JDK-8235432 : Deprecate the OracleUcrypto JCE Provider for removal
  • Type: CSR
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Priority: P3
  • Status: Closed
  • Resolution: Approved
  • Fix Versions: 14
  • Submitted: 2019-12-05
  • Updated: 2019-12-11
  • Resolved: 2019-12-11
Related Reports
CSR :  

Deprecate the OracleUcrypto JCE Provider and its containing module `jdk.crypto.ucrypto`.


The OracleUcrypto provider is a Solaris-specific feature and should be deprecated for removal as part of [JEP 362: Deprecate the Solaris and SPARC Ports](http://openjdk.java.net/jeps/362).


Add a `Deprecated` annotation with the `forRemoval` flag set to `true` to the `module-info.java` file of the `jdk.crypto.ucrypto` module. Document that the OracleUcrypto JCE Provider has been deprecated for removal in the JDK Provider Guide and Release Notes.


diff -r cfed0da56a7b src/jdk.crypto.ucrypto/solaris/classes/module-info.java
--- a/src/jdk.crypto.ucrypto/solaris/classes/module-info.java   Tue Dec 03 16:13:37 2019 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/classes/module-info.java   Thu Dec 05 14:07:09 2019 -0500
@@ -29,7 +29,10 @@
  * @provides java.security.Provider
  * @moduleGraph
  * @since 9
+ * @deprecated This module is deprecated and subject to removal in a future
+ *    version of the JDK. See JEP 362 for more information.
+@Deprecated(since="14", forRemoval=true)
 module jdk.crypto.ucrypto {
     provides java.security.Provider with com.oracle.security.ucrypto.UcryptoProvider;

Moving to Approved.

The removal warning won't be seen at compile-time because this module is a service provider module and doesn't export an API to compile against. However, a RN, an update the security guide, and an update to java.security (where the provide is configured) is planned so I think all possible means to communicate this deprecation are being done.