Re: RFR: JDK-8276447 Deprecate finalization-related methods for removal
On Thu, 18 Nov 2021 21:51:30 GMT, Brent Christian wrote: > Here are the code changes for the "Deprecate finalizers in the standard Java > API" portion of JEP 421 ("Deprecate Finalization for Removal") for code > review. > > This change makes the indicated deprecations, and updates the API spec for > JEP 421. It also updates the relevant @SuppressWarning annotations. > > The CSR has been approved. > An automated test build+test run passes cleanly (FWIW :D ). Marked as reviewed by serb (Reviewer). - PR: https://git.openjdk.java.net/jdk/pull/6465
Re: RFR: 8271566: DSA signature length value is not accurate in P11Signature [v2]
On Fri, 13 Aug 2021 17:11:45 GMT, Martin Balao wrote: >> As described in JDK-8271566 [1], this patch proposal is intended to fix a >> problem that arises when using DSA keys that have a 256-bits (or larger) G >> parameter for signatures (either signing or verifying). There were some >> incorrect assumptions and hard-coded length values in the code before. >> Please note that, for example, the tuple (2048, 256) for DSA is valid >> according to FIPS PUB 186-4. >> >> Beyond the specific issues in signatures, I decided to provide a broader >> solution and enable key parameter retrieval for other key types (EC, DH) >> when possible. This is, when the key is not sensitive. One thing that I >> should note here is that token keys (those that have the CKA_TOKEN attribute >> equal to 'true') are considered sensitive in this regard, at least by the >> NSS Software Token implementation. I don't have access to other vendor >> implementations but if there is any concern, we can adjust the constraint to >> NSS-only. However, I'm not sure which use-case would require to get private >> keys out of a real token, weakening its security. I'd be more conservative >> here and not query the values if not sure that it will succeed. >> >> No regressions found in jdk/sun/security/pkcs11. A new test added: >> LargerDSAKey. >> >> -- >> [1] - https://bugs.openjdk.java.net/browse/JDK-8271566 > > Martin Balao has updated the pull request incrementally with one additional > commit since the last revision: > > P11Key static inner classes refactorings. Hmm, thinking more about "internal"/"opaque", given this is naming for the parent, maybe "internal" is more correct. The non-sensitive keys are encapsulated by the children classes and is still an instance of the parent. If you name the parent class w/ "opaque" suffix, it looks misleading/confusing. The opaqueness is implied by the implementation instead of the properties of the objects. - PR: https://git.openjdk.java.net/jdk/pull/4961
Re: RFR: JDK-8276447 Deprecate finalization-related methods for removal
On Fri, 19 Nov 2021 18:15:46 GMT, Brent Christian wrote: >> src/java.base/share/classes/java/lang/Object.java line 481: >> >>> 479: * system resources or to perform other cleanup. >>> 480: * >>> 481: * When running in a Java virtual machine in which finalization >>> has been >> >> Disabling finalization is not part of the Java SE spec. This paragraph >> describes the implementation of HotSpot VM and I think it does not belong to >> this javadoc. > > The coupling between this change and > [8276422](https://bugs.openjdk.java.net/browse/JDK-8276422) ("Add > command-line option to disable finalization") is probably tighter than would > be ideal. That [CSR](https://bugs.openjdk.java.net/browse/JDK-8276773) > allows for finalization to be disabled in the SE Platform Spec and the JLS. Thanks for pointing out that the CSR for JDK-8276422 ("Add command-line option to disable finalization") includes the change of the SE Platform Spec and JLS to allow an implementation for finalization to be disabled. This makes senses now. - PR: https://git.openjdk.java.net/jdk/pull/6465
Re: RFR: JDK-8276447 Deprecate finalization-related methods for removal
On Thu, 18 Nov 2021 21:51:30 GMT, Brent Christian wrote: > Here are the code changes for the "Deprecate finalizers in the standard Java > API" portion of JEP 421 ("Deprecate Finalization for Removal") for code > review. > > This change makes the indicated deprecations, and updates the API spec for > JEP 421. It also updates the relevant @SuppressWarning annotations. > > The CSR has been approved. > An automated test build+test run passes cleanly (FWIW :D ). Marked as reviewed by mchung (Reviewer). - PR: https://git.openjdk.java.net/jdk/pull/6465
Integrated: 8274333: Redundant null comparison after Pattern.split
On Sun, 26 Sep 2021 15:10:52 GMT, Andrey Turbanov wrote: > In couple of classes, result part of arrays of Pattern.split is compared with > `null`. Pattern.split (and hence String.split) never returns `null` in array > elements. Such comparisons are redundant. This pull request has now been integrated. Changeset: 36b59f38 Author:Andrey Turbanov Committer: Roger Riggs URL: https://git.openjdk.java.net/jdk/commit/36b59f3814fdaa44c9c04a0e8d63d0ba56929326 Stats: 14 lines in 2 files changed: 4 ins; 5 del; 5 mod 8274333: Redundant null comparison after Pattern.split Reviewed-by: mullan, weijun, rriggs, iris - PR: https://git.openjdk.java.net/jdk/pull/5708
Integrated: 8274949: Use String.contains() instead of String.indexOf() in java.base
On Fri, 17 Sep 2021 08:56:47 GMT, Andrey Turbanov wrote: > String.contains was introduced in Java 5. > Some code in java.base still uses old approach with `String.indexOf` to check > if String contains specified substring. > I propose to migrate such usages. Makes code shorter and easier to read. This pull request has now been integrated. Changeset: 66775543 Author:Andrey Turbanov Committer: Roger Riggs URL: https://git.openjdk.java.net/jdk/commit/6677554374ade32c9f2ddaaa093064de8aebd831 Stats: 38 lines in 17 files changed: 0 ins; 3 del; 35 mod 8274949: Use String.contains() instead of String.indexOf() in java.base Reviewed-by: weijun, dfuchs, vtewari, lancea - PR: https://git.openjdk.java.net/jdk/pull/5559
Re: RFR: JDK-8276447 Deprecate finalization-related methods for removal
On Fri, 19 Nov 2021 18:06:39 GMT, Mandy Chung wrote: >> Here are the code changes for the "Deprecate finalizers in the standard Java >> API" portion of JEP 421 ("Deprecate Finalization for Removal") for code >> review. >> >> This change makes the indicated deprecations, and updates the API spec for >> JEP 421. It also updates the relevant @SuppressWarning annotations. >> >> The CSR has been approved. >> An automated test build+test run passes cleanly (FWIW :D ). > > src/java.base/share/classes/java/lang/Object.java line 481: > >> 479: * system resources or to perform other cleanup. >> 480: * >> 481: * When running in a Java virtual machine in which finalization >> has been > > Disabling finalization is not part of the Java SE spec. This paragraph > describes the implementation of HotSpot VM and I think it does not belong to > this javadoc. The coupling between this change and [8276422](https://bugs.openjdk.java.net/browse/JDK-8276422) ("Add command-line option to disable finalization") is probably tighter than would be ideal. That [CSR](https://bugs.openjdk.java.net/browse/JDK-8276773) allows for finalization to be disabled in the SE Platform Spec and the JLS. - PR: https://git.openjdk.java.net/jdk/pull/6465
Re: RFR: JDK-8276447 Deprecate finalization-related methods for removal
On Thu, 18 Nov 2021 21:51:30 GMT, Brent Christian wrote: > Here are the code changes for the "Deprecate finalizers in the standard Java > API" portion of JEP 421 ("Deprecate Finalization for Removal") for code > review. > > This change makes the indicated deprecations, and updates the API spec for > JEP 421. It also updates the relevant @SuppressWarning annotations. > > The CSR has been approved. > An automated test build+test run passes cleanly (FWIW :D ). Marked as reviewed by darcy (Reviewer). - PR: https://git.openjdk.java.net/jdk/pull/6465
Re: RFR: JDK-8276447 Deprecate finalization-related methods for removal
On Thu, 18 Nov 2021 21:51:30 GMT, Brent Christian wrote: > Here are the code changes for the "Deprecate finalizers in the standard Java > API" portion of JEP 421 ("Deprecate Finalization for Removal") for code > review. > > This change makes the indicated deprecations, and updates the API spec for > JEP 421. It also updates the relevant @SuppressWarning annotations. > > The CSR has been approved. > An automated test build+test run passes cleanly (FWIW :D ). src/java.base/share/classes/java/lang/Object.java line 481: > 479: * system resources or to perform other cleanup. > 480: * > 481: * When running in a Java virtual machine in which finalization > has been Disabling finalization is not part of the Java SE spec. This paragraph describes the implementation of HotSpot VM and I think it does not belong to this javadoc. - PR: https://git.openjdk.java.net/jdk/pull/6465
Re: RFR: JDK-8276447 Deprecate finalization-related methods for removal
On Thu, 18 Nov 2021 21:51:30 GMT, Brent Christian wrote: > Here are the code changes for the "Deprecate finalizers in the standard Java > API" portion of JEP 421 ("Deprecate Finalization for Removal") for code > review. > > This change makes the indicated deprecations, and updates the API spec for > JEP 421. It also updates the relevant @SuppressWarning annotations. > > The CSR has been approved. > An automated test build+test run passes cleanly (FWIW :D ). Marked as reviewed by lancea (Reviewer). - PR: https://git.openjdk.java.net/jdk/pull/6465
Re: RFR: JDK-8276447 Deprecate finalization-related methods for removal
On Thu, 18 Nov 2021 21:51:30 GMT, Brent Christian wrote: > Here are the code changes for the "Deprecate finalizers in the standard Java > API" portion of JEP 421 ("Deprecate Finalization for Removal") for code > review. > > This change makes the indicated deprecations, and updates the API spec for > JEP 421. It also updates the relevant @SuppressWarning annotations. > > The CSR has been approved. > An automated test build+test run passes cleanly (FWIW :D ). Looks good. - Marked as reviewed by alanb (Reviewer). PR: https://git.openjdk.java.net/jdk/pull/6465
Re: RFR: JDK-8276447 Deprecate finalization-related methods for removal
On Thu, 18 Nov 2021 21:51:30 GMT, Brent Christian wrote: > Here are the code changes for the "Deprecate finalizers in the standard Java > API" portion of JEP 421 ("Deprecate Finalization for Removal") for code > review. > > This change makes the indicated deprecations, and updates the API spec for > JEP 421. It also updates the relevant @SuppressWarning annotations. > > The CSR has been approved. > An automated test build+test run passes cleanly (FWIW :D ). LGTM - Marked as reviewed by rriggs (Reviewer). PR: https://git.openjdk.java.net/jdk/pull/6465
Integrated: 8275887: jarsigner prints invalid digest/signature algorithm warnings if keysize is weak/disabled
On Mon, 8 Nov 2021 14:04:15 GMT, Sean Mullan wrote: > When a signature/digest algorithm was being checked, the algorithm > constraints checked both the signature/digest algorithm and the key to see if > they were restricted. This caused duplicate checks and was also problematic > for `jarsigner` (and `keytool`) which need to distinguish these two cases, so > that the output can properly indicate when the key is disabled but the > signature or digest alg is ok. > > To address this issue, a new `checkKey` parameter is added to the > `DisabledAlgorithmConstraints.permits` methods. When `true` the key (alg and > size) is also checked, otherwise it is not. This flag is always set to > `false` by `jarsigner` when checking algs and by the JDK when checking digest > algorithms. Other small changes include changes in `SignerInfo` to use a > record to store info about the algorithms to be checked, and removing an > unnecessary CRL checking method from `AlgorithmChecker`. > > `keytool` will be enhanced in a subsequent CR to call the new methods. This pull request has now been integrated. Changeset: 03f8c0fb Author:Sean Mullan URL: https://git.openjdk.java.net/jdk/commit/03f8c0fb9363dc1bb07bed1ae0359c029caa0130 Stats: 121 lines in 9 files changed: 32 ins; 31 del; 58 mod 8275887: jarsigner prints invalid digest/signature algorithm warnings if keysize is weak/disabled Reviewed-by: weijun - PR: https://git.openjdk.java.net/jdk/pull/6296