Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8168911: Increased number of classes initialized during initialization of SignatureFileVerifier
authorredestad
Tue, 08 Nov 2016 13:23:16 +0100
changeset 41956 69deb06bb8f1
parent 41955 6a6fd4af5236
child 41957 d228d198335b
8168911: Increased number of classes initialized during initialization of SignatureFileVerifier Reviewed-by: ascarpino
jdk/src/java.base/share/classes/sun/security/util/AbstractAlgorithmConstraints.java file | annotate | diff | comparison | revisions
jdk/src/java.base/share/classes/sun/security/util/AlgorithmDecomposer.java file | annotate | diff | comparison | revisions
jdk/src/java.base/share/classes/sun/security/util/DisabledAlgorithmConstraints.java file | annotate | diff | comparison | revisions 
--- a/jdk/src/java.base/share/classes/sun/security/util/AbstractAlgorithmConstraints.java	Tue Nov 08 14:48:55 2016 +0530
+++ b/jdk/src/java.base/share/classes/sun/security/util/AbstractAlgorithmConstraints.java	Tue Nov 08 13:23:16 2016 +0100
@@ -46,8 +46,12 @@
     // Get algorithm constraints from the specified security property.
     static String[] getAlgorithms(String propertyName) {
         String property = AccessController.doPrivileged(
-                (PrivilegedAction<String>) () -> Security.getProperty(
-                        propertyName));
+                new PrivilegedAction<String>() {
+                    @Override
+                    public String run() {
+                        return Security.getProperty(propertyName);
+                    }
+                });
 
         String[] algorithmsInProperty = null;
         if (property != null && !property.isEmpty()) {
--- a/jdk/src/java.base/share/classes/sun/security/util/AlgorithmDecomposer.java	Tue Nov 08 14:48:55 2016 +0530
+++ b/jdk/src/java.base/share/classes/sun/security/util/AlgorithmDecomposer.java	Tue Nov 08 13:23:16 2016 +0100
@@ -34,20 +34,18 @@
  */
 public class AlgorithmDecomposer {
 
-    private static final Pattern transPattern = Pattern.compile("/");
-
     // '(?<!padd)in': match 'in' but not preceded with 'padd'.
-    private static final Pattern pattern =
+    private static final Pattern PATTERN =
             Pattern.compile("with|and|(?<!padd)in", Pattern.CASE_INSENSITIVE);
 
     private static Set<String> decomposeImpl(String algorithm) {
+        Set<String> elements = new HashSet<>();
 
         // algorithm/mode/padding
-        String[] transTockens = transPattern.split(algorithm);
+        String[] transTokens = algorithm.split("/");
 
-        Set<String> elements = new HashSet<>();
-        for (String transTocken : transTockens) {
-            if (transTocken == null || transTocken.length() == 0) {
+        for (String transToken : transTokens) {
+            if (transToken == null || transToken.isEmpty()) {
                 continue;
             }
 
@@ -57,10 +55,10 @@
             // <digest>with<encryption>
             // <digest>with<encryption>and<mgf>
             // <digest>with<encryption>in<format>
-            String[] tokens = pattern.split(transTocken);
+            String[] tokens = PATTERN.split(transToken);
 
             for (String token : tokens) {
-                if (token == null || token.length() == 0) {
+                if (token == null || token.isEmpty()) {
                     continue;
                 }
 
--- a/jdk/src/java.base/share/classes/sun/security/util/DisabledAlgorithmConstraints.java	Tue Nov 08 14:48:55 2016 +0530
+++ b/jdk/src/java.base/share/classes/sun/security/util/DisabledAlgorithmConstraints.java	Tue Nov 08 13:23:16 2016 +0100
@@ -39,6 +39,7 @@
 import java.util.Locale;
 import java.util.Map;
 import java.util.Set;
+import java.util.StringTokenizer;
 import java.util.TimeZone;
 import java.util.regex.Pattern;
 import java.util.regex.Matcher;
@@ -240,10 +241,11 @@
 
     private static class Constraints {
         private Map<String, Set<Constraint>> constraintsMap = new HashMap<>();
-        private static final Pattern keySizePattern = Pattern.compile(
-                "keySize\\s*(<=|<|==|!=|>|>=)\\s*(\\d+)");
-        private static final Pattern denyAfterPattern = Pattern.compile(
-                "denyAfter\\s+(\\d{4})-(\\d{2})-(\\d{2})");
+
+        private static class Holder {
+            private static final Pattern DENY_AFTER_PATTERN = Pattern.compile(
+                    "denyAfter\\s+(\\d{4})-(\\d{2})-(\\d{2})");
+        }
 
         public Constraints(String[] constraintArray) {
             for (String constraintEntry : constraintArray) {
@@ -267,9 +269,11 @@
                                     toUpperCase(Locale.ENGLISH));
                     policy = constraintEntry.substring(space + 1);
                 } else {
-                    constraintsMap.computeIfAbsent(
-                            constraintEntry.toUpperCase(Locale.ENGLISH),
-                            k -> new HashSet<>());
+                    algorithm = constraintEntry.toUpperCase(Locale.ENGLISH);
+                    if (!constraintsMap.containsKey(algorithm)) {
+                        constraintsMap.putIfAbsent(algorithm,
+                                new HashSet<>());
+                    }
                     continue;
                 }
 
@@ -283,15 +287,21 @@
                 for (String entry : policy.split("&")) {
                     entry = entry.trim();
 
-                    Matcher matcher = keySizePattern.matcher(entry);
-                    if (matcher.matches()) {
+                    Matcher matcher;
+                    if (entry.startsWith("keySize")) {
                         if (debug != null) {
                             debug.println("Constraints set to keySize: " +
                                     entry);
                         }
+                        StringTokenizer tokens = new StringTokenizer(entry);
+                        if (!"keySize".equals(tokens.nextToken())) {
+                            throw new IllegalArgumentException("Error in " +
+                                    "security property. Constraint unknown: " +
+                                    entry);
+                        }
                         c = new KeySizeConstraint(algorithm,
-                                KeySizeConstraint.Operator.of(matcher.group(1)),
-                                Integer.parseInt(matcher.group(2)));
+                                KeySizeConstraint.Operator.of(tokens.nextToken()),
+                                Integer.parseInt(tokens.nextToken()));
 
                     } else if (entry.equalsIgnoreCase("jdkCA")) {
                         if (debug != null) {
@@ -305,7 +315,9 @@
                         c = new jdkCAConstraint(algorithm);
                         jdkCALimit = true;
 
-                    } else if(matcher.usePattern(denyAfterPattern).matches()) {
+                    } else if(entry.startsWith("denyAfter") &&
+                            (matcher = Holder.DENY_AFTER_PATTERN.matcher(entry))
+                                    .matches()) {
                         if (debug != null) {
                             debug.println("Constraints set to denyAfter");
                         }
jdk-sandbox