JDK-8267485 : Remove the dependency on SecurityManager in JceSecurityManager.java
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2021-05-20
  • Updated: 2021-08-02
  • Resolved: 2021-07-27
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 18
18 b08Fixed
Related Reports
Relates :  
JDK-8264713 - JEP 411: Deprecate the Security Manager for Removal
Description
JceSecurityManager is a subclass of SecurityManager in order to get the class context and eventually the classes to determine if any required signing of providers or crypto permissions overriding of applications is necessary.  

JEP 411 proposes to deprecate the SecurityManager for removal. If JEP 411 is approved, we will need to eventually remove the dependency "extends SecurityManager".

The class stack hierarchy can be obtained using the newer JDK 9 API StackWalker.  Once the class is obtained, the CodeBase/ProtectionDomain jar verifications can proceed as before.
Comments
Changeset: c8af8238 Author: Bradford Wetmore <wetmore@openjdk.org> Date: 2021-07-27 17:11:13 +0000 URL: https://git.openjdk.java.net/jdk/commit/c8af8238b4b55d515573374800015e115042d883
27-07-2021
Added noreg-other as many of the other tests exercise this code-path, including tier2 which is most of the security tests. I ran "tier1,tier2" and "jck:api/java_security,jck:api/javax_crypto,jck:api/javax_net,jck:api/javax_security,jck:api/org_ietf,jck:api/javax_xml/crypto"
27-07-2021
Draft PR: https://github.com/openjdk/jdk/pull/4150
22-05-2021