Merge pull request #261 from pshipton/merge0.41

Merge latest OpenJ9 changes to 0.41

Author: JasonFengJ9

closed/autoconf/custom-hook.m4

@@ -353,7 +353,7 @@ AC_DEFUN([OPENJ9_CONFIGURE_CRIU_SUPPORT],
     AC_MSG_RESULT([no (explicitly disabled)])
   elif test "x$enable_criu_support" = x ; then
     case "$OPENJ9_PLATFORM_CODE" in
-      xa64|xr64|xz64)
+      xa64|xl64|xr64|xz64)
         AC_MSG_RESULT([yes (default)])
         OPENJ9_ENABLE_CRIU_SUPPORT=true
         ;;

closed/src/java.base/share/classes/com/sun/crypto/provider/NativeGaloisCounterMode.java

@@ -24,31 +24,45 @@
  */
 /*
  * ===========================================================================
- * (c) Copyright IBM Corp. 2018, 2021 All Rights Reserved
+ * (c) Copyright IBM Corp. 2018, 2023 All Rights Reserved
  * ===========================================================================
  */
 
 package com.sun.crypto.provider;
 
-import java.util.Arrays;
-import java.io.*;
-import java.security.*;
-import javax.crypto.*;
 import com.sun.crypto.provider.AESCrypt;
-import sun.security.jca.JCAUtil;
-import sun.security.util.ArrayUtil;
 
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.lang.ref.Cleaner;
+import java.nio.ByteBuffer;
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.ProviderException;
+import java.security.SecureRandom;
 import java.security.spec.AlgorithmParameterSpec;
 import java.security.spec.InvalidParameterSpecException;
-import java.nio.ByteBuffer;
-import jdk.crypto.jniprovider.NativeCrypto;
+import java.util.Arrays;
 
-import sun.nio.ch.DirectBuffer;
-import java.lang.invoke.MethodHandles;
-import java.lang.invoke.VarHandle;
-import java.nio.ByteOrder;
+import javax.crypto.AEADBadTagException;
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.CipherSpi;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.ShortBufferException;
+import javax.crypto.IllegalBlockSizeException;
 import javax.crypto.spec.GCMParameterSpec;
 
+import jdk.crypto.jniprovider.NativeCrypto;
+import jdk.internal.ref.CleanerFactory;
+
+import sun.security.jca.JCAUtil;
+import sun.security.util.ArrayUtil;
+
 /**
  * This class represents ciphers in GaloisCounter (GCM) mode.
  *
@@ -68,6 +82,7 @@ abstract class NativeGaloisCounterMode extends CipherSpi {
 
     private byte[] key;
     private boolean encryption = true;
+    private final long context;
 
     private static final int DEFAULT_TAG_LEN = 16; // in bytes
     private static final int DEFAULT_IV_LEN = 12; // in bytes
@@ -97,10 +112,35 @@ abstract class NativeGaloisCounterMode extends CipherSpi {
     byte[] lastKey = EMPTY_BUF;
     byte[] lastIv = EMPTY_BUF;
 
+    private boolean newIVLen;
+    private boolean newKeyLen;
+
     byte[] iv;
     SecureRandom random;
 
     private static final NativeCrypto nativeCrypto = NativeCrypto.getNativeCrypto();
+    private static final Cleaner contextCleaner = CleanerFactory.cleaner();
+
+    private static final class GCMCleanerRunnable implements Runnable {
+        private final long nativeContext;
+
+        public GCMCleanerRunnable(long nativeContext) {
+            this.nativeContext = nativeContext;
+        }
+
+        @Override
+        public void run() {
+            /*
+             * Release the GCM context.
+             */
+            synchronized (NativeGaloisCounterMode.class) {
+                long ret = nativeCrypto.DestroyContext(nativeContext);
+                if (ret == -1) {
+                    throw new ProviderException("Error in destroying context in NativeGaloisCounterMode.");
+                }
+            }
+        }
+    }
 
     /*
      * Constructor
@@ -109,6 +149,12 @@ abstract class NativeGaloisCounterMode extends CipherSpi {
         tagLenBytes = DEFAULT_TAG_LEN;
         blockCipher = embeddedCipher;
         this.keySize = keySize;
+
+        context = nativeCrypto.CreateContext();
+        if (context == -1) {
+            throw new ProviderException("Error in creating context for NativeGaloisCounterMode.");
+        }
+        contextCleaner.register(this, new GCMCleanerRunnable(context));
     }
 
     /**
@@ -145,6 +191,19 @@ void init(int opmode, Key key, GCMParameterSpec spec)
             }
             this.key = keyValue.clone();
 
+            /*
+             * Check whether cipher and IV need to be set,
+             * whether because something changed here or
+             * a call to set them in context hasn't been
+             * made yet.
+             */
+            if (lastIv.length != this.iv.length) {
+                newIVLen = true;
+            }
+            if (lastKey.length != this.key.length) {
+                newKeyLen = true;
+            }
+
             // Check for reuse
             if (encryption) {
                 if (MessageDigest.isEqual(keyValue, lastKey) &&
@@ -767,17 +826,25 @@ public int doFinal(byte[] in, int inOfs, int inLen, byte[] out,
                 byte[] aad = ((aadBuffer == null) || (aadBuffer.size() == 0)) ? EMPTY_BUF : aadBuffer.toByteArray();
                 aadBuffer = null;
 
-                ret = nativeCrypto.GCMEncrypt(key, key.length,
+                ret = nativeCrypto.GCMEncrypt(context,
+                        key, key.length,
                         iv, iv.length,
                         in, inOfs, inLen,
                         out, outOfs,
-                        aad, aad.length, localTagLenBytes);
+                        aad, aad.length,
+                        localTagLenBytes,
+                        newIVLen,
+                        newKeyLen);
             }
 
             if (ret == -1) {
                 throw new ProviderException("Error in Native GaloisCounterMode");
             }
 
+            /* Cipher and IV length were set, since call to GCMEncrypt succeeded. */
+            newKeyLen = false;
+            newIVLen = false;
+
             reInit = true;
             return inLen + localTagLenBytes;
         }
@@ -960,17 +1027,27 @@ public int doFinal(byte[] in, int inOfs, int inLen, byte[] out,
                 inOfs = 0;
                 inLen = in.length;
                 ibuffer.reset();
-                ret = nativeCrypto.GCMDecrypt(key, key.length,
+
+                ret = nativeCrypto.GCMDecrypt(context,
+                        key, key.length,
                         iv, iv.length,
                         in, inOfs, inLen,
                         out, outOfs,
-                        aad, aad.length, tagLenBytes);
+                        aad, aad.length,
+                        tagLenBytes,
+                        newIVLen,
+                        newKeyLen);
             }
             if (ret == -2) {
                 throw new AEADBadTagException("Tag mismatch!");
             } else if (ret == -1) {
                 throw new ProviderException("Error in Native GaloisCounterMode");
             }
+
+            /* Cipher and IV length were set, since call to GCMDecrypt succeeded. */
+            newKeyLen = false;
+            newIVLen = false;
+
             return ret;
         }
 

closed/src/java.base/share/classes/jdk/crypto/jniprovider/NativeCrypto.java

@@ -220,7 +220,7 @@ public final native int DigestComputeAndReset(long context,
 
     public final native int DigestReset(long context);
 
-    /* Native interfaces shared by CBC and ChaCha20 */
+    /* Native interfaces shared by CBC, ChaCha20 and GCM. */
 
     public final native long CreateContext();
 
@@ -252,7 +252,8 @@ public final native int  CBCFinalEncrypt(long context,
 
     /* Native GCM interfaces */
 
-    public final native int GCMEncrypt(byte[] key,
+    public final native int GCMEncrypt(long context,
+                                       byte[] key,
                                        int keylen,
                                        byte[] iv,
                                        int ivlen,
@@ -263,9 +264,12 @@ public final native int GCMEncrypt(byte[] key,
                                        int outOffset,
                                        byte[] aad,
                                        int aadLen,
-                                       int tagLen);
+                                       int tagLen,
+                                       boolean newIVLen,
+                                       boolean newKeyLen);
 
-    public final native int GCMDecrypt(byte[] key,
+    public final native int GCMDecrypt(long context,
+                                       byte[] key,
                                        int keylen,
                                        byte[] iv,
                                        int ivlen,
@@ -276,7 +280,9 @@ public final native int GCMDecrypt(byte[] key,
                                        int outOffset,
                                        byte[] aad,
                                        int aadLen,
-                                       int tagLen);
+                                       int tagLen,
+                                       boolean newIVLen,
+                                       boolean newKeyLen);
 
     /* Native RSA interfaces */