8296229: JFR: jfr tool should print unsigned values correctly

Reviewed-by: coffeys, mgronlun
2025-08-27 06:45:07 +02:00 · 2022-11-11 14:55:41 +00:00 · 2022-11-11 14:55:41 +00:00 · 87b809a2cb
commit 87b809a2cb
parent e7c2a8e60e
15 changed files with 77 additions and 41 deletions
--- a/src/java.base/share/classes/jdk/internal/event/EventHelper.java
+++ b/src/java.base/share/classes/jdk/internal/event/EventHelper.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2018, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -34,7 +34,7 @@ import java.time.Duration;
 import java.time.Instant;
 import java.util.Date;
 import java.util.stream.Collectors;
-import java.util.stream.IntStream;
+import java.util.stream.LongStream;

 /**
 * A helper class to have events logged to a JDK Event Logger.
@ -82,11 +82,11 @@ public final class EventHelper {
            "SecurityPropertyModification: key:{0}, value:{1}", key, value);
    }

-    public static void logX509ValidationEvent(int anchorCertId,
-                                         int[] certIds) {
+    public static void logX509ValidationEvent(long anchorCertId,
+                                         long[] certIds) {
        assert securityLogger != null;
-        String codes = IntStream.of(certIds)
-                .mapToObj(Integer::toString)
+        String codes = LongStream.of(certIds)
+                .mapToObj(Long::toString)
                .collect(Collectors.joining(", "));
        securityLogger.log(LOG_LEVEL,
                "ValidationChain: {0,number,#}, {1}", anchorCertId, codes);
--- a/src/java.base/share/classes/sun/security/jca/JCAUtil.java
+++ b/src/java.base/share/classes/sun/security/jca/JCAUtil.java
@ -110,6 +110,7 @@ public final class JCAUtil {
            String keyType = pKey.getAlgorithm();
            int length = KeyUtil.getKeySize(pKey);
            int hashCode = x509.hashCode();
+            long certifcateId = Integer.toUnsignedLong(hashCode);
            long beginDate = x509.getNotBefore().getTime();
            long endDate = x509.getNotAfter().getTime();
            if (X509CertificateEvent.isTurnedOn()) {
@ -120,7 +121,7 @@ public final class JCAUtil {
                xce.issuer = issuer;
                xce.keyType = keyType;
                xce.keyLength = length;
-                xce.certificateId = hashCode;
+                xce.certificateId = certifcateId;
                xce.validFrom = beginDate;
                xce.validUntil = endDate;
                xce.commit();
@ -132,7 +133,7 @@ public final class JCAUtil {
                        issuer,
                        keyType,
                        length,
-                        hashCode,
+                        certifcateId,
                        beginDate,
                        endDate);
            }
--- a/src/java.base/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
+++ b/src/java.base/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -227,11 +227,13 @@ public final class PKIXCertPathValidator extends CertPathValidatorSpi {

        X509ValidationEvent xve = new X509ValidationEvent();
        if (xve.shouldCommit() || EventHelper.isLoggingSecurity()) {
-            int[] certIds = params.certificates().stream()
+            long[] certIds = params.certificates().stream()
                    .mapToInt(Certificate::hashCode)
+                    .mapToLong(Integer::toUnsignedLong)
                    .toArray();
-            int anchorCertId = (anchorCert != null) ?
+            int hash = (anchorCert != null) ?
                anchorCert.hashCode() : anchor.getCAPublicKey().hashCode();
+            long anchorCertId = Integer.toUnsignedLong(hash);
            if (xve.shouldCommit()) {
                xve.certificateId = anchorCertId;
                int certificatePos = 1; // most trusted CA
@ -239,11 +241,10 @@ public final class PKIXCertPathValidator extends CertPathValidatorSpi {
                xve.validationCounter = validationCounter.incrementAndGet();
                xve.commit();
                // now, iterate through remaining
-                for (int id : certIds) {
+                for (long id : certIds) {
                    xve.certificateId = id;
                    xve.certificatePosition = ++certificatePos;
                    xve.commit();
-
                }
            }
            if (EventHelper.isLoggingSecurity()) {
--- a/src/java.base/share/classes/sun/security/ssl/Finished.java
+++ b/src/java.base/share/classes/sun/security/ssl/Finished.java
@ -1146,15 +1146,16 @@ final class Finished {
    private static void recordEvent(SSLSessionImpl session) {
        TLSHandshakeEvent event = new TLSHandshakeEvent();
        if (event.shouldCommit() || EventHelper.isLoggingSecurity()) {
-            int peerCertificateId = 0;
+            int hash = 0;
            try {
                // use hash code for Id
-                peerCertificateId = session
+                hash = session
                        .getCertificateChain()[0]
                        .hashCode();
            } catch (SSLPeerUnverifiedException e) {
                 // not verified msg
            }
+            long peerCertificateId = Integer.toUnsignedLong(hash);
            if (event.shouldCommit()) {
                event.peerHost = session.getPeerHost();
                event.peerPort = session.getPeerPort();