8308808: SunMSCAPI public keys returns internal key array

[blperez01]

Changed getEncoded for both EC and RSA to return a copy of the internal key array to avoid mutability issues.

---

Progress

• Change must be properly reviewed (1 review required, with at least 1 Reviewer)
• Change must not contain extraneous whitespace
• Commit message must refer to an issue

Issue

• JDK-8308808: SunMSCAPI public keys returns internal key array (Bug - P4)

Reviewers

• Sean Mullan (@seanjmullan - Reviewer)

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/14425/head:pull/14425
$ git checkout pull/14425

Update a local copy of the PR:
$ git checkout pull/14425
$ git pull https://git.openjdk.org/jdk.git pull/14425/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 14425

View PR using the GUI difftool:
$ git pr show -t 14425

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/14425.diff

Webrev

Link to Webrev Comment

[bridgekeeper]

👋 Welcome back blperez01! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

[openjdk]

@blperez01 The following label will be automatically applied to this pull request:

• security

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command.

[mlbridge]

Webrevs

• 04: Full - Incremental (3e6485cb)
• 03: Full - Incremental (112a70db)
• 02: Full - Incremental (eb5b5948)
• 01: Full - Incremental (04b2a9d1)
• 00: Full (e7d4dd73)

[seanjmullan]

Missed this before, but if the code on line 89 throws an Exception, then encoding will be null, so you also want to check for null on line 96 to avoid an NPE, i.e. return (encoding == null) ? null : encoding.clone();

Same comment on line 182.

[seanjmullan]

Suggest including each import instead of wildcarding as there are not that many.

[seanjmullan]

I think you just need jdk.crypto.mscapi on this line as you are not accessing the internal sun.security.mscapi classes.

[seanjmullan]

Missing Oracle/OpenJDK copyright. Just copy from another test and change date to 2023.

[seanjmullan]

Should only have the initial year the code was created and the last year that the code is updated, so in this case it should just have 2023.

[openjdk]

@blperez01 This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8308808: SunMSCAPI public keys returns internal key array

Reviewed-by: mullan

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 441 new commits pushed to the master branch:

• a45f929: 8310076: Reduce inclusion of bytecodeStream.hpp
• 21f6d83: 8309471: Limit key characters in static index pages
• 44a8aa0: 8308609: java/lang/ScopedValue/StressStackOverflow.java fails with "-XX:-VMContinuations"
• b412fc7: 8309937: Add @sealedGraph for some Panama FFM interfaces
• fb024fd: 8248149: G1: change _cleaning_claimed from int to bool
• c2b043e: 8310183: Update GitHub Actions to use boot JDK for building jtreg
• 238c51e: 8293069: Make -XX:+Verbose less verbose
• 8c9b85a: 8303916: ThreadLists.java inconsistent results
• 227656f: 8309408: Thread.sleep cleanup
• 32243ef: 8310128: Switch with unnamed patterns erroneously non-exhaustive
• ... and 431 more: https://git.openjdk.org/jdk/compare/4a6d6d5a59442c10a1761ce0566aab57f4c4f323...master

As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

As you do not have Committer status in this project an existing Committer must agree to sponsor your change. Possible candidates are the reviewers of this PR (@seanjmullan) but any other Committer may sponsor as well.

➡️ To flag this PR as ready for integration with the above commit message, type /integrate in a new comment. (Afterwards, your sponsor types /sponsor in a new comment to perform the integration).

[blperez01]

/integrate

[openjdk]

@blperez01
Your change (at version 3e6485c) is now ready to be sponsored by a Committer.

[seanjmullan]

/sponsor

[openjdk]

Going to push as commit 4eb4f20.
Since your change was applied there have been 443 commits pushed to the master branch:

• 53abba3: 8309499: javac fails to report compiler.err.no.java.lang with annotation processing enabled
• cf8d0b0: 8309964: Use directed inheritDoc for javax.lang.model API
• a45f929: 8310076: Reduce inclusion of bytecodeStream.hpp
• 21f6d83: 8309471: Limit key characters in static index pages
• 44a8aa0: 8308609: java/lang/ScopedValue/StressStackOverflow.java fails with "-XX:-VMContinuations"
• b412fc7: 8309937: Add @sealedGraph for some Panama FFM interfaces
• fb024fd: 8248149: G1: change _cleaning_claimed from int to bool
• c2b043e: 8310183: Update GitHub Actions to use boot JDK for building jtreg
• 238c51e: 8293069: Make -XX:+Verbose less verbose
• 8c9b85a: 8303916: ThreadLists.java inconsistent results
• ... and 433 more: https://git.openjdk.org/jdk/compare/4a6d6d5a59442c10a1761ce0566aab57f4c4f323...master

Your commit was automatically rebased without conflicts.

[openjdk]

@seanjmullan @blperez01 Pushed as commit 4eb4f20.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.