JDK 24 Early-Access Release Notes

This is a draft of the release notes that will accompany JDK 24. The contents are subject to change until release.

Build 4

NumberFormat Supports IntegerOnly Parsing With Suffix (JDK-8333755)

core-libs/java.text

DecimalFormat, when the format expects a suffix, now parses correctly when the parse value contains a decimal symbol and isParseIntegerOnly() would return true. Previously, parsing would fail for such cases and the correct value never returned.

For example, in the following snippet, 5 will now be returned by the parse(String) invocation, instead of a ParseException thrown.

    NumberFormat fmt = NumberFormat.getPercentInstance(Locale.US);
    fmt.setParseIntegerOnly(true);
    fmt.parse("500.55%");

Deprecate jstatd for removal (JDK-8327793)

core-svc/tools

The jstatd tool is deprecated, for removal in a future release. jstatd is an RMI server application which monitors HotSpot VMs, and provides a remote interface for jstat. This will not affect usage of jstat for monitoring local VMs using the Attach API.

Not Yet Integrated

SunPKCS11 provider is enhanced to use CKM_AES_CTS mechanism if supported by native PKCS11 library (JDK-8330842)

security-libs/javax.crypto:pkcs11

The SunPKCS11 provider has been enhanced to support the following AES CTS transformations for the Cipher service type:

  • AES/CTS/NoPadding
  • AES_128/CTS/NoPadding
  • AES_192/CTS/NoPadding
  • AES_256/CTS/NoPadding

The Addendum to NIST Special Publication 800-38A defines three variants of Ciphertext Stealing for CBC mode: CBC-CS1, CBC-CS2, and CBC-CS3. To ensure interoperability with SunJCE and Kerberos which use the CS3 variant, the SunPKCS11 provider needs to know the variant implemented by the underlying PKCS #11 library and convert the data if it is not in the CS3 variant. A new SunPKCS11 provider configuration attribute named cipherTextStealingVariant is introduced and must be set with any of the following values: CS1, CS2 or CS3 to indicate the CTS variant of the underlying PKCS #11 library, except for NSS as it is known to be CS1. Otherwise, the PKCS #11 CKM_AES_CTS mechanism is disabled.