMB0GA1UdDgQWBBT17HcqLllsqnZzP+kElcGcBGmubjBr\n" + + "BgNVHSMEZDBigBT17HcqLllsqnZzP+kElcGcBGmubqE/pD0wOzELMAkGA1UEBhMC\n" + + "VVMxDTALBgNVBAoTBEphdmExHTAbBgNVBAsTFFN1bkpTU0UgVGVzdCBTZXJpdmNl\n" + + "ggkArz+DDrOD8M8wDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYwCQYHKoZI\n" + + "zjgEAwMvADAsAhQ6Y1I6LtIEBMqNo8o6GIe4LLEJuwIUbVQUKi8tvtWyRoxm8AFV\n" + + "0axJYUU=\n" + + "-----END CERTIFICATE-----"; + + static String[] targetCertStr = { + // DSA-SHA1 + "-----BEGIN CERTIFICATE-----\n" + + "MIIDKTCCAumgAwIBAgIJAOy5c0b+8stFMAkGByqGSM44BAMwOzELMAkGA1UEBhMC\n" + + "VVMxDTALBgNVBAoTBEphdmExHTAbBgNVBAsTFFN1bkpTU0UgVGVzdCBTZXJpdmNl\n" + + "MB4XDTE1MTIwMzEzNTIyNVoXDTM1MDgyMDEzNTIyNVowTzELMAkGA1UEBhMCVVMx\n" + + "DTALBgNVBAoMBEphdmExHTAbBgNVBAsMFFN1bkpTU0UgVGVzdCBTZXJpdmNlMRIw\n" + + "EAYDVQQDDAlsb2NhbGhvc3QwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEA8f5v4ZIx\n" + + "fopLuNcNF6/NzjrgMUbhf67G7lVvdTjKGxTwDxy4fiDCKfov8gOSZlDs3TMLSNGy\n" + + "IZVIywURNOrXQXf2kfZ4F9S/+Elwt8GciMES1WpX90TErzwe6XaxniZCKFDiKyw+\n" + + "XuGyuhL0RZiJydfSg0CoAH087ljMpt+kvtMCFQDXdZbjyuWfZQ/8toCC2fMqGpw2\n" + + "0wKBgQDdG/QaKtNsBqivyJRF3zZvkWUNN684JO6rtkil9lVXfSd5LtwFg163qb/f\n" + + "/hx9SVtuuqFuognYj4jzV2uc3RiXI3gqS7ERwHo5PB9aQhSPqu89oJCsEfxDbXds\n" + + "Orcce1g1o/w6h5BTJVdb5IQYAMInX7Py6o/eUgHqW12A6JX8ZAOBhAACgYB+zYqn\n" + + "jJwG4GZpBIN/6qhzbp0flChsV+Trlu0SL0agAQzb6XdI/4JnO87Pgbxaxh3VNAj3\n" + + "3+Ghr1NLBuBfTKzJ4j9msWT3EpLupkMyNtXvBYM0iyMrll67lSjMdv++wLEw35Af\n" + + "/bzVcjGyA5Q0i0cuEzDmHTVfi0OydynbwSLxtKNjMGEwCwYDVR0PBAQDAgPoMB0G\n" + + "A1UdDgQWBBQXJI8AxM0qsYCbbkIMuI5zJ+nMEDAfBgNVHSMEGDAWgBT17HcqLlls\n" + + "qnZzP+kElcGcBGmubjASBgNVHREBAf8ECDAGhwR/AAABMAkGByqGSM44BAMDLwAw\n" + + "LAIUXgyJ0xll4FrZAKXi8bj7Kiz+SA4CFH9WCSZIBYA9lmJkiTgRS7iM/6IC\n" + + "-----END CERTIFICATE-----", + + // DSA-SHA224 + "-----BEGIN CERTIFICATE-----\n" + + "MIIDLzCCAuugAwIBAgIJAOy5c0b+8stGMAsGCWCGSAFlAwQDATA7MQswCQYDVQQG\n" + + "EwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2\n" + + "Y2UwHhcNMTUxMjAzMTU0NDM5WhcNMzUwODIwMTU0NDM5WjBPMQswCQYDVQQGEwJV\n" + + "UzENMAsGA1UECgwESmF2YTEdMBsGA1UECwwUU3VuSlNTRSBUZXN0IFNlcml2Y2Ux\n" + + "EjAQBgNVBAMMCWxvY2FsaG9zdDCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQDx/m/h\n" + + "kjF+iku41w0Xr83OOuAxRuF/rsbuVW91OMobFPAPHLh+IMIp+i/yA5JmUOzdMwtI\n" + + "0bIhlUjLBRE06tdBd/aR9ngX1L/4SXC3wZyIwRLValf3RMSvPB7pdrGeJkIoUOIr\n" + + "LD5e4bK6EvRFmInJ19KDQKgAfTzuWMym36S+0wIVANd1luPK5Z9lD/y2gILZ8yoa\n" + + "nDbTAoGBAN0b9Boq02wGqK/IlEXfNm+RZQ03rzgk7qu2SKX2VVd9J3ku3AWDXrep\n" + + "v9/+HH1JW266oW6iCdiPiPNXa5zdGJcjeCpLsRHAejk8H1pCFI+q7z2gkKwR/ENt\n" + + "d2w6txx7WDWj/DqHkFMlV1vkhBgAwidfs/Lqj95SAepbXYDolfxkA4GEAAKBgA81\n" + + "CJKEv+pwiqYgxtw/9rkQ9748WP3mKrEC06kjUG+94/Z9dQloNFFfj6LiO1bymc5l\n" + + "6QIR8XCi4Po3N80K3+WxhBGFhY+RkVWTh43JV8epb41aH2qiWErarBwBGEh8LyGT\n" + + "i30db+Nkz2gfvyz9H/9T0jmYgfLEOlMCusali1qHo2MwYTALBgNVHQ8EBAMCA+gw\n" + + "HQYDVR0OBBYEFBqSP0S4+X+zOCTEnlp2hbAjV/W5MB8GA1UdIwQYMBaAFPXsdyou\n" + + "WWyqdnM/6QSVwZwEaa5uMBIGA1UdEQEB/wQIMAaHBH8AAAEwCwYJYIZIAWUDBAMB\n" + + "AzEAMC4CFQChiRaOnAnsCSJFwdpK22jSxU/mhQIVALgLbj/G39+1Ej8UuSWnEQyU\n" + + "4DA+\n" + + "-----END CERTIFICATE-----", + + // DSA-SHA256 + "-----BEGIN CERTIFICATE-----\n" + + "MIIDLTCCAuugAwIBAgIJAOy5c0b+8stHMAsGCWCGSAFlAwQDAjA7MQswCQYDVQQG\n" + + "EwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2\n" + + "Y2UwHhcNMTUxMjAzMTU0NjUxWhcNMzUwODIwMTU0NjUxWjBPMQswCQYDVQQGEwJV\n" + + "UzENMAsGA1UECgwESmF2YTEdMBsGA1UECwwUU3VuSlNTRSBUZXN0IFNlcml2Y2Ux\n" + + "EjAQBgNVBAMMCWxvY2FsaG9zdDCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQDx/m/h\n" + + "kjF+iku41w0Xr83OOuAxRuF/rsbuVW91OMobFPAPHLh+IMIp+i/yA5JmUOzdMwtI\n" + + "0bIhlUjLBRE06tdBd/aR9ngX1L/4SXC3wZyIwRLValf3RMSvPB7pdrGeJkIoUOIr\n" + + "LD5e4bK6EvRFmInJ19KDQKgAfTzuWMym36S+0wIVANd1luPK5Z9lD/y2gILZ8yoa\n" + + "nDbTAoGBAN0b9Boq02wGqK/IlEXfNm+RZQ03rzgk7qu2SKX2VVd9J3ku3AWDXrep\n" + + "v9/+HH1JW266oW6iCdiPiPNXa5zdGJcjeCpLsRHAejk8H1pCFI+q7z2gkKwR/ENt\n" + + "d2w6txx7WDWj/DqHkFMlV1vkhBgAwidfs/Lqj95SAepbXYDolfxkA4GEAAKBgEF7\n" + + "2qiYxGrjX4KCOy0k5nK/RYlgLy4gYDChihQpiaa+fbA5JOBOxPWsh7rdtmJuDrEJ\n" + + "keacU223+DIhOKC49fa+EvhLNqo6U1oPn8n/yvBsvvnWkcynw5KfNzaLlaPmzugh\n" + + "v9xl/GhyZNAXc1QUcW3C+ceHVNrKnkfbTKZz5eRSo2MwYTALBgNVHQ8EBAMCA+gw\n" + + "HQYDVR0OBBYEFNMkPrt40oO9Dpy+bcbQdEvOlNlyMB8GA1UdIwQYMBaAFPXsdyou\n" + + "WWyqdnM/6QSVwZwEaa5uMBIGA1UdEQEB/wQIMAaHBH8AAAEwCwYJYIZIAWUDBAMC\n" + + "Ay8AMCwCFCvA2QiKSe/n+6GqSYQwgQ/zL5M9AhQfSiuWdMJKWpgPJKakvzhBUbMb\n" + + "vA==\n" + + "-----END CERTIFICATE-----"}; + + // Private key in the format of PKCS#8, key size is 1024 bits. + static String[] targetPrivateKey = { + // For cert DSA-SHA1 + "MIIBSwIBADCCASwGByqGSM44BAEwggEfAoGBAPH+b+GSMX6KS7jXDRevzc464DFG\n" + + "4X+uxu5Vb3U4yhsU8A8cuH4gwin6L/IDkmZQ7N0zC0jRsiGVSMsFETTq10F39pH2\n" + + "eBfUv/hJcLfBnIjBEtVqV/dExK88Hul2sZ4mQihQ4issPl7hsroS9EWYicnX0oNA\n" + + "qAB9PO5YzKbfpL7TAhUA13WW48rln2UP/LaAgtnzKhqcNtMCgYEA3Rv0GirTbAao\n" + + "r8iURd82b5FlDTevOCTuq7ZIpfZVV30neS7cBYNet6m/3/4cfUlbbrqhbqIJ2I+I\n" + + "81drnN0YlyN4KkuxEcB6OTwfWkIUj6rvPaCQrBH8Q213bDq3HHtYNaP8OoeQUyVX\n" + + "W+SEGADCJ1+z8uqP3lIB6ltdgOiV/GQEFgIUOiB7J/lrFrNduQ8nDNTe8VspoAI=", + + // For cert DSA-SHA224 + "MIIBSwIBADCCASwGByqGSM44BAEwggEfAoGBAPH+b+GSMX6KS7jXDRevzc464DFG\n" + + "4X+uxu5Vb3U4yhsU8A8cuH4gwin6L/IDkmZQ7N0zC0jRsiGVSMsFETTq10F39pH2\n" + + "eBfUv/hJcLfBnIjBEtVqV/dExK88Hul2sZ4mQihQ4issPl7hsroS9EWYicnX0oNA\n" + + "qAB9PO5YzKbfpL7TAhUA13WW48rln2UP/LaAgtnzKhqcNtMCgYEA3Rv0GirTbAao\n" + + "r8iURd82b5FlDTevOCTuq7ZIpfZVV30neS7cBYNet6m/3/4cfUlbbrqhbqIJ2I+I\n" + + "81drnN0YlyN4KkuxEcB6OTwfWkIUj6rvPaCQrBH8Q213bDq3HHtYNaP8OoeQUyVX\n" + + "W+SEGADCJ1+z8uqP3lIB6ltdgOiV/GQEFgIUOj9F5mxWd9W1tiLSdsOAt8BUBzE=", + + // For cert DSA-SHA256 + "MIIBSwIBADCCASwGByqGSM44BAEwggEfAoGBAPH+b+GSMX6KS7jXDRevzc464DFG\n" + + "4X+uxu5Vb3U4yhsU8A8cuH4gwin6L/IDkmZQ7N0zC0jRsiGVSMsFETTq10F39pH2\n" + + "eBfUv/hJcLfBnIjBEtVqV/dExK88Hul2sZ4mQihQ4issPl7hsroS9EWYicnX0oNA\n" + + "qAB9PO5YzKbfpL7TAhUA13WW48rln2UP/LaAgtnzKhqcNtMCgYEA3Rv0GirTbAao\n" + + "r8iURd82b5FlDTevOCTuq7ZIpfZVV30neS7cBYNet6m/3/4cfUlbbrqhbqIJ2I+I\n" + + "81drnN0YlyN4KkuxEcB6OTwfWkIUj6rvPaCQrBH8Q213bDq3HHtYNaP8OoeQUyVX\n" + + "W+SEGADCJ1+z8uqP3lIB6ltdgOiV/GQEFgIUQ2WGgg+OO39Aujj0e4lM4pP4/9g="}; + + + static char passphrase[] = "passphrase".toCharArray(); + + /* + * Turn on SSL debugging? + */ + static boolean debug = false; + + /* + * Is the server ready to serve? + */ + volatile boolean serverReady = false; + + /* + * Define the server side of the test. + * + * If the server prematurely exits, serverReady will be set to true + * to avoid infinite hangs. + */ + void doServerSide() throws Exception { + + SSLContext context = generateSSLContext( + null, targetCertStr, targetPrivateKey); + SSLServerSocketFactory sslssf = context.getServerSocketFactory(); + try (SSLServerSocket sslServerSocket = + (SSLServerSocket)sslssf.createServerSocket(serverPort)) { + + serverPort = sslServerSocket.getLocalPort(); + + /* + * Signal Client, we're ready for his connect. + */ + serverReady = true; + + try (SSLSocket sslSocket = (SSLSocket)sslServerSocket.accept()) { + sslSocket.setEnabledCipherSuites( + sslSocket.getSupportedCipherSuites()); + InputStream sslIS = sslSocket.getInputStream(); + OutputStream sslOS = sslSocket.getOutputStream(); + + sslIS.read(); + sslOS.write('A'); + sslOS.flush(); + + dumpSignatureAlgorithms(sslSocket); + } + } + } + + /* + * Define the client side of the test. + * + * If the server prematurely exits, serverReady will be set to true + * to avoid infinite hangs. + */ + void doClientSide() throws Exception { + + /* + * Wait for server to get started. + */ + while (!serverReady) { + Thread.sleep(50); + } + + SSLContext context = generateSSLContext(trustedCertStr, null, null); + SSLSocketFactory sslsf = context.getSocketFactory(); + + try (SSLSocket sslSocket = + (SSLSocket)sslsf.createSocket("localhost", serverPort)) { + + // enable TLSv1.2 only + sslSocket.setEnabledProtocols(new String[] {"TLSv1.2"}); + + // enable a block cipher + sslSocket.setEnabledCipherSuites(new String[] {cipherSuite}); + + InputStream sslIS = sslSocket.getInputStream(); + OutputStream sslOS = sslSocket.getOutputStream(); + + sslOS.write('B'); + sslOS.flush(); + sslIS.read(); + + dumpSignatureAlgorithms(sslSocket); + } + } + + static void dumpSignatureAlgorithms(SSLSocket sslSocket) throws Exception { + + boolean isClient = sslSocket.getUseClientMode(); + String mode = "[" + (isClient ? "Client" : "Server") + "]"; + ExtendedSSLSession session = + (ExtendedSSLSession)sslSocket.getSession(); + String[] signAlgs = session.getLocalSupportedSignatureAlgorithms(); + System.out.println( + mode + " local supported signature algorithms: " + + Arrays.asList(signAlgs)); + + if (!isClient) { + signAlgs = session.getPeerSupportedSignatureAlgorithms(); + System.out.println( + mode + " peer supported signature algorithms: " + + Arrays.asList(signAlgs)); + } else { + Certificate[] serverCerts = session.getPeerCertificates(); + + // server should always send the authentication cert. + String sigAlg = ((X509Certificate)serverCerts[0]).getSigAlgName(); + System.out.println( + mode + " the signature algorithm of server certificate: " + + sigAlg); + if (sigAlg.contains("SHA1")) { + if (disabledAlgorithms.contains("SHA-1")) { + throw new Exception( + "Not the expected server certificate. " + + "SHA-1 should be disabled"); + } + } else if (sigAlg.contains("SHA224")) { + if (disabledAlgorithms.contains("SHA-224")) { + throw new Exception( + "Not the expected server certificate. " + + "SHA-224 should be disabled"); + } + } else { // SHA-256 + if (disabledAlgorithms.contains("SHA-256")) { + throw new Exception( + "Not the expected server certificate. " + + "SHA-256 should be disabled"); + } + } + } + } + + /* + * ============================================================= + * The remainder is just support stuff + */ + private static String tmAlgorithm; // trust manager + private static String disabledAlgorithms; // disabled algorithms + private static String cipherSuite; // cipher suite + + private static void parseArguments(String[] args) { + tmAlgorithm = args[0]; + disabledAlgorithms = args[1]; + cipherSuite = args[2]; + } + + private static SSLContext generateSSLContext(String trustedCertStr, + String[] keyCertStrs, String[] keySpecStrs) throws Exception { + + // generate certificate from cert string + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + + // create a key store + KeyStore ks = KeyStore.getInstance("JKS"); + ks.load(null, null); + + // import the trused cert + Certificate trusedCert = null; + ByteArrayInputStream is = null; + if (trustedCertStr != null) { + is = new ByteArrayInputStream(trustedCertStr.getBytes()); + trusedCert = cf.generateCertificate(is); + is.close(); + + ks.setCertificateEntry("DSA Signer", trusedCert); + } + + if (keyCertStrs != null && keyCertStrs.length != 0) { + for (int i = 0; i < keyCertStrs.length; i++) { + String keyCertStr = keyCertStrs[i]; + String keySpecStr = keySpecStrs[i]; + + // generate the private key. + PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec( + new BASE64Decoder().decodeBuffer(keySpecStr)); + KeyFactory kf = KeyFactory.getInstance("DSA"); + DSAPrivateKey priKey = + (DSAPrivateKey)kf.generatePrivate(priKeySpec); + + // generate certificate chain + is = new ByteArrayInputStream(keyCertStr.getBytes()); + Certificate keyCert = cf.generateCertificate(is); + is.close(); + + Certificate[] chain = null; + if (trusedCert != null) { + chain = new Certificate[2]; + chain[0] = keyCert; + chain[1] = trusedCert; + } else { + chain = new Certificate[1]; + chain[0] = keyCert; + } + + // import the key entry. + ks.setKeyEntry("DSA Entry " + i, priKey, passphrase, chain); + } + } + + // create SSL context + TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmAlgorithm); + tmf.init(ks); + + SSLContext ctx = SSLContext.getInstance("TLS"); + if (keyCertStrs != null && keyCertStrs.length != 0) { + KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509"); + kmf.init(ks, passphrase); + + ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); + ks = null; + } else { + ctx.init(null, tmf.getTrustManagers(), null); + } + + return ctx; + } + + + // use any free port by default + volatile int serverPort = 0; + + volatile Exception serverException = null; + volatile Exception clientException = null; + + public static void main(String[] args) throws Exception { + /* + * debug option + */ + if (debug) { + System.setProperty("javax.net.debug", "all"); + } + + /* + * Get the customized arguments. + */ + parseArguments(args); + + + /* + * Ignore testing on Windows if only SHA-224 is available. + */ + if ((Security.getProvider("SunMSCAPI") != null) && + (disabledAlgorithms.contains("SHA-1")) && + (disabledAlgorithms.contains("SHA-256"))) { + + System.out.println( + "Windows system does not support SHA-224 algorithms yet. " + + "Ignore the testing"); + + return; + } + + /* + * Expose the target algorithms by diabling unexpected algorithms. + */ + Security.setProperty( + "jdk.certpath.disabledAlgorithms", disabledAlgorithms); + + /* + * Reset the security property to make sure that the algorithms + * and keys used in this test are not disabled by default. + */ + Security.setProperty( "jdk.tls.disabledAlgorithms", ""); + + /* + * Start the tests. + */ + new SignatureAlgorithms(); + } + + Thread clientThread = null; + Thread serverThread = null; + + /* + * Primary constructor, used to drive remainder of the test. + * + * Fork off the other side, then do your work. + */ + SignatureAlgorithms() throws Exception { + try { + if (separateServerThread) { + startServer(true); + startClient(false); + } else { + startClient(true); + startServer(false); + } + } catch (Exception e) { + // swallow for now. Show later + } + + /* + * Wait for other side to close down. + */ + if (separateServerThread) { + serverThread.join(); + } else { + clientThread.join(); + } + + /* + * When we get here, the test is pretty much over. + * Which side threw the error? + */ + Exception local; + Exception remote; + String whichRemote; + + if (separateServerThread) { + remote = serverException; + local = clientException; + whichRemote = "server"; + } else { + remote = clientException; + local = serverException; + whichRemote = "client"; + } + + /* + * If both failed, return the curthread's exception, but also + * print the remote side Exception + */ + if ((local != null) && (remote != null)) { + System.out.println(whichRemote + " also threw:"); + remote.printStackTrace(); + System.out.println(); + throw local; + } + + if (remote != null) { + throw remote; + } + + if (local != null) { + throw local; + } + } + + void startServer(boolean newThread) throws Exception { + if (newThread) { + serverThread = new Thread() { + public void run() { + try { + doServerSide(); + } catch (Exception e) { + /* + * Our server thread just died. + * + * Release the client, if not active already... + */ + System.err.println("Server died..." + e); + serverReady = true; + serverException = e; + } + } + }; + serverThread.start(); + } else { + try { + doServerSide(); + } catch (Exception e) { + serverException = e; + } finally { + serverReady = true; + } + } + } + + void startClient(boolean newThread) throws Exception { + if (newThread) { + clientThread = new Thread() { + public void run() { + try { + doClientSide(); + } catch (Exception e) { + /* + * Our client thread just died. + */ + System.err.println("Client died..." + e); + clientException = e; + } + } + }; + clientThread.start(); + } else { + try { + doClientSide(); + } catch (Exception e) { + clientException = e; + } + } + } +} diff --git a/test/javax/xml/jaxp/common/8144593/TestSAXDriver.java b/test/javax/xml/jaxp/common/8144593/TestSAXDriver.java new file mode 100644 index 0000000000000000000000000000000000000000..627fe1a41b3a3a66a80e369d19667a07eb806868 --- /dev/null +++ b/test/javax/xml/jaxp/common/8144593/TestSAXDriver.java @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl; +import javax.xml.XMLConstants; +import org.xml.sax.SAXNotRecognizedException; +import org.xml.sax.SAXNotSupportedException; + +/* + * Test implementation of SAXParser. It is extended from JDK parser and two methods + * are overriden to disable support of specific features and properties. + * This class is used in ValidationWarningsTest and TransformationWarningsTest + * to generate multiple warnings during xml validation and transformation processes. +*/ +public class TestSAXDriver extends SAXParserImpl.JAXPSAXParser { + + @Override + public synchronized void setFeature(String name, boolean value) throws SAXNotRecognizedException, SAXNotSupportedException { + if (XMLConstants.FEATURE_SECURE_PROCESSING.equals(name)) { + throw new SAXNotRecognizedException(name+" feature is not recognised by test SAX parser intentionally."); + } else { + super.setFeature(name, value); + } + } + + @Override + public synchronized void setProperty(String name, Object value) throws SAXNotRecognizedException, SAXNotSupportedException { + if (XMLConstants.ACCESS_EXTERNAL_DTD.equals(name) || ENT_EXP_LIMIT_PROP.equals(name)) { + throw new SAXNotRecognizedException(name+" property is not recognised by test SAX parser intentionally."); + } else { + super.setProperty(name, value); + } + } + + private static final String ENT_EXP_LIMIT_PROP = "http://www.oracle.com/xml/jaxp/properties/entityExpansionLimit"; +} diff --git a/test/javax/xml/jaxp/common/8144593/TransformationWarningsTest.java b/test/javax/xml/jaxp/common/8144593/TransformationWarningsTest.java new file mode 100644 index 0000000000000000000000000000000000000000..71c3ed1f1edfc17ba49fcefd9b43457452fd8713 --- /dev/null +++ b/test/javax/xml/jaxp/common/8144593/TransformationWarningsTest.java @@ -0,0 +1,92 @@ +/* + * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.StringReader; +import java.io.StringWriter; +import javax.xml.transform.Source; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.stream.StreamResult; +import javax.xml.transform.stream.StreamSource; +import org.testng.annotations.Test; +import org.testng.annotations.BeforeClass; + +/* + * @test + * @bug 8144593 + * @summary Check that warnings about unsupported properties from parsers + * are suppressed during the transformation process. + * @compile -XDignore.symbol.file TestSAXDriver.java + * @run testng/othervm TransformationWarningsTest + */ +public class TransformationWarningsTest extends WarningsTestBase { + + @BeforeClass + public void setup() { + //Set test SAX driver implementation. + System.setProperty("org.xml.sax.driver", "TestSAXDriver"); + } + + @Test + public void testTransformation() throws Exception { + startTest(); + } + + //One iteration of xml transformation test case. It will be called from each + //TestWorker task defined in WarningsTestBase class. + void doOneTestIteration() throws Exception { + // Prepare output stream + StringWriter xmlResultString = new StringWriter(); + StreamResult xmlResultStream = new StreamResult(xmlResultString); + // Prepare xml source stream + Source src = new StreamSource(new StringReader(xml)); + Transformer t = createTransformer(); + //Transform the xml + t.transform(src, xmlResultStream); + } + + //Create transformer from xsl test string + Transformer createTransformer() throws Exception { + // Prepare sources for transormation + Source xslsrc = new StreamSource(new StringReader(xsl)); + + // Create factory and transformer + TransformerFactory tf = TransformerFactory.newInstance(); + Transformer t = tf.newTransformer(xslsrc); + + // Set URI Resolver to return the newly constructed xml + // stream source object from xml test string + t.setURIResolver((String href, String base) -> new StreamSource(new StringReader(xml))); + return t; + } + + //Xsl and Xml contents used in the transformation test + private static final String xsl = "" + + " " + + " " + + " Simple Transformation Result. No warnings should be printed to console" + + " " + + ""; + private static final String xml = ""; +} diff --git a/test/javax/xml/jaxp/common/8144593/ValidationWarningsTest.java b/test/javax/xml/jaxp/common/8144593/ValidationWarningsTest.java new file mode 100644 index 0000000000000000000000000000000000000000..28c003ce85738f70aeabf81b5f6ee485c0b0babc --- /dev/null +++ b/test/javax/xml/jaxp/common/8144593/ValidationWarningsTest.java @@ -0,0 +1,76 @@ +/* + * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.ByteArrayInputStream; +import java.io.StringReader; +import javax.xml.XMLConstants; +import javax.xml.transform.Source; +import javax.xml.transform.sax.SAXSource; +import javax.xml.transform.stream.StreamSource; +import javax.xml.validation.Schema; +import javax.xml.validation.SchemaFactory; +import javax.xml.validation.Validator; +import org.testng.annotations.Test; +import org.testng.annotations.BeforeClass; +import org.xml.sax.InputSource; + +/* + * @test + * @bug 8144593 + * @summary Check that warnings about unsupported properties from SAX + * parsers are suppressed during the xml validation process. + * @compile -XDignore.symbol.file TestSAXDriver.java + * @run testng/othervm ValidationWarningsTest + */ +public class ValidationWarningsTest extends WarningsTestBase { + + @BeforeClass + public void setup() { + //Set test SAX driver implementation. + System.setProperty("org.xml.sax.driver", "TestSAXDriver"); + } + + @Test + public void testValidation() throws Exception { + startTest(); + } + + //One iteration of xml validation test case. It will be called from each + //TestWorker task defined in WarningsTestBase class. + void doOneTestIteration() throws Exception { + Source src = new StreamSource(new StringReader(xml)); + SchemaFactory schemaFactory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI); + SAXSource xsdSource = new SAXSource(new InputSource(new ByteArrayInputStream(xsd.getBytes()))); + Schema schema = schemaFactory.newSchema(xsdSource); + Validator v = schema.newValidator(); + v.validate(src); + } + + //Xsd and Xml contents used in the validation test + private static final String xsd = "" + + " " + + " \n" + + " "; + private static final String xml = "Element"; + +} diff --git a/test/javax/xml/jaxp/common/8144593/WarningsTestBase.java b/test/javax/xml/jaxp/common/8144593/WarningsTestBase.java new file mode 100644 index 0000000000000000000000000000000000000000..7f31f62c53c7980268676e537384b48a10d4b610 --- /dev/null +++ b/test/javax/xml/jaxp/common/8144593/WarningsTestBase.java @@ -0,0 +1,134 @@ +/* + * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.ByteArrayOutputStream; +import java.io.PrintStream; +import java.util.concurrent.CyclicBarrier; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; +import java.util.concurrent.TimeUnit; +import java.util.regex.Matcher; +import java.util.regex.Pattern; +import javax.xml.XMLConstants; +import org.testng.Assert; + +/* + * This class helps to test suppression of unsupported parser properties + * messages printed to standard error output. + * It launches THREADS_COUNT tasks. Each task does ITERATIONS_PER_THREAD + * sequential calls to doOneIteration method implemented by specific test class. + */ +public abstract class WarningsTestBase { + + /* + * Abstract method that should be implemented by test class. + * It is repeatedly called by each TestWorker task. + */ + abstract void doOneTestIteration() throws Exception; + + /* + * Launches parallel test tasks and check the output for the number of + * generated warning messages. There should be no more than one message of + * each type. + */ + void startTest() throws Exception { + //Save standard error stream + PrintStream defStdErr = System.err; + //Set new byte array stream as standard error stream + ByteArrayOutputStream byteStream = new ByteArrayOutputStream(5000); + System.setErr(new PrintStream(byteStream)); + //Execute multiple TestWorker tasks + for (int id = 0; id < THREADS_COUNT; id++) { + EXECUTOR.execute(new TestWorker(id)); + } + //Initiate shutdown of previously submitted task + EXECUTOR.shutdown(); + //Wait for termination of submitted tasks + if (!EXECUTOR.awaitTermination(THREADS_COUNT, TimeUnit.SECONDS)) { + //If not all tasks terminates during the time out force them to shutdown + EXECUTOR.shutdownNow(); + } + //Restore default standard error stream + System.setErr(defStdErr); + //Print tasks stderr output + String errContent = byteStream.toString(); + System.out.println("Standard error output content:"); + System.out.println(errContent); + //Check tasks stderr output for quatity of warning messages + Assert.assertTrue(warningPrintedOnce(XMLConstants.ACCESS_EXTERNAL_DTD, errContent)); + Assert.assertTrue(warningPrintedOnce(ENT_EXP_PROPERTY, errContent)); + Assert.assertTrue(warningPrintedOnce(XMLConstants.FEATURE_SECURE_PROCESSING, errContent)); + } + + // Count occurences of warning messages in standard error and check if warning is printed + // not more than once + private boolean warningPrintedOnce(String propertyName, String testOutput) { + //Count for property name in test output + Pattern p = Pattern.compile(propertyName); + Matcher m = p.matcher(testOutput); + int count = 0; + while (m.find()) { + count += 1; + } + System.out.println("'" + propertyName + "' print count: " + count); + //If count is more than 1 then consider test failed + return count <= 1; + } + + //TestWorker task that sequentially calls test method + private class TestWorker implements Runnable { + // Task id + private final int id; + + TestWorker(int id) { + this.id = id; + } + + @Override + public void run() { + try { + System.out.printf("%d: waiting for barrier%n", id); + //Synchronize startup of all tasks + BARRIER.await(); + System.out.printf("%d: starting iterations%n", id); + //Call test method multiple times + for (int i = 0; i < ITERATIONS_PER_THREAD; i++) { + doOneTestIteration(); + } + } catch (Exception ex) { + throw new RuntimeException("TestWorker id:" + id + " failed", ex); + } + } + } + + //Entity expansion limit property name + private static final String ENT_EXP_PROPERTY = "http://www.oracle.com/xml/jaxp/properties/entityExpansionLimit"; + //Number of simultaneous test threads + private static final int THREADS_COUNT = 10; + //Number of iterations per one thread + private static final int ITERATIONS_PER_THREAD = 4; + //Test thread pool + private static final ExecutorService EXECUTOR = Executors.newCachedThreadPool(); + //Cyclic barrier for threads startup synchronisation + private static final CyclicBarrier BARRIER = new CyclicBarrier(THREADS_COUNT); +} diff --git a/test/javax/xml/jaxp/parsers/8072081/SupplementaryChars.java b/test/javax/xml/jaxp/parsers/8072081/SupplementaryChars.java new file mode 100644 index 0000000000000000000000000000000000000000..288a96b4ed6536ed722f2e02049b10ea6cb9585a --- /dev/null +++ b/test/javax/xml/jaxp/parsers/8072081/SupplementaryChars.java @@ -0,0 +1,91 @@ +/* + * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.ByteArrayInputStream; +import javax.xml.parsers.SAXParser; +import javax.xml.parsers.SAXParserFactory; + +import org.testng.annotations.DataProvider; +import org.testng.annotations.Test; +import org.xml.sax.SAXParseException; +import org.xml.sax.helpers.DefaultHandler; + +/** + * @test + * @bug 8072081 + * @summary verifies that supplementary characters are supported as character + * data in xml 1.0, and also names in xml 1.1. + * @run testng/othervm SupplementaryChars + */ +/* + * Joe Wang (huizhe.wang@oracle.com) + */ + +public class SupplementaryChars { + + @Test(dataProvider = "supported") + public void test(String xml) throws Exception { + ByteArrayInputStream stream = new ByteArrayInputStream(xml.getBytes("UTF-8")); + getParser().parse(stream, new DefaultHandler()); + stream.close(); + } + + @Test(dataProvider = "unsupported", expectedExceptions = SAXParseException.class) + public void testInvalid(String xml) throws Exception { + ByteArrayInputStream stream = new ByteArrayInputStream(xml.getBytes("UTF-8")); + getParser().parse(stream, new DefaultHandler()); + stream.close(); + } + + @DataProvider(name = "supported") + private Object[][] supported() { + + return new Object[][] { + {"\uD840\uDC0B"}, + {""}, + {"in tag name"}, + {"in attribute name"}, + {"\uD840\uDC0B"}, + {""} + }; + } + + @DataProvider(name = "unsupported") + private Object[][] unsupported() { + return new Object[][] { + {"in tag name"}, + {"in attribute name"} + }; + } + + private SAXParser getParser() { + SAXParser parser = null; + try { + SAXParserFactory factory = SAXParserFactory.newInstance(); + parser = factory.newSAXParser(); + } catch (Exception e) { + throw new RuntimeException(e.getMessage()); + } + return parser; + } +} diff --git a/test/sun/security/tools/jarsigner/TimestampCheck.java b/test/sun/security/tools/jarsigner/TimestampCheck.java index 65b1cca3e1d797ebc25fc3636839e84118d5ab45..113bb26217d20924bd1ea8303eea54a878ef396d 100644 --- a/test/sun/security/tools/jarsigner/TimestampCheck.java +++ b/test/sun/security/tools/jarsigner/TimestampCheck.java @@ -24,10 +24,9 @@ import com.sun.net.httpserver.*; import java.io.BufferedReader; import java.io.ByteArrayOutputStream; -import java.io.File; import java.io.FileInputStream; -import java.io.FileOutputStream; import java.io.IOException; +import java.io.InputStream; import java.io.InputStreamReader; import java.io.OutputStream; import java.math.BigInteger; @@ -38,9 +37,15 @@ import java.security.Signature; import java.security.cert.Certificate; import java.security.cert.X509Certificate; import java.util.Calendar; +import java.util.jar.JarEntry; +import java.util.jar.JarFile; + +import sun.misc.IOUtils; import sun.security.pkcs.ContentInfo; import sun.security.pkcs.PKCS7; +import sun.security.pkcs.PKCS9Attribute; import sun.security.pkcs.SignerInfo; +import sun.security.timestamp.TimestampToken; import sun.security.util.DerOutputStream; import sun.security.util.DerValue; import sun.security.util.ObjectIdentifier; @@ -51,6 +56,8 @@ public class TimestampCheck { static final String TSKS = "tsks"; static final String JAR = "old.jar"; + static final String defaultPolicyId = "2.3.4.5"; + static class Handler implements HttpHandler { public void handle(HttpExchange t) throws IOException { int len = 0; @@ -94,6 +101,11 @@ public class TimestampCheck { * 6: extension is missing * 7: extension is non-critical * 8: extension does not have timestamping + * 9: no cert in response + * 10: normal + * 11: always return default policy id + * 12: normal + * otherwise: normal * @returns the signed */ byte[] sign(byte[] input, int path) throws Exception { @@ -106,6 +118,7 @@ public class TimestampCheck { messageImprint.data.getDerValue()); System.err.println("AlgorithmId: " + aid); + ObjectIdentifier policyId = new ObjectIdentifier(defaultPolicyId); BigInteger nonce = null; while (value.data.available() > 0) { DerValue v = value.data.getDerValue(); @@ -114,6 +127,9 @@ public class TimestampCheck { System.err.println("nonce: " + nonce); } else if (v.tag == DerValue.tag_Boolean) { System.err.println("certReq: " + v.getBoolean()); + } else if (v.tag == DerValue.tag_ObjectId) { + policyId = v.getOID(); + System.err.println("PolicyID: " + policyId); } } @@ -127,6 +143,10 @@ public class TimestampCheck { if (path == 7) alias = "tsbad2"; if (path == 8) alias = "tsbad3"; + if (path == 11) { + policyId = new ObjectIdentifier(defaultPolicyId); + } + DerOutputStream statusInfo = new DerOutputStream(); statusInfo.putInteger(0); @@ -150,7 +170,7 @@ public class TimestampCheck { DerOutputStream tst = new DerOutputStream(); tst.putInteger(1); - tst.putOID(new ObjectIdentifier("1.2.3.4")); // policy + tst.putOID(policyId); if (path != 3 && path != 4) { tst.putDerValue(messageImprint); @@ -260,15 +280,43 @@ public class TimestampCheck { jarsigner(cmd, 7, false); // tsbad2 jarsigner(cmd, 8, false); // tsbad3 jarsigner(cmd, 9, false); // no cert in timestamp - jarsigner(cmd + " -tsapolicyid 1.2.3.4", 0, true); - jarsigner(cmd + " -tsapolicyid 1.2.3.5", 0, false); + jarsigner(cmd + " -tsapolicyid 1.2.3.4", 10, true); + checkTimestamp("new_10.jar", "1.2.3.4", "SHA-256"); + jarsigner(cmd + " -tsapolicyid 1.2.3.5", 11, false); + jarsigner(cmd + " -tsadigestalg SHA", 12, true); + checkTimestamp("new_12.jar", defaultPolicyId, "SHA-1"); } else { // Run as a standalone server System.err.println("Press Enter to quit server"); System.in.read(); } } finally { server.stop(0); - new File("x.jar").delete(); + } + } + + static void checkTimestamp(String file, String policyId, String digestAlg) + throws Exception { + try (JarFile jf = new JarFile(file)) { + JarEntry je = jf.getJarEntry("META-INF/OLD.RSA"); + try (InputStream is = jf.getInputStream(je)) { + byte[] content = IOUtils.readFully(is, -1, true); + PKCS7 p7 = new PKCS7(content); + SignerInfo[] si = p7.getSignerInfos(); + if (si == null || si.length == 0) { + throw new Exception("Not signed"); + } + PKCS9Attribute p9 = si[0].getUnauthenticatedAttributes() + .getAttribute(PKCS9Attribute.SIGNATURE_TIMESTAMP_TOKEN_OID); + PKCS7 tsToken = new PKCS7((byte[]) p9.getValue()); + TimestampToken tt = + new TimestampToken(tsToken.getContentInfo().getData()); + if (!tt.getHashAlgorithm().toString().equals(digestAlg)) { + throw new Exception("Digest alg different"); + } + if (!tt.getPolicyID().equals(policyId)) { + throw new Exception("policyId different"); + } + } } } diff --git a/test/sun/security/tools/jarsigner/ts.sh b/test/sun/security/tools/jarsigner/ts.sh index 928b22ea6084913558eb3f480df4221bd6dbc22f..6cee6808c0b10c90a69f098884ba295c06eb1c65 100644 --- a/test/sun/security/tools/jarsigner/ts.sh +++ b/test/sun/security/tools/jarsigner/ts.sh @@ -86,6 +86,6 @@ $KT -alias tsbad3 -certreq | \ $KT -alias ca -gencert -ext eku:critical=cs | \ $KT -alias tsbad3 -importcert -$JAVAC -d . ${TESTSRC}/TimestampCheck.java +$JAVAC -XDignore.symbol.file -d . ${TESTSRC}/TimestampCheck.java $JAVA ${TESTVMOPTS} TimestampCheck diff --git a/test/sun/tools/native2ascii/NativeErrors.java b/test/sun/tools/native2ascii/NativeErrors.java index 00493b8e908be395f75561e545bb39651dadf67c..02ca85344755f140144a88a9690b0ae0beb8e541 100644 --- a/test/sun/tools/native2ascii/NativeErrors.java +++ b/test/sun/tools/native2ascii/NativeErrors.java @@ -75,7 +75,14 @@ public class NativeErrors { throw new Error("Output file cannot be made read only: " + path2); } f2.deleteOnExit(); - checkResult(executeCmd(path1, path2), "err.cannot.write"); + if ( f2.canWrite() ) { + String msg = "Output file is still writable. " + + "Probably because test is run as root. Read-only test skipped."; + System.out.println(msg); + } else { + // Test write to a read-only file. + checkResult(executeCmd(path1, path2), "err.cannot.write"); + } } private static String executeCmd(String... toolArgs) throws Throwable {