infernap12/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2026-01-28 03:58:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

documentation change and truncated instances to millis

Browse Source
This commit is contained in:
Mikhail Yankelevich 2026-01-15 11:25:43 +00:00
parent 6c35e98081
commit a7fd46782a
7 changed files with 25 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/java.base/macosx/classes/apple/security/KeychainStore.java
View File

@ -31,6 +31,7 @@ import java.security.cert.*;
import java.security.cert.Certificate;
import java.security.spec.*;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.util.*;
import javax.crypto.*;
@ -467,7 +468,7 @@ abstract sealed class KeychainStore extends KeyStoreSpi {
synchronized(entries) {
try {
KeyEntry entry = new KeyEntry();
entry.date = Instant.now();
entry.date = Instant.now().truncatedTo(ChronoUnit.MILLIS);
if (key instanceof PrivateKey) {
if ((key.getFormat().equals("PKCS#8")) ||
@ -545,7 +546,7 @@ abstract sealed class KeychainStore extends KeyStoreSpi {
+ "EncryptedPrivateKeyInfo");
}
entry.date = Instant.now();
entry.date = Instant.now().truncatedTo(ChronoUnit.MILLIS);
if ((chain != null) &&
(chain.length != 0)) {
@ -949,7 +950,7 @@ abstract sealed class KeychainStore extends KeyStoreSpi {
if (creationDate != 0)
tce.date = Instant.ofEpochMilli(creationDate);
else
tce.date = Instant.now();
tce.date = Instant.now().truncatedTo(ChronoUnit.MILLIS);
entries.put(alias.toLowerCase(Locale.ROOT), tce);
} catch (Exception e) {
@ -974,7 +975,7 @@ abstract sealed class KeychainStore extends KeyStoreSpi {
if (creationDate != 0)
ke.date = Instant.ofEpochMilli(creationDate);
else
ke.date = Instant.now();
ke.date = Instant.now().truncatedTo(ChronoUnit.MILLIS);
// Next, create X.509 Certificate objects from the raw data. This is complicated
// because a certificate's public key may be too long for Java's default encryption strength.

9
src/java.base/share/classes/com/sun/crypto/provider/JceKeyStore.java
View File

@ -30,6 +30,7 @@ import sun.security.util.IOUtils;
import java.io.*;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.util.*;
import java.security.DigestInputStream;
import java.security.DigestOutputStream;
@ -280,7 +281,7 @@ public final class JceKeyStore extends KeyStoreSpi {
if (key instanceof PrivateKey) {
PrivateKeyEntry entry = new PrivateKeyEntry();
entry.date = Instant.now();
entry.date = Instant.now().truncatedTo(ChronoUnit.MILLIS);
// protect the private key
entry.protectedKey = keyProtector.protect((PrivateKey)key);
@ -298,7 +299,7 @@ public final class JceKeyStore extends KeyStoreSpi {
} else {
SecretKeyEntry entry = new SecretKeyEntry();
entry.date = Instant.now();
entry.date = Instant.now().truncatedTo(ChronoUnit.MILLIS);
// seal and store the key
entry.sealedKey = keyProtector.seal(key);
@ -341,7 +342,7 @@ public final class JceKeyStore extends KeyStoreSpi {
// We assume it's a private key, because there is no standard
// (ASN.1) encoding format for wrapped secret keys
PrivateKeyEntry entry = new PrivateKeyEntry();
entry.date = Instant.now();
entry.date = Instant.now().truncatedTo(ChronoUnit.MILLIS);
entry.protectedKey = key.clone();
if ((chain != null) &&
@ -386,7 +387,7 @@ public final class JceKeyStore extends KeyStoreSpi {
TrustedCertEntry trustedCertEntry = new TrustedCertEntry();
trustedCertEntry.cert = cert;
trustedCertEntry.date = Instant.now();
trustedCertEntry.date = Instant.now().truncatedTo(ChronoUnit.MILLIS);
entries.put(alias.toLowerCase(Locale.ENGLISH), trustedCertEntry);
}
}

4
src/java.base/share/classes/java/security/KeyStore.java
View File

@ -1184,8 +1184,8 @@ public class KeyStore {
/**
* Returns the creation date of the entry identified by the given alias.
* <p>
* This method returns a Date, which is mutable and more error-prone.
* Use {@link #getCreationInstant(String)} instead.
* It is recommended to use the {@link #getCreationInstant(String)}
* method instead.
*
* @param alias the alias name
*

11
src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
View File

@ -36,6 +36,7 @@ import java.security.spec.InvalidParameterSpecException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.util.*;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
@ -213,7 +214,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi {
CertEntry(X509Certificate cert, byte[] keyId, String alias,
ObjectIdentifier[] trustedKeyUsage,
Set<? extends KeyStore.Entry.Attribute> attributes) {
this.date = Instant.now();
this.date = Instant.now().truncatedTo(ChronoUnit.MILLIS);
this.cert = cert;
this.keyId = keyId;
this.alias = alias;
@ -626,7 +627,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi {
checkX509Certs(chain);
PrivateKeyEntry keyEntry = new PrivateKeyEntry();
keyEntry.date = Instant.now();
keyEntry.date = Instant.now().truncatedTo(ChronoUnit.MILLIS);
if ((key.getFormat().equals("PKCS#8")) ||
(key.getFormat().equals("PKCS8"))) {
@ -671,7 +672,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi {
} else if (key instanceof SecretKey) {
SecretKeyEntry keyEntry = new SecretKeyEntry();
keyEntry.date = Instant.now();
keyEntry.date = Instant.now().truncatedTo(ChronoUnit.MILLIS);
// Encode secret key in a PKCS#8
DerOutputStream secretKeyInfo = new DerOutputStream();
@ -765,7 +766,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi {
}
PrivateKeyEntry entry = new PrivateKeyEntry();
entry.date = Instant.now();
entry.date = Instant.now().truncatedTo(ChronoUnit.MILLIS);
if (debug != null) {
debug.println("Setting a protected private key at alias '" +
@ -2443,7 +2444,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi {
}
}
if (instant == null) {
instant = Instant.now();
instant = Instant.now().truncatedTo(ChronoUnit.MILLIS);
}
entry.date = instant;

20
src/java.base/share/classes/sun/security/provider/DomainKeyStore.java
View File

@ -215,24 +215,8 @@ abstract class DomainKeyStore extends KeyStoreSpi {
* not exist
*/
public Date engineGetCreationDate(String alias) {
AbstractMap.SimpleEntry<String, Collection<KeyStore>> pair =
getKeystoresForReading(alias);
Date date = null;
try {
String entryAlias = pair.getKey();
for (KeyStore keystore : pair.getValue()) {
date = keystore.getCreationDate(entryAlias);
if (date != null) {
break;
}
}
} catch (KeyStoreException e) {
throw new IllegalStateException(e);
}
return date;
final Instant instant = this.engineGetCreationInstant(alias);
return (instant == null) ? null : Date.from(instant);
}
/**

7
src/java.base/share/classes/sun/security/provider/JavaKeyStore.java
View File

@ -31,6 +31,7 @@ import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateException;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.util.*;
import static java.nio.charset.StandardCharsets.UTF_8;
@ -306,7 +307,7 @@ public abstract sealed class JavaKeyStore extends KeyStoreSpi {
try {
synchronized(entries) {
KeyEntry entry = new KeyEntry();
entry.date = Instant.now();
entry.date = Instant.now().truncatedTo(ChronoUnit.MILLIS);
// Protect the encoding of the key
passwordBytes = convertToBytes(password);
@ -369,7 +370,7 @@ public abstract sealed class JavaKeyStore extends KeyStoreSpi {
}
KeyEntry entry = new KeyEntry();
entry.date = Instant.now();
entry.date = Instant.now().truncatedTo(ChronoUnit.MILLIS);
entry.protectedPrivKey = key.clone();
if ((chain != null) &&
@ -410,7 +411,7 @@ public abstract sealed class JavaKeyStore extends KeyStoreSpi {
TrustedCertEntry trustedCertEntry = new TrustedCertEntry();
trustedCertEntry.cert = cert;
trustedCertEntry.date = Instant.now();
trustedCertEntry.date = Instant.now().truncatedTo(ChronoUnit.MILLIS);
entries.put(convertAlias(alias), trustedCertEntry);
}
}

5
test/jdk/java/security/KeyStore/TestKeyStoreBasic.java
View File

@ -300,10 +300,7 @@ public class TestKeyStoreBasic {
alias = ALIAS_HEAD + k;
final Instant instant1 = o1.getCreationInstant(alias);
final Instant instant2 = o2.getCreationInstant(alias);
final int diff = instant1.compareTo(instant2);
// There could be a difference in nano seconds on some machines
// so comparing with precision of 1 ms
if (!(diff >= 0 && diff <= 1000000)) {
if (!(instant1.equals(instant2))) {
throw new RuntimeException("ERROR: entry creation time (" + k
+ ") differs Instants {"
+ instant1 + " - "