AppleProvider and test updates.

seanjmullan · Nov 26, 2024 · 1b23516 · 1b23516
1 parent 5a183ef
commit 1b23516
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 55 deletions.
diff --git a/src/java.base/macosx/classes/apple/security/AppleProvider.java b/src/java.base/macosx/classes/apple/security/AppleProvider.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -75,20 +75,14 @@ public Object newInstance(Object ctrParamObj)
     }
 
 
-    @SuppressWarnings("removal")
     public AppleProvider() {
         /* We are the Apple provider */
         super("Apple", PROVIDER_VER, info);
 
         final Provider p = this;
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
-            public Void run() {
-                putService(new ProviderService(p, "KeyStore",
-                           "KeychainStore", "apple.security.KeychainStore$USER"));
-                putService(new ProviderService(p, "KeyStore",
-                           "KeychainStore-ROOT", "apple.security.KeychainStore$ROOT"));
-                return null;
-            }
-        });
+        putService(new ProviderService(p, "KeyStore",
+                   "KeychainStore", "apple.security.KeychainStore$USER"));
+        putService(new ProviderService(p, "KeyStore",
+                   "KeychainStore-ROOT", "apple.security.KeychainStore$ROOT"));
     }
 }
diff --git a/src/java.base/macosx/classes/apple/security/KeychainStore.java b/src/java.base/macosx/classes/apple/security/KeychainStore.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2023, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -188,15 +188,6 @@ static class TrustedCertEntry {
         jdk.internal.loader.BootLoader.loadLibrary("osxsecurity");
     }
 
-    private static void permissionCheck() {
-        @SuppressWarnings("removal")
-        SecurityManager sec = System.getSecurityManager();
-
-        if (sec != null) {
-            sec.checkPermission(new RuntimePermission("useKeychainStore"));
-        }
-    }
-
     private final String storeName;
 
     /**
@@ -228,8 +219,6 @@ private KeychainStore(String name) {
     public Key engineGetKey(String alias, char[] password)
         throws NoSuchAlgorithmException, UnrecoverableKeyException
     {
-        permissionCheck();
-
         // An empty password is rejected by MacOS API, no private key data
         // is exported. If no password is passed (as is the case when
         // this implementation is used as browser keystore in various
@@ -332,8 +321,6 @@ public Key engineGetKey(String alias, char[] password)
      * <i>key entry</i> without a certificate chain).
      */
     public Certificate[] engineGetCertificateChain(String alias) {
-        permissionCheck();
-
         Object entry = entries.get(alias.toLowerCase(Locale.ROOT));
 
         if (entry instanceof KeyEntry keyEntry) {
@@ -363,8 +350,6 @@ public Certificate[] engineGetCertificateChain(String alias) {
      * does not contain a certificate.
      */
     public Certificate engineGetCertificate(String alias) {
-        permissionCheck();
-
         Object entry = entries.get(alias.toLowerCase(Locale.ROOT));
 
         if (entry != null) {
@@ -420,8 +405,6 @@ public KeyStore.Entry engineGetEntry(String alias, KeyStore.ProtectionParameter
      * not exist
      */
     public Date engineGetCreationDate(String alias) {
-        permissionCheck();
-
         Object entry = entries.get(alias.toLowerCase(Locale.ROOT));
 
         if (entry != null) {
@@ -461,8 +444,6 @@ public void engineSetKeyEntry(String alias, Key key, char[] password,
                                   Certificate[] chain)
         throws KeyStoreException
     {
-        permissionCheck();
-
         synchronized(entries) {
             try {
                 KeyEntry entry = new KeyEntry();
@@ -532,8 +513,6 @@ public void engineSetKeyEntry(String alias, byte[] key,
                                   Certificate[] chain)
         throws KeyStoreException
     {
-        permissionCheck();
-
         synchronized(entries) {
             // key must be encoded as EncryptedPrivateKeyInfo as defined in
             // PKCS#8
@@ -582,8 +561,6 @@ public void engineSetCertificateEntry(String alias, Certificate cert)
     public void engineDeleteEntry(String alias)
         throws KeyStoreException
     {
-        permissionCheck();
-
         String lowerAlias = alias.toLowerCase(Locale.ROOT);
         synchronized(entries) {
             Object entry = entries.remove(lowerAlias);
@@ -597,7 +574,6 @@ public void engineDeleteEntry(String alias)
      * @return enumeration of the alias names
      */
     public Enumeration<String> engineAliases() {
-        permissionCheck();
         return entries.keys();
     }
 
@@ -609,7 +585,6 @@ public Enumeration<String> engineAliases() {
      * @return true if the alias exists, false otherwise
      */
     public boolean engineContainsAlias(String alias) {
-        permissionCheck();
         return entries.containsKey(alias.toLowerCase(Locale.ROOT));
     }
 
@@ -619,7 +594,6 @@ public boolean engineContainsAlias(String alias) {
      * @return the number of entries in this keystore
      */
     public int engineSize() {
-        permissionCheck();
         return entries.size();
     }
 
@@ -631,7 +605,6 @@ public int engineSize() {
      * <i>key entry</i>, false otherwise.
      */
     public boolean engineIsKeyEntry(String alias) {
-        permissionCheck();
         Object entry = entries.get(alias.toLowerCase(Locale.ROOT));
         return entry instanceof KeyEntry;
     }
@@ -644,7 +617,6 @@ public boolean engineIsKeyEntry(String alias) {
      * <i>trusted certificate entry</i>, false otherwise.
      */
     public boolean engineIsCertificateEntry(String alias) {
-        permissionCheck();
         Object entry = entries.get(alias.toLowerCase(Locale.ROOT));
         return entry instanceof TrustedCertEntry;
     }
@@ -666,7 +638,6 @@ public boolean engineIsCertificateEntry(String alias) {
      * or null if no such entry exists in this keystore.
      */
     public String engineGetCertificateAlias(Certificate cert) {
-        permissionCheck();
         Certificate certElem;
 
         for (Enumeration<String> e = entries.keys(); e.hasMoreElements(); ) {
@@ -704,8 +675,6 @@ public String engineGetCertificateAlias(Certificate cert) {
     public void engineStore(OutputStream stream, char[] password)
         throws IOException, NoSuchAlgorithmException, CertificateException
     {
-        permissionCheck();
-
         // Delete items that do have a keychain item ref.
         for (Enumeration<String> e = deletedEntries.keys(); e.hasMoreElements(); ) {
             String alias = e.nextElement();
@@ -795,8 +764,6 @@ private long addCertificateToKeychain(String alias, Certificate cert) {
     public void engineLoad(InputStream stream, char[] password)
         throws IOException, NoSuchAlgorithmException, CertificateException
     {
-        permissionCheck();
-
         // Release any stray keychain references before clearing out the entries.
         synchronized(entries) {
             for (Enumeration<String> e = entries.keys(); e.hasMoreElements(); ) {

diff --git a/test/jdk/java/security/KeyStore/EntryMethods.java b/test/jdk/java/security/KeyStore/EntryMethods.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -70,15 +70,9 @@ public EntryMethods() throws Exception {
         pre15fis = new FileInputStream
             (System.getProperty("test.src") + "/EntryMethods.pre15.keystore");
 
-        AccessController.doPrivileged(new PrivilegedAction() {
-            public Object run() {
-                put("KeyStore.Pre15KeyStore", "EntryMethods$Pre15");
-                put("KeyStore.Post15KeyStore", "EntryMethods$Post15");
-                put("KeyStore.UnrecoverableKeyStore",
-                                        "EntryMethods$UnrecoverableKS");
-                return null;
-            }
-        });
+        put("KeyStore.Pre15KeyStore", "EntryMethods$Pre15");
+        put("KeyStore.Post15KeyStore", "EntryMethods$Post15");
+        put("KeyStore.UnrecoverableKeyStore", "EntryMethods$UnrecoverableKS");
     }
 
     public static void main(String[] args) throws Exception {