--- a/jdk/src/share/classes/java/math/BigInteger.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/src/share/classes/java/math/BigInteger.java Wed Oct 21 11:34:19 2009 -0700
@@ -2051,6 +2051,8 @@
*
* @param n shift distance, in bits.
* @return {@code this << n}
+ * @throws ArithmeticException if the shift distance is {@code
+ * Integer.MIN_VALUE}.
* @see #shiftRight
*/
public BigInteger shiftLeft(int n) {
@@ -2058,8 +2060,13 @@
return ZERO;
if (n==0)
return this;
- if (n<0)
- return shiftRight(-n);
+ if (n<0) {
+ if (n == Integer.MIN_VALUE) {
+ throw new ArithmeticException("Shift distance of Integer.MIN_VALUE not supported.");
+ } else {
+ return shiftRight(-n);
+ }
+ }
int nInts = n >>> 5;
int nBits = n & 0x1f;
@@ -2097,13 +2104,20 @@
*
* @param n shift distance, in bits.
* @return {@code this >> n}
+ * @throws ArithmeticException if the shift distance is {@code
+ * Integer.MIN_VALUE}.
* @see #shiftLeft
*/
public BigInteger shiftRight(int n) {
if (n==0)
return this;
- if (n<0)
- return shiftLeft(-n);
+ if (n<0) {
+ if (n == Integer.MIN_VALUE) {
+ throw new ArithmeticException("Shift distance of Integer.MIN_VALUE not supported.");
+ } else {
+ return shiftLeft(-n);
+ }
+ }
int nInts = n >>> 5;
int nBits = n & 0x1f;
--- a/jdk/src/share/classes/java/net/CookieHandler.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/src/share/classes/java/net/CookieHandler.java Wed Oct 21 11:34:19 2009 -0700
@@ -101,11 +101,21 @@
* Gets all the applicable cookies from a cookie cache for the
* specified uri in the request header.
*
- * HTTP protocol implementers should make sure that this method is
+ * <P>The {@code URI} passed as an argument specifies the intended use for
+ * the cookies. In particular the scheme should reflect whether the cookies
+ * will be sent over http, https or used in another context like javascript.
+ * The host part should reflect either the destination of the cookies or
+ * their origin in the case of javascript.</P>
+ * <P>It is up to the implementation to take into account the {@code URI} and
+ * the cookies attributes and security settings to determine which ones
+ * should be returned.</P>
+ *
+ * <P>HTTP protocol implementers should make sure that this method is
* called after all request headers related to choosing cookies
- * are added, and before the request is sent.
+ * are added, and before the request is sent.</P>
*
- * @param uri a <code>URI</code> to send cookies to in a request
+ * @param uri a <code>URI</code> representing the intended use for the
+ * cookies
* @param requestHeaders - a Map from request header
* field names to lists of field values representing
* the current request headers
--- a/jdk/src/share/classes/java/net/CookieManager.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/src/share/classes/java/net/CookieManager.java Wed Oct 21 11:34:19 2009 -0700
@@ -218,6 +218,13 @@
// 'secure' cookies over unsecure links)
if (pathMatches(path, cookie.getPath()) &&
(secureLink || !cookie.getSecure())) {
+ // Enforce httponly attribute
+ if (cookie.isHttpOnly()) {
+ String s = uri.getScheme();
+ if (!"http".equalsIgnoreCase(s) && !"https".equalsIgnoreCase(s)) {
+ continue;
+ }
+ }
// Let's check the authorize port list if it exists
String ports = cookie.getPortlist();
if (ports != null && !ports.isEmpty()) {
--- a/jdk/src/share/classes/java/util/jar/JarFile.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/src/share/classes/java/util/jar/JarFile.java Wed Oct 21 11:34:19 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -297,6 +297,7 @@
String name = names[i].toUpperCase(Locale.ENGLISH);
if (name.endsWith(".DSA") ||
name.endsWith(".RSA") ||
+ name.endsWith(".EC") ||
name.endsWith(".SF")) {
// Assume since we found a signature-related file
// that the jar is signed and that we therefore
--- a/jdk/src/share/classes/java/util/jar/JarVerifier.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/src/share/classes/java/util/jar/JarVerifier.java Wed Oct 21 11:34:19 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2005 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -50,7 +50,7 @@
private Hashtable verifiedSigners;
/* a table mapping names to code signers, for jar entries that have
- passed the .SF/.DSA -> MANIFEST check */
+ passed the .SF/.DSA/.EC -> MANIFEST check */
private Hashtable sigFileSigners;
/* a hash table to hold .SF bytes */
@@ -111,7 +111,7 @@
/*
* Assumptions:
* 1. The manifest should be the first entry in the META-INF directory.
- * 2. The .SF/.DSA files follow the manifest, before any normal entries
+ * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
* 3. Any of the following will throw a SecurityException:
* a. digest mismatch between a manifest section and
* the SF section.
@@ -129,7 +129,7 @@
}
if (SignatureFileVerifier.isBlockOrSF(uname)) {
- /* We parse only DSA or RSA PKCS7 blocks. */
+ /* We parse only DSA, RSA or EC PKCS7 blocks. */
parsingBlockOrSF = true;
baos.reset();
mev.setEntry(null, je);
--- a/jdk/src/share/classes/sun/net/www/protocol/http/DigestAuthentication.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/src/share/classes/sun/net/www/protocol/http/DigestAuthentication.java Wed Oct 21 11:34:19 2009 -0700
@@ -284,14 +284,16 @@
params.setOpaque (p.findValue("opaque"));
params.setQop (p.findValue("qop"));
- String uri;
+ String uri="";
String method;
if (type == PROXY_AUTHENTICATION &&
conn.tunnelState() == HttpURLConnection.TunnelState.SETUP) {
uri = HttpURLConnection.connectRequestURI(conn.getURL());
method = HTTP_CONNECT;
} else {
- uri = conn.getRequestURI();
+ try {
+ uri = conn.getRequestURI();
+ } catch (IOException e) {}
method = conn.getMethod();
}
--- a/jdk/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java Wed Oct 21 11:34:19 2009 -0700
@@ -1543,7 +1543,7 @@
* because ntlm does not support this feature.
*/
private AuthenticationInfo
- resetProxyAuthentication(AuthenticationInfo proxyAuthentication, AuthenticationHeader auth) {
+ resetProxyAuthentication(AuthenticationInfo proxyAuthentication, AuthenticationHeader auth) throws IOException {
if ((proxyAuthentication != null )&&
proxyAuthentication.getAuthScheme() != NTLM) {
String raw = auth.raw();
@@ -1767,7 +1767,7 @@
/**
* Sets pre-emptive proxy authentication in header
*/
- private void setPreemptiveProxyAuthentication(MessageHeader requests) {
+ private void setPreemptiveProxyAuthentication(MessageHeader requests) throws IOException {
AuthenticationInfo pauth
= AuthenticationInfo.getProxyAuth(http.getProxyHostUsed(),
http.getProxyPortUsed());
@@ -2123,13 +2123,9 @@
String requestURI = null;
- String getRequestURI() {
+ String getRequestURI() throws IOException {
if (requestURI == null) {
- try {
- requestURI = http.getURLFile();
- } catch (IOException e) {
- requestURI = "";
- }
+ requestURI = http.getURLFile();
}
return requestURI;
}
--- a/jdk/src/share/classes/sun/security/jca/Providers.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/src/share/classes/sun/security/jca/Providers.java Wed Oct 21 11:34:19 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 2003-2005 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -86,6 +86,9 @@
private static final String[] jarVerificationProviders = {
"sun.security.provider.Sun",
"sun.security.rsa.SunRsaSign",
+ // Note: SunEC *is* in a signed JAR file, but it's not signed
+ // by EC itself. So it's still safe to be listed here.
+ "sun.security.ec.SunEC",
BACKUP_PROVIDER_CLASSNAME,
};
--- a/jdk/src/share/classes/sun/security/pkcs/SignerInfo.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/src/share/classes/sun/security/pkcs/SignerInfo.java Wed Oct 21 11:34:19 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 1996-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1996-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -286,8 +286,6 @@
}
String digestAlgname = getDigestAlgorithmId().getName();
- if (digestAlgname.equalsIgnoreCase("SHA"))
- digestAlgname = "SHA1";
byte[] dataSigned;
@@ -337,9 +335,12 @@
String encryptionAlgname =
getDigestEncryptionAlgorithmId().getName();
- if (encryptionAlgname.equalsIgnoreCase("SHA1withDSA"))
- encryptionAlgname = "DSA";
- String algname = digestAlgname + "with" + encryptionAlgname;
+ // Workaround: sometimes the encryptionAlgname is actually
+ // a signature name
+ String tmp = AlgorithmId.getEncAlgFromSigAlg(encryptionAlgname);
+ if (tmp != null) encryptionAlgname = tmp;
+ String algname = AlgorithmId.makeSigAlg(
+ digestAlgname, encryptionAlgname);
Signature sig = Signature.getInstance(algname);
X509Certificate cert = getCertificate(block);
--- a/jdk/src/share/classes/sun/security/tools/JarSigner.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/src/share/classes/sun/security/tools/JarSigner.java Wed Oct 21 11:34:19 2009 -0700
@@ -1031,9 +1031,9 @@
}
if (sigfile.length() > 8) {
- sigfile = sigfile.substring(0, 8).toUpperCase();
+ sigfile = sigfile.substring(0, 8).toUpperCase(Locale.ENGLISH);
} else {
- sigfile = sigfile.toUpperCase();
+ sigfile = sigfile.toUpperCase(Locale.ENGLISH);
}
StringBuilder tmpSigFile = new StringBuilder(sigfile.length());
@@ -1083,8 +1083,8 @@
ZipOutputStream zos = new ZipOutputStream(ps);
/* First guess at what they might be - we don't xclude RSA ones. */
- String sfFilename = (META_INF + sigfile + ".SF").toUpperCase();
- String bkFilename = (META_INF + sigfile + ".DSA").toUpperCase();
+ String sfFilename = (META_INF + sigfile + ".SF").toUpperCase(Locale.ENGLISH);
+ String bkFilename = (META_INF + sigfile + ".DSA").toUpperCase(Locale.ENGLISH);
Manifest manifest = new Manifest();
Map<String,Attributes> mfEntries = manifest.getEntries();
@@ -1447,9 +1447,10 @@
* . META-INF/*.SF
* . META-INF/*.DSA
* . META-INF/*.RSA
+ * . META-INF/*.EC
*/
private boolean signatureRelated(String name) {
- String ucName = name.toUpperCase();
+ String ucName = name.toUpperCase(Locale.ENGLISH);
if (ucName.equals(JarFile.MANIFEST_NAME) ||
ucName.equals(META_INF) ||
(ucName.startsWith(SIG_PREFIX) &&
@@ -1459,7 +1460,7 @@
if (ucName.startsWith(META_INF) &&
SignatureFileVerifier.isBlockOrSF(ucName)) {
- // .SF/.DSA/.RSA files in META-INF subdirs
+ // .SF/.DSA/.RSA/.EC files in META-INF subdirs
// are not considered signature-related
return (ucName.indexOf("/") == ucName.lastIndexOf("/"));
}
@@ -2227,7 +2228,6 @@
}
BigInteger serial = certChain[0].getSerialNumber();
- String digestAlgorithm;
String signatureAlgorithm;
String keyAlgorithm = privateKey.getAlgorithm();
/*
@@ -2237,22 +2237,24 @@
if (sigalg == null) {
if (keyAlgorithm.equalsIgnoreCase("DSA"))
- digestAlgorithm = "SHA1";
+ signatureAlgorithm = "SHA1withDSA";
else if (keyAlgorithm.equalsIgnoreCase("RSA"))
- digestAlgorithm = "SHA256";
- else {
+ signatureAlgorithm = "SHA256withRSA";
+ else if (keyAlgorithm.equalsIgnoreCase("EC"))
+ signatureAlgorithm = "SHA256withECDSA";
+ else
throw new RuntimeException("private key is not a DSA or "
+ "RSA key");
- }
- signatureAlgorithm = digestAlgorithm + "with" + keyAlgorithm;
} else {
signatureAlgorithm = sigalg;
}
// check common invalid key/signature algorithm combinations
- String sigAlgUpperCase = signatureAlgorithm.toUpperCase();
+ String sigAlgUpperCase = signatureAlgorithm.toUpperCase(Locale.ENGLISH);
if ((sigAlgUpperCase.endsWith("WITHRSA") &&
!keyAlgorithm.equalsIgnoreCase("RSA")) ||
+ (sigAlgUpperCase.endsWith("WITHECDSA") &&
+ !keyAlgorithm.equalsIgnoreCase("EC")) ||
(sigAlgUpperCase.endsWith("WITHDSA") &&
!keyAlgorithm.equalsIgnoreCase("DSA"))) {
throw new SignatureException
--- a/jdk/src/share/classes/sun/security/tools/KeyTool.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/src/share/classes/sun/security/tools/KeyTool.java Wed Oct 21 11:34:19 2009 -0700
@@ -1407,7 +1407,7 @@
} else if ("RSA".equalsIgnoreCase(keyAlgName)) {
return "SHA256WithRSA";
} else if ("EC".equalsIgnoreCase(keyAlgName)) {
- return "SHA1withECDSA";
+ return "SHA256withECDSA";
} else {
throw new Exception(rb.getString
("Cannot derive signature algorithm"));
--- a/jdk/src/share/classes/sun/security/tools/TimestampedSigner.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/src/share/classes/sun/security/tools/TimestampedSigner.java Wed Oct 21 11:34:19 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2007 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright (c) 2007-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -159,18 +159,10 @@
// "<digest>with<encryption>"
// or "<digest>with<encryption>and<mgf>"
String signatureAlgorithm = parameters.getSignatureAlgorithm();
- String digestAlgorithm = null;
- String keyAlgorithm = null;
- int with = signatureAlgorithm.indexOf("with");
- if (with > 0) {
- digestAlgorithm = signatureAlgorithm.substring(0, with);
- int and = signatureAlgorithm.indexOf("and", with + 4);
- if (and > 0) {
- keyAlgorithm = signatureAlgorithm.substring(with + 4, and);
- } else {
- keyAlgorithm = signatureAlgorithm.substring(with + 4);
- }
- }
+ String keyAlgorithm =
+ AlgorithmId.getEncAlgFromSigAlg(signatureAlgorithm);
+ String digestAlgorithm =
+ AlgorithmId.getDigAlgFromSigAlg(signatureAlgorithm);
AlgorithmId digestAlgorithmId = AlgorithmId.get(digestAlgorithm);
// Examine signer's certificate
--- a/jdk/src/share/classes/sun/security/util/SignatureFileVerifier.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/src/share/classes/sun/security/util/SignatureFileVerifier.java Wed Oct 21 11:34:19 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -54,14 +54,14 @@
("-DIGEST-" + ManifestDigester.MF_MAIN_ATTRS).toUpperCase
(Locale.ENGLISH);
- /** the PKCS7 block for this .DSA/.RSA file */
+ /** the PKCS7 block for this .DSA/.RSA/.EC file */
private PKCS7 block;
/** the raw bytes of the .SF file */
private byte sfBytes[];
/** the name of the signature block file, uppercased and without
- * the extension (.DSA/.RSA)
+ * the extension (.DSA/.RSA/.EC)
*/
private String name;
@@ -80,7 +80,7 @@
/**
* Create the named SignatureFileVerifier.
*
- * @param name the name of the signature block file (.DSA/.RSA)
+ * @param name the name of the signature block file (.DSA/.RSA/.EC)
*
* @param rawBytes the raw bytes of the signature block file
*/
@@ -148,7 +148,8 @@
*/
public static boolean isBlockOrSF(String s) {
// we currently only support DSA and RSA PKCS7 blocks
- if (s.endsWith(".SF") || s.endsWith(".DSA") || s.endsWith(".RSA")) {
+ if (s.endsWith(".SF") || s.endsWith(".DSA") ||
+ s.endsWith(".RSA") || s.endsWith(".EC")) {
return true;
}
return false;
--- a/jdk/src/share/classes/sun/security/x509/AlgorithmId.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/src/share/classes/sun/security/x509/AlgorithmId.java Wed Oct 21 11:34:19 2009 -0700
@@ -883,4 +883,53 @@
nameTable.put(pbeWithSHA1AndDESede_oid, "PBEWithSHA1AndDESede");
nameTable.put(pbeWithSHA1AndRC2_40_oid, "PBEWithSHA1AndRC2_40");
}
+
+ /**
+ * Creates a signature algorithm name from a digest algorithm
+ * name and a encryption algorithm name.
+ */
+ public static String makeSigAlg(String digAlg, String encAlg) {
+ digAlg = digAlg.replace("-", "").toUpperCase(Locale.ENGLISH);
+ if (digAlg.equalsIgnoreCase("SHA")) digAlg = "SHA1";
+
+ encAlg = encAlg.toUpperCase(Locale.ENGLISH);
+ if (encAlg.equals("EC")) encAlg = "ECDSA";
+
+ return digAlg + "with" + encAlg;
+ }
+
+ /**
+ * Extracts the encryption algorithm name from a signature
+ * algorithm name.
+ */
+ public static String getEncAlgFromSigAlg(String signatureAlgorithm) {
+ signatureAlgorithm = signatureAlgorithm.toUpperCase(Locale.ENGLISH);
+ int with = signatureAlgorithm.indexOf("WITH");
+ String keyAlgorithm = null;
+ if (with > 0) {
+ int and = signatureAlgorithm.indexOf("AND", with + 4);
+ if (and > 0) {
+ keyAlgorithm = signatureAlgorithm.substring(with + 4, and);
+ } else {
+ keyAlgorithm = signatureAlgorithm.substring(with + 4);
+ }
+ if (keyAlgorithm.equalsIgnoreCase("ECDSA")) {
+ keyAlgorithm = "EC";
+ }
+ }
+ return keyAlgorithm;
+ }
+
+ /**
+ * Extracts the digest algorithm name from a signature
+ * algorithm name.
+ */
+ public static String getDigAlgFromSigAlg(String signatureAlgorithm) {
+ signatureAlgorithm = signatureAlgorithm.toUpperCase(Locale.ENGLISH);
+ int with = signatureAlgorithm.indexOf("WITH");
+ if (with > 0) {
+ return signatureAlgorithm.substring(0, with);
+ }
+ return null;
+ }
}
--- a/jdk/src/share/classes/sun/tools/jar/SignatureFile.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/src/share/classes/sun/tools/jar/SignatureFile.java Wed Oct 21 11:34:19 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 1996-2003 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1996-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -34,6 +34,7 @@
import sun.misc.BASE64Decoder;
import sun.security.pkcs.*;
+import sun.security.x509.AlgorithmId;
/**
* <p>A signature file as defined in the <a
@@ -103,7 +104,7 @@
if (name.length() > 8 || name.indexOf('.') != -1) {
throw new JarException("invalid file name");
}
- rawName = name.toUpperCase();
+ rawName = name.toUpperCase(Locale.ENGLISH);
}
}
@@ -217,7 +218,8 @@
if (signatureBlock != null) {
SignerInfo info = signatureBlock.getSignerInfos()[0];
suffix = info.getDigestEncryptionAlgorithmId().getName();
- suffix = suffix.substring(suffix.length() - 3);
+ String temp = AlgorithmId.getEncAlgFromSigAlg(suffix);
+ if (temp != null) suffix = temp;
}
return "META-INF/" + rawName + "." + suffix;
}
--- a/jdk/test/com/sun/jdi/ShellScaffold.sh Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/test/com/sun/jdi/ShellScaffold.sh Wed Oct 21 11:34:19 2009 -0700
@@ -307,7 +307,7 @@
#The alternative would be to use /usr/bin/pargs [pid] to get
#all the args for a process, splice them back into one
#long string, then grep.
- UU=`/usr/bin/id -un`
+ UU=`/usr/xpg4/bin/id -u -n`
psCmd="pgrep -f -l -U $UU"
else
ulimit -c 0
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/math/BigInteger/ExtremeShiftingTests.java Wed Oct 21 11:34:19 2009 -0700
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6371401
+ * @summary Tests of shiftLeft and shiftRight on Integer.MIN_VALUE
+ * @author Joseph D. Darcy
+ */
+import static java.math.BigInteger.*;
+
+public class ExtremeShiftingTests {
+ public static void main(String... args) {
+ try {
+ ONE.shiftLeft(Integer.MIN_VALUE);
+ throw new RuntimeException("Should not reach here.");
+ } catch (ArithmeticException ae) {
+ ; // Expected
+ }
+
+ try {
+ ONE.shiftRight(Integer.MIN_VALUE);
+ throw new RuntimeException("Should not reach here.");
+ } catch (ArithmeticException ae) {
+ ; // Expected
+ }
+ }
+}
--- a/jdk/test/java/net/CookieHandler/B6644726.java Wed Oct 21 11:28:46 2009 -0700
+++ b/jdk/test/java/net/CookieHandler/B6644726.java Wed Oct 21 11:34:19 2009 -0700
@@ -23,7 +23,7 @@
/*
* @test
- * @bug 6644726
+ * @bug 6644726 6873543
* @summary Cookie management issues
*/
@@ -170,6 +170,28 @@
if (isIn(clst, "myCookie8=")) {
fail("A cookie with an invalid port list was returned");
}
+
+ // Test httpOnly flag (CR# 6873543)
+ lst.clear();
+ map.clear();
+ cm.getCookieStore().removeAll();
+ lst.add("myCookie11=httpOnlyTest; httpOnly");
+ map.put("Set-Cookie", lst);
+ uri = new URI("http://www.sun.com/");
+ cm.put(uri, map);
+ m = cm.get(uri, emptyMap);
+ clst = m.get("Cookie");
+ // URI scheme was http: so we should get the cookie
+ if (!isIn(clst, "myCookie11=")) {
+ fail("Missing cookie with httpOnly flag");
+ }
+ uri = new URI("javascript://www.sun.com/");
+ m = cm.get(uri, emptyMap);
+ clst = m.get("Cookie");
+ // URI scheme was neither http or https so we shouldn't get the cookie
+ if (isIn(clst, "myCookie11=")) {
+ fail("Should get the cookie with httpOnly when scheme is javascript:");
+ }
}
private static boolean isIn(List<String> lst, String cookie) {
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/net/www/protocol/http/B6890349.java Wed Oct 21 11:34:19 2009 -0700
@@ -0,0 +1,68 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+/**
+ * @test
+ * @bug 6890349
+ * @run main/othervm B6890349
+ * @summary Light weight HTTP server
+ */
+
+import java.net.*;
+import java.io.*;
+
+public class B6890349 extends Thread {
+ public static final void main(String[] args) throws Exception {
+
+ try {
+ ServerSocket server = new ServerSocket (0);
+ int port = server.getLocalPort();
+ System.out.println ("listening on " + port);
+ B6890349 t = new B6890349 (server);
+ t.start();
+ URL u = new URL ("http://127.0.0.1:"+port+"/foo\nbar");
+ HttpURLConnection urlc = (HttpURLConnection)u.openConnection ();
+ InputStream is = urlc.getInputStream();
+ throw new RuntimeException ("Test failed");
+ } catch (IOException e) {
+ System.out.println ("OK");
+ }
+ }
+
+ ServerSocket server;
+
+ B6890349 (ServerSocket server) {
+ this.server = server;
+ }
+
+ String resp = "HTTP/1.1 200 Ok\r\nContent-length: 0\r\n\r\n";
+
+ public void run () {
+ try {
+ Socket s = server.accept ();
+ OutputStream os = s.getOutputStream();
+ os.write (resp.getBytes());
+ } catch (IOException e) {
+ System.out.println (e);
+ }
+ }
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/tools/jarsigner/ec.sh Wed Oct 21 11:34:19 2009 -0700
@@ -0,0 +1,73 @@
+#
+# Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+# CA 95054 USA or visit www.sun.com if you need additional information or
+# have any questions.
+#
+
+# @test
+# @bug 6870812
+# @summary enhance security tools to use ECC algorithm
+#
+
+if [ "${TESTJAVA}" = "" ] ; then
+ JAVAC_CMD=`which javac`
+ TESTJAVA=`dirname $JAVAC_CMD`/..
+fi
+
+# set platform-dependent variables
+OS=`uname -s`
+case "$OS" in
+ Windows_* )
+ FS="\\"
+ ;;
+ * )
+ FS="/"
+ ;;
+esac
+
+KS=ec.jks
+JFILE=ec.jar
+
+KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit -keystore $KS"
+JAR=$TESTJAVA${FS}bin${FS}jar
+JARSIGNER=$TESTJAVA${FS}bin${FS}jarsigner
+
+rm $KS $JFILE
+echo A > A
+$JAR cvf $JFILE A
+
+$KT -alias a -dname CN=a -keyalg ec -genkey -validity 300 || exit 11
+$KT -alias b -dname CN=b -keyalg ec -genkey -validity 300 || exit 12
+$KT -alias c -dname CN=c -keyalg ec -genkey -validity 300 || exit 13
+$KT -alias x -dname CN=x -keyalg ec -genkey -validity 300 || exit 14
+
+$JARSIGNER -keystore $KS -storepass changeit $JFILE a -debug -strict || exit 21
+$JARSIGNER -keystore $KS -storepass changeit $JFILE b -debug -strict -sigalg SHA1withECDSA || exit 22
+$JARSIGNER -keystore $KS -storepass changeit $JFILE c -debug -strict -sigalg SHA512withECDSA || exit 23
+
+$JARSIGNER -keystore $KS -storepass changeit -verify $JFILE a -debug -strict || exit 31
+$JARSIGNER -keystore $KS -storepass changeit -verify $JFILE b -debug -strict || exit 32
+$JARSIGNER -keystore $KS -storepass changeit -verify $JFILE c -debug -strict || exit 33
+
+# Not signed by x, should exit with non-zero
+$JARSIGNER -keystore $KS -storepass changeit -verify $JFILE x -debug -strict && exit 34
+
+exit 0
+