Mercurial > hg > release > icedtea7-2.3
changeset 2358:93ac4fddecf3
Remove unused patches.
2010-12-09 Andrew John Hughes <ahughes@redhat.com>
* patches/hotspot/default/icedtea-gcc-4.3.patch,
* patches/hotspot/default/icedtea-sparc-buildfixes.patch,
* patches/icedtea-6484091.patch,
* patches/icedtea-6497740.patch,
* patches/icedtea-6588160.patch,
* patches/icedtea-6700047-loopopts.patch,
* patches/icedtea-6712835-ifnode.patch,
* patches/icedtea-6721753.patch,
* patches/icedtea-6726779.patch,
* patches/icedtea-6734167.patch,
* patches/icedtea-6766136.patch,
* patches/icedtea-LCMS-setTagData.patch,
* patches/icedtea-color-createcontext.patch,
* patches/icedtea-hotspot-params-cast-size_t.patch,
* patches/icedtea-hotspot-use-idx_t.patch,
* patches/icedtea-hotspot7-build-fixes.patch,
* patches/icedtea-lcms-leak.patch,
* patches/icedtea-lucene-crash.patch,
* patches/icedtea-signed-types-hot6.patch,
* patches/icedtea-static-libstdc++.patch:
Remove unused patches.
author | Andrew John Hughes <ahughes@redhat.com> |
---|---|
date | Fri, 10 Dec 2010 13:43:00 +0000 |
parents | 464f7b987fb6 |
children | ee7d7790fcc7 |
files | ChangeLog NEWS patches/hotspot/default/icedtea-gcc-4.3.patch patches/hotspot/default/icedtea-sparc-buildfixes.patch patches/icedtea-6484091.patch patches/icedtea-6497740.patch patches/icedtea-6588160.patch patches/icedtea-6700047-loopopts.patch patches/icedtea-6712835-ifnode.patch patches/icedtea-6721753.patch patches/icedtea-6726779.patch patches/icedtea-6734167.patch patches/icedtea-6766136.patch patches/icedtea-LCMS-setTagData.patch patches/icedtea-color-createcontext.patch patches/icedtea-hotspot-params-cast-size_t.patch patches/icedtea-hotspot-use-idx_t.patch patches/icedtea-hotspot7-build-fixes.patch patches/icedtea-lcms-leak.patch patches/icedtea-lucene-crash.patch patches/icedtea-signed-types-hot6.patch patches/icedtea-static-libstdc++.patch |
diffstat | 22 files changed, 26 insertions(+), 3026 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Thu Dec 09 17:41:47 2010 +0000 +++ b/ChangeLog Fri Dec 10 13:43:00 2010 +0000 @@ -1,3 +1,27 @@ +2010-12-09 Andrew John Hughes <ahughes@redhat.com> + + * patches/hotspot/default/icedtea-gcc-4.3.patch, + * patches/hotspot/default/icedtea-sparc-buildfixes.patch, + * patches/icedtea-6484091.patch, + * patches/icedtea-6497740.patch, + * patches/icedtea-6588160.patch, + * patches/icedtea-6700047-loopopts.patch, + * patches/icedtea-6712835-ifnode.patch, + * patches/icedtea-6721753.patch, + * patches/icedtea-6726779.patch, + * patches/icedtea-6734167.patch, + * patches/icedtea-6766136.patch, + * patches/icedtea-LCMS-setTagData.patch, + * patches/icedtea-color-createcontext.patch, + * patches/icedtea-hotspot-params-cast-size_t.patch, + * patches/icedtea-hotspot-use-idx_t.patch, + * patches/icedtea-hotspot7-build-fixes.patch, + * patches/icedtea-lcms-leak.patch, + * patches/icedtea-lucene-crash.patch, + * patches/icedtea-signed-types-hot6.patch, + * patches/icedtea-static-libstdc++.patch: + Remove unused patches. + 2010-12-09 Andrew John Hughes <ahughes@redhat.com> Remove NetX and the IcedTea plugin; now developed
--- a/NEWS Thu Dec 09 17:41:47 2010 +0000 +++ b/NEWS Fri Dec 10 13:43:00 2010 +0000 @@ -1,5 +1,7 @@ New in release 1.14 (XXXX-XX-XX) +* NetX and the plugin moved to the IcedTea-Web project with a separate + release cycle. * Zero/Shark - Match Shark in icedtea6, makes OSR work by removing vestigal check. - LLVM 2.7 non-product fixes.
--- a/patches/hotspot/default/icedtea-gcc-4.3.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,54 +0,0 @@ -diff -Nru openjdk.orig/hotspot/make/linux/makefiles/gcc.make openjdk/hotspot/make/linux/makefiles/gcc.make ---- openjdk.orig/hotspot/make/linux/makefiles/gcc.make 2008-12-01 12:06:51.000000000 +0000 -+++ openjdk/hotspot/make/linux/makefiles/gcc.make 2008-12-01 12:27:08.000000000 +0000 -@@ -98,7 +98,7 @@ - endif - - # Compiler warnings are treated as errors --WARNINGS_ARE_ERRORS = -Werror -+# WARNINGS_ARE_ERRORS = -Werror - - # Except for a few acceptable ones - # Since GCC 4.3, -Wconversion has changed its meanings to warn these implicit -diff -Nru openjdk.orig/hotspot/make/solaris/makefiles/gcc.make openjdk/hotspot/make/solaris/makefiles/gcc.make ---- openjdk.orig/hotspot/make/solaris/makefiles/gcc.make 2008-11-22 00:11:18.000000000 +0000 -+++ openjdk/hotspot/make/solaris/makefiles/gcc.make 2008-12-01 12:25:10.000000000 +0000 -@@ -109,7 +109,8 @@ - - - # Compiler warnings are treated as errors --WARNINGS_ARE_ERRORS = -Werror -+# Commented out for now because of gcc 4.3 warnings OpenJDK isn't ready for -+# WARNINGS_ARE_ERRORS = -Werror - # Enable these warnings. See 'info gcc' about details on these options - ADDITIONAL_WARNINGS = -Wpointer-arith -Wconversion -Wsign-compare - CFLAGS_WARN/DEFAULT = $(WARNINGS_ARE_ERRORS) $(ADDITIONAL_WARNINGS) -diff -Nru openjdk.orig/hotspot/src/share/vm/adlc/filebuff.cpp openjdk/hotspot/src/share/vm/adlc/filebuff.cpp ---- openjdk.orig/hotspot/src/share/vm/adlc/filebuff.cpp 2008-11-22 00:11:18.000000000 +0000 -+++ openjdk/hotspot/src/share/vm/adlc/filebuff.cpp 2008-12-01 12:25:10.000000000 +0000 -@@ -25,6 +25,8 @@ - // FILEBUFF.CPP - Routines for handling a parser file buffer - #include "adlc.hpp" - -+using namespace std; -+ - //------------------------------FileBuff--------------------------------------- - // Create a new parsing buffer - FileBuff::FileBuff( BufferedFile *fptr, ArchDesc& archDesc) : _fp(fptr), _AD(archDesc) { -diff -Nru openjdk.orig/hotspot/src/share/vm/adlc/filebuff.hpp openjdk/hotspot/src/share/vm/adlc/filebuff.hpp ---- openjdk.orig/hotspot/src/share/vm/adlc/filebuff.hpp 2008-11-22 00:11:18.000000000 +0000 -+++ openjdk/hotspot/src/share/vm/adlc/filebuff.hpp 2008-12-01 12:25:10.000000000 +0000 -@@ -94,8 +94,11 @@ - FileBuffRegion *copy(); // Deep copy - FileBuffRegion *merge(FileBuffRegion*); // Merge 2 regions; delete input - --// void print(std::ostream&); --// friend std::ostream& operator<< (std::ostream&, FileBuffRegion&); -+#if defined(__GNUC__) && __GNUC__ >= 3 -+ void print(std::ostream&); -+ friend std::ostream& operator<< (std::ostream&, FileBuffRegion&); -+#else - void print(ostream&); - friend ostream& operator<< (ostream&, FileBuffRegion&); -+#endif - };
--- a/patches/hotspot/default/icedtea-sparc-buildfixes.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,35 +0,0 @@ ---- openjdk/hotspot/make/linux/makefiles/gcc.make.orig 2008-12-04 20:29:08.000000000 +0000 -+++ openjdk/hotspot/make/linux/makefiles/gcc.make 2008-12-04 20:32:54.000000000 +0000 -@@ -52,6 +52,10 @@ - PICFLAG = -fpic - endif - -+ifneq ($(filter sparc sparcv9,$(BUILDARCH)),) -+PICFLAG = -fPIC -+endif -+ - VM_PICFLAG/LIBJVM = $(PICFLAG) - VM_PICFLAG/AOUT = - VM_PICFLAG = $(VM_PICFLAG/$(LINK_INTO)) ---- openjdk/hotspot/make/linux/makefiles/defs.make.orig 2008-12-04 20:29:04.000000000 +0000 -+++ openjdk/hotspot/make/linux/makefiles/defs.make 2008-12-04 20:32:54.000000000 +0000 -@@ -59,7 +59,7 @@ - endif - - # sparc --ifeq ($(ARCH), sparc64) -+ifneq (,$(filter $(ARCH), sparc sparc64)) - ifeq ($(ARCH_DATA_MODEL), 64) - ARCH_DATA_MODEL = 64 - MAKE_ARGS += LP64=1 ---- openjdk/hotspot/src/cpu/sparc/vm/frame_sparc.hpp.orig 2008-12-04 20:32:19.000000000 +0000 -+++ openjdk/hotspot/src/cpu/sparc/vm/frame_sparc.hpp 2008-12-04 20:32:54.000000000 +0000 -@@ -264,7 +264,7 @@ - - private: - -- constantPoolCacheOop* frame::interpreter_frame_cpoolcache_addr() const; -+ constantPoolCacheOop* interpreter_frame_cpoolcache_addr() const; - - #ifndef CC_INTERP -
--- a/patches/icedtea-6484091.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,119 +0,0 @@ -diff -Nru openjdk.orig/jdk/src/share/classes/com/sun/java/swing/plaf/windows/WindowsFileChooserUI.java openjdk/jdk/src/share/classes/com/sun/java/swing/plaf/windows/WindowsFileChooserUI.java ---- openjdk.orig/jdk/src/share/classes/com/sun/java/swing/plaf/windows/WindowsFileChooserUI.java 2008-12-02 14:54:58.000000000 +0000 -+++ openjdk/jdk/src/share/classes/com/sun/java/swing/plaf/windows/WindowsFileChooserUI.java 2008-12-02 15:12:35.000000000 +0000 -@@ -39,6 +39,8 @@ - import java.io.FileNotFoundException; - import java.io.IOException; - import java.util.*; -+import java.security.AccessController; -+import java.security.PrivilegedAction; - - import sun.awt.shell.ShellFolder; - import sun.awt.OSInfo; -@@ -1153,7 +1155,11 @@ - - File[] baseFolders; - if (useShellFolder) { -- baseFolders = (File[])ShellFolder.get("fileChooserComboBoxFolders"); -+ baseFolders = AccessController.doPrivileged(new PrivilegedAction<File[]>() { -+ public File[] run() { -+ return (File[]) ShellFolder.get("fileChooserComboBoxFolders"); -+ } -+ }); - } else { - baseFolders = fsv.getRoots(); - } -diff -Nru openjdk.orig/jdk/src/share/classes/javax/swing/plaf/metal/MetalFileChooserUI.java openjdk/jdk/src/share/classes/javax/swing/plaf/metal/MetalFileChooserUI.java ---- openjdk.orig/jdk/src/share/classes/javax/swing/plaf/metal/MetalFileChooserUI.java 2008-12-02 14:55:11.000000000 +0000 -+++ openjdk/jdk/src/share/classes/javax/swing/plaf/metal/MetalFileChooserUI.java 2008-12-02 15:12:35.000000000 +0000 -@@ -38,6 +38,8 @@ - import java.io.FileNotFoundException; - import java.io.IOException; - import java.util.*; -+import java.security.AccessController; -+import java.security.PrivilegedAction; - import javax.accessibility.*; - - import sun.awt.shell.ShellFolder; -@@ -957,7 +959,11 @@ - - File[] baseFolders; - if (useShellFolder) { -- baseFolders = (File[])ShellFolder.get("fileChooserComboBoxFolders"); -+ baseFolders = AccessController.doPrivileged(new PrivilegedAction<File[]>() { -+ public File[] run() { -+ return (File[]) ShellFolder.get("fileChooserComboBoxFolders"); -+ } -+ }); - } else { - baseFolders = fsv.getRoots(); - } -diff -Nru openjdk.orig/jdk/src/share/classes/sun/swing/plaf/synth/SynthFileChooserUIImpl.java openjdk/jdk/src/share/classes/sun/swing/plaf/synth/SynthFileChooserUIImpl.java ---- openjdk.orig/jdk/src/share/classes/sun/swing/plaf/synth/SynthFileChooserUIImpl.java 2008-12-02 14:55:05.000000000 +0000 -+++ openjdk/jdk/src/share/classes/sun/swing/plaf/synth/SynthFileChooserUIImpl.java 2008-12-02 15:12:35.000000000 +0000 -@@ -29,6 +29,8 @@ - import java.beans.*; - import java.io.*; - import java.util.*; -+import java.security.AccessController; -+import java.security.PrivilegedAction; - - import javax.swing.*; - import javax.swing.event.*; -@@ -769,7 +771,11 @@ - - File[] baseFolders; - if (useShellFolder) { -- baseFolders = (File[])ShellFolder.get("fileChooserComboBoxFolders"); -+ baseFolders = AccessController.doPrivileged(new PrivilegedAction<File[]>() { -+ public File[] run() { -+ return (File[]) ShellFolder.get("fileChooserComboBoxFolders"); -+ } -+ }); - } else { - baseFolders = fsv.getRoots(); - } -diff -Nru openjdk.orig/jdk/test/javax/swing/JFileChooser/6484091/bug6484091.java openjdk/jdk/test/javax/swing/JFileChooser/6484091/bug6484091.java ---- openjdk.orig/jdk/test/javax/swing/JFileChooser/6484091/bug6484091.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/test/javax/swing/JFileChooser/6484091/bug6484091.java 2008-12-02 15:12:35.000000000 +0000 -@@ -0,0 +1,40 @@ -+/* @test @(#)bug6484091.java 1.1 08/11/18 -+ * @bug 6484091 -+ * @summary FileSystemView leaks directory info -+ * @author Pavel Porvatov -+ @run main bug6484091 -+ */ -+ -+import java.io.*; -+import java.security.AccessControlException; -+import javax.swing.filechooser.FileSystemView; -+import javax.swing.*; -+ -+import sun.awt.shell.ShellFolder; -+ -+public class bug6484091 { -+ public static void main(String[] args) { -+ ShellFolder dir = (ShellFolder) FileSystemView.getFileSystemView().getDefaultDirectory(); -+ -+ printDirContent(dir); -+ -+ System.setSecurityManager(new SecurityManager()); -+ -+ // The next test cases use 'dir' obtained without SecurityManager -+ try { -+ printDirContent(dir); -+ -+ throw new RuntimeException("Dir content was derived bypass SecurityManager"); -+ } catch (AccessControlException e) { -+ // It's a successful situation -+ } -+ } -+ -+ private static void printDirContent(File dir) { -+ System.out.println("Files in " + dir.getAbsolutePath() + ":"); -+ -+ for (File file : dir.listFiles()) { -+ System.out.println(file.getName()); -+ } -+ } -+}
--- a/patches/icedtea-6497740.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1557 +0,0 @@ -diff -Nru openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java openjdk/jdk/src/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java ---- openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java 2008-12-02 15:15:13.000000000 +0000 -+++ openjdk/jdk/src/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java 2008-12-02 15:22:50.000000000 +0000 -@@ -1,5 +1,5 @@ - /* -- * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. -+ * Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -38,6 +38,8 @@ - import sun.security.pkcs11.wrapper.*; - import static sun.security.pkcs11.wrapper.PKCS11Constants.*; - -+import sun.security.rsa.RSAKeyFactory; -+ - /** - * KeyPairGenerator implementation class. This class currently supports - * RSA, DSA, DH, and EC. -@@ -66,7 +68,7 @@ - private AlgorithmParameterSpec params; - - // for RSA, selected or default value of public exponent, always valid -- private BigInteger rsaPublicExponent; -+ private BigInteger rsaPublicExponent = RSAKeyGenParameterSpec.F4; - - // SecureRandom instance, if specified in init - private SecureRandom random; -@@ -88,19 +90,19 @@ - public void initialize(int keySize, SecureRandom random) { - token.ensureValid(); - try { -- checkKeySize(keySize); -+ checkKeySize(keySize, null); - } catch (InvalidAlgorithmParameterException e) { - throw new InvalidParameterException(e.getMessage()); - } - this.keySize = keySize; - this.params = null; - this.random = random; -- this.rsaPublicExponent = RSAKeyGenParameterSpec.F4; - if (algorithm.equals("EC")) { - params = P11ECKeyFactory.getECParameterSpec(keySize); - if (params == null) { -- throw new InvalidParameterException -- ("No EC parameters available for key size " + keySize + " bits"); -+ throw new InvalidParameterException( -+ "No EC parameters available for key size " -+ + keySize + " bits"); - } - } - } -@@ -115,8 +117,10 @@ - ("DHParameterSpec required for Diffie-Hellman"); - } - DHParameterSpec dhParams = (DHParameterSpec)params; -- this.keySize = dhParams.getP().bitLength(); -- this.params = params; -+ int tmpKeySize = dhParams.getP().bitLength(); -+ checkKeySize(tmpKeySize, dhParams); -+ this.keySize = tmpKeySize; -+ this.params = dhParams; - // XXX sanity check params - } else if (algorithm.equals("RSA")) { - if (params instanceof RSAKeyGenParameterSpec == false) { -@@ -124,7 +128,9 @@ - ("RSAKeyGenParameterSpec required for RSA"); - } - RSAKeyGenParameterSpec rsaParams = (RSAKeyGenParameterSpec)params; -- this.keySize = rsaParams.getKeysize(); -+ int tmpKeySize = rsaParams.getKeysize(); -+ checkKeySize(tmpKeySize, rsaParams); -+ this.keySize = tmpKeySize; - this.params = null; - this.rsaPublicExponent = rsaParams.getPublicExponent(); - // XXX sanity check params -@@ -134,13 +140,16 @@ - ("DSAParameterSpec required for DSA"); - } - DSAParameterSpec dsaParams = (DSAParameterSpec)params; -- this.keySize = dsaParams.getP().bitLength(); -- this.params = params; -+ int tmpKeySize = dsaParams.getP().bitLength(); -+ checkKeySize(tmpKeySize, dsaParams); -+ this.keySize = tmpKeySize; -+ this.params = dsaParams; - // XXX sanity check params - } else if (algorithm.equals("EC")) { - ECParameterSpec ecParams; - if (params instanceof ECParameterSpec) { -- ecParams = P11ECKeyFactory.getECParameterSpec((ECParameterSpec)params); -+ ecParams = P11ECKeyFactory.getECParameterSpec( -+ (ECParameterSpec)params); - if (ecParams == null) { - throw new InvalidAlgorithmParameterException - ("Unsupported curve: " + params); -@@ -156,16 +165,17 @@ - throw new InvalidAlgorithmParameterException - ("ECParameterSpec or ECGenParameterSpec required for EC"); - } -- this.keySize = ecParams.getCurve().getField().getFieldSize(); -+ int tmpKeySize = ecParams.getCurve().getField().getFieldSize(); -+ checkKeySize(tmpKeySize, ecParams); -+ this.keySize = tmpKeySize; - this.params = ecParams; - } else { - throw new ProviderException("Unknown algorithm: " + algorithm); - } - this.random = random; -- checkKeySize(keySize); - } - -- private void checkKeySize(int keySize) -+ private void checkKeySize(int keySize, AlgorithmParameterSpec params) - throws InvalidAlgorithmParameterException { - if (algorithm.equals("EC")) { - if (keySize < 112) { -@@ -178,13 +188,28 @@ - ("Key size must be at most 2048 bit"); - } - return; -+ } else if (algorithm.equals("RSA")) { -+ BigInteger tmpExponent = rsaPublicExponent; -+ if (params != null) { -+ // Already tested for instanceof RSAKeyGenParameterSpec above -+ tmpExponent = -+ ((RSAKeyGenParameterSpec)params).getPublicExponent(); -+ } -+ try { -+ // This provider supports 64K or less. -+ RSAKeyFactory.checkKeyLengths(keySize, tmpExponent, -+ 512, 64 * 1024); -+ } catch (InvalidKeyException e) { -+ throw new InvalidAlgorithmParameterException(e.getMessage()); -+ } -+ return; - } -+ - if (keySize < 512) { - throw new InvalidAlgorithmParameterException - ("Key size must be at least 512 bit"); - } -- if (algorithm.equals("RSA") || -- (algorithm.equals("DH") && (params != null))) { -+ if (algorithm.equals("DH") && (params != null)) { - // sanity check, nobody really wants keys this large - if (keySize > 64 * 1024) { - throw new InvalidAlgorithmParameterException -diff -Nru openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/P11RSAKeyFactory.java openjdk/jdk/src/share/classes/sun/security/pkcs11/P11RSAKeyFactory.java ---- openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/P11RSAKeyFactory.java 2008-12-02 15:15:13.000000000 +0000 -+++ openjdk/jdk/src/share/classes/sun/security/pkcs11/P11RSAKeyFactory.java 2008-12-02 15:22:50.000000000 +0000 -@@ -1,5 +1,5 @@ - /* -- * Copyright 2003 Sun Microsystems, Inc. All Rights Reserved. -+ * Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -35,6 +35,8 @@ - import sun.security.pkcs11.wrapper.*; - import static sun.security.pkcs11.wrapper.PKCS11Constants.*; - -+import sun.security.rsa.RSAKeyFactory; -+ - /** - * RSA KeyFactory implemenation. - * -@@ -131,6 +133,9 @@ - } catch (PKCS11Exception e) { - throw new InvalidKeySpecException - ("Could not create RSA public key", e); -+ } catch (InvalidKeyException e) { -+ throw new InvalidKeySpecException -+ ("Could not create RSA public key", e); - } - } - -@@ -175,11 +180,15 @@ - } catch (PKCS11Exception e) { - throw new InvalidKeySpecException - ("Could not create RSA private key", e); -+ } catch (InvalidKeyException e) { -+ throw new InvalidKeySpecException -+ ("Could not create RSA private key", e); - } - } - - private PublicKey generatePublic(BigInteger n, BigInteger e) -- throws PKCS11Exception { -+ throws PKCS11Exception, InvalidKeyException { -+ RSAKeyFactory.checkKeyLengths(n.bitLength(), e, -1, 64 * 1024); - CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { - new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY), - new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA), -@@ -200,7 +209,8 @@ - } - - private PrivateKey generatePrivate(BigInteger n, BigInteger d) -- throws PKCS11Exception { -+ throws PKCS11Exception, InvalidKeyException { -+ RSAKeyFactory.checkKeyLengths(n.bitLength(), null, -1, 64 * 1024); - CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { - new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY), - new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA), -@@ -222,7 +232,9 @@ - - private PrivateKey generatePrivate(BigInteger n, BigInteger e, - BigInteger d, BigInteger p, BigInteger q, BigInteger pe, -- BigInteger qe, BigInteger coeff) throws PKCS11Exception { -+ BigInteger qe, BigInteger coeff) throws PKCS11Exception, -+ InvalidKeyException { -+ RSAKeyFactory.checkKeyLengths(n.bitLength(), e, -1, 64 * 1024); - CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { - new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY), - new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_RSA), -diff -Nru openjdk.orig/jdk/src/share/classes/sun/security/rsa/RSAKeyFactory.java openjdk/jdk/src/share/classes/sun/security/rsa/RSAKeyFactory.java ---- openjdk.orig/jdk/src/share/classes/sun/security/rsa/RSAKeyFactory.java 2008-12-02 15:15:10.000000000 +0000 -+++ openjdk/jdk/src/share/classes/sun/security/rsa/RSAKeyFactory.java 2008-12-02 15:22:50.000000000 +0000 -@@ -1,5 +1,5 @@ - /* -- * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved. -+ * Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -31,6 +31,8 @@ - import java.security.interfaces.*; - import java.security.spec.*; - -+import sun.security.action.GetPropertyAction; -+ - /** - * KeyFactory for RSA keys. Keys must be instances of PublicKey or PrivateKey - * and getAlgorithm() must return "RSA". For such keys, it supports conversion -@@ -68,6 +70,24 @@ - private final static Class<?> x509KeySpecClass = X509EncodedKeySpec.class; - private final static Class<?> pkcs8KeySpecClass = PKCS8EncodedKeySpec.class; - -+ public final static int MIN_MODLEN = 512; -+ public final static int MAX_MODLEN = 16384; -+ -+ /* -+ * If the modulus length is above this value, restrict the size of -+ * the exponent to something that can be reasonably computed. We -+ * could simply hardcode the exp len to something like 64 bits, but -+ * this approach allows flexibility in case impls would like to use -+ * larger module and exponent values. -+ */ -+ public final static int MAX_MODLEN_RESTRICT_EXP = 3072; -+ public final static int MAX_RESTRICTED_EXPLEN = 64; -+ -+ private static final boolean restrictExpLen = -+ "true".equalsIgnoreCase(AccessController.doPrivileged( -+ new GetPropertyAction( -+ "sun.security.rsa.restrictRSAExponent", "true"))); -+ - // instance used for static translateKey(); - private final static RSAKeyFactory INSTANCE = new RSAKeyFactory(); - -@@ -76,74 +96,79 @@ - } - - /** -- * Static method to convert Key into a useable instance of -- * RSAPublicKey or RSAPrivate(Crt)Key. Check the key and convert it -- * to a SunRsaSign key if necessary. If the key is not an RSA key -- * or cannot be used, throw an InvalidKeyException. -- * -- * The difference between this method and engineTranslateKey() is that -- * we do not convert keys of other providers that are already an -- * instance of RSAPublicKey or RSAPrivate(Crt)Key. -+ * Static method to convert Key into an instance of RSAPublicKeyImpl -+ * or RSAPrivate(Crt)KeyImpl. If the key is not an RSA key or cannot be -+ * used, throw an InvalidKeyException. - * - * Used by RSASignature and RSACipher. - */ - public static RSAKey toRSAKey(Key key) throws InvalidKeyException { -- if (key instanceof RSAKey) { -- RSAKey rsaKey = (RSAKey)key; -- checkKey(rsaKey); -- return rsaKey; -+ if ((key instanceof RSAPrivateKeyImpl) || -+ (key instanceof RSAPrivateCrtKeyImpl) || -+ (key instanceof RSAPublicKeyImpl)) { -+ return (RSAKey)key; - } else { - return (RSAKey)INSTANCE.engineTranslateKey(key); - } - } - -- /** -- * Check that the given RSA key is valid. -+ /* -+ * Single test entry point for all of the mechanisms in the SunRsaSign -+ * provider (RSA*KeyImpls). All of the tests are the same. -+ * -+ * For compatibility, we round up to the nearest byte here: -+ * some Key impls might pass in a value within a byte of the -+ * real value. - */ -- private static void checkKey(RSAKey key) throws InvalidKeyException { -- // check for subinterfaces, omit additional checks for our keys -- if (key instanceof RSAPublicKey) { -- if (key instanceof RSAPublicKeyImpl) { -- return; -- } -- } else if (key instanceof RSAPrivateKey) { -- if ((key instanceof RSAPrivateCrtKeyImpl) -- || (key instanceof RSAPrivateKeyImpl)) { -- return; -- } -- } else { -- throw new InvalidKeyException("Neither a public nor a private key"); -- } -- // RSAKey does not extend Key, so we need to do a cast -- String keyAlg = ((Key)key).getAlgorithm(); -- if (keyAlg.equals("RSA") == false) { -- throw new InvalidKeyException("Not an RSA key: " + keyAlg); -- } -- BigInteger modulus; -- // some providers implement RSAKey for keys where the values are -- // not accessible (although they should). Detect those here -- // for a more graceful failure. -- try { -- modulus = key.getModulus(); -- if (modulus == null) { -- throw new InvalidKeyException("Modulus is missing"); -- } -- } catch (RuntimeException e) { -- throw new InvalidKeyException(e); -- } -- checkKeyLength(modulus); -+ static void checkRSAProviderKeyLengths(int modulusLen, BigInteger exponent) -+ throws InvalidKeyException { -+ checkKeyLengths(((modulusLen + 7) & ~7), exponent, -+ RSAKeyFactory.MIN_MODLEN, Integer.MAX_VALUE); - } - - /** -- * Check the length of the modulus of an RSA key. We only support keys -- * at least 505 bits long. -+ * Check the length of an RSA key modulus/exponent to make sure it -+ * is not too short or long. Some impls have their own min and -+ * max key sizes that may or may not match with a system defined value. -+ * -+ * @param modulusLen the bit length of the RSA modulus. -+ * @param exponent the RSA exponent -+ * @param minModulusLen if > 0, check to see if modulusLen is at -+ * least this long, otherwise unused. -+ * @param maxModulusLen caller will allow this max number of bits. -+ * Allow the smaller of the system-defined maximum and this param. -+ * -+ * @throws InvalidKeyException if any of the values are unacceptable. - */ -- static void checkKeyLength(BigInteger modulus) throws InvalidKeyException { -- if (modulus.bitLength() < 505) { -- // some providers may generate slightly shorter keys -- // accept them if the encoding is at least 64 bytes long -- throw new InvalidKeyException -- ("RSA keys must be at least 512 bits long"); -+ public static void checkKeyLengths(int modulusLen, BigInteger exponent, -+ int minModulusLen, int maxModulusLen) throws InvalidKeyException { -+ -+ if ((minModulusLen > 0) && (modulusLen < (minModulusLen))) { -+ throw new InvalidKeyException( "RSA keys must be at least " + -+ minModulusLen + " bits long"); -+ } -+ -+ // Even though our policy file may allow this, we don't want -+ // either value (mod/exp) to be too big. -+ -+ int maxLen = Math.min(maxModulusLen, MAX_MODLEN); -+ -+ // If a RSAPrivateKey/RSAPublicKey, make sure the -+ // modulus len isn't too big. -+ if (modulusLen > maxLen) { -+ throw new InvalidKeyException( -+ "RSA keys must be no longer than " + maxLen + " bits"); -+ } -+ -+ // If a RSAPublicKey, make sure the exponent isn't too big. -+ if (restrictExpLen && (exponent != null) && -+ (modulusLen > MAX_MODLEN_RESTRICT_EXP) && -+ (exponent.bitLength() > MAX_RESTRICTED_EXPLEN)) { -+ throw new InvalidKeyException( -+ "RSA exponents can be no longer than " + -+ MAX_RESTRICTED_EXPLEN + " bits " + -+ " if modulus is greater than " + -+ MAX_MODLEN_RESTRICT_EXP + " bits"); - } - } - -diff -Nru openjdk.orig/jdk/src/share/classes/sun/security/rsa/RSAKeyPairGenerator.java openjdk/jdk/src/share/classes/sun/security/rsa/RSAKeyPairGenerator.java ---- openjdk.orig/jdk/src/share/classes/sun/security/rsa/RSAKeyPairGenerator.java 2008-12-02 15:15:10.000000000 +0000 -+++ openjdk/jdk/src/share/classes/sun/security/rsa/RSAKeyPairGenerator.java 2008-12-02 15:22:50.000000000 +0000 -@@ -1,5 +1,5 @@ - /* -- * Copyright 2003-2004 Sun Microsystems, Inc. All Rights Reserved. -+ * Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -47,7 +47,7 @@ - // public exponent to use - private BigInteger publicExponent; - -- // size of the key to generate, >= 512 -+ // size of the key to generate, >= RSAKeyFactory.MIN_MODLEN - private int keySize; - - // PRNG to use -@@ -60,15 +60,16 @@ - - // initialize the generator. See JCA doc - public void initialize(int keySize, SecureRandom random) { -- if (keySize < 512) { -- throw new InvalidParameterException -- ("Key size must be at least 512 bits"); -- } -- if (keySize > 64 * 1024) { -- // do not allow unreasonably large key sizes, probably user error -- throw new InvalidParameterException -- ("Key size must be 65536 bits or less"); -+ -+ // do not allow unreasonably small or large key sizes, -+ // probably user error -+ try { -+ RSAKeyFactory.checkKeyLengths(keySize, RSAKeyGenParameterSpec.F4, -+ 512, 64 * 1024); -+ } catch (InvalidKeyException e) { -+ throw new InvalidParameterException(e.getMessage()); - } -+ - this.keySize = keySize; - this.random = random; - this.publicExponent = RSAKeyGenParameterSpec.F4; -@@ -77,35 +78,41 @@ - // second initialize method. See JCA doc. - public void initialize(AlgorithmParameterSpec params, SecureRandom random) - throws InvalidAlgorithmParameterException { -+ - if (params instanceof RSAKeyGenParameterSpec == false) { - throw new InvalidAlgorithmParameterException - ("Params must be instance of RSAKeyGenParameterSpec"); - } -+ - RSAKeyGenParameterSpec rsaSpec = (RSAKeyGenParameterSpec)params; -- keySize = rsaSpec.getKeysize(); -- publicExponent = rsaSpec.getPublicExponent(); -- this.random = random; -- if (keySize < 512) { -- throw new InvalidAlgorithmParameterException -- ("Key size must be at least 512 bits"); -- } -- if (keySize > 64 * 1024) { -- // do not allow unreasonably large key sizes, probably user error -- throw new InvalidAlgorithmParameterException -- ("Key size must be 65536 bits or less"); -- } -- if (publicExponent == null) { -- publicExponent = RSAKeyGenParameterSpec.F4; -+ int tmpKeySize = rsaSpec.getKeysize(); -+ BigInteger tmpPublicExponent = rsaSpec.getPublicExponent(); -+ -+ if (tmpPublicExponent == null) { -+ tmpPublicExponent = RSAKeyGenParameterSpec.F4; - } else { -- if (publicExponent.compareTo(RSAKeyGenParameterSpec.F0) < 0) { -+ if (tmpPublicExponent.compareTo(RSAKeyGenParameterSpec.F0) < 0) { - throw new InvalidAlgorithmParameterException - ("Public exponent must be 3 or larger"); - } -- if (publicExponent.bitLength() > keySize) { -+ if (tmpPublicExponent.bitLength() > tmpKeySize) { - throw new InvalidAlgorithmParameterException - ("Public exponent must be smaller than key size"); - } - } -+ -+ // do not allow unreasonably large key sizes, probably user error -+ try { -+ RSAKeyFactory.checkKeyLengths(tmpKeySize, tmpPublicExponent, -+ 512, 64 * 1024); -+ } catch (InvalidKeyException e) { -+ throw new InvalidAlgorithmParameterException( -+ "Invalid key sizes", e); -+ } -+ -+ this.keySize = tmpKeySize; -+ this.publicExponent = tmpPublicExponent; -+ this.random = random; - } - - // generate the keypair. See JCA doc -diff -Nru openjdk.orig/jdk/src/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java openjdk/jdk/src/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java ---- openjdk.orig/jdk/src/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java 2008-12-02 15:15:10.000000000 +0000 -+++ openjdk/jdk/src/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java 2008-12-02 15:22:50.000000000 +0000 -@@ -1,5 +1,5 @@ - /* -- * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. -+ * Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -89,7 +89,7 @@ - */ - RSAPrivateCrtKeyImpl(byte[] encoded) throws InvalidKeyException { - decode(encoded); -- RSAKeyFactory.checkKeyLength(n); -+ RSAKeyFactory.checkRSAProviderKeyLengths(n.bitLength(), e); - } - - /** -@@ -107,7 +107,8 @@ - this.pe = pe; - this.qe = qe; - this.coeff = coeff; -- RSAKeyFactory.checkKeyLength(n); -+ RSAKeyFactory.checkRSAProviderKeyLengths(n.bitLength(), e); -+ - // generate the encoding - algid = rsaId; - try { -diff -Nru openjdk.orig/jdk/src/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java openjdk/jdk/src/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java ---- openjdk.orig/jdk/src/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java 2008-12-02 15:15:10.000000000 +0000 -+++ openjdk/jdk/src/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java 2008-12-02 15:22:50.000000000 +0000 -@@ -1,5 +1,5 @@ - /* -- * Copyright 2003 Sun Microsystems, Inc. All Rights Reserved. -+ * Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -61,7 +61,7 @@ - RSAPrivateKeyImpl(BigInteger n, BigInteger d) throws InvalidKeyException { - this.n = n; - this.d = d; -- RSAKeyFactory.checkKeyLength(n); -+ RSAKeyFactory.checkRSAProviderKeyLengths(n.bitLength(), null); - // generate the encoding - algid = RSAPrivateCrtKeyImpl.rsaId; - try { -diff -Nru openjdk.orig/jdk/src/share/classes/sun/security/rsa/RSAPublicKeyImpl.java openjdk/jdk/src/share/classes/sun/security/rsa/RSAPublicKeyImpl.java ---- openjdk.orig/jdk/src/share/classes/sun/security/rsa/RSAPublicKeyImpl.java 2008-12-02 15:15:10.000000000 +0000 -+++ openjdk/jdk/src/share/classes/sun/security/rsa/RSAPublicKeyImpl.java 2008-12-02 15:22:50.000000000 +0000 -@@ -1,5 +1,5 @@ - /* -- * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved. -+ * Copyright 2003-2008 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -56,10 +56,11 @@ - * Construct a key from its components. Used by the - * RSAKeyFactory and the RSAKeyPairGenerator. - */ -- public RSAPublicKeyImpl(BigInteger n, BigInteger e) throws InvalidKeyException { -+ public RSAPublicKeyImpl(BigInteger n, BigInteger e) -+ throws InvalidKeyException { - this.n = n; - this.e = e; -- RSAKeyFactory.checkKeyLength(n); -+ RSAKeyFactory.checkRSAProviderKeyLengths(n.bitLength(), e); - // generate the encoding - algid = RSAPrivateCrtKeyImpl.rsaId; - try { -@@ -80,7 +81,7 @@ - */ - public RSAPublicKeyImpl(byte[] encoded) throws InvalidKeyException { - decode(encoded); -- RSAKeyFactory.checkKeyLength(n); -+ RSAKeyFactory.checkRSAProviderKeyLengths(n.bitLength(), e); - } - - // see JCA doc -diff -Nru openjdk.orig/jdk/src/windows/classes/sun/security/mscapi/RSAKeyPairGenerator.java openjdk/jdk/src/windows/classes/sun/security/mscapi/RSAKeyPairGenerator.java ---- openjdk.orig/jdk/src/windows/classes/sun/security/mscapi/RSAKeyPairGenerator.java 2008-12-02 15:15:21.000000000 +0000 -+++ openjdk/jdk/src/windows/classes/sun/security/mscapi/RSAKeyPairGenerator.java 2008-12-02 15:22:50.000000000 +0000 -@@ -1,5 +1,5 @@ - /* -- * Copyright 2005 Sun Microsystems, Inc. All Rights Reserved. -+ * Copyright 2005-2008 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -31,6 +31,7 @@ - import java.security.spec.RSAKeyGenParameterSpec; - - import sun.security.jca.JCAUtil; -+import sun.security.rsa.RSAKeyFactory; - - /** - * RSA keypair generator. -@@ -43,8 +44,8 @@ - public final class RSAKeyPairGenerator extends KeyPairGeneratorSpi { - - // Supported by Microsoft Base, Strong and Enhanced Cryptographic Providers -- private static final int KEY_SIZE_MIN = 512; // disallow MSCAPI min. of 384 -- private static final int KEY_SIZE_MAX = 16384; -+ static final int KEY_SIZE_MIN = 512; // disallow MSCAPI min. of 384 -+ static final int KEY_SIZE_MAX = 16384; - private static final int KEY_SIZE_DEFAULT = 1024; - - // size of the key to generate, KEY_SIZE_MIN <= keySize <= KEY_SIZE_MAX -@@ -59,7 +60,14 @@ - // random is always ignored - public void initialize(int keySize, SecureRandom random) { - -- checkKeySize(keySize); -+ try { -+ RSAKeyFactory.checkKeyLengths(keySize, null, -+ KEY_SIZE_MIN, KEY_SIZE_MAX); -+ } catch (InvalidKeyException e) { -+ throw new InvalidParameterException(e.getMessage()); -+ } -+ -+ this.keySize = keySize; - } - - // second initialize method. See JCA doc -@@ -67,21 +75,31 @@ - public void initialize(AlgorithmParameterSpec params, SecureRandom random) - throws InvalidAlgorithmParameterException { - -+ int tmpSize; - if (params == null) { -- checkKeySize(KEY_SIZE_DEFAULT); -- -+ tmpSize = KEY_SIZE_DEFAULT; - } else if (params instanceof RSAKeyGenParameterSpec) { - - if (((RSAKeyGenParameterSpec) params).getPublicExponent() != null) { - throw new InvalidAlgorithmParameterException - ("Exponent parameter is not supported"); - } -- checkKeySize(((RSAKeyGenParameterSpec) params).getKeysize()); -+ tmpSize = ((RSAKeyGenParameterSpec) params).getKeysize(); - - } else { - throw new InvalidAlgorithmParameterException - ("Params must be an instance of RSAKeyGenParameterSpec"); - } -+ -+ try { -+ RSAKeyFactory.checkKeyLengths(tmpSize, null, -+ KEY_SIZE_MIN, KEY_SIZE_MAX); -+ } catch (InvalidKeyException e) { -+ throw new InvalidAlgorithmParameterException( -+ "Invalid Key sizes", e); -+ } -+ -+ this.keySize = tmpSize; - } - - // generate the keypair. See JCA doc -@@ -95,18 +113,6 @@ - return new KeyPair(keys.getPublic(), keys.getPrivate()); - } - -- private void checkKeySize(int keySize) throws InvalidParameterException { -- if (keySize < KEY_SIZE_MIN) { -- throw new InvalidParameterException -- ("Key size must be at least " + KEY_SIZE_MIN + " bits"); -- } -- if (keySize > KEY_SIZE_MAX) { -- throw new InvalidParameterException -- ("Key size must be " + KEY_SIZE_MAX + " bits or less"); -- } -- this.keySize = keySize; -- } -- - private static native RSAKeyPair generateRSAKeyPair(int keySize, - String keyContainerName); - } -diff -Nru openjdk.orig/jdk/src/windows/classes/sun/security/mscapi/RSASignature.java openjdk/jdk/src/windows/classes/sun/security/mscapi/RSASignature.java ---- openjdk.orig/jdk/src/windows/classes/sun/security/mscapi/RSASignature.java 2008-12-02 15:15:21.000000000 +0000 -+++ openjdk/jdk/src/windows/classes/sun/security/mscapi/RSASignature.java 2008-12-02 15:22:50.000000000 +0000 -@@ -1,5 +1,5 @@ - /* -- * Copyright 2005 Sun Microsystems, Inc. All Rights Reserved. -+ * Copyright 2005-2008 Sun Microsystems, Inc. All Rights Reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it -@@ -38,6 +38,9 @@ - import java.security.Signature; - import java.security.SignatureSpi; - import java.security.SignatureException; -+import java.math.BigInteger; -+ -+import sun.security.rsa.RSAKeyFactory; - - /** - * RSA signature implementation. Supports RSA signing using PKCS#1 v1.5 padding. -@@ -124,7 +127,16 @@ - - // convert key to MSCAPI format - -- byte[] modulusBytes = rsaKey.getModulus().toByteArray(); -+ BigInteger modulus = rsaKey.getModulus(); -+ BigInteger exponent = rsaKey.getPublicExponent(); -+ -+ // Check against the local and global values to make sure -+ // the sizes are ok. Round up to the nearest byte. -+ RSAKeyFactory.checkKeyLengths(((modulus.bitLength() + 7) & ~7), -+ exponent, -1, RSAKeyPairGenerator.KEY_SIZE_MAX); -+ -+ byte[] modulusBytes = modulus.toByteArray(); -+ byte[] exponentBytes = exponent.toByteArray(); - - // Adjust key length due to sign bit - int keyBitLength = (modulusBytes[0] == 0) -@@ -132,8 +144,7 @@ - : modulusBytes.length * 8; - - byte[] keyBlob = generatePublicKeyBlob( -- keyBitLength, modulusBytes, -- rsaKey.getPublicExponent().toByteArray()); -+ keyBitLength, modulusBytes, exponentBytes); - - publicKey = importPublicKey(keyBlob, keyBitLength); - -@@ -166,12 +177,11 @@ - } - privateKey = (sun.security.mscapi.RSAPrivateKey) key; - -- // Determine byte length from bit length -- int keySize = (privateKey.bitLength() + 7) >> 3; -- -- if (keySize < 64) -- throw new InvalidKeyException( -- "RSA keys must be at least 512 bits long"); -+ // Check against the local and global values to make sure -+ // the sizes are ok. Round up to nearest byte. -+ RSAKeyFactory.checkKeyLengths(((privateKey.bitLength() + 7) & ~7), -+ null, RSAKeyPairGenerator.KEY_SIZE_MIN, -+ RSAKeyPairGenerator.KEY_SIZE_MAX); - - if (needsReset) { - messageDigest.reset(); -diff -Nru openjdk.orig/jdk/test/closed/sun/security/rsa/sunpkcs11-solaris_enableSHA1withRSAsig.cfg openjdk/jdk/test/closed/sun/security/rsa/sunpkcs11-solaris_enableSHA1withRSAsig.cfg ---- openjdk.orig/jdk/test/closed/sun/security/rsa/sunpkcs11-solaris_enableSHA1withRSAsig.cfg 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/test/closed/sun/security/rsa/sunpkcs11-solaris_enableSHA1withRSAsig.cfg 2008-12-02 15:22:50.000000000 +0000 -@@ -0,0 +1,36 @@ -+# -+# Configuration file to allow the SunPKCS11 provider to utilize -+# the Solaris Cryptographic Framework, if it is available -+# -+ -+name = Solaris -+ -+description = SunPKCS11 accessing Solaris Cryptographic Framework -+ -+library = /usr/lib/$ISA/libpkcs11.so -+ -+handleStartupErrors = ignoreAll -+ -+attributes = compatibility -+ -+disabledMechanisms = { -+ CKM_MD2 -+ CKM_MD5 -+ CKM_SHA_1 -+ CKM_SHA256 -+ CKM_SHA384 -+ CKM_SHA512 -+ CKM_DSA_KEY_PAIR_GEN -+# KEY_AND_MAC_DERIVE disabled due to Solaris bug 6306708 -+ CKM_SSL3_KEY_AND_MAC_DERIVE -+ CKM_TLS_KEY_AND_MAC_DERIVE -+# the following mechanisms are disabled due to performance issues (Solaris bug 6337157) -+ CKM_DSA_SHA1 -+ CKM_MD5_RSA_PKCS -+# For testing purposes, we'll reenable this suite. -+# CKM_SHA1_RSA_PKCS -+ CKM_SHA256_RSA_PKCS -+ CKM_SHA384_RSA_PKCS -+ CKM_SHA512_RSA_PKCS -+} -+ -diff -Nru openjdk.orig/jdk/test/closed/sun/security/rsa/TestLimits.java openjdk/jdk/test/closed/sun/security/rsa/TestLimits.java ---- openjdk.orig/jdk/test/closed/sun/security/rsa/TestLimits.java 1970-01-01 01:00:00.000000000 +0100 -+++ openjdk/jdk/test/closed/sun/security/rsa/TestLimits.java 2008-12-02 15:22:50.000000000 +0000 -@@ -0,0 +1,772 @@ -+/** -+ * @test -+ * @bug 6497740 -+ * @summary Limit the size of RSA public keys -+ * @author Brad R. Wetmore -+ */ -+ -+/** -+ * Test the long RSA key restrictions. -+ * -+ * In many of the tests, I am not creating valid key or keyspecs, -+ * because they would take too long to generate, especially for the longer -+ * ones. Instead I'm just using values that will trigger the appropriate -+ * checks. -+ * -+ * This test uses two prebuilt keystores, one containing a 16385 bit key, -+ * which would take forever to generate during automatic testing. -+ * -+ * keytool -genkeypair -alias duke1 -keyalg RSA -keysize 1024 \ -+ * -validity 3650 -keystore keystore.good -+ * -+ * keytool -genkeypair -alias duke1 -keyalg RSA -keysize 16385 \ -+ * -validity 3650 -keystore keystore.bad -+ */ -+ -+import java.math.BigInteger; -+import java.util.Random; -+import java.security.*; -+import java.security.spec.*; -+import java.security.interfaces.*; -+import java.io.*; -+ -+// Obtain the current length values. -+import sun.security.rsa.RSAKeyFactory; -+ -+public class TestLimits { -+ -+ private final static String BASE = System.getProperty("test.src", "."); -+ -+ private static SecureRandom random = new SecureRandom(); -+ -+ private static final String SunRSA = "SunRsaSign"; -+ private static final String MSCAPI = "SunMSCAPI"; -+ private static final String P11 = "SunPKCS11-Solaris"; -+ -+ /* -+ * Helper method which generates simple keys of length len. -+ */ -+ private static BigInteger getBigInteger(int len) { -+ return BigInteger.ZERO.setBit(len - 1); -+ } -+ -+ /* -+ * Tests the RSAKeyPairGenerator.initialize(len) returns -+ * the right results. -+ */ -+ private static void testRSAKeyPairGeneratorLen(String provider, boolean b, -+ int len) throws Exception { -+ -+ System.out.println("testRSAKeyPairGeneratorLen.initialize: " + -+ len + " " + b + " " + provider); -+ -+ KeyPairGenerator kpg = -+ KeyPairGenerator.getInstance("RSA", provider); -+ try { -+ kpg.initialize(len); -+ if (!b) { -+ throw new Exception("Should have failed"); -+ } -+ } catch (InvalidParameterException e) { -+ if (b) { -+ throw new Exception("Should have passed", e); -+ } -+ } -+ kpg = KeyPairGenerator.getInstance("RSA", provider); -+ try { -+ kpg.initialize(len, random); -+ if (!b) { -+ throw new Exception("Should have failed"); -+ } -+ } catch (InvalidParameterException e) { -+ if (b) { -+ throw new Exception("Should have passed", e); -+ } -+ } -+ } -+ -+ /* -+ * Tests the RSAKeyPairGenerator.initialize(KeySpec) returns -+ * the right results. If expLen > 0, then create a -+ * corresponding value, otherwise, leave null. -+ */ -+ private static void testRSAKeyPairGeneratorSpec(String provider, -+ boolean b, int modLen, int expLen) throws Exception { -+ -+ System.out.println( -+ "testRSAKeyPairGeneratorSpec.initialize: " + -+ modLen + " " + expLen + " " + b + " " + provider); -+ -+ RSAKeyGenParameterSpec keySpec = new RSAKeyGenParameterSpec( -+ modLen, (expLen > 0) ? getBigInteger(expLen) : null); -+ -+ KeyPairGenerator kpg = -+ KeyPairGenerator.getInstance("RSA", provider); -+ try { -+ kpg.initialize(keySpec); -+ if (!b) { -+ throw new Exception("Should have failed"); -+ } -+ } catch (InvalidParameterException e) { -+ if (b) { -+ throw new Exception("Should have passed", e); -+ } -+ } catch (InvalidAlgorithmParameterException e) { -+ if (b) { -+ throw new Exception("Should have passed", e); -+ } -+ } -+ kpg = KeyPairGenerator.getInstance("RSA", provider); -+ try { -+ kpg.initialize(keySpec, random); -+ if (!b) { -+ throw new Exception("Should have failed"); -+ } -+ } catch (InvalidParameterException e) { -+ if (b) { -+ throw new Exception("Should have passed", e); -+ } -+ } catch (InvalidAlgorithmParameterException e) { -+ if (b) { -+ throw new Exception("Should have passed", e); -+ } -+ } -+ } -+ -+ /* -+ * Driver for the above two tests. Tests most of the cases. -+ * Other tests below are subsets of this. -+ */ -+ private static void testRSAKeyPairGenerator() throws Exception { -+ -+ // Start with the small, medium, and large modulus values only. -+ testRSAKeyPairGeneratorLen(SunRSA, false, -+ RSAKeyFactory.MIN_MODLEN - 1); -+ testRSAKeyPairGeneratorLen(SunRSA, true, -+ RSAKeyFactory.MIN_MODLEN); -+ testRSAKeyPairGeneratorLen(SunRSA, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP); -+ testRSAKeyPairGeneratorLen(SunRSA, true, -+ RSAKeyFactory.MAX_MODLEN); -+ testRSAKeyPairGeneratorLen(SunRSA, false, -+ RSAKeyFactory.MAX_MODLEN + 1); -+ -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ 2048, 2049); -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MIN_MODLEN - 1, -1); -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MIN_MODLEN - 1, -+ RSAKeyGenParameterSpec.F0.intValue() - 1); -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MIN_MODLEN - 1, -+ RSAKeyGenParameterSpec.F0.intValue()); -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MIN_MODLEN - 1, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN); -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MIN_MODLEN - 1, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1); -+ -+ testRSAKeyPairGeneratorSpec(SunRSA, true, -+ RSAKeyFactory.MIN_MODLEN, -1); -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MIN_MODLEN, -+ RSAKeyGenParameterSpec.F0.intValue() - 1); -+ testRSAKeyPairGeneratorSpec(SunRSA, true, -+ RSAKeyFactory.MIN_MODLEN, -+ RSAKeyGenParameterSpec.F0.intValue()); -+ testRSAKeyPairGeneratorSpec(SunRSA, true, -+ RSAKeyFactory.MIN_MODLEN, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN); -+ testRSAKeyPairGeneratorSpec(SunRSA, true, -+ RSAKeyFactory.MIN_MODLEN, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1); -+ -+ testRSAKeyPairGeneratorSpec(SunRSA, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP, -1); -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP, -+ RSAKeyGenParameterSpec.F0.intValue() - 1); -+ testRSAKeyPairGeneratorSpec(SunRSA, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP, -+ RSAKeyGenParameterSpec.F0.intValue()); -+ testRSAKeyPairGeneratorSpec(SunRSA, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN); -+ testRSAKeyPairGeneratorSpec(SunRSA, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1); -+ -+ testRSAKeyPairGeneratorSpec(SunRSA, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP + 1, -+ -1); -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP + 1, -+ RSAKeyGenParameterSpec.F0.intValue() - 1); -+ testRSAKeyPairGeneratorSpec(SunRSA, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP + 1, -+ RSAKeyGenParameterSpec.F0.intValue()); -+ testRSAKeyPairGeneratorSpec(SunRSA, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP + 1, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN); -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP + 1, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1); -+ -+ testRSAKeyPairGeneratorSpec(SunRSA, true, -+ RSAKeyFactory.MAX_MODLEN, -+ -1); -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MAX_MODLEN, -+ RSAKeyGenParameterSpec.F0.intValue() - 1); -+ testRSAKeyPairGeneratorSpec(SunRSA, true, -+ RSAKeyFactory.MAX_MODLEN, -+ RSAKeyGenParameterSpec.F0.intValue()); -+ testRSAKeyPairGeneratorSpec(SunRSA, true, -+ RSAKeyFactory.MAX_MODLEN, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN); -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MAX_MODLEN, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1); -+ -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MAX_MODLEN + 1, -+ -1); -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MAX_MODLEN + 1, -+ RSAKeyGenParameterSpec.F0.intValue() - 1); -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MAX_MODLEN + 1, -+ RSAKeyGenParameterSpec.F0.intValue()); -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MAX_MODLEN + 1, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN); -+ testRSAKeyPairGeneratorSpec(SunRSA, false, -+ RSAKeyFactory.MAX_MODLEN + 1, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1); -+ } -+ -+ /* -+ * Driver for the above two tests. Tests most of the cases. -+ * Other tests below are subsets of this. -+ */ -+ private static void testP11KeyPairGenerator() throws Exception { -+ -+ // Start with the small, medium, and large modulus values only. -+ testRSAKeyPairGeneratorLen(P11, false, -+ RSAKeyFactory.MIN_MODLEN - 1); -+ testRSAKeyPairGeneratorLen(P11, true, -+ RSAKeyFactory.MIN_MODLEN); -+ testRSAKeyPairGeneratorLen(P11, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP); -+ testRSAKeyPairGeneratorLen(P11, true, -+ RSAKeyFactory.MAX_MODLEN); -+ testRSAKeyPairGeneratorLen(P11, false, -+ RSAKeyFactory.MAX_MODLEN + 1); -+ -+ testRSAKeyPairGeneratorSpec(P11, false, -+ RSAKeyFactory.MIN_MODLEN - 1, -1); -+ testRSAKeyPairGeneratorSpec(P11, false, -+ RSAKeyFactory.MIN_MODLEN - 1, -+ RSAKeyGenParameterSpec.F0.intValue() - 1); -+ testRSAKeyPairGeneratorSpec(P11, false, -+ RSAKeyFactory.MIN_MODLEN - 1, -+ RSAKeyGenParameterSpec.F0.intValue()); -+ testRSAKeyPairGeneratorSpec(P11, false, -+ RSAKeyFactory.MIN_MODLEN - 1, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN); -+ testRSAKeyPairGeneratorSpec(P11, false, -+ RSAKeyFactory.MIN_MODLEN - 1, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1); -+ -+ testRSAKeyPairGeneratorSpec(P11, true, -+ RSAKeyFactory.MIN_MODLEN, -1); -+ testRSAKeyPairGeneratorSpec(P11, true, -+ RSAKeyFactory.MIN_MODLEN, -+ RSAKeyGenParameterSpec.F0.intValue()); -+ testRSAKeyPairGeneratorSpec(P11, true, -+ RSAKeyFactory.MIN_MODLEN, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN); -+ testRSAKeyPairGeneratorSpec(P11, true, -+ RSAKeyFactory.MIN_MODLEN, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1); -+ -+ testRSAKeyPairGeneratorSpec(P11, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP, -1); -+ testRSAKeyPairGeneratorSpec(P11, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP, -+ RSAKeyGenParameterSpec.F0.intValue()); -+ testRSAKeyPairGeneratorSpec(P11, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN); -+ testRSAKeyPairGeneratorSpec(P11, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1); -+ -+ testRSAKeyPairGeneratorSpec(P11, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP + 1, -1); -+ testRSAKeyPairGeneratorSpec(P11, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP + 1, -+ RSAKeyGenParameterSpec.F0.intValue()); -+ testRSAKeyPairGeneratorSpec(P11, true, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP + 1, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN); -+ testRSAKeyPairGeneratorSpec(P11, false, -+ RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP + 1, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1); -+ -+ testRSAKeyPairGeneratorSpec(P11, true, -+ RSAKeyFactory.MAX_MODLEN, -1); -+ testRSAKeyPairGeneratorSpec(P11, true, -+ RSAKeyFactory.MAX_MODLEN, -+ RSAKeyGenParameterSpec.F0.intValue()); -+ testRSAKeyPairGeneratorSpec(P11, true, -+ RSAKeyFactory.MAX_MODLEN, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN); -+ testRSAKeyPairGeneratorSpec(P11, false, -+ RSAKeyFactory.MAX_MODLEN, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1); -+ -+ testRSAKeyPairGeneratorSpec(P11, false, -+ RSAKeyFactory.MAX_MODLEN + 1, -1); -+ testRSAKeyPairGeneratorSpec(P11, false, -+ RSAKeyFactory.MAX_MODLEN + 1, -+ RSAKeyGenParameterSpec.F0.intValue() - 1); -+ testRSAKeyPairGeneratorSpec(P11, false, -+ RSAKeyFactory.MAX_MODLEN + 1, -+ RSAKeyGenParameterSpec.F0.intValue()); -+ testRSAKeyPairGeneratorSpec(P11, false, -+ RSAKeyFactory.MAX_MODLEN + 1, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN); -+ testRSAKeyPairGeneratorSpec(P11, false, -+ RSAKeyFactory.MAX_MODLEN + 1, -+ RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1); -+ } -+ -+ /* -+ * Test the KeyFactory translations. -+ */ -+ private static void testTranslateKey(String provider, boolean b, Key key) -+ throws Exception { -+ System.out.println("testTranslateKey: " + b + " " + key + " " + -+ provider); -+ -+ KeyFactory kf = KeyFactory.getInstance("RSA", provider); -+ -+ try { -+ kf.translateKey(key); -+ if (!b) { -+ throw new Exception("Should have failed"); -+ } -+ } catch (InvalidKeyException e) { -+ if (b) { -+ throw new Exception("Should have passed", e); -+ } -+ } -+ } -+ -+ /* -+ * Test the KeyFactory's translation code. -+ * -+ * This also checks the KeyImpl's constructors. -+ * -+ * We've already tested all the corner cases above, just making -+ * sure that the others are correctly doing their checks. -+ */ -+ private static void testRSAKeyFactory() throws Exception { -+ testTranslateKey(SunRSA, true, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP), -+ RSAKeyGenParameterSpec.F4)); -+ testTranslateKey(SunRSA, true, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN))); -+ testTranslateKey(SunRSA, false, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1))); -+ testTranslateKey(SunRSA, false, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN + 1), -+ RSAKeyGenParameterSpec.F4)); -+ testTranslateKey(SunRSA, false, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MIN_MODLEN - 8), -+ RSAKeyGenParameterSpec.F4)); -+ testTranslateKey(SunRSA, true, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MIN_MODLEN - 7), -+ RSAKeyGenParameterSpec.F4)); -+ -+ // Private keys don't have the same restriction -+ testTranslateKey(SunRSA, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP), -+ RSAKeyGenParameterSpec.F4)); -+ testTranslateKey(SunRSA, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN))); -+ testTranslateKey(SunRSA, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1))); -+ testTranslateKey(SunRSA, false, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN + 1), -+ RSAKeyGenParameterSpec.F4)); -+ testTranslateKey(SunRSA, false, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MIN_MODLEN - 8), -+ RSAKeyGenParameterSpec.F4)); -+ testTranslateKey(SunRSA, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MIN_MODLEN - 7), -+ RSAKeyGenParameterSpec.F4)); -+ } -+ -+ private static void testP11KeyFactory() throws Exception { -+ testTranslateKey(P11, true, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP), -+ RSAKeyGenParameterSpec.F4)); -+ testTranslateKey(P11, true, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN))); -+ testTranslateKey(P11, false, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1))); -+ testTranslateKey(P11, false, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN + 1), -+ RSAKeyGenParameterSpec.F4)); -+ testTranslateKey(P11, true, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MIN_MODLEN - 8), -+ RSAKeyGenParameterSpec.F4)); -+ -+ // Private keys don't have the same restriction -+ testTranslateKey(P11, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP), -+ RSAKeyGenParameterSpec.F4)); -+ testTranslateKey(P11, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN))); -+ testTranslateKey(P11, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1))); -+ testTranslateKey(P11, false, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN + 1), -+ RSAKeyGenParameterSpec.F4)); -+ testTranslateKey(P11, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MIN_MODLEN - 8), -+ RSAKeyGenParameterSpec.F4)); -+ } -+ -+ /* -+ * Tests that that Signature's are working properly for both public -+ * and private keys. -+ */ -+ private static void testInitSign(String provider, -+ boolean b, PrivateKey key) throws Exception { -+ System.out.println("testInitSign: " + b + " " + key + " " + provider); -+ -+ Signature kf = Signature.getInstance("SHA1withRSA", provider); -+ -+ try { -+ kf.initSign(key); -+ if (!b) { -+ throw new Exception("Should have failed"); -+ } -+ } catch (InvalidKeyException e) { -+ if (b) { -+ throw new Exception("Should have passed", e); -+ } -+ } catch (ProviderException e) { -+ // The Solaris PKCS11 softtoken doesn't currently allow -+ // keys larger than 4K. Throws a ProviderException. -+ if (!b) { -+ throw new Exception("Should have failed", e); -+ } else { -+ System.out.println("Large Keys excpetion, passing..."); -+ } -+ } -+ } -+ -+ private static void testInitVerify(String provider, -+ boolean b, PublicKey key) throws Exception { -+ System.out.println("testInitVerify: " + b + " " + key + " " + -+ provider); -+ -+ Signature kf = Signature.getInstance("SHA1withRSA", provider); -+ -+ try { -+ kf.initVerify(key); -+ if (!b) { -+ throw new Exception("Should have failed"); -+ } -+ } catch (InvalidKeyException e) { -+ if (b) { -+ throw new Exception("Should have passed", e); -+ } -+ } catch (ProviderException e) { -+ // The Solaris PKCS11 softtoken doesn't currently allow -+ // keys larger than 4K. Throws a ProviderException. -+ if (!b) { -+ throw new Exception("Should have failed", e); -+ } else { -+ System.out.println("Large Keys excpetion, passing..."); -+ } -+ } -+ } -+ -+ private static void testRSASignature() throws Exception { -+ testInitSign(SunRSA, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP), -+ RSAKeyGenParameterSpec.F4)); -+ testInitSign(SunRSA, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN))); -+ testInitSign(SunRSA, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1))); -+ testInitSign(SunRSA, false, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN + 1), -+ RSAKeyGenParameterSpec.F4)); -+ testInitSign(SunRSA, false, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MIN_MODLEN - 8), -+ RSAKeyGenParameterSpec.F4)); -+ testInitSign(SunRSA, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MIN_MODLEN - 7), -+ RSAKeyGenParameterSpec.F4)); -+ -+ testInitVerify(SunRSA, true, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP), -+ RSAKeyGenParameterSpec.F4)); -+ testInitVerify(SunRSA, true, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN))); -+ testInitVerify(SunRSA, false, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1))); -+ testInitVerify(SunRSA, false, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN + 1), -+ RSAKeyGenParameterSpec.F4)); -+ testInitVerify(SunRSA, false, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MIN_MODLEN - 8), -+ RSAKeyGenParameterSpec.F4)); -+ testInitVerify(SunRSA, true, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MIN_MODLEN - 7), -+ RSAKeyGenParameterSpec.F4)); -+ } -+ -+ private static void testP11Signature() throws Exception { -+ testInitSign(P11, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP), -+ RSAKeyGenParameterSpec.F4)); -+ testInitSign(P11, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN))); -+ testInitSign(P11, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1))); -+ testInitSign(P11, false, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN + 1), -+ RSAKeyGenParameterSpec.F4)); -+ testInitSign(P11, true, new MyRSAPrivateKey( -+ getBigInteger(RSAKeyFactory.MIN_MODLEN - 8), -+ RSAKeyGenParameterSpec.F4)); -+ -+ testInitVerify(P11, true, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP), -+ RSAKeyGenParameterSpec.F4)); -+ testInitVerify(P11, true, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN))); -+ testInitVerify(P11, false, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1))); -+ testInitVerify(P11, false, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN + 1), -+ RSAKeyGenParameterSpec.F4)); -+ testInitVerify(P11, true, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MIN_MODLEN - 8), -+ RSAKeyGenParameterSpec.F4)); -+ } -+ -+ /* -+ * There are a couple test files, one with big keys. Make sure that -+ * they are caught correctly. -+ */ -+ private static void testStore(String file) throws Exception { -+ -+ KeyStore ks = KeyStore.getInstance("JKS"); -+ FileInputStream fis = new FileInputStream(new File(BASE, file)); -+ ks.load(fis, "changeit".toCharArray()); -+ -+ java.security.cert.Certificate cert = ks.getCertificate("duke1"); -+ -+ Signature kf = Signature.getInstance("SHA1withRSA", SunRSA); -+ kf.initVerify(cert); -+ } -+ -+ private static void testKeyStore() throws Exception { -+ System.out.println("testKeyStore with good key:"); -+ testStore("keystore.good"); -+ -+ System.out.println("testKeyStore with bad key:"); -+ try { -+ testStore("keystore.bad"); -+ throw new Exception("Didn't throw expected IOException"); -+ } catch (java.security.cert.CertificateParsingException e) { -+ System.out.println("Got proper CertificateParsingException"); -+ } -+ } -+ -+ /* -+ * We'll hard code the solaris p11 file for now. If we -+ * ever add another one by default, this test will fail -+ * and we'll need to adjust the logic here. -+ */ -+ private static void testP11() throws Exception { -+ -+ // Replace the existing P11 provider with one that -+ // uses the local configuration file. -+ Provider p = Security.getProvider(P11); -+ if (p == null) { -+ System.out.println("Skipping " + P11 + " tests"); -+ return; -+ } -+ -+ Security.removeProvider(P11); -+ String config = BASE + "/sunpkcs11-solaris_enableSHA1withRSAsig.cfg"; -+ System.out.println("Using config: " + config); -+ p = new sun.security.pkcs11.SunPKCS11(config); -+ Security.insertProviderAt(p, 1); -+ -+ testP11KeyPairGenerator(); -+ testP11KeyFactory(); -+ testP11Signature(); -+ } -+ -+ /* -+ * Run a few tests with the MSCAPI provider. -+ */ -+ private static void testMSCAPI() throws Exception { -+ if (Security.getProvider(MSCAPI) == null) { -+ System.out.println("Skipping " + MSCAPI + " tests"); -+ return; -+ } -+ -+ testRSAKeyPairGeneratorLen(MSCAPI, false, -+ RSAKeyFactory.MIN_MODLEN - 7); -+ testRSAKeyPairGeneratorLen(MSCAPI, true, -+ RSAKeyFactory.MIN_MODLEN); -+ testRSAKeyPairGeneratorLen(MSCAPI, true, -+ RSAKeyFactory.MAX_MODLEN); -+ testRSAKeyPairGeneratorLen(MSCAPI, false, -+ RSAKeyFactory.MAX_MODLEN + 1); -+ -+ testRSAKeyPairGeneratorSpec(MSCAPI, false, -+ RSAKeyFactory.MIN_MODLEN - 1, -1); -+ testRSAKeyPairGeneratorSpec(MSCAPI, true, -+ RSAKeyFactory.MIN_MODLEN, -1); -+ testRSAKeyPairGeneratorSpec(MSCAPI, true, -+ RSAKeyFactory.MAX_MODLEN, -1); -+ testRSAKeyPairGeneratorSpec(MSCAPI, false, -+ RSAKeyFactory.MAX_MODLEN + 1, -1); -+ -+ // This will fail because the SunMSCAPI provider itself -+ // won't allow Specs to contain actual exponents. -+ testRSAKeyPairGeneratorSpec(MSCAPI, false, -+ RSAKeyFactory.MAX_MODLEN, 64); -+ -+ // Stock XP's MSCAPI won't allow exponents >= 32 bits, -+ // so we'll fudge a bit here. -+ testInitVerify(MSCAPI, true, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN_RESTRICT_EXP), -+ RSAKeyGenParameterSpec.F4)); -+ testInitVerify(MSCAPI, true, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(24))); -+ testInitVerify(MSCAPI, false, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN), -+ getBigInteger(RSAKeyFactory.MAX_RESTRICTED_EXPLEN + 1))); -+ testInitVerify(MSCAPI, false, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MAX_MODLEN + 1), -+ RSAKeyGenParameterSpec.F4)); -+ testInitVerify(MSCAPI, true, new MyRSAPublicKey( -+ getBigInteger(RSAKeyFactory.MIN_MODLEN - 1), -+ RSAKeyGenParameterSpec.F4)); -+ } -+ -+ public static void main(String args[]) throws Exception { -+ -+ testRSAKeyPairGenerator(); -+ -+ testRSAKeyFactory(); -+ -+ testRSASignature(); -+ -+ testKeyStore(); -+ -+ testMSCAPI(); -+ -+ testP11(); -+ } -+ -+ /* -+ * Helper PublicKey class. Create these with no restrictions. -+ */ -+ private static class MyRSAPublicKey implements RSAPublicKey { -+ -+ private final BigInteger n; -+ private final BigInteger e; -+ -+ MyRSAPublicKey(BigInteger n, BigInteger e) { -+ this.n = n; -+ this.e = e; -+ } -+ -+ public BigInteger getModulus() { -+ return n; -+ } -+ -+ public BigInteger getPublicExponent() { -+ return e; -+ } -+ -+ public String getAlgorithm() { -+ return "RSA"; -+ } -+ -+ public String getFormat() { -+ return "PKCS#8"; -+ } -+ -+ public byte [] getEncoded() { -+ return null; -+ } -+ } -+ -+ /* -+ * Helper PrivateKey class. Create these with no restrictions. -+ */ -+ private static class MyRSAPrivateKey implements RSAPrivateKey { -+ -+ private final BigInteger n; -+ private final BigInteger d; -+ -+ MyRSAPrivateKey(BigInteger n, BigInteger d) { -+ this.n = n; -+ this.d = d; -+ } -+ -+ public BigInteger getModulus() { -+ return n; -+ } -+ -+ public BigInteger getPrivateExponent() { -+ return d; -+ } -+ -+ public String getAlgorithm() { -+ return "RSA"; -+ } -+ -+ public String getFormat() { -+ return "PKCS#8"; -+ } -+ -+ public byte [] getEncoded() { -+ return null; -+ } -+ } -+}
--- a/patches/icedtea-6588160.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,42 +0,0 @@ ---- /export/home/max/ws/jdk6-open/jdk/webrev/src/share/classes/sun/security/krb5/KrbKdcReq.java- Sun Aug 31 20:04:55 2008 -+++ openjdk/jdk/src/share/classes/sun/security/krb5/KrbKdcReq.java Sun Aug 31 19:33:19 2008 -@@ -271,10 +271,11 @@ - + port + ", timeout=" - + timeout - + ",Attempt =" + i - + ", #bytes=" + obuf.length); - } -+ try { - /* - * Send the data to the kdc. - */ - - kdcClient.send(obuf); -@@ -293,11 +294,14 @@ - if (i == DEFAULT_KDC_RETRY_LIMIT) { - ibuf = null; - throw se; - } - } -+ } finally { -+ kdcClient.close(); - } -+ } - } - return ibuf; - } - } - ---- /export/home/max/ws/jdk6-open/jdk/webrev/src/share/classes/sun/security/krb5/internal/UDPClient.java- Sun Aug 31 20:04:55 2008 -+++ openjdk/jdk/src/share/classes/sun/security/krb5/internal/UDPClient.java Sun Aug 31 20:02:07 2008 -@@ -90,6 +90,9 @@ - System.arraycopy(dgPacketIn.getData(), 0, data, 0, - dgPacketIn.getLength()); - return data; - } - -+ public void close() { -+ dgSocket.close(); -+ } - } -
--- a/patches/icedtea-6700047-loopopts.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,34 +0,0 @@ -6700047: C2 failed in idom_no_update -Summary: partial peeling shouldn't place clones into loop - -diff -r 4aebfff4f8a2 hotspot/src/share/vm/opto/loopopts.cpp ---- openjdk.orig/hotspot/src/share/vm/opto/loopopts.cpp Mon Sep 15 11:38:34 2008 +0200 -+++ openjdk/hotspot/src/share/vm/opto/loopopts.cpp Fri Sep 26 11:29:06 2008 +0200 -@@ -1865,18 +1865,19 @@ - _igvn.hash_delete(use); - use->set_req(j, n_clone); - _igvn._worklist.push(use); -+ Node* use_c; - if (!use->is_Phi()) { -- Node* use_c = has_ctrl(use) ? get_ctrl(use) : use->in(0); -- set_ctrl(n_clone, use_c); -- assert(!loop->is_member(get_loop(use_c)), "should be outside loop"); -- get_loop(use_c)->_body.push(n_clone); -+ use_c = has_ctrl(use) ? get_ctrl(use) : use->in(0); - } else { - // Use in a phi is considered a use in the associated predecessor block -- Node *prevbb = use->in(0)->in(j); -- set_ctrl(n_clone, prevbb); -- assert(!loop->is_member(get_loop(prevbb)), "should be outside loop"); -- get_loop(prevbb)->_body.push(n_clone); -+ use_c = use->in(0)->in(j); - } -+ if (use_c->is_CountedLoop()) { -+ use_c = use_c->in(LoopNode::EntryControl); -+ } -+ set_ctrl(n_clone, use_c); -+ assert(!loop->is_member(get_loop(use_c)), "should be outside loop"); -+ get_loop(use_c)->_body.push(n_clone); - _igvn.register_new_node_with_optimizer(n_clone); - #if !defined(PRODUCT) - if (TracePartialPeeling) {
--- a/patches/icedtea-6712835-ifnode.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,25 +0,0 @@ -6712835: Server compiler fails with assertion (loop_count < K,"infinite loop in PhaseIterGVN::transform") - -diff -r 4aebfff4f8a2 hotspot/src/share/vm/opto/ifnode.cpp ---- openjdk.orig/hotspot/src/share/vm/opto/ifnode.cpp Mon Sep 15 11:38:34 2008 +0200 -+++ openjdk/hotspot/src/share/vm/opto/ifnode.cpp Fri Sep 26 11:56:32 2008 +0200 -@@ -569,6 +569,11 @@ - int true_path = phi->is_diamond_phi(); - if( true_path == 0 ) return NULL; - -+ // Make sure that iff and the control of the phi are different. This -+ // should really only happen for dead control flow since it requires -+ // an illegal cycle. -+ if (phi->in(0)->in(1)->in(0) == iff) return NULL; -+ - // phi->region->if_proj->ifnode->bool->cmp - BoolNode *bol2 = phi->in(0)->in(1)->in(0)->in(1)->as_Bool(); - -@@ -595,6 +600,7 @@ - } - - Node* new_bol = (flip ? phase->transform( bol2->negate(phase) ) : bol2); -+ assert(new_bol != iff->in(1), "must make progress"); - iff->set_req(1, new_bol); - // Intervening diamond probably goes dead - phase->C->set_major_progress();
--- a/patches/icedtea-6721753.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,117 +0,0 @@ ---- old/src/share/classes/java/io/File.java Thu Oct 9 16:11:01 2008 -+++ openjdk/jdk/src/share/classes/java/io/File.java Thu Oct 9 16:10:51 2008 -@@ -32,9 +32,9 @@ - import java.util.ArrayList; - import java.util.Map; - import java.util.Hashtable; --import java.util.Random; - import java.security.AccessController; - import java.security.AccessControlException; -+import java.security.SecureRandom; - import sun.security.action.GetPropertyAction; - - -@@ -1676,30 +1676,30 @@ - - /* -- Temporary files -- */ - -- private static final Object tmpFileLock = new Object(); -+ // lazy initialization of SecureRandom and temporary file directory -+ private static class LazyInitialization { -+ static final SecureRandom random = new SecureRandom(); - -- private static int counter = -1; /* Protected by tmpFileLock */ -+ static final String temporaryDirectory = temporaryDirectory(); -+ static String temporaryDirectory() { -+ return fs.normalize( -+ AccessController.doPrivileged( -+ new GetPropertyAction("java.io.tmpdir"))); -+ } -+ } - - private static File generateFile(String prefix, String suffix, File dir) - throws IOException - { -- if (counter == -1) { -- counter = new Random().nextInt() & 0xffff; -+ long n = LazyInitialization.random.nextLong(); -+ if (n == Long.MIN_VALUE) { -+ n = 0; // corner case -+ } else { -+ n = Math.abs(n); - } -- counter++; -- return new File(dir, prefix + Integer.toString(counter) + suffix); -+ return new File(dir, prefix + Long.toString(n) + suffix); - } - -- private static String tmpdir; /* Protected by tmpFileLock */ -- -- private static String getTempDir() { -- if (tmpdir == null) -- tmpdir = fs.normalize( -- AccessController.doPrivileged( -- new GetPropertyAction("java.io.tmpdir"))); -- return tmpdir; -- } -- - private static boolean checkAndCreate(String filename, SecurityManager sm) - throws IOException - { -@@ -1793,18 +1793,16 @@ - if (prefix.length() < 3) - throw new IllegalArgumentException("Prefix string too short"); - String s = (suffix == null) ? ".tmp" : suffix; -- synchronized (tmpFileLock) { -- if (directory == null) { -- String tmpDir = getTempDir(); -- directory = new File(tmpDir, fs.prefixLength(tmpDir)); -- } -- SecurityManager sm = System.getSecurityManager(); -- File f; -- do { -- f = generateFile(prefix, s, directory); -- } while (!checkAndCreate(f.getPath(), sm)); -- return f; -+ if (directory == null) { -+ String tmpDir = LazyInitialization.temporaryDirectory(); -+ directory = new File(tmpDir, fs.prefixLength(tmpDir)); - } -+ SecurityManager sm = System.getSecurityManager(); -+ File f; -+ do { -+ f = generateFile(prefix, s, directory); -+ } while (!checkAndCreate(f.getPath(), sm)); -+ return f; - } - - /** ---- /dev/null Thu Oct 9 16:12:28 2008 -+++ openjdk/jdk/test/closed/java/io/File/createTempFile/GuessNext.java Thu Oct 9 16:12:25 2008 -@@ -0,0 +1,26 @@ -+/* @test -+ * @bug 6721753 -+ * @key closed-security -+ * @summary Test that temporary files don't use incrementing counter -+ */ -+ -+import java.io.File; -+import java.io.IOException; -+import java.util.regex.*; -+ -+public class GuessNext { -+ public static void main (String[] args) throws IOException { -+ String name = File.createTempFile("blah", null).getName(); -+ -+ // assume name is blahNNNNNN -+ Matcher matcher = Pattern.compile("([0-9]+)").matcher(name); -+ if (matcher.find()) { -+ long next = Long.parseLong(matcher.group(1)) + 1; -+ String guess = "blah" + next + ".tmp"; -+ -+ name = File.createTempFile("blah", null).getName(); -+ if (name.equals(guess)) -+ throw new RuntimeException("Incrementing number"); -+ } -+ } -+}
--- a/patches/icedtea-6726779.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,142 +0,0 @@ ---- old/src/share/native/sun/awt/medialib/awt_ImagingLib.c Thu Aug 7 10:06:12 2008 -+++ openjdk/jdk/src/share/native/sun/awt/medialib/awt_ImagingLib.c Thu Aug 7 10:06:12 2008 -@@ -216,6 +216,16 @@ - - #endif /* ! DEBUG */ - -+static int -+getMlibEdgeHint(jint edgeHint) { -+ switch (edgeHint) { -+ case java_awt_image_ConvolveOp_EDGE_NO_OP: -+ return MLIB_EDGE_DST_COPY_SRC; -+ case java_awt_image_ConvolveOp_EDGE_ZERO_FILL: -+ default: -+ return MLIB_EDGE_DST_FILL_ZERO; -+ } -+} - - /*************************************************************************** - * External Functions * -@@ -400,22 +410,10 @@ - } - } - -- if (edgeHint == java_awt_image_ConvolveOp_EDGE_NO_OP) { -- int kw2 = kwidth>>1; -- int kh2 = kheight>>1; -- int bsize = mlib_ImageGetChannels(src)* -- (mlib_ImageGetType(src) == MLIB_BYTE ? 1 : 2); -- -- void *dstDataP = mlib_ImageGetData(dst); -- void *srcDataP = mlib_ImageGetData(src); -- /* REMIND: Copy a smaller area */ -- memcpy(dstDataP, srcDataP, dst->width*dst->height*bsize); -- } -- - cmask = (1<<src->channels)-1; - status = (*sMlibFns[MLIB_CONVMxN].fptr)(dst, src, kdata, w, h, - (w-1)/2, (h-1)/2, scale, cmask, -- MLIB_EDGE_DST_NO_WRITE); -+ getMlibEdgeHint(edgeHint)); - - if (status != MLIB_SUCCESS) { - printMedialibError(status); -@@ -660,22 +658,10 @@ - } - } - -- if (edgeHint == java_awt_image_ConvolveOp_EDGE_NO_OP) { -- int kw2 = kwidth>>1; -- int kh2 = kheight>>1; -- int bsize = mlib_ImageGetChannels(src)* -- (mlib_ImageGetType(src) == MLIB_BYTE ? 1 : 2); -- -- void *dstDataP = mlib_ImageGetData(dst); -- void *srcDataP = mlib_ImageGetData(src); -- /* REMIND: Copy a smaller area */ -- memcpy(dstDataP, srcDataP, dst->width*dst->height*bsize); -- } -- - cmask = (1<<src->channels)-1; - status = (*sMlibFns[MLIB_CONVMxN].fptr)(dst, src, kdata, w, h, - (w-1)/2, (h-1)/2, scale, cmask, -- MLIB_EDGE_DST_NO_WRITE); -+ getMlibEdgeHint(edgeHint)); - - if (status != MLIB_SUCCESS) { - printMedialibError(status); ---- /dev/null Thu Aug 7 10:06:15 2008 -+++ openjdk/jdk/test/java/awt/image/ConvolveOp/EdgeNoOpCrash.java Thu Aug 7 10:06:14 2008 -@@ -0,0 +1,72 @@ -+/* -+ * @test @(#)EdgeNoOpCrash.java 1.1 08/08/07 -+ * @bug 6726779 -+ * @summary Test verifies that ConvolveOp with the EDGE_NO_OP edge condition -+ * does not cause JVM crash if size of source raster elements is -+ * greather than size of the destination raster element. -+ * -+ * @run main EdgeNoOpCrash -+ */ -+import java.awt.Point; -+import java.awt.image.ConvolveOp; -+import java.awt.image.DataBuffer; -+import java.awt.image.ImagingOpException; -+import java.awt.image.Kernel; -+import java.awt.image.Raster; -+import java.awt.image.WritableRaster; -+import java.util.Arrays; -+ -+public class EdgeNoOpCrash { -+ private static final int w = 3000; -+ private static final int h = 200; -+ -+ public static void main(String[] args) { -+ crashTest(); -+ } -+ -+ private static void crashTest() { -+ Raster src = createSrcRaster(); -+ WritableRaster dst = createDstRaster(); -+ ConvolveOp op = createConvolveOp(ConvolveOp.EDGE_NO_OP); -+ try { -+ op.filter(src, dst); -+ } catch (ImagingOpException e) { -+ /* -+ * The test pair of source and destination rasters -+ * may cause failure of the medialib convolution routine, -+ * so this exception is expected. -+ * -+ * The JVM crash is the only manifestation of this -+ * test failure. -+ */ -+ } -+ System.out.println("Test PASSED."); -+ } -+ -+ private static Raster createSrcRaster() { -+ WritableRaster r = Raster.createInterleavedRaster(DataBuffer.TYPE_USHORT, -+ w, h, 4, new Point(0, 0)); -+ -+ return r; -+ } -+ -+ private static WritableRaster createDstRaster() { -+ WritableRaster r = Raster.createInterleavedRaster(DataBuffer.TYPE_BYTE, -+ w, h, 4, new Point(0, 0)); -+ -+ return r; -+ } -+ -+ private static ConvolveOp createConvolveOp(int edgeHint) { -+ final int kw = 3; -+ final int kh = 3; -+ float[] kdata = new float[kw * kh]; -+ float v = 1f / kdata.length; -+ Arrays.fill(kdata, v); -+ -+ Kernel k = new Kernel(kw, kh, kdata); -+ ConvolveOp op = new ConvolveOp(k, edgeHint, null); -+ -+ return op; -+ } -+}
--- a/patches/icedtea-6734167.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,89 +0,0 @@ ---- old/src/share/classes/java/util/Calendar.java Fri Oct 3 00:27:50 2008 -+++ openjdk/jdk/src/share/classes/java/util/Calendar.java Fri Oct 3 00:27:50 2008 -@@ -41,9 +41,14 @@ - import java.io.IOException; - import java.io.ObjectInputStream; - import java.io.ObjectOutputStream; -+import java.io.OptionalDataException; - import java.io.Serializable; -+import java.security.AccessControlContext; - import java.security.AccessController; -+import java.security.PermissionCollection; -+import java.security.PrivilegedActionException; - import java.security.PrivilegedExceptionAction; -+import java.security.ProtectionDomain; - import java.text.DateFormat; - import java.text.DateFormatSymbols; - import sun.util.BuddhistCalendar; -@@ -2626,6 +2631,18 @@ - } - } - -+ private static class CalendarAccessControlContext { -+ private static final AccessControlContext INSTANCE; -+ static { -+ RuntimePermission perm = new RuntimePermission("accessClassInPackage.sun.util.calendar"); -+ PermissionCollection perms = perm.newPermissionCollection(); -+ perms.add(perm); -+ INSTANCE = new AccessControlContext(new ProtectionDomain[] { -+ new ProtectionDomain(null, perms) -+ }); -+ } -+ } -+ - /** - * Reconstitutes this object from a stream (i.e., deserialize it). - */ -@@ -2655,17 +2672,30 @@ - serialVersionOnStream = currentSerialVersion; - - // If there's a ZoneInfo object, use it for zone. -+ ZoneInfo zi = null; - try { -- ZoneInfo zi = (ZoneInfo) AccessController.doPrivileged( -- new PrivilegedExceptionAction() { -- public Object run() throws Exception { -- return input.readObject(); -- } -- }); -- if (zi != null) { -- zone = zi; -+ zi = AccessController.doPrivileged( -+ new PrivilegedExceptionAction<ZoneInfo>() { -+ public ZoneInfo run() throws Exception { -+ return (ZoneInfo) input.readObject(); -+ } -+ }, -+ CalendarAccessControlContext.INSTANCE); -+ } catch (PrivilegedActionException pae) { -+ Exception e = pae.getException(); -+ if (!(e instanceof OptionalDataException)) { -+ if (e instanceof RuntimeException) { -+ throw (RuntimeException) e; -+ } else if (e instanceof IOException) { -+ throw (IOException) e; -+ } else if (e instanceof ClassNotFoundException) { -+ throw (ClassNotFoundException) e; -+ } -+ throw new RuntimeException(e); - } -- } catch (Exception e) { -+ } -+ if (zi != null) { -+ zone = zi; - } - - // If the deserialized object has a SimpleTimeZone, try to -@@ -2674,9 +2704,9 @@ - // implementation as much as possible. - if (zone instanceof SimpleTimeZone) { - String id = zone.getID(); -- TimeZone zi = TimeZone.getTimeZone(id); -- if (zi != null && zi.hasSameRules(zone) && zi.getID().equals(id)) { -- zone = zi; -+ TimeZone tz = TimeZone.getTimeZone(id); -+ if (tz != null && tz.hasSameRules(zone) && tz.getID().equals(id)) { -+ zone = tz; - } - } - }
--- a/patches/icedtea-6766136.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,189 +0,0 @@ ---- old/src/share/native/sun/awt/splashscreen/splashscreen_gfx_impl.h Wed Nov 12 12:25:11 2008 -+++ openjdk/jdk/src/share/native/sun/awt/splashscreen/splashscreen_gfx_impl.h Wed Nov 12 12:25:11 2008 -@@ -31,7 +31,7 @@ - /* here come some very simple macros */ - - /* advance a pointer p by sizeof(type)*n bytes */ --#define INCPN(type,p,n) ((p) = (type*)(p)+n) -+#define INCPN(type,p,n) ((p) = (type*)(p)+(n)) - - /* advance a pointer by sizeof(type) */ - #define INCP(type,p) INCPN(type,(p),1) ---- old/src/share/native/sun/awt/splashscreen/splashscreen_gif.c Wed Nov 12 12:25:12 2008 -+++ openjdk/jdk/src/share/native/sun/awt/splashscreen/splashscreen_gif.c Wed Nov 12 12:25:12 2008 -@@ -53,6 +53,10 @@ - // convert libungif samples to our ones - #define MAKE_QUAD_GIF(c,a) MAKE_QUAD((c).Red, (c).Green, (c).Blue, (a)) - -+#define SAFE_TO_ALLOC(c, sz) \ -+ (((c) > 0) && ((sz) > 0) && \ -+ ((0xffffffffu / ((unsigned int)(c))) > (unsigned int)(sz))) -+ - /* stdio FILE* and memory input functions for libungif */ - int - SplashStreamGifInputFunc(GifFileType * gif, GifByteType * buf, int n) -@@ -62,6 +66,15 @@ - return rc; - } - -+/* These macro help to ensure that we only take part of frame that fits into -+ logical screen. */ -+ -+/* Ensure that p belongs to [pmin, pmax) interval. Returns fixed point (if fix is needed) */ -+#define FIX_POINT(p, pmin, pmax) ( ((p) < (pmin)) ? (pmin) : (((p) > (pmax)) ? (pmax) : (p))) -+/* Ensures that line starting at point p does not exceed boundary pmax. -+ Returns fixed length (if fix is needed) */ -+#define FIX_LENGTH(p, len, pmax) ( ((p) + (len)) > (pmax) ? ((pmax) - (p)) : (len)) -+ - int - SplashDecodeGif(Splash * splash, GifFileType * gif) - { -@@ -70,6 +83,7 @@ - byte_t *pBitmapBits, *pOldBitmapBits; - int i, j; - int imageIndex; -+ int cx, cy, cw, ch; /* clamped coordinates */ - const int interlacedOffset[] = { 0, 4, 2, 1, 0 }; /* The way Interlaced image should. */ - const int interlacedJumps[] = { 8, 8, 4, 2, 1 }; /* be read - offsets and jumps... */ - -@@ -79,14 +93,31 @@ - - SplashCleanup(splash); - -+ if (!SAFE_TO_ALLOC(gif->SWidth, splash->imageFormat.depthBytes)) { -+ return 0; -+ } - stride = gif->SWidth * splash->imageFormat.depthBytes; - if (splash->byteAlignment > 1) - stride = - (stride + splash->byteAlignment - 1) & ~(splash->byteAlignment - 1); - -+ if (!SAFE_TO_ALLOC(gif->SHeight, stride)) { -+ return 0; -+ } -+ -+ if (!SAFE_TO_ALLOC(gif->ImageCount, sizeof(SplashImage*))) { -+ return 0; -+ } - bufferSize = stride * gif->SHeight; - pBitmapBits = (byte_t *) malloc(bufferSize); -+ if (!pBitmapBits) { -+ return 0; -+ } - pOldBitmapBits = (byte_t *) malloc(bufferSize); -+ if (!pOldBitmapBits) { -+ free(pBitmapBits); -+ return 0; -+ } - memset(pBitmapBits, 0, bufferSize); - - splash->width = gif->SWidth; -@@ -94,6 +125,11 @@ - splash->frameCount = gif->ImageCount; - splash->frames = (SplashImage *) - malloc(sizeof(SplashImage) * gif->ImageCount); -+ if (!splash->frames) { -+ free(pBitmapBits); -+ free(pOldBitmapBits); -+ return 0; -+ } - memset(splash->frames, 0, sizeof(SplashImage) * gif->ImageCount); - splash->loopCount = 1; - -@@ -109,6 +145,11 @@ - int colorCount = 0; - rgbquad_t colorMapBuf[SPLASH_COLOR_MAP_SIZE]; - -+ cx = FIX_POINT(desc->Left, 0, gif->SWidth); -+ cy = FIX_POINT(desc->Top, 0, gif->SHeight); -+ cw = FIX_LENGTH(desc->Left, desc->Width, gif->SWidth); -+ ch = FIX_LENGTH(desc->Top, desc->Height, gif->SHeight); -+ - if (colorMap) { - if (colorMap->ColorCount <= SPLASH_COLOR_MAP_SIZE) { - colorCount = colorMap->ColorCount; -@@ -195,13 +236,24 @@ - for (; pass < npass; ++pass) { - int jump = interlacedJumps[pass]; - int ofs = interlacedOffset[pass]; -- int numLines = (desc->Height + jump - 1 - ofs) / jump; -+ /* Number of source lines for current pass */ -+ int numPassLines = (desc->Height + jump - ofs - 1) / jump; -+ /* Number of lines that fits to dest buffer */ -+ int numLines = (ch + jump - ofs - 1) / jump; - -+ - initRect(&srcRect, 0, 0, desc->Width, numLines, 1, - desc->Width, pSrc, &srcFormat); -- initRect(&dstRect, desc->Left, desc->Top + ofs, desc->Width, -- numLines, jump, stride, pBitmapBits, &splash->imageFormat); -- pSrc += convertRect(&srcRect, &dstRect, CVT_ALPHATEST); -+ -+ if (numLines > 0) { -+ initRect(&dstRect, cx, cy + ofs, cw, -+ numLines, jump, stride, pBitmapBits, -+ &splash->imageFormat); -+ -+ pSrc += convertRect(&srcRect, &dstRect, CVT_ALPHATEST); -+ } -+ // skip extra source data -+ pSrc += (numPassLines - numLines) * srcRect.stride; - } - } - -@@ -209,6 +261,12 @@ - - splash->frames[imageIndex].bitmapBits = - (rgbquad_t *) malloc(bufferSize); -+ if (!splash->frames[imageIndex].bitmapBits) { -+ free(pBitmapBits); -+ free(pOldBitmapBits); -+ /* Assuming that callee will take care of splash frames we have already allocated */ -+ return 0; -+ } - memcpy(splash->frames[imageIndex].bitmapBits, pBitmapBits, bufferSize); - - SplashInitFrameShape(splash, imageIndex); -@@ -224,27 +282,29 @@ - { - ImageRect dstRect; - rgbquad_t fillColor = 0; // 0 is transparent -- if (transparentColor < 0) { -+ -+ if (transparentColor > 0) { - fillColor= MAKE_QUAD_GIF( - colorMap->Colors[gif->SBackGroundColor], 0xff); - } -- initRect(&dstRect, desc->Left, desc->Top, -- desc->Width, desc->Height, 1, stride, -- pBitmapBits, &splash->imageFormat); -+ initRect(&dstRect, -+ cx, cy, cw, ch, -+ 1, stride, -+ pBitmapBits, &splash->imageFormat); - fillRect(fillColor, &dstRect); - } - break; - case GIF_DISPOSE_RESTORE: - { -- -- int lineSize = desc->Width * splash->imageFormat.depthBytes; -- -- for (j = 0; j < desc->Height; j++) { -- int lineIndex = stride * (j + desc->Top) + -- desc->Left * splash->imageFormat.depthBytes; -- -- memcpy(pBitmapBits + lineIndex, pOldBitmapBits + lineIndex, -- lineSize); -+ int lineSize = cw * splash->imageFormat.depthBytes; -+ if (lineSize > 0) { -+ int lineOffset = cx * splash->imageFormat.depthBytes; -+ int lineIndex = cy * stride + lineOffset; -+ for (j=0; j<ch; j++) { -+ memcpy(pBitmapBits + lineIndex, pOldBitmapBits + lineIndex, -+ lineSize); -+ lineIndex += stride; -+ } - } - } - break;
--- a/patches/icedtea-LCMS-setTagData.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,296 +0,0 @@ -*** openjdk/jdk/src/share/native/sun/java2d/cmm/lcms/lcms.h.orig 2008-04-11 19:17:54.000000000 -0700 ---- openjdk/jdk/src/share/native/sun/java2d/cmm/lcms/lcms.h 2008-04-11 19:19:48.000000000 -0700 -*************** LCMSAPI BOOL LCMSEXPORT _cmsSaveProfile( -*** 1244,1250 **** - LCMSAPI BOOL LCMSEXPORT _cmsSaveProfileToMem(cmsHPROFILE hProfile, void *MemPtr, - size_t* BytesNeeded); - -! - - // PostScript ColorRenderingDictionary and ColorSpaceArray - ---- 1244,1251 ---- - LCMSAPI BOOL LCMSEXPORT _cmsSaveProfileToMem(cmsHPROFILE hProfile, void *MemPtr, - size_t* BytesNeeded); - -! // Modify data for a tag in a profile -! LCMSAPI BOOL LCMSEXPORT _cmsModifyTagData(cmsHPROFILE hProfile, icTagSignature sig, void *data, size_t size); - - // PostScript ColorRenderingDictionary and ColorSpaceArray - -*************** typedef struct _lcms_iccprofile_struct { -*** 1838,1843 **** ---- 1839,1845 ---- - BOOL (* Seek)(struct _lcms_iccprofile_struct* Icc, size_t offset); - BOOL (* Close)(struct _lcms_iccprofile_struct* Icc); - size_t (* Tell)(struct _lcms_iccprofile_struct* Icc); -+ BOOL (* Grow)(struct _lcms_iccprofile_struct* Icc, size_t amount); - - // Writting - -*** openjdk/jdk/src/share/native/sun/java2d/cmm/lcms/LCMS.c.orig 2008-04-11 19:18:43.000000000 -0700 ---- openjdk/jdk/src/share/native/sun/java2d/cmm/lcms/LCMS.c 2008-04-11 19:19:48.000000000 -0700 -*************** JNIEXPORT void JNICALL Java_sun_java2d_c -*** 347,353 **** - JNIEXPORT void JNICALL Java_sun_java2d_cmm_lcms_LCMS_setTagData - (JNIEnv *env, jobject obj, jlong id, jint tagSig, jbyteArray data) - { -! fprintf(stderr, "setTagData operation is not implemented"); - } - - void* getILData (JNIEnv *env, jobject img, jint* pDataType, ---- 347,368 ---- - JNIEXPORT void JNICALL Java_sun_java2d_cmm_lcms_LCMS_setTagData - (JNIEnv *env, jobject obj, jlong id, jint tagSig, jbyteArray data) - { -! cmsHPROFILE profile; -! storeID_t sProf; -! jbyte* dataArray; -! int tagSize; -! -! if (tagSig == SigHead) { -! fprintf(stderr, "setTagData on icSigHead not permitted"); -! return; -! } -! -! sProf.j = id; -! profile = (cmsHPROFILE) sProf.pf; -! dataArray = (*env)->GetByteArrayElements(env, data, 0); -! tagSize =(*env)->GetArrayLength(env, data); -! _cmsModifyTagData(profile, (icTagSignature) tagSig, dataArray, tagSize); -! (*env)->ReleaseByteArrayElements(env, data, dataArray, 0); - } - - void* getILData (JNIEnv *env, jobject img, jint* pDataType, -*** openjdk/jdk/src/share/native/sun/java2d/cmm/lcms/cmsio0.c.orig 2008-04-11 19:17:54.000000000 -0700 ---- openjdk/jdk/src/share/native/sun/java2d/cmm/lcms/cmsio0.c 2008-04-11 19:19:48.000000000 -0700 -*************** BOOL MemoryWrite(struct _lcms_iccprofile -*** 157,164 **** - if (size == 0) return TRUE; - - if (ResData != NULL) -! CopyMemory(ResData ->Block + Icc ->UsedSpace, Ptr, size); - - Icc->UsedSpace += size; - - return TRUE; ---- 157,165 ---- - if (size == 0) return TRUE; - - if (ResData != NULL) -! CopyMemory(ResData ->Block + ResData ->Pointer, Ptr, size); - -+ ResData->Pointer += size; - Icc->UsedSpace += size; - - return TRUE; -*************** BOOL MemoryWrite(struct _lcms_iccprofile -*** 166,171 **** ---- 167,184 ---- - - - static -+ BOOL MemoryGrow(struct _lcms_iccprofile_struct* Icc, size_t size) -+ { -+ FILEMEM* ResData = (FILEMEM*) Icc->stream; -+ ResData->Size += size; -+ ResData->Block = realloc(ResData->Block, ResData->Size); -+ if (!ResData->Block) -+ return FALSE; -+ return TRUE; -+ } -+ -+ -+ static - BOOL MemoryClose(struct _lcms_iccprofile_struct* Icc) - { - FILEMEM* ResData = (FILEMEM*) Icc ->stream; -*************** BOOL FileWrite(struct _lcms_iccprofile_s -*** 239,244 **** ---- 252,264 ---- - - - static -+ BOOL FileGrow(struct _lcms_iccprofile_struct* Icc, size_t size) -+ { -+ return TRUE; -+ } -+ -+ -+ static - BOOL FileClose(struct _lcms_iccprofile_struct* Icc) - { - return fclose((FILE*) Icc ->stream); -*************** LPLCMSICCPROFILE _cmsCreateProfileFromFi -*** 382,387 **** ---- 402,408 ---- - NewIcc ->Seek = FileSeek; - NewIcc ->Tell = FileTell; - NewIcc ->Close = FileClose; -+ NewIcc ->Grow = FileGrow; - NewIcc ->Write = NULL; - - NewIcc ->IsWrite = FALSE; -*************** LPLCMSICCPROFILE _cmsCreateProfileFromMe -*** 419,425 **** - NewIcc ->Seek = MemorySeek; - NewIcc ->Tell = MemoryTell; - NewIcc ->Close = MemoryClose; -! NewIcc ->Write = NULL; - - NewIcc ->IsWrite = FALSE; - ---- 440,447 ---- - NewIcc ->Seek = MemorySeek; - NewIcc ->Tell = MemoryTell; - NewIcc ->Close = MemoryClose; -! NewIcc ->Grow = MemoryGrow; -! NewIcc ->Write = MemoryWrite; - - NewIcc ->IsWrite = FALSE; - -*** openjdk/jdk/src/share/native/sun/java2d/cmm/lcms/cmsio1.c.orig 2008-04-11 19:17:54.000000000 -0700 ---- openjdk/jdk/src/share/native/sun/java2d/cmm/lcms/cmsio1.c 2008-04-11 19:19:48.000000000 -0700 -*************** CleanUp: -*** 3661,3663 **** ---- 3661,3800 ---- - CopyMemory(Icc, &Keep, sizeof(LCMSICCPROFILE)); - return FALSE; - } -+ -+ BOOL LCMSEXPORT _cmsModifyTagData(cmsHPROFILE hProfile, icTagSignature sig, -+ void *data, size_t size) -+ { -+ BOOL isNew; -+ int i, idx, delta, count; -+ LPBYTE padChars[3] = {0, 0, 0}; -+ LPBYTE beforeBuf, afterBuf, ptr; -+ size_t beforeSize, afterSize; -+ icUInt32Number profileSize, temp; -+ LPLCMSICCPROFILE Icc = (LPLCMSICCPROFILE) (LPSTR) hProfile; -+ -+ isNew = FALSE; -+ idx = _cmsSearchTag(Icc, sig, FALSE); -+ if (idx < 0) -+ { -+ isNew = TRUE; -+ idx = Icc->TagCount++; -+ if (Icc->TagCount >= MAX_TABLE_TAG) -+ { -+ fprintf(stderr, "Too many tags (%d)\n", Icc->TagCount); -+ Icc->TagCount = MAX_TABLE_TAG-1; -+ return FALSE; -+ } -+ } -+ -+ /* Read in size from header */ -+ Icc->Seek(Icc, 0); -+ Icc->Read(&profileSize, sizeof(icUInt32Number), 1, Icc); -+ AdjustEndianess32((LPBYTE) &profileSize); -+ -+ /* Compute the change in profile size */ -+ if (isNew) -+ delta = sizeof(icTag) + ALIGNLONG(size); -+ else -+ delta = ALIGNLONG(size) - ALIGNLONG(Icc->TagSizes[idx]); -+ -+ /* Add tag to internal structures */ -+ ptr = malloc(size); -+ CopyMemory(ptr, data, size); -+ Icc->TagSizes[idx] = size; -+ Icc->TagNames[idx] = sig; -+ if (Icc->TagPtrs[idx]) -+ free(Icc->TagPtrs[idx]); -+ Icc->TagPtrs[idx] = ptr; -+ if (isNew) -+ Icc->TagOffsets[idx] = profileSize; -+ -+ /* Compute size of tag data before/after the modified tag */ -+ beforeSize = Icc->TagOffsets[idx] - Icc->TagOffsets[0]; -+ if (Icc->TagCount == (idx + 1)) -+ afterSize = 0; -+ else -+ afterSize = profileSize - Icc->TagOffsets[idx+1]; -+ -+ /* Make copies of the data before/after the modified tag */ -+ if (beforeSize > 0) -+ { -+ beforeBuf = malloc(beforeSize); -+ Icc->Seek(Icc, Icc->TagOffsets[0]); -+ Icc->Read(beforeBuf, beforeSize, 1, Icc); -+ } -+ -+ if (afterSize > 0) -+ { -+ afterBuf = malloc(afterSize); -+ Icc->Seek(Icc, Icc->TagOffsets[idx+1]); -+ Icc->Read(afterBuf, afterSize, 1, Icc); -+ } -+ -+ /* Update the profile size in the header */ -+ profileSize += delta; -+ Icc->Seek(Icc, 0); -+ temp = TransportValue32(profileSize); -+ Icc->Write(Icc, sizeof(icUInt32Number), &temp); -+ -+ Icc->Grow(Icc, delta); -+ -+ /* Adjust tag offsets: if the tag is new, we must account -+ for the new tag table entry; otherwise, only those tags after -+ the modified tag are changed (by delta) */ -+ if (isNew) -+ { -+ for (i = 0; i < Icc->TagCount; ++i) -+ Icc->TagOffsets[i] += sizeof(icTag); -+ } -+ else -+ { -+ for (i = idx+1; i < Icc->TagCount; ++i) -+ Icc->TagOffsets[i] += delta; -+ } -+ -+ /* Write out a new tag table */ -+ count = 0; -+ for (i = 0; i < Icc->TagCount; ++i) -+ { -+ if (Icc->TagNames[i] != 0) -+ ++count; -+ } -+ Icc->Seek(Icc, sizeof(icHeader)); -+ temp = TransportValue32(count); -+ Icc->Write(Icc, sizeof(icUInt32Number), &temp); -+ -+ for (i = 0; i < Icc->TagCount; ++i) -+ { -+ if (Icc->TagNames[i] != 0) -+ { -+ icTag tag; -+ tag.sig = TransportValue32(Icc->TagNames[i]); -+ tag.offset = TransportValue32((icInt32Number) Icc->TagOffsets[i]); -+ tag.size = TransportValue32((icInt32Number) Icc->TagSizes[i]); -+ Icc->Write(Icc, sizeof(icTag), &tag); -+ } -+ } -+ -+ /* Write unchanged data before the modified tag */ -+ if (beforeSize > 0) -+ { -+ Icc->Write(Icc, beforeSize, beforeBuf); -+ free(beforeBuf); -+ } -+ -+ /* Write modified tag data */ -+ Icc->Write(Icc, size, data); -+ if (size % 4) -+ Icc->Write(Icc, 4 - (size % 4), padChars); -+ -+ /* Write unchanged data after the modified tag */ -+ if (afterSize > 0) -+ { -+ Icc->Write(Icc, afterSize, afterBuf); -+ free(afterBuf); -+ } -+ -+ return TRUE; -+ } -+
--- a/patches/icedtea-color-createcontext.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,36 +0,0 @@ -*** openjdk/jdk/src/share/classes/java/awt/Color.java.orig 2008-04-02 17:12:00.000000000 -0700 ---- openjdk/jdk/src/share/classes/java/awt/Color.java 2008-04-02 17:29:29.000000000 -0700 -*************** public class Color implements Paint, jav -*** 251,256 **** ---- 251,262 ---- - */ - private ColorSpace cs = null; - -+ /** -+ * The <code>PaintContext</code> for this solid color. -+ * @see #createContext -+ */ -+ private transient PaintContext context; -+ - /* - * JDK 1.1 serialVersionUID - */ -*************** public class Color implements Paint, jav -*** 1205,1211 **** - Rectangle2D r2d, - AffineTransform xform, - RenderingHints hints) { -! return new ColorPaintContext(getRGB(), cm); - } - - /** ---- 1211,1219 ---- - Rectangle2D r2d, - AffineTransform xform, - RenderingHints hints) { -! if (context == null || !context.getColorModel().equals(cm)) -! context = new ColorPaintContext(getRGB(), cm); -! return context; - } - - /**
--- a/patches/icedtea-hotspot-params-cast-size_t.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,121 +0,0 @@ -diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp openjdk/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp ---- openjdk.orig/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp 2008-09-01 01:47:18.000000000 +0100 -+++ openjdk/hotspot/src/share/vm/gc_implementation/concurrentMarkSweep/concurrentMarkSweepGeneration.cpp 2008-09-01 01:53:31.000000000 +0100 -@@ -938,7 +938,7 @@ - if (free_percentage < desired_free_percentage) { - size_t desired_capacity = (size_t)(used() / ((double) 1 - desired_free_percentage)); - assert(desired_capacity >= capacity(), "invalid expansion size"); -- expand_bytes = MAX2(desired_capacity - capacity(), MinHeapDeltaBytes); -+ expand_bytes = MAX2((long unsigned int) (desired_capacity - capacity()), (long unsigned int) MinHeapDeltaBytes); - } - if (expand_bytes > 0) { - if (PrintGCDetails && Verbose) { -@@ -6044,7 +6044,7 @@ - HeapWord* curAddr = _markBitMap.startWord(); - while (curAddr < _markBitMap.endWord()) { - size_t remaining = pointer_delta(_markBitMap.endWord(), curAddr); -- MemRegion chunk(curAddr, MIN2(CMSBitMapYieldQuantum, remaining)); -+ MemRegion chunk(curAddr, MIN2((size_t) CMSBitMapYieldQuantum, remaining)); - _markBitMap.clear_large_range(chunk); - if (ConcurrentMarkSweepThread::should_yield() && - !foregroundGCIsActive() && -@@ -6332,7 +6332,7 @@ - return; - } - // Double capacity if possible -- size_t new_capacity = MIN2(_capacity*2, CMSMarkStackSizeMax); -+ size_t new_capacity = MIN2((size_t) (_capacity*2), (size_t) CMSMarkStackSizeMax); - // Do not give up existing stack until we have managed to - // get the double capacity that we desired. - ReservedSpace rs(ReservedSpace::allocation_align_size_up( -diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp ---- openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp 2008-08-14 08:40:10.000000000 +0100 -+++ openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psParallelCompact.cpp 2008-09-01 01:49:59.000000000 +0100 -@@ -904,8 +904,8 @@ - void PSParallelCompact::initialize_dead_wood_limiter() - { - const size_t max = 100; -- _dwl_mean = double(MIN2(ParallelOldDeadWoodLimiterMean, max)) / 100.0; -- _dwl_std_dev = double(MIN2(ParallelOldDeadWoodLimiterStdDev, max)) / 100.0; -+ _dwl_mean = double(MIN2((size_t) ParallelOldDeadWoodLimiterMean, max)) / 100.0; -+ _dwl_std_dev = double(MIN2((size_t) ParallelOldDeadWoodLimiterStdDev, max)) / 100.0; - _dwl_first_term = 1.0 / (sqrt(2.0 * M_PI) * _dwl_std_dev); - DEBUG_ONLY(_dwl_initialized = true;) - _dwl_adjustment = normal_distribution(1.0); -diff -Nru openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psPermGen.cpp openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psPermGen.cpp ---- openjdk.orig/hotspot/src/share/vm/gc_implementation/parallelScavenge/psPermGen.cpp 2008-08-14 08:40:10.000000000 +0100 -+++ openjdk/hotspot/src/share/vm/gc_implementation/parallelScavenge/psPermGen.cpp 2008-09-01 01:52:42.000000000 +0100 -@@ -63,7 +63,7 @@ - _last_used = current_live; - - // We have different alignment constraints than the rest of the heap. -- const size_t alignment = MAX2(MinPermHeapExpansion, -+ const size_t alignment = MAX2((size_t) MinPermHeapExpansion, - virtual_space()->alignment()); - - // Compute the desired size: -diff -Nru openjdk.orig/hotspot/src/share/vm/memory/collectorPolicy.cpp openjdk/hotspot/src/share/vm/memory/collectorPolicy.cpp ---- openjdk.orig/hotspot/src/share/vm/memory/collectorPolicy.cpp 2008-08-14 08:40:10.000000000 +0100 -+++ openjdk/hotspot/src/share/vm/memory/collectorPolicy.cpp 2008-09-01 02:58:03.000000000 +0100 -@@ -287,7 +287,7 @@ - // yield a size that is too small) and bound it by MaxNewSize above. - // Ergonomics plays here by previously calculating the desired - // NewSize and MaxNewSize. -- max_new_size = MIN2(MAX2(max_new_size, NewSize), MaxNewSize); -+ max_new_size = MIN2(MAX2(max_new_size, (size_t) NewSize), (size_t) MaxNewSize); - } - assert(max_new_size > 0, "All paths should set max_new_size"); - -diff -Nru openjdk.orig/hotspot/src/share/vm/memory/threadLocalAllocBuffer.cpp openjdk/hotspot/src/share/vm/memory/threadLocalAllocBuffer.cpp ---- openjdk.orig/hotspot/src/share/vm/memory/threadLocalAllocBuffer.cpp 2008-08-14 08:40:11.000000000 +0100 -+++ openjdk/hotspot/src/share/vm/memory/threadLocalAllocBuffer.cpp 2008-09-01 01:49:59.000000000 +0100 -@@ -222,7 +222,7 @@ - size_t init_sz; - - if (TLABSize > 0) { -- init_sz = MIN2(TLABSize / HeapWordSize, max_size()); -+ init_sz = MIN2((size_t) (TLABSize / HeapWordSize), max_size()); - } else if (global_stats() == NULL) { - // Startup issue - main thread initialized before heap initialized. - init_sz = min_size(); -diff -Nru openjdk.orig/hotspot/src/share/vm/runtime/arguments.cpp openjdk/hotspot/src/share/vm/runtime/arguments.cpp ---- openjdk.orig/hotspot/src/share/vm/runtime/arguments.cpp 2008-09-01 01:47:17.000000000 +0100 -+++ openjdk/hotspot/src/share/vm/runtime/arguments.cpp 2008-09-01 01:58:01.000000000 +0100 -@@ -1025,7 +1025,7 @@ - // for "short" pauses ~ 4M*ParallelGCThreads - if (FLAG_IS_DEFAULT(MaxNewSize)) { // MaxNewSize not set at command-line - if (!FLAG_IS_DEFAULT(NewSize)) { // NewSize explicitly set at command-line -- FLAG_SET_ERGO(uintx, MaxNewSize, MAX2(NewSize, preferred_max_new_size)); -+ FLAG_SET_ERGO(uintx, MaxNewSize, MAX2((size_t) NewSize, preferred_max_new_size)); - } else { - FLAG_SET_ERGO(uintx, MaxNewSize, preferred_max_new_size); - } -@@ -1038,7 +1038,7 @@ - // Old to Young gen size so as to shift the collection load - // to the old generation concurrent collector - if (FLAG_IS_DEFAULT(NewRatio)) { -- FLAG_SET_ERGO(intx, NewRatio, MAX2(NewRatio, new_ratio)); -+ FLAG_SET_ERGO(intx, NewRatio, MAX2((intx) NewRatio, new_ratio)); - - size_t min_new = align_size_up(ScaleForWordSize(min_new_default), os::vm_page_size()); - size_t prev_initial_size = initial_heap_size(); -@@ -1067,8 +1067,8 @@ - // Unless explicitly requested otherwise, make young gen - // at least min_new, and at most preferred_max_new_size. - if (FLAG_IS_DEFAULT(NewSize)) { -- FLAG_SET_ERGO(uintx, NewSize, MAX2(NewSize, min_new)); -- FLAG_SET_ERGO(uintx, NewSize, MIN2(preferred_max_new_size, NewSize)); -+ FLAG_SET_ERGO(uintx, NewSize, MAX2((size_t) NewSize, min_new)); -+ FLAG_SET_ERGO(uintx, NewSize, MIN2(preferred_max_new_size, (size_t) NewSize)); - if(PrintGCDetails && Verbose) { - // Too early to use gclog_or_tty - tty->print_cr("Ergo set NewSize: " SIZE_FORMAT, NewSize); -@@ -1079,7 +1079,7 @@ - // later NewRatio will decide how it grows; see above. - if (FLAG_IS_DEFAULT(OldSize)) { - if (max_heap > NewSize) { -- FLAG_SET_ERGO(uintx, OldSize, MIN2(3*NewSize, max_heap - NewSize)); -+ FLAG_SET_ERGO(uintx, OldSize, MIN2((size_t) (3*NewSize), max_heap - (size_t) NewSize)); - if(PrintGCDetails && Verbose) { - // Too early to use gclog_or_tty - tty->print_cr("Ergo set OldSize: " SIZE_FORMAT, OldSize);
--- a/patches/icedtea-hotspot-use-idx_t.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,45 +0,0 @@ -diff -Nru openjdk.orig/hotspot/src/share/vm/compiler/methodLiveness.cpp openjdk/hotspot/src/share/vm/compiler/methodLiveness.cpp ---- openjdk.orig/hotspot/src/share/vm/compiler/methodLiveness.cpp 2008-11-06 08:40:55.000000000 +0000 -+++ openjdk/hotspot/src/share/vm/compiler/methodLiveness.cpp 2008-11-10 00:55:09.000000000 +0000 -@@ -567,15 +567,15 @@ - - - MethodLiveness::BasicBlock::BasicBlock(MethodLiveness *analyzer, int start, int limit) : -- _gen((uintptr_t*)analyzer->arena()->Amalloc(BytesPerWord * analyzer->bit_map_size_words()), -+ _gen((size_t*)analyzer->arena()->Amalloc(BytesPerWord * analyzer->bit_map_size_words()), - analyzer->bit_map_size_bits()), -- _kill((uintptr_t*)analyzer->arena()->Amalloc(BytesPerWord * analyzer->bit_map_size_words()), -+ _kill((size_t*)analyzer->arena()->Amalloc(BytesPerWord * analyzer->bit_map_size_words()), - analyzer->bit_map_size_bits()), -- _entry((uintptr_t*)analyzer->arena()->Amalloc(BytesPerWord * analyzer->bit_map_size_words()), -+ _entry((size_t*)analyzer->arena()->Amalloc(BytesPerWord * analyzer->bit_map_size_words()), - analyzer->bit_map_size_bits()), -- _normal_exit((uintptr_t*)analyzer->arena()->Amalloc(BytesPerWord * analyzer->bit_map_size_words()), -+ _normal_exit((size_t*)analyzer->arena()->Amalloc(BytesPerWord * analyzer->bit_map_size_words()), - analyzer->bit_map_size_bits()), -- _exception_exit((uintptr_t*)analyzer->arena()->Amalloc(BytesPerWord * analyzer->bit_map_size_words()), -+ _exception_exit((size_t*)analyzer->arena()->Amalloc(BytesPerWord * analyzer->bit_map_size_words()), - analyzer->bit_map_size_bits()), - _last_bci(-1) { - _analyzer = analyzer; -@@ -992,7 +992,7 @@ - } - - MethodLivenessResult MethodLiveness::BasicBlock::get_liveness_at(ciMethod* method, int bci) { -- MethodLivenessResult answer(NEW_RESOURCE_ARRAY(uintptr_t, _analyzer->bit_map_size_words()), -+ MethodLivenessResult answer(NEW_RESOURCE_ARRAY(size_t, _analyzer->bit_map_size_words()), - _analyzer->bit_map_size_bits()); - answer.set_is_valid(); - -diff -Nru openjdk.orig/hotspot/src/share/vm/utilities/bitMap.hpp openjdk/hotspot/src/share/vm/utilities/bitMap.hpp ---- openjdk.orig/hotspot/src/share/vm/utilities/bitMap.hpp 2008-11-06 08:40:58.000000000 +0000 -+++ openjdk/hotspot/src/share/vm/utilities/bitMap.hpp 2008-11-10 00:57:20.000000000 +0000 -@@ -73,7 +73,7 @@ - - // Set a word to a specified value or to all ones; clear a word. - void set_word (idx_t word, bm_word_t val) { _map[word] = val; } -- void set_word (idx_t word) { set_word(word, ~(uintptr_t)0); } -+ void set_word (idx_t word) { set_word(word, ~(idx_t)0); } - void clear_word(idx_t word) { _map[word] = 0; } - - // Utilities for ranges of bits. Ranges are half-open [beg, end).
--- a/patches/icedtea-hotspot7-build-fixes.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,32 +0,0 @@ -<<<<<<< local -diff -Nru openjdk.orig/hotspot/src/share/vm/runtime/vm_version.cpp openjdk/hotspot/src/share/vm/runtime/vm_version.cpp ---- openjdk.orig/hotspot/src/share/vm/runtime/vm_version.cpp 2008-10-30 17:10:16.000000000 +0000 -+++ openjdk/hotspot/src/share/vm/runtime/vm_version.cpp 2008-10-30 17:11:34.000000000 +0000 -@@ -88,9 +88,6 @@ -======= ---- openjdk/hotspot/src/share/vm/runtime/vm_version.cpp~ 2008-12-05 16:02:43.000000000 +0000 -+++ openjdk/hotspot/src/share/vm/runtime/vm_version.cpp 2008-12-05 16:13:04.000000000 +0000 -@@ -86,16 +86,12 @@ ->>>>>>> other - #define VMLP "" - #endif - --#ifdef KERNEL -- #define VMTYPE "Kernel" --#else // KERNEL - #ifdef TIERED - #define VMTYPE "Server" - #else -<<<<<<< local -@@ -101,7 +98,6 @@ - #define VMTYPE "Core" - #endif // COMPILER1 || COMPILER2 -======= - #define VMTYPE COMPILER1_PRESENT("Client") \ - COMPILER2_PRESENT("Server") ->>>>>>> other - #endif // TIERED --#endif // KERNEL - - #ifndef HOTSPOT_VM_DISTRO - #error HOTSPOT_VM_DISTRO must be defined
--- a/patches/icedtea-lcms-leak.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,11 +0,0 @@ ---- openjdk/jdk/src/share/native/sun/java2d/cmm/lcms/LCMS.c.orig 2007-11-17 11:07:47.000000000 -0500 -+++ openjdk/jdk/src/share/native/sun/java2d/cmm/lcms/LCMS.c 2007-11-17 11:12:47.000000000 -0500 -@@ -182,6 +182,8 @@ - - sProf.pf = cmsOpenProfileFromMem((LPVOID)dataArray, (DWORD) dataSize); - -+ (*env)->ReleaseByteArrayElements (env, data, dataArray, 0); -+ - if (sProf.pf == NULL) { - JNU_ThrowIllegalArgumentException(env, "Invalid profile data"); - }
--- a/patches/icedtea-lucene-crash.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,44 +0,0 @@ -diff -r 51798f0e554f test/compiler/6707044/LuceneCrash.java ---- /dev/null Thu Jan 01 00:00:00 1970 +0000 -+++ openjdk/hotspot/test/compiler/6707044/LuceneCrash.java Thu Sep 25 21:55:28 2008 +0200 -@@ -0,0 +1,40 @@ -+/* -+ * @test -+ * @bug 6707044 -+ * @summary uncommon_trap of ifnull bytecode leaves garbage on expression stack -+ * @run main/othervm -Xbatch LuceneCrash -+ */ -+public class LuceneCrash { -+ -+ public static void main(String[] args) throws Throwable { -+ new LuceneCrash().crash(); -+ } -+ -+ private Object alwaysNull; -+ -+ final void crash() throws Throwable { -+ for (int r = 0; r < 3; r++) { -+ for (int docNum = 0; docNum < 10000;) { -+ if (r < 2) { -+ for(int j=0;j<3000;j++) -+ docNum++; -+ } else { -+ docNum++; -+ doNothing(getNothing()); -+ if (alwaysNull != null) { -+ throw new RuntimeException("BUG: checkAbort is always null: r=" + r + " of 3; docNum=" + docNum); -+ } -+ } -+ } -+ } -+ } -+ -+ Object getNothing() { -+ return this; -+ } -+ -+ int x; -+ void doNothing(Object o) { -+ x++; -+ } -+}
--- a/patches/icedtea-signed-types-hot6.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,22 +0,0 @@ ---- openjdk/hotspot/src/share/vm/asm/codeBuffer.hpp.orig 2008-08-14 16:24:58.000000000 +0200 -+++ openjdk/hotspot/src/share/vm/asm/codeBuffer.hpp 2008-08-14 16:25:20.000000000 +0200 -@@ -84,7 +84,7 @@ - address _locs_point; // last relocated position (grows upward) - bool _locs_own; // did I allocate the locs myself? - bool _frozen; // no more expansion of this section -- char _index; // my section number (SECT_INST, etc.) -+ signed char _index; // my section number (SECT_INST, etc.) - CodeBuffer* _outer; // enclosing CodeBuffer - - // (Note: _locs_point used to be called _last_reloc_offset.) ---- openjdk/hotspot/src/share/vm/ci/ciTypeFlow.cpp.orig 2008-08-14 16:21:47.000000000 +0200 -+++ openjdk/hotspot/src/share/vm/ci/ciTypeFlow.cpp 2008-08-14 16:25:51.000000000 +0200 -@@ -391,7 +391,7 @@ - // Set the rest of the locals to bottom. - Cell cell = state->next_cell(state->tos()); - state->set_stack_size(0); -- int limit = state->limit_cell(); -+ Cell limit = state->limit_cell(); - for (; cell < limit; cell = state->next_cell(cell)) { - state->set_type_at(cell, state->bottom_type()); - }
--- a/patches/icedtea-static-libstdc++.patch Thu Dec 09 17:41:47 2010 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,16 +0,0 @@ -diff -Nru openjdk.orig/hotspot/make/linux/makefiles/vm.make openjdk/hotspot/make/linux/makefiles/vm.make ---- openjdk.orig/hotspot/make/linux/makefiles/vm.make 2008-05-16 22:13:31.000000000 +0100 -+++ openjdk/hotspot/make/linux/makefiles/vm.make 2008-05-23 23:25:47.000000000 +0100 -@@ -124,6 +124,12 @@ - - STATIC_CXX = true - -+ifeq ($(ZERO_LIBARCH), ppc64) -+ STATIC_CXX = false -+else -+ STATIC_CXX = true -+endif -+ - ifeq ($(LINK_INTO),AOUT) - LIBJVM.o = - LIBJVM_MAPFILE =