diff --git a/jdk/make/com/sun/crypto/provider/Makefile b/jdk/make/com/sun/crypto/provider/Makefile index 281b02eb3d2..93a0b1308c7 100644 --- a/jdk/make/com/sun/crypto/provider/Makefile +++ b/jdk/make/com/sun/crypto/provider/Makefile @@ -113,6 +113,9 @@ ifndef OPENJDK endif endif +JAVAC_MAX_WARNINGS = false +JAVAC_LINT_OPTIONS = -Xlint:all,-deprecation +JAVAC_WARNINGS_FATAL = true include $(BUILDDIR)/common/Defs.gmk # diff --git a/jdk/make/com/sun/security/Makefile b/jdk/make/com/sun/security/Makefile index bdd6eceb2a2..e9f0a4c4d00 100644 --- a/jdk/make/com/sun/security/Makefile +++ b/jdk/make/com/sun/security/Makefile @@ -1,5 +1,5 @@ # -# Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -28,6 +28,9 @@ # BUILDDIR = ../../.. +SUBDIRS_MAKEFLAGS += JAVAC_MAX_WARNINGS=false +SUBDIRS_MAKEFLAGS += JAVAC_LINT_OPTIONS=-Xlint:all,-deprecation +SUBDIRS_MAKEFLAGS += JAVAC_WARNINGS_FATAL=true include $(BUILDDIR)/common/Defs.gmk SUBDIRS = auth diff --git a/jdk/make/java/security/Makefile b/jdk/make/java/security/Makefile index d06fc91404e..c05ecdd1e57 100644 --- a/jdk/make/java/security/Makefile +++ b/jdk/make/java/security/Makefile @@ -26,6 +26,9 @@ BUILDDIR = ../.. PACKAGE = java.security PRODUCT = sun +JAVAC_MAX_WARNINGS = false +JAVAC_LINT_OPTIONS = -Xlint:all,-deprecation +JAVAC_WARNINGS_FATAL = true include $(BUILDDIR)/common/Defs.gmk # diff --git a/jdk/make/javax/crypto/Makefile b/jdk/make/javax/crypto/Makefile index b9eee08bd74..f9089f902d3 100644 --- a/jdk/make/javax/crypto/Makefile +++ b/jdk/make/javax/crypto/Makefile @@ -128,6 +128,8 @@ ifndef OPENJDK endif endif +JAVAC_MAX_WARNINGS = true +JAVAC_WARNINGS_FATAL = true include $(BUILDDIR)/common/Defs.gmk # diff --git a/jdk/make/sun/security/Makefile b/jdk/make/sun/security/Makefile index 6e03ffbe05d..217a7ef1bc0 100644 --- a/jdk/make/sun/security/Makefile +++ b/jdk/make/sun/security/Makefile @@ -34,6 +34,8 @@ # BUILDDIR = ../.. +SUBDIRS_MAKEFLAGS += JAVAC_MAX_WARNINGS=true +SUBDIRS_MAKEFLAGS += JAVAC_WARNINGS_FATAL=true include $(BUILDDIR)/common/Defs.gmk # build sun/security/jgss/wrapper on non-windows platform diff --git a/jdk/make/sun/security/ec/Makefile b/jdk/make/sun/security/ec/Makefile index e7b6315f765..4c95e33bde7 100644 --- a/jdk/make/sun/security/ec/Makefile +++ b/jdk/make/sun/security/ec/Makefile @@ -109,6 +109,9 @@ ifndef OPENJDK endif endif +JAVAC_MAX_WARNINGS=false +JAVAC_LINT_OPTIONS=-Xlint:all,-deprecation +JAVAC_WARNINGS_FATAL=true include $(BUILDDIR)/common/Defs.gmk # diff --git a/jdk/make/sun/security/other/Makefile b/jdk/make/sun/security/other/Makefile index f9c1c9b3d79..ab74d580d59 100644 --- a/jdk/make/sun/security/other/Makefile +++ b/jdk/make/sun/security/other/Makefile @@ -1,5 +1,5 @@ # -# Copyright (c) 1996, 2009, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,9 @@ BUILDDIR = ../../.. PACKAGE = sun.security.other PRODUCT = sun +JAVAC_MAX_WARNINGS=false +JAVAC_LINT_OPTIONS=-Xlint:all,-deprecation +JAVAC_WARNINGS_FATAL=true include $(BUILDDIR)/common/Defs.gmk # diff --git a/jdk/make/sun/security/pkcs11/Makefile b/jdk/make/sun/security/pkcs11/Makefile index a63198f5fb4..2d59f13a018 100644 --- a/jdk/make/sun/security/pkcs11/Makefile +++ b/jdk/make/sun/security/pkcs11/Makefile @@ -110,6 +110,9 @@ ifndef OPENJDK endif endif +JAVAC_MAX_WARNINGS=false +JAVAC_LINT_OPTIONS=-Xlint:all,-deprecation +JAVAC_WARNINGS_FATAL=true include $(BUILDDIR)/common/Defs.gmk # diff --git a/jdk/src/share/classes/com/sun/crypto/provider/AESCrypt.java b/jdk/src/share/classes/com/sun/crypto/provider/AESCrypt.java index 0940817376b..6f46e158875 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/AESCrypt.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/AESCrypt.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -245,7 +245,7 @@ final class AESCrypt extends SymmetricCipher implements AESConstants for (j = 0; j < 8; j++) { tmp = AA[i][j]; AA[i][j] = AA[t][j]; - AA[t][j] = (byte) tmp; + AA[t][j] = tmp; } pivot = AA[i][i]; } diff --git a/jdk/src/share/classes/com/sun/crypto/provider/AESParameters.java b/jdk/src/share/classes/com/sun/crypto/provider/AESParameters.java index 2faf31d2244..6c2cdf24742 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/AESParameters.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/AESParameters.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,13 +25,10 @@ package com.sun.crypto.provider; -import java.util.*; import java.io.*; -import sun.security.util.*; import java.security.AlgorithmParametersSpi; import java.security.spec.AlgorithmParameterSpec; import java.security.spec.InvalidParameterSpecException; -import javax.crypto.spec.IvParameterSpec; /** * This class implements the parameter (IV) used with the AES algorithm @@ -67,9 +64,15 @@ public final class AESParameters extends AlgorithmParametersSpi { core.init(encoded, decodingMethod); } - protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + protected + T engineGetParameterSpec(Class paramSpec) throws InvalidParameterSpecException { - return core.getParameterSpec(paramSpec); + if (AlgorithmParameterSpec.class.isAssignableFrom(paramSpec)) { + return core.getParameterSpec(paramSpec); + } else { + throw new InvalidParameterSpecException + ("Inappropriate parameter Specification"); + } } protected byte[] engineGetEncoded() throws IOException { diff --git a/jdk/src/share/classes/com/sun/crypto/provider/BlockCipherParamsCore.java b/jdk/src/share/classes/com/sun/crypto/provider/BlockCipherParamsCore.java index 7466d55e5b2..d40092562f7 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/BlockCipherParamsCore.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/BlockCipherParamsCore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.util.*; import java.io.*; import sun.security.util.*; import sun.misc.HexDumpEncoder; @@ -64,7 +63,7 @@ final class BlockCipherParamsCore { throw new InvalidParameterSpecException("IV not " + block_size + " bytes long"); } - iv = (byte[]) tmpIv.clone(); + iv = tmpIv.clone(); } void init(byte[] encoded) throws IOException { @@ -90,11 +89,11 @@ final class BlockCipherParamsCore { init(encoded); } - AlgorithmParameterSpec getParameterSpec(Class paramSpec) + T getParameterSpec(Class paramSpec) throws InvalidParameterSpecException { if (IvParameterSpec.class.isAssignableFrom(paramSpec)) { - return new IvParameterSpec(this.iv); + return paramSpec.cast(new IvParameterSpec(this.iv)); } else { throw new InvalidParameterSpecException ("Inappropriate parameter specification"); diff --git a/jdk/src/share/classes/com/sun/crypto/provider/BlowfishParameters.java b/jdk/src/share/classes/com/sun/crypto/provider/BlowfishParameters.java index 995da5ab9f8..beb2804c3fd 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/BlowfishParameters.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/BlowfishParameters.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,13 +25,10 @@ package com.sun.crypto.provider; -import java.util.*; import java.io.*; -import sun.security.util.*; import java.security.AlgorithmParametersSpi; import java.security.spec.AlgorithmParameterSpec; import java.security.spec.InvalidParameterSpecException; -import javax.crypto.spec.IvParameterSpec; /** * This class implements the parameter (IV) used with the Blowfish algorithm in @@ -68,9 +65,15 @@ public final class BlowfishParameters extends AlgorithmParametersSpi { core.init(encoded, decodingMethod); } - protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + protected + T engineGetParameterSpec(Class paramSpec) throws InvalidParameterSpecException { - return core.getParameterSpec(paramSpec); + if (AlgorithmParameterSpec.class.isAssignableFrom(paramSpec)) { + return core.getParameterSpec(paramSpec); + } else { + throw new InvalidParameterSpecException + ("Inappropriate parameter Specification"); + } } protected byte[] engineGetEncoded() throws IOException { diff --git a/jdk/src/share/classes/com/sun/crypto/provider/CipherBlockChaining.java b/jdk/src/share/classes/com/sun/crypto/provider/CipherBlockChaining.java index 1291a6e7dab..3ed00e07257 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/CipherBlockChaining.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/CipherBlockChaining.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -193,7 +193,7 @@ class CipherBlockChaining extends FeedbackCipher { // This is necessary because in this constellation, a // ciphertext block (or parts of it) will be overridden by // the plaintext result. - cipherOrig = (byte[])cipher.clone(); + cipherOrig = cipher.clone(); } for (; cipherOffset < endIndex; diff --git a/jdk/src/share/classes/com/sun/crypto/provider/CipherCore.java b/jdk/src/share/classes/com/sun/crypto/provider/CipherCore.java index 80070b7889f..eb30879b0b9 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/CipherCore.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/CipherCore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -301,7 +301,7 @@ final class CipherCore { */ byte[] getIV() { byte[] iv = cipher.getIV(); - return (iv == null) ? null : (byte[])iv.clone(); + return (iv == null) ? null : iv.clone(); } /** @@ -475,8 +475,7 @@ final class CipherCore { IvParameterSpec ivSpec = null; if (params != null) { try { - ivSpec = (IvParameterSpec)params.getParameterSpec - (IvParameterSpec.class); + ivSpec = params.getParameterSpec(IvParameterSpec.class); } catch (InvalidParameterSpecException ipse) { throw new InvalidAlgorithmParameterException("Wrong parameter " + "type: IV " @@ -832,7 +831,7 @@ final class CipherCore { buffered = 0; diffBlocksize = blockSize; if (cipherMode != ECB_MODE) { - ((FeedbackCipher)cipher).reset(); + cipher.reset(); } return totalLen; } diff --git a/jdk/src/share/classes/com/sun/crypto/provider/DESCrypt.java b/jdk/src/share/classes/com/sun/crypto/provider/DESCrypt.java index c8c01d8171e..b533cfdcc13 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/DESCrypt.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESCrypt.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -622,17 +622,17 @@ class DESCrypt extends SymmetricCipher implements DESConstants { // mangler function: // every 6 bit is fed into the sbox, which // produces 4-bit output - left ^= s0p[(int)((temp & 0x3f) ^ key[j+0])] - ^ s1p[(int)(((temp >> 4) & 0x3f) ^ key[j+1])] - ^ s2p[(int)(((temp >> 8) & 0x3f) ^ key[j+2])] - ^ s3p[(int)(((temp >> 12) & 0x3f) ^ key[j+3])] - ^ s4p[(int)(((temp >> 16) & 0x3f) ^ key[j+4])] - ^ s5p[(int)(((temp >> 20) & 0x3f) ^ key[j+5])] - ^ s6p[(int)(((temp >> 24) & 0x3f) ^ key[j+6])]; + left ^= s0p[(temp & 0x3f) ^ key[j+0]] + ^ s1p[((temp >> 4) & 0x3f) ^ key[j+1]] + ^ s2p[((temp >> 8) & 0x3f) ^ key[j+2]] + ^ s3p[((temp >> 12) & 0x3f) ^ key[j+3]] + ^ s4p[((temp >> 16) & 0x3f) ^ key[j+4]] + ^ s5p[((temp >> 20) & 0x3f) ^ key[j+5]] + ^ s6p[((temp >> 24) & 0x3f) ^ key[j+6]]; // make the last sbox input the last bit from right[0] temp = ((right & 1) << 5) | ((right >> 27) & 0x1f); - left ^= s7p[(int)(temp ^ key[j+7])]; + left ^= s7p[temp ^ key[j+7]]; temp = left; left = right; right = temp; diff --git a/jdk/src/share/classes/com/sun/crypto/provider/DESKey.java b/jdk/src/share/classes/com/sun/crypto/provider/DESKey.java index cb942e7e61d..32564ce84bf 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/DESKey.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESKey.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -78,7 +78,7 @@ final class DESKey implements SecretKey { public byte[] getEncoded() { // Return a copy of the key, rather than a reference, // so that the key data cannot be modified from outside - return (byte[])this.key.clone(); + return this.key.clone(); } public String getAlgorithm() { @@ -126,7 +126,7 @@ final class DESKey implements SecretKey { throws java.io.IOException, ClassNotFoundException { s.defaultReadObject(); - key = (byte[])key.clone(); + key = key.clone(); } /** diff --git a/jdk/src/share/classes/com/sun/crypto/provider/DESKeyFactory.java b/jdk/src/share/classes/com/sun/crypto/provider/DESKeyFactory.java index 28ba8a457c6..47f0b26a27d 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/DESKeyFactory.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -92,7 +92,7 @@ public final class DESKeyFactory extends SecretKeyFactorySpi { * inappropriate for the given key, or the given key cannot be processed * (e.g., the given key has an unrecognized algorithm or format). */ - protected KeySpec engineGetKeySpec(SecretKey key, Class keySpec) + protected KeySpec engineGetKeySpec(SecretKey key, Class keySpec) throws InvalidKeySpecException { try { diff --git a/jdk/src/share/classes/com/sun/crypto/provider/DESParameters.java b/jdk/src/share/classes/com/sun/crypto/provider/DESParameters.java index 56e289e91d7..a5ae615870b 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/DESParameters.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESParameters.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,13 +25,10 @@ package com.sun.crypto.provider; -import java.util.*; import java.io.*; -import sun.security.util.*; import java.security.AlgorithmParametersSpi; import java.security.spec.AlgorithmParameterSpec; import java.security.spec.InvalidParameterSpecException; -import javax.crypto.spec.IvParameterSpec; /** * This class implements the parameter (IV) used with the DES algorithm in @@ -68,9 +65,15 @@ public final class DESParameters extends AlgorithmParametersSpi { core.init(encoded, decodingMethod); } - protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + protected + T engineGetParameterSpec(Class paramSpec) throws InvalidParameterSpecException { - return core.getParameterSpec(paramSpec); + if (AlgorithmParameterSpec.class.isAssignableFrom(paramSpec)) { + return core.getParameterSpec(paramSpec); + } else { + throw new InvalidParameterSpecException + ("Inappropriate parameter Specification"); + } } protected byte[] engineGetEncoded() throws IOException { diff --git a/jdk/src/share/classes/com/sun/crypto/provider/DESedeKey.java b/jdk/src/share/classes/com/sun/crypto/provider/DESedeKey.java index 917c0402589..8f264b8251c 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/DESedeKey.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESedeKey.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -78,7 +78,7 @@ final class DESedeKey implements SecretKey { } public byte[] getEncoded() { - return (byte[])this.key.clone(); + return this.key.clone(); } public String getAlgorithm() { @@ -127,7 +127,7 @@ final class DESedeKey implements SecretKey { throws java.io.IOException, ClassNotFoundException { s.defaultReadObject(); - key = (byte[])key.clone(); + key = key.clone(); } /** diff --git a/jdk/src/share/classes/com/sun/crypto/provider/DESedeKeyFactory.java b/jdk/src/share/classes/com/sun/crypto/provider/DESedeKeyFactory.java index fd297542df0..9caabc3d80b 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/DESedeKeyFactory.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESedeKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -92,7 +92,7 @@ public final class DESedeKeyFactory extends SecretKeyFactorySpi { * inappropriate for the given key, or the given key cannot be processed * (e.g., the given key has an unrecognized algorithm or format). */ - protected KeySpec engineGetKeySpec(SecretKey key, Class keySpec) + protected KeySpec engineGetKeySpec(SecretKey key, Class keySpec) throws InvalidKeySpecException { try { diff --git a/jdk/src/share/classes/com/sun/crypto/provider/DESedeParameters.java b/jdk/src/share/classes/com/sun/crypto/provider/DESedeParameters.java index 884a2bad1a6..d2bba89b799 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/DESedeParameters.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESedeParameters.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,13 +25,10 @@ package com.sun.crypto.provider; -import java.util.*; import java.io.*; -import sun.security.util.*; import java.security.AlgorithmParametersSpi; import java.security.spec.AlgorithmParameterSpec; import java.security.spec.InvalidParameterSpecException; -import javax.crypto.spec.IvParameterSpec; /** * This class implements the parameter (IV) used with the Triple DES algorithm @@ -67,9 +64,15 @@ public final class DESedeParameters extends AlgorithmParametersSpi { core.init(encoded, decodingMethod); } - protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + protected + T engineGetParameterSpec(Class paramSpec) throws InvalidParameterSpecException { - return core.getParameterSpec(paramSpec); + if (AlgorithmParameterSpec.class.isAssignableFrom(paramSpec)) { + return core.getParameterSpec(paramSpec); + } else { + throw new InvalidParameterSpecException + ("Inappropriate parameter Specification"); + } } protected byte[] engineGetEncoded() throws IOException { diff --git a/jdk/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java b/jdk/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java index 8f73047d7ea..07b5a778dca 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.util.Arrays; import java.security.*; import java.security.spec.*; import javax.crypto.*; @@ -151,7 +150,7 @@ public final class DESedeWrapCipher extends CipherSpi { * been set. */ protected byte[] engineGetIV() { - return (iv == null? null:(byte[]) iv.clone()); + return (iv == null) ? null : iv.clone(); } /** @@ -277,8 +276,7 @@ public final class DESedeWrapCipher extends CipherSpi { try { DESedeParameters paramsEng = new DESedeParameters(); paramsEng.engineInit(params.getEncoded()); - ivSpec = (IvParameterSpec) - paramsEng.engineGetParameterSpec(IvParameterSpec.class); + ivSpec = paramsEng.engineGetParameterSpec(IvParameterSpec.class); } catch (Exception ex) { InvalidAlgorithmParameterException iape = new InvalidAlgorithmParameterException diff --git a/jdk/src/share/classes/com/sun/crypto/provider/DHKeyFactory.java b/jdk/src/share/classes/com/sun/crypto/provider/DHKeyFactory.java index bb5e1760b5d..38e7d36f3f2 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/DHKeyFactory.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/DHKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,8 +25,6 @@ package com.sun.crypto.provider; -import java.util.*; -import java.lang.*; import java.security.Key; import java.security.PublicKey; import java.security.PrivateKey; @@ -140,7 +138,8 @@ public final class DHKeyFactory extends KeyFactorySpi { * inappropriate for the given key, or the given key cannot be processed * (e.g., the given key has an unrecognized algorithm or format). */ - protected KeySpec engineGetKeySpec(Key key, Class keySpec) + protected + T engineGetKeySpec(Key key, Class keySpec) throws InvalidKeySpecException { DHParameterSpec params; @@ -150,12 +149,12 @@ public final class DHKeyFactory extends KeyFactorySpi { javax.crypto.interfaces.DHPublicKey dhPubKey = (javax.crypto.interfaces.DHPublicKey) key; params = dhPubKey.getParams(); - return new DHPublicKeySpec(dhPubKey.getY(), - params.getP(), - params.getG()); + return keySpec.cast(new DHPublicKeySpec(dhPubKey.getY(), + params.getP(), + params.getG())); } else if (X509EncodedKeySpec.class.isAssignableFrom(keySpec)) { - return new X509EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new X509EncodedKeySpec(key.getEncoded())); } else { throw new InvalidKeySpecException @@ -168,12 +167,12 @@ public final class DHKeyFactory extends KeyFactorySpi { javax.crypto.interfaces.DHPrivateKey dhPrivKey = (javax.crypto.interfaces.DHPrivateKey)key; params = dhPrivKey.getParams(); - return new DHPrivateKeySpec(dhPrivKey.getX(), - params.getP(), - params.getG()); + return keySpec.cast(new DHPrivateKeySpec(dhPrivKey.getX(), + params.getP(), + params.getG())); } else if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec)) { - return new PKCS8EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded())); } else { throw new InvalidKeySpecException @@ -208,8 +207,7 @@ public final class DHKeyFactory extends KeyFactorySpi { } // Convert key to spec DHPublicKeySpec dhPubKeySpec - = (DHPublicKeySpec)engineGetKeySpec - (key, DHPublicKeySpec.class); + = engineGetKeySpec(key, DHPublicKeySpec.class); // Create key from spec, and return it return engineGeneratePublic(dhPubKeySpec); @@ -220,8 +218,7 @@ public final class DHKeyFactory extends KeyFactorySpi { } // Convert key to spec DHPrivateKeySpec dhPrivKeySpec - = (DHPrivateKeySpec)engineGetKeySpec - (key, DHPrivateKeySpec.class); + = engineGetKeySpec(key, DHPrivateKeySpec.class); // Create key from spec, and return it return engineGeneratePrivate(dhPrivKeySpec); diff --git a/jdk/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java b/jdk/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java index 9589fa6045a..0d2eec7c776 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.math.BigInteger; import java.security.*; import java.security.spec.*; import javax.crypto.spec.DHParameterSpec; @@ -141,8 +140,7 @@ extends AlgorithmParameterGeneratorSpi { paramGen = AlgorithmParameterGenerator.getInstance("DSA"); paramGen.init(this.primeSize, random); algParams = paramGen.generateParameters(); - dsaParamSpec = (DSAParameterSpec) - algParams.getParameterSpec(DSAParameterSpec.class); + dsaParamSpec = algParams.getParameterSpec(DSAParameterSpec.class); DHParameterSpec dhParamSpec; if (this.exponentSize > 0) { diff --git a/jdk/src/share/classes/com/sun/crypto/provider/DHParameters.java b/jdk/src/share/classes/com/sun/crypto/provider/DHParameters.java index 022a8ded4e7..57b0e7c3a0c 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/DHParameters.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/DHParameters.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.util.*; import java.io.*; import sun.security.util.*; import java.math.BigInteger; @@ -95,11 +94,12 @@ public final class DHParameters extends AlgorithmParametersSpi { engineInit(params); } - protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + protected + T engineGetParameterSpec(Class paramSpec) throws InvalidParameterSpecException { if (DHParameterSpec.class.isAssignableFrom(paramSpec)) { - return new DHParameterSpec(this.p, this.g, this.l); + return paramSpec.cast(new DHParameterSpec(this.p, this.g, this.l)); } else { throw new InvalidParameterSpecException ("Inappropriate parameter Specification"); diff --git a/jdk/src/share/classes/com/sun/crypto/provider/DHPrivateKey.java b/jdk/src/share/classes/com/sun/crypto/provider/DHPrivateKey.java index 4af003d68ae..1653a239960 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/DHPrivateKey.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/DHPrivateKey.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -31,7 +31,6 @@ import java.security.KeyRep; import java.security.PrivateKey; import java.security.InvalidKeyException; import java.security.ProviderException; -import javax.crypto.*; import javax.crypto.spec.DHParameterSpec; import sun.security.util.*; @@ -182,7 +181,7 @@ javax.crypto.interfaces.DHPrivateKey, Serializable { // ignore OPTIONAL attributes - this.encodedKey = (byte[])encodedKey.clone(); + this.encodedKey = encodedKey.clone(); } catch (NumberFormatException e) { InvalidKeyException ike = new InvalidKeyException( @@ -256,7 +255,7 @@ javax.crypto.interfaces.DHPrivateKey, Serializable { return null; } } - return (byte[])this.encodedKey.clone(); + return this.encodedKey.clone(); } /** diff --git a/jdk/src/share/classes/com/sun/crypto/provider/DHPublicKey.java b/jdk/src/share/classes/com/sun/crypto/provider/DHPublicKey.java index 46bf6024dd4..a9062e50797 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/DHPublicKey.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/DHPublicKey.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,10 +29,8 @@ import java.io.*; import java.math.BigInteger; import java.security.KeyRep; import java.security.InvalidKeyException; -import java.security.InvalidAlgorithmParameterException; import java.security.ProviderException; import java.security.PublicKey; -import javax.crypto.*; import javax.crypto.spec.DHParameterSpec; import sun.security.util.*; @@ -174,7 +172,7 @@ javax.crypto.interfaces.DHPublicKey, Serializable { throw new InvalidKeyException("Excess key data"); } - this.encodedKey = (byte[])encodedKey.clone(); + this.encodedKey = encodedKey.clone(); } catch (NumberFormatException e) { throw new InvalidKeyException("Private-value length too big"); @@ -237,7 +235,7 @@ javax.crypto.interfaces.DHPublicKey, Serializable { return null; } } - return (byte[])this.encodedKey.clone(); + return this.encodedKey.clone(); } /** diff --git a/jdk/src/share/classes/com/sun/crypto/provider/EncryptedPrivateKeyInfo.java b/jdk/src/share/classes/com/sun/crypto/provider/EncryptedPrivateKeyInfo.java index 2db02db0cac..c6a4c0f5ab2 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/EncryptedPrivateKeyInfo.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/EncryptedPrivateKeyInfo.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -77,7 +77,7 @@ final class EncryptedPrivateKeyInfo { if (seq[1].data.available() != 0) throw new IOException("encryptedData field overrun"); - this.encoded = (byte[])encoded.clone(); + this.encoded = encoded.clone(); } /** @@ -86,7 +86,7 @@ final class EncryptedPrivateKeyInfo { */ EncryptedPrivateKeyInfo(AlgorithmId algid, byte[] encryptedData) { this.algid = algid; - this.encryptedData = (byte[])encryptedData.clone(); + this.encryptedData = encryptedData.clone(); this.encoded = null; // lazy generation of encoding } @@ -101,7 +101,7 @@ final class EncryptedPrivateKeyInfo { * Returns the encrypted data. */ byte[] getEncryptedData() { - return (byte[])this.encryptedData.clone(); + return this.encryptedData.clone(); } /** @@ -110,7 +110,7 @@ final class EncryptedPrivateKeyInfo { byte[] getEncoded() throws IOException { - if (this.encoded != null) return (byte[])this.encoded.clone(); + if (this.encoded != null) return this.encoded.clone(); DerOutputStream out = new DerOutputStream(); DerOutputStream tmp = new DerOutputStream(); @@ -125,6 +125,6 @@ final class EncryptedPrivateKeyInfo { out.write(DerValue.tag_Sequence, tmp); this.encoded = out.toByteArray(); - return (byte[])this.encoded.clone(); + return this.encoded.clone(); } } diff --git a/jdk/src/share/classes/com/sun/crypto/provider/HmacCore.java b/jdk/src/share/classes/com/sun/crypto/provider/HmacCore.java index 0683bc19485..57aed3d0b0c 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/HmacCore.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/HmacCore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -78,8 +78,8 @@ final class HmacCore implements Cloneable { private HmacCore(HmacCore other) throws CloneNotSupportedException { this.md = (MessageDigest)other.md.clone(); this.blockLen = other.blockLen; - this.k_ipad = (byte[])other.k_ipad.clone(); - this.k_opad = (byte[])other.k_opad.clone(); + this.k_ipad = other.k_ipad.clone(); + this.k_opad = other.k_opad.clone(); this.first = other.first; } diff --git a/jdk/src/share/classes/com/sun/crypto/provider/JceKeyStore.java b/jdk/src/share/classes/com/sun/crypto/provider/JceKeyStore.java index 1f37e185796..5d48553c25a 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/JceKeyStore.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/JceKeyStore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -38,9 +38,7 @@ import java.security.KeyStoreException; import java.security.UnrecoverableKeyException; import java.security.cert.Certificate; import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; import java.security.cert.CertificateException; -import java.security.spec.InvalidKeySpecException; import javax.crypto.SealedObject; /** @@ -87,7 +85,7 @@ public final class JceKeyStore extends KeyStoreSpi { * Private keys and certificates are stored in a hashtable. * Hash entries are keyed by alias names. */ - private Hashtable entries = new Hashtable(); + private Hashtable entries = new Hashtable(); /** * Returns the key associated with the given alias, using the given @@ -156,7 +154,7 @@ public final class JceKeyStore extends KeyStoreSpi { if ((entry instanceof PrivateKeyEntry) && (((PrivateKeyEntry)entry).chain != null)) { - chain = (Certificate[])((PrivateKeyEntry)entry).chain.clone(); + chain = ((PrivateKeyEntry)entry).chain.clone(); } return chain; @@ -262,7 +260,7 @@ public final class JceKeyStore extends KeyStoreSpi { // clone the chain if ((chain != null) && (chain.length !=0)) { - entry.chain = (Certificate[])chain.clone(); + entry.chain = chain.clone(); } else { entry.chain = null; } @@ -316,10 +314,10 @@ public final class JceKeyStore extends KeyStoreSpi { PrivateKeyEntry entry = new PrivateKeyEntry(); entry.date = new Date(); - entry.protectedKey = (byte[])key.clone(); + entry.protectedKey = key.clone(); if ((chain != null) && (chain.length != 0)) { - entry.chain = (Certificate[])chain.clone(); + entry.chain = chain.clone(); } else { entry.chain = null; } @@ -384,7 +382,7 @@ public final class JceKeyStore extends KeyStoreSpi { * * @return enumeration of the alias names */ - public Enumeration engineAliases() { + public Enumeration engineAliases() { return entries.keys(); } @@ -462,9 +460,9 @@ public final class JceKeyStore extends KeyStoreSpi { public String engineGetCertificateAlias(Certificate cert) { Certificate certElem; - Enumeration e = entries.keys(); + Enumeration e = entries.keys(); while (e.hasMoreElements()) { - String alias = (String)e.nextElement(); + String alias = e.nextElement(); Object entry = entries.get(alias); if (entry instanceof TrustedCertEntry) { certElem = ((TrustedCertEntry)entry).cert; @@ -560,10 +558,10 @@ public final class JceKeyStore extends KeyStoreSpi { dos.writeInt(entries.size()); - Enumeration e = entries.keys(); + Enumeration e = entries.keys(); while (e.hasMoreElements()) { - String alias = (String)e.nextElement(); + String alias = e.nextElement(); Object entry = entries.get(alias); if (entry instanceof PrivateKeyEntry) { @@ -677,7 +675,7 @@ public final class JceKeyStore extends KeyStoreSpi { DataInputStream dis; MessageDigest md = null; CertificateFactory cf = null; - Hashtable cfs = null; + Hashtable cfs = null; ByteArrayInputStream bais = null; byte[] encoded = null; @@ -713,7 +711,7 @@ public final class JceKeyStore extends KeyStoreSpi { cf = CertificateFactory.getInstance("X509"); } else { // version 2 - cfs = new Hashtable(3); + cfs = new Hashtable(3); } entries.clear(); @@ -761,7 +759,7 @@ public final class JceKeyStore extends KeyStoreSpi { String certType = dis.readUTF(); if (cfs.containsKey(certType)) { // reuse certificate factory - cf = (CertificateFactory)cfs.get(certType); + cf = cfs.get(certType); } else { // create new certificate factory cf = CertificateFactory.getInstance( @@ -803,7 +801,7 @@ public final class JceKeyStore extends KeyStoreSpi { String certType = dis.readUTF(); if (cfs.containsKey(certType)) { // reuse certificate factory - cf = (CertificateFactory)cfs.get(certType); + cf = cfs.get(certType); } else { // create new certificate factory cf = CertificateFactory.getInstance(certType); diff --git a/jdk/src/share/classes/com/sun/crypto/provider/KeyProtector.java b/jdk/src/share/classes/com/sun/crypto/provider/KeyProtector.java index cd89dd754e9..6d38a1f1e35 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/KeyProtector.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/KeyProtector.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,14 +25,8 @@ package com.sun.crypto.provider; -import java.io.UnsupportedEncodingException; import java.io.IOException; import java.io.Serializable; -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.ObjectInputStream; -import java.io.ObjectOutputStream; -import java.io.ObjectInputStream.GetField; import java.security.Security; import java.security.Key; import java.security.PrivateKey; @@ -42,22 +36,14 @@ import java.security.MessageDigest; import java.security.GeneralSecurityException; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; -import java.security.SecureRandom; import java.security.UnrecoverableKeyException; -import java.security.InvalidParameterException; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; import java.security.AlgorithmParameters; -import java.security.spec.InvalidParameterSpecException; -import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; import javax.crypto.Cipher; import javax.crypto.CipherSpi; import javax.crypto.SecretKey; -import javax.crypto.NoSuchPaddingException; import javax.crypto.IllegalBlockSizeException; -import javax.crypto.BadPaddingException; import javax.crypto.SealedObject; import javax.crypto.spec.*; import sun.security.x509.AlgorithmId; @@ -127,7 +113,7 @@ final class KeyProtector { PBEWithMD5AndTripleDESCipher cipher; cipher = new PBEWithMD5AndTripleDESCipher(); cipher.engineInit(Cipher.ENCRYPT_MODE, sKey, pbeSpec, null); - byte[] plain = (byte[])key.getEncoded(); + byte[] plain = key.getEncoded(); byte[] encrKey = cipher.engineDoFinal(plain, 0, plain.length); // wrap encrypted private key in EncryptedPrivateKeyInfo @@ -169,8 +155,8 @@ final class KeyProtector { AlgorithmParameters pbeParams = AlgorithmParameters.getInstance("PBE"); pbeParams.init(encodedParams); - PBEParameterSpec pbeSpec = (PBEParameterSpec) - pbeParams.getParameterSpec(PBEParameterSpec.class); + PBEParameterSpec pbeSpec = + pbeParams.getParameterSpec(PBEParameterSpec.class); // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password); diff --git a/jdk/src/share/classes/com/sun/crypto/provider/OAEPParameters.java b/jdk/src/share/classes/com/sun/crypto/provider/OAEPParameters.java index 07d613babe8..61423f0d4e6 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/OAEPParameters.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/OAEPParameters.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,7 +26,6 @@ package com.sun.crypto.provider; import java.math.BigInteger; -import java.util.*; import java.io.*; import sun.security.util.*; import sun.security.x509.*; @@ -180,11 +179,13 @@ public final class OAEPParameters extends AlgorithmParametersSpi { engineInit(encoded); } - protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + protected + T engineGetParameterSpec(Class paramSpec) throws InvalidParameterSpecException { if (OAEPParameterSpec.class.isAssignableFrom(paramSpec)) { - return new OAEPParameterSpec(mdName, "MGF1", mgfSpec, - new PSource.PSpecified(p)); + return paramSpec.cast( + new OAEPParameterSpec(mdName, "MGF1", mgfSpec, + new PSource.PSpecified(p))); } else { throw new InvalidParameterSpecException ("Inappropriate parameter specification"); diff --git a/jdk/src/share/classes/com/sun/crypto/provider/PBECipherCore.java b/jdk/src/share/classes/com/sun/crypto/provider/PBECipherCore.java index 7a0179a2292..7181ceeddbf 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/PBECipherCore.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBECipherCore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.io.UnsupportedEncodingException; import java.security.*; import java.security.spec.*; import javax.crypto.*; @@ -326,8 +325,7 @@ final class PBECipherCore { PBEParameterSpec pbeSpec = null; if (params != null) { try { - pbeSpec = (PBEParameterSpec) params.getParameterSpec - (PBEParameterSpec.class); + pbeSpec = params.getParameterSpec(PBEParameterSpec.class); } catch (InvalidParameterSpecException ipse) { throw new InvalidAlgorithmParameterException("Wrong parameter " + "type: PBE " diff --git a/jdk/src/share/classes/com/sun/crypto/provider/PBEKey.java b/jdk/src/share/classes/com/sun/crypto/provider/PBEKey.java index 5678327f05a..a650133fe4a 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/PBEKey.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBEKey.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.io.UnsupportedEncodingException; import java.security.KeyRep; import java.security.spec.InvalidKeySpecException; import javax.crypto.SecretKey; @@ -69,7 +68,7 @@ final class PBEKey implements SecretKey { } public byte[] getEncoded() { - return (byte[])this.key.clone(); + return this.key.clone(); } public String getAlgorithm() { @@ -118,7 +117,7 @@ final class PBEKey implements SecretKey { throws java.io.IOException, ClassNotFoundException { s.defaultReadObject(); - key = (byte[])key.clone(); + key = key.clone(); } diff --git a/jdk/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java b/jdk/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java index 1e467931fa4..b246916fde4 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.io.UnsupportedEncodingException; import java.security.InvalidKeyException; import java.security.spec.KeySpec; import java.security.spec.InvalidKeySpecException; @@ -132,7 +131,7 @@ abstract class PBEKeyFactory extends SecretKeyFactorySpi { * inappropriate for the given key, or the given key cannot be processed * (e.g., the given key has an unrecognized algorithm or format). */ - protected KeySpec engineGetKeySpec(SecretKey key, Class keySpecCl) + protected KeySpec engineGetKeySpec(SecretKey key, Class keySpecCl) throws InvalidKeySpecException { if ((key instanceof SecretKey) && (validTypes.contains(key.getAlgorithm().toUpperCase())) diff --git a/jdk/src/share/classes/com/sun/crypto/provider/PBEParameters.java b/jdk/src/share/classes/com/sun/crypto/provider/PBEParameters.java index e9021937850..114303fa8d3 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/PBEParameters.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBEParameters.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.util.*; import java.io.*; import java.math.BigInteger; import java.security.AlgorithmParametersSpi; @@ -65,7 +64,7 @@ public final class PBEParameters extends AlgorithmParametersSpi { throw new InvalidParameterSpecException ("Inappropriate parameter specification"); } - this.salt = (byte[])((PBEParameterSpec)paramSpec).getSalt().clone(); + this.salt = ((PBEParameterSpec)paramSpec).getSalt().clone(); this.iCount = ((PBEParameterSpec)paramSpec).getIterationCount(); } @@ -98,11 +97,12 @@ public final class PBEParameters extends AlgorithmParametersSpi { engineInit(encoded); } - protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + protected + T engineGetParameterSpec(Class paramSpec) throws InvalidParameterSpecException { if (PBEParameterSpec.class.isAssignableFrom(paramSpec)) { - return new PBEParameterSpec(this.salt, this.iCount); + return paramSpec.cast(new PBEParameterSpec(this.salt, this.iCount)); } else { throw new InvalidParameterSpecException ("Inappropriate parameter specification"); diff --git a/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2HmacSHA1Factory.java b/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2HmacSHA1Factory.java index da63fabb653..ae49c79cafb 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2HmacSHA1Factory.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2HmacSHA1Factory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,14 +25,12 @@ package com.sun.crypto.provider; -import java.io.*; import java.security.InvalidKeyException; import java.security.spec.KeySpec; import java.security.spec.InvalidKeySpecException; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactorySpi; import javax.crypto.spec.PBEKeySpec; -import javax.crypto.spec.SecretKeySpec; /** * This class implements a key factory for PBE keys derived using @@ -88,7 +86,7 @@ public final class PBKDF2HmacSHA1Factory extends SecretKeyFactorySpi { * given key cannot be processed (e.g., the given key has an * unrecognized algorithm or format). */ - protected KeySpec engineGetKeySpec(SecretKey key, Class keySpecCl) + protected KeySpec engineGetKeySpec(SecretKey key, Class keySpecCl) throws InvalidKeySpecException { if (key instanceof javax.crypto.interfaces.PBEKey) { // Check if requested key spec is amongst the valid ones diff --git a/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java b/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java index 7f74609c002..ec73014b627 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -133,6 +133,7 @@ final class PBKDF2KeyImpl implements javax.crypto.interfaces.PBEKey { byte[] ti = new byte[hlen]; // SecretKeySpec cannot be used, since password can be empty here. SecretKey macKey = new SecretKey() { + private static final long serialVersionUID = 7874493593505141603L; @Override public String getAlgorithm() { return prf.getAlgorithm(); @@ -194,7 +195,7 @@ final class PBKDF2KeyImpl implements javax.crypto.interfaces.PBEKey { } public byte[] getEncoded() { - return (byte[]) key.clone(); + return key.clone(); } public String getAlgorithm() { @@ -206,7 +207,7 @@ final class PBKDF2KeyImpl implements javax.crypto.interfaces.PBEKey { } public char[] getPassword() { - return (char[]) passwd.clone(); + return passwd.clone(); } public byte[] getSalt() { @@ -268,7 +269,7 @@ final class PBKDF2KeyImpl implements javax.crypto.interfaces.PBEKey { protected void finalize() throws Throwable { try { if (this.passwd != null) { - java.util.Arrays.fill(this.passwd, (char) '0'); + java.util.Arrays.fill(this.passwd, '0'); this.passwd = null; } if (this.key != null) { diff --git a/jdk/src/share/classes/com/sun/crypto/provider/PCBC.java b/jdk/src/share/classes/com/sun/crypto/provider/PCBC.java index d4c90379a7b..aa4758593af 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/PCBC.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/PCBC.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -145,7 +145,7 @@ final class PCBC extends FeedbackCipher { for (; plainOffset < endIndex; plainOffset += blockSize, cipherOffset += blockSize) { for (i=0; i + T engineGetParameterSpec(Class paramSpec) throws InvalidParameterSpecException { if (RC2ParameterSpec.class.isAssignableFrom(paramSpec)) { - return (iv == null ? - new RC2ParameterSpec(effectiveKeySize) : - new RC2ParameterSpec(effectiveKeySize, iv)); + return paramSpec.cast((iv == null ? + new RC2ParameterSpec(effectiveKeySize) : + new RC2ParameterSpec(effectiveKeySize, iv))); } else { throw new InvalidParameterSpecException ("Inappropriate parameter specification"); diff --git a/jdk/src/share/classes/com/sun/crypto/provider/RSACipher.java b/jdk/src/share/classes/com/sun/crypto/provider/RSACipher.java index 644813da807..d63641490dc 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/RSACipher.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/RSACipher.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -227,8 +227,8 @@ public final class RSACipher extends CipherSpi { init(opmode, key, random, null); } else { try { - OAEPParameterSpec spec = (OAEPParameterSpec) - params.getParameterSpec(OAEPParameterSpec.class); + OAEPParameterSpec spec = + params.getParameterSpec(OAEPParameterSpec.class); init(opmode, key, random, spec); } catch (InvalidParameterSpecException ipse) { InvalidAlgorithmParameterException iape = diff --git a/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java b/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java index 4b53f84fedc..c58236ba3e6 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,11 +27,6 @@ package com.sun.crypto.provider; import java.security.AccessController; import java.security.Provider; -import java.security.PrivilegedAction; -import java.security.cert.*; -import java.net.URL; -import java.io.ByteArrayInputStream; -import java.security.CodeSource; import java.security.SecureRandom; @@ -105,352 +100,353 @@ public final class SunJCE extends Provider { "|OFB72|OFB80|OFB88|OFB96|OFB104|OFB112|OFB120|OFB128"; final String BLOCK_PADS = "NOPADDING|PKCS5PADDING|ISO10126PADDING"; - AccessController.doPrivileged(new java.security.PrivilegedAction() { + AccessController.doPrivileged( + new java.security.PrivilegedAction() { public Object run() { - /* - * Cipher engines - */ - put("Cipher.RSA", "com.sun.crypto.provider.RSACipher"); - put("Cipher.RSA SupportedModes", "ECB"); - put("Cipher.RSA SupportedPaddings", - "NOPADDING|PKCS1PADDING|OAEPWITHMD5ANDMGF1PADDING" - + "|OAEPWITHSHA1ANDMGF1PADDING" - + "|OAEPWITHSHA-1ANDMGF1PADDING" - + "|OAEPWITHSHA-256ANDMGF1PADDING" - + "|OAEPWITHSHA-384ANDMGF1PADDING" - + "|OAEPWITHSHA-512ANDMGF1PADDING"); - put("Cipher.RSA SupportedKeyClasses", - "java.security.interfaces.RSAPublicKey" + - "|java.security.interfaces.RSAPrivateKey"); + /* + * Cipher engines + */ + put("Cipher.RSA", "com.sun.crypto.provider.RSACipher"); + put("Cipher.RSA SupportedModes", "ECB"); + put("Cipher.RSA SupportedPaddings", + "NOPADDING|PKCS1PADDING|OAEPWITHMD5ANDMGF1PADDING" + + "|OAEPWITHSHA1ANDMGF1PADDING" + + "|OAEPWITHSHA-1ANDMGF1PADDING" + + "|OAEPWITHSHA-256ANDMGF1PADDING" + + "|OAEPWITHSHA-384ANDMGF1PADDING" + + "|OAEPWITHSHA-512ANDMGF1PADDING"); + put("Cipher.RSA SupportedKeyClasses", + "java.security.interfaces.RSAPublicKey" + + "|java.security.interfaces.RSAPrivateKey"); - put("Cipher.DES", "com.sun.crypto.provider.DESCipher"); - put("Cipher.DES SupportedModes", BLOCK_MODES); - put("Cipher.DES SupportedPaddings", BLOCK_PADS); - put("Cipher.DES SupportedKeyFormats", "RAW"); + put("Cipher.DES", "com.sun.crypto.provider.DESCipher"); + put("Cipher.DES SupportedModes", BLOCK_MODES); + put("Cipher.DES SupportedPaddings", BLOCK_PADS); + put("Cipher.DES SupportedKeyFormats", "RAW"); - put("Cipher.DESede", "com.sun.crypto.provider.DESedeCipher"); - put("Alg.Alias.Cipher.TripleDES", "DESede"); - put("Cipher.DESede SupportedModes", BLOCK_MODES); - put("Cipher.DESede SupportedPaddings", BLOCK_PADS); - put("Cipher.DESede SupportedKeyFormats", "RAW"); + put("Cipher.DESede", "com.sun.crypto.provider.DESedeCipher"); + put("Alg.Alias.Cipher.TripleDES", "DESede"); + put("Cipher.DESede SupportedModes", BLOCK_MODES); + put("Cipher.DESede SupportedPaddings", BLOCK_PADS); + put("Cipher.DESede SupportedKeyFormats", "RAW"); - put("Cipher.DESedeWrap", - "com.sun.crypto.provider.DESedeWrapCipher"); - put("Cipher.DESedeWrap SupportedModes", "CBC"); - put("Cipher.DESedeWrap SupportedPaddings", "NOPADDING"); - put("Cipher.DESedeWrap SupportedKeyFormats", "RAW"); + put("Cipher.DESedeWrap", + "com.sun.crypto.provider.DESedeWrapCipher"); + put("Cipher.DESedeWrap SupportedModes", "CBC"); + put("Cipher.DESedeWrap SupportedPaddings", "NOPADDING"); + put("Cipher.DESedeWrap SupportedKeyFormats", "RAW"); - put("Cipher.PBEWithMD5AndDES", - "com.sun.crypto.provider.PBEWithMD5AndDESCipher"); - put("Alg.Alias.Cipher.OID."+OID_PKCS5_MD5_DES, - "PBEWithMD5AndDES"); - put("Alg.Alias.Cipher."+OID_PKCS5_MD5_DES, - "PBEWithMD5AndDES"); - put("Cipher.PBEWithMD5AndTripleDES", - "com.sun.crypto.provider.PBEWithMD5AndTripleDESCipher"); - put("Cipher.PBEWithSHA1AndRC2_40", - "com.sun.crypto.provider.PKCS12PBECipherCore$" + - "PBEWithSHA1AndRC2_40"); - put("Alg.Alias.Cipher.OID." + OID_PKCS12_RC2_40, - "PBEWithSHA1AndRC2_40"); - put("Alg.Alias.Cipher." + OID_PKCS12_RC2_40, - "PBEWithSHA1AndRC2_40"); - put("Cipher.PBEWithSHA1AndDESede", - "com.sun.crypto.provider.PKCS12PBECipherCore$" + - "PBEWithSHA1AndDESede"); - put("Alg.Alias.Cipher.OID." + OID_PKCS12_DESede, - "PBEWithSHA1AndDESede"); - put("Alg.Alias.Cipher." + OID_PKCS12_DESede, - "PBEWithSHA1AndDESede"); + put("Cipher.PBEWithMD5AndDES", + "com.sun.crypto.provider.PBEWithMD5AndDESCipher"); + put("Alg.Alias.Cipher.OID."+OID_PKCS5_MD5_DES, + "PBEWithMD5AndDES"); + put("Alg.Alias.Cipher."+OID_PKCS5_MD5_DES, + "PBEWithMD5AndDES"); + put("Cipher.PBEWithMD5AndTripleDES", + "com.sun.crypto.provider.PBEWithMD5AndTripleDESCipher"); + put("Cipher.PBEWithSHA1AndRC2_40", + "com.sun.crypto.provider.PKCS12PBECipherCore$" + + "PBEWithSHA1AndRC2_40"); + put("Alg.Alias.Cipher.OID." + OID_PKCS12_RC2_40, + "PBEWithSHA1AndRC2_40"); + put("Alg.Alias.Cipher." + OID_PKCS12_RC2_40, + "PBEWithSHA1AndRC2_40"); + put("Cipher.PBEWithSHA1AndDESede", + "com.sun.crypto.provider.PKCS12PBECipherCore$" + + "PBEWithSHA1AndDESede"); + put("Alg.Alias.Cipher.OID." + OID_PKCS12_DESede, + "PBEWithSHA1AndDESede"); + put("Alg.Alias.Cipher." + OID_PKCS12_DESede, + "PBEWithSHA1AndDESede"); - put("Cipher.Blowfish", - "com.sun.crypto.provider.BlowfishCipher"); - put("Cipher.Blowfish SupportedModes", BLOCK_MODES); - put("Cipher.Blowfish SupportedPaddings", BLOCK_PADS); - put("Cipher.Blowfish SupportedKeyFormats", "RAW"); + put("Cipher.Blowfish", + "com.sun.crypto.provider.BlowfishCipher"); + put("Cipher.Blowfish SupportedModes", BLOCK_MODES); + put("Cipher.Blowfish SupportedPaddings", BLOCK_PADS); + put("Cipher.Blowfish SupportedKeyFormats", "RAW"); - put("Cipher.AES", "com.sun.crypto.provider.AESCipher"); - put("Alg.Alias.Cipher.Rijndael", "AES"); - put("Cipher.AES SupportedModes", BLOCK_MODES128); - put("Cipher.AES SupportedPaddings", BLOCK_PADS); - put("Cipher.AES SupportedKeyFormats", "RAW"); + put("Cipher.AES", "com.sun.crypto.provider.AESCipher"); + put("Alg.Alias.Cipher.Rijndael", "AES"); + put("Cipher.AES SupportedModes", BLOCK_MODES128); + put("Cipher.AES SupportedPaddings", BLOCK_PADS); + put("Cipher.AES SupportedKeyFormats", "RAW"); - put("Cipher.AESWrap", "com.sun.crypto.provider.AESWrapCipher"); - put("Cipher.AESWrap SupportedModes", "ECB"); - put("Cipher.AESWrap SupportedPaddings", "NOPADDING"); - put("Cipher.AESWrap SupportedKeyFormats", "RAW"); + put("Cipher.AESWrap", "com.sun.crypto.provider.AESWrapCipher"); + put("Cipher.AESWrap SupportedModes", "ECB"); + put("Cipher.AESWrap SupportedPaddings", "NOPADDING"); + put("Cipher.AESWrap SupportedKeyFormats", "RAW"); - put("Cipher.RC2", - "com.sun.crypto.provider.RC2Cipher"); - put("Cipher.RC2 SupportedModes", BLOCK_MODES); - put("Cipher.RC2 SupportedPaddings", BLOCK_PADS); - put("Cipher.RC2 SupportedKeyFormats", "RAW"); + put("Cipher.RC2", + "com.sun.crypto.provider.RC2Cipher"); + put("Cipher.RC2 SupportedModes", BLOCK_MODES); + put("Cipher.RC2 SupportedPaddings", BLOCK_PADS); + put("Cipher.RC2 SupportedKeyFormats", "RAW"); - put("Cipher.ARCFOUR", - "com.sun.crypto.provider.ARCFOURCipher"); - put("Alg.Alias.Cipher.RC4", "ARCFOUR"); - put("Cipher.ARCFOUR SupportedModes", "ECB"); - put("Cipher.ARCFOUR SupportedPaddings", "NOPADDING"); - put("Cipher.ARCFOUR SupportedKeyFormats", "RAW"); + put("Cipher.ARCFOUR", + "com.sun.crypto.provider.ARCFOURCipher"); + put("Alg.Alias.Cipher.RC4", "ARCFOUR"); + put("Cipher.ARCFOUR SupportedModes", "ECB"); + put("Cipher.ARCFOUR SupportedPaddings", "NOPADDING"); + put("Cipher.ARCFOUR SupportedKeyFormats", "RAW"); - /* - * Key(pair) Generator engines - */ - put("KeyGenerator.DES", - "com.sun.crypto.provider.DESKeyGenerator"); + /* + * Key(pair) Generator engines + */ + put("KeyGenerator.DES", + "com.sun.crypto.provider.DESKeyGenerator"); - put("KeyGenerator.DESede", - "com.sun.crypto.provider.DESedeKeyGenerator"); - put("Alg.Alias.KeyGenerator.TripleDES", "DESede"); + put("KeyGenerator.DESede", + "com.sun.crypto.provider.DESedeKeyGenerator"); + put("Alg.Alias.KeyGenerator.TripleDES", "DESede"); - put("KeyGenerator.Blowfish", - "com.sun.crypto.provider.BlowfishKeyGenerator"); + put("KeyGenerator.Blowfish", + "com.sun.crypto.provider.BlowfishKeyGenerator"); - put("KeyGenerator.AES", - "com.sun.crypto.provider.AESKeyGenerator"); - put("Alg.Alias.KeyGenerator.Rijndael", "AES"); + put("KeyGenerator.AES", + "com.sun.crypto.provider.AESKeyGenerator"); + put("Alg.Alias.KeyGenerator.Rijndael", "AES"); - put("KeyGenerator.RC2", - "com.sun.crypto.provider.KeyGeneratorCore$" + - "RC2KeyGenerator"); - put("KeyGenerator.ARCFOUR", - "com.sun.crypto.provider.KeyGeneratorCore$" + - "ARCFOURKeyGenerator"); - put("Alg.Alias.KeyGenerator.RC4", "ARCFOUR"); + put("KeyGenerator.RC2", + "com.sun.crypto.provider.KeyGeneratorCore$" + + "RC2KeyGenerator"); + put("KeyGenerator.ARCFOUR", + "com.sun.crypto.provider.KeyGeneratorCore$" + + "ARCFOURKeyGenerator"); + put("Alg.Alias.KeyGenerator.RC4", "ARCFOUR"); - put("KeyGenerator.HmacMD5", - "com.sun.crypto.provider.HmacMD5KeyGenerator"); + put("KeyGenerator.HmacMD5", + "com.sun.crypto.provider.HmacMD5KeyGenerator"); - put("KeyGenerator.HmacSHA1", - "com.sun.crypto.provider.HmacSHA1KeyGenerator"); + put("KeyGenerator.HmacSHA1", + "com.sun.crypto.provider.HmacSHA1KeyGenerator"); - put("KeyGenerator.HmacSHA256", - "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA256KG"); - put("KeyGenerator.HmacSHA384", - "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA384KG"); - put("KeyGenerator.HmacSHA512", - "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA512KG"); + put("KeyGenerator.HmacSHA256", + "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA256KG"); + put("KeyGenerator.HmacSHA384", + "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA384KG"); + put("KeyGenerator.HmacSHA512", + "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA512KG"); - put("KeyPairGenerator.DiffieHellman", - "com.sun.crypto.provider.DHKeyPairGenerator"); - put("Alg.Alias.KeyPairGenerator.DH", "DiffieHellman"); - put("Alg.Alias.KeyPairGenerator.OID."+OID_PKCS3, - "DiffieHellman"); - put("Alg.Alias.KeyPairGenerator."+OID_PKCS3, - "DiffieHellman"); - /* - * Algorithm parameter generation engines - */ - put("AlgorithmParameterGenerator.DiffieHellman", - "com.sun.crypto.provider.DHParameterGenerator"); - put("Alg.Alias.AlgorithmParameterGenerator.DH", - "DiffieHellman"); - put("Alg.Alias.AlgorithmParameterGenerator.OID."+OID_PKCS3, - "DiffieHellman"); - put("Alg.Alias.AlgorithmParameterGenerator."+OID_PKCS3, - "DiffieHellman"); + put("KeyPairGenerator.DiffieHellman", + "com.sun.crypto.provider.DHKeyPairGenerator"); + put("Alg.Alias.KeyPairGenerator.DH", "DiffieHellman"); + put("Alg.Alias.KeyPairGenerator.OID."+OID_PKCS3, + "DiffieHellman"); + put("Alg.Alias.KeyPairGenerator."+OID_PKCS3, + "DiffieHellman"); + /* + * Algorithm parameter generation engines + */ + put("AlgorithmParameterGenerator.DiffieHellman", + "com.sun.crypto.provider.DHParameterGenerator"); + put("Alg.Alias.AlgorithmParameterGenerator.DH", + "DiffieHellman"); + put("Alg.Alias.AlgorithmParameterGenerator.OID."+OID_PKCS3, + "DiffieHellman"); + put("Alg.Alias.AlgorithmParameterGenerator."+OID_PKCS3, + "DiffieHellman"); - /* - * Key Agreement engines - */ - put("KeyAgreement.DiffieHellman", - "com.sun.crypto.provider.DHKeyAgreement"); - put("Alg.Alias.KeyAgreement.DH", "DiffieHellman"); - put("Alg.Alias.KeyAgreement.OID."+OID_PKCS3, "DiffieHellman"); - put("Alg.Alias.KeyAgreement."+OID_PKCS3, "DiffieHellman"); + /* + * Key Agreement engines + */ + put("KeyAgreement.DiffieHellman", + "com.sun.crypto.provider.DHKeyAgreement"); + put("Alg.Alias.KeyAgreement.DH", "DiffieHellman"); + put("Alg.Alias.KeyAgreement.OID."+OID_PKCS3, "DiffieHellman"); + put("Alg.Alias.KeyAgreement."+OID_PKCS3, "DiffieHellman"); - put("KeyAgreement.DiffieHellman SupportedKeyClasses", - "javax.crypto.interfaces.DHPublicKey" + - "|javax.crypto.interfaces.DHPrivateKey"); + put("KeyAgreement.DiffieHellman SupportedKeyClasses", + "javax.crypto.interfaces.DHPublicKey" + + "|javax.crypto.interfaces.DHPrivateKey"); - /* - * Algorithm Parameter engines - */ - put("AlgorithmParameters.DiffieHellman", - "com.sun.crypto.provider.DHParameters"); - put("Alg.Alias.AlgorithmParameters.DH", "DiffieHellman"); - put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS3, - "DiffieHellman"); - put("Alg.Alias.AlgorithmParameters."+OID_PKCS3, - "DiffieHellman"); + /* + * Algorithm Parameter engines + */ + put("AlgorithmParameters.DiffieHellman", + "com.sun.crypto.provider.DHParameters"); + put("Alg.Alias.AlgorithmParameters.DH", "DiffieHellman"); + put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS3, + "DiffieHellman"); + put("Alg.Alias.AlgorithmParameters."+OID_PKCS3, + "DiffieHellman"); - put("AlgorithmParameters.DES", - "com.sun.crypto.provider.DESParameters"); + put("AlgorithmParameters.DES", + "com.sun.crypto.provider.DESParameters"); - put("AlgorithmParameters.DESede", - "com.sun.crypto.provider.DESedeParameters"); - put("Alg.Alias.AlgorithmParameters.TripleDES", "DESede"); + put("AlgorithmParameters.DESede", + "com.sun.crypto.provider.DESedeParameters"); + put("Alg.Alias.AlgorithmParameters.TripleDES", "DESede"); - put("AlgorithmParameters.PBE", - "com.sun.crypto.provider.PBEParameters"); + put("AlgorithmParameters.PBE", + "com.sun.crypto.provider.PBEParameters"); - put("AlgorithmParameters.PBEWithMD5AndDES", - "com.sun.crypto.provider.PBEParameters"); - put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS5_MD5_DES, - "PBEWithMD5AndDES"); - put("Alg.Alias.AlgorithmParameters."+OID_PKCS5_MD5_DES, - "PBEWithMD5AndDES"); + put("AlgorithmParameters.PBEWithMD5AndDES", + "com.sun.crypto.provider.PBEParameters"); + put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS5_MD5_DES, + "PBEWithMD5AndDES"); + put("Alg.Alias.AlgorithmParameters."+OID_PKCS5_MD5_DES, + "PBEWithMD5AndDES"); - put("AlgorithmParameters.PBEWithMD5AndTripleDES", - "com.sun.crypto.provider.PBEParameters"); + put("AlgorithmParameters.PBEWithMD5AndTripleDES", + "com.sun.crypto.provider.PBEParameters"); - put("AlgorithmParameters.PBEWithSHA1AndDESede", - "com.sun.crypto.provider.PBEParameters"); - put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS12_DESede, - "PBEWithSHA1AndDESede"); - put("Alg.Alias.AlgorithmParameters."+OID_PKCS12_DESede, - "PBEWithSHA1AndDESede"); + put("AlgorithmParameters.PBEWithSHA1AndDESede", + "com.sun.crypto.provider.PBEParameters"); + put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS12_DESede, + "PBEWithSHA1AndDESede"); + put("Alg.Alias.AlgorithmParameters."+OID_PKCS12_DESede, + "PBEWithSHA1AndDESede"); - put("AlgorithmParameters.PBEWithSHA1AndRC2_40", - "com.sun.crypto.provider.PBEParameters"); - put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS12_RC2_40, - "PBEWithSHA1AndRC2_40"); - put("Alg.Alias.AlgorithmParameters." + OID_PKCS12_RC2_40, - "PBEWithSHA1AndRC2_40"); + put("AlgorithmParameters.PBEWithSHA1AndRC2_40", + "com.sun.crypto.provider.PBEParameters"); + put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS12_RC2_40, + "PBEWithSHA1AndRC2_40"); + put("Alg.Alias.AlgorithmParameters." + OID_PKCS12_RC2_40, + "PBEWithSHA1AndRC2_40"); - put("AlgorithmParameters.Blowfish", - "com.sun.crypto.provider.BlowfishParameters"); + put("AlgorithmParameters.Blowfish", + "com.sun.crypto.provider.BlowfishParameters"); - put("AlgorithmParameters.AES", - "com.sun.crypto.provider.AESParameters"); - put("Alg.Alias.AlgorithmParameters.Rijndael", "AES"); + put("AlgorithmParameters.AES", + "com.sun.crypto.provider.AESParameters"); + put("Alg.Alias.AlgorithmParameters.Rijndael", "AES"); - put("AlgorithmParameters.RC2", - "com.sun.crypto.provider.RC2Parameters"); + put("AlgorithmParameters.RC2", + "com.sun.crypto.provider.RC2Parameters"); - put("AlgorithmParameters.OAEP", - "com.sun.crypto.provider.OAEPParameters"); + put("AlgorithmParameters.OAEP", + "com.sun.crypto.provider.OAEPParameters"); - /* - * Key factories - */ - put("KeyFactory.DiffieHellman", - "com.sun.crypto.provider.DHKeyFactory"); - put("Alg.Alias.KeyFactory.DH", "DiffieHellman"); - put("Alg.Alias.KeyFactory.OID."+OID_PKCS3, - "DiffieHellman"); - put("Alg.Alias.KeyFactory."+OID_PKCS3, "DiffieHellman"); - /* - * Secret-key factories - */ - put("SecretKeyFactory.DES", - "com.sun.crypto.provider.DESKeyFactory"); + /* + * Key factories + */ + put("KeyFactory.DiffieHellman", + "com.sun.crypto.provider.DHKeyFactory"); + put("Alg.Alias.KeyFactory.DH", "DiffieHellman"); + put("Alg.Alias.KeyFactory.OID."+OID_PKCS3, + "DiffieHellman"); + put("Alg.Alias.KeyFactory."+OID_PKCS3, "DiffieHellman"); + /* + * Secret-key factories + */ + put("SecretKeyFactory.DES", + "com.sun.crypto.provider.DESKeyFactory"); - put("SecretKeyFactory.DESede", - "com.sun.crypto.provider.DESedeKeyFactory"); - put("Alg.Alias.SecretKeyFactory.TripleDES", "DESede"); + put("SecretKeyFactory.DESede", + "com.sun.crypto.provider.DESedeKeyFactory"); + put("Alg.Alias.SecretKeyFactory.TripleDES", "DESede"); - put("SecretKeyFactory.PBEWithMD5AndDES", - "com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndDES" - ); - put("Alg.Alias.SecretKeyFactory.OID."+OID_PKCS5_MD5_DES, - "PBEWithMD5AndDES"); - put("Alg.Alias.SecretKeyFactory."+OID_PKCS5_MD5_DES, - "PBEWithMD5AndDES"); + put("SecretKeyFactory.PBEWithMD5AndDES", + "com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndDES" + ); + put("Alg.Alias.SecretKeyFactory.OID."+OID_PKCS5_MD5_DES, + "PBEWithMD5AndDES"); + put("Alg.Alias.SecretKeyFactory."+OID_PKCS5_MD5_DES, + "PBEWithMD5AndDES"); - put("Alg.Alias.SecretKeyFactory.PBE", - "PBEWithMD5AndDES"); + put("Alg.Alias.SecretKeyFactory.PBE", + "PBEWithMD5AndDES"); - /* - * Internal in-house crypto algorithm used for - * the JCEKS keystore type. Since this was developed - * internally, there isn't an OID corresponding to this - * algorithm. - */ - put("SecretKeyFactory.PBEWithMD5AndTripleDES", - "com.sun.crypto.provider.PBEKeyFactory$" + - "PBEWithMD5AndTripleDES" - ); + /* + * Internal in-house crypto algorithm used for + * the JCEKS keystore type. Since this was developed + * internally, there isn't an OID corresponding to this + * algorithm. + */ + put("SecretKeyFactory.PBEWithMD5AndTripleDES", + "com.sun.crypto.provider.PBEKeyFactory$" + + "PBEWithMD5AndTripleDES" + ); - put("SecretKeyFactory.PBEWithSHA1AndDESede", - "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndDESede" - ); - put("Alg.Alias.SecretKeyFactory.OID."+OID_PKCS12_DESede, - "PBEWithSHA1AndDESede"); - put("Alg.Alias.SecretKeyFactory." + OID_PKCS12_DESede, - "PBEWithSHA1AndDESede"); + put("SecretKeyFactory.PBEWithSHA1AndDESede", + "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndDESede" + ); + put("Alg.Alias.SecretKeyFactory.OID."+OID_PKCS12_DESede, + "PBEWithSHA1AndDESede"); + put("Alg.Alias.SecretKeyFactory." + OID_PKCS12_DESede, + "PBEWithSHA1AndDESede"); - put("SecretKeyFactory.PBEWithSHA1AndRC2_40", - "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_40" - ); - put("Alg.Alias.SecretKeyFactory.OID." + OID_PKCS12_RC2_40, - "PBEWithSHA1AndRC2_40"); - put("Alg.Alias.SecretKeyFactory." + OID_PKCS12_RC2_40, - "PBEWithSHA1AndRC2_40"); + put("SecretKeyFactory.PBEWithSHA1AndRC2_40", + "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_40" + ); + put("Alg.Alias.SecretKeyFactory.OID." + OID_PKCS12_RC2_40, + "PBEWithSHA1AndRC2_40"); + put("Alg.Alias.SecretKeyFactory." + OID_PKCS12_RC2_40, + "PBEWithSHA1AndRC2_40"); - put("SecretKeyFactory.PBKDF2WithHmacSHA1", - "com.sun.crypto.provider.PBKDF2HmacSHA1Factory"); - put("Alg.Alias.SecretKeyFactory.OID." + OID_PKCS5_PBKDF2, - "PBKDF2WithHmacSHA1"); - put("Alg.Alias.SecretKeyFactory." + OID_PKCS5_PBKDF2, - "PBKDF2WithHmacSHA1"); + put("SecretKeyFactory.PBKDF2WithHmacSHA1", + "com.sun.crypto.provider.PBKDF2HmacSHA1Factory"); + put("Alg.Alias.SecretKeyFactory.OID." + OID_PKCS5_PBKDF2, + "PBKDF2WithHmacSHA1"); + put("Alg.Alias.SecretKeyFactory." + OID_PKCS5_PBKDF2, + "PBKDF2WithHmacSHA1"); - /* - * MAC - */ - put("Mac.HmacMD5", "com.sun.crypto.provider.HmacMD5"); - put("Mac.HmacSHA1", "com.sun.crypto.provider.HmacSHA1"); - put("Mac.HmacSHA256", - "com.sun.crypto.provider.HmacCore$HmacSHA256"); - put("Mac.HmacSHA384", - "com.sun.crypto.provider.HmacCore$HmacSHA384"); - put("Mac.HmacSHA512", - "com.sun.crypto.provider.HmacCore$HmacSHA512"); - put("Mac.HmacPBESHA1", - "com.sun.crypto.provider.HmacPKCS12PBESHA1"); + /* + * MAC + */ + put("Mac.HmacMD5", "com.sun.crypto.provider.HmacMD5"); + put("Mac.HmacSHA1", "com.sun.crypto.provider.HmacSHA1"); + put("Mac.HmacSHA256", + "com.sun.crypto.provider.HmacCore$HmacSHA256"); + put("Mac.HmacSHA384", + "com.sun.crypto.provider.HmacCore$HmacSHA384"); + put("Mac.HmacSHA512", + "com.sun.crypto.provider.HmacCore$HmacSHA512"); + put("Mac.HmacPBESHA1", + "com.sun.crypto.provider.HmacPKCS12PBESHA1"); - put("Mac.SslMacMD5", - "com.sun.crypto.provider.SslMacCore$SslMacMD5"); - put("Mac.SslMacSHA1", - "com.sun.crypto.provider.SslMacCore$SslMacSHA1"); + put("Mac.SslMacMD5", + "com.sun.crypto.provider.SslMacCore$SslMacMD5"); + put("Mac.SslMacSHA1", + "com.sun.crypto.provider.SslMacCore$SslMacSHA1"); - put("Mac.HmacMD5 SupportedKeyFormats", "RAW"); - put("Mac.HmacSHA1 SupportedKeyFormats", "RAW"); - put("Mac.HmacSHA256 SupportedKeyFormats", "RAW"); - put("Mac.HmacSHA384 SupportedKeyFormats", "RAW"); - put("Mac.HmacSHA512 SupportedKeyFormats", "RAW"); - put("Mac.HmacPBESHA1 SupportedKeyFormats", "RAW"); - put("Mac.SslMacMD5 SupportedKeyFormats", "RAW"); - put("Mac.SslMacSHA1 SupportedKeyFormats", "RAW"); + put("Mac.HmacMD5 SupportedKeyFormats", "RAW"); + put("Mac.HmacSHA1 SupportedKeyFormats", "RAW"); + put("Mac.HmacSHA256 SupportedKeyFormats", "RAW"); + put("Mac.HmacSHA384 SupportedKeyFormats", "RAW"); + put("Mac.HmacSHA512 SupportedKeyFormats", "RAW"); + put("Mac.HmacPBESHA1 SupportedKeyFormats", "RAW"); + put("Mac.SslMacMD5 SupportedKeyFormats", "RAW"); + put("Mac.SslMacSHA1 SupportedKeyFormats", "RAW"); - /* - * KeyStore - */ - put("KeyStore.JCEKS", "com.sun.crypto.provider.JceKeyStore"); + /* + * KeyStore + */ + put("KeyStore.JCEKS", "com.sun.crypto.provider.JceKeyStore"); - /* - * SSL/TLS mechanisms - * - * These are strictly internal implementations and may - * be changed at any time. These names were chosen - * because PKCS11/SunPKCS11 does not yet have TLS1.2 - * mechanisms, and it will cause calls to come here. - */ - put("KeyGenerator.SunTlsPrf", - "com.sun.crypto.provider.TlsPrfGenerator$V10"); - put("KeyGenerator.SunTls12Prf", - "com.sun.crypto.provider.TlsPrfGenerator$V12"); + /* + * SSL/TLS mechanisms + * + * These are strictly internal implementations and may + * be changed at any time. These names were chosen + * because PKCS11/SunPKCS11 does not yet have TLS1.2 + * mechanisms, and it will cause calls to come here. + */ + put("KeyGenerator.SunTlsPrf", + "com.sun.crypto.provider.TlsPrfGenerator$V10"); + put("KeyGenerator.SunTls12Prf", + "com.sun.crypto.provider.TlsPrfGenerator$V12"); - put("KeyGenerator.SunTlsMasterSecret", - "com.sun.crypto.provider.TlsMasterSecretGenerator"); - put("Alg.Alias.KeyGenerator.SunTls12MasterSecret", - "SunTlsMasterSecret"); + put("KeyGenerator.SunTlsMasterSecret", + "com.sun.crypto.provider.TlsMasterSecretGenerator"); + put("Alg.Alias.KeyGenerator.SunTls12MasterSecret", + "SunTlsMasterSecret"); - put("KeyGenerator.SunTlsKeyMaterial", - "com.sun.crypto.provider.TlsKeyMaterialGenerator"); - put("Alg.Alias.KeyGenerator.SunTls12KeyMaterial", - "SunTlsKeyMaterial"); + put("KeyGenerator.SunTlsKeyMaterial", + "com.sun.crypto.provider.TlsKeyMaterialGenerator"); + put("Alg.Alias.KeyGenerator.SunTls12KeyMaterial", + "SunTlsKeyMaterial"); - put("KeyGenerator.SunTlsRsaPremasterSecret", - "com.sun.crypto.provider.TlsRsaPremasterSecretGenerator"); - put("Alg.Alias.KeyGenerator.SunTls12RsaPremasterSecret", - "SunTlsRsaPremasterSecret"); + put("KeyGenerator.SunTlsRsaPremasterSecret", + "com.sun.crypto.provider.TlsRsaPremasterSecretGenerator"); + put("Alg.Alias.KeyGenerator.SunTls12RsaPremasterSecret", + "SunTlsRsaPremasterSecret"); - return null; - } - }); + return null; + } + }); } } diff --git a/jdk/src/share/classes/com/sun/crypto/provider/TlsKeyMaterialGenerator.java b/jdk/src/share/classes/com/sun/crypto/provider/TlsKeyMaterialGenerator.java index 8e4f6a15d8e..4146f190875 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/TlsKeyMaterialGenerator.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/TlsKeyMaterialGenerator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -31,7 +31,6 @@ import java.security.spec.AlgorithmParameterSpec; import javax.crypto.*; import javax.crypto.spec.*; -import sun.security.internal.interfaces.TlsMasterSecret; import sun.security.internal.spec.*; import static com.sun.crypto.provider.TlsPrfGenerator.*; diff --git a/jdk/src/share/classes/com/sun/crypto/provider/TlsMasterSecretGenerator.java b/jdk/src/share/classes/com/sun/crypto/provider/TlsMasterSecretGenerator.java index 1d5e97aefbf..0efa0aef9bf 100644 --- a/jdk/src/share/classes/com/sun/crypto/provider/TlsMasterSecretGenerator.java +++ b/jdk/src/share/classes/com/sun/crypto/provider/TlsMasterSecretGenerator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -140,6 +140,7 @@ public final class TlsMasterSecretGenerator extends KeyGeneratorSpi { } private static final class TlsMasterSecretKey implements TlsMasterSecret { + private static final long serialVersionUID = 1019571680375368880L; private byte[] key; private final int majorVersion, minorVersion; diff --git a/jdk/src/share/classes/com/sun/security/auth/PolicyFile.java b/jdk/src/share/classes/com/sun/security/auth/PolicyFile.java index 7646c2623ac..43a0fc1fa59 100644 --- a/jdk/src/share/classes/com/sun/security/auth/PolicyFile.java +++ b/jdk/src/share/classes/com/sun/security/auth/PolicyFile.java @@ -26,13 +26,10 @@ package com.sun.security.auth; import java.io.*; -import java.lang.RuntimePermission; import java.lang.reflect.*; -import java.net.MalformedURLException; import java.net.URL; import java.util.*; -import java.security.AccessController; import java.security.CodeSource; import java.security.KeyStore; import java.security.KeyStoreException; @@ -260,7 +257,7 @@ public class PolicyFile extends javax.security.auth.Policy { private static final String AUTH_POLICY_URL = "auth.policy.url."; private Vector policyEntries; - private Hashtable aliasMapping; + private Hashtable aliasMapping; private boolean initialized = false; @@ -293,7 +290,7 @@ public class PolicyFile extends javax.security.auth.Policy { return; policyEntries = new Vector(); - aliasMapping = new Hashtable(11); + aliasMapping = new Hashtable(11); initPolicyFile(); initialized = true; @@ -403,7 +400,7 @@ public class PolicyFile extends javax.security.auth.Policy { } try { extra_policy = PropertyExpander.expand(extra_policy); - URL policyURL;; + URL policyURL; File policyFile = new File(extra_policy); if (policyFile.exists()) { policyURL = @@ -702,8 +699,8 @@ public class PolicyFile extends javax.security.auth.Policy { InvocationTargetException { //XXX we might want to keep a hash of created factories... - Class pc = Class.forName(type); - Constructor c = pc.getConstructor(PARAMS); + Class pc = Class.forName(type); + Constructor c = pc.getConstructor(PARAMS); return (Permission) c.newInstance(new Object[] { name, actions }); } @@ -1088,16 +1085,20 @@ public class PolicyFile extends javax.security.auth.Policy { // because the earlier CodeSource.implies succeeded SubjectCodeSource scs = (SubjectCodeSource)accCs; - Set principalSet = null; + Set principalSet = null; try { - Class pClass = Class.forName(principal.principalClass, false, - ClassLoader.getSystemClassLoader()); + // principal.principalClass should extend Principal + // If it doesn't, we should stop here with a ClassCastException. + @SuppressWarnings("unchecked") + Class pClass = (Class) + Class.forName(principal.principalClass, false, + ClassLoader.getSystemClassLoader()); principalSet = scs.getSubject().getPrincipals(pClass); } catch (Exception e) { if (debug != null) { debug.println("problem finding Principal Class " + - "when expanding SELF permission: " + - e.toString()); + "when expanding SELF permission: " + + e.toString()); } } @@ -1107,11 +1108,9 @@ public class PolicyFile extends javax.security.auth.Policy { } String[][] info = new String[principalSet.size()][2]; - java.util.Iterator pIterator = principalSet.iterator(); int i = 0; - while (pIterator.hasNext()) { - Principal p = pIterator.next(); + for (Principal p : principalSet) { info[i][0] = p.getClass().getName(); info[i][1] = p.getName(); i++; diff --git a/jdk/src/share/classes/com/sun/security/auth/SubjectCodeSource.java b/jdk/src/share/classes/com/sun/security/auth/SubjectCodeSource.java index d149aacbad7..35d3bf1c410 100644 --- a/jdk/src/share/classes/com/sun/security/auth/SubjectCodeSource.java +++ b/jdk/src/share/classes/com/sun/security/auth/SubjectCodeSource.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -205,10 +205,9 @@ class SubjectCodeSource extends CodeSource implements java.io.Serializable { // handle PrincipalComparators - Class principalComparator = Class.forName(pppe.principalClass, - true, - sysClassLoader); - Constructor c = principalComparator.getConstructor(PARAMS); + Class principalComparator = Class.forName( + pppe.principalClass, true, sysClassLoader); + Constructor c = principalComparator.getConstructor(PARAMS); PrincipalComparator pc = (PrincipalComparator)c.newInstance (new Object[] { pppe.principalName }); diff --git a/jdk/src/share/classes/com/sun/security/auth/module/JndiLoginModule.java b/jdk/src/share/classes/com/sun/security/auth/module/JndiLoginModule.java index a19428ec0b6..cb68cfc2a3f 100644 --- a/jdk/src/share/classes/com/sun/security/auth/module/JndiLoginModule.java +++ b/jdk/src/share/classes/com/sun/security/auth/module/JndiLoginModule.java @@ -32,16 +32,13 @@ import javax.security.auth.spi.*; import javax.naming.*; import javax.naming.directory.*; -import java.io.IOException; import java.util.Map; import java.util.LinkedList; -import java.util.ResourceBundle; import com.sun.security.auth.UnixPrincipal; import com.sun.security.auth.UnixNumericUserPrincipal; import com.sun.security.auth.UnixNumericGroupPrincipal; -import sun.security.util.AuthResources; /** *

The module prompts for a username and password @@ -189,7 +186,7 @@ public class JndiLoginModule implements LoginModule { // initial state private Subject subject; private CallbackHandler callbackHandler; - private Map sharedState; + private Map sharedState; private Map options; private static final String CRYPT = "{crypt}"; @@ -217,13 +214,18 @@ public class JndiLoginModule implements LoginModule { * Configuration for this particular * LoginModule. */ + // Unchecked warning from (Map)sharedState is safe + // since javax.security.auth.login.LoginContext passes a raw HashMap. + // Unchecked warnings from options.get(String) are safe since we are + // passing known keys. + @SuppressWarnings("unchecked") public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { this.subject = subject; this.callbackHandler = callbackHandler; - this.sharedState = sharedState; + this.sharedState = (Map)sharedState; this.options = options; // initialize any configured options diff --git a/jdk/src/share/classes/com/sun/security/auth/module/KeyStoreLoginModule.java b/jdk/src/share/classes/com/sun/security/auth/module/KeyStoreLoginModule.java index ad182331ccd..e5d88cf8e1f 100644 --- a/jdk/src/share/classes/com/sun/security/auth/module/KeyStoreLoginModule.java +++ b/jdk/src/share/classes/com/sun/security/auth/module/KeyStoreLoginModule.java @@ -25,11 +25,9 @@ package com.sun.security.auth.module; -import javax.security.auth.x500.X500Principal; import java.io.File; import java.io.IOException; import java.io.InputStream; -import java.io.PushbackInputStream; import java.net.MalformedURLException; import java.net.URL; import java.security.AuthProvider; @@ -39,7 +37,6 @@ import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; -import java.security.Principal; import java.security.PrivateKey; import java.security.Provider; import java.security.UnrecoverableKeyException; @@ -49,13 +46,10 @@ import java.util.Arrays; import java.util.Iterator; import java.util.LinkedList; import java.util.Map; -import java.util.ResourceBundle; import javax.security.auth.Destroyable; import javax.security.auth.DestroyFailedException; import javax.security.auth.Subject; import javax.security.auth.x500.*; -import javax.security.auth.Subject; -import javax.security.auth.x500.*; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.ConfirmationCallback; @@ -67,7 +61,6 @@ import javax.security.auth.login.FailedLoginException; import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; -import sun.security.util.AuthResources; import sun.security.util.Password; /** @@ -159,7 +152,7 @@ public class KeyStoreLoginModule implements LoginModule { private Subject subject; private CallbackHandler callbackHandler; - private Map sharedState; + private Map sharedState; private Map options; private char[] keyStorePassword; @@ -202,7 +195,9 @@ public class KeyStoreLoginModule implements LoginModule { * Configuration for this particular * LoginModule. */ - + // Unchecked warning from (Map)sharedState is safe + // since javax.security.auth.login.LoginContext passes a raw HashMap. + @SuppressWarnings("unchecked") public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, @@ -210,7 +205,7 @@ public class KeyStoreLoginModule implements LoginModule { { this.subject = subject; this.callbackHandler = callbackHandler; - this.sharedState = sharedState; + this.sharedState = (Map)sharedState; this.options = options; processOptions(); @@ -337,6 +332,7 @@ public class KeyStoreLoginModule implements LoginModule { } /** Get the alias and passwords to use for looking up in the KeyStore. */ + @SuppressWarnings("fallthrough") private void getAliasAndPasswords(int env) throws LoginException { if (callbackHandler == null) { diff --git a/jdk/src/share/classes/com/sun/security/auth/module/Krb5LoginModule.java b/jdk/src/share/classes/com/sun/security/auth/module/Krb5LoginModule.java index 5da153d72ea..5c2580cb210 100644 --- a/jdk/src/share/classes/com/sun/security/auth/module/Krb5LoginModule.java +++ b/jdk/src/share/classes/com/sun/security/auth/module/Krb5LoginModule.java @@ -367,7 +367,7 @@ public class Krb5LoginModule implements LoginModule { // initial state private Subject subject; private CallbackHandler callbackHandler; - private Map sharedState; + private Map sharedState; private Map options; // configurable option @@ -432,7 +432,11 @@ public class Krb5LoginModule implements LoginModule { * Configuration for this particular * LoginModule. */ - + // Unchecked warning from (Map)sharedState is safe + // since javax.security.auth.login.LoginContext passes a raw HashMap. + // Unchecked warnings from options.get(String) are safe since we are + // passing known keys. + @SuppressWarnings("unchecked") public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, @@ -440,7 +444,7 @@ public class Krb5LoginModule implements LoginModule { this.subject = subject; this.callbackHandler = callbackHandler; - this.sharedState = sharedState; + this.sharedState = (Map)sharedState; this.options = options; // initialize any configured options diff --git a/jdk/src/share/classes/com/sun/security/auth/module/LdapLoginModule.java b/jdk/src/share/classes/com/sun/security/auth/module/LdapLoginModule.java index dbea72c5b93..10fa6b640d8 100644 --- a/jdk/src/share/classes/com/sun/security/auth/module/LdapLoginModule.java +++ b/jdk/src/share/classes/com/sun/security/auth/module/LdapLoginModule.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,14 +25,12 @@ package com.sun.security.auth.module; -import java.io.IOException; import java.security.AccessController; import java.net.SocketPermission; import java.security.Principal; import java.security.PrivilegedAction; import java.util.Arrays; import java.util.Hashtable; -import java.util.Iterator; import java.util.Map; import java.util.ResourceBundle; import java.util.regex.Matcher; @@ -50,7 +48,6 @@ import javax.security.auth.spi.*; import com.sun.security.auth.LdapPrincipal; import com.sun.security.auth.UserPrincipal; -import sun.security.util.AuthResources; /** * This {@link LoginModule} performs LDAP-based authentication. @@ -366,12 +363,12 @@ public class LdapLoginModule implements LoginModule { // Initial state private Subject subject; private CallbackHandler callbackHandler; - private Map sharedState; + private Map sharedState; private Map options; private LdapContext ctx; private Matcher identityMatcher = null; private Matcher filterMatcher = null; - private Hashtable ldapEnvironment; + private Hashtable ldapEnvironment; private SearchControls constraints = null; /** @@ -385,15 +382,18 @@ public class LdapLoginModule implements LoginModule { * Configuration for this particular * LoginModule. */ + // Unchecked warning from (Map)sharedState is safe + // since javax.security.auth.login.LoginContext passes a raw HashMap. + @SuppressWarnings("unchecked") public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { this.subject = subject; this.callbackHandler = callbackHandler; - this.sharedState = sharedState; + this.sharedState = (Map)sharedState; this.options = options; - ldapEnvironment = new Hashtable(9); + ldapEnvironment = new Hashtable(9); ldapEnvironment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); diff --git a/jdk/src/share/classes/com/sun/security/jgss/InquireSecContextPermission.java b/jdk/src/share/classes/com/sun/security/jgss/InquireSecContextPermission.java index e56ff74e068..e07072d5b9c 100644 --- a/jdk/src/share/classes/com/sun/security/jgss/InquireSecContextPermission.java +++ b/jdk/src/share/classes/com/sun/security/jgss/InquireSecContextPermission.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -36,6 +36,7 @@ import java.security.BasicPermission; *

The target name is the {@link InquireType} allowed. */ public final class InquireSecContextPermission extends BasicPermission { + private static final long serialVersionUID = -7131173349668647297L; /** * Constructs a new {@code InquireSecContextPermission} object with diff --git a/jdk/src/share/classes/com/sun/security/ntlm/NTLMException.java b/jdk/src/share/classes/com/sun/security/ntlm/NTLMException.java index 273825de8b7..279fd262388 100644 --- a/jdk/src/share/classes/com/sun/security/ntlm/NTLMException.java +++ b/jdk/src/share/classes/com/sun/security/ntlm/NTLMException.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -31,6 +31,7 @@ import java.security.GeneralSecurityException; * An NTLM-related Exception */ public final class NTLMException extends GeneralSecurityException { + private static final long serialVersionUID = -3298539507906689430L; /** * If the incoming packet is invalid. diff --git a/jdk/src/share/classes/com/sun/security/sasl/CramMD5Server.java b/jdk/src/share/classes/com/sun/security/sasl/CramMD5Server.java index b7ea18d05ad..74bc7106dba 100644 --- a/jdk/src/share/classes/com/sun/security/sasl/CramMD5Server.java +++ b/jdk/src/share/classes/com/sun/security/sasl/CramMD5Server.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -33,7 +33,6 @@ import java.io.IOException; import java.io.UnsupportedEncodingException; import java.security.NoSuchAlgorithmException; -import java.util.logging.Logger; import java.util.logging.Level; /** @@ -68,7 +67,7 @@ final class CramMD5Server extends CramMD5Base implements SaslServer { * @param pw A non-null String or byte[] * containing the password. If it is an array, it is first cloned. */ - CramMD5Server(String protocol, String serverFqdn, Map props, + CramMD5Server(String protocol, String serverFqdn, Map props, CallbackHandler cbh) throws SaslException { if (serverFqdn == null) { throw new SaslException( diff --git a/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Base.java b/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Base.java index 049af0763d2..100c5f5a851 100644 --- a/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Base.java +++ b/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Base.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -28,21 +28,15 @@ package com.sun.security.sasl.digest; import java.util.Map; import java.util.Arrays; import java.util.List; -import java.util.Set; -import java.util.logging.Logger; import java.util.logging.Level; import java.math.BigInteger; import java.util.Random; -import java.security.Provider; -import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.UnsupportedEncodingException; import java.io.IOException; import java.security.MessageDigest; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.security.NoSuchAlgorithmException; import java.security.InvalidKeyException; import java.security.spec.KeySpec; @@ -53,7 +47,6 @@ import javax.crypto.Cipher; import javax.crypto.SecretKey; import javax.crypto.Mac; import javax.crypto.SecretKeyFactory; -import javax.crypto.BadPaddingException; import javax.crypto.NoSuchPaddingException; import javax.crypto.IllegalBlockSizeException; import javax.crypto.spec.IvParameterSpec; @@ -175,8 +168,9 @@ abstract class DigestMD5Base extends AbstractSaslImpl { * * @throws SaslException If invalid value found in props. */ - protected DigestMD5Base(Map props, String className, int firstStep, - String digestUri, CallbackHandler cbh) throws SaslException { + protected DigestMD5Base(Map props, String className, + int firstStep, String digestUri, CallbackHandler cbh) + throws SaslException { super(props, className); // sets QOP, STENGTH and BUFFER_SIZE step = firstStep; @@ -791,7 +785,7 @@ abstract class DigestMD5Base extends AbstractSaslImpl { } } else if (realmChoices != null && i == realmIndex) { // > 1 realm specified - if (realmChoices.size() == 0) { + if (realmChoices.isEmpty()) { realmChoices.add(valueTable[i]); // add existing one } realmChoices.add(value); // add new one @@ -1585,47 +1579,45 @@ abstract class DigestMD5Base extends AbstractSaslImpl { KeySpec spec = null; SecretKeyFactory desFactory = SecretKeyFactory.getInstance(desStrength); - - if (desStrength.equals("des")) { - spec = new DESKeySpec(subkey1, 0); - if (logger.isLoggable(Level.FINEST)) { - traceOutput(DP_CLASS_NAME, "makeDesKeys", - "DIGEST42:DES key input: ", input); - traceOutput(DP_CLASS_NAME, "makeDesKeys", - "DIGEST43:DES key parity-adjusted: ", subkey1); - traceOutput(DP_CLASS_NAME, "makeDesKeys", - "DIGEST44:DES key material: ", ((DESKeySpec)spec).getKey()); - logger.log(Level.FINEST, "DIGEST45: is parity-adjusted? {0}", - Boolean.valueOf(DESKeySpec.isParityAdjusted(subkey1, 0))); - } - - } else if (desStrength.equals("desede")) { - - // Generate second subkey using second 7 bytes - byte[] subkey2 = addDesParity(input, 7, 7); - - // Construct 24-byte encryption-decryption-encryption sequence - byte[] ede = new byte[subkey1.length*2+subkey2.length]; - System.arraycopy(subkey1, 0, ede, 0, subkey1.length); - System.arraycopy(subkey2, 0, ede, subkey1.length, subkey2.length); - System.arraycopy(subkey1, 0, ede, subkey1.length+subkey2.length, - subkey1.length); - - spec = new DESedeKeySpec(ede, 0); - if (logger.isLoggable(Level.FINEST)) { - traceOutput(DP_CLASS_NAME, "makeDesKeys", - "DIGEST46:3DES key input: ", input); - traceOutput(DP_CLASS_NAME, "makeDesKeys", - "DIGEST47:3DES key ede: ", ede); - traceOutput(DP_CLASS_NAME, "makeDesKeys", - "DIGEST48:3DES key material: ", - ((DESedeKeySpec)spec).getKey()); - logger.log(Level.FINEST, "DIGEST49: is parity-adjusted? ", - Boolean.valueOf(DESedeKeySpec.isParityAdjusted(ede, 0))); - } - } else { - throw new IllegalArgumentException("Invalid DES strength:" + - desStrength); + switch (desStrength) { + case "des": + spec = new DESKeySpec(subkey1, 0); + if (logger.isLoggable(Level.FINEST)) { + traceOutput(DP_CLASS_NAME, "makeDesKeys", + "DIGEST42:DES key input: ", input); + traceOutput(DP_CLASS_NAME, "makeDesKeys", + "DIGEST43:DES key parity-adjusted: ", subkey1); + traceOutput(DP_CLASS_NAME, "makeDesKeys", + "DIGEST44:DES key material: ", ((DESKeySpec)spec).getKey()); + logger.log(Level.FINEST, "DIGEST45: is parity-adjusted? {0}", + Boolean.valueOf(DESKeySpec.isParityAdjusted(subkey1, 0))); + } + break; + case "desede": + // Generate second subkey using second 7 bytes + byte[] subkey2 = addDesParity(input, 7, 7); + // Construct 24-byte encryption-decryption-encryption sequence + byte[] ede = new byte[subkey1.length*2+subkey2.length]; + System.arraycopy(subkey1, 0, ede, 0, subkey1.length); + System.arraycopy(subkey2, 0, ede, subkey1.length, subkey2.length); + System.arraycopy(subkey1, 0, ede, subkey1.length+subkey2.length, + subkey1.length); + spec = new DESedeKeySpec(ede, 0); + if (logger.isLoggable(Level.FINEST)) { + traceOutput(DP_CLASS_NAME, "makeDesKeys", + "DIGEST46:3DES key input: ", input); + traceOutput(DP_CLASS_NAME, "makeDesKeys", + "DIGEST47:3DES key ede: ", ede); + traceOutput(DP_CLASS_NAME, "makeDesKeys", + "DIGEST48:3DES key material: ", + ((DESedeKeySpec)spec).getKey()); + logger.log(Level.FINEST, "DIGEST49: is parity-adjusted? ", + Boolean.valueOf(DESedeKeySpec.isParityAdjusted(ede, 0))); + } + break; + default: + throw new IllegalArgumentException("Invalid DES strength:" + + desStrength); } return desFactory.generateSecret(spec); } diff --git a/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Client.java b/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Client.java index 3c28cd9846b..07072e3c898 100644 --- a/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Client.java +++ b/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Client.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,21 +25,16 @@ package com.sun.security.sasl.digest; -import java.security.AccessController; -import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.io.ByteArrayOutputStream; -import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.UnsupportedEncodingException; import java.util.StringTokenizer; import java.util.ArrayList; import java.util.List; import java.util.Map; -import java.util.Set; import java.util.Arrays; -import java.util.logging.Logger; import java.util.logging.Level; import javax.security.sasl.*; @@ -153,7 +148,7 @@ final class DigestMD5Client extends DigestMD5Base implements SaslClient { * @throws SaslException if no authentication ID or password is supplied */ DigestMD5Client(String authzid, String protocol, String serverName, - Map props, CallbackHandler cbh) throws SaslException { + Map props, CallbackHandler cbh) throws SaslException { super(props, MY_CLASS_NAME, 2, protocol + "/" + serverName, cbh); diff --git a/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Server.java b/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Server.java index 1b056b76585..a5b638d46de 100644 --- a/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Server.java +++ b/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Server.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,23 +25,16 @@ package com.sun.security.sasl.digest; -import java.security.AccessController; -import java.security.Provider; -import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.io.ByteArrayOutputStream; -import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.UnsupportedEncodingException; -import java.util.Random; import java.util.StringTokenizer; import java.util.ArrayList; import java.util.List; import java.util.Map; -import java.util.Set; import java.util.Arrays; -import java.util.logging.Logger; import java.util.logging.Level; import javax.security.sasl.*; @@ -147,7 +140,7 @@ final class DigestMD5Server extends DigestMD5Base implements SaslServer { private byte[] myCiphers; private List serverRealms; - DigestMD5Server(String protocol, String serverName, Map props, + DigestMD5Server(String protocol, String serverName, Map props, CallbackHandler cbh) throws SaslException { super(props, MY_CLASS_NAME, 1, protocol + "/" + serverName, cbh); @@ -179,7 +172,7 @@ final class DigestMD5Server extends DigestMD5Base implements SaslServer { encoding = (useUTF8 ? "UTF8" : "8859_1"); // By default, use server name as realm - if (serverRealms.size() == 0) { + if (serverRealms.isEmpty()) { serverRealms.add(serverName); } } @@ -468,19 +461,23 @@ final class DigestMD5Server extends DigestMD5Base implements SaslServer { // Check that QOP is one sent by server byte cQop; - if (negotiatedQop.equals("auth")) { - cQop = NO_PROTECTION; - } else if (negotiatedQop.equals("auth-int")) { - cQop = INTEGRITY_ONLY_PROTECTION; - integrity = true; - rawSendSize = sendMaxBufSize - 16; - } else if (negotiatedQop.equals("auth-conf")) { - cQop = PRIVACY_PROTECTION; - integrity = privacy = true; - rawSendSize = sendMaxBufSize - 26; - } else { - throw new SaslException("DIGEST-MD5: digest response format " + - "violation. Invalid QOP: " + negotiatedQop); + switch (negotiatedQop) { + case "auth": + cQop = NO_PROTECTION; + break; + case "auth-int": + cQop = INTEGRITY_ONLY_PROTECTION; + integrity = true; + rawSendSize = sendMaxBufSize - 16; + break; + case "auth-conf": + cQop = PRIVACY_PROTECTION; + integrity = privacy = true; + rawSendSize = sendMaxBufSize - 26; + break; + default: + throw new SaslException("DIGEST-MD5: digest response format " + + "violation. Invalid QOP: " + negotiatedQop); } if ((cQop&allQop) == 0) { throw new SaslException("DIGEST-MD5: server does not support " + diff --git a/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java b/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java index bdc20de3274..fc5d13c2a14 100644 --- a/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java +++ b/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,9 +26,7 @@ package com.sun.security.sasl.gsskerb; -import java.io.IOException; import java.util.Map; -import java.util.logging.Logger; import java.util.logging.Level; import javax.security.sasl.*; import com.sun.security.sasl.util.AbstractSaslImpl; @@ -50,7 +48,8 @@ abstract class GssKrb5Base extends AbstractSaslImpl { protected MessageProp msgProp; // QOP and privacy for unwrap protected static final int JGSS_QOP = 0; // unrelated to SASL QOP mask - protected GssKrb5Base(Map props, String className) throws SaslException { + protected GssKrb5Base(Map props, String className) + throws SaslException { super(props, className); } diff --git a/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Client.java b/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Client.java index d61a7ee5530..15c89e6d370 100644 --- a/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Client.java +++ b/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Client.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,7 +27,6 @@ package com.sun.security.sasl.gsskerb; import java.io.IOException; import java.util.Map; -import java.util.logging.Logger; import java.util.logging.Level; import javax.security.sasl.*; @@ -93,7 +92,7 @@ final class GssKrb5Client extends GssKrb5Base implements SaslClient { * with the server. */ GssKrb5Client(String authzID, String protocol, String serverName, - Map props, CallbackHandler cbh) throws SaslException { + Map props, CallbackHandler cbh) throws SaslException { super(props, MY_CLASS_NAME); diff --git a/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Server.java b/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Server.java index 9d46d2b6b89..523df788f15 100644 --- a/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Server.java +++ b/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Server.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -28,7 +28,6 @@ package com.sun.security.sasl.gsskerb; import javax.security.sasl.*; import java.io.*; import java.util.Map; -import java.util.logging.Logger; import java.util.logging.Level; // JAAS @@ -77,7 +76,7 @@ final class GssKrb5Server extends GssKrb5Base implements SaslServer { * with the client. */ GssKrb5Server(String protocol, String serverName, - Map props, CallbackHandler cbh) throws SaslException { + Map props, CallbackHandler cbh) throws SaslException { super(props, MY_CLASS_NAME); diff --git a/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMClient.java b/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMClient.java index e5746675874..f015f02aa8c 100644 --- a/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMClient.java +++ b/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMClient.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -111,7 +111,7 @@ final class NTLMClient implements SaslClient { * @throws SaslException */ NTLMClient(String mech, String authzid, String protocol, String serverName, - Map props, CallbackHandler cbh) throws SaslException { + Map props, CallbackHandler cbh) throws SaslException { this.mech = mech; String version = null; @@ -194,12 +194,13 @@ final class NTLMClient implements SaslClient { @Override public Object getNegotiatedProperty(String propName) { - if (propName.equals(Sasl.QOP)) { - return "auth"; - } else if (propName.equals(NTLM_DOMAIN)) { - return client.getDomain(); - } else { - return null; + switch (propName) { + case Sasl.QOP: + return "auth"; + case NTLM_DOMAIN: + return client.getDomain(); + default: + return null; } } diff --git a/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMServer.java b/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMServer.java index 7adbeb7d37e..1a76a77052d 100644 --- a/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMServer.java +++ b/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMServer.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -110,7 +110,8 @@ final class NTLMServer implements SaslServer { * @throws SaslException */ NTLMServer(String mech, String protocol, String serverName, - Map props, final CallbackHandler cbh) throws SaslException { + Map props, final CallbackHandler cbh) + throws SaslException { this.mech = mech; String version = null; @@ -210,12 +211,13 @@ final class NTLMServer implements SaslServer { @Override public Object getNegotiatedProperty(String propName) { - if (propName.equals(Sasl.QOP)) { - return "auth"; - } else if (propName.equals(NTLM_HOSTNAME)) { - return hostname; - } else { - return null; + switch (propName) { + case Sasl.QOP: + return "auth"; + case NTLM_HOSTNAME: + return hostname; + default: + return null; } } diff --git a/jdk/src/share/classes/com/sun/security/sasl/util/AbstractSaslImpl.java b/jdk/src/share/classes/com/sun/security/sasl/util/AbstractSaslImpl.java index 373aad67050..aa3e473e1ac 100644 --- a/jdk/src/share/classes/com/sun/security/sasl/util/AbstractSaslImpl.java +++ b/jdk/src/share/classes/com/sun/security/sasl/util/AbstractSaslImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,8 +29,6 @@ import javax.security.sasl.*; import java.io.*; import java.util.Map; import java.util.StringTokenizer; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.util.logging.Logger; import java.util.logging.Level; @@ -63,7 +61,8 @@ public abstract class AbstractSaslImpl { protected String myClassName; - protected AbstractSaslImpl(Map props, String className) throws SaslException { + protected AbstractSaslImpl(Map props, String className) + throws SaslException { myClassName = className; // Parse properties to set desired context options @@ -156,23 +155,23 @@ public abstract class AbstractSaslImpl { if (!completed) { throw new IllegalStateException("SASL authentication not completed"); } - - if (propName.equals(Sasl.QOP)) { - if (privacy) { - return "auth-conf"; - } else if (integrity) { - return "auth-int"; - } else { - return "auth"; - } - } else if (propName.equals(Sasl.MAX_BUFFER)) { - return Integer.toString(recvMaxBufSize); - } else if (propName.equals(Sasl.RAW_SEND_SIZE)) { - return Integer.toString(rawSendSize); - } else if (propName.equals(MAX_SEND_BUF)) { - return Integer.toString(sendMaxBufSize); - } else { - return null; + switch (propName) { + case Sasl.QOP: + if (privacy) { + return "auth-conf"; + } else if (integrity) { + return "auth-int"; + } else { + return "auth"; + } + case Sasl.MAX_BUFFER: + return Integer.toString(recvMaxBufSize); + case Sasl.RAW_SEND_SIZE: + return Integer.toString(rawSendSize); + case MAX_SEND_BUF: + return Integer.toString(sendMaxBufSize); + default: + return null; } } diff --git a/jdk/src/share/classes/com/sun/security/sasl/util/PolicyUtils.java b/jdk/src/share/classes/com/sun/security/sasl/util/PolicyUtils.java index cf6ddc366b0..4e5b78f6450 100644 --- a/jdk/src/share/classes/com/sun/security/sasl/util/PolicyUtils.java +++ b/jdk/src/share/classes/com/sun/security/sasl/util/PolicyUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -53,7 +53,7 @@ final public class PolicyUtils { * @param props The security policy properties to check * @return true if passes; false if fails */ - public static boolean checkPolicy(int flags, Map props) { + public static boolean checkPolicy(int flags, Map props) { if (props == null) { return true; } @@ -93,7 +93,7 @@ final public class PolicyUtils { * */ public static String[] filterMechs(String[] mechs, int[] policies, - Map props) { + Map props) { if (props == null) { return mechs.clone(); } diff --git a/jdk/src/share/classes/java/security/AccessControlContext.java b/jdk/src/share/classes/java/security/AccessControlContext.java index 8a431df1cc7..ba088af8716 100644 --- a/jdk/src/share/classes/java/security/AccessControlContext.java +++ b/jdk/src/share/classes/java/security/AccessControlContext.java @@ -29,8 +29,6 @@ import java.util.ArrayList; import java.util.List; import sun.security.util.Debug; import sun.security.util.SecurityConstants; -import sun.misc.JavaSecurityAccess; -import sun.misc.SharedSecrets; /** @@ -312,7 +310,7 @@ public final class AccessControlContext { Debug.isOn("permission=" + perm.getClass().getCanonicalName()); if (dumpDebug && Debug.isOn("stack")) { - Thread.currentThread().dumpStack(); + Thread.dumpStack(); } if (dumpDebug && Debug.isOn("domain")) { @@ -353,7 +351,7 @@ public final class AccessControlContext { if (!dumpDebug) { debug.println("access denied " + perm); } - Thread.currentThread().dumpStack(); + Thread.dumpStack(); final ProtectionDomain pd = context[i]; final Debug db = debug; AccessController.doPrivileged (new PrivilegedAction() { @@ -561,7 +559,7 @@ public final class AccessControlContext { match = (that.context[j] == null); } } else { - Class thisPdClass = thisPd.getClass(); + Class thisPdClass = thisPd.getClass(); ProtectionDomain thatPd; for (int j = 0; (j < that.context.length) && !match; j++) { thatPd = that.context[j]; diff --git a/jdk/src/share/classes/java/security/AccessController.java b/jdk/src/share/classes/java/security/AccessController.java index 338b9b7f297..97383f54a46 100644 --- a/jdk/src/share/classes/java/security/AccessController.java +++ b/jdk/src/share/classes/java/security/AccessController.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -406,7 +406,7 @@ public final class AccessController { * callerClass[2] = AccessController.doPrivileged * callerClass[3] = caller */ - final Class callerClass = sun.reflect.Reflection.getCallerClass(3); + final Class callerClass = sun.reflect.Reflection.getCallerClass(3); ProtectionDomain callerPd = doPrivileged (new PrivilegedAction() { public ProtectionDomain run() { @@ -538,7 +538,7 @@ public final class AccessController { } if (dumpDebug && Debug.isOn("stack")) { - Thread.currentThread().dumpStack(); + Thread.dumpStack(); } if (dumpDebug && Debug.isOn("domain")) { diff --git a/jdk/src/share/classes/java/security/BasicPermission.java b/jdk/src/share/classes/java/security/BasicPermission.java index 3b5a459dde7..e6a28cbb2a7 100644 --- a/jdk/src/share/classes/java/security/BasicPermission.java +++ b/jdk/src/share/classes/java/security/BasicPermission.java @@ -25,7 +25,6 @@ package java.security; -import java.security.*; import java.util.Enumeration; import java.util.Map; import java.util.HashMap; @@ -333,14 +332,14 @@ implements java.io.Serializable * * @see #serialPersistentFields */ - private Class permClass; + private Class permClass; /** * Create an empty BasicPermissionCollection object. * */ - public BasicPermissionCollection(Class clazz) { + public BasicPermissionCollection(Class clazz) { perms = new HashMap(11); all_allowed = false; permClass = clazz; @@ -542,6 +541,9 @@ implements java.io.Serializable ObjectInputStream.GetField gfields = in.readFields(); // Get permissions + // writeObject writes a Hashtable for the + // permissions key, so this cast is safe, unless the data is corrupt. + @SuppressWarnings("unchecked") Hashtable permissions = (Hashtable)gfields.get("permissions", null); perms = new HashMap(permissions.size()*2); @@ -551,7 +553,7 @@ implements java.io.Serializable all_allowed = gfields.get("all_allowed", false); // Get permClass - permClass = (Class) gfields.get("permClass", null); + permClass = (Class) gfields.get("permClass", null); if (permClass == null) { // set permClass diff --git a/jdk/src/share/classes/java/security/Permissions.java b/jdk/src/share/classes/java/security/Permissions.java index 1f9f8b07c19..986fd4b2c0e 100644 --- a/jdk/src/share/classes/java/security/Permissions.java +++ b/jdk/src/share/classes/java/security/Permissions.java @@ -31,7 +31,6 @@ import java.util.NoSuchElementException; import java.util.Map; import java.util.HashMap; import java.util.List; -import java.util.ArrayList; import java.util.Iterator; import java.util.Collections; import java.io.Serializable; @@ -238,7 +237,7 @@ implements Serializable */ private PermissionCollection getPermissionCollection(Permission p, boolean createEmpty) { - Class c = p.getClass(); + Class c = p.getClass(); PermissionCollection pc = permsMap.get(c); @@ -390,6 +389,9 @@ implements Serializable allPermission = (PermissionCollection) gfields.get("allPermission", null); // Get permissions + // writeObject writes a Hashtable, PermissionCollection> for + // the perms key, so this cast is safe, unless the data is corrupt. + @SuppressWarnings("unchecked") Hashtable, PermissionCollection> perms = (Hashtable, PermissionCollection>)gfields.get("perms", null); permsMap = new HashMap, PermissionCollection>(perms.size()*2); @@ -590,6 +592,9 @@ implements Serializable ObjectInputStream.GetField gfields = in.readFields(); // Get permissions + // writeObject writes a Hashtable, PermissionCollection> for + // the perms key, so this cast is safe, unless the data is corrupt. + @SuppressWarnings("unchecked") Hashtable perms = (Hashtable)gfields.get("perms", null); permsMap = new HashMap(perms.size()*2); diff --git a/jdk/src/share/classes/java/security/Policy.java b/jdk/src/share/classes/java/security/Policy.java index 5a029a385dd..7ed0ce23540 100644 --- a/jdk/src/share/classes/java/security/Policy.java +++ b/jdk/src/share/classes/java/security/Policy.java @@ -26,16 +26,7 @@ package java.security; -import java.io.*; -import java.lang.RuntimePermission; -import java.lang.reflect.*; -import java.net.MalformedURLException; -import java.net.URL; import java.util.Enumeration; -import java.util.Hashtable; -import java.util.PropertyPermission; -import java.util.StringTokenizer; -import java.util.Vector; import java.util.WeakHashMap; import sun.security.jca.GetInstance; import sun.security.util.Debug; @@ -786,6 +777,8 @@ public abstract class Policy { private static class UnsupportedEmptyCollection extends PermissionCollection { + private static final long serialVersionUID = -8492269157353014774L; + private Permissions perms; /** diff --git a/jdk/src/share/classes/java/security/ProtectionDomain.java b/jdk/src/share/classes/java/security/ProtectionDomain.java index b9716c3b1d3..16551a06e7a 100644 --- a/jdk/src/share/classes/java/security/ProtectionDomain.java +++ b/jdk/src/share/classes/java/security/ProtectionDomain.java @@ -33,7 +33,6 @@ import java.util.Map; import java.util.WeakHashMap; import sun.misc.JavaSecurityProtectionDomainAccess; import static sun.misc.JavaSecurityProtectionDomainAccess.ProtectionDomainCache; -import sun.misc.SharedSecrets; import sun.security.util.Debug; import sun.security.util.SecurityConstants; import sun.misc.JavaSecurityAccess; @@ -403,7 +402,7 @@ public class ProtectionDomain { e = permissions.elements(); // domain vs policy while (e.hasMoreElements()) { Permission pdp = e.nextElement(); - Class pdpClass = pdp.getClass(); + Class pdpClass = pdp.getClass(); String pdpActions = pdp.getActions(); String pdpName = pdp.getName(); for (int i = 0; i < plVector.size(); i++) { diff --git a/jdk/src/share/classes/java/security/Provider.java b/jdk/src/share/classes/java/security/Provider.java index a4b3b243160..72fcabbd918 100644 --- a/jdk/src/share/classes/java/security/Provider.java +++ b/jdk/src/share/classes/java/security/Provider.java @@ -31,9 +31,6 @@ import static java.util.Locale.ENGLISH; import java.lang.ref.*; import java.lang.reflect.*; -import java.security.cert.CertStoreParameters; -import javax.security.auth.login.Configuration; - /** * This class represents a "provider" for the * Java Security API, where a provider implements some or all parts of @@ -453,8 +450,8 @@ public abstract class Provider extends Properties { * Internal method to be called AFTER the security check has been * performed. */ - private void implPutAll(Map t) { - for (Map.Entry e : ((Map)t).entrySet()) { + private void implPutAll(Map t) { + for (Map.Entry e : t.entrySet()) { implPut(e.getKey(), e.getValue()); } } @@ -562,9 +559,9 @@ public abstract class Provider extends Properties { * occur if the legacy properties are inconsistent or incomplete. */ private void removeInvalidServices(Map map) { - for (Iterator t = map.entrySet().iterator(); t.hasNext(); ) { - Map.Entry entry = (Map.Entry)t.next(); - Service s = (Service)entry.getValue(); + for (Iterator> t = + map.entrySet().iterator(); t.hasNext(); ) { + Service s = t.next().getValue(); if (s.isValid() == false) { t.remove(); } @@ -918,15 +915,15 @@ public abstract class Provider extends Properties { final String name; final boolean supportsParameter; final String constructorParameterClassName; - private volatile Class constructorParameterClass; + private volatile Class constructorParameterClass; EngineDescription(String name, boolean sp, String paramName) { this.name = name; this.supportsParameter = sp; this.constructorParameterClassName = paramName; } - Class getConstructorParameterClass() throws ClassNotFoundException { - Class clazz = constructorParameterClass; + Class getConstructorParameterClass() throws ClassNotFoundException { + Class clazz = constructorParameterClass; if (clazz == null) { clazz = Class.forName(constructorParameterClassName); constructorParameterClass = clazz; @@ -1038,7 +1035,7 @@ public abstract class Provider extends Properties { private Map attributes; // Reference to the cached implementation Class object - private volatile Reference classRef; + private volatile Reference> classRef; // flag indicating whether this service has its attributes for // supportedKeyFormats or supportedKeyClasses set @@ -1055,7 +1052,7 @@ public abstract class Provider extends Properties { // whether this service has been registered with the Provider private boolean registered; - private static final Class[] CLASS0 = new Class[0]; + private static final Class[] CLASS0 = new Class[0]; // this constructor and these methods are used for parsing // the legacy string properties. @@ -1234,12 +1231,12 @@ public abstract class Provider extends Properties { ("constructorParameter not used with " + type + " engines"); } - Class clazz = getImplClass(); + Class clazz = getImplClass(); return clazz.newInstance(); } else { - Class paramClass = cap.getConstructorParameterClass(); + Class paramClass = cap.getConstructorParameterClass(); if (constructorParameter != null) { - Class argClass = constructorParameter.getClass(); + Class argClass = constructorParameter.getClass(); if (paramClass.isAssignableFrom(argClass) == false) { throw new InvalidParameterException ("constructorParameter must be instanceof " @@ -1247,8 +1244,8 @@ public abstract class Provider extends Properties { + " for engine type " + type); } } - Class clazz = getImplClass(); - Constructor cons = clazz.getConstructor(paramClass); + Class clazz = getImplClass(); + Constructor cons = clazz.getConstructor(paramClass); return cons.newInstance(constructorParameter); } } catch (NoSuchAlgorithmException e) { @@ -1267,10 +1264,10 @@ public abstract class Provider extends Properties { } // return the implementation Class object for this service - private Class getImplClass() throws NoSuchAlgorithmException { + private Class getImplClass() throws NoSuchAlgorithmException { try { - Reference ref = classRef; - Class clazz = (ref == null) ? null : ref.get(); + Reference> ref = classRef; + Class clazz = (ref == null) ? null : ref.get(); if (clazz == null) { ClassLoader cl = provider.getClass().getClassLoader(); if (cl == null) { @@ -1278,7 +1275,7 @@ public abstract class Provider extends Properties { } else { clazz = cl.loadClass(className); } - classRef = new WeakReference(clazz); + classRef = new WeakReference>(clazz); } return clazz; } catch (ClassNotFoundException e) { @@ -1295,18 +1292,18 @@ public abstract class Provider extends Properties { */ private Object newInstanceGeneric(Object constructorParameter) throws Exception { - Class clazz = getImplClass(); + Class clazz = getImplClass(); if (constructorParameter == null) { Object o = clazz.newInstance(); return o; } - Class argClass = constructorParameter.getClass(); + Class argClass = constructorParameter.getClass(); Constructor[] cons = clazz.getConstructors(); // find first public constructor that can take the // argument as parameter for (int i = 0; i < cons.length; i++) { - Constructor con = cons[i]; - Class[] paramTypes = con.getParameterTypes(); + Constructor con = cons[i]; + Class[] paramTypes = con.getParameterTypes(); if (paramTypes.length != 1) { continue; } @@ -1394,10 +1391,10 @@ public abstract class Provider extends Properties { s = getAttribute("SupportedKeyClasses"); if (s != null) { String[] classNames = s.split("\\|"); - List classList = + List> classList = new ArrayList<>(classNames.length); for (String className : classNames) { - Class clazz = getKeyClass(className); + Class clazz = getKeyClass(className); if (clazz != null) { classList.add(clazz); } @@ -1414,7 +1411,7 @@ public abstract class Provider extends Properties { } // get the key class object of the specified name - private Class getKeyClass(String name) { + private Class getKeyClass(String name) { try { return Class.forName(name); } catch (ClassNotFoundException e) { @@ -1451,8 +1448,8 @@ public abstract class Provider extends Properties { if (supportedClasses == null) { return false; } - Class keyClass = key.getClass(); - for (Class clazz : supportedClasses) { + Class keyClass = key.getClass(); + for (Class clazz : supportedClasses) { if (clazz.isAssignableFrom(keyClass)) { return true; } diff --git a/jdk/src/share/classes/java/security/Security.java b/jdk/src/share/classes/java/security/Security.java index 85b246201f6..6048c439428 100644 --- a/jdk/src/share/classes/java/security/Security.java +++ b/jdk/src/share/classes/java/security/Security.java @@ -33,8 +33,6 @@ import java.net.URL; import sun.security.util.Debug; import sun.security.util.PropertyExpander; -import java.security.Provider.Service; - import sun.security.jca.*; /** @@ -660,15 +658,16 @@ public final class Security { } // Map containing cached Spi Class objects of the specified type - private static final Map spiMap = new ConcurrentHashMap<>(); + private static final Map> spiMap = + new ConcurrentHashMap<>(); /** * Return the Class object for the given engine type * (e.g. "MessageDigest"). Works for Spis in the java.security package * only. */ - private static Class getSpiClass(String type) { - Class clazz = spiMap.get(type); + private static Class getSpiClass(String type) { + Class clazz = spiMap.get(type); if (clazz != null) { return clazz; } @@ -1078,7 +1077,7 @@ public final class Security { if ((serviceName == null) || (serviceName.length() == 0) || (serviceName.endsWith("."))) { - return Collections.EMPTY_SET; + return Collections.emptySet(); } HashSet result = new HashSet<>(); diff --git a/jdk/src/share/classes/java/security/UnresolvedPermission.java b/jdk/src/share/classes/java/security/UnresolvedPermission.java index ffeaac9246b..5428d17d82d 100644 --- a/jdk/src/share/classes/java/security/UnresolvedPermission.java +++ b/jdk/src/share/classes/java/security/UnresolvedPermission.java @@ -28,9 +28,7 @@ package java.security; import java.io.IOException; import java.io.ByteArrayInputStream; import java.util.ArrayList; -import java.util.Enumeration; import java.util.Hashtable; -import java.util.Vector; import java.lang.reflect.*; import java.security.cert.*; @@ -247,19 +245,19 @@ implements java.io.Serializable } } try { - Class pc = p.getClass(); + Class pc = p.getClass(); if (name == null && actions == null) { try { - Constructor c = pc.getConstructor(PARAMS0); + Constructor c = pc.getConstructor(PARAMS0); return (Permission)c.newInstance(new Object[] {}); } catch (NoSuchMethodException ne) { try { - Constructor c = pc.getConstructor(PARAMS1); + Constructor c = pc.getConstructor(PARAMS1); return (Permission) c.newInstance( new Object[] { name}); } catch (NoSuchMethodException ne1) { - Constructor c = pc.getConstructor(PARAMS2); + Constructor c = pc.getConstructor(PARAMS2); return (Permission) c.newInstance( new Object[] { name, actions }); } @@ -267,16 +265,16 @@ implements java.io.Serializable } else { if (name != null && actions == null) { try { - Constructor c = pc.getConstructor(PARAMS1); + Constructor c = pc.getConstructor(PARAMS1); return (Permission) c.newInstance( new Object[] { name}); } catch (NoSuchMethodException ne) { - Constructor c = pc.getConstructor(PARAMS2); + Constructor c = pc.getConstructor(PARAMS2); return (Permission) c.newInstance( new Object[] { name, actions }); } } else { - Constructor c = pc.getConstructor(PARAMS2); + Constructor c = pc.getConstructor(PARAMS2); return (Permission) c.newInstance( new Object[] { name, actions }); } diff --git a/jdk/src/share/classes/java/security/UnresolvedPermissionCollection.java b/jdk/src/share/classes/java/security/UnresolvedPermissionCollection.java index 69f6e60d1c0..76336485842 100644 --- a/jdk/src/share/classes/java/security/UnresolvedPermissionCollection.java +++ b/jdk/src/share/classes/java/security/UnresolvedPermissionCollection.java @@ -197,8 +197,12 @@ implements java.io.Serializable ObjectInputStream.GetField gfields = in.readFields(); // Get permissions + @SuppressWarnings("unchecked") + // writeObject writes a Hashtable> + // for the permissions key, so this cast is safe, unless the data is corrupt. Hashtable> permissions = - (Hashtable>)gfields.get("permissions", null); + (Hashtable>) + gfields.get("permissions", null); perms = new HashMap>(permissions.size()*2); // Convert each entry (Vector) into a List diff --git a/jdk/src/share/classes/java/security/cert/CertificateRevokedException.java b/jdk/src/share/classes/java/security/cert/CertificateRevokedException.java index a76299ccc0d..b812689ee6e 100644 --- a/jdk/src/share/classes/java/security/cert/CertificateRevokedException.java +++ b/jdk/src/share/classes/java/security/cert/CertificateRevokedException.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,7 +32,6 @@ import java.util.Collections; import java.util.Date; import java.util.HashMap; import java.util.Map; -import java.util.Map.Entry; import javax.security.auth.x500.X500Principal; import sun.security.util.ObjectIdentifier; @@ -95,7 +94,7 @@ public class CertificateRevokedException extends CertificateException { this.revocationDate = new Date(revocationDate.getTime()); this.reason = reason; this.authority = authority; - this.extensions = new HashMap(extensions); + this.extensions = new HashMap(extensions); } /** @@ -148,8 +147,7 @@ public class CertificateRevokedException extends CertificateException { return null; } else { try { - Date invalidity = - (Date) InvalidityDateExtension.toImpl(ext).get("DATE"); + Date invalidity = InvalidityDateExtension.toImpl(ext).get("DATE"); return new Date(invalidity.getTime()); } catch (IOException ioe) { return null; diff --git a/jdk/src/share/classes/java/security/cert/X509CRLSelector.java b/jdk/src/share/classes/java/security/cert/X509CRLSelector.java index 7e702d2647c..5bcdf4f6ad0 100644 --- a/jdk/src/share/classes/java/security/cert/X509CRLSelector.java +++ b/jdk/src/share/classes/java/security/cert/X509CRLSelector.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -632,7 +632,7 @@ public class X509CRLSelector implements CRLSelector { byte[] encoded = in.getOctetString(); CRLNumberExtension crlNumExt = new CRLNumberExtension(Boolean.FALSE, encoded); - crlNum = (BigInteger)crlNumExt.get(CRLNumberExtension.NUMBER); + crlNum = crlNumExt.get(CRLNumberExtension.NUMBER); } catch (IOException ex) { if (debug != null) { debug.println("X509CRLSelector.match: exception in " diff --git a/jdk/src/share/classes/java/security/cert/X509CertSelector.java b/jdk/src/share/classes/java/security/cert/X509CertSelector.java index 1de52575d1a..ea3f6b72c95 100644 --- a/jdk/src/share/classes/java/security/cert/X509CertSelector.java +++ b/jdk/src/share/classes/java/security/cert/X509CertSelector.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -277,7 +277,7 @@ public class X509CertSelector implements CertSelector { try { issuer = (issuerDN == null ? null : new X500Principal(issuerDN)); } catch (IllegalArgumentException e) { - throw (IOException)new IOException("Invalid name").initCause(e); + throw new IOException("Invalid name", e); } } @@ -341,7 +341,7 @@ public class X509CertSelector implements CertSelector { try { subject = (subjectDN == null ? null : new X500Principal(subjectDN)); } catch (IllegalArgumentException e) { - throw (IOException)new IOException("Invalid name").initCause(e); + throw new IOException("Invalid name", e); } } @@ -872,7 +872,7 @@ public class X509CertSelector implements CertSelector { * @param object2 a Collection containing the second object to compare * @return true if the objects are equal, false otherwise */ - static boolean equalNames(Collection object1, Collection object2) { + static boolean equalNames(Collection object1, Collection object2) { if ((object1 == null) || (object2 == null)) { return object1 == object2; } @@ -1672,19 +1672,15 @@ public class X509CertSelector implements CertSelector { private static Set> cloneAndCheckNames(Collection> names) throws IOException { // Copy the Lists and Collection Set> namesCopy = new HashSet>(); - Iterator> i = names.iterator(); - while (i.hasNext()) { - Object o = i.next(); - if (!(o instanceof List)) { - throw new IOException("expected a List"); - } - namesCopy.add(new ArrayList((List)o)); + for (List o : names) + { + namesCopy.add(new ArrayList(o)); } // Check the contents of the Lists and clone any byte arrays - i = namesCopy.iterator(); - while (i.hasNext()) { - List nameList = (List)i.next(); + for (List list : namesCopy) { + @SuppressWarnings("unchecked") // See javadoc for parameter "names". + List nameList = (List)list; if (nameList.size() != 2) { throw new IOException("name list size not 2"); } @@ -2184,8 +2180,7 @@ public class X509CertSelector implements CertSelector { if (debug != null) { String time = "n/a"; try { - Date notAfter = - (Date)ext.get(PrivateKeyUsageExtension.NOT_AFTER); + Date notAfter = ext.get(PrivateKeyUsageExtension.NOT_AFTER); time = notAfter.toString(); } catch (CertificateException ex) { // not able to retrieve notAfter value @@ -2201,8 +2196,7 @@ public class X509CertSelector implements CertSelector { if (debug != null) { String time = "n/a"; try { - Date notBefore = (Date) - ext.get(PrivateKeyUsageExtension.NOT_BEFORE); + Date notBefore = ext.get(PrivateKeyUsageExtension.NOT_BEFORE); time = notBefore.toString(); } catch (CertificateException ex) { // not able to retrieve notBefore value @@ -2214,14 +2208,6 @@ public class X509CertSelector implements CertSelector { e2.printStackTrace(); } return false; - } catch (CertificateException e3) { - if (debug != null) { - debug.println("X509CertSelector.match: CertificateException " - + "in private key usage check; X509CertSelector: " - + this.toString()); - e3.printStackTrace(); - } - return false; } catch (IOException e4) { if (debug != null) { debug.println("X509CertSelector.match: IOException in " @@ -2252,7 +2238,7 @@ public class X509CertSelector implements CertSelector { + subjectPublicKeyAlgID + ", xcert subjectPublicKeyAlgID = " + algID.getOID()); } - if (!subjectPublicKeyAlgID.equals(algID.getOID())) { + if (!subjectPublicKeyAlgID.equals((Object)algID.getOID())) { if (debug != null) { debug.println("X509CertSelector.match: " + "subject public key alg IDs don't match"); @@ -2301,7 +2287,7 @@ public class X509CertSelector implements CertSelector { EXTENDED_KEY_USAGE_ID); if (ext != null) { Vector certKeyPurposeVector = - (Vector)ext.get(ExtendedKeyUsageExtension.USAGES); + ext.get(ExtendedKeyUsageExtension.USAGES); if (!certKeyPurposeVector.contains(ANY_EXTENDED_KEY_USAGE) && !certKeyPurposeVector.containsAll(keyPurposeOIDSet)) { if (debug != null) { @@ -2337,8 +2323,8 @@ public class X509CertSelector implements CertSelector { } return false; } - GeneralNames certNames = (GeneralNames) - sanExt.get(SubjectAlternativeNameExtension.SUBJECT_NAME); + GeneralNames certNames = + sanExt.get(SubjectAlternativeNameExtension.SUBJECT_NAME); Iterator i = subjectAlternativeGeneralNames.iterator(); while (i.hasNext()) { @@ -2406,7 +2392,7 @@ public class X509CertSelector implements CertSelector { } return false; } - List policies = (List)ext.get(CertificatePoliciesExtension.POLICIES); + List policies = ext.get(CertificatePoliciesExtension.POLICIES); /* * Convert the Vector of PolicyInformation to a Vector * of CertificatePolicyIds for easier comparison. @@ -2467,7 +2453,7 @@ public class X509CertSelector implements CertSelector { if (ext == null) { return true; } - if ((debug != null) && debug.isOn("certpath")) { + if ((debug != null) && Debug.isOn("certpath")) { debug.println("X509CertSelector.match pathToNames:\n"); Iterator i = pathToGeneralNames.iterator(); @@ -2476,10 +2462,10 @@ public class X509CertSelector implements CertSelector { } } - GeneralSubtrees permitted = (GeneralSubtrees) - ext.get(NameConstraintsExtension.PERMITTED_SUBTREES); - GeneralSubtrees excluded = (GeneralSubtrees) - ext.get(NameConstraintsExtension.EXCLUDED_SUBTREES); + GeneralSubtrees permitted = + ext.get(NameConstraintsExtension.PERMITTED_SUBTREES); + GeneralSubtrees excluded = + ext.get(NameConstraintsExtension.EXCLUDED_SUBTREES); if (excluded != null) { if (matchExcluded(excluded) == false) { return false; @@ -2597,12 +2583,13 @@ public class X509CertSelector implements CertSelector { return true; } - private static Set cloneSet(Set set) { + @SuppressWarnings("unchecked") // Safe casts assuming clone() works correctly + private static Set cloneSet(Set set) { if (set instanceof HashSet) { - Object clone = ((HashSet)set).clone(); - return (Set)clone; + Object clone = ((HashSet)set).clone(); + return (Set)clone; } else { - return new HashSet(set); + return new HashSet(set); } } @@ -2617,17 +2604,13 @@ public class X509CertSelector implements CertSelector { // Must clone these because addPathToName et al. modify them if (subjectAlternativeNames != null) { copy.subjectAlternativeNames = - (Set>)cloneSet(subjectAlternativeNames); + cloneSet(subjectAlternativeNames); copy.subjectAlternativeGeneralNames = - (Set)cloneSet - (subjectAlternativeGeneralNames); + cloneSet(subjectAlternativeGeneralNames); } if (pathToGeneralNames != null) { - copy.pathToNames = - (Set>)cloneSet(pathToNames); - copy.pathToGeneralNames = - (Set)cloneSet - (pathToGeneralNames); + copy.pathToNames = cloneSet(pathToNames); + copy.pathToGeneralNames = cloneSet(pathToGeneralNames); } return copy; } catch (CloneNotSupportedException e) { diff --git a/jdk/src/share/classes/javax/crypto/Cipher.java b/jdk/src/share/classes/javax/crypto/Cipher.java index bd17f023639..8aa8b182d75 100644 --- a/jdk/src/share/classes/javax/crypto/Cipher.java +++ b/jdk/src/share/classes/javax/crypto/Cipher.java @@ -28,7 +28,6 @@ package javax.crypto; import java.util.*; import java.util.regex.*; -import static java.util.Locale.ENGLISH; import java.security.*; import java.security.Provider.Service; @@ -44,7 +43,6 @@ import java.nio.ReadOnlyBufferException; import sun.security.util.Debug; import sun.security.jca.*; -import sun.security.jca.GetInstance.Instance; /** * This class provides the functionality of a cryptographic cipher for @@ -227,10 +225,10 @@ public class Cipher { // remaining services to try in provider selection // null once provider is selected - private Iterator serviceIterator; + private Iterator serviceIterator; // list of transform Strings to lookup in the provider - private List transforms; + private List transforms; private final Object lock; @@ -271,7 +269,8 @@ public class Cipher { } private Cipher(CipherSpi firstSpi, Service firstService, - Iterator serviceIterator, String transformation, List transforms) { + Iterator serviceIterator, String transformation, + List transforms) { this.firstSpi = firstSpi; this.firstService = firstService; this.serviceIterator = serviceIterator; @@ -392,11 +391,11 @@ public class Cipher { // Map for previously compiled patterns // XXX use ConcurrentHashMap once available - private final static Map patternCache = - Collections.synchronizedMap(new HashMap()); + private final static Map patternCache = + Collections.synchronizedMap(new HashMap()); private static boolean matches(String regexp, String str) { - Pattern pattern = (Pattern)patternCache.get(regexp); + Pattern pattern = patternCache.get(regexp); if (pattern == null) { pattern = Pattern.compile(regexp); patternCache.put(regexp, pattern); @@ -406,7 +405,7 @@ public class Cipher { } - private static List getTransforms(String transformation) + private static List getTransforms(String transformation) throws NoSuchAlgorithmException { String[] parts = tokenizeTransformation(transformation); @@ -426,7 +425,7 @@ public class Cipher { return Collections.singletonList(tr); } else { // if ((mode != null) && (pad != null)) { // DES/CBC/PKCS5Padding - List list = new ArrayList(4); + List list = new ArrayList<>(4); list.add(new Transform(alg, "/" + mode + "/" + pad, null, null)); list.add(new Transform(alg, "/" + mode, null, pad)); list.add(new Transform(alg, "//" + pad, mode, null)); @@ -436,10 +435,10 @@ public class Cipher { } // get the transform matching the specified service - private static Transform getTransform(Service s, List transforms) { + private static Transform getTransform(Service s, + List transforms) { String alg = s.getAlgorithm().toUpperCase(Locale.ENGLISH); - for (Iterator t = transforms.iterator(); t.hasNext(); ) { - Transform tr = (Transform)t.next(); + for (Transform tr : transforms) { if (alg.endsWith(tr.suffix)) { return tr; } @@ -482,19 +481,18 @@ public class Cipher { public static final Cipher getInstance(String transformation) throws NoSuchAlgorithmException, NoSuchPaddingException { - List transforms = getTransforms(transformation); - List cipherServices = new ArrayList(transforms.size()); - for (Iterator t = transforms.iterator(); t.hasNext(); ) { - Transform transform = (Transform)t.next(); + List transforms = getTransforms(transformation); + List cipherServices = new ArrayList<>(transforms.size()); + for (Transform transform : transforms) { cipherServices.add(new ServiceId("Cipher", transform.transform)); } - List services = GetInstance.getServices(cipherServices); + List services = GetInstance.getServices(cipherServices); // make sure there is at least one service from a signed provider // and that it can use the specified mode and padding - Iterator t = services.iterator(); + Iterator t = services.iterator(); Exception failure = null; while (t.hasNext()) { - Service s = (Service)t.next(); + Service s = t.next(); if (JceSecurity.canUseProvider(s.getProvider()) == false) { continue; } @@ -620,11 +618,10 @@ public class Cipher { throw new IllegalArgumentException("Missing provider"); } Exception failure = null; - List transforms = getTransforms(transformation); + List transforms = getTransforms(transformation); boolean providerChecked = false; String paddingError = null; - for (Iterator t = transforms.iterator(); t.hasNext();) { - Transform tr = (Transform)t.next(); + for (Transform tr : transforms) { Service s = provider.getService("Cipher", tr.transform); if (s == null) { continue; @@ -727,7 +724,7 @@ public class Cipher { firstService = null; firstSpi = null; } else { - s = (Service)serviceIterator.next(); + s = serviceIterator.next(); thisSpi = null; } if (JceSecurity.canUseProvider(s.getProvider()) == false) { @@ -821,7 +818,7 @@ public class Cipher { firstService = null; firstSpi = null; } else { - s = (Service)serviceIterator.next(); + s = serviceIterator.next(); thisSpi = null; } // if provider says it does not support this key, ignore it @@ -1622,7 +1619,7 @@ public class Cipher { // Check whether the cert has a key usage extension // marked as a critical extension. X509Certificate cert = (X509Certificate)certificate; - Set critSet = cert.getCriticalExtensionOIDs(); + Set critSet = cert.getCriticalExtensionOIDs(); if (critSet != null && !critSet.isEmpty() && critSet.contains(KEY_USAGE_EXTENSION_OID)) { diff --git a/jdk/src/share/classes/javax/crypto/CryptoAllPermission.java b/jdk/src/share/classes/javax/crypto/CryptoAllPermission.java index 2cea7b6e994..ad5e7fb7b45 100644 --- a/jdk/src/share/classes/javax/crypto/CryptoAllPermission.java +++ b/jdk/src/share/classes/javax/crypto/CryptoAllPermission.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -171,8 +171,8 @@ final class CryptoAllPermissionCollection extends PermissionCollection * * @return an enumeration of all the CryptoAllPermission objects. */ - public Enumeration elements() { - Vector v = new Vector(1); + public Enumeration elements() { + Vector v = new Vector<>(1); if (all_allowed) v.add(CryptoAllPermission.INSTANCE); return v.elements(); } diff --git a/jdk/src/share/classes/javax/crypto/CryptoPermission.java b/jdk/src/share/classes/javax/crypto/CryptoPermission.java index 75c43e8e0f5..6241e5fdb43 100644 --- a/jdk/src/share/classes/javax/crypto/CryptoPermission.java +++ b/jdk/src/share/classes/javax/crypto/CryptoPermission.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -475,14 +475,14 @@ implements Serializable { private static final long serialVersionUID = -511215555898802763L; - private Vector permissions; + private Vector permissions; /** * Creates an empty CryptoPermissionCollection * object. */ CryptoPermissionCollection() { - permissions = new Vector(3); + permissions = new Vector(3); } /** @@ -520,7 +520,7 @@ implements Serializable { CryptoPermission cp = (CryptoPermission)permission; - Enumeration e = permissions.elements(); + Enumeration e = permissions.elements(); while (e.hasMoreElements()) { CryptoPermission x = (CryptoPermission) e.nextElement(); @@ -538,7 +538,7 @@ implements Serializable { * @return an enumeration of all the CryptoPermission objects. */ - public Enumeration elements() + public Enumeration elements() { return permissions.elements(); } diff --git a/jdk/src/share/classes/javax/crypto/CryptoPermissions.java b/jdk/src/share/classes/javax/crypto/CryptoPermissions.java index a054c42f151..50c76b95fc6 100644 --- a/jdk/src/share/classes/javax/crypto/CryptoPermissions.java +++ b/jdk/src/share/classes/javax/crypto/CryptoPermissions.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -62,14 +62,14 @@ implements Serializable { private static final long serialVersionUID = 4946547168093391015L; // This class is similar to java.security.Permissions - private Hashtable perms; + private Hashtable perms; /** * Creates a new CryptoPermissions object containing * no CryptoPermissionCollections. */ CryptoPermissions() { - perms = new Hashtable(7); + perms = new Hashtable(7); } /** @@ -166,7 +166,7 @@ implements Serializable { * * @return an enumeration of all the Permissions. */ - public Enumeration elements() { + public Enumeration elements() { // go through each Permissions in the hash table // and call their elements() function. return new PermissionsEnumerator(perms.elements()); @@ -198,8 +198,7 @@ implements Serializable { PermissionCollection thatWildcard = - (PermissionCollection)other.perms.get( - CryptoPermission.ALG_NAME_WILDCARD); + other.perms.get(CryptoPermission.ALG_NAME_WILDCARD); int maxKeySize = 0; if (thatWildcard != null) { maxKeySize = ((CryptoPermission) @@ -208,14 +207,12 @@ implements Serializable { // For each algorithm in this CryptoPermissions, // find out if there is anything we should add into // ret. - Enumeration thisKeys = this.perms.keys(); + Enumeration thisKeys = this.perms.keys(); while (thisKeys.hasMoreElements()) { - String alg = (String)thisKeys.nextElement(); + String alg = thisKeys.nextElement(); - PermissionCollection thisPc = - (PermissionCollection)this.perms.get(alg); - PermissionCollection thatPc = - (PermissionCollection)other.perms.get(alg); + PermissionCollection thisPc = this.perms.get(alg); + PermissionCollection thatPc = other.perms.get(alg); CryptoPermission[] partialResult; @@ -238,8 +235,7 @@ implements Serializable { } PermissionCollection thisWildcard = - (PermissionCollection)this.perms.get( - CryptoPermission.ALG_NAME_WILDCARD); + this.perms.get(CryptoPermission.ALG_NAME_WILDCARD); // If this CryptoPermissions doesn't // have a wildcard, we are done. @@ -252,16 +248,15 @@ implements Serializable { maxKeySize = ((CryptoPermission) thisWildcard.elements().nextElement()).getMaxKeySize(); - Enumeration thatKeys = other.perms.keys(); + Enumeration thatKeys = other.perms.keys(); while (thatKeys.hasMoreElements()) { - String alg = (String)thatKeys.nextElement(); + String alg = thatKeys.nextElement(); if (this.perms.containsKey(alg)) { continue; } - PermissionCollection thatPc = - (PermissionCollection)other.perms.get(alg); + PermissionCollection thatPc = other.perms.get(alg); CryptoPermission[] partialResult; @@ -286,9 +281,9 @@ implements Serializable { */ private CryptoPermission[] getMinimum(PermissionCollection thisPc, PermissionCollection thatPc) { - Vector permVector = new Vector(2); + Vector permVector = new Vector<>(2); - Enumeration thisPcPermissions = thisPc.elements(); + Enumeration thisPcPermissions = thisPc.elements(); // For each CryptoPermission in // thisPc object, do the following: @@ -307,7 +302,7 @@ implements Serializable { CryptoPermission thisCp = (CryptoPermission)thisPcPermissions.nextElement(); - Enumeration thatPcPermissions = thatPc.elements(); + Enumeration thatPcPermissions = thatPc.elements(); while (thatPcPermissions.hasMoreElements()) { CryptoPermission thatCp = (CryptoPermission)thatPcPermissions.nextElement(); @@ -342,9 +337,9 @@ implements Serializable { */ private CryptoPermission[] getMinimum(int maxKeySize, PermissionCollection pc) { - Vector permVector = new Vector(1); + Vector permVector = new Vector<>(1); - Enumeration enum_ = pc.elements(); + Enumeration enum_ = pc.elements(); while (enum_.hasMoreElements()) { CryptoPermission cp = @@ -383,19 +378,17 @@ implements Serializable { // If this CryptoPermissions includes CryptoAllPermission, // we should return CryptoAllPermission. if (perms.containsKey(CryptoAllPermission.ALG_NAME)) { - return - (PermissionCollection)(perms.get(CryptoAllPermission.ALG_NAME)); + return perms.get(CryptoAllPermission.ALG_NAME); } - PermissionCollection pc = (PermissionCollection)perms.get(alg); + PermissionCollection pc = perms.get(alg); // If there isn't a PermissionCollection for // the given algorithm,we should return the // PermissionCollection for the wildcard // if there is one. if (pc == null) { - pc = (PermissionCollection)perms.get( - CryptoPermission.ALG_NAME_WILDCARD); + pc = perms.get(CryptoPermission.ALG_NAME_WILDCARD); } return pc; } @@ -414,7 +407,7 @@ implements Serializable { String alg = cryptoPerm.getAlgorithm(); - PermissionCollection pc = (PermissionCollection)perms.get(alg); + PermissionCollection pc = perms.get(alg); if (pc == null) { pc = cryptoPerm.newPermissionCollection(); @@ -423,14 +416,14 @@ implements Serializable { } } -final class PermissionsEnumerator implements Enumeration { +final class PermissionsEnumerator implements Enumeration { // all the perms - private Enumeration perms; + private Enumeration perms; // the current set - private Enumeration permset; + private Enumeration permset; - PermissionsEnumerator(Enumeration e) { + PermissionsEnumerator(Enumeration e) { perms = e; permset = getNextEnumWithMore(); } @@ -454,7 +447,7 @@ final class PermissionsEnumerator implements Enumeration { return (permset != null); } - public synchronized Object nextElement() { + public synchronized Permission nextElement() { // hasMoreElements will update permset to the next permset // with something in it... @@ -466,11 +459,10 @@ final class PermissionsEnumerator implements Enumeration { } - private Enumeration getNextEnumWithMore() { + private Enumeration getNextEnumWithMore() { while (perms.hasMoreElements()) { - PermissionCollection pc = - (PermissionCollection) perms.nextElement(); - Enumeration next = pc.elements(); + PermissionCollection pc = perms.nextElement(); + Enumeration next = pc.elements(); if (next.hasMoreElements()) return next; } diff --git a/jdk/src/share/classes/javax/crypto/CryptoPolicyParser.java b/jdk/src/share/classes/javax/crypto/CryptoPolicyParser.java index c7bdb3386d9..e44d3299f62 100644 --- a/jdk/src/share/classes/javax/crypto/CryptoPolicyParser.java +++ b/jdk/src/share/classes/javax/crypto/CryptoPolicyParser.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,7 +29,6 @@ import java.io.*; import java.util.Enumeration; import java.util.Hashtable; import java.util.Vector; -import java.util.StringTokenizer; import static java.util.Locale.ENGLISH; import java.security.GeneralSecurityException; @@ -64,7 +63,7 @@ import java.lang.reflect.*; final class CryptoPolicyParser { - private Vector grantEntries; + private Vector grantEntries; // Convenience variables for parsing private StreamTokenizer st; @@ -74,7 +73,7 @@ final class CryptoPolicyParser { * Creates a CryptoPolicyParser object. */ CryptoPolicyParser() { - grantEntries = new Vector(); + grantEntries = new Vector(); } /** @@ -127,7 +126,7 @@ final class CryptoPolicyParser { * The crypto jurisdiction policy must be consistent. The * following hashtable is used for checking consistency. */ - Hashtable processedPermissions = null; + Hashtable> processedPermissions = null; /* * The main parsing loop. The loop is executed once for each entry @@ -152,7 +151,8 @@ final class CryptoPolicyParser { /** * parse a Grant entry */ - private GrantEntry parseGrantEntry(Hashtable processedPermissions) + private GrantEntry parseGrantEntry( + Hashtable> processedPermissions) throws ParsingException, IOException { GrantEntry e = new GrantEntry(); @@ -180,7 +180,7 @@ final class CryptoPolicyParser { * parse a CryptoPermission entry */ private CryptoPermissionEntry parsePermissionEntry( - Hashtable processedPermissions) + Hashtable> processedPermissions) throws ParsingException, IOException { CryptoPermissionEntry e = new CryptoPermissionEntry(); @@ -252,7 +252,7 @@ final class CryptoPolicyParser { // AlgorithmParameterSpec class name. String algParamSpecClassName = match("quoted string"); - Vector paramsV = new Vector(1); + Vector paramsV = new Vector<>(1); while (peek(",")) { match(","); if (peek("number")) { @@ -285,14 +285,14 @@ final class CryptoPolicyParser { AlgorithmParameterSpec ret = null; try { - Class apsClass = Class.forName(type); - Class[] paramClasses = new Class[params.length]; + Class apsClass = Class.forName(type); + Class[] paramClasses = new Class[params.length]; for (int i = 0; i < params.length; i++) { paramClasses[i] = int.class; } - Constructor c = apsClass.getConstructor(paramClasses); + Constructor c = apsClass.getConstructor(paramClasses); ret = (AlgorithmParameterSpec) c.newInstance((Object[]) params); } catch (Exception e) { throw new ParsingException("Cannot call the constructor of " + @@ -456,15 +456,15 @@ final class CryptoPolicyParser { } CryptoPermission[] getPermissions() { - Vector result = new Vector(); + Vector result = new Vector<>(); - Enumeration grantEnum = grantEntries.elements(); + Enumeration grantEnum = grantEntries.elements(); while (grantEnum.hasMoreElements()) { - GrantEntry ge = (GrantEntry)grantEnum.nextElement(); - Enumeration permEnum = ge.permissionElements(); + GrantEntry ge = grantEnum.nextElement(); + Enumeration permEnum = + ge.permissionElements(); while (permEnum.hasMoreElements()) { - CryptoPermissionEntry pe = - (CryptoPermissionEntry)permEnum.nextElement(); + CryptoPermissionEntry pe = permEnum.nextElement(); if (pe.cryptoPermission.equals( "javax.crypto.CryptoAllPermission")) { result.addElement(CryptoAllPermission.INSTANCE); @@ -491,15 +491,14 @@ final class CryptoPolicyParser { return ret; } - private boolean isConsistent(String alg, - String exemptionMechanism, - Hashtable processedPermissions) { + private boolean isConsistent(String alg, String exemptionMechanism, + Hashtable> processedPermissions) { String thisExemptionMechanism = exemptionMechanism == null ? "none" : exemptionMechanism; if (processedPermissions == null) { - processedPermissions = new Hashtable(); - Vector exemptionMechanisms = new Vector(1); + processedPermissions = new Hashtable>(); + Vector exemptionMechanisms = new Vector<>(1); exemptionMechanisms.addElement(thisExemptionMechanism); processedPermissions.put(alg, exemptionMechanisms); return true; @@ -509,15 +508,15 @@ final class CryptoPolicyParser { return false; } - Vector exemptionMechanisms; + Vector exemptionMechanisms; if (processedPermissions.containsKey(alg)) { - exemptionMechanisms = (Vector)processedPermissions.get(alg); + exemptionMechanisms = processedPermissions.get(alg); if (exemptionMechanisms.contains(thisExemptionMechanism)) { return false; } } else { - exemptionMechanisms = new Vector(1); + exemptionMechanisms = new Vector(1); } exemptionMechanisms.addElement(thisExemptionMechanism); @@ -556,10 +555,10 @@ final class CryptoPolicyParser { private static class GrantEntry { - private Vector permissionEntries; + private Vector permissionEntries; GrantEntry() { - permissionEntries = new Vector(); + permissionEntries = new Vector(); } void add(CryptoPermissionEntry pe) @@ -580,7 +579,7 @@ final class CryptoPolicyParser { /** * Enumerate all the permission entries in this GrantEntry. */ - Enumeration permissionElements(){ + Enumeration permissionElements(){ return permissionEntries.elements(); } diff --git a/jdk/src/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java b/jdk/src/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java index 92cc1eb936c..5eeb481dd65 100644 --- a/jdk/src/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java +++ b/jdk/src/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -80,7 +80,7 @@ public class EncryptedPrivateKeyInfo { throw new NullPointerException("the encoded parameter " + "must be non-null"); } - this.encoded = (byte[])encoded.clone(); + this.encoded = encoded.clone(); DerValue val = new DerValue(this.encoded); DerValue[] seq = new DerValue[2]; @@ -143,7 +143,7 @@ public class EncryptedPrivateKeyInfo { throw new IllegalArgumentException("the encryptedData " + "parameter must not be empty"); } else { - this.encryptedData = (byte[])encryptedData.clone(); + this.encryptedData = encryptedData.clone(); } // delay the generation of ASN.1 encoding until // getEncoded() is called @@ -183,7 +183,7 @@ public class EncryptedPrivateKeyInfo { throw new IllegalArgumentException("the encryptedData " + "parameter must not be empty"); } else { - this.encryptedData = (byte[])encryptedData.clone(); + this.encryptedData = encryptedData.clone(); } // delay the generation of ASN.1 encoding until @@ -222,7 +222,7 @@ public class EncryptedPrivateKeyInfo { * each time this method is called. */ public byte[] getEncryptedData() { - return (byte[])this.encryptedData.clone(); + return this.encryptedData.clone(); } /** @@ -247,26 +247,13 @@ public class EncryptedPrivateKeyInfo { throws InvalidKeySpecException { byte[] encoded = null; try { - encoded = cipher.doFinal((byte[])encryptedData); + encoded = cipher.doFinal(encryptedData); checkPKCS8Encoding(encoded); - } catch (GeneralSecurityException gse) { - InvalidKeySpecException ikse = new - InvalidKeySpecException( - "Cannot retrieve the PKCS8EncodedKeySpec"); - ikse.initCause(gse); - throw ikse; - } catch (IOException ioe) { - InvalidKeySpecException ikse = new - InvalidKeySpecException( - "Cannot retrieve the PKCS8EncodedKeySpec"); - ikse.initCause(ioe); - throw ikse; - } catch (IllegalStateException ise) { - InvalidKeySpecException ikse = new - InvalidKeySpecException( - "Cannot retrieve the PKCS8EncodedKeySpec"); - ikse.initCause(ise); - throw ikse; + } catch (GeneralSecurityException | + IOException | + IllegalStateException ex) { + throw new InvalidKeySpecException( + "Cannot retrieve the PKCS8EncodedKeySpec", ex); } return new PKCS8EncodedKeySpec(encoded); } @@ -289,16 +276,9 @@ public class EncryptedPrivateKeyInfo { } catch (NoSuchAlgorithmException nsae) { // rethrow throw nsae; - } catch (GeneralSecurityException gse) { - InvalidKeyException ike = new InvalidKeyException - ("Cannot retrieve the PKCS8EncodedKeySpec"); - ike.initCause(gse); - throw ike; - } catch (IOException ioe) { - InvalidKeyException ike = new InvalidKeyException - ("Cannot retrieve the PKCS8EncodedKeySpec"); - ike.initCause(ioe); - throw ike; + } catch (GeneralSecurityException | IOException ex) { + throw new InvalidKeyException( + "Cannot retrieve the PKCS8EncodedKeySpec", ex); } return new PKCS8EncodedKeySpec(encoded); } @@ -413,7 +393,7 @@ public class EncryptedPrivateKeyInfo { out.write(DerValue.tag_Sequence, tmp); this.encoded = out.toByteArray(); } - return (byte[])this.encoded.clone(); + return this.encoded.clone(); } private static void checkTag(DerValue val, byte tag, String valName) @@ -424,6 +404,7 @@ public class EncryptedPrivateKeyInfo { } } + @SuppressWarnings("fallthrough") private static void checkPKCS8Encoding(byte[] encodedKey) throws IOException { DerInputStream in = new DerInputStream(encodedKey); @@ -432,6 +413,7 @@ public class EncryptedPrivateKeyInfo { switch (values.length) { case 4: checkTag(values[3], DerValue.TAG_CONTEXT, "attributes"); + /* fall through */ case 3: checkTag(values[0], DerValue.tag_Integer, "version"); DerInputStream algid = values[1].toDerInputStream(); diff --git a/jdk/src/share/classes/javax/crypto/JarVerifier.java b/jdk/src/share/classes/javax/crypto/JarVerifier.java index 68f9eb69794..c56a0d19621 100644 --- a/jdk/src/share/classes/javax/crypto/JarVerifier.java +++ b/jdk/src/share/classes/javax/crypto/JarVerifier.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -86,23 +86,19 @@ final class JarVerifier { // Get a link to the Jarfile to search. try { - jf = (JarFile) - AccessController.doPrivileged( - new PrivilegedExceptionAction() { - public Object run() throws Exception { - JarURLConnection conn = - (JarURLConnection) url.openConnection(); - // You could do some caching here as - // an optimization. - conn.setUseCaches(false); - return conn.getJarFile(); - } - }); + jf = AccessController.doPrivileged( + new PrivilegedExceptionAction() { + public JarFile run() throws Exception { + JarURLConnection conn = + (JarURLConnection) url.openConnection(); + // You could do some caching here as + // an optimization. + conn.setUseCaches(false); + return conn.getJarFile(); + } + }); } catch (java.security.PrivilegedActionException pae) { - SecurityException se = new SecurityException( - "Cannot load " + url.toString()); - se.initCause(pae); - throw se; + throw new SecurityException("Cannot load " + url.toString(), pae); } if (jf != null) { diff --git a/jdk/src/share/classes/javax/crypto/JceSecurity.java b/jdk/src/share/classes/javax/crypto/JceSecurity.java index cac9cc739de..7e062462211 100644 --- a/jdk/src/share/classes/javax/crypto/JceSecurity.java +++ b/jdk/src/share/classes/javax/crypto/JceSecurity.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -57,10 +57,12 @@ final class JceSecurity { // Map of the providers we already have verified // value == PROVIDER_VERIFIED is successfully verified // value is failure cause Exception in error case - private final static Map verificationResults = new IdentityHashMap(); + private final static Map verificationResults = + new IdentityHashMap<>(); // Map of the providers currently being verified - private final static Map verifyingProviders = new IdentityHashMap(); + private final static Map verifyingProviders = + new IdentityHashMap<>(); // Set the default value. May be changed in the static initializer. private static boolean isRestricted = true; @@ -73,25 +75,23 @@ final class JceSecurity { static { try { - AccessController.doPrivileged(new PrivilegedExceptionAction() { - public Object run() throws Exception { - setupJurisdictionPolicies(); - return null; - } - }); + AccessController.doPrivileged( + new PrivilegedExceptionAction() { + public Object run() throws Exception { + setupJurisdictionPolicies(); + return null; + } + }); isRestricted = defaultPolicy.implies( CryptoAllPermission.INSTANCE) ? false : true; } catch (Exception e) { - SecurityException se = - new SecurityException( - "Can not initialize cryptographic mechanism"); - se.initCause(e); - throw se; + throw new SecurityException( + "Can not initialize cryptographic mechanism", e); } } - static Instance getInstance(String type, Class clazz, String algorithm, + static Instance getInstance(String type, Class clazz, String algorithm, String provider) throws NoSuchAlgorithmException, NoSuchProviderException { Service s = GetInstance.getService(type, algorithm, provider); @@ -104,7 +104,7 @@ final class JceSecurity { return GetInstance.getInstance(s, clazz); } - static Instance getInstance(String type, Class clazz, String algorithm, + static Instance getInstance(String type, Class clazz, String algorithm, Provider provider) throws NoSuchAlgorithmException { Service s = GetInstance.getService(type, algorithm, provider); Exception ve = JceSecurity.getVerificationResult(provider); @@ -116,12 +116,11 @@ final class JceSecurity { return GetInstance.getInstance(s, clazz); } - static Instance getInstance(String type, Class clazz, String algorithm) + static Instance getInstance(String type, Class clazz, String algorithm) throws NoSuchAlgorithmException { - List services = GetInstance.getServices(type, algorithm); + List services = GetInstance.getServices(type, algorithm); NoSuchAlgorithmException failure = null; - for (Iterator t = services.iterator(); t.hasNext(); ) { - Service s = (Service)t.next(); + for (Service s : services) { if (canUseProvider(s.getProvider()) == false) { // allow only signed providers continue; @@ -213,16 +212,17 @@ final class JceSecurity { } // reference to a Map we use as a cache for codebases - private static final Map codeBaseCacheRef = new WeakHashMap(); + private static final Map, URL> codeBaseCacheRef = + new WeakHashMap<>(); /* * Retuns the CodeBase for the given class. */ - static URL getCodeBase(final Class clazz) { - URL url = (URL)codeBaseCacheRef.get(clazz); + static URL getCodeBase(final Class clazz) { + URL url = codeBaseCacheRef.get(clazz); if (url == null) { - url = (URL)AccessController.doPrivileged(new PrivilegedAction() { - public Object run() { + url = AccessController.doPrivileged(new PrivilegedAction() { + public URL run() { ProtectionDomain pd = clazz.getProtectionDomain(); if (pd != null) { CodeSource cs = pd.getCodeSource(); @@ -290,9 +290,9 @@ final class JceSecurity { JarFile jf = new JarFile(jarPathName); - Enumeration entries = jf.entries(); + Enumeration entries = jf.entries(); while (entries.hasMoreElements()) { - JarEntry je = (JarEntry)entries.nextElement(); + JarEntry je = entries.nextElement(); InputStream is = null; try { if (je.getName().startsWith("default_")) { diff --git a/jdk/src/share/classes/javax/crypto/JceSecurityManager.java b/jdk/src/share/classes/javax/crypto/JceSecurityManager.java index ef925fa8f37..c05a200806c 100644 --- a/jdk/src/share/classes/javax/crypto/JceSecurityManager.java +++ b/jdk/src/share/classes/javax/crypto/JceSecurityManager.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -28,7 +28,6 @@ package javax.crypto; import java.security.*; import java.net.*; import java.util.*; -import java.util.jar.*; /** * The JCE security manager. @@ -50,8 +49,10 @@ final class JceSecurityManager extends SecurityManager { private static final CryptoPermissions defaultPolicy; private static final CryptoPermissions exemptPolicy; private static final CryptoAllPermission allPerm; - private static final Vector TrustedCallersCache = new Vector(2); - private static final Map exemptCache = new HashMap(); + private static final Vector> TrustedCallersCache = + new Vector<>(2); + private static final Map exemptCache = + new HashMap<>(); // singleton instance static final JceSecurityManager INSTANCE; @@ -60,12 +61,12 @@ final class JceSecurityManager extends SecurityManager { defaultPolicy = JceSecurity.getDefaultPolicy(); exemptPolicy = JceSecurity.getExemptPolicy(); allPerm = CryptoAllPermission.INSTANCE; - INSTANCE = (JceSecurityManager) - AccessController.doPrivileged(new PrivilegedAction() { - public Object run() { - return new JceSecurityManager(); - } - }); + INSTANCE = AccessController.doPrivileged( + new PrivilegedAction() { + public JceSecurityManager run() { + return new JceSecurityManager(); + } + }); } private JceSecurityManager() { @@ -94,11 +95,11 @@ final class JceSecurityManager extends SecurityManager { // javax.crypto.* packages. // NOTE: javax.crypto.* package maybe subject to package // insertion, so need to check its classloader as well. - Class[] context = getClassContext(); + Class[] context = getClassContext(); URL callerCodeBase = null; int i; for (i=0; i cls = context[i]; callerCodeBase = JceSecurity.getCodeBase(cls); if (callerCodeBase != null) { break; @@ -119,7 +120,7 @@ final class JceSecurityManager extends SecurityManager { CryptoPermissions appPerms; synchronized (this.getClass()) { if (exemptCache.containsKey(callerCodeBase)) { - appPerms = (CryptoPermissions)exemptCache.get(callerCodeBase); + appPerms = exemptCache.get(callerCodeBase); } else { appPerms = getAppPermissions(callerCodeBase); exemptCache.put(callerCodeBase, appPerms); @@ -143,7 +144,7 @@ final class JceSecurityManager extends SecurityManager { if (appPc == null) { return defaultPerm; } - Enumeration enum_ = appPc.elements(); + Enumeration enum_ = appPc.elements(); while (enum_.hasMoreElements()) { CryptoPermission cp = (CryptoPermission)enum_.nextElement(); if (cp.getExemptionMechanism() == null) { @@ -215,7 +216,7 @@ final class JceSecurityManager extends SecurityManager { * Returns the default permission for the given algorithm. */ private CryptoPermission getDefaultPermission(String alg) { - Enumeration enum_ = + Enumeration enum_ = defaultPolicy.getPermissionCollection(alg).elements(); return (CryptoPermission)enum_.nextElement(); } diff --git a/jdk/src/share/classes/javax/crypto/KeyAgreement.java b/jdk/src/share/classes/javax/crypto/KeyAgreement.java index 7bebc675cf4..cb85cb57d31 100644 --- a/jdk/src/share/classes/javax/crypto/KeyAgreement.java +++ b/jdk/src/share/classes/javax/crypto/KeyAgreement.java @@ -93,7 +93,7 @@ public class KeyAgreement { // remaining services to try in provider selection // null once provider is selected - private Iterator serviceIterator; + private Iterator serviceIterator; private final Object lock; @@ -112,7 +112,7 @@ public class KeyAgreement { lock = null; } - private KeyAgreement(Service s, Iterator t, String algorithm) { + private KeyAgreement(Service s, Iterator t, String algorithm) { firstService = s; serviceIterator = t; this.algorithm = algorithm; @@ -165,11 +165,12 @@ public class KeyAgreement { */ public static final KeyAgreement getInstance(String algorithm) throws NoSuchAlgorithmException { - List services = GetInstance.getServices("KeyAgreement", algorithm); + List services = + GetInstance.getServices("KeyAgreement", algorithm); // make sure there is at least one service from a signed provider - Iterator t = services.iterator(); + Iterator t = services.iterator(); while (t.hasNext()) { - Service s = (Service)t.next(); + Service s = t.next(); if (JceSecurity.canUseProvider(s.getProvider()) == false) { continue; } @@ -301,7 +302,7 @@ public class KeyAgreement { s = firstService; firstService = null; } else { - s = (Service)serviceIterator.next(); + s = serviceIterator.next(); } if (JceSecurity.canUseProvider(s.getProvider()) == false) { continue; @@ -358,7 +359,7 @@ public class KeyAgreement { s = firstService; firstService = null; } else { - s = (Service)serviceIterator.next(); + s = serviceIterator.next(); } // if provider says it does not support this key, ignore it if (s.supportsParameter(key) == false) { diff --git a/jdk/src/share/classes/javax/crypto/KeyGenerator.java b/jdk/src/share/classes/javax/crypto/KeyGenerator.java index 8358f534376..fee08392998 100644 --- a/jdk/src/share/classes/javax/crypto/KeyGenerator.java +++ b/jdk/src/share/classes/javax/crypto/KeyGenerator.java @@ -127,7 +127,7 @@ public class KeyGenerator { private final Object lock = new Object(); - private Iterator serviceIterator; + private Iterator serviceIterator; private int initType; private int initKeySize; @@ -150,7 +150,8 @@ public class KeyGenerator { private KeyGenerator(String algorithm) throws NoSuchAlgorithmException { this.algorithm = algorithm; - List list = GetInstance.getServices("KeyGenerator", algorithm); + List list = + GetInstance.getServices("KeyGenerator", algorithm); serviceIterator = list.iterator(); initType = I_NONE; // fetch and instantiate initial spi @@ -320,7 +321,7 @@ public class KeyGenerator { return null; } while (serviceIterator.hasNext()) { - Service s = (Service)serviceIterator.next(); + Service s = serviceIterator.next(); if (JceSecurity.canUseProvider(s.getProvider()) == false) { continue; } diff --git a/jdk/src/share/classes/javax/crypto/Mac.java b/jdk/src/share/classes/javax/crypto/Mac.java index b178988beaa..d0e241dc87f 100644 --- a/jdk/src/share/classes/javax/crypto/Mac.java +++ b/jdk/src/share/classes/javax/crypto/Mac.java @@ -95,7 +95,7 @@ public class Mac implements Cloneable { // remaining services to try in provider selection // null once provider is selected - private Iterator serviceIterator; + private Iterator serviceIterator; private final Object lock; @@ -114,7 +114,7 @@ public class Mac implements Cloneable { lock = null; } - private Mac(Service s, Iterator t, String algorithm) { + private Mac(Service s, Iterator t, String algorithm) { firstService = s; serviceIterator = t; this.algorithm = algorithm; @@ -163,11 +163,11 @@ public class Mac implements Cloneable { */ public static final Mac getInstance(String algorithm) throws NoSuchAlgorithmException { - List services = GetInstance.getServices("Mac", algorithm); + List services = GetInstance.getServices("Mac", algorithm); // make sure there is at least one service from a signed provider - Iterator t = services.iterator(); + Iterator t = services.iterator(); while (t.hasNext()) { - Service s = (Service)t.next(); + Service s = t.next(); if (JceSecurity.canUseProvider(s.getProvider()) == false) { continue; } @@ -288,7 +288,7 @@ public class Mac implements Cloneable { s = firstService; firstService = null; } else { - s = (Service)serviceIterator.next(); + s = serviceIterator.next(); } if (JceSecurity.canUseProvider(s.getProvider()) == false) { continue; @@ -331,7 +331,7 @@ public class Mac implements Cloneable { s = firstService; firstService = null; } else { - s = (Service)serviceIterator.next(); + s = serviceIterator.next(); } // if provider says it does not support this key, ignore it if (s.supportsParameter(key) == false) { diff --git a/jdk/src/share/classes/javax/crypto/SealedObject.java b/jdk/src/share/classes/javax/crypto/SealedObject.java index 543c30b759f..9166c28d10c 100644 --- a/jdk/src/share/classes/javax/crypto/SealedObject.java +++ b/jdk/src/share/classes/javax/crypto/SealedObject.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -193,11 +193,11 @@ public class SealedObject implements Serializable { * @exception NullPointerException if the given sealed object is null. */ protected SealedObject(SealedObject so) { - this.encryptedContent = (byte[]) so.encryptedContent.clone(); + this.encryptedContent = so.encryptedContent.clone(); this.sealAlg = so.sealAlg; this.paramsAlg = so.paramsAlg; if (so.encodedParams != null) { - this.encodedParams = (byte[]) so.encodedParams.clone(); + this.encodedParams = so.encodedParams.clone(); } else { this.encodedParams = null; } @@ -353,10 +353,8 @@ public class SealedObject implements Serializable { try { return unseal(key, provider); - } catch (IllegalBlockSizeException ibse) { - throw new InvalidKeyException(ibse.getMessage()); - } catch (BadPaddingException bpe) { - throw new InvalidKeyException(bpe.getMessage()); + } catch (IllegalBlockSizeException | BadPaddingException ex) { + throw new InvalidKeyException(ex.getMessage()); } } @@ -450,9 +448,9 @@ public class SealedObject implements Serializable { { s.defaultReadObject(); if (encryptedContent != null) - encryptedContent = (byte[])encryptedContent.clone(); + encryptedContent = encryptedContent.clone(); if (encodedParams != null) - encodedParams = (byte[])encodedParams.clone(); + encodedParams = encodedParams.clone(); } } @@ -465,7 +463,7 @@ final class extObjectInputStream extends ObjectInputStream { super(in); } - protected Class resolveClass(ObjectStreamClass v) + protected Class resolveClass(ObjectStreamClass v) throws IOException, ClassNotFoundException { diff --git a/jdk/src/share/classes/javax/crypto/SecretKeyFactory.java b/jdk/src/share/classes/javax/crypto/SecretKeyFactory.java index bf32bae08c5..4160147a2b4 100644 --- a/jdk/src/share/classes/javax/crypto/SecretKeyFactory.java +++ b/jdk/src/share/classes/javax/crypto/SecretKeyFactory.java @@ -96,7 +96,7 @@ public class SecretKeyFactory { // remaining services to try in provider selection // null once provider is selected - private Iterator serviceIterator; + private Iterator serviceIterator; /** * Creates a SecretKeyFactory object. @@ -114,7 +114,8 @@ public class SecretKeyFactory { private SecretKeyFactory(String algorithm) throws NoSuchAlgorithmException { this.algorithm = algorithm; - List list = GetInstance.getServices("SecretKeyFactory", algorithm); + List list = + GetInstance.getServices("SecretKeyFactory", algorithm); serviceIterator = list.iterator(); // fetch and instantiate initial spi if (nextSpi(null) == null) { @@ -290,7 +291,7 @@ public class SecretKeyFactory { return null; } while (serviceIterator.hasNext()) { - Service s = (Service)serviceIterator.next(); + Service s = serviceIterator.next(); if (JceSecurity.canUseProvider(s.getProvider()) == false) { continue; } @@ -367,7 +368,7 @@ public class SecretKeyFactory { * (e.g., the given key has an algorithm or format not supported by this * secret-key factory). */ - public final KeySpec getKeySpec(SecretKey key, Class keySpec) + public final KeySpec getKeySpec(SecretKey key, Class keySpec) throws InvalidKeySpecException { if (serviceIterator == null) { return spi.engineGetKeySpec(key, keySpec); diff --git a/jdk/src/share/classes/javax/crypto/SecretKeyFactorySpi.java b/jdk/src/share/classes/javax/crypto/SecretKeyFactorySpi.java index 17acfadbdac..342a5c7ffbd 100644 --- a/jdk/src/share/classes/javax/crypto/SecretKeyFactorySpi.java +++ b/jdk/src/share/classes/javax/crypto/SecretKeyFactorySpi.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -88,7 +88,7 @@ public abstract class SecretKeyFactorySpi { * (e.g., the given key has an algorithm or format not supported by this * secret-key factory). */ - protected abstract KeySpec engineGetKeySpec(SecretKey key, Class keySpec) + protected abstract KeySpec engineGetKeySpec(SecretKey key, Class keySpec) throws InvalidKeySpecException; /** diff --git a/jdk/src/share/classes/javax/crypto/spec/DESKeySpec.java b/jdk/src/share/classes/javax/crypto/spec/DESKeySpec.java index 998bb948862..2d35f0ae1c4 100644 --- a/jdk/src/share/classes/javax/crypto/spec/DESKeySpec.java +++ b/jdk/src/share/classes/javax/crypto/spec/DESKeySpec.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -165,7 +165,7 @@ public class DESKeySpec implements java.security.spec.KeySpec { * each time this method is called. */ public byte[] getKey() { - return (byte[])this.key.clone(); + return this.key.clone(); } /** diff --git a/jdk/src/share/classes/javax/crypto/spec/DESedeKeySpec.java b/jdk/src/share/classes/javax/crypto/spec/DESedeKeySpec.java index 4b84a8516f2..32454deeed7 100644 --- a/jdk/src/share/classes/javax/crypto/spec/DESedeKeySpec.java +++ b/jdk/src/share/classes/javax/crypto/spec/DESedeKeySpec.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -95,7 +95,7 @@ public class DESedeKeySpec implements java.security.spec.KeySpec { * each time this method is called. */ public byte[] getKey() { - return (byte[])this.key.clone(); + return this.key.clone(); } /** diff --git a/jdk/src/share/classes/javax/crypto/spec/IvParameterSpec.java b/jdk/src/share/classes/javax/crypto/spec/IvParameterSpec.java index c14b95a18da..e396c5b45f2 100644 --- a/jdk/src/share/classes/javax/crypto/spec/IvParameterSpec.java +++ b/jdk/src/share/classes/javax/crypto/spec/IvParameterSpec.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -94,6 +94,6 @@ public class IvParameterSpec implements AlgorithmParameterSpec { * each time this method is called. */ public byte[] getIV() { - return (byte[])this.iv.clone(); + return this.iv.clone(); } } diff --git a/jdk/src/share/classes/javax/crypto/spec/PBEKeySpec.java b/jdk/src/share/classes/javax/crypto/spec/PBEKeySpec.java index 7792e33d33f..239231d9dbf 100644 --- a/jdk/src/share/classes/javax/crypto/spec/PBEKeySpec.java +++ b/jdk/src/share/classes/javax/crypto/spec/PBEKeySpec.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -80,7 +80,7 @@ public class PBEKeySpec implements KeySpec { if ((password == null) || (password.length == 0)) { this.password = new char[0]; } else { - this.password = (char[])password.clone(); + this.password = password.clone(); } } @@ -109,7 +109,7 @@ public class PBEKeySpec implements KeySpec { if ((password == null) || (password.length == 0)) { this.password = new char[0]; } else { - this.password = (char[])password.clone(); + this.password = password.clone(); } if (salt == null) { throw new NullPointerException("the salt parameter " + @@ -118,7 +118,7 @@ public class PBEKeySpec implements KeySpec { throw new IllegalArgumentException("the salt parameter " + "must not be empty"); } else { - this.salt = (byte[]) salt.clone(); + this.salt = salt.clone(); } if (iterationCount<=0) { throw new IllegalArgumentException("invalid iterationCount value"); @@ -151,7 +151,7 @@ public class PBEKeySpec implements KeySpec { if ((password == null) || (password.length == 0)) { this.password = new char[0]; } else { - this.password = (char[])password.clone(); + this.password = password.clone(); } if (salt == null) { throw new NullPointerException("the salt parameter " + @@ -160,7 +160,7 @@ public class PBEKeySpec implements KeySpec { throw new IllegalArgumentException("the salt parameter " + "must not be empty"); } else { - this.salt = (byte[]) salt.clone(); + this.salt = salt.clone(); } if (iterationCount<=0) { throw new IllegalArgumentException("invalid iterationCount value"); @@ -196,7 +196,7 @@ public class PBEKeySpec implements KeySpec { if (password == null) { throw new IllegalStateException("password has been cleared"); } - return (char[]) password.clone(); + return password.clone(); } /** @@ -210,7 +210,7 @@ public class PBEKeySpec implements KeySpec { */ public final byte[] getSalt() { if (salt != null) { - return (byte[]) salt.clone(); + return salt.clone(); } else { return null; } diff --git a/jdk/src/share/classes/javax/crypto/spec/PBEParameterSpec.java b/jdk/src/share/classes/javax/crypto/spec/PBEParameterSpec.java index baf3518e582..b33d5bdd1d4 100644 --- a/jdk/src/share/classes/javax/crypto/spec/PBEParameterSpec.java +++ b/jdk/src/share/classes/javax/crypto/spec/PBEParameterSpec.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package javax.crypto.spec; -import java.math.BigInteger; import java.security.spec.AlgorithmParameterSpec; /** @@ -53,7 +52,7 @@ public class PBEParameterSpec implements AlgorithmParameterSpec { * @exception NullPointerException if salt is null. */ public PBEParameterSpec(byte[] salt, int iterationCount) { - this.salt = (byte[])salt.clone(); + this.salt = salt.clone(); this.iterationCount = iterationCount; } @@ -64,7 +63,7 @@ public class PBEParameterSpec implements AlgorithmParameterSpec { * each time this method is called. */ public byte[] getSalt() { - return (byte[])this.salt.clone(); + return this.salt.clone(); } /** diff --git a/jdk/src/share/classes/javax/crypto/spec/PSource.java b/jdk/src/share/classes/javax/crypto/spec/PSource.java index 1c4a5a1ee4f..a3d2efe8930 100644 --- a/jdk/src/share/classes/javax/crypto/spec/PSource.java +++ b/jdk/src/share/classes/javax/crypto/spec/PSource.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,9 +25,6 @@ package javax.crypto.spec; -import java.math.BigInteger; -import java.security.spec.AlgorithmParameterSpec; - /** * This class specifies the source for encoding input P in OAEP Padding, * as defined in the @@ -97,7 +94,7 @@ public class PSource { */ public PSpecified(byte[] p) { super("PSpecified"); - this.p = (byte[]) p.clone(); + this.p = p.clone(); } /** * Returns the value of encoding input P. @@ -105,7 +102,7 @@ public class PSource { * returned each time this method is called. */ public byte[] getValue() { - return (p.length==0? p: (byte[])p.clone()); + return (p.length==0? p: p.clone()); } } } diff --git a/jdk/src/share/classes/javax/crypto/spec/RC2ParameterSpec.java b/jdk/src/share/classes/javax/crypto/spec/RC2ParameterSpec.java index ff62222ce13..766b3176307 100644 --- a/jdk/src/share/classes/javax/crypto/spec/RC2ParameterSpec.java +++ b/jdk/src/share/classes/javax/crypto/spec/RC2ParameterSpec.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -117,7 +117,7 @@ public class RC2ParameterSpec implements AlgorithmParameterSpec { * Returns a new array each time this method is called. */ public byte[] getIV() { - return (iv == null? null:(byte[])iv.clone()); + return (iv == null? null:iv.clone()); } /** diff --git a/jdk/src/share/classes/javax/crypto/spec/RC5ParameterSpec.java b/jdk/src/share/classes/javax/crypto/spec/RC5ParameterSpec.java index 000e629a5a8..7248eefa804 100644 --- a/jdk/src/share/classes/javax/crypto/spec/RC5ParameterSpec.java +++ b/jdk/src/share/classes/javax/crypto/spec/RC5ParameterSpec.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -157,7 +157,7 @@ public class RC5ParameterSpec implements AlgorithmParameterSpec { * Returns a new array each time this method is called. */ public byte[] getIV() { - return (iv == null? null:(byte[])iv.clone()); + return (iv == null? null:iv.clone()); } /** diff --git a/jdk/src/share/classes/javax/crypto/spec/SecretKeySpec.java b/jdk/src/share/classes/javax/crypto/spec/SecretKeySpec.java index 0dc7f277ddf..827be0f5274 100644 --- a/jdk/src/share/classes/javax/crypto/spec/SecretKeySpec.java +++ b/jdk/src/share/classes/javax/crypto/spec/SecretKeySpec.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,8 +25,6 @@ package javax.crypto.spec; -import java.io.UnsupportedEncodingException; -import java.security.Key; import java.security.spec.KeySpec; import javax.crypto.SecretKey; @@ -95,7 +93,7 @@ public class SecretKeySpec implements KeySpec, SecretKey { if (key.length == 0) { throw new IllegalArgumentException("Empty key"); } - this.key = (byte[])key.clone(); + this.key = key.clone(); this.algorithm = algorithm; } @@ -181,7 +179,7 @@ public class SecretKeySpec implements KeySpec, SecretKey { * each time this method is called. */ public byte[] getEncoded() { - return (byte[])this.key.clone(); + return this.key.clone(); } /** diff --git a/jdk/src/share/classes/sun/security/acl/AclEntryImpl.java b/jdk/src/share/classes/sun/security/acl/AclEntryImpl.java index 0397234f96b..79479f2365d 100644 --- a/jdk/src/share/classes/sun/security/acl/AclEntryImpl.java +++ b/jdk/src/share/classes/sun/security/acl/AclEntryImpl.java @@ -25,7 +25,6 @@ package sun.security.acl; import java.util.*; -import java.io.*; import java.security.Principal; import java.security.acl.*; @@ -162,6 +161,7 @@ public class AclEntryImpl implements AclEntry { /** * Clones an AclEntry. */ + @SuppressWarnings("unchecked") // Safe casts assuming clone() works correctly public synchronized Object clone() { AclEntryImpl cloned; cloned = new AclEntryImpl(user); diff --git a/jdk/src/share/classes/sun/security/action/PutAllAction.java b/jdk/src/share/classes/sun/security/action/PutAllAction.java index b58da238f72..d8b17993213 100644 --- a/jdk/src/share/classes/sun/security/action/PutAllAction.java +++ b/jdk/src/share/classes/sun/security/action/PutAllAction.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -41,9 +41,9 @@ import java.security.PrivilegedAction; public class PutAllAction implements PrivilegedAction { private final Provider provider; - private final Map map; + private final Map map; - public PutAllAction(Provider provider, Map map) { + public PutAllAction(Provider provider, Map map) { this.provider = provider; this.map = map; } diff --git a/jdk/src/share/classes/sun/security/ec/ECDSASignature.java b/jdk/src/share/classes/sun/security/ec/ECDSASignature.java index 500a96451b3..0d68225c9b0 100644 --- a/jdk/src/share/classes/sun/security/ec/ECDSASignature.java +++ b/jdk/src/share/classes/sun/security/ec/ECDSASignature.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,10 +25,8 @@ package sun.security.ec; -import java.io.IOException; import java.nio.ByteBuffer; import java.math.BigInteger; -import java.util.Arrays; import java.security.*; import java.security.interfaces.*; @@ -36,7 +34,6 @@ import java.security.spec.*; import sun.security.jca.JCAUtil; import sun.security.util.*; -import sun.security.x509.AlgorithmId; /** * ECDSA signature implementation. This class currently supports the diff --git a/jdk/src/share/classes/sun/security/ec/ECKeyFactory.java b/jdk/src/share/classes/sun/security/ec/ECKeyFactory.java index 1e154f341eb..cd35c91d14b 100644 --- a/jdk/src/share/classes/sun/security/ec/ECKeyFactory.java +++ b/jdk/src/share/classes/sun/security/ec/ECKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -61,7 +61,9 @@ public final class ECKeyFactory extends KeyFactorySpi { public final static Provider ecInternalProvider; static { - final Provider p = new Provider("SunEC-Internal", 1.0d, null) {}; + final Provider p = new Provider("SunEC-Internal", 1.0d, null) { + private static final long serialVersionUID = 970685700309471261L; + }; AccessController.doPrivileged(new PrivilegedAction() { public Void run() { p.put("KeyFactory.EC", "sun.security.ec.ECKeyFactory"); @@ -262,12 +264,12 @@ public final class ECKeyFactory extends KeyFactorySpi { if (key instanceof ECPublicKey) { ECPublicKey ecKey = (ECPublicKey)key; if (ECPublicKeySpec.class.isAssignableFrom(keySpec)) { - return (T) new ECPublicKeySpec( + return keySpec.cast(new ECPublicKeySpec( ecKey.getW(), ecKey.getParams() - ); + )); } else if (X509EncodedKeySpec.class.isAssignableFrom(keySpec)) { - return (T) new X509EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new X509EncodedKeySpec(key.getEncoded())); } else { throw new InvalidKeySpecException ("KeySpec must be ECPublicKeySpec or " @@ -275,13 +277,13 @@ public final class ECKeyFactory extends KeyFactorySpi { } } else if (key instanceof ECPrivateKey) { if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec)) { - return (T) new PKCS8EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded())); } else if (ECPrivateKeySpec.class.isAssignableFrom(keySpec)) { ECPrivateKey ecKey = (ECPrivateKey)key; - return (T) new ECPrivateKeySpec( + return keySpec.cast(new ECPrivateKeySpec( ecKey.getS(), ecKey.getParams() - ); + )); } else { throw new InvalidKeySpecException ("KeySpec must be ECPrivateKeySpec or " diff --git a/jdk/src/share/classes/sun/security/ec/ECParameters.java b/jdk/src/share/classes/sun/security/ec/ECParameters.java index cf6698408bb..9d15995938a 100644 --- a/jdk/src/share/classes/sun/security/ec/ECParameters.java +++ b/jdk/src/share/classes/sun/security/ec/ECParameters.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -326,9 +326,9 @@ public final class ECParameters extends AlgorithmParametersSpi { protected T engineGetParameterSpec(Class spec) throws InvalidParameterSpecException { if (spec.isAssignableFrom(ECParameterSpec.class)) { - return (T)paramSpec; + return spec.cast(paramSpec); } else if (spec.isAssignableFrom(ECGenParameterSpec.class)) { - return (T)new ECGenParameterSpec(getCurveName(paramSpec)); + return spec.cast(new ECGenParameterSpec(getCurveName(paramSpec))); } else { throw new InvalidParameterSpecException ("Only ECParameterSpec and ECGenParameterSpec supported"); diff --git a/jdk/src/share/classes/sun/security/jca/GetInstance.java b/jdk/src/share/classes/sun/security/jca/GetInstance.java index c1d20ea34c6..9a34a85a01f 100644 --- a/jdk/src/share/classes/sun/security/jca/GetInstance.java +++ b/jdk/src/share/classes/sun/security/jca/GetInstance.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -149,7 +149,7 @@ public class GetInstance { * There are overloaded methods for all the permutations. */ - public static Instance getInstance(String type, Class clazz, + public static Instance getInstance(String type, Class clazz, String algorithm) throws NoSuchAlgorithmException { // in the almost all cases, the first service will work // avoid taking long path if so @@ -181,7 +181,7 @@ public class GetInstance { throw failure; } - public static Instance getInstance(String type, Class clazz, + public static Instance getInstance(String type, Class clazz, String algorithm, Object param) throws NoSuchAlgorithmException { List services = getServices(type, algorithm); NoSuchAlgorithmException failure = null; @@ -200,25 +200,25 @@ public class GetInstance { } } - public static Instance getInstance(String type, Class clazz, + public static Instance getInstance(String type, Class clazz, String algorithm, String provider) throws NoSuchAlgorithmException, NoSuchProviderException { return getInstance(getService(type, algorithm, provider), clazz); } - public static Instance getInstance(String type, Class clazz, + public static Instance getInstance(String type, Class clazz, String algorithm, Object param, String provider) throws NoSuchAlgorithmException, NoSuchProviderException { return getInstance(getService(type, algorithm, provider), clazz, param); } - public static Instance getInstance(String type, Class clazz, + public static Instance getInstance(String type, Class clazz, String algorithm, Provider provider) throws NoSuchAlgorithmException { return getInstance(getService(type, algorithm, provider), clazz); } - public static Instance getInstance(String type, Class clazz, + public static Instance getInstance(String type, Class clazz, String algorithm, Object param, Provider provider) throws NoSuchAlgorithmException { return getInstance(getService(type, algorithm, provider), clazz, param); @@ -231,14 +231,14 @@ public class GetInstance { * Signature class. */ - public static Instance getInstance(Service s, Class clazz) + public static Instance getInstance(Service s, Class clazz) throws NoSuchAlgorithmException { Object instance = s.newInstance(null); checkSuperClass(s, instance.getClass(), clazz); return new Instance(s.getProvider(), instance); } - public static Instance getInstance(Service s, Class clazz, + public static Instance getInstance(Service s, Class clazz, Object param) throws NoSuchAlgorithmException { Object instance = s.newInstance(param); checkSuperClass(s, instance.getClass(), clazz); @@ -249,8 +249,8 @@ public class GetInstance { * Check is subClass is a subclass of superClass. If not, * throw a NoSuchAlgorithmException. */ - public static void checkSuperClass(Service s, Class subClass, - Class superClass) throws NoSuchAlgorithmException { + public static void checkSuperClass(Service s, Class subClass, + Class superClass) throws NoSuchAlgorithmException { if (superClass == null) { return; } diff --git a/jdk/src/share/classes/sun/security/jca/ProviderList.java b/jdk/src/share/classes/sun/security/jca/ProviderList.java index 615cba028de..66c8262418f 100644 --- a/jdk/src/share/classes/sun/security/jca/ProviderList.java +++ b/jdk/src/share/classes/sun/security/jca/ProviderList.java @@ -69,6 +69,7 @@ public final class ProviderList { // used to avoid explicit null checks in various places private static final Provider EMPTY_PROVIDER = new Provider("##Empty##", 1.0d, "initialization in progress") { + private static final long serialVersionUID = 1151354171352296389L; // override getService() to return null slightly faster public Service getService(String type, String algorithm) { return null; diff --git a/jdk/src/share/classes/sun/security/jca/Providers.java b/jdk/src/share/classes/sun/security/jca/Providers.java index b9c51bc391e..b0c39bf12d3 100644 --- a/jdk/src/share/classes/sun/security/jca/Providers.java +++ b/jdk/src/share/classes/sun/security/jca/Providers.java @@ -25,10 +25,7 @@ package sun.security.jca; -import java.util.*; - import java.security.Provider; -import java.security.Security; /** * Collection of methods to get and set provider list. Also includes @@ -97,11 +94,11 @@ public class Providers { // sun.security.util.ManifestEntryVerifier and java.security.SecureRandom. public static Provider getSunProvider() { try { - Class clazz = Class.forName(jarVerificationProviders[0]); + Class clazz = Class.forName(jarVerificationProviders[0]); return (Provider)clazz.newInstance(); } catch (Exception e) { try { - Class clazz = Class.forName(BACKUP_PROVIDER_CLASSNAME); + Class clazz = Class.forName(BACKUP_PROVIDER_CLASSNAME); return (Provider)clazz.newInstance(); } catch (Exception ee) { throw new RuntimeException("Sun provider not found", e); diff --git a/jdk/src/share/classes/sun/security/jgss/GSSUtil.java b/jdk/src/share/classes/sun/security/jgss/GSSUtil.java index 1e7da082efd..f2d9f376d80 100644 --- a/jdk/src/share/classes/sun/security/jgss/GSSUtil.java +++ b/jdk/src/share/classes/sun/security/jgss/GSSUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -316,24 +316,25 @@ public class GSSUtil { * no Subject present or a Vector which contains 0 or more * matching GSSCredentialSpi objects. */ - public static Vector searchSubject(final GSSNameSpi name, - final Oid mech, - final boolean initiate, - final Class credCls) { + public static Vector + searchSubject(final GSSNameSpi name, + final Oid mech, + final boolean initiate, + final Class credCls) { debug("Search Subject for " + getMechStr(mech) + (initiate? " INIT" : " ACCEPT") + " cred (" + (name == null? "<>" : name.toString()) + ", " + credCls.getName() + ")"); final AccessControlContext acc = AccessController.getContext(); try { - Vector creds = + Vector creds = AccessController.doPrivileged - (new PrivilegedExceptionAction() { - public Vector run() throws Exception { + (new PrivilegedExceptionAction>() { + public Vector run() throws Exception { Subject accSubj = Subject.getSubject(acc); - Vector result = null; + Vector result = null; if (accSubj != null) { - result = new Vector(); + result = new Vector(); Iterator iterator = accSubj.getPrivateCredentials (GSSCredentialImpl.class).iterator(); @@ -347,7 +348,7 @@ public class GSSUtil { if (ce.getClass().equals(credCls) && (name == null || name.equals((Object) ce.getName()))) { - result.add(ce); + result.add(credCls.cast(ce)); } else { debug("......Discard element"); } diff --git a/jdk/src/share/classes/sun/security/jgss/krb5/CipherHelper.java b/jdk/src/share/classes/sun/security/jgss/krb5/CipherHelper.java index 51172cad3b8..c637b0169d9 100644 --- a/jdk/src/share/classes/sun/security/jgss/krb5/CipherHelper.java +++ b/jdk/src/share/classes/sun/security/jgss/krb5/CipherHelper.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -139,6 +139,7 @@ class CipherHelper { return flag; } + @SuppressWarnings("fallthrough") byte[] calculateChecksum(int alg, byte[] header, byte[] trailer, byte[] data, int start, int len, int tokenId) throws GSSException { @@ -1265,7 +1266,7 @@ class CipherHelper { // Note: When using this RC4 based encryption type, the sequence number // is always sent in big-endian rather than little-endian order. byte[] seqNum = new byte[4]; - token.writeBigEndian(token.getSequenceNumber(), seqNum); + WrapToken.writeBigEndian(token.getSequenceNumber(), seqNum); // Krb5Token.debug("\narcFourEncrypt:" + Krb5Token.getHexBytes(all)); diff --git a/jdk/src/share/classes/sun/security/jgss/krb5/Krb5Context.java b/jdk/src/share/classes/sun/security/jgss/krb5/Krb5Context.java index 85706019bd3..3b6467d377a 100644 --- a/jdk/src/share/classes/sun/security/jgss/krb5/Krb5Context.java +++ b/jdk/src/share/classes/sun/security/jgss/krb5/Krb5Context.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1310,6 +1310,8 @@ class Krb5Context implements GSSContextSpi { * The session key returned by inquireSecContext(KRB5_INQ_SSPI_SESSION_KEY) */ static class KerberosSessionKey implements Key { + private static final long serialVersionUID = 699307378954123869L; + private final EncryptionKey key; KerberosSessionKey(EncryptionKey key) { diff --git a/jdk/src/share/classes/sun/security/jgss/krb5/Krb5Util.java b/jdk/src/share/classes/sun/security/jgss/krb5/Krb5Util.java index c51138823b9..28df9520411 100644 --- a/jdk/src/share/classes/sun/security/jgss/krb5/Krb5Util.java +++ b/jdk/src/share/classes/sun/security/jgss/krb5/Krb5Util.java @@ -193,6 +193,8 @@ public class Krb5Util { // Each time new keys are read from KeyTab objects in the private // credentials set, old ones are removed and new ones added. public static class KeysFromKeyTab extends KerberosKey { + private static final long serialVersionUID = 8238092170252746927L; + public KeysFromKeyTab(KerberosKey key) { super(key.getPrincipal(), key.getEncoded(), key.getKeyType(), key.getVersionNumber()); diff --git a/jdk/src/share/classes/sun/security/jgss/krb5/MessageToken.java b/jdk/src/share/classes/sun/security/jgss/krb5/MessageToken.java index 1507df828bf..5763fd102d8 100644 --- a/jdk/src/share/classes/sun/security/jgss/krb5/MessageToken.java +++ b/jdk/src/share/classes/sun/security/jgss/krb5/MessageToken.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,12 +27,10 @@ package sun.security.jgss.krb5; import org.ietf.jgss.*; import sun.security.jgss.*; -import sun.security.krb5.*; import java.io.InputStream; import java.io.OutputStream; import java.io.IOException; import java.io.ByteArrayInputStream; -import java.security.GeneralSecurityException; import java.security.MessageDigest; /** @@ -184,7 +182,7 @@ abstract class MessageToken extends Krb5Token { try { gssHeader = new GSSHeader(is); - if (!gssHeader.getOid().equals(OID)) { + if (!gssHeader.getOid().equals((Object)OID)) { throw new GSSException(GSSException.DEFECTIVE_TOKEN, -1, getTokenName(tokenId)); } diff --git a/jdk/src/share/classes/sun/security/jgss/krb5/SubjectComber.java b/jdk/src/share/classes/sun/security/jgss/krb5/SubjectComber.java index c7269cb874f..65ff9462bf9 100644 --- a/jdk/src/share/classes/sun/security/jgss/krb5/SubjectComber.java +++ b/jdk/src/share/classes/sun/security/jgss/krb5/SubjectComber.java @@ -56,15 +56,17 @@ class SubjectComber { static T find(Subject subject, String serverPrincipal, String clientPrincipal, Class credClass) { - return (T)findAux(subject, serverPrincipal, clientPrincipal, credClass, - true); + // findAux returns T if oneOnly. + return credClass.cast(findAux(subject, serverPrincipal, + clientPrincipal, credClass, true)); } + @SuppressWarnings("unchecked") // findAux returns List if !oneOnly. static List findMany(Subject subject, String serverPrincipal, String clientPrincipal, Class credClass) { - return (List)findAux(subject, serverPrincipal, clientPrincipal, credClass, - false); + return (List)findAux(subject, serverPrincipal, clientPrincipal, + credClass, false); } /** @@ -73,6 +75,7 @@ class SubjectComber { * * @return the private credentials */ + // Returns T if oneOnly and List if !oneOnly. private static Object findAux(Subject subject, String serverPrincipal, String clientPrincipal, Class credClass, boolean oneOnly) { @@ -98,11 +101,11 @@ class SubjectComber { } } else if (credClass == KerberosKey.class) { // We are looking for credentials for the serverPrincipal - Iterator iterator = - subject.getPrivateCredentials(credClass).iterator(); + Iterator iterator = + subject.getPrivateCredentials(KerberosKey.class).iterator(); while (iterator.hasNext()) { - T t = iterator.next(); - String name = ((KerberosKey)t).getPrincipal().getName(); + KerberosKey t = iterator.next(); + String name = t.getPrincipal().getName(); if (serverPrincipal == null || serverPrincipal.equals(name)) { if (DEBUG) { System.out.println("Found " + @@ -116,7 +119,7 @@ class SubjectComber { // belong to the same principal serverPrincipal = name; } - answer.add(t); + answer.add(credClass.cast(t)); } } } @@ -129,6 +132,7 @@ class SubjectComber { while (iterator.hasNext()) { Object obj = iterator.next(); if (obj instanceof KerberosTicket) { + @SuppressWarnings("unchecked") KerberosTicket ticket = (KerberosTicket)obj; if (DEBUG) { System.out.println("Found ticket for " @@ -180,7 +184,7 @@ class SubjectComber { serverPrincipal = ticket.getServer().getName(); } - answer.add((T)ticket); + answer.add(credClass.cast(ticket)); } } } diff --git a/jdk/src/share/classes/sun/security/jgss/spnego/SpNegoContext.java b/jdk/src/share/classes/sun/security/jgss/spnego/SpNegoContext.java index 5181a3c3d03..849737a98b0 100644 --- a/jdk/src/share/classes/sun/security/jgss/spnego/SpNegoContext.java +++ b/jdk/src/share/classes/sun/security/jgss/spnego/SpNegoContext.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1016,7 +1016,7 @@ public class SpNegoContext implements GSSContextSpi { // get the peer name for the mechanism if (mechContext != null) { GSSNameImpl targName = (GSSNameImpl)mechContext.getTargName(); - peerName = (GSSNameSpi) targName.getElement(internal_mech); + peerName = targName.getElement(internal_mech); return peerName; } else { if (DEBUG) { @@ -1032,7 +1032,7 @@ public class SpNegoContext implements GSSContextSpi { // get the src name for the mechanism if (mechContext != null) { GSSNameImpl srcName = (GSSNameImpl)mechContext.getSrcName(); - myName = (GSSNameSpi) srcName.getElement(internal_mech); + myName = srcName.getElement(internal_mech); return myName; } else { if (DEBUG) { @@ -1064,8 +1064,8 @@ public class SpNegoContext implements GSSContextSpi { if (delegCred.getUsage() == GSSCredential.INITIATE_ONLY) { initiate = true; } - GSSCredentialSpi mechCred = (GSSCredentialSpi) - delegCred.getElement(internal_mech, initiate); + GSSCredentialSpi mechCred = + delegCred.getElement(internal_mech, initiate); SpNegoCredElement cred = new SpNegoCredElement(mechCred); return cred.getInternalCred(); } else { diff --git a/jdk/src/share/classes/sun/security/jgss/wrapper/NativeGSSFactory.java b/jdk/src/share/classes/sun/security/jgss/wrapper/NativeGSSFactory.java index 02556a838f0..89012727989 100644 --- a/jdk/src/share/classes/sun/security/jgss/wrapper/NativeGSSFactory.java +++ b/jdk/src/share/classes/sun/security/jgss/wrapper/NativeGSSFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -113,8 +113,7 @@ public final class NativeGSSFactory implements MechanismFactory { } GSSCredElement credElement = - getCredFromSubject((GSSNameElement) nname, - (usage == GSSCredential.INITIATE_ONLY)); + getCredFromSubject(nname, (usage == GSSCredential.INITIATE_ONLY)); if (credElement == null) { // No cred in the Subject diff --git a/jdk/src/share/classes/sun/security/jgss/wrapper/SunNativeProvider.java b/jdk/src/share/classes/sun/security/jgss/wrapper/SunNativeProvider.java index f9c36b23580..94edd11e702 100644 --- a/jdk/src/share/classes/sun/security/jgss/wrapper/SunNativeProvider.java +++ b/jdk/src/share/classes/sun/security/jgss/wrapper/SunNativeProvider.java @@ -52,7 +52,7 @@ public final class SunNativeProvider extends Provider { "sun.security.jgss.wrapper.NativeGSSFactory"; private static final String LIB_PROP = "sun.security.jgss.lib"; private static final String DEBUG_PROP = "sun.security.nativegss.debug"; - private static HashMap MECH_MAP; + private static HashMap MECH_MAP; static final Provider INSTANCE = new SunNativeProvider(); static boolean DEBUG; static void debug(String message) { @@ -66,8 +66,9 @@ public final class SunNativeProvider extends Provider { static { MECH_MAP = - AccessController.doPrivileged(new PrivilegedAction() { - public HashMap run() { + AccessController.doPrivileged( + new PrivilegedAction>() { + public HashMap run() { DEBUG = Boolean.parseBoolean (System.getProperty(DEBUG_PROP)); try { diff --git a/jdk/src/share/classes/sun/security/krb5/Checksum.java b/jdk/src/share/classes/sun/security/krb5/Checksum.java index 0474195194e..4cc58204963 100644 --- a/jdk/src/share/classes/sun/security/krb5/Checksum.java +++ b/jdk/src/share/classes/sun/security/krb5/Checksum.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -199,7 +199,7 @@ public class Checksum { if (cksumType != cksum.cksumType) return false; CksumType cksumEngine = CksumType.getInstance(cksumType); - return cksumEngine.isChecksumEqual(checksum, cksum.checksum); + return CksumType.isChecksumEqual(checksum, cksum.checksum); } /** diff --git a/jdk/src/share/classes/sun/security/krb5/Config.java b/jdk/src/share/classes/sun/security/krb5/Config.java index 2ec4e12bd71..ff4ae844650 100644 --- a/jdk/src/share/classes/sun/security/krb5/Config.java +++ b/jdk/src/share/classes/sun/security/krb5/Config.java @@ -45,7 +45,6 @@ import java.net.UnknownHostException; import java.util.List; import sun.net.dns.ResolverConfiguration; import sun.security.krb5.internal.crypto.EType; -import sun.security.krb5.internal.ktab.*; import sun.security.krb5.internal.Krb5; /** @@ -233,15 +232,18 @@ public class Config { * @return the value found in config file, returns null if no value * matched with the key is found. */ - private String getDefault(String k, Hashtable t) { + private String getDefault(String k, Hashtable t) { String result = null; String key; if (stanzaTable != null) { - for (Enumeration e = t.keys(); e.hasMoreElements(); ) { - key = (String)e.nextElement(); + for (Enumeration e = t.keys(); e.hasMoreElements(); ) { + key = e.nextElement(); Object ob = t.get(key); if (ob instanceof Hashtable) { - result = getDefault(k, (Hashtable)ob); + @SuppressWarnings("unchecked") // Checked with an instanceof check + Hashtable table = + (Hashtable)ob; + result = getDefault(k, table); if (result != null) { return result; } @@ -276,15 +278,20 @@ public class Config { * @param section the name of the section. * @return the default value, null is returned if it cannot be found. */ + // stanzaTable leads to a lot of unchecked casts since its value type is + // STANZATABLE = String | Hashtable + @SuppressWarnings("unchecked") public String getDefault(String name, String section) { String stanzaName; String result = null; - Hashtable subTable; + Hashtable subTable; if (stanzaTable != null) { - for (Enumeration e = stanzaTable.keys(); e.hasMoreElements(); ) { - stanzaName = (String)e.nextElement(); - subTable = (Hashtable)stanzaTable.get(stanzaName); + for (Enumeration e = stanzaTable.keys(); + e.hasMoreElements(); ) { + stanzaName = e.nextElement(); + subTable = (Hashtable) + stanzaTable.get(stanzaName); if (stanzaName.equalsIgnoreCase(section)) { if (subTable.containsKey(name)) { return (String)(subTable.get(name)); @@ -292,7 +299,8 @@ public class Config { } else if (subTable.containsKey(section)) { Object ob = subTable.get(section); if (ob instanceof Hashtable) { - Hashtable temp = (Hashtable)ob; + Hashtable temp = + (Hashtable)ob; if (temp.containsKey(name)) { Object object = temp.get(name); if (object instanceof Vector) { @@ -819,10 +827,10 @@ public class Config { /** * Compares the key with the known keys to see if it exists. */ - private boolean exists(String key, Vector v) { + private boolean exists(String key, Vector v) { boolean exists = false; for (int i = 0; i < v.size(); i++) { - if (((String)(v.elementAt(i))).equals(key)) { + if (v.elementAt(i).equals(key)) { exists = true; } } @@ -837,12 +845,15 @@ public class Config { listTable(stanzaTable); } - private void listTable(Hashtable table) { - Vector v = new Vector(); + // stanzaTable leads to a lot of unchecked casts since its value type is + // STANZATABLE = String | Hashtable + @SuppressWarnings("unchecked") + private void listTable(Hashtable table) { + Vector v = new Vector(); String key; if (stanzaTable != null) { - for (Enumeration e = table.keys(); e.hasMoreElements(); ) { - key = (String)e.nextElement(); + for (Enumeration e = table.keys(); e.hasMoreElements(); ) { + key = e.nextElement(); Object object = table.get(key); if (table == stanzaTable) { System.out.println("[" + key + "]"); @@ -850,7 +861,7 @@ public class Config { if (object instanceof Hashtable) { if (table != stanzaTable) System.out.println("\t" + key + " = {"); - listTable((Hashtable)object); + listTable((Hashtable)object); if (table != stanzaTable) System.out.println("\t}"); @@ -858,10 +869,9 @@ public class Config { System.out.println("\t" + key + " = " + (String)table.get(key)); } else if (object instanceof Vector) { - v = (Vector)object; + v = (Vector)object; for (int i = 0; i < v.size(); i++) { - System.out.println("\t" + key + " = " + - (String)v.elementAt(i)); + System.out.println("\t" + key + " = " + v.elementAt(i)); } } } @@ -906,7 +916,7 @@ public class Config { ls.add(type); } } - if (ls.size() == 0) { + if (ls.isEmpty()) { if (DEBUG) { System.out.println( "no supported default etypes for " + enctypes); @@ -1296,7 +1306,7 @@ public class Config { sb.append(obj); sb.append('\n'); } else if (obj instanceof Hashtable) { - Hashtable tab = (Hashtable)obj; + Hashtable tab = (Hashtable)obj; for (Object o: tab.keySet()) { sb.append(prefix); sb.append(o); @@ -1305,7 +1315,7 @@ public class Config { sb.append(prefix + "}\n"); } } else if (obj instanceof Vector) { - Vector v = (Vector)obj; + Vector v = (Vector)obj; for (Object o: v.toArray()) { toStringIndented(prefix + " ", o, sb); } diff --git a/jdk/src/share/classes/sun/security/krb5/KrbServiceLocator.java b/jdk/src/share/classes/sun/security/krb5/KrbServiceLocator.java index f4dddc1a8fa..fa557c3507d 100644 --- a/jdk/src/share/classes/sun/security/krb5/KrbServiceLocator.java +++ b/jdk/src/share/classes/sun/security/krb5/KrbServiceLocator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,12 +26,9 @@ package sun.security.krb5; import java.util.Arrays; -import java.util.Enumeration; import java.util.Hashtable; -import java.util.NoSuchElementException; import java.util.Random; import java.util.StringTokenizer; -import java.util.List; import javax.naming.*; import javax.naming.directory.*; @@ -80,7 +77,7 @@ class KrbServiceLocator { // the initial context constructor. This avoids having the initial // context constructor call itself (when processing the URL // argument in the getAttributes call). - Context ctx = NamingManager.getURLContext("dns", new Hashtable(0)); + Context ctx = NamingManager.getURLContext("dns", new Hashtable<>(0)); if (!(ctx instanceof DirContext)) { return null; // cannot create a DNS context } @@ -141,7 +138,7 @@ class KrbServiceLocator { // the initial context constructor. This avoids having the initial // context constructor call itself (when processing the URL // argument in the getAttributes call). - Context ctx = NamingManager.getURLContext("dns", new Hashtable(0)); + Context ctx = NamingManager.getURLContext("dns", new Hashtable<>(0)); if (!(ctx instanceof DirContext)) { return null; // cannot create a DNS context } @@ -263,7 +260,7 @@ class KrbServiceLocator { * See http://www.ietf.org/rfc/rfc2782.txt */ -static class SrvRecord implements Comparable { +static class SrvRecord implements Comparable { int priority; int weight; @@ -295,8 +292,7 @@ static class SrvRecord implements Comparable { * Sort records in ascending order of priority value. For records with * equal priority move those with weight 0 to the top of the list. */ - public int compareTo(Object o) { - SrvRecord that = (SrvRecord) o; + public int compareTo(SrvRecord that) { if (priority > that.priority) { return 1; // this > that } else if (priority < that.priority) { diff --git a/jdk/src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java b/jdk/src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java index f9b901f8251..803d0ae1436 100644 --- a/jdk/src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java +++ b/jdk/src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java @@ -69,9 +69,9 @@ public class FileCredentialsCache extends CredentialsCache try { FileCredentialsCache fcc = new FileCredentialsCache(); if (cache == null) { - cacheName = fcc.getDefaultCacheName(); + cacheName = FileCredentialsCache.getDefaultCacheName(); } else { - cacheName = fcc.checkValidation(cache); + cacheName = FileCredentialsCache.checkValidation(cache); } if ((cacheName == null) || !(new File(cacheName)).exists()) { // invalid cache name or the file doesn't exist @@ -105,7 +105,7 @@ public class FileCredentialsCache extends CredentialsCache String name) { try { FileCredentialsCache fcc = new FileCredentialsCache(); - cacheName = fcc.checkValidation(name); + cacheName = FileCredentialsCache.checkValidation(name); if (cacheName == null) { // invalid cache name or the file doesn't exist return null; @@ -123,7 +123,7 @@ public class FileCredentialsCache extends CredentialsCache static synchronized FileCredentialsCache New(PrincipalName principal) { try { FileCredentialsCache fcc = new FileCredentialsCache(); - cacheName = fcc.getDefaultCacheName(); + cacheName = FileCredentialsCache.getDefaultCacheName(); fcc.init(principal, cacheName); return fcc; } diff --git a/jdk/src/share/classes/sun/security/pkcs/ContentInfo.java b/jdk/src/share/classes/sun/security/pkcs/ContentInfo.java index 2eb1b03f36d..bc78d0f1c0d 100644 --- a/jdk/src/share/classes/sun/security/pkcs/ContentInfo.java +++ b/jdk/src/share/classes/sun/security/pkcs/ContentInfo.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -163,9 +163,9 @@ public class ContentInfo { } public byte[] getData() throws IOException { - if (contentType.equals(DATA_OID) || - contentType.equals(OLD_DATA_OID) || - contentType.equals(TIMESTAMP_TOKEN_INFO_OID)) { + if (contentType.equals((Object)DATA_OID) || + contentType.equals((Object)OLD_DATA_OID) || + contentType.equals((Object)TIMESTAMP_TOKEN_INFO_OID)) { if (content == null) return null; else diff --git a/jdk/src/share/classes/sun/security/pkcs/PKCS10.java b/jdk/src/share/classes/sun/security/pkcs/PKCS10.java index a1c0b9f4aba..6303c8b9adf 100644 --- a/jdk/src/share/classes/sun/security/pkcs/PKCS10.java +++ b/jdk/src/share/classes/sun/security/pkcs/PKCS10.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2002, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,7 +26,6 @@ package sun.security.pkcs; -import java.io.ByteArrayOutputStream; import java.io.PrintStream; import java.io.IOException; import java.math.BigInteger; @@ -225,7 +224,7 @@ public class PKCS10 { */ AlgorithmId algId = null; try { - algId = AlgorithmId.getAlgorithmId(signature.getAlgorithm()); + algId = AlgorithmId.get(signature.getAlgorithm()); } catch (NoSuchAlgorithmException nsae) { throw new SignatureException(nsae); } diff --git a/jdk/src/share/classes/sun/security/pkcs/PKCS7.java b/jdk/src/share/classes/sun/security/pkcs/PKCS7.java index 54e52151256..4cdf35dba0e 100644 --- a/jdk/src/share/classes/sun/security/pkcs/PKCS7.java +++ b/jdk/src/share/classes/sun/security/pkcs/PKCS7.java @@ -153,12 +153,13 @@ public class PKCS7 { contentType = contentInfo.contentType; DerValue content = contentInfo.getContent(); - if (contentType.equals(ContentInfo.SIGNED_DATA_OID)) { + if (contentType.equals((Object)ContentInfo.SIGNED_DATA_OID)) { parseSignedData(content); - } else if (contentType.equals(ContentInfo.OLD_SIGNED_DATA_OID)) { + } else if (contentType.equals((Object)ContentInfo.OLD_SIGNED_DATA_OID)) { // This is for backwards compatibility with JDK 1.1.x parseOldSignedData(content); - } else if (contentType.equals(ContentInfo.NETSCAPE_CERT_SEQUENCE_OID)){ + } else if (contentType.equals((Object) + ContentInfo.NETSCAPE_CERT_SEQUENCE_OID)){ parseNetscapeCertChain(content); } else { throw new ParsingException("content type " + contentType + @@ -477,9 +478,7 @@ public class PKCS7 { byte[] encoded = certificates[i].getEncoded(); implCerts[i] = new X509CertImpl(encoded); } catch (CertificateException ce) { - IOException ie = new IOException(ce.getMessage()); - ie.initCause(ce); - throw ie; + throw new IOException(ce); } } } @@ -501,9 +500,7 @@ public class PKCS7 { byte[] encoded = crl.getEncoded(); implCRLs.add(new X509CRLImpl(encoded)); } catch (CRLException ce) { - IOException ie = new IOException(ce.getMessage()); - ie.initCause(ce); - throw ie; + throw new IOException(ce); } } } @@ -562,7 +559,7 @@ public class PKCS7 { intResult.addElement(signerInfo); } } - if (intResult.size() != 0) { + if (!intResult.isEmpty()) { SignerInfo[] result = new SignerInfo[intResult.size()]; intResult.copyInto(result); diff --git a/jdk/src/share/classes/sun/security/pkcs/PKCS8Key.java b/jdk/src/share/classes/sun/security/pkcs/PKCS8Key.java index 6405c9fc933..c53b421da66 100644 --- a/jdk/src/share/classes/sun/security/pkcs/PKCS8Key.java +++ b/jdk/src/share/classes/sun/security/pkcs/PKCS8Key.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -208,7 +208,7 @@ public class PKCS8Key implements PrivateKey { throw new InstantiationException(); } - Class keyClass = null; + Class keyClass = null; try { keyClass = Class.forName(classname); } catch (ClassNotFoundException e) { @@ -342,9 +342,9 @@ public class PKCS8Key implements PrivateKey { BigInteger version = val.data.getBigInteger(); - if (!version.equals(this.version)) { + if (!version.equals(PKCS8Key.version)) { throw new IOException("version mismatch: (supported: " + - Debug.toHexString(this.version) + + Debug.toHexString(PKCS8Key.version) + ", parsed: " + Debug.toHexString(version)); } diff --git a/jdk/src/share/classes/sun/security/pkcs/PKCS9Attribute.java b/jdk/src/share/classes/sun/security/pkcs/PKCS9Attribute.java index fb1862f6adb..64ead04d305 100644 --- a/jdk/src/share/classes/sun/security/pkcs/PKCS9Attribute.java +++ b/jdk/src/share/classes/sun/security/pkcs/PKCS9Attribute.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -320,11 +320,11 @@ public class PKCS9Attribute implements DerEncoder { {new Byte(DerValue.tag_Sequence)} // SignatureTimestampToken }; - private static final Class[] VALUE_CLASSES = new Class[18]; + private static final Class[] VALUE_CLASSES = new Class[18]; static { try { - Class str = Class.forName("[Ljava.lang.String;"); + Class str = Class.forName("[Ljava.lang.String;"); VALUE_CLASSES[0] = null; // not used VALUE_CLASSES[1] = str; // EMailAddress diff --git a/jdk/src/share/classes/sun/security/pkcs/SignerInfo.java b/jdk/src/share/classes/sun/security/pkcs/SignerInfo.java index 93fab9df4e0..c04b05ffdec 100644 --- a/jdk/src/share/classes/sun/security/pkcs/SignerInfo.java +++ b/jdk/src/share/classes/sun/security/pkcs/SignerInfo.java @@ -36,7 +36,6 @@ import sun.security.util.*; import sun.security.x509.AlgorithmId; import sun.security.x509.X500Name; import sun.security.x509.KeyUsageExtension; -import sun.security.x509.PKIXExtensions; import sun.misc.HexDumpEncoder; /** @@ -300,7 +299,7 @@ public class SignerInfo implements DerEncoder { authenticatedAttributes.getAttributeValue( PKCS9Attribute.CONTENT_TYPE_OID); if (contentType == null || - !contentType.equals(content.contentType)) + !contentType.equals((Object)content.contentType)) return null; // contentType does not match, bad SignerInfo // now, check message digest @@ -371,11 +370,11 @@ public class SignerInfo implements DerEncoder { + "extension"); } - boolean digSigAllowed = ((Boolean)keyUsage.get( - KeyUsageExtension.DIGITAL_SIGNATURE)).booleanValue(); + boolean digSigAllowed = keyUsage.get( + KeyUsageExtension.DIGITAL_SIGNATURE).booleanValue(); - boolean nonRepuAllowed = ((Boolean)keyUsage.get( - KeyUsageExtension.NON_REPUDIATION)).booleanValue(); + boolean nonRepuAllowed = keyUsage.get( + KeyUsageExtension.NON_REPUDIATION).booleanValue(); if (!digSigAllowed && !nonRepuAllowed) { throw new SignatureException("Key usage restricted: " diff --git a/jdk/src/share/classes/sun/security/pkcs11/Config.java b/jdk/src/share/classes/sun/security/pkcs11/Config.java index 46a0075c5b9..dbed2cf8f4c 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/Config.java +++ b/jdk/src/share/classes/sun/security/pkcs11/Config.java @@ -552,12 +552,13 @@ final class Config { private boolean parseBoolean() throws IOException { String val = parseWord(); - if (val.equals("true")) { - return true; - } else if (val.equals("false")) { - return false; - } else { - throw excToken("Expected boolean value, read:"); + switch (val) { + case "true": + return true; + case "false": + return false; + default: + throw excToken("Expected boolean value, read:"); } } @@ -886,14 +887,15 @@ final class Config { private String parseOperation() throws IOException { String op = parseWord(); - if (op.equals("*")) { - return TemplateManager.O_ANY; - } else if (op.equals("generate")) { - return TemplateManager.O_GENERATE; - } else if (op.equals("import")) { - return TemplateManager.O_IMPORT; - } else { - throw excLine("Unknown operation " + op); + switch (op) { + case "*": + return TemplateManager.O_ANY; + case "generate": + return TemplateManager.O_GENERATE; + case "import": + return TemplateManager.O_IMPORT; + default: + throw excLine("Unknown operation " + op); } } @@ -978,6 +980,7 @@ final class Config { } class ConfigurationException extends IOException { + private static final long serialVersionUID = 254492758807673194L; ConfigurationException(String msg) { super(msg); } diff --git a/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java b/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java index 5257859e30e..b6e37882484 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java +++ b/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java @@ -258,7 +258,7 @@ final class P11Cipher extends CipherSpi { // see JCE spec protected byte[] engineGetIV() { - return (iv == null) ? null : (byte[]) iv.clone(); + return (iv == null) ? null : iv.clone(); } // see JCE spec @@ -315,7 +315,7 @@ final class P11Cipher extends CipherSpi { byte[] ivValue; if (params != null) { try { - IvParameterSpec ivSpec = (IvParameterSpec) + IvParameterSpec ivSpec = params.getParameterSpec(IvParameterSpec.class); ivValue = ivSpec.getIV(); } catch (InvalidParameterSpecException e) { diff --git a/jdk/src/share/classes/sun/security/pkcs11/P11DHKeyFactory.java b/jdk/src/share/classes/sun/security/pkcs11/P11DHKeyFactory.java index 3c4c024f4f0..03a74b83369 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/P11DHKeyFactory.java +++ b/jdk/src/share/classes/sun/security/pkcs11/P11DHKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -212,8 +212,8 @@ final class P11DHKeyFactory extends P11KeyFactory { } } - KeySpec implGetPublicKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + T implGetPublicKeySpec(P11Key key, Class keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (DHPublicKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -227,15 +227,15 @@ final class P11DHKeyFactory extends P11KeyFactory { attributes[1].getBigInteger(), attributes[2].getBigInteger() ); - return spec; + return keySpec.cast(spec); } else { // X.509 handled in superclass throw new InvalidKeySpecException("Only DHPublicKeySpec and " + "X509EncodedKeySpec supported for DH public keys"); } } - KeySpec implGetPrivateKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + T implGetPrivateKeySpec(P11Key key, Class keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (DHPrivateKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -249,7 +249,7 @@ final class P11DHKeyFactory extends P11KeyFactory { attributes[1].getBigInteger(), attributes[2].getBigInteger() ); - return spec; + return keySpec.cast(spec); } else { // PKCS#8 handled in superclass throw new InvalidKeySpecException("Only DHPrivateKeySpec " + "and PKCS8EncodedKeySpec supported for DH private keys"); diff --git a/jdk/src/share/classes/sun/security/pkcs11/P11DSAKeyFactory.java b/jdk/src/share/classes/sun/security/pkcs11/P11DSAKeyFactory.java index 1c71667a7d2..c7577b002b5 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/P11DSAKeyFactory.java +++ b/jdk/src/share/classes/sun/security/pkcs11/P11DSAKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -208,8 +208,8 @@ final class P11DSAKeyFactory extends P11KeyFactory { } } - KeySpec implGetPublicKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + T implGetPublicKeySpec(P11Key key, Class keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (DSAPublicKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -225,15 +225,15 @@ final class P11DSAKeyFactory extends P11KeyFactory { attributes[2].getBigInteger(), attributes[3].getBigInteger() ); - return spec; + return keySpec.cast(spec); } else { // X.509 handled in superclass throw new InvalidKeySpecException("Only DSAPublicKeySpec and " + "X509EncodedKeySpec supported for DSA public keys"); } } - KeySpec implGetPrivateKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + T implGetPrivateKeySpec(P11Key key, Class keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (DSAPrivateKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -249,7 +249,7 @@ final class P11DSAKeyFactory extends P11KeyFactory { attributes[2].getBigInteger(), attributes[3].getBigInteger() ); - return spec; + return keySpec.cast(spec); } else { // PKCS#8 handled in superclass throw new InvalidKeySpecException("Only DSAPrivateKeySpec " + "and PKCS8EncodedKeySpec supported for DSA private keys"); diff --git a/jdk/src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java b/jdk/src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java index 08c0768108e..d44231a6bf2 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java +++ b/jdk/src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -253,8 +253,8 @@ final class P11ECKeyFactory extends P11KeyFactory { } } - KeySpec implGetPublicKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + T implGetPublicKeySpec(P11Key key, Class keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (ECPublicKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -265,7 +265,7 @@ final class P11ECKeyFactory extends P11KeyFactory { try { ECParameterSpec params = decodeParameters(attributes[1].getByteArray()); ECPoint point = decodePoint(attributes[0].getByteArray(), params.getCurve()); - return new ECPublicKeySpec(point, params); + return keySpec.cast(new ECPublicKeySpec(point, params)); } catch (IOException e) { throw new InvalidKeySpecException("Could not parse key", e); } @@ -275,8 +275,8 @@ final class P11ECKeyFactory extends P11KeyFactory { } } - KeySpec implGetPrivateKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + T implGetPrivateKeySpec(P11Key key, Class keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (ECPrivateKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -286,7 +286,8 @@ final class P11ECKeyFactory extends P11KeyFactory { token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes); try { ECParameterSpec params = decodeParameters(attributes[1].getByteArray()); - return new ECPrivateKeySpec(attributes[0].getBigInteger(), params); + return keySpec.cast( + new ECPrivateKeySpec(attributes[0].getBigInteger(), params)); } catch (IOException e) { throw new InvalidKeySpecException("Could not parse key", e); } diff --git a/jdk/src/share/classes/sun/security/pkcs11/P11Key.java b/jdk/src/share/classes/sun/security/pkcs11/P11Key.java index 9380dc1be0c..54ccd3213c2 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/P11Key.java +++ b/jdk/src/share/classes/sun/security/pkcs11/P11Key.java @@ -128,7 +128,7 @@ abstract class P11Key implements Key { // see JCA spec public final byte[] getEncoded() { byte[] b = getEncodedInternal(); - return (b == null) ? null : (byte[])b.clone(); + return (b == null) ? null : b.clone(); } abstract byte[] getEncodedInternal(); @@ -299,21 +299,22 @@ abstract class P11Key implements Key { // we assume that all components of public keys are always accessible static PublicKey publicKey(Session session, long keyID, String algorithm, int keyLength, CK_ATTRIBUTE[] attributes) { - if (algorithm.equals("RSA")) { - return new P11RSAPublicKey - (session, keyID, algorithm, keyLength, attributes); - } else if (algorithm.equals("DSA")) { - return new P11DSAPublicKey - (session, keyID, algorithm, keyLength, attributes); - } else if (algorithm.equals("DH")) { - return new P11DHPublicKey - (session, keyID, algorithm, keyLength, attributes); - } else if (algorithm.equals("EC")) { - return new P11ECPublicKey - (session, keyID, algorithm, keyLength, attributes); - } else { - throw new ProviderException - ("Unknown public key algorithm " + algorithm); + switch (algorithm) { + case "RSA": + return new P11RSAPublicKey + (session, keyID, algorithm, keyLength, attributes); + case "DSA": + return new P11DSAPublicKey + (session, keyID, algorithm, keyLength, attributes); + case "DH": + return new P11DHPublicKey + (session, keyID, algorithm, keyLength, attributes); + case "EC": + return new P11ECPublicKey + (session, keyID, algorithm, keyLength, attributes); + default: + throw new ProviderException + ("Unknown public key algorithm " + algorithm); } } @@ -328,42 +329,43 @@ abstract class P11Key implements Key { return new P11PrivateKey (session, keyID, algorithm, keyLength, attributes); } else { - if (algorithm.equals("RSA")) { - // XXX better test for RSA CRT keys (single getAttributes() call) - // we need to determine whether this is a CRT key - // see if we can obtain the public exponent - // this should also be readable for sensitive/extractable keys - CK_ATTRIBUTE[] attrs2 = new CK_ATTRIBUTE[] { - new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT), - }; - boolean crtKey; - try { - session.token.p11.C_GetAttributeValue - (session.id(), keyID, attrs2); - crtKey = (attrs2[0].pValue instanceof byte[]); - } catch (PKCS11Exception e) { - // ignore, assume not available - crtKey = false; - } - if (crtKey) { - return new P11RSAPrivateKey + switch (algorithm) { + case "RSA": + // XXX better test for RSA CRT keys (single getAttributes() call) + // we need to determine whether this is a CRT key + // see if we can obtain the public exponent + // this should also be readable for sensitive/extractable keys + CK_ATTRIBUTE[] attrs2 = new CK_ATTRIBUTE[] { + new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT), + }; + boolean crtKey; + try { + session.token.p11.C_GetAttributeValue + (session.id(), keyID, attrs2); + crtKey = (attrs2[0].pValue instanceof byte[]); + } catch (PKCS11Exception e) { + // ignore, assume not available + crtKey = false; + } + if (crtKey) { + return new P11RSAPrivateKey + (session, keyID, algorithm, keyLength, attributes); + } else { + return new P11RSAPrivateNonCRTKey + (session, keyID, algorithm, keyLength, attributes); + } + case "DSA": + return new P11DSAPrivateKey (session, keyID, algorithm, keyLength, attributes); - } else { - return new P11RSAPrivateNonCRTKey + case "DH": + return new P11DHPrivateKey (session, keyID, algorithm, keyLength, attributes); - } - } else if (algorithm.equals("DSA")) { - return new P11DSAPrivateKey - (session, keyID, algorithm, keyLength, attributes); - } else if (algorithm.equals("DH")) { - return new P11DHPrivateKey - (session, keyID, algorithm, keyLength, attributes); - } else if (algorithm.equals("EC")) { - return new P11ECPrivateKey - (session, keyID, algorithm, keyLength, attributes); - } else { - throw new ProviderException - ("Unknown private key algorithm " + algorithm); + case "EC": + return new P11ECPrivateKey + (session, keyID, algorithm, keyLength, attributes); + default: + throw new ProviderException + ("Unknown private key algorithm " + algorithm); } } } @@ -371,6 +373,8 @@ abstract class P11Key implements Key { // class for sensitive and unextractable private keys private static final class P11PrivateKey extends P11Key implements PrivateKey { + private static final long serialVersionUID = -2138581185214187615L; + P11PrivateKey(Session session, long keyID, String algorithm, int keyLength, CK_ATTRIBUTE[] attributes) { super(PRIVATE, session, keyID, algorithm, keyLength, attributes); @@ -387,6 +391,7 @@ abstract class P11Key implements Key { } private static class P11SecretKey extends P11Key implements SecretKey { + private static final long serialVersionUID = -7828241727014329084L; private volatile byte[] encoded; P11SecretKey(Session session, long keyID, String algorithm, int keyLength, CK_ATTRIBUTE[] attributes) { @@ -434,6 +439,8 @@ abstract class P11Key implements Key { private static class P11TlsMasterSecretKey extends P11SecretKey implements TlsMasterSecret { + private static final long serialVersionUID = -1318560923770573441L; + private final int majorVersion, minorVersion; P11TlsMasterSecretKey(Session session, long keyID, String algorithm, int keyLength, CK_ATTRIBUTE[] attributes, int major, int minor) { @@ -453,6 +460,8 @@ abstract class P11Key implements Key { // RSA CRT private key private static final class P11RSAPrivateKey extends P11Key implements RSAPrivateCrtKey { + private static final long serialVersionUID = 9215872438913515220L; + private BigInteger n, e, d, p, q, pe, qe, coeff; private byte[] encoded; P11RSAPrivateKey(Session session, long keyID, String algorithm, @@ -563,6 +572,8 @@ abstract class P11Key implements Key { // RSA non-CRT private key private static final class P11RSAPrivateNonCRTKey extends P11Key implements RSAPrivateKey { + private static final long serialVersionUID = 1137764983777411481L; + private BigInteger n, d; private byte[] encoded; P11RSAPrivateNonCRTKey(Session session, long keyID, String algorithm, @@ -624,6 +635,8 @@ abstract class P11Key implements Key { private static final class P11RSAPublicKey extends P11Key implements RSAPublicKey { + private static final long serialVersionUID = -826726289023854455L; + private BigInteger n, e; private byte[] encoded; P11RSAPublicKey(Session session, long keyID, String algorithm, @@ -676,6 +689,8 @@ abstract class P11Key implements Key { private static final class P11DSAPublicKey extends P11Key implements DSAPublicKey { + private static final long serialVersionUID = 5989753793316396637L; + private BigInteger y; private DSAParams params; private byte[] encoded; @@ -737,6 +752,8 @@ abstract class P11Key implements Key { private static final class P11DSAPrivateKey extends P11Key implements DSAPrivateKey { + private static final long serialVersionUID = 3119629997181999389L; + private BigInteger x; private DSAParams params; private byte[] encoded; @@ -798,6 +815,8 @@ abstract class P11Key implements Key { private static final class P11DHPrivateKey extends P11Key implements DHPrivateKey { + private static final long serialVersionUID = -1698576167364928838L; + private BigInteger x; private DHParameterSpec params; private byte[] encoded; @@ -860,6 +879,8 @@ abstract class P11Key implements Key { private static final class P11DHPublicKey extends P11Key implements DHPublicKey { + static final long serialVersionUID = -598383872153843657L; + private BigInteger y; private DHParameterSpec params; private byte[] encoded; @@ -922,6 +943,8 @@ abstract class P11Key implements Key { private static final class P11ECPrivateKey extends P11Key implements ECPrivateKey { + private static final long serialVersionUID = -7786054399510515515L; + private BigInteger s; private ECParameterSpec params; private byte[] encoded; @@ -982,6 +1005,8 @@ abstract class P11Key implements Key { private static final class P11ECPublicKey extends P11Key implements ECPublicKey { + private static final long serialVersionUID = -6371481375154806089L; + private ECPoint w; private ECParameterSpec params; private byte[] encoded; diff --git a/jdk/src/share/classes/sun/security/pkcs11/P11KeyAgreement.java b/jdk/src/share/classes/sun/security/pkcs11/P11KeyAgreement.java index 2183a7d2081..1ebe17bfacc 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/P11KeyAgreement.java +++ b/jdk/src/share/classes/sun/security/pkcs11/P11KeyAgreement.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -143,8 +143,8 @@ final class P11KeyAgreement extends KeyAgreementSpi { // just in case not, attempt conversion P11DHKeyFactory kf = new P11DHKeyFactory(token, "DH"); try { - DHPublicKeySpec spec = (DHPublicKeySpec)kf.engineGetKeySpec - (key, DHPublicKeySpec.class); + DHPublicKeySpec spec = kf.engineGetKeySpec( + key, DHPublicKeySpec.class); y = spec.getY(); p = spec.getP(); g = spec.getG(); diff --git a/jdk/src/share/classes/sun/security/pkcs11/P11KeyFactory.java b/jdk/src/share/classes/sun/security/pkcs11/P11KeyFactory.java index becf2f0e517..0442203e50d 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/P11KeyFactory.java +++ b/jdk/src/share/classes/sun/security/pkcs11/P11KeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,7 +29,6 @@ import java.security.*; import java.security.spec.*; import sun.security.pkcs11.wrapper.PKCS11Exception; -import static sun.security.pkcs11.wrapper.PKCS11Constants.*; /** * KeyFactory base class. Provides common infrastructure for the RSA, DSA, @@ -77,7 +76,7 @@ abstract class P11KeyFactory extends KeyFactorySpi { if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec) || X509EncodedKeySpec.class.isAssignableFrom(keySpec)) { try { - return (T)implGetSoftwareFactory().getKeySpec(key, keySpec); + return implGetSoftwareFactory().getKeySpec(key, keySpec); } catch (GeneralSecurityException e) { throw new InvalidKeySpecException("Could not encode key", e); } @@ -92,9 +91,9 @@ abstract class P11KeyFactory extends KeyFactorySpi { Session[] session = new Session[1]; try { if (p11Key.isPublic()) { - return (T)implGetPublicKeySpec(p11Key, keySpec, session); + return implGetPublicKeySpec(p11Key, keySpec, session); } else { - return (T)implGetPrivateKeySpec(p11Key, keySpec, session); + return implGetPrivateKeySpec(p11Key, keySpec, session); } } catch (PKCS11Exception e) { throw new InvalidKeySpecException("Could not generate KeySpec", e); @@ -138,10 +137,10 @@ abstract class P11KeyFactory extends KeyFactorySpi { } } - abstract KeySpec implGetPublicKeySpec(P11Key key, Class keySpec, + abstract T implGetPublicKeySpec(P11Key key, Class keySpec, Session[] session) throws PKCS11Exception, InvalidKeySpecException; - abstract KeySpec implGetPrivateKeySpec(P11Key key, Class keySpec, + abstract T implGetPrivateKeySpec(P11Key key, Class keySpec, Session[] session) throws PKCS11Exception, InvalidKeySpecException; abstract PublicKey implTranslatePublicKey(PublicKey key) diff --git a/jdk/src/share/classes/sun/security/pkcs11/P11KeyStore.java b/jdk/src/share/classes/sun/security/pkcs11/P11KeyStore.java index 9cd7d4bf848..cbca68f3ec9 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/P11KeyStore.java +++ b/jdk/src/share/classes/sun/security/pkcs11/P11KeyStore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -34,12 +34,9 @@ import java.io.ByteArrayInputStream; import java.io.UnsupportedEncodingException; import java.util.Arrays; -import java.util.Collection; import java.util.Collections; import java.util.Date; import java.util.Enumeration; -import java.util.Iterator; -import java.util.List; import java.util.ArrayList; import java.util.HashSet; import java.util.HashMap; @@ -48,7 +45,6 @@ import java.util.Set; import java.security.*; import java.security.KeyStore.*; -import java.security.cert.CertPath; import java.security.cert.Certificate; import java.security.cert.X509Certificate; import java.security.cert.CertificateFactory; @@ -60,7 +56,6 @@ import java.security.spec.*; import javax.crypto.SecretKey; import javax.crypto.interfaces.*; -import javax.security.auth.Subject; import javax.security.auth.x500.X500Principal; import javax.security.auth.login.LoginException; import javax.security.auth.callback.Callback; @@ -69,7 +64,6 @@ import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import sun.security.util.Debug; -import sun.security.x509.SerialNumber; import sun.security.util.DerValue; import sun.security.ec.ECParameters; @@ -235,7 +229,7 @@ final class P11KeyStore extends KeyStoreSpi { private PasswordCallbackHandler(char[] password) { if (password != null) { - this.password = (char[])password.clone(); + this.password = password.clone(); } } @@ -331,10 +325,8 @@ final class P11KeyStore extends KeyStoreSpi { // did not find anything return null; - } catch (PKCS11Exception pe) { - throw new ProviderException(pe); - } catch (KeyStoreException ke) { - throw new ProviderException(ke); + } catch (PKCS11Exception | KeyStoreException e) { + throw new ProviderException(e); } finally { token.releaseSession(session); } @@ -458,10 +450,8 @@ final class P11KeyStore extends KeyStoreSpi { } else if (key instanceof SecretKey) { entry = new KeyStore.SecretKeyEntry((SecretKey)key); } - } catch (NullPointerException npe) { - throw new KeyStoreException(npe); - } catch (IllegalArgumentException iae) { - throw new KeyStoreException(iae); + } catch (NullPointerException | IllegalArgumentException e) { + throw new KeyStoreException(e); } engineSetEntry(alias, entry, new KeyStore.PasswordProtection(password)); } @@ -566,10 +556,8 @@ final class P11KeyStore extends KeyStoreSpi { } else { throw new KeyStoreException("unexpected entry type"); } - } catch (PKCS11Exception pe) { - throw new KeyStoreException(pe); - } catch (CertificateException ce) { - throw new KeyStoreException(ce); + } catch (PKCS11Exception | CertificateException e) { + throw new KeyStoreException(e); } } return false; @@ -770,18 +758,8 @@ final class P11KeyStore extends KeyStoreSpi { if (debug != null) { dumpTokenMap(); } - } catch (LoginException le) { - IOException ioe = new IOException("load failed"); - ioe.initCause(le); - throw ioe; - } catch (KeyStoreException kse) { - IOException ioe = new IOException("load failed"); - ioe.initCause(kse); - throw ioe; - } catch (PKCS11Exception pe) { - IOException ioe = new IOException("load failed"); - ioe.initCause(pe); - throw ioe; + } catch (LoginException | KeyStoreException | PKCS11Exception e) { + throw new IOException("load failed", e); } } @@ -860,11 +838,7 @@ final class P11KeyStore extends KeyStoreSpi { if (debug != null) { dumpTokenMap(); } - } catch (LoginException e) { - throw new IOException("load failed", e); - } catch (KeyStoreException e) { - throw new IOException("load failed", e); - } catch (PKCS11Exception e) { + } catch (LoginException | KeyStoreException | PKCS11Exception e) { throw new IOException("load failed", e); } } @@ -1054,9 +1028,7 @@ final class P11KeyStore extends KeyStoreSpi { storeCert(alias, xcert); module.setTrust(token, xcert); mapLabels(); - } catch (PKCS11Exception e) { - throw new KeyStoreException(e); - } catch (CertificateException e) { + } catch (PKCS11Exception | CertificateException e) { throw new KeyStoreException(e); } @@ -1118,10 +1090,8 @@ final class P11KeyStore extends KeyStoreSpi { storePkey(alias, (KeyStore.PrivateKeyEntry)entry); } - } catch (PKCS11Exception pe) { + } catch (PKCS11Exception | CertificateException pe) { throw new KeyStoreException(pe); - } catch (CertificateException ce) { - throw new KeyStoreException(ce); } } else if (entry instanceof KeyStore.SecretKeyEntry) { @@ -1158,10 +1128,8 @@ final class P11KeyStore extends KeyStoreSpi { if (debug != null) { dumpTokenMap(); } - } catch (PKCS11Exception pe) { + } catch (PKCS11Exception | CertificateException pe) { throw new KeyStoreException(pe); - } catch (CertificateException ce) { - throw new KeyStoreException(ce); } } @@ -1870,7 +1838,7 @@ final class P11KeyStore extends KeyStoreSpi { debug.println("creating RSAPrivateKey attrs"); } - RSAPrivateKey rsaKey = (RSAPrivateKey)key; + RSAPrivateKey rsaKey = key; attrs = new CK_ATTRIBUTE[] { ATTR_TOKEN_TRUE, @@ -2662,7 +2630,7 @@ final class P11KeyStore extends KeyStoreSpi { private void dumpTokenMap() { Set aliases = aliasMap.keySet(); System.out.println("Token Alias Map:"); - if (aliases.size() == 0) { + if (aliases.isEmpty()) { System.out.println(" [empty]"); } else { for (String s : aliases) { diff --git a/jdk/src/share/classes/sun/security/pkcs11/P11RSAKeyFactory.java b/jdk/src/share/classes/sun/security/pkcs11/P11RSAKeyFactory.java index 963ac8aa282..0c75ac967bb 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/P11RSAKeyFactory.java +++ b/jdk/src/share/classes/sun/security/pkcs11/P11RSAKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -130,10 +130,7 @@ final class P11RSAKeyFactory extends P11KeyFactory { rs.getModulus(), rs.getPublicExponent() ); - } catch (PKCS11Exception e) { - throw new InvalidKeySpecException - ("Could not create RSA public key", e); - } catch (InvalidKeyException e) { + } catch (PKCS11Exception | InvalidKeyException e) { throw new InvalidKeySpecException ("Could not create RSA public key", e); } @@ -177,10 +174,7 @@ final class P11RSAKeyFactory extends P11KeyFactory { throw new InvalidKeySpecException("Only RSAPrivate(Crt)KeySpec " + "and PKCS8EncodedKeySpec supported for RSA private keys"); } - } catch (PKCS11Exception e) { - throw new InvalidKeySpecException - ("Could not create RSA private key", e); - } catch (InvalidKeyException e) { + } catch (PKCS11Exception | InvalidKeyException e) { throw new InvalidKeySpecException ("Could not create RSA private key", e); } @@ -260,8 +254,8 @@ final class P11RSAKeyFactory extends P11KeyFactory { } } - KeySpec implGetPublicKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + T implGetPublicKeySpec(P11Key key, Class keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (RSAPublicKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -273,15 +267,15 @@ final class P11RSAKeyFactory extends P11KeyFactory { attributes[0].getBigInteger(), attributes[1].getBigInteger() ); - return spec; + return keySpec.cast(spec); } else { // X.509 handled in superclass throw new InvalidKeySpecException("Only RSAPublicKeySpec and " + "X509EncodedKeySpec supported for RSA public keys"); } } - KeySpec implGetPrivateKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + T implGetPrivateKeySpec(P11Key key, Class keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (RSAPrivateCrtKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -305,7 +299,7 @@ final class P11RSAKeyFactory extends P11KeyFactory { attributes[6].getBigInteger(), attributes[7].getBigInteger() ); - return spec; + return keySpec.cast(spec); } else if (RSAPrivateKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -317,7 +311,7 @@ final class P11RSAKeyFactory extends P11KeyFactory { attributes[0].getBigInteger(), attributes[1].getBigInteger() ); - return spec; + return keySpec.cast(spec); } else { // PKCS#8 handled in superclass throw new InvalidKeySpecException("Only RSAPrivate(Crt)KeySpec " + "and PKCS8EncodedKeySpec supported for RSA private keys"); diff --git a/jdk/src/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java b/jdk/src/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java index 5a5a6100b60..f4306b3a9aa 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java +++ b/jdk/src/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -319,7 +319,7 @@ final class P11SecretKeyFactory extends SecretKeyFactorySpi { } // see JCE spec - protected KeySpec engineGetKeySpec(SecretKey key, Class keySpec) + protected KeySpec engineGetKeySpec(SecretKey key, Class keySpec) throws InvalidKeySpecException { token.ensureValid(); if ((key == null) || (keySpec == null)) { diff --git a/jdk/src/share/classes/sun/security/pkcs11/P11Signature.java b/jdk/src/share/classes/sun/security/pkcs11/P11Signature.java index 7489d3fa2bc..009c263895d 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/P11Signature.java +++ b/jdk/src/share/classes/sun/security/pkcs11/P11Signature.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -396,7 +396,7 @@ final class P11Signature extends SignatureSpi { ensureInitialized(); switch (type) { case T_UPDATE: - buffer[0] = (byte)b; + buffer[0] = b; engineUpdate(buffer, 0, 1); break; case T_DIGEST: diff --git a/jdk/src/share/classes/sun/security/pkcs11/P11TlsPrfGenerator.java b/jdk/src/share/classes/sun/security/pkcs11/P11TlsPrfGenerator.java index e5be5414a97..8f75b1ec37e 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/P11TlsPrfGenerator.java +++ b/jdk/src/share/classes/sun/security/pkcs11/P11TlsPrfGenerator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -98,6 +98,8 @@ final class P11TlsPrfGenerator extends KeyGeneratorSpi { // SecretKeySpec does not allow zero length keys, so we define our own class. private static final SecretKey NULL_KEY = new SecretKey() { + private static final long serialVersionUID = -8090049519656411362L; + public byte[] getEncoded() { return new byte[0]; } diff --git a/jdk/src/share/classes/sun/security/pkcs11/P11Util.java b/jdk/src/share/classes/sun/security/pkcs11/P11Util.java index 885734e36c3..d405743409a 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/P11Util.java +++ b/jdk/src/share/classes/sun/security/pkcs11/P11Util.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -88,7 +88,7 @@ public final class P11Util { p = Security.getProvider(providerName); if (p == null) { try { - Class clazz = Class.forName(className); + Class clazz = Class.forName(className); p = (Provider)clazz.newInstance(); } catch (Exception e) { throw new ProviderException diff --git a/jdk/src/share/classes/sun/security/pkcs11/Secmod.java b/jdk/src/share/classes/sun/security/pkcs11/Secmod.java index 4f32e33d2a8..351a9202e35 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/Secmod.java +++ b/jdk/src/share/classes/sun/security/pkcs11/Secmod.java @@ -236,6 +236,7 @@ public final class Secmod { throw new IllegalStateException(e); } if (modules == null) { + @SuppressWarnings("unchecked") List modules = (List)nssGetModuleList(nssHandle, nssLibDir); this.modules = Collections.unmodifiableList(modules); diff --git a/jdk/src/share/classes/sun/security/pkcs11/wrapper/Functions.java b/jdk/src/share/classes/sun/security/pkcs11/wrapper/Functions.java index 146f145a2ab..fa7ad073598 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/wrapper/Functions.java +++ b/jdk/src/share/classes/sun/security/pkcs11/wrapper/Functions.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. */ /* Copyright (c) 2002 Graz University of Technology. All rights reserved. @@ -517,7 +517,7 @@ public class Functions { if (array != null) { for (int i = 0; (i < 4) && (i < array.length); i++) { - hash ^= ((int) (0xFF & array[i])) << ((i%4) << 3); + hash ^= (0xFF & array[i]) << ((i%4) << 3); } } @@ -537,7 +537,7 @@ public class Functions { if (array != null) { for (int i = 0; (i < 4) && (i < array.length); i++) { - hash ^= ((int) (0xFFFF & array[i])) << ((i%2) << 4); + hash ^= (0xFFFF & array[i]) << ((i%2) << 4); } } @@ -557,18 +557,18 @@ public class Functions { if (date != null) { if (date.year.length == 4) { - hash ^= ((int) (0xFFFF & date.year[0])) << 16; - hash ^= (int) (0xFFFF & date.year[1]); - hash ^= ((int) (0xFFFF & date.year[2])) << 16; - hash ^= (int) (0xFFFF & date.year[3]); + hash ^= (0xFFFF & date.year[0]) << 16; + hash ^= 0xFFFF & date.year[1]; + hash ^= (0xFFFF & date.year[2]) << 16; + hash ^= 0xFFFF & date.year[3]; } if (date.month.length == 2) { - hash ^= ((int) (0xFFFF & date.month[0])) << 16; - hash ^= (int) (0xFFFF & date.month[1]); + hash ^= (0xFFFF & date.month[0]) << 16; + hash ^= 0xFFFF & date.month[1]; } if (date.day.length == 2) { - hash ^= ((int) (0xFFFF & date.day[0])) << 16; - hash ^= (int) (0xFFFF & date.day[1]); + hash ^= (0xFFFF & date.day[0]) << 16; + hash ^= 0xFFFF & date.day[1]; } } diff --git a/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java b/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java index ffde3d1a46b..68163a0491f 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java +++ b/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. */ /* Copyright (c) 2002 Graz University of Technology. All rights reserved. @@ -63,6 +63,7 @@ import java.util.*; * @invariants */ public class PKCS11Exception extends Exception { + private static final long serialVersionUID = 4877072363729195L; /** * The code of the error which was the reason for this exception. diff --git a/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11RuntimeException.java b/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11RuntimeException.java index 0c65381bbcc..538e380fa66 100644 --- a/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11RuntimeException.java +++ b/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11RuntimeException.java @@ -57,6 +57,7 @@ package sun.security.pkcs11.wrapper; * @invariants */ public class PKCS11RuntimeException extends RuntimeException { + private static final long serialVersionUID = 7889842162743590564L; /** * Empty constructor. diff --git a/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java b/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java index 777604473ca..e7fce4ea6db 100644 --- a/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java +++ b/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -41,13 +41,10 @@ import java.security.cert.X509Certificate; import java.security.cert.CertificateException; import java.security.spec.PKCS8EncodedKeySpec; import java.util.*; -import java.math.*; import java.security.AlgorithmParameters; -import java.security.spec.AlgorithmParameterSpec; import javax.crypto.spec.PBEParameterSpec; import javax.crypto.spec.PBEKeySpec; -import javax.crypto.spec.SecretKeySpec; import javax.crypto.SecretKeyFactory; import javax.crypto.SecretKey; import javax.crypto.Cipher; @@ -417,10 +414,8 @@ public final class PKCS12KeyStore extends KeyStoreSpi { // add the entry entries.put(alias.toLowerCase(), entry); } catch (Exception nsae) { - KeyStoreException ke = new KeyStoreException("Key protection " + - " algorithm not found: " + nsae); - ke.initCause(nsae); - throw ke; + throw new KeyStoreException("Key protection " + + " algorithm not found: " + nsae, nsae); } } @@ -456,10 +451,8 @@ public final class PKCS12KeyStore extends KeyStoreSpi { try { new EncryptedPrivateKeyInfo(key); } catch (IOException ioe) { - KeyStoreException ke = new KeyStoreException("Private key is not" - + " stored as PKCS#8 EncryptedPrivateKeyInfo: " + ioe); - ke.initCause(ioe); - throw ke; + throw new KeyStoreException("Private key is not stored" + + " as PKCS#8 EncryptedPrivateKeyInfo: " + ioe, ioe); } KeyEntry entry = new KeyEntry(); @@ -513,11 +506,8 @@ public final class PKCS12KeyStore extends KeyStoreSpi { algParams = AlgorithmParameters.getInstance(algorithm); algParams.init(paramSpec); } catch (Exception e) { - IOException ioe = - new IOException("getAlgorithmParameters failed: " + - e.getMessage()); - ioe.initCause(e); - throw ioe; + throw new IOException("getAlgorithmParameters failed: " + + e.getMessage(), e); } return algParams; } @@ -544,11 +534,8 @@ public final class PKCS12KeyStore extends KeyStoreSpi { algParams.init(params.toByteArray()); } } catch (Exception e) { - IOException ioe = - new IOException("parseAlgParameters failed: " + - e.getMessage()); - ioe.initCause(e); - throw ioe; + throw new IOException("parseAlgParameters failed: " + + e.getMessage(), e); } return algParams; } @@ -565,10 +552,8 @@ public final class PKCS12KeyStore extends KeyStoreSpi { SecretKeyFactory skFac = SecretKeyFactory.getInstance("PBE"); skey = skFac.generateSecret(keySpec); } catch (Exception e) { - IOException ioe = new IOException("getSecretKey failed: " + - e.getMessage()); - ioe.initCause(e); - throw ioe; + throw new IOException("getSecretKey failed: " + + e.getMessage(), e); } return skey; } @@ -826,9 +811,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { md.update(data); digest = md.digest(); } catch (Exception e) { - IOException ioe = new IOException("generateHash failed: " + e); - ioe.initCause(e); - throw ioe; + throw new IOException("generateHash failed: " + e, e); } return digest; } @@ -866,9 +849,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { bytes.write(macData.getEncoded()); mData = bytes.toByteArray(); } catch (Exception e) { - IOException ioe = new IOException("calculateMac failed: " + e); - ioe.initCause(e); - throw ioe; + throw new IOException("calculateMac failed: " + e, e); } return mData; } @@ -1149,10 +1130,8 @@ public final class PKCS12KeyStore extends KeyStoreSpi { encryptedData = cipher.doFinal(data); } catch (Exception e) { - IOException ioe = new IOException("Failed to encrypt" + - " safe contents entry: " + e); - ioe.initCause(e); - throw ioe; + throw new IOException("Failed to encrypt" + + " safe contents entry: " + e, e); } // create EncryptedContentInfo @@ -1220,7 +1199,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { ContentInfo authSafe = new ContentInfo(s); ObjectIdentifier contentType = authSafe.getContentType(); - if (contentType.equals(ContentInfo.DATA_OID)) { + if (contentType.equals((Object)ContentInfo.DATA_OID)) { authSafeData = authSafe.getData(); } else /* signed data */ { throw new IOException("public key protected PKCS12 not supported"); @@ -1246,7 +1225,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { safeContents = new ContentInfo(sci); contentType = safeContents.getContentType(); safeContentsData = null; - if (contentType.equals(ContentInfo.DATA_OID)) { + if (contentType.equals((Object)ContentInfo.DATA_OID)) { safeContentsData = safeContents.getData(); } else if (contentType.equals(ContentInfo.ENCRYPTED_DATA_OID)) { if (password == null) { @@ -1280,10 +1259,8 @@ public final class PKCS12KeyStore extends KeyStoreSpi { safeContentsData = cipher.doFinal(safeContentsData); } catch (Exception e) { - IOException ioe = new IOException("failed to decrypt safe" - + " contents entry: " + e); - ioe.initCause(e); - throw ioe; + throw new IOException("failed to decrypt safe" + + " contents entry: " + e, e); } } else { throw new IOException("public key protected PKCS12" + @@ -1319,10 +1296,7 @@ public final class PKCS12KeyStore extends KeyStoreSpi { " integrity checking"); } } catch (Exception e) { - IOException ioe = - new IOException("Integrity check failed: " + e); - ioe.initCause(e); - throw ioe; + throw new IOException("Integrity check failed: " + e, e); } } @@ -1402,12 +1376,12 @@ public final class PKCS12KeyStore extends KeyStoreSpi { + bagValue.tag); } bagValue = bagValue.data.getDerValue(); - if (bagId.equals(PKCS8ShroudedKeyBag_OID)) { + if (bagId.equals((Object)PKCS8ShroudedKeyBag_OID)) { KeyEntry kEntry = new KeyEntry(); kEntry.protectedPrivKey = bagValue.toByteArray(); bagItem = kEntry; privateKeyCount++; - } else if (bagId.equals(CertBag_OID)) { + } else if (bagId.equals((Object)CertBag_OID)) { DerInputStream cs = new DerInputStream(bagValue.toByteArray()); DerValue[] certValues = cs.getSequence(2); ObjectIdentifier certId = certValues[0].getOID(); @@ -1453,9 +1427,9 @@ public final class PKCS12KeyStore extends KeyStoreSpi { throw new IOException("Attribute " + attrId + " should have a value " + e.getMessage()); } - if (attrId.equals(PKCS9FriendlyName_OID)) { + if (attrId.equals((Object)PKCS9FriendlyName_OID)) { alias = valSet[0].getBMPString(); - } else if (attrId.equals(PKCS9LocalKeyId_OID)) { + } else if (attrId.equals((Object)PKCS9LocalKeyId_OID)) { keyId = valSet[0].getOctetString(); } else { // log error message for "unknown attr" diff --git a/jdk/src/share/classes/sun/security/provider/DSAKeyFactory.java b/jdk/src/share/classes/sun/security/provider/DSAKeyFactory.java index ea74affb444..72797aea18b 100644 --- a/jdk/src/share/classes/sun/security/provider/DSAKeyFactory.java +++ b/jdk/src/share/classes/sun/security/provider/DSAKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,15 +25,12 @@ package sun.security.provider; -import java.util.*; -import java.lang.*; import java.security.Key; import java.security.PublicKey; import java.security.PrivateKey; import java.security.KeyFactorySpi; import java.security.InvalidKeyException; import java.security.AccessController; -import java.security.PrivilegedAction; import java.security.interfaces.DSAParams; import java.security.spec.DSAPublicKeySpec; import java.security.spec.DSAPrivateKeySpec; @@ -194,13 +191,13 @@ public class DSAKeyFactory extends KeyFactorySpi { java.security.interfaces.DSAPublicKey dsaPubKey = (java.security.interfaces.DSAPublicKey)key; params = dsaPubKey.getParams(); - return (T) new DSAPublicKeySpec(dsaPubKey.getY(), - params.getP(), - params.getQ(), - params.getG()); + return keySpec.cast(new DSAPublicKeySpec(dsaPubKey.getY(), + params.getP(), + params.getQ(), + params.getG())); } else if (x509KeySpec.isAssignableFrom(keySpec)) { - return (T) new X509EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new X509EncodedKeySpec(key.getEncoded())); } else { throw new InvalidKeySpecException @@ -219,13 +216,13 @@ public class DSAKeyFactory extends KeyFactorySpi { java.security.interfaces.DSAPrivateKey dsaPrivKey = (java.security.interfaces.DSAPrivateKey)key; params = dsaPrivKey.getParams(); - return (T) new DSAPrivateKeySpec(dsaPrivKey.getX(), - params.getP(), - params.getQ(), - params.getG()); + return keySpec.cast(new DSAPrivateKeySpec(dsaPrivKey.getX(), + params.getP(), + params.getQ(), + params.getG())); } else if (pkcs8KeySpec.isAssignableFrom(keySpec)) { - return (T) new PKCS8EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded())); } else { throw new InvalidKeySpecException diff --git a/jdk/src/share/classes/sun/security/provider/DSAParameters.java b/jdk/src/share/classes/sun/security/provider/DSAParameters.java index 5d388dd8f0e..9a71ae1df86 100644 --- a/jdk/src/share/classes/sun/security/provider/DSAParameters.java +++ b/jdk/src/share/classes/sun/security/provider/DSAParameters.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package sun.security.provider; -import java.util.*; import java.io.*; import java.math.BigInteger; import java.security.AlgorithmParametersSpi; @@ -103,7 +102,8 @@ public class DSAParameters extends AlgorithmParametersSpi { Class dsaParamSpec = Class.forName ("java.security.spec.DSAParameterSpec"); if (dsaParamSpec.isAssignableFrom(paramSpec)) { - return (T)new DSAParameterSpec(this.p, this.q, this.g); + return paramSpec.cast( + new DSAParameterSpec(this.p, this.q, this.g)); } else { throw new InvalidParameterSpecException ("Inappropriate parameter Specification"); diff --git a/jdk/src/share/classes/sun/security/provider/MD4.java b/jdk/src/share/classes/sun/security/provider/MD4.java index b44a24db52c..56ff5a06ae3 100644 --- a/jdk/src/share/classes/sun/security/provider/MD4.java +++ b/jdk/src/share/classes/sun/security/provider/MD4.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -65,7 +65,9 @@ public final class MD4 extends DigestBase { private final static Provider md4Provider; static { - md4Provider = new Provider("MD4Provider", 1.0d, "MD4 MessageDigest") {}; + md4Provider = new Provider("MD4Provider", 1.0d, "MD4 MessageDigest") { + private static final long serialVersionUID = -8850464997518327965L; + }; AccessController.doPrivileged(new PrivilegedAction() { public Void run() { md4Provider.put("MessageDigest.MD4", "sun.security.provider.MD4"); diff --git a/jdk/src/share/classes/sun/security/provider/PolicyFile.java b/jdk/src/share/classes/sun/security/provider/PolicyFile.java index b9a8ec2eb49..c97ad1909aa 100644 --- a/jdk/src/share/classes/sun/security/provider/PolicyFile.java +++ b/jdk/src/share/classes/sun/security/provider/PolicyFile.java @@ -26,27 +26,21 @@ package sun.security.provider; import java.io.*; -import java.lang.RuntimePermission; import java.lang.reflect.*; -import java.lang.ref.*; import java.net.MalformedURLException; import java.net.URL; import java.net.URI; import java.util.*; import java.util.Enumeration; -import java.util.Hashtable; import java.util.List; import java.util.StringTokenizer; -import java.util.PropertyPermission; import java.util.ArrayList; import java.util.ListIterator; -import java.util.WeakHashMap; import java.text.MessageFormat; import com.sun.security.auth.PrincipalComparator; import java.security.*; import java.security.cert.Certificate; import java.security.cert.X509Certificate; -import javax.security.auth.PrivateCredentialPermission; import javax.security.auth.Subject; import javax.security.auth.x500.X500Principal; import java.io.FilePermission; @@ -68,7 +62,6 @@ import javax.net.ssl.SSLPermission; import sun.misc.JavaSecurityProtectionDomainAccess; import static sun.misc.JavaSecurityProtectionDomainAccess.ProtectionDomainCache; import sun.misc.SharedSecrets; -import sun.security.util.Password; import sun.security.util.PolicyUtil; import sun.security.util.PropertyExpander; import sun.security.util.Debug; @@ -1006,7 +999,7 @@ public class PolicyFile extends java.security.Policy { * via reflection. Keep list short to not penalize non-JDK-defined * permissions. */ - private static final Permission getKnownInstance(Class claz, + private static final Permission getKnownInstance(Class claz, String name, String actions) { // XXX shorten list to most popular ones? if (claz.equals(FilePermission.class)) { @@ -1346,7 +1339,7 @@ public class PolicyFile extends java.security.Policy { "\tActive Principals: " + accPs); } - if (entryPs == null || entryPs.size() == 0) { + if (entryPs == null || entryPs.isEmpty()) { // policy entry has no principals - // add perms regardless of principals in current ACC @@ -1547,7 +1540,7 @@ public class PolicyFile extends java.security.Policy { Principal[] pdp, Permissions perms) { - if (entryPs == null || entryPs.size() == 0) { + if (entryPs == null || entryPs.isEmpty()) { // No principals in the grant to substitute if (debug != null) { debug.println("Ignoring permission " @@ -1890,7 +1883,7 @@ public class PolicyFile extends java.security.Policy { private boolean replacePrincipals( List principals, KeyStore keystore) { - if (principals == null || principals.size() == 0 || keystore == null) + if (principals == null || principals.isEmpty() || keystore == null) return true; ListIterator i = principals.listIterator(); @@ -2403,7 +2396,7 @@ public class PolicyFile extends java.security.Policy { final List identityPolicyEntries; // Maps aliases to certs - final Map aliasMapping; + final Map aliasMapping; // Maps ProtectionDomain to PermissionCollection private final ProtectionDomainCache[] pdMapping; @@ -2413,7 +2406,8 @@ public class PolicyFile extends java.security.Policy { policyEntries = new ArrayList(); identityPolicyEntries = Collections.synchronizedList(new ArrayList(2)); - aliasMapping = Collections.synchronizedMap(new HashMap(11)); + aliasMapping = Collections.synchronizedMap( + new HashMap(11)); pdMapping = new ProtectionDomainCache[numCaches]; JavaSecurityProtectionDomainAccess jspda diff --git a/jdk/src/share/classes/sun/security/provider/certpath/AdaptableX509CertSelector.java b/jdk/src/share/classes/sun/security/provider/certpath/AdaptableX509CertSelector.java index 959ac59d12c..680795c3bcf 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/AdaptableX509CertSelector.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/AdaptableX509CertSelector.java @@ -101,7 +101,8 @@ class AdaptableX509CertSelector extends X509CertSelector { void parseAuthorityKeyIdentifierExtension( AuthorityKeyIdentifierExtension akidext) throws IOException { if (akidext != null) { - KeyIdentifier akid = (KeyIdentifier)akidext.get(akidext.KEY_ID); + KeyIdentifier akid = (KeyIdentifier)akidext.get( + AuthorityKeyIdentifierExtension.KEY_ID); if (akid != null) { // Do not override the previous setting for initial selection. if (isSKIDSensitive || getSubjectKeyIdentifier() == null) { @@ -113,8 +114,8 @@ class AdaptableX509CertSelector extends X509CertSelector { } } - SerialNumber asn = - (SerialNumber)akidext.get(akidext.SERIAL_NUMBER); + SerialNumber asn = (SerialNumber)akidext.get( + AuthorityKeyIdentifierExtension.SERIAL_NUMBER); if (asn != null) { // Do not override the previous setting for initial selection. if (isSNSensitive || getSerialNumber() == null) { diff --git a/jdk/src/share/classes/sun/security/provider/certpath/Builder.java b/jdk/src/share/classes/sun/security/provider/certpath/Builder.java index 4d46174630e..182a0d249aa 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/Builder.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/Builder.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -153,6 +153,7 @@ public abstract class Builder { if (debug != null) { debug.println("Builder.distance(): Names are different types"); } + return incomparable; case GeneralNameInterface.NAME_SAME_TYPE: if (debug != null) { debug.println("Builder.distance(): Names are same type but " + @@ -306,8 +307,8 @@ public abstract class Builder { SubjectAlternativeNameExtension altNameExt = certImpl.getSubjectAlternativeNameExtension(); if (altNameExt != null) { - GeneralNames altNames = - (GeneralNames)altNameExt.get(altNameExt.SUBJECT_NAME); + GeneralNames altNames = altNameExt.get( + SubjectAlternativeNameExtension.SUBJECT_NAME); /* see if any alternative name matches target */ if (altNames != null) { for (int j = 0, n = altNames.size(); j < n; j++) { @@ -343,10 +344,10 @@ public abstract class Builder { + String.valueOf(constraints)); } /* reduce permitted by excluded */ - GeneralSubtrees permitted = (GeneralSubtrees) - constraints.get(constraints.PERMITTED_SUBTREES); - GeneralSubtrees excluded = (GeneralSubtrees) - constraints.get(constraints.EXCLUDED_SUBTREES); + GeneralSubtrees permitted = + constraints.get(NameConstraintsExtension.PERMITTED_SUBTREES); + GeneralSubtrees excluded = + constraints.get(NameConstraintsExtension.EXCLUDED_SUBTREES); if (permitted != null) { permitted.reduce(excluded); } diff --git a/jdk/src/share/classes/sun/security/provider/certpath/CrlRevocationChecker.java b/jdk/src/share/classes/sun/security/provider/certpath/CrlRevocationChecker.java index 977d465ac47..8552e630073 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/CrlRevocationChecker.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/CrlRevocationChecker.java @@ -41,7 +41,6 @@ import java.security.PublicKey; import java.security.cert.*; import java.security.cert.CertPathValidatorException.BasicReason; import java.security.interfaces.DSAPublicKey; -import javax.security.auth.x500.X500Principal; import sun.security.util.Debug; import sun.security.x509.AccessDescription; import sun.security.x509.AuthorityInfoAccessExtension; @@ -758,8 +757,7 @@ class CrlRevocationChecker extends PKIXCertPathChecker { null, null); points = Collections.singletonList(point); } else { - points = (List)ext.get( - CRLDistributionPointsExtension.POINTS); + points = ext.get(CRLDistributionPointsExtension.POINTS); } Set results = new HashSet(); DistributionPointFetcher dpf = diff --git a/jdk/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java b/jdk/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java index 35d7b2c87e9..b335557dc5a 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java @@ -114,8 +114,8 @@ class DistributionPointFetcher { } return Collections.emptySet(); } - List points = (List)ext.get( - CRLDistributionPointsExtension.POINTS); + List points = + ext.get(CRLDistributionPointsExtension.POINTS); Set results = new HashSet(); for (Iterator t = points.iterator(); t.hasNext() && !Arrays.equals(reasonsMask, ALL_REASONS); ) { @@ -570,15 +570,16 @@ class DistributionPointFetcher { AuthorityKeyIdentifierExtension akidext = crlImpl.getAuthKeyIdExtension(); if (akidext != null) { - KeyIdentifier akid = (KeyIdentifier)akidext.get(akidext.KEY_ID); + KeyIdentifier akid = (KeyIdentifier)akidext.get( + AuthorityKeyIdentifierExtension.KEY_ID); if (akid != null) { DerOutputStream derout = new DerOutputStream(); derout.putOctetString(akid.getIdentifier()); certSel.setSubjectKeyIdentifier(derout.toByteArray()); } - SerialNumber asn = - (SerialNumber)akidext.get(akidext.SERIAL_NUMBER); + SerialNumber asn = (SerialNumber)akidext.get( + AuthorityKeyIdentifierExtension.SERIAL_NUMBER); if (asn != null) { certSel.setSerialNumber(asn.getNumber()); } diff --git a/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java b/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java index e2666a6771b..60d08866a4d 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java @@ -30,7 +30,6 @@ import java.util.*; import java.security.GeneralSecurityException; import java.security.InvalidKeyException; -import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.cert.CertPathValidatorException; import java.security.cert.PKIXReason; @@ -44,22 +43,13 @@ import java.security.cert.X509CertSelector; import javax.security.auth.x500.X500Principal; import sun.security.util.Debug; -import sun.security.util.DerOutputStream; import sun.security.x509.AccessDescription; import sun.security.x509.AuthorityInfoAccessExtension; import sun.security.x509.PKIXExtensions; import sun.security.x509.PolicyMappingsExtension; import sun.security.x509.X500Name; import sun.security.x509.X509CertImpl; -import sun.security.x509.X509CRLImpl; import sun.security.x509.AuthorityKeyIdentifierExtension; -import sun.security.x509.KeyIdentifier; -import sun.security.x509.SubjectKeyIdentifierExtension; -import sun.security.x509.SerialNumber; -import sun.security.x509.GeneralNames; -import sun.security.x509.GeneralName; -import sun.security.x509.GeneralNameInterface; -import java.math.BigInteger; /** * This class represents a forward builder, which is able to retrieve @@ -362,6 +352,9 @@ class ForwardBuilder extends Builder { * Download Certificates from the given AIA and add them to the * specified Collection. */ + // cs.getCertificates(caSelector) returns a collection of X509Certificate's + // because of the selector, so the cast is safe + @SuppressWarnings("unchecked") private boolean getCerts(AuthorityInfoAccessExtension aiaExt, Collection certs) { if (Builder.USE_AIA == false) { diff --git a/jdk/src/share/classes/sun/security/provider/certpath/ForwardState.java b/jdk/src/share/classes/sun/security/provider/certpath/ForwardState.java index d1acf796e9b..0645c926b58 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/ForwardState.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/ForwardState.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -206,8 +206,8 @@ class ForwardState implements State { SubjectAlternativeNameExtension subjAltNameExt = icert.getSubjectAlternativeNameExtension(); if (subjAltNameExt != null) { - GeneralNames gNames = (GeneralNames) - subjAltNameExt.get(SubjectAlternativeNameExtension.SUBJECT_NAME); + GeneralNames gNames = subjAltNameExt.get( + SubjectAlternativeNameExtension.SUBJECT_NAME); for (Iterator t = gNames.iterator(); t.hasNext(); ) { GeneralNameInterface gName = t.next().getName(); @@ -236,6 +236,7 @@ class ForwardState implements State { * because some of them will * not have their contents modified by subsequent calls to updateState. */ + @SuppressWarnings("unchecked") // Safe casts assuming clone() works correctly public Object clone() { try { ForwardState clonedState = (ForwardState) super.clone(); diff --git a/jdk/src/share/classes/sun/security/provider/certpath/IndexedCollectionCertStore.java b/jdk/src/share/classes/sun/security/provider/certpath/IndexedCollectionCertStore.java index 167e286544c..79f0c961aab 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/IndexedCollectionCertStore.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/IndexedCollectionCertStore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -185,6 +185,7 @@ public class IndexedCollectionCertStore extends CertStoreSpi { list.add((X509Certificate)oldEntry); certSubjects.put(subject, list); } else { + @SuppressWarnings("unchecked") // See certSubjects javadoc. List list = (List)oldEntry; if (list.contains(cert) == false) { list.add(cert); @@ -210,6 +211,8 @@ public class IndexedCollectionCertStore extends CertStoreSpi { list.add((X509CRL)oldEntry); crlIssuers.put(issuer, list); } else { + // See crlIssuers javadoc. + @SuppressWarnings("unchecked") List list = (List)oldEntry; if (list.contains(crl) == false) { list.add(crl); @@ -279,6 +282,8 @@ public class IndexedCollectionCertStore extends CertStoreSpi { return Collections.emptySet(); } } else { + // See certSubjects javadoc. + @SuppressWarnings("unchecked") List list = (List)entry; Set matches = new HashSet(16); for (X509Certificate cert : list) { @@ -309,6 +314,8 @@ public class IndexedCollectionCertStore extends CertStoreSpi { matches.add(cert); } } else { + // See certSubjects javadoc. + @SuppressWarnings("unchecked") List list = (List)obj; for (X509Certificate cert : list) { if (selector.match(cert)) { @@ -370,6 +377,8 @@ public class IndexedCollectionCertStore extends CertStoreSpi { matches.add(crl); } } else { // List + // See crlIssuers javadoc. + @SuppressWarnings("unchecked") List list = (List)entry; for (X509CRL crl : list) { if (x509Selector.match(crl)) { @@ -398,6 +407,8 @@ public class IndexedCollectionCertStore extends CertStoreSpi { matches.add(crl); } } else { + // See crlIssuers javadoc. + @SuppressWarnings("unchecked") List list = (List)obj; for (X509CRL crl : list) { if (selector.match(crl)) { diff --git a/jdk/src/share/classes/sun/security/provider/certpath/OCSP.java b/jdk/src/share/classes/sun/security/provider/certpath/OCSP.java index 4f6f1352ad1..bd426c5011d 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/OCSP.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/OCSP.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -291,7 +291,7 @@ public final class OCSP { List descriptions = aia.getAccessDescriptions(); for (AccessDescription description : descriptions) { - if (description.getAccessMethod().equals( + if (description.getAccessMethod().equals((Object) AccessDescription.Ad_OCSP_Id)) { GeneralName generalName = description.getAccessLocation(); diff --git a/jdk/src/share/classes/sun/security/provider/certpath/OCSPChecker.java b/jdk/src/share/classes/sun/security/provider/certpath/OCSPChecker.java index d734ff90408..8eb4551f074 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/OCSPChecker.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/OCSPChecker.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -300,7 +300,7 @@ class OCSPChecker extends PKIXCertPathChecker { if (filter != null) { List certStores = pkixParams.getCertStores(); for (CertStore certStore : certStores) { - Iterator i = null; + Iterator i = null; try { i = certStore.getCertificates(filter).iterator(); } catch (CertStoreException cse) { @@ -392,7 +392,7 @@ class OCSPChecker extends PKIXCertPathChecker { List descriptions = aia.getAccessDescriptions(); for (AccessDescription description : descriptions) { - if (description.getAccessMethod().equals( + if (description.getAccessMethod().equals((Object) AccessDescription.Ad_OCSP_Id)) { GeneralName generalName = description.getAccessLocation(); diff --git a/jdk/src/share/classes/sun/security/provider/certpath/OCSPResponse.java b/jdk/src/share/classes/sun/security/provider/certpath/OCSPResponse.java index 63566dd5558..0eb3d28d958 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/OCSPResponse.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/OCSPResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,7 +26,6 @@ package sun.security.provider.certpath; import java.io.*; -import java.math.BigInteger; import java.security.*; import java.security.cert.CertificateException; import java.security.cert.CertificateParsingException; @@ -206,7 +205,7 @@ public final class OCSPResponse { // responseType derIn = tmp.data; ObjectIdentifier responseType = derIn.getOID(); - if (responseType.equals(OCSP_BASIC_RESPONSE_OID)) { + if (responseType.equals((Object)OCSP_BASIC_RESPONSE_OID)) { if (DEBUG != null) { DEBUG.println("OCSP response type: basic"); } @@ -301,7 +300,7 @@ public final class OCSPResponse { if (DEBUG != null) { DEBUG.println("OCSP extension: " + responseExtension); } - if (responseExtension.getExtensionId().equals( + if (responseExtension.getExtensionId().equals((Object) OCSP_NONCE_EXTENSION_OID)) { /* ocspNonce = diff --git a/jdk/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java b/jdk/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java index 63989de46ee..6c075d62936 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java @@ -25,7 +25,6 @@ package sun.security.provider.certpath; -import java.io.IOException; import java.security.AccessController; import java.security.InvalidAlgorithmParameterException; import java.security.cert.CertPath; @@ -40,13 +39,11 @@ import java.security.cert.PKIXReason; import java.security.cert.PolicyNode; import java.security.cert.TrustAnchor; import java.security.cert.X509Certificate; -import java.security.cert.X509CertSelector; import java.util.Collections; import java.util.List; import java.util.ArrayList; import java.util.Date; import java.util.Set; -import javax.security.auth.x500.X500Principal; import sun.security.action.GetBooleanSecurityPropertyAction; import sun.security.util.Debug; @@ -130,6 +127,9 @@ public class PKIXCertPathValidator extends CertPathValidatorSpi { // Must copy elements of certList into a new modifiable List before // calling Collections.reverse(). + // If cp is not an X.509 or X509 certpath, an + // InvalidAlgorithmParameterException will have been thrown by now. + @SuppressWarnings("unchecked") ArrayList certList = new ArrayList ((List)cp.getCertificates()); if (debug != null) { diff --git a/jdk/src/share/classes/sun/security/provider/certpath/PolicyChecker.java b/jdk/src/share/classes/sun/security/provider/certpath/PolicyChecker.java index a4acc87549d..e5b35a7cd18 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/PolicyChecker.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/PolicyChecker.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -274,8 +274,8 @@ class PolicyChecker extends PKIXCertPathChecker { = currCert.getPolicyConstraintsExtension(); if (polConstExt == null) return explicitPolicy; - int require = ((Integer) - polConstExt.get(PolicyConstraintsExtension.REQUIRE)).intValue(); + int require = + polConstExt.get(PolicyConstraintsExtension.REQUIRE).intValue(); if (debug != null) { debug.println("PolicyChecker.mergeExplicitPolicy() " + "require Index from cert = " + require); @@ -328,8 +328,8 @@ class PolicyChecker extends PKIXCertPathChecker { if (polConstExt == null) return policyMapping; - int inhibit = ((Integer) - polConstExt.get(PolicyConstraintsExtension.INHIBIT)).intValue(); + int inhibit = + polConstExt.get(PolicyConstraintsExtension.INHIBIT).intValue(); if (debug != null) debug.println("PolicyChecker.mergePolicyMapping() " + "inhibit Index from cert = " + inhibit); @@ -376,8 +376,8 @@ class PolicyChecker extends PKIXCertPathChecker { if (inhAnyPolExt == null) return inhibitAnyPolicy; - int skipCerts = ((Integer) - inhAnyPolExt.get(InhibitAnyPolicyExtension.SKIP_CERTS)).intValue(); + int skipCerts = + inhAnyPolExt.get(InhibitAnyPolicyExtension.SKIP_CERTS).intValue(); if (debug != null) debug.println("PolicyChecker.mergeInhibitAnyPolicy() " + "skipCerts Index from cert = " + skipCerts); @@ -448,8 +448,7 @@ class PolicyChecker extends PKIXCertPathChecker { + "policiesCritical = " + policiesCritical); try { - policyInfo = (List) - currCertPolicies.get(CertificatePoliciesExtension.POLICIES); + policyInfo = currCertPolicies.get(CertificatePoliciesExtension.POLICIES); } catch (IOException ioe) { throw new CertPathValidatorException("Exception while " + "retrieving policyOIDs", ioe); @@ -751,8 +750,7 @@ class PolicyChecker extends PKIXCertPathChecker { List maps = null; try { - maps = (List)polMappingsExt.get - (PolicyMappingsExtension.MAP); + maps = polMappingsExt.get(PolicyMappingsExtension.MAP); } catch (IOException e) { if (debug != null) { debug.println("PolicyChecker.processPolicyMappings() " @@ -860,8 +858,7 @@ class PolicyChecker extends PKIXCertPathChecker { { List policyInfo = null; try { - policyInfo = (List) - currCertPolicies.get(CertificatePoliciesExtension.POLICIES); + policyInfo = currCertPolicies.get(CertificatePoliciesExtension.POLICIES); } catch (IOException ioe) { throw new CertPathValidatorException("Exception while " + "retrieving policyOIDs", ioe); diff --git a/jdk/src/share/classes/sun/security/provider/certpath/ReverseState.java b/jdk/src/share/classes/sun/security/provider/certpath/ReverseState.java index b7285a140a5..195def6fa2e 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/ReverseState.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/ReverseState.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -365,6 +365,7 @@ class ReverseState implements State { * because some of them (e.g., subjKeyId) will * not have their contents modified by subsequent calls to updateState. */ + @SuppressWarnings("unchecked") // Safe casts assuming clone() works correctly public Object clone() { try { ReverseState clonedState = (ReverseState) super.clone(); diff --git a/jdk/src/share/classes/sun/security/provider/certpath/URICertStore.java b/jdk/src/share/classes/sun/security/provider/certpath/URICertStore.java index 3a2b24ccbf8..117685f6118 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/URICertStore.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/URICertStore.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -209,7 +209,8 @@ class URICertStore extends CertStoreSpi { * object of a certificate's Authority Information Access Extension. */ static CertStore getInstance(AccessDescription ad) { - if (!ad.getAccessMethod().equals(AccessDescription.Ad_CAISSUERS_Id)) { + if (!ad.getAccessMethod().equals((Object) + AccessDescription.Ad_CAISSUERS_Id)) { return null; } GeneralNameInterface gn = ad.getAccessLocation().getName(); @@ -241,6 +242,7 @@ class URICertStore extends CertStoreSpi { * match the specified selector * @throws CertStoreException if an exception occurs */ + @SuppressWarnings("unchecked") public synchronized Collection engineGetCertificates (CertSelector selector) throws CertStoreException { @@ -255,6 +257,7 @@ class URICertStore extends CertStoreSpi { } // Fetch the certificates via LDAP. LDAPCertStore has its own // caching mechanism, see the class description for more info. + // Safe cast since xsel is an X509 certificate selector. return (Collection) ldapCertStore.getCertificates(xsel); } @@ -300,6 +303,7 @@ class URICertStore extends CertStoreSpi { if (debug != null) { debug.println("Downloading new certificates..."); } + // Safe cast since factory is an X.509 certificate factory certs = (Collection) factory.generateCertificates(in); return getMatchingCerts(certs, selector); @@ -361,6 +365,7 @@ class URICertStore extends CertStoreSpi { * match the specified selector * @throws CertStoreException if an exception occurs */ + @SuppressWarnings("unchecked") public synchronized Collection engineGetCRLs(CRLSelector selector) throws CertStoreException { @@ -375,6 +380,7 @@ class URICertStore extends CertStoreSpi { } // Fetch the CRLs via LDAP. LDAPCertStore has its own // caching mechanism, see the class description for more info. + // Safe cast since xsel is an X509 certificate selector. return (Collection) ldapCertStore.getCRLs(xsel); } diff --git a/jdk/src/share/classes/sun/security/provider/certpath/Vertex.java b/jdk/src/share/classes/sun/security/provider/certpath/Vertex.java index 38df9d9cd33..cfc5c2fe8e9 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/Vertex.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/Vertex.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2002, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -171,7 +171,8 @@ public class Vertex { try { sKeyID = x509Cert.getSubjectKeyIdentifierExtension(); if (sKeyID != null) { - KeyIdentifier keyID = (KeyIdentifier)sKeyID.get(sKeyID.KEY_ID); + KeyIdentifier keyID = sKeyID.get( + SubjectKeyIdentifierExtension.KEY_ID); out = out + "SubjKeyID: " + keyID.toString(); } } catch (Exception e) { @@ -184,7 +185,8 @@ public class Vertex { try { aKeyID = x509Cert.getAuthorityKeyIdentifierExtension(); if (aKeyID != null) { - KeyIdentifier keyID = (KeyIdentifier)aKeyID.get(aKeyID.KEY_ID); + KeyIdentifier keyID = (KeyIdentifier)aKeyID.get( + AuthorityKeyIdentifierExtension.KEY_ID); out = out + "AuthKeyID: " + keyID.toString(); } } catch (Exception e) { diff --git a/jdk/src/share/classes/sun/security/provider/certpath/X509CertPath.java b/jdk/src/share/classes/sun/security/provider/certpath/X509CertPath.java index 27465b5d70e..8fe9750d2f1 100644 --- a/jdk/src/share/classes/sun/security/provider/certpath/X509CertPath.java +++ b/jdk/src/share/classes/sun/security/provider/certpath/X509CertPath.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package sun.security.provider.certpath; -import java.io.BufferedInputStream; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -101,11 +100,12 @@ public class X509CertPath extends CertPath { * @exception CertificateException if certs contains an element * that is not an X509Certificate */ + @SuppressWarnings("unchecked") public X509CertPath(List certs) throws CertificateException { super("X.509"); // Ensure that the List contains only X509Certificates - for (Object obj : (List)certs) { + for (Certificate obj : certs) { if (obj instanceof X509Certificate == false) { throw new CertificateException ("List is not all X509Certificates: " @@ -147,12 +147,15 @@ public class X509CertPath extends CertPath { throws CertificateException { super("X.509"); - if (PKIPATH_ENCODING.equals(encoding)) { - certs = parsePKIPATH(is); - } else if (PKCS7_ENCODING.equals(encoding)) { - certs = parsePKCS7(is); - } else { - throw new CertificateException("unsupported encoding"); + switch (encoding) { + case PKIPATH_ENCODING: + certs = parsePKIPATH(is); + break; + case PKCS7_ENCODING: + certs = parsePKCS7(is); + break; + default: + throw new CertificateException("unsupported encoding"); } } @@ -192,10 +195,8 @@ public class X509CertPath extends CertPath { return Collections.unmodifiableList(certList); } catch (IOException ioe) { - CertificateException ce = new CertificateException("IOException" + - " parsing PkiPath data: " + ioe); - ce.initCause(ioe); - throw ce; + throw new CertificateException("IOException parsing PkiPath data: " + + ioe, ioe); } } @@ -220,7 +221,7 @@ public class X509CertPath extends CertPath { // Copy the entire input stream into an InputStream that does // support mark is = new ByteArrayInputStream(readAllBytes(is)); - }; + } PKCS7 pkcs7 = new PKCS7(is); X509Certificate[] certArray = pkcs7.getCertificates(); @@ -301,10 +302,8 @@ public class X509CertPath extends CertPath { return derout.toByteArray(); } catch (IOException ioe) { - CertificateEncodingException ce = new CertificateEncodingException - ("IOException encoding PkiPath data: " + ioe); - ce.initCause(ioe); - throw ce; + throw new CertificateEncodingException("IOException encoding " + + "PkiPath data: " + ioe, ioe); } } @@ -339,12 +338,13 @@ public class X509CertPath extends CertPath { */ public byte[] getEncoded(String encoding) throws CertificateEncodingException { - if (PKIPATH_ENCODING.equals(encoding)) { - return encodePKIPATH(); - } else if (PKCS7_ENCODING.equals(encoding)) { - return encodePKCS7(); - } else { - throw new CertificateEncodingException("unsupported encoding"); + switch (encoding) { + case PKIPATH_ENCODING: + return encodePKIPATH(); + case PKCS7_ENCODING: + return encodePKCS7(); + default: + throw new CertificateEncodingException("unsupported encoding"); } } diff --git a/jdk/src/share/classes/sun/security/rsa/RSAKeyFactory.java b/jdk/src/share/classes/sun/security/rsa/RSAKeyFactory.java index 42001f26996..54aa0d269f5 100644 --- a/jdk/src/share/classes/sun/security/rsa/RSAKeyFactory.java +++ b/jdk/src/share/classes/sun/security/rsa/RSAKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -351,12 +351,12 @@ public final class RSAKeyFactory extends KeyFactorySpi { if (key instanceof RSAPublicKey) { RSAPublicKey rsaKey = (RSAPublicKey)key; if (rsaPublicKeySpecClass.isAssignableFrom(keySpec)) { - return (T) new RSAPublicKeySpec( + return keySpec.cast(new RSAPublicKeySpec( rsaKey.getModulus(), rsaKey.getPublicExponent() - ); + )); } else if (x509KeySpecClass.isAssignableFrom(keySpec)) { - return (T) new X509EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new X509EncodedKeySpec(key.getEncoded())); } else { throw new InvalidKeySpecException ("KeySpec must be RSAPublicKeySpec or " @@ -364,11 +364,11 @@ public final class RSAKeyFactory extends KeyFactorySpi { } } else if (key instanceof RSAPrivateKey) { if (pkcs8KeySpecClass.isAssignableFrom(keySpec)) { - return (T) new PKCS8EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded())); } else if (rsaPrivateCrtKeySpecClass.isAssignableFrom(keySpec)) { if (key instanceof RSAPrivateCrtKey) { RSAPrivateCrtKey crtKey = (RSAPrivateCrtKey)key; - return (T) new RSAPrivateCrtKeySpec( + return keySpec.cast(new RSAPrivateCrtKeySpec( crtKey.getModulus(), crtKey.getPublicExponent(), crtKey.getPrivateExponent(), @@ -377,17 +377,17 @@ public final class RSAKeyFactory extends KeyFactorySpi { crtKey.getPrimeExponentP(), crtKey.getPrimeExponentQ(), crtKey.getCrtCoefficient() - ); + )); } else { throw new InvalidKeySpecException ("RSAPrivateCrtKeySpec can only be used with CRT keys"); } } else if (rsaPrivateKeySpecClass.isAssignableFrom(keySpec)) { RSAPrivateKey rsaKey = (RSAPrivateKey)key; - return (T) new RSAPrivateKeySpec( + return keySpec.cast(new RSAPrivateKeySpec( rsaKey.getModulus(), rsaKey.getPrivateExponent() - ); + )); } else { throw new InvalidKeySpecException ("KeySpec must be RSAPrivate(Crt)KeySpec or " diff --git a/jdk/src/share/classes/sun/security/rsa/RSASignature.java b/jdk/src/share/classes/sun/security/rsa/RSASignature.java index c510413a215..a98ed881d1c 100644 --- a/jdk/src/share/classes/sun/security/rsa/RSASignature.java +++ b/jdk/src/share/classes/sun/security/rsa/RSASignature.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,7 +27,6 @@ package sun.security.rsa; import java.io.IOException; import java.nio.ByteBuffer; -import java.math.BigInteger; import java.util.Arrays; import java.security.*; @@ -202,8 +201,6 @@ public abstract class RSASignature extends SignatureSpi { // return false rather than propagating the exception for // compatibility/ease of use return false; - } catch (GeneralSecurityException e) { - throw new SignatureException("Signature verification failed", e); } catch (IOException e) { throw new SignatureException("Signature encoding error", e); } @@ -235,7 +232,7 @@ public abstract class RSASignature extends SignatureSpi { throw new IOException("SEQUENCE length error"); } AlgorithmId algId = AlgorithmId.parse(values[0]); - if (algId.getOID().equals(oid) == false) { + if (algId.getOID().equals((Object)oid) == false) { throw new IOException("ObjectIdentifier mismatch: " + algId.getOID()); } diff --git a/jdk/src/share/classes/sun/security/ssl/CipherSuite.java b/jdk/src/share/classes/sun/security/ssl/CipherSuite.java index 38734b75bf6..116afa43d70 100644 --- a/jdk/src/share/classes/sun/security/ssl/CipherSuite.java +++ b/jdk/src/share/classes/sun/security/ssl/CipherSuite.java @@ -65,7 +65,7 @@ import static sun.security.ssl.JsseJce.*; * unavailable or disabled at compile time * */ -final class CipherSuite implements Comparable { +final class CipherSuite implements Comparable { // minimum priority for supported CipherSuites final static int SUPPORTED_SUITES_PRIORITY = 1; @@ -202,8 +202,8 @@ final class CipherSuite implements Comparable { * Note that for unsupported CipherSuites parsed from a handshake * message we violate the equals() contract. */ - public int compareTo(Object o) { - return ((CipherSuite)o).priority - priority; + public int compareTo(CipherSuite o) { + return o.priority - priority; } /** diff --git a/jdk/src/share/classes/sun/security/ssl/HandshakeMessage.java b/jdk/src/share/classes/sun/security/ssl/HandshakeMessage.java index 13cadcf7fb1..4b952fe9ed8 100644 --- a/jdk/src/share/classes/sun/security/ssl/HandshakeMessage.java +++ b/jdk/src/share/classes/sun/security/ssl/HandshakeMessage.java @@ -811,13 +811,16 @@ class DH_ServerKeyExchange extends ServerKeyExchange sig = JsseJce.getSignature( preferableSignatureAlgorithm.getAlgorithmName()); } else { - if (algorithm.equals("DSA")) { - sig = JsseJce.getSignature(JsseJce.SIGNATURE_DSA); - } else if (algorithm.equals("RSA")) { - sig = RSASignature.getInstance(); - } else { - throw new SSLKeyException("neither an RSA or a DSA key"); - } + switch (algorithm) { + case "DSA": + sig = JsseJce.getSignature(JsseJce.SIGNATURE_DSA); + break; + case "RSA": + sig = RSASignature.getInstance(); + break; + default: + throw new SSLKeyException("neither an RSA or a DSA key"); + } } sig.initVerify(publicKey); @@ -1097,13 +1100,14 @@ class ECDH_ServerKeyExchange extends ServerKeyExchange { private static Signature getSignature(String keyAlgorithm) throws NoSuchAlgorithmException { - if (keyAlgorithm.equals("EC")) { - return JsseJce.getSignature(JsseJce.SIGNATURE_ECDSA); - } else if (keyAlgorithm.equals("RSA")) { - return RSASignature.getInstance(); - } else { - throw new NoSuchAlgorithmException("neither an RSA or a EC key"); - } + switch (keyAlgorithm) { + case "EC": + return JsseJce.getSignature(JsseJce.SIGNATURE_ECDSA); + case "RSA": + return RSASignature.getInstance(); + default: + throw new NoSuchAlgorithmException("neither an RSA or a EC key"); + } } private void updateSignature(Signature sig, byte clntNonce[], @@ -1611,16 +1615,17 @@ static final class CertificateVerify extends HandshakeMessage { */ private static Signature getSignature(ProtocolVersion protocolVersion, String algorithm) throws GeneralSecurityException { - if (algorithm.equals("RSA")) { - return RSASignature.getInternalInstance(); - } else if (algorithm.equals("DSA")) { - return JsseJce.getSignature(JsseJce.SIGNATURE_RAWDSA); - } else if (algorithm.equals("EC")) { - return JsseJce.getSignature(JsseJce.SIGNATURE_RAWECDSA); - } else { - throw new SignatureException("Unrecognized algorithm: " - + algorithm); - } + switch (algorithm) { + case "RSA": + return RSASignature.getInternalInstance(); + case "DSA": + return JsseJce.getSignature(JsseJce.SIGNATURE_RAWDSA); + case "EC": + return JsseJce.getSignature(JsseJce.SIGNATURE_RAWECDSA); + default: + throw new SignatureException("Unrecognized algorithm: " + + algorithm); + } } /* @@ -1696,7 +1701,7 @@ static final class CertificateVerify extends HandshakeMessage { md.update(temp); } - private final static Class delegate; + private final static Class delegate; private final static Field spiField; static { @@ -1724,7 +1729,7 @@ static final class CertificateVerify extends HandshakeMessage { // cache Method objects per Spi class // Note that this will prevent the Spi classes from being GC'd. We assume // that is not a problem. - private final static Map methodCache = + private final static Map,Object> methodCache = new ConcurrentHashMap<>(); private static void digestKey(MessageDigest md, SecretKey key) { diff --git a/jdk/src/share/classes/sun/security/ssl/Handshaker.java b/jdk/src/share/classes/sun/security/ssl/Handshaker.java index d4a04dfc60b..4fb7fec7d61 100644 --- a/jdk/src/share/classes/sun/security/ssl/Handshaker.java +++ b/jdk/src/share/classes/sun/security/ssl/Handshaker.java @@ -154,7 +154,7 @@ abstract class Handshaker { * Data is protected by the SSLEngine.this lock. */ private volatile boolean taskDelegated = false; - private volatile DelegatedTask delegatedTask = null; + private volatile DelegatedTask delegatedTask = null; private volatile Exception thrown = null; // Could probably use a java.util.concurrent.atomic.AtomicReference @@ -1316,7 +1316,7 @@ abstract class Handshaker { thrown = null; } - DelegatedTask getTask() { + DelegatedTask getTask() { if (!taskDelegated) { taskDelegated = true; return delegatedTask; @@ -1358,8 +1358,7 @@ abstract class Handshaker { thrown = null; if (e instanceof RuntimeException) { - throw (RuntimeException) - new RuntimeException(msg).initCause(e); + throw new RuntimeException(msg, e); } else if (e instanceof SSLHandshakeException) { throw (SSLHandshakeException) new SSLHandshakeException(msg).initCause(e); @@ -1377,8 +1376,7 @@ abstract class Handshaker { * If it's SSLException or any other Exception, * we'll wrap it in an SSLException. */ - throw (SSLException) - new SSLException(msg).initCause(e); + throw new SSLException(msg, e); } } } diff --git a/jdk/src/share/classes/sun/security/ssl/JsseJce.java b/jdk/src/share/classes/sun/security/ssl/JsseJce.java index d91b8f4ea4e..ee8348b3000 100644 --- a/jdk/src/share/classes/sun/security/ssl/JsseJce.java +++ b/jdk/src/share/classes/sun/security/ssl/JsseJce.java @@ -30,7 +30,6 @@ import java.math.BigInteger; import java.security.*; import java.security.interfaces.RSAPublicKey; -import java.security.spec.RSAPublicKeySpec; import java.security.spec.*; import javax.crypto.*; @@ -110,6 +109,8 @@ final class JsseJce { } private static final class SunCertificates extends Provider { + private static final long serialVersionUID = -3284138292032213752L; + SunCertificates(final Provider p) { super("SunCertificates", 1.0d, "SunJSSE internal"); AccessController.doPrivileged(new PrivilegedAction() { @@ -372,7 +373,7 @@ final class JsseJce { KeyFactory factory = JsseJce.getKeyFactory("RSA"); return factory.getKeySpec(key, RSAPublicKeySpec.class); } catch (Exception e) { - throw (RuntimeException)new RuntimeException().initCause(e); + throw new RuntimeException(e); } } diff --git a/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java b/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java index ce78c10cc3c..461cbaa2054 100644 --- a/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java +++ b/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java @@ -27,8 +27,6 @@ package sun.security.ssl; import java.io.*; import java.nio.*; -import java.nio.ReadOnlyBufferException; -import java.util.LinkedList; import java.security.*; import javax.crypto.BadPaddingException; @@ -36,7 +34,6 @@ import javax.crypto.BadPaddingException; import javax.net.ssl.*; import javax.net.ssl.SSLEngineResult.*; -import com.sun.net.ssl.internal.ssl.X509ExtendedTrustManager; /** * Implementation of an non-blocking SSLEngine. @@ -574,8 +571,7 @@ final public class SSLEngineImpl extends SSLEngine { readMAC = handshaker.newReadMAC(); } catch (GeneralSecurityException e) { // "can't happen" - throw (SSLException)new SSLException - ("Algorithm missing: ").initCause(e); + throw new SSLException("Algorithm missing: ", e); } /* @@ -611,8 +607,7 @@ final public class SSLEngineImpl extends SSLEngine { writeMAC = handshaker.newWriteMAC(); } catch (GeneralSecurityException e) { // "can't happen" - throw (SSLException)new SSLException - ("Algorithm missing: ").initCause(e); + throw new SSLException("Algorithm missing: ", e); } // See comment above. @@ -877,9 +872,7 @@ final public class SSLEngineImpl extends SSLEngine { } catch (SSLException e) { throw e; } catch (IOException e) { - SSLException ex = new SSLException("readRecord"); - ex.initCause(e); - throw ex; + throw new SSLException("readRecord", e); } /* @@ -1151,7 +1144,7 @@ final public class SSLEngineImpl extends SSLEngine { * For now, force it to be large enough to handle any * valid SSL/TLS record. */ - if (netData.remaining() < outputRecord.maxRecordSize) { + if (netData.remaining() < EngineOutputRecord.maxRecordSize) { return new SSLEngineResult( Status.BUFFER_OVERFLOW, getHSStatus(null), 0, 0); } @@ -1248,9 +1241,7 @@ final public class SSLEngineImpl extends SSLEngine { } catch (SSLException e) { throw e; } catch (IOException e) { - SSLException ex = new SSLException("Write problems"); - ex.initCause(e); - throw ex; + throw new SSLException("Write problems", e); } /* @@ -1624,10 +1615,7 @@ final public class SSLEngineImpl extends SSLEngine { } else if (cause instanceof SSLException) { throw (SSLException)cause; } else if (cause instanceof Exception) { - SSLException ssle = new SSLException( - "fatal SSLEngine condition"); - ssle.initCause(cause); - throw ssle; + throw new SSLException("fatal SSLEngine condition", cause); } } @@ -1875,6 +1863,7 @@ final public class SSLEngineImpl extends SSLEngine { * client or server mode. Must be called before any SSL * traffic has started. */ + @SuppressWarnings("fallthrough") synchronized public void setUseClientMode(boolean flag) { switch (connectionState) { diff --git a/jdk/src/share/classes/sun/security/ssl/SSLSocketImpl.java b/jdk/src/share/classes/sun/security/ssl/SSLSocketImpl.java index 89907932b84..5bfdd46c074 100644 --- a/jdk/src/share/classes/sun/security/ssl/SSLSocketImpl.java +++ b/jdk/src/share/classes/sun/security/ssl/SSLSocketImpl.java @@ -41,8 +41,6 @@ import javax.crypto.BadPaddingException; import javax.net.ssl.*; -import com.sun.net.ssl.internal.ssl.X509ExtendedTrustManager; - /** * Implementation of an SSL socket. This is a normal connection type * socket, implementing SSL over some lower level socket, such as TCP. @@ -1996,8 +1994,7 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl { readMAC = handshaker.newReadMAC(); } catch (GeneralSecurityException e) { // "can't happen" - throw (SSLException)new SSLException - ("Algorithm missing: ").initCause(e); + throw new SSLException("Algorithm missing: ", e); } /* @@ -2028,8 +2025,7 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl { writeMAC = handshaker.newWriteMAC(); } catch (GeneralSecurityException e) { // "can't happen" - throw (SSLException)new SSLException - ("Algorithm missing: ").initCause(e); + throw new SSLException("Algorithm missing: ", e); } // See comment above. @@ -2217,6 +2213,7 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl { * client or server mode. Must be called before any SSL * traffic has started. */ + @SuppressWarnings("fallthrough") synchronized public void setUseClientMode(boolean flag) { switch (connectionState) { diff --git a/jdk/src/share/classes/sun/security/ssl/X509KeyManagerImpl.java b/jdk/src/share/classes/sun/security/ssl/X509KeyManagerImpl.java index 426f5bf563c..45e6c997586 100644 --- a/jdk/src/share/classes/sun/security/ssl/X509KeyManagerImpl.java +++ b/jdk/src/share/classes/sun/security/ssl/X509KeyManagerImpl.java @@ -91,6 +91,8 @@ final class X509KeyManagerImpl extends X509ExtendedKeyManager // LinkedHashMap with a max size of 10 // see LinkedHashMap JavaDocs private static class SizedMap extends LinkedHashMap { + private static final long serialVersionUID = -8211222668790986062L; + @Override protected boolean removeEldestEntry(Map.Entry eldest) { return size() > 10; } @@ -247,7 +249,7 @@ final class X509KeyManagerImpl extends X509ExtendedKeyManager return null; } entry = (PrivateKeyEntry)newEntry; - entryCacheMap.put(alias, new SoftReference(entry)); + entryCacheMap.put(alias, new SoftReference(entry)); return entry; } catch (Exception e) { // ignore @@ -329,7 +331,7 @@ final class X509KeyManagerImpl extends X509ExtendedKeyManager */ private String chooseAlias(List keyTypeList, Principal[] issuers, CheckType checkType, AlgorithmConstraints constraints) { - if (keyTypeList == null || keyTypeList.size() == 0) { + if (keyTypeList == null || keyTypeList.isEmpty()) { return null; } @@ -403,7 +405,7 @@ final class X509KeyManagerImpl extends X509ExtendedKeyManager // ignore } } - if (allResults == null || allResults.size() == 0) { + if (allResults == null || allResults.isEmpty()) { if (useDebug) { debug.println("KeyMgr: no matching alias found"); } @@ -523,38 +525,43 @@ final class X509KeyManagerImpl extends X509ExtendedKeyManager if (ku != null) { String algorithm = cert.getPublicKey().getAlgorithm(); boolean kuSignature = getBit(ku, 0); - if (algorithm.equals("RSA")) { - // require either signature bit - // or if server also allow key encipherment bit - if (kuSignature == false) { - if ((this == CLIENT) || (getBit(ku, 2) == false)) { + switch (algorithm) { + case "RSA": + // require either signature bit + // or if server also allow key encipherment bit + if (kuSignature == false) { + if ((this == CLIENT) || (getBit(ku, 2) == false)) { + return CheckResult.EXTENSION_MISMATCH; + } + } + break; + case "DSA": + // require signature bit + if (kuSignature == false) { return CheckResult.EXTENSION_MISMATCH; } - } - } else if (algorithm.equals("DSA")) { - // require signature bit - if (kuSignature == false) { - return CheckResult.EXTENSION_MISMATCH; - } - } else if (algorithm.equals("DH")) { - // require keyagreement bit - if (getBit(ku, 4) == false) { - return CheckResult.EXTENSION_MISMATCH; - } - } else if (algorithm.equals("EC")) { - // require signature bit - if (kuSignature == false) { - return CheckResult.EXTENSION_MISMATCH; - } - // For servers, also require key agreement. - // This is not totally accurate as the keyAgreement bit - // is only necessary for static ECDH key exchange and - // not ephemeral ECDH. We leave it in for now until - // there are signs that this check causes problems - // for real world EC certificates. - if ((this == SERVER) && (getBit(ku, 4) == false)) { - return CheckResult.EXTENSION_MISMATCH; - } + break; + case "DH": + // require keyagreement bit + if (getBit(ku, 4) == false) { + return CheckResult.EXTENSION_MISMATCH; + } + break; + case "EC": + // require signature bit + if (kuSignature == false) { + return CheckResult.EXTENSION_MISMATCH; + } + // For servers, also require key agreement. + // This is not totally accurate as the keyAgreement bit + // is only necessary for static ECDH key exchange and + // not ephemeral ECDH. We leave it in for now until + // there are signs that this check causes problems + // for real world EC certificates. + if ((this == SERVER) && (getBit(ku, 4) == false)) { + return CheckResult.EXTENSION_MISMATCH; + } + break; } } } catch (CertificateException e) { diff --git a/jdk/src/share/classes/sun/security/timestamp/HttpTimestamper.java b/jdk/src/share/classes/sun/security/timestamp/HttpTimestamper.java index ca3fab32019..54958f726c8 100644 --- a/jdk/src/share/classes/sun/security/timestamp/HttpTimestamper.java +++ b/jdk/src/share/classes/sun/security/timestamp/HttpTimestamper.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -30,12 +30,11 @@ import java.io.DataOutputStream; import java.io.IOException; import java.net.URL; import java.net.HttpURLConnection; -import java.util.Iterator; +import java.util.List; +import java.util.Map; import java.util.Set; -import java.util.Arrays; import sun.misc.IOUtils; -import sun.security.pkcs.*; /** * A timestamper that communicates with a Timestamping Authority (TSA) @@ -95,11 +94,12 @@ public class HttpTimestamper implements Timestamper { connection.setConnectTimeout(CONNECT_TIMEOUT); if (DEBUG) { - Set headers = connection.getRequestProperties().entrySet(); + Set>> headers = + connection.getRequestProperties().entrySet(); System.out.println(connection.getRequestMethod() + " " + tsaUrl + " HTTP/1.1"); - for (Iterator i = headers.iterator(); i.hasNext(); ) { - System.out.println(" " + i.next()); + for (Map.Entry> entry : headers) { + System.out.println(" " + entry); } System.out.println(); } diff --git a/jdk/src/share/classes/sun/security/timestamp/TSResponse.java b/jdk/src/share/classes/sun/security/timestamp/TSResponse.java index afc8e87c417..afb8084fed7 100644 --- a/jdk/src/share/classes/sun/security/timestamp/TSResponse.java +++ b/jdk/src/share/classes/sun/security/timestamp/TSResponse.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,15 +26,8 @@ package sun.security.timestamp; import java.io.IOException; -import java.math.BigInteger; import sun.security.pkcs.PKCS7; -import sun.security.pkcs.PKCS9Attribute; -import sun.security.pkcs.PKCS9Attributes; -import sun.security.pkcs.ParsingException; -import sun.security.pkcs.SignerInfo; import sun.security.util.DerValue; -import sun.security.x509.AlgorithmId; -import sun.security.x509.X500Name; /** * This class provides the response corresponding to a timestamp request, @@ -376,9 +369,11 @@ public class TSResponse { } } -final static class TimestampException extends IOException { - TimestampException(String message) { - super(message); + final static class TimestampException extends IOException { + private static final long serialVersionUID = -1631631794891940953L; + + TimestampException(String message) { + super(message); + } } } -} diff --git a/jdk/src/share/classes/sun/security/tools/JarSigner.java b/jdk/src/share/classes/sun/security/tools/JarSigner.java index ca1006a840e..7707fa658a0 100644 --- a/jdk/src/share/classes/sun/security/tools/JarSigner.java +++ b/jdk/src/share/classes/sun/security/tools/JarSigner.java @@ -1425,6 +1425,7 @@ public class JarSigner { * lines of attributes plus an empty line. The empty line is included * in the header. */ + @SuppressWarnings("fallthrough") private int findHeaderEnd(byte[] bs) { // Initial state true to deal with empty header boolean newline = true; // just met a newline @@ -1739,8 +1740,7 @@ public class JarSigner { NetscapeCertTypeExtension extn = new NetscapeCertTypeExtension(encoded); - Boolean val = (Boolean)extn.get( - NetscapeCertTypeExtension.OBJECT_SIGNING); + Boolean val = extn.get(NetscapeCertTypeExtension.OBJECT_SIGNING); if (!val) { if (bad != null) { bad[2] = true; @@ -2054,7 +2054,7 @@ public class JarSigner { ClassLoader appClassLoader = new URLClassLoader(urls); // attempt to find signer - Class signerClass = appClassLoader.loadClass(signerClassName); + Class signerClass = appClassLoader.loadClass(signerClassName); // Check that it implements ContentSigner Object signer = signerClass.newInstance(); @@ -2297,9 +2297,7 @@ class SignatureFile { tsaUri = new URI(tsaUrl); } } catch (URISyntaxException e) { - IOException ioe = new IOException(); - ioe.initCause(e); - throw ioe; + throw new IOException(e); } // Assemble parameters for the signing mechanism diff --git a/jdk/src/share/classes/sun/security/tools/KeyTool.java b/jdk/src/share/classes/sun/security/tools/KeyTool.java index 2259c0382a8..b3dcebdd87e 100644 --- a/jdk/src/share/classes/sun/security/tools/KeyTool.java +++ b/jdk/src/share/classes/sun/security/tools/KeyTool.java @@ -1197,7 +1197,7 @@ public final class KeyTool { new CertificateVersion(CertificateVersion.V3)); info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId( - AlgorithmId.getAlgorithmId(sigAlgName))); + AlgorithmId.get(sigAlgName))); info.set(X509CertInfo.ISSUER, new CertificateIssuerName(issuer)); BufferedReader reader = new BufferedReader(new InputStreamReader(in)); @@ -1227,7 +1227,7 @@ public final class KeyTool { Iterator attrs = req.getAttributes().getAttributes().iterator(); while (attrs.hasNext()) { PKCS10Attribute attr = attrs.next(); - if (attr.getAttributeId().equals(PKCS9Attribute.EXTENSION_REQUEST_OID)) { + if (attr.getAttributeId().equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { reqex = (CertificateExtensions)attr.getAttributeValue(); } } @@ -1266,7 +1266,7 @@ public final class KeyTool { Date firstDate = getStartDate(startDate); Date lastDate = (Date) firstDate.clone(); - lastDate.setTime(lastDate.getTime() + (long)validity*1000*24*60*60); + lastDate.setTime(lastDate.getTime() + validity*1000*24*60*60); CertificateValidity interval = new CertificateValidity(firstDate, lastDate); @@ -2093,8 +2093,9 @@ public final class KeyTool { CRLDistributionPointsExtension ext = X509CertImpl.toImpl(cert).getCRLDistributionPointsExtension(); if (ext == null) return crls; - for (DistributionPoint o: (List) - ext.get(CRLDistributionPointsExtension.POINTS)) { + List distPoints = + ext.get(CRLDistributionPointsExtension.POINTS); + for (DistributionPoint o: distPoints) { GeneralNames names = o.getFullName(); if (names != null) { for (GeneralName name: names.names()) { @@ -2199,7 +2200,7 @@ public final class KeyTool { req.getSubjectName(), pkey.getFormat(), pkey.getAlgorithm()); for (PKCS10Attribute attr: req.getAttributes().getAttributes()) { ObjectIdentifier oid = attr.getAttributeId(); - if (oid.equals(PKCS9Attribute.EXTENSION_REQUEST_OID)) { + if (oid.equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue(); if (exts != null) { printExtensions(rb.getString("Extension.Request."), exts, out); @@ -2314,7 +2315,7 @@ public final class KeyTool { } } jf.close(); - if (ss.size() == 0) { + if (ss.isEmpty()) { out.println(rb.getString("Not.a.signed.jar.file")); } } else if (sslserver != null) { @@ -3745,7 +3746,7 @@ public final class KeyTool { } String n = reqex.getNameByOid(findOidForExtName(type)); if (add) { - Extension e = (Extension)reqex.get(n); + Extension e = reqex.get(n); if (!e.isCritical() && action == 0 || e.isCritical() && action == 1) { e = Extension.newExtension( diff --git a/jdk/src/share/classes/sun/security/tools/TimestampedSigner.java b/jdk/src/share/classes/sun/security/tools/TimestampedSigner.java index 349607af720..94a6a8b158c 100644 --- a/jdk/src/share/classes/sun/security/tools/TimestampedSigner.java +++ b/jdk/src/share/classes/sun/security/tools/TimestampedSigner.java @@ -275,7 +275,8 @@ public final class TimestampedSigner extends ContentSigner { URIName uri; for (int i = 0; i < derValue.length; i++) { description = new AccessDescription(derValue[i]); - if (description.getAccessMethod().equals(AD_TIMESTAMPING_Id)) { + if (description.getAccessMethod() + .equals((Object)AD_TIMESTAMPING_Id)) { location = description.getAccessLocation(); if (location.getType() == GeneralNameInterface.NAME_URI) { uri = (URIName) location.getName(); @@ -351,7 +352,7 @@ public final class TimestampedSigner extends ContentSigner { } if (!Arrays.equals(tst.getHashedMessage(), digest)) { throw new IOException("Digest octets changed in timestamp token"); - }; + } BigInteger replyNonce = tst.getNonce(); if (replyNonce == null && nonce != null) { @@ -374,7 +375,7 @@ public final class TimestampedSigner extends ContentSigner { throw new CertificateException( "Certificate is not valid for timestamping"); } - List keyPurposes = cert.getExtendedKeyUsage(); + List keyPurposes = cert.getExtendedKeyUsage(); if (keyPurposes == null || ! keyPurposes.contains(KP_TIMESTAMPING_OID)) { throw new CertificateException( diff --git a/jdk/src/share/classes/sun/security/tools/policytool/PolicyTool.java b/jdk/src/share/classes/sun/security/tools/policytool/PolicyTool.java index 0325b598931..267cc0132b9 100644 --- a/jdk/src/share/classes/sun/security/tools/policytool/PolicyTool.java +++ b/jdk/src/share/classes/sun/security/tools/policytool/PolicyTool.java @@ -123,7 +123,7 @@ public class PolicyTool { * set the PolicyFileName */ void setPolicyFileName(String policyFileName) { - this.policyFileName = policyFileName; + PolicyTool.policyFileName = policyFileName; } /** @@ -605,7 +605,7 @@ public class PolicyTool { if (type.equals(PolicyParser.PrincipalEntry.WILDCARD_CLASS) || type.equals(PolicyParser.REPLACE_NAME)) { return; - }; + } Class PRIN = Class.forName("java.security.Principal"); Class pc = Class.forName(type, true, Thread.currentThread().getContextClassLoader()); @@ -629,6 +629,7 @@ public class PolicyTool { /** * Check to see if the Permission contents are OK */ + @SuppressWarnings("fallthrough") void verifyPermission(String type, String name, String actions) @@ -655,6 +656,7 @@ public class PolicyTool { // proceed to the one-param constructor objects.add(null); } + /* fall through */ case 1: try { c = pc.getConstructor(ONEPARAMS); @@ -663,6 +665,7 @@ public class PolicyTool { // proceed to the two-param constructor objects.add(null); } + /* fall through */ case 2: c = pc.getConstructor(TWOPARAMS); break; @@ -1553,16 +1556,15 @@ class ToolDialog extends Dialog { if (edit) { // get the selected item entries = tool.getEntry(); - List policyList = (List)tw.getComponent(tw.MW_POLICY_LIST); + List policyList = (List)tw.getComponent(ToolWindow.MW_POLICY_LIST); listIndex = policyList.getSelectedIndex(); // get principal list - LinkedList principals = + LinkedList principals = entries[listIndex].getGrantEntry().principals; for (int i = 0; i < principals.size(); i++) { String prinString = null; - PolicyParser.PrincipalEntry nextPrin = - (PolicyParser.PrincipalEntry)principals.get(i); + PolicyParser.PrincipalEntry nextPrin = principals.get(i); prinList.addTaggedItem(PrincipalEntryToUserFriendlyString(nextPrin), nextPrin); } @@ -1631,10 +1633,10 @@ class ToolDialog extends Dialog { label = new Label(PolicyTool.rb.getString("Principals.")); tw.addNewComponent(this, label, PE_PRIN_LABEL, 0, 3, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.BOTTOM_PADDING); + ToolWindow.BOTTOM_PADDING); tw.addNewComponent(this, prinList, PE_PRIN_LIST, 1, 3, 3, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.BOTTOM_PADDING); + ToolWindow.BOTTOM_PADDING); // panel for permission buttons panel = new Panel(); @@ -1661,12 +1663,12 @@ class ToolDialog extends Dialog { tw.addNewComponent(this, panel, PE_PANEL1, 0, 4, 2, 1, 0.0, 0.0, GridBagConstraints.HORIZONTAL, - tw.LITE_BOTTOM_PADDING); + ToolWindow.LITE_BOTTOM_PADDING); // permission list tw.addNewComponent(this, permList, PE_PERM_LIST, 0, 5, 3, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.BOTTOM_PADDING); + ToolWindow.BOTTOM_PADDING); // panel for Done and Cancel buttons @@ -1679,14 +1681,14 @@ class ToolDialog extends Dialog { (new AddEntryDoneButtonListener(tool, tw, this, edit)); tw.addNewComponent(panel, button, PE_DONE_BUTTON, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, - tw.LR_PADDING); + ToolWindow.LR_PADDING); // Cancel Button button = new Button(PolicyTool.rb.getString("Cancel")); button.addActionListener(new CancelButtonListener(this)); tw.addNewComponent(panel, button, PE_CANCEL_BUTTON, 1, 0, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, - tw.LR_PADDING); + ToolWindow.LR_PADDING); // add the panel tw.addNewComponent(this, panel, PE_PANEL2, @@ -1760,7 +1762,7 @@ class ToolDialog extends Dialog { (PolicyTool.rb.getString("KeyStore.URL.")); tw.addNewComponent(this, label, KSD_NAME_LABEL, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.BOTTOM_PADDING); + ToolWindow.BOTTOM_PADDING); TextField tf = new TextField(tool.getKeyStoreName(), 30); // URL to U R L, so that accessibility reader will pronounce well @@ -1768,45 +1770,45 @@ class ToolDialog extends Dialog { PolicyTool.rb.getString("KeyStore.U.R.L.")); tw.addNewComponent(this, tf, KSD_NAME_TEXTFIELD, 1, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.BOTTOM_PADDING); + ToolWindow.BOTTOM_PADDING); // KeyStore type and textfield label = new Label(PolicyTool.rb.getString("KeyStore.Type.")); tw.addNewComponent(this, label, KSD_TYPE_LABEL, 0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.BOTTOM_PADDING); + ToolWindow.BOTTOM_PADDING); tf = new TextField(tool.getKeyStoreType(), 30); tf.getAccessibleContext().setAccessibleName( PolicyTool.rb.getString("KeyStore.Type.")); tw.addNewComponent(this, tf, KSD_TYPE_TEXTFIELD, 1, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.BOTTOM_PADDING); + ToolWindow.BOTTOM_PADDING); // KeyStore provider and textfield label = new Label(PolicyTool.rb.getString ("KeyStore.Provider.")); tw.addNewComponent(this, label, KSD_PROVIDER_LABEL, 0, 2, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.BOTTOM_PADDING); + ToolWindow.BOTTOM_PADDING); tf = new TextField(tool.getKeyStoreProvider(), 30); tf.getAccessibleContext().setAccessibleName( PolicyTool.rb.getString("KeyStore.Provider.")); tw.addNewComponent(this, tf, KSD_PROVIDER_TEXTFIELD, 1, 2, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.BOTTOM_PADDING); + ToolWindow.BOTTOM_PADDING); // KeyStore password URL and textfield label = new Label(PolicyTool.rb.getString ("KeyStore.Password.URL.")); tw.addNewComponent(this, label, KSD_PWD_URL_LABEL, 0, 3, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.BOTTOM_PADDING); + ToolWindow.BOTTOM_PADDING); tf = new TextField(tool.getKeyStorePwdURL(), 30); tf.getAccessibleContext().setAccessibleName( PolicyTool.rb.getString("KeyStore.Password.U.R.L.")); tw.addNewComponent(this, tf, KSD_PWD_URL_TEXTFIELD, 1, 3, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.BOTTOM_PADDING); + ToolWindow.BOTTOM_PADDING); // OK button Button okButton = new Button(PolicyTool.rb.getString("OK")); @@ -1862,7 +1864,7 @@ class ToolDialog extends Dialog { new Label(PolicyTool.rb.getString(".Add.New.Principal."))); tw.addNewComponent(newTD, label, PRD_DESC_LABEL, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.TOP_BOTTOM_PADDING); + ToolWindow.TOP_BOTTOM_PADDING); // principal choice Choice choice = new Choice(); @@ -1888,7 +1890,7 @@ class ToolDialog extends Dialog { tw.addNewComponent(newTD, choice, PRD_PRIN_CHOICE, 0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.LR_PADDING); + ToolWindow.LR_PADDING); // principal textfield TextField tf; @@ -1898,7 +1900,7 @@ class ToolDialog extends Dialog { tf.getAccessibleContext().setAccessibleName(PRIN_TYPE); tw.addNewComponent(newTD, tf, PRD_PRIN_TEXTFIELD, 1, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.LR_PADDING); + ToolWindow.LR_PADDING); // name label and textfield label = new Label(PRIN_NAME); @@ -1909,10 +1911,10 @@ class ToolDialog extends Dialog { tw.addNewComponent(newTD, label, PRD_NAME_LABEL, 0, 2, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.LR_PADDING); + ToolWindow.LR_PADDING); tw.addNewComponent(newTD, tf, PRD_NAME_TEXTFIELD, 1, 2, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.LR_PADDING); + ToolWindow.LR_PADDING); // OK button Button okButton = new Button(PolicyTool.rb.getString("OK")); @@ -1921,13 +1923,13 @@ class ToolDialog extends Dialog { (tool, tw, this, newTD, edit)); tw.addNewComponent(newTD, okButton, PRD_OK_BUTTON, 0, 3, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, - tw.TOP_BOTTOM_PADDING); + ToolWindow.TOP_BOTTOM_PADDING); // cancel button Button cancelButton = new Button(PolicyTool.rb.getString("Cancel")); cancelButton.addActionListener(new CancelButtonListener(newTD)); tw.addNewComponent(newTD, cancelButton, PRD_CANCEL_BUTTON, 1, 3, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, - tw.TOP_BOTTOM_PADDING); + ToolWindow.TOP_BOTTOM_PADDING); newTD.setVisible(true); } @@ -1969,7 +1971,7 @@ class ToolDialog extends Dialog { new Label(PolicyTool.rb.getString(".Add.New.Permission."))); tw.addNewComponent(newTD, label, PD_DESC_LABEL, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.TOP_BOTTOM_PADDING); + ToolWindow.TOP_BOTTOM_PADDING); // permission choice (added in alphabetical order) Choice choice = new Choice(); @@ -1982,7 +1984,7 @@ class ToolDialog extends Dialog { choice.addItemListener(new PermissionMenuListener(newTD)); tw.addNewComponent(newTD, choice, PD_PERM_CHOICE, 0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.LR_PADDING); + ToolWindow.LR_PADDING); // permission textfield TextField tf; @@ -1996,7 +1998,7 @@ class ToolDialog extends Dialog { } tw.addNewComponent(newTD, tf, PD_PERM_TEXTFIELD, 1, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.LR_PADDING); + ToolWindow.LR_PADDING); // name label and textfield choice = new Choice(); @@ -2010,10 +2012,10 @@ class ToolDialog extends Dialog { } tw.addNewComponent(newTD, choice, PD_NAME_CHOICE, 0, 2, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.LR_PADDING); + ToolWindow.LR_PADDING); tw.addNewComponent(newTD, tf, PD_NAME_TEXTFIELD, 1, 2, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.LR_PADDING); + ToolWindow.LR_PADDING); // actions label and textfield choice = new Choice(); @@ -2027,22 +2029,22 @@ class ToolDialog extends Dialog { } tw.addNewComponent(newTD, choice, PD_ACTIONS_CHOICE, 0, 3, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.LR_PADDING); + ToolWindow.LR_PADDING); tw.addNewComponent(newTD, tf, PD_ACTIONS_TEXTFIELD, 1, 3, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.LR_PADDING); + ToolWindow.LR_PADDING); // signedby label and textfield label = new Label(PolicyTool.rb.getString("Signed.By.")); tw.addNewComponent(newTD, label, PD_SIGNEDBY_LABEL, 0, 4, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.LR_PADDING); + ToolWindow.LR_PADDING); tf = (edit ? new TextField(editMe.signedBy, 40) : new TextField(40)); tf.getAccessibleContext().setAccessibleName( PolicyTool.rb.getString("Signed.By.")); tw.addNewComponent(newTD, tf, PD_SIGNEDBY_TEXTFIELD, 1, 4, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.LR_PADDING); + ToolWindow.LR_PADDING); // OK button Button okButton = new Button(PolicyTool.rb.getString("OK")); @@ -2051,14 +2053,14 @@ class ToolDialog extends Dialog { (tool, tw, this, newTD, edit)); tw.addNewComponent(newTD, okButton, PD_OK_BUTTON, 0, 5, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, - tw.TOP_BOTTOM_PADDING); + ToolWindow.TOP_BOTTOM_PADDING); // cancel button Button cancelButton = new Button(PolicyTool.rb.getString("Cancel")); cancelButton.addActionListener(new CancelButtonListener(newTD)); tw.addNewComponent(newTD, cancelButton, PD_CANCEL_BUTTON, 1, 5, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, - tw.TOP_BOTTOM_PADDING); + ToolWindow.TOP_BOTTOM_PADDING); newTD.setVisible(true); } @@ -2205,7 +2207,7 @@ class ToolDialog extends Dialog { void displayConfirmRemovePolicyEntry() { // find the entry to be removed - List list = (List)tw.getComponent(tw.MW_POLICY_LIST); + List list = (List)tw.getComponent(ToolWindow.MW_POLICY_LIST); int index = list.getSelectedIndex(); PolicyEntry entries[] = tool.getEntry(); @@ -2219,7 +2221,7 @@ class ToolDialog extends Dialog { (PolicyTool.rb.getString("Remove.this.Policy.Entry.")); tw.addNewComponent(this, label, CRPE_LABEL1, 0, 0, 2, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.BOTTOM_PADDING); + ToolWindow.BOTTOM_PADDING); // display the policy entry label = new Label(entries[index].codebaseToString()); @@ -2237,7 +2239,8 @@ class ToolDialog extends Dialog { if (i == (perms.size()-1)) { tw.addNewComponent(this, label, CRPE_LABEL2 + 2 + i, 1, 3 + i, 1, 1, 0.0, 0.0, - GridBagConstraints.BOTH, tw.BOTTOM_PADDING); + GridBagConstraints.BOTH, + ToolWindow.BOTTOM_PADDING); } else { tw.addNewComponent(this, label, CRPE_LABEL2 + 2 + i, 1, 3 + i, 1, 1, 0.0, 0.0, @@ -2256,18 +2259,18 @@ class ToolDialog extends Dialog { (new ConfirmRemovePolicyEntryOKButtonListener(tool, tw, this)); tw.addNewComponent(panel, okButton, CRPE_PANEL_OK, 0, 0, 1, 1, 0.0, 0.0, - GridBagConstraints.VERTICAL, tw.LR_PADDING); + GridBagConstraints.VERTICAL, ToolWindow.LR_PADDING); // cancel button Button cancelButton = new Button(PolicyTool.rb.getString("Cancel")); cancelButton.addActionListener(new CancelButtonListener(this)); tw.addNewComponent(panel, cancelButton, CRPE_PANEL_CANCEL, 1, 0, 1, 1, 0.0, 0.0, - GridBagConstraints.VERTICAL, tw.LR_PADDING); + GridBagConstraints.VERTICAL, ToolWindow.LR_PADDING); tw.addNewComponent(this, panel, CRPE_LABEL2 + 2 + perms.size(), 0, 3 + perms.size(), 2, 1, 0.0, 0.0, - GridBagConstraints.VERTICAL, tw.TOP_BOTTOM_PADDING); + GridBagConstraints.VERTICAL, ToolWindow.TOP_BOTTOM_PADDING); pack(); setVisible(true); @@ -2310,7 +2313,7 @@ class ToolDialog extends Dialog { // display the new policy filename TextField newFilename = (TextField)tw.getComponent - (tw.MW_FILENAME_TEXTFIELD); + (ToolWindow.MW_FILENAME_TEXTFIELD); newFilename.setText(filename); tw.setVisible(true); @@ -2346,7 +2349,7 @@ class ToolDialog extends Dialog { (PolicyTool.rb.getString("Save.changes.")); tw.addNewComponent(this, label, USC_LABEL, 0, 0, 3, 1, 0.0, 0.0, GridBagConstraints.BOTH, - tw.L_TOP_BOTTOM_PADDING); + ToolWindow.L_TOP_BOTTOM_PADDING); Panel panel = new Panel(); panel.setLayout(new GridBagLayout()); @@ -2357,21 +2360,21 @@ class ToolDialog extends Dialog { tw.addNewComponent(panel, yesButton, USC_YES_BUTTON, 0, 0, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, - tw.LR_BOTTOM_PADDING); + ToolWindow.LR_BOTTOM_PADDING); Button noButton = new Button(PolicyTool.rb.getString("No")); noButton.addActionListener (new UserSaveNoButtonListener(this, tool, tw, select)); tw.addNewComponent(panel, noButton, USC_NO_BUTTON, 1, 0, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, - tw.LR_BOTTOM_PADDING); + ToolWindow.LR_BOTTOM_PADDING); Button cancelButton = new Button(PolicyTool.rb.getString("Cancel")); cancelButton.addActionListener (new UserSaveCancelButtonListener(this)); tw.addNewComponent(panel, cancelButton, USC_CANCEL_BUTTON, 2, 0, 1, 1, 0.0, 0.0, GridBagConstraints.VERTICAL, - tw.LR_BOTTOM_PADDING); + ToolWindow.LR_BOTTOM_PADDING); tw.addNewComponent(this, panel, USC_PANEL, 0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH); @@ -2391,6 +2394,7 @@ class ToolDialog extends Dialog { * (either QUITting, opening NEW policy file, or OPENing an existing * policy file. do that now. */ + @SuppressWarnings("fallthrough") void userSaveContinue(PolicyTool tool, ToolWindow tw, ToolDialog us, int select) { @@ -2417,8 +2421,8 @@ class ToolDialog extends Dialog { tw.replacePolicyList(list); // display null policy filename and keystore - TextField newFilename = (TextField) - tw.getComponent(tw.MW_FILENAME_TEXTFIELD); + TextField newFilename = (TextField)tw.getComponent( + ToolWindow.MW_FILENAME_TEXTFIELD); newFilename.setText(""); tw.setVisible(true); break; @@ -2459,8 +2463,8 @@ class ToolDialog extends Dialog { tool.modified = false; // display the new policy filename - newFilename = (TextField) - tw.getComponent(tw.MW_FILENAME_TEXTFIELD); + newFilename = (TextField)tw.getComponent( + ToolWindow.MW_FILENAME_TEXTFIELD); newFilename.setText(policyFile); tw.setVisible(true); @@ -2479,8 +2483,8 @@ class ToolDialog extends Dialog { tool.modified = false; // display a null policy filename - newFilename = (TextField) - tw.getComponent(tw.MW_FILENAME_TEXTFIELD); + newFilename = (TextField)tw.getComponent( + ToolWindow.MW_FILENAME_TEXTFIELD); newFilename.setText(""); tw.setVisible(true); @@ -2658,51 +2662,52 @@ class FileMenuListener implements ActionListener { public void actionPerformed(ActionEvent e) { - if (PolicyTool.collator.compare(e.getActionCommand(), tw.QUIT) == 0) { + if (PolicyTool.collator.compare(e.getActionCommand(), + ToolWindow.QUIT) == 0) { // ask user if they want to save changes ToolDialog td = new ToolDialog (PolicyTool.rb.getString("Save.Changes"), tool, tw, true); - td.displayUserSave(td.QUIT); + td.displayUserSave(ToolDialog.QUIT); // the above method will perform the QUIT as long as the // user does not CANCEL the request } else if (PolicyTool.collator.compare(e.getActionCommand(), - tw.NEW_POLICY_FILE) == 0) { + ToolWindow.NEW_POLICY_FILE) == 0) { // ask user if they want to save changes ToolDialog td = new ToolDialog (PolicyTool.rb.getString("Save.Changes"), tool, tw, true); - td.displayUserSave(td.NEW); + td.displayUserSave(ToolDialog.NEW); // the above method will perform the NEW as long as the // user does not CANCEL the request } else if (PolicyTool.collator.compare(e.getActionCommand(), - tw.OPEN_POLICY_FILE) == 0) { + ToolWindow.OPEN_POLICY_FILE) == 0) { // ask user if they want to save changes ToolDialog td = new ToolDialog (PolicyTool.rb.getString("Save.Changes"), tool, tw, true); - td.displayUserSave(td.OPEN); + td.displayUserSave(ToolDialog.OPEN); // the above method will perform the OPEN as long as the // user does not CANCEL the request } else if (PolicyTool.collator.compare(e.getActionCommand(), - tw.SAVE_POLICY_FILE) == 0) { + ToolWindow.SAVE_POLICY_FILE) == 0) { // get the previously entered filename - String filename = ((TextField) - tw.getComponent(tw.MW_FILENAME_TEXTFIELD)).getText(); + String filename = ((TextField)tw.getComponent( + ToolWindow.MW_FILENAME_TEXTFIELD)).getText(); // if there is no filename, do a SAVE_AS if (filename == null || filename.length() == 0) { // user wants to SAVE AS ToolDialog td = new ToolDialog (PolicyTool.rb.getString("Save.As"), tool, tw, true); - td.displaySaveAsDialog(td.NOACTION); + td.displaySaveAsDialog(ToolDialog.NOACTION); } else { try { // save the policy entries to a file @@ -2726,15 +2731,15 @@ class FileMenuListener implements ActionListener { } } } else if (PolicyTool.collator.compare(e.getActionCommand(), - tw.SAVE_AS_POLICY_FILE) == 0) { + ToolWindow.SAVE_AS_POLICY_FILE) == 0) { // user wants to SAVE AS ToolDialog td = new ToolDialog (PolicyTool.rb.getString("Save.As"), tool, tw, true); - td.displaySaveAsDialog(td.NOACTION); + td.displaySaveAsDialog(ToolDialog.NOACTION); } else if (PolicyTool.collator.compare(e.getActionCommand(), - tw.VIEW_WARNINGS) == 0) { + ToolWindow.VIEW_WARNINGS) == 0) { tw.displayWarningLog(null); } } @@ -2756,7 +2761,7 @@ class MainWindowListener implements ActionListener { public void actionPerformed(ActionEvent e) { if (PolicyTool.collator.compare(e.getActionCommand(), - tw.ADD_POLICY_ENTRY) == 0) { + ToolWindow.ADD_POLICY_ENTRY) == 0) { // display a dialog box for the user to enter policy info ToolDialog td = new ToolDialog @@ -2764,10 +2769,10 @@ class MainWindowListener implements ActionListener { td.displayPolicyEntryDialog(false); } else if (PolicyTool.collator.compare(e.getActionCommand(), - tw.REMOVE_POLICY_ENTRY) == 0) { + ToolWindow.REMOVE_POLICY_ENTRY) == 0) { // get the selected entry - List list = (List)tw.getComponent(tw.MW_POLICY_LIST); + List list = (List)tw.getComponent(ToolWindow.MW_POLICY_LIST); int index = list.getSelectedIndex(); if (index < 0) { tw.displayErrorDialog(null, new Exception @@ -2781,10 +2786,10 @@ class MainWindowListener implements ActionListener { td.displayConfirmRemovePolicyEntry(); } else if (PolicyTool.collator.compare(e.getActionCommand(), - tw.EDIT_POLICY_ENTRY) == 0) { + ToolWindow.EDIT_POLICY_ENTRY) == 0) { // get the selected entry - List list = (List)tw.getComponent(tw.MW_POLICY_LIST); + List list = (List)tw.getComponent(ToolWindow.MW_POLICY_LIST); int index = list.getSelectedIndex(); if (index < 0) { tw.displayErrorDialog(null, new Exception @@ -2798,12 +2803,12 @@ class MainWindowListener implements ActionListener { td.displayPolicyEntryDialog(true); } else if (PolicyTool.collator.compare(e.getActionCommand(), - tw.EDIT_KEYSTORE) == 0) { + ToolWindow.EDIT_KEYSTORE) == 0) { // display a dialog box for the user to enter keystore info ToolDialog td = new ToolDialog (PolicyTool.rb.getString("KeyStore"), tool, tw, true); - td.keyStoreDialog(td.EDIT_KEYSTORE); + td.keyStoreDialog(ToolDialog.EDIT_KEYSTORE); } } } @@ -2855,7 +2860,7 @@ class AddEntryDoneButtonListener implements ActionListener { } // add the entry - List policyList = (List)tw.getComponent(tw.MW_POLICY_LIST); + List policyList = (List)tw.getComponent(ToolWindow.MW_POLICY_LIST); if (edit) { int listIndex = policyList.getSelectedIndex(); tool.addEntry(newEntry, listIndex); @@ -2896,14 +2901,14 @@ class ChangeKeyStoreOKButtonListener implements ActionListener { public void actionPerformed(ActionEvent e) { - String URLString = ((TextField) - td.getComponent(td.KSD_NAME_TEXTFIELD)).getText().trim(); - String type = ((TextField) - td.getComponent(td.KSD_TYPE_TEXTFIELD)).getText().trim(); - String provider = ((TextField) - td.getComponent(td.KSD_PROVIDER_TEXTFIELD)).getText().trim(); - String pwdURL = ((TextField) - td.getComponent(td.KSD_PWD_URL_TEXTFIELD)).getText().trim(); + String URLString = ((TextField)td.getComponent( + ToolDialog.KSD_NAME_TEXTFIELD)).getText().trim(); + String type = ((TextField)td.getComponent( + ToolDialog.KSD_TYPE_TEXTFIELD)).getText().trim(); + String provider = ((TextField)td.getComponent( + ToolDialog.KSD_PROVIDER_TEXTFIELD)).getText().trim(); + String pwdURL = ((TextField)td.getComponent( + ToolDialog.KSD_PWD_URL_TEXTFIELD)).getText().trim(); try { tool.openKeyStore @@ -3018,7 +3023,7 @@ class NewPolicyPrinOKButtonListener implements ActionListener { // add the principal to the GUI principal list TaggedList prinList = - (TaggedList)listDialog.getComponent(listDialog.PE_PRIN_LIST); + (TaggedList)listDialog.getComponent(ToolDialog.PE_PRIN_LIST); String prinString = ToolDialog.PrincipalEntryToUserFriendlyString(pppe); if (edit) { @@ -3079,7 +3084,7 @@ class NewPolicyPermOKButtonListener implements ActionListener { // add the permission to the GUI permission list TaggedList permList = - (TaggedList)listDialog.getComponent(listDialog.PE_PERM_LIST); + (TaggedList)listDialog.getComponent(ToolDialog.PE_PERM_LIST); String permString = ToolDialog.PermissionEntryToUserFriendlyString(pppe); if (edit) { @@ -3121,7 +3126,8 @@ class RemovePrinButtonListener implements ActionListener { public void actionPerformed(ActionEvent e) { // get the Principal selected from the Principal List - TaggedList prinList = (TaggedList)td.getComponent(td.PE_PRIN_LIST); + TaggedList prinList = (TaggedList)td.getComponent( + ToolDialog.PE_PRIN_LIST); int prinIndex = prinList.getSelectedIndex(); if (prinIndex < 0) { @@ -3155,7 +3161,8 @@ class RemovePermButtonListener implements ActionListener { public void actionPerformed(ActionEvent e) { // get the Permission selected from the Permission List - TaggedList permList = (TaggedList)td.getComponent(td.PE_PERM_LIST); + TaggedList permList = (TaggedList)td.getComponent( + ToolDialog.PE_PERM_LIST); int permIndex = permList.getSelectedIndex(); if (permIndex < 0) { @@ -3196,7 +3203,8 @@ class EditPrinButtonListener implements ActionListener { public void actionPerformed(ActionEvent e) { // get the Principal selected from the Principal List - TaggedList list = (TaggedList)td.getComponent(td.PE_PRIN_LIST); + TaggedList list = (TaggedList)td.getComponent( + ToolDialog.PE_PRIN_LIST); int prinIndex = list.getSelectedIndex(); if (prinIndex < 0) { @@ -3235,7 +3243,7 @@ class EditPermButtonListener implements ActionListener { public void actionPerformed(ActionEvent e) { // get the Permission selected from the Permission List - List list = (List)td.getComponent(td.PE_PERM_LIST); + List list = (List)td.getComponent(ToolDialog.PE_PERM_LIST); int permIndex = list.getSelectedIndex(); if (permIndex < 0) { @@ -3260,19 +3268,19 @@ class PrincipalTypeMenuListener implements ItemListener { public void itemStateChanged(ItemEvent e) { - Choice prin = (Choice)td.getComponent(td.PRD_PRIN_CHOICE); - TextField prinField = - (TextField)td.getComponent(td.PRD_PRIN_TEXTFIELD); - TextField nameField = - (TextField)td.getComponent(td.PRD_NAME_TEXTFIELD); + Choice prin = (Choice)td.getComponent(ToolDialog.PRD_PRIN_CHOICE); + TextField prinField = (TextField)td.getComponent( + ToolDialog.PRD_PRIN_TEXTFIELD); + TextField nameField = (TextField)td.getComponent( + ToolDialog.PRD_NAME_TEXTFIELD); prin.getAccessibleContext().setAccessibleName( PolicyTool.splitToWords((String)e.getItem())); - if (((String)e.getItem()).equals(td.PRIN_TYPE)) { + if (((String)e.getItem()).equals(ToolDialog.PRIN_TYPE)) { // ignore if they choose "Principal Type:" item if (prinField.getText() != null && prinField.getText().length() > 0) { - Prin inputPrin = td.getPrin(prinField.getText(), true); + Prin inputPrin = ToolDialog.getPrin(prinField.getText(), true); prin.select(inputPrin.CLASS); } return; @@ -3286,7 +3294,7 @@ class PrincipalTypeMenuListener implements ItemListener { // set the text in the textfield and also modify the // pull-down choice menus to reflect the correct possible // set of names and actions - Prin inputPrin = td.getPrin((String)e.getItem(), false); + Prin inputPrin = ToolDialog.getPrin((String)e.getItem(), false); if (inputPrin != null) { prinField.setText(inputPrin.FULL_CLASS); } @@ -3306,26 +3314,31 @@ class PermissionMenuListener implements ItemListener { public void itemStateChanged(ItemEvent e) { - Choice perms = (Choice)td.getComponent(td.PD_PERM_CHOICE); - Choice names = (Choice)td.getComponent(td.PD_NAME_CHOICE); - Choice actions = (Choice)td.getComponent(td.PD_ACTIONS_CHOICE); - TextField nameField = - (TextField)td.getComponent(td.PD_NAME_TEXTFIELD); - TextField actionsField = - (TextField)td.getComponent(td.PD_ACTIONS_TEXTFIELD); - TextField permField = (TextField)td.getComponent(td.PD_PERM_TEXTFIELD); - TextField signedbyField = - (TextField)td.getComponent(td.PD_SIGNEDBY_TEXTFIELD); + Choice perms = (Choice)td.getComponent( + ToolDialog.PD_PERM_CHOICE); + Choice names = (Choice)td.getComponent( + ToolDialog.PD_NAME_CHOICE); + Choice actions = (Choice)td.getComponent( + ToolDialog.PD_ACTIONS_CHOICE); + TextField nameField = (TextField)td.getComponent( + ToolDialog.PD_NAME_TEXTFIELD); + TextField actionsField = (TextField)td.getComponent( + ToolDialog.PD_ACTIONS_TEXTFIELD); + TextField permField = (TextField)td.getComponent( + ToolDialog.PD_PERM_TEXTFIELD); + TextField signedbyField = (TextField)td.getComponent( + ToolDialog.PD_SIGNEDBY_TEXTFIELD); perms.getAccessibleContext().setAccessibleName( PolicyTool.splitToWords((String)e.getItem())); // ignore if they choose the 'Permission:' item - if (PolicyTool.collator.compare((String)e.getItem(), td.PERM) == 0) { + if (PolicyTool.collator.compare((String)e.getItem(), + ToolDialog.PERM) == 0) { if (permField.getText() != null && permField.getText().length() > 0) { - Perm inputPerm = td.getPerm(permField.getText(), true); + Perm inputPerm = ToolDialog.getPerm(permField.getText(), true); if (inputPerm != null) { perms.select(inputPerm.CLASS); } @@ -3344,7 +3357,7 @@ class PermissionMenuListener implements ItemListener { // pull-down choice menus to reflect the correct possible // set of names and actions - Perm inputPerm = td.getPerm((String)e.getItem(), false); + Perm inputPerm = ToolDialog.getPerm((String)e.getItem(), false); if (inputPerm == null) { permField.setText(""); } else { @@ -3368,14 +3381,14 @@ class PermissionNameMenuListener implements ItemListener { public void itemStateChanged(ItemEvent e) { - Choice names = (Choice)td.getComponent(td.PD_NAME_CHOICE); + Choice names = (Choice)td.getComponent(ToolDialog.PD_NAME_CHOICE); names.getAccessibleContext().setAccessibleName( PolicyTool.splitToWords((String)e.getItem())); - if (((String)e.getItem()).indexOf(td.PERM_NAME) != -1) + if (((String)e.getItem()).indexOf(ToolDialog.PERM_NAME) != -1) return; - TextField tf = (TextField)td.getComponent(td.PD_NAME_TEXTFIELD); + TextField tf = (TextField)td.getComponent(ToolDialog.PD_NAME_TEXTFIELD); tf.setText((String)e.getItem()); } } @@ -3393,13 +3406,15 @@ class PermissionActionsMenuListener implements ItemListener { public void itemStateChanged(ItemEvent e) { - Choice actions = (Choice)td.getComponent(td.PD_ACTIONS_CHOICE); + Choice actions = (Choice)td.getComponent( + ToolDialog.PD_ACTIONS_CHOICE); actions.getAccessibleContext().setAccessibleName((String)e.getItem()); - if (((String)e.getItem()).indexOf(td.PERM_ACTIONS) != -1) + if (((String)e.getItem()).indexOf(ToolDialog.PERM_ACTIONS) != -1) return; - TextField tf = (TextField)td.getComponent(td.PD_ACTIONS_TEXTFIELD); + TextField tf = (TextField)td.getComponent( + ToolDialog.PD_ACTIONS_TEXTFIELD); if (tf.getText() == null || tf.getText().equals("")) { tf.setText((String)e.getItem()); } else { @@ -3521,8 +3536,8 @@ class UserSaveYesButtonListener implements ActionListener { us.dispose(); try { - String filename = ((TextField) - tw.getComponent(tw.MW_FILENAME_TEXTFIELD)).getText(); + String filename = ((TextField)tw.getComponent( + ToolWindow.MW_FILENAME_TEXTFIELD)).getText(); if (filename == null || filename.equals("")) { us.displaySaveAsDialog(select); @@ -3616,7 +3631,7 @@ class ConfirmRemovePolicyEntryOKButtonListener implements ActionListener { public void actionPerformed(ActionEvent e) { // remove the entry - List list = (List)tw.getComponent(tw.MW_POLICY_LIST); + List list = (List)tw.getComponent(ToolWindow.MW_POLICY_LIST); int index = list.getSelectedIndex(); PolicyEntry entries[] = tool.getEntry(); tool.removeEntry(entries[index]); @@ -3640,13 +3655,15 @@ class ConfirmRemovePolicyEntryOKButtonListener implements ActionListener { * it's special, and does not pop out a warning box. */ class NoDisplayException extends RuntimeException { - + private static final long serialVersionUID = -4611761427108719794L; } /** * This is a java.awt.List that bind an Object to each String it holds. */ class TaggedList extends List { + private static final long serialVersionUID = -5676238110427785853L; + private java.util.List data = new LinkedList<>(); public TaggedList(int i, boolean b) { super(i, b); diff --git a/jdk/src/share/classes/sun/security/util/Cache.java b/jdk/src/share/classes/sun/security/util/Cache.java index 031b56cb36f..7c7f072b5de 100644 --- a/jdk/src/share/classes/sun/security/util/Cache.java +++ b/jdk/src/share/classes/sun/security/util/Cache.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -251,7 +251,7 @@ class MemoryCache extends Cache { private final Map cacheMap; private int maxSize; private long lifetime; - private final ReferenceQueue queue; + private final ReferenceQueue queue; public MemoryCache(boolean soft, int maxSize) { this(soft, maxSize, 0); @@ -260,7 +260,7 @@ class MemoryCache extends Cache { public MemoryCache(boolean soft, int maxSize, int lifetime) { this.maxSize = maxSize; this.lifetime = lifetime * 1000; - this.queue = soft ? new ReferenceQueue() : null; + this.queue = soft ? new ReferenceQueue() : null; int buckets = (int)(maxSize / LOAD_FACTOR) + 1; cacheMap = new LinkedHashMap(buckets, LOAD_FACTOR, true); @@ -449,7 +449,7 @@ class MemoryCache extends Cache { } protected CacheEntry newEntry(Object key, Object value, - long expirationTime, ReferenceQueue queue) { + long expirationTime, ReferenceQueue queue) { if (queue != null) { return new SoftCacheEntry(key, value, expirationTime, queue); } else { @@ -504,13 +504,13 @@ class MemoryCache extends Cache { } private static class SoftCacheEntry - extends SoftReference implements CacheEntry { + extends SoftReference implements CacheEntry { private Object key; private long expirationTime; SoftCacheEntry(Object key, Object value, long expirationTime, - ReferenceQueue queue) { + ReferenceQueue queue) { super(value, queue); this.key = key; this.expirationTime = expirationTime; diff --git a/jdk/src/share/classes/sun/security/util/ManifestDigester.java b/jdk/src/share/classes/sun/security/util/ManifestDigester.java index 50573d65ea6..fc9ccd3d552 100644 --- a/jdk/src/share/classes/sun/security/util/ManifestDigester.java +++ b/jdk/src/share/classes/sun/security/util/ManifestDigester.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -62,6 +62,7 @@ public class ManifestDigester { * @returns false if end of bytes has been reached, otherwise returns * true */ + @SuppressWarnings("fallthrough") private boolean findSection(int offset, Position pos) { int i = offset, len = rawBytes.length; @@ -79,6 +80,7 @@ public class ManifestDigester { pos.endOfFirstLine = i-1; if ((i < len) && (rawBytes[i+1] == '\n')) i++; + /* fall through */ case '\n': if (pos.endOfFirstLine == -1) pos.endOfFirstLine = i-1; diff --git a/jdk/src/share/classes/sun/security/util/Password.java b/jdk/src/share/classes/sun/security/util/Password.java index 26653b43508..619011f77ee 100644 --- a/jdk/src/share/classes/sun/security/util/Password.java +++ b/jdk/src/share/classes/sun/security/util/Password.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -43,6 +43,7 @@ public class Password { /** Reads user password from given input stream. * @param isEchoOn true if the password should be echoed on the screen */ + @SuppressWarnings("fallthrough") public static char[] readPassword(InputStream in, boolean isEchoOn) throws IOException { @@ -95,7 +96,7 @@ public class Password { done = true; break; } - + /* fall through */ default: if (--room < 0) { buf = new char[offset + 128]; diff --git a/jdk/src/share/classes/sun/security/util/SignatureFileVerifier.java b/jdk/src/share/classes/sun/security/util/SignatureFileVerifier.java index 96f425a46b5..1c818f8945b 100644 --- a/jdk/src/share/classes/sun/security/util/SignatureFileVerifier.java +++ b/jdk/src/share/classes/sun/security/util/SignatureFileVerifier.java @@ -181,7 +181,7 @@ public class SignatureFileVerifier { * */ public void process(Hashtable signers, - List manifestDigests) + List manifestDigests) throws IOException, SignatureException, NoSuchAlgorithmException, JarException, CertificateException { @@ -198,7 +198,7 @@ public class SignatureFileVerifier { } private void processImpl(Hashtable signers, - List manifestDigests) + List manifestDigests) throws IOException, SignatureException, NoSuchAlgorithmException, JarException, CertificateException { @@ -277,7 +277,7 @@ public class SignatureFileVerifier { private boolean verifyManifestHash(Manifest sf, ManifestDigester md, BASE64Decoder decoder, - List manifestDigests) + List manifestDigests) throws IOException { Attributes mattr = sf.getMainAttributes(); diff --git a/jdk/src/share/classes/sun/security/validator/SimpleValidator.java b/jdk/src/share/classes/sun/security/validator/SimpleValidator.java index 9ad04b8773e..dc68032faa7 100644 --- a/jdk/src/share/classes/sun/security/validator/SimpleValidator.java +++ b/jdk/src/share/classes/sun/security/validator/SimpleValidator.java @@ -37,7 +37,6 @@ import sun.security.x509.X509CertImpl; import sun.security.x509.NetscapeCertTypeExtension; import sun.security.util.DerValue; import sun.security.util.DerInputStream; -import sun.security.util.DerOutputStream; import sun.security.util.ObjectIdentifier; import sun.security.provider.certpath.AlgorithmChecker; @@ -275,7 +274,7 @@ public final class SimpleValidator extends Validator { .toByteArray(); ext = new NetscapeCertTypeExtension(encoded); } - Boolean val = (Boolean)ext.get(type); + Boolean val = ext.get(type); return val.booleanValue(); } catch (IOException e) { return false; diff --git a/jdk/src/share/classes/sun/security/x509/AVA.java b/jdk/src/share/classes/sun/security/x509/AVA.java index e88947488cc..c09afc1306c 100644 --- a/jdk/src/share/classes/sun/security/x509/AVA.java +++ b/jdk/src/share/classes/sun/security/x509/AVA.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -369,8 +369,8 @@ public class AVA implements DerEncoder { // encode as PrintableString unless value contains // non-PrintableString chars - if (this.oid.equals(PKCS9Attribute.EMAIL_ADDRESS_OID) || - (this.oid.equals(X500Name.DOMAIN_COMPONENT_OID) && + if (this.oid.equals((Object)PKCS9Attribute.EMAIL_ADDRESS_OID) || + (this.oid.equals((Object)X500Name.DOMAIN_COMPONENT_OID) && PRESERVE_OLD_DC_ENCODING == false)) { // EmailAddress and DomainComponent must be IA5String return new DerValue(DerValue.tag_IA5String, @@ -503,8 +503,8 @@ public class AVA implements DerEncoder { // encode as PrintableString unless value contains // non-PrintableString chars - if (this.oid.equals(PKCS9Attribute.EMAIL_ADDRESS_OID) || - (this.oid.equals(X500Name.DOMAIN_COMPONENT_OID) && + if (this.oid.equals((Object)PKCS9Attribute.EMAIL_ADDRESS_OID) || + (this.oid.equals((Object)X500Name.DOMAIN_COMPONENT_OID) && PRESERVE_OLD_DC_ENCODING == false)) { // EmailAddress and DomainComponent must be IA5String return new DerValue(DerValue.tag_IA5String, temp.toString()); diff --git a/jdk/src/share/classes/sun/security/x509/AccessDescription.java b/jdk/src/share/classes/sun/security/x509/AccessDescription.java index fd05f289d0b..fbf4bed3a37 100644 --- a/jdk/src/share/classes/sun/security/x509/AccessDescription.java +++ b/jdk/src/share/classes/sun/security/x509/AccessDescription.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package sun.security.x509; -import java.security.cert.*; import java.io.IOException; import sun.security.util.*; @@ -96,19 +95,19 @@ public final class AccessDescription { if (this == that) { return true; } - return (accessMethod.equals(that.getAccessMethod()) && + return (accessMethod.equals((Object)that.getAccessMethod()) && accessLocation.equals(that.getAccessLocation())); } public String toString() { String method = null; - if (accessMethod.equals(Ad_CAISSUERS_Id)) { + if (accessMethod.equals((Object)Ad_CAISSUERS_Id)) { method = "caIssuers"; - } else if (accessMethod.equals(Ad_CAREPOSITORY_Id)) { + } else if (accessMethod.equals((Object)Ad_CAREPOSITORY_Id)) { method = "caRepository"; - } else if (accessMethod.equals(Ad_TIMESTAMPING_Id)) { + } else if (accessMethod.equals((Object)Ad_TIMESTAMPING_Id)) { method = "timeStamping"; - } else if (accessMethod.equals(Ad_OCSP_Id)) { + } else if (accessMethod.equals((Object)Ad_OCSP_Id)) { method = "ocsp"; } else { method = accessMethod.toString(); diff --git a/jdk/src/share/classes/sun/security/x509/AlgorithmId.java b/jdk/src/share/classes/sun/security/x509/AlgorithmId.java index e28c3445718..4602248c1f3 100644 --- a/jdk/src/share/classes/sun/security/x509/AlgorithmId.java +++ b/jdk/src/share/classes/sun/security/x509/AlgorithmId.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -236,7 +236,7 @@ public class AlgorithmId implements Serializable, DerEncoder { if (algName != null) { return algName; } - if ((params != null) && algid.equals(specifiedWithECDSA_oid)) { + if ((params != null) && algid.equals((Object)specifiedWithECDSA_oid)) { try { AlgorithmId paramsId = AlgorithmId.parse(new DerValue(getEncodedParams())); @@ -273,7 +273,7 @@ public class AlgorithmId implements Serializable, DerEncoder { public boolean equals(AlgorithmId other) { boolean paramsEqual = (params == null ? other.params == null : params.equals(other.params)); - return (algid.equals(other.algid) && paramsEqual); + return (algid.equals((Object)other.algid) && paramsEqual); } /** @@ -301,7 +301,7 @@ public class AlgorithmId implements Serializable, DerEncoder { * they are the same algorithm, ignoring algorithm parameters. */ public final boolean equals(ObjectIdentifier id) { - return algid.equals(id); + return algid.equals((Object)id); } /** diff --git a/jdk/src/share/classes/sun/security/x509/AuthorityInfoAccessExtension.java b/jdk/src/share/classes/sun/security/x509/AuthorityInfoAccessExtension.java index 0247f348933..725c753e650 100644 --- a/jdk/src/share/classes/sun/security/x509/AuthorityInfoAccessExtension.java +++ b/jdk/src/share/classes/sun/security/x509/AuthorityInfoAccessExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -163,6 +163,7 @@ public class AuthorityInfoAccessExtension extends Extension /** * Set the attribute value. */ + @SuppressWarnings("unchecked") // Checked with an instanceof check public void set(String name, Object obj) throws IOException { if (name.equalsIgnoreCase(DESCRIPTIONS)) { if (!(obj instanceof List)) { @@ -180,7 +181,7 @@ public class AuthorityInfoAccessExtension extends Extension /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public List get(String name) throws IOException { if (name.equalsIgnoreCase(DESCRIPTIONS)) { return accessDescriptions; } else { diff --git a/jdk/src/share/classes/sun/security/x509/CRLDistributionPointsExtension.java b/jdk/src/share/classes/sun/security/x509/CRLDistributionPointsExtension.java index e2df22d6750..c3814306978 100644 --- a/jdk/src/share/classes/sun/security/x509/CRLDistributionPointsExtension.java +++ b/jdk/src/share/classes/sun/security/x509/CRLDistributionPointsExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -222,6 +222,7 @@ public class CRLDistributionPointsExtension extends Extension /** * Set the attribute value. */ + @SuppressWarnings("unchecked") // Checked with instanceof public void set(String name, Object obj) throws IOException { if (name.equalsIgnoreCase(POINTS)) { if (!(obj instanceof List)) { @@ -239,7 +240,7 @@ public class CRLDistributionPointsExtension extends Extension /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public List get(String name) throws IOException { if (name.equalsIgnoreCase(POINTS)) { return distributionPoints; } else { diff --git a/jdk/src/share/classes/sun/security/x509/CRLExtensions.java b/jdk/src/share/classes/sun/security/x509/CRLExtensions.java index 7b6c34b54a0..e761ba4a314 100644 --- a/jdk/src/share/classes/sun/security/x509/CRLExtensions.java +++ b/jdk/src/share/classes/sun/security/x509/CRLExtensions.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -36,7 +36,6 @@ import java.util.Enumeration; import java.util.Hashtable; import sun.security.util.*; -import sun.misc.HexDumpEncoder; /** * This class defines the CRL Extensions. @@ -109,7 +108,7 @@ public class CRLExtensions { // Parse the encoded extension private void parseExtension(Extension ext) throws CRLException { try { - Class extClass = OIDMap.getClass(ext.getExtensionId()); + Class extClass = OIDMap.getClass(ext.getExtensionId()); if (extClass == null) { // Unsupported extension if (ext.isCritical()) unsupportedCritExt = true; @@ -117,10 +116,10 @@ public class CRLExtensions { throw new CRLException("Duplicate extensions not allowed"); return; } - Constructor cons = ((Class)extClass).getConstructor(PARAMS); + Constructor cons = extClass.getConstructor(PARAMS); Object[] passed = new Object[] {Boolean.valueOf(ext.isCritical()), ext.getExtensionValue()}; - CertAttrSet crlExt = (CertAttrSet)cons.newInstance(passed); + CertAttrSet crlExt = (CertAttrSet)cons.newInstance(passed); if (map.put(crlExt.getName(), (Extension)crlExt) != null) { throw new CRLException("Duplicate extensions not allowed"); } diff --git a/jdk/src/share/classes/sun/security/x509/CRLNumberExtension.java b/jdk/src/share/classes/sun/security/x509/CRLNumberExtension.java index 342b4a91324..9649df6aa94 100644 --- a/jdk/src/share/classes/sun/security/x509/CRLNumberExtension.java +++ b/jdk/src/share/classes/sun/security/x509/CRLNumberExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -155,7 +155,7 @@ implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public BigInteger get(String name) throws IOException { if (name.equalsIgnoreCase(NUMBER)) { if (crlNumber == null) return null; else return crlNumber; diff --git a/jdk/src/share/classes/sun/security/x509/CRLReasonCodeExtension.java b/jdk/src/share/classes/sun/security/x509/CRLReasonCodeExtension.java index 6bbb3838191..0016bc18cd3 100644 --- a/jdk/src/share/classes/sun/security/x509/CRLReasonCodeExtension.java +++ b/jdk/src/share/classes/sun/security/x509/CRLReasonCodeExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -155,7 +155,7 @@ public class CRLReasonCodeExtension extends Extension /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public Integer get(String name) throws IOException { if (name.equalsIgnoreCase(REASON)) { return new Integer(reasonCode); } else { diff --git a/jdk/src/share/classes/sun/security/x509/CertAndKeyGen.java b/jdk/src/share/classes/sun/security/x509/CertAndKeyGen.java index f5963db089b..f1560c716ad 100644 --- a/jdk/src/share/classes/sun/security/x509/CertAndKeyGen.java +++ b/jdk/src/share/classes/sun/security/x509/CertAndKeyGen.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -229,7 +229,7 @@ public final class CertAndKeyGen { new CertificateVersion(CertificateVersion.V3)); info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber( new java.util.Random().nextInt() & 0x7fffffff)); - AlgorithmId algID = AlgorithmId.getAlgorithmId(sigAlg); + AlgorithmId algID = AlgorithmId.get(sigAlg); info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algID)); info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(myname)); diff --git a/jdk/src/share/classes/sun/security/x509/CertificateAlgorithmId.java b/jdk/src/share/classes/sun/security/x509/CertificateAlgorithmId.java index 5efdb40befc..a7d6e2553e8 100644 --- a/jdk/src/share/classes/sun/security/x509/CertificateAlgorithmId.java +++ b/jdk/src/share/classes/sun/security/x509/CertificateAlgorithmId.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -130,7 +130,7 @@ public class CertificateAlgorithmId implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public AlgorithmId get(String name) throws IOException { if (name.equalsIgnoreCase(ALGORITHM)) { return (algId); } else { diff --git a/jdk/src/share/classes/sun/security/x509/CertificateExtensions.java b/jdk/src/share/classes/sun/security/x509/CertificateExtensions.java index b1dc9367512..e2a95811634 100644 --- a/jdk/src/share/classes/sun/security/x509/CertificateExtensions.java +++ b/jdk/src/share/classes/sun/security/x509/CertificateExtensions.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -93,7 +93,7 @@ public class CertificateExtensions implements CertAttrSet { // Parse the encoded extension private void parseExtension(Extension ext) throws IOException { try { - Class extClass = OIDMap.getClass(ext.getExtensionId()); + Class extClass = OIDMap.getClass(ext.getExtensionId()); if (extClass == null) { // Unsupported extension if (ext.isCritical()) { unsupportedCritExt = true; @@ -104,11 +104,12 @@ public class CertificateExtensions implements CertAttrSet { throw new IOException("Duplicate extensions not allowed"); } } - Constructor cons = ((Class)extClass).getConstructor(PARAMS); + Constructor cons = extClass.getConstructor(PARAMS); Object[] passed = new Object[] {Boolean.valueOf(ext.isCritical()), ext.getExtensionValue()}; - CertAttrSet certExt = (CertAttrSet)cons.newInstance(passed); + CertAttrSet certExt = (CertAttrSet) + cons.newInstance(passed); if (map.put(certExt.getName(), (Extension)certExt) != null) { throw new IOException("Duplicate extensions not allowed"); } @@ -132,12 +133,12 @@ public class CertificateExtensions implements CertAttrSet { if (e instanceof IOException) { throw (IOException)e; } else { - throw (IOException)new IOException(e.toString()).initCause(e); + throw new IOException(e); } } catch (IOException e) { throw e; } catch (Exception e) { - throw (IOException)new IOException(e.toString()).initCause(e); + throw new IOException(e); } } @@ -210,8 +211,8 @@ public class CertificateExtensions implements CertAttrSet { * @param name the extension name used in the lookup. * @exception IOException if named extension is not found. */ - public Object get(String name) throws IOException { - Object obj = map.get(name); + public Extension get(String name) throws IOException { + Extension obj = map.get(name); if (obj == null) { throw new IOException("No extension found with name " + name); } @@ -233,7 +234,7 @@ public class CertificateExtensions implements CertAttrSet { public String getNameByOid(ObjectIdentifier oid) throws IOException { for (String name: map.keySet()) { - if (map.get(name).getExtensionId().equals(oid)) { + if (map.get(name).getExtensionId().equals((Object)oid)) { return name; } } @@ -353,7 +354,7 @@ class UnparseableExtension extends Extension { name = ""; try { - Class extClass = OIDMap.getClass(ext.getExtensionId()); + Class extClass = OIDMap.getClass(ext.getExtensionId()); if (extClass != null) { Field field = extClass.getDeclaredField("NAME"); name = (String)(field.get(null)) + " "; diff --git a/jdk/src/share/classes/sun/security/x509/CertificateIssuerExtension.java b/jdk/src/share/classes/sun/security/x509/CertificateIssuerExtension.java index 23676d74627..b7739707ddf 100644 --- a/jdk/src/share/classes/sun/security/x509/CertificateIssuerExtension.java +++ b/jdk/src/share/classes/sun/security/x509/CertificateIssuerExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -141,7 +141,7 @@ public class CertificateIssuerExtension extends Extension * * @throws IOException on error */ - public Object get(String name) throws IOException { + public GeneralNames get(String name) throws IOException { if (name.equalsIgnoreCase(ISSUER)) { return names; } else { diff --git a/jdk/src/share/classes/sun/security/x509/CertificateIssuerUniqueIdentity.java b/jdk/src/share/classes/sun/security/x509/CertificateIssuerUniqueIdentity.java index cf3bfd8eaf0..26595b0a639 100644 --- a/jdk/src/share/classes/sun/security/x509/CertificateIssuerUniqueIdentity.java +++ b/jdk/src/share/classes/sun/security/x509/CertificateIssuerUniqueIdentity.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -136,7 +136,7 @@ public class CertificateIssuerUniqueIdentity implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public UniqueIdentity get(String name) throws IOException { if (name.equalsIgnoreCase(ID)) { return (id); } else { diff --git a/jdk/src/share/classes/sun/security/x509/CertificatePoliciesExtension.java b/jdk/src/share/classes/sun/security/x509/CertificatePoliciesExtension.java index 2d53b425e95..4f04bedd37c 100644 --- a/jdk/src/share/classes/sun/security/x509/CertificatePoliciesExtension.java +++ b/jdk/src/share/classes/sun/security/x509/CertificatePoliciesExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -189,6 +189,7 @@ implements CertAttrSet { /** * Set the attribute value. */ + @SuppressWarnings("unchecked") // Checked with an instanceof check public void set(String name, Object obj) throws IOException { if (name.equalsIgnoreCase(POLICIES)) { if (!(obj instanceof List)) { @@ -206,7 +207,7 @@ implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public List get(String name) throws IOException { if (name.equalsIgnoreCase(POLICIES)) { //XXXX May want to consider cloning this return certPolicies; diff --git a/jdk/src/share/classes/sun/security/x509/CertificatePolicyId.java b/jdk/src/share/classes/sun/security/x509/CertificatePolicyId.java index 331acaf9f91..5f281bfc8f5 100644 --- a/jdk/src/share/classes/sun/security/x509/CertificatePolicyId.java +++ b/jdk/src/share/classes/sun/security/x509/CertificatePolicyId.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2000, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -93,7 +93,8 @@ public class CertificatePolicyId { */ public boolean equals(Object other) { if (other instanceof CertificatePolicyId) - return id.equals(((CertificatePolicyId) other).getIdentifier()); + return id.equals((Object) + ((CertificatePolicyId) other).getIdentifier()); else return false; } diff --git a/jdk/src/share/classes/sun/security/x509/CertificateSerialNumber.java b/jdk/src/share/classes/sun/security/x509/CertificateSerialNumber.java index 440f5d59940..0e47fc87ed9 100644 --- a/jdk/src/share/classes/sun/security/x509/CertificateSerialNumber.java +++ b/jdk/src/share/classes/sun/security/x509/CertificateSerialNumber.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -141,7 +141,7 @@ public class CertificateSerialNumber implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public SerialNumber get(String name) throws IOException { if (name.equalsIgnoreCase(NUMBER)) { return (serial); } else { diff --git a/jdk/src/share/classes/sun/security/x509/CertificateSubjectUniqueIdentity.java b/jdk/src/share/classes/sun/security/x509/CertificateSubjectUniqueIdentity.java index f9cca49cf01..7e439412b0b 100644 --- a/jdk/src/share/classes/sun/security/x509/CertificateSubjectUniqueIdentity.java +++ b/jdk/src/share/classes/sun/security/x509/CertificateSubjectUniqueIdentity.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -135,7 +135,7 @@ public class CertificateSubjectUniqueIdentity implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public UniqueIdentity get(String name) throws IOException { if (name.equalsIgnoreCase(ID)) { return(id); } else { diff --git a/jdk/src/share/classes/sun/security/x509/CertificateValidity.java b/jdk/src/share/classes/sun/security/x509/CertificateValidity.java index 5273535dd88..cd9b00fa235 100644 --- a/jdk/src/share/classes/sun/security/x509/CertificateValidity.java +++ b/jdk/src/share/classes/sun/security/x509/CertificateValidity.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -190,7 +190,7 @@ public class CertificateValidity implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public Date get(String name) throws IOException { if (name.equalsIgnoreCase(NOT_BEFORE)) { return (getNotBefore()); } else if (name.equalsIgnoreCase(NOT_AFTER)) { diff --git a/jdk/src/share/classes/sun/security/x509/CertificateVersion.java b/jdk/src/share/classes/sun/security/x509/CertificateVersion.java index c5fcbdc6c73..040b3be0add 100644 --- a/jdk/src/share/classes/sun/security/x509/CertificateVersion.java +++ b/jdk/src/share/classes/sun/security/x509/CertificateVersion.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -191,7 +191,7 @@ public class CertificateVersion implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public Integer get(String name) throws IOException { if (name.equalsIgnoreCase(VERSION)) { return(new Integer(getVersion())); } else { diff --git a/jdk/src/share/classes/sun/security/x509/CertificateX509Key.java b/jdk/src/share/classes/sun/security/x509/CertificateX509Key.java index 1cabf594cbd..d78d618a5ba 100644 --- a/jdk/src/share/classes/sun/security/x509/CertificateX509Key.java +++ b/jdk/src/share/classes/sun/security/x509/CertificateX509Key.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -122,7 +122,7 @@ public class CertificateX509Key implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public PublicKey get(String name) throws IOException { if (name.equalsIgnoreCase(KEY)) { return(key); } else { diff --git a/jdk/src/share/classes/sun/security/x509/ExtendedKeyUsageExtension.java b/jdk/src/share/classes/sun/security/x509/ExtendedKeyUsageExtension.java index b0bac3de9c1..680846029bd 100644 --- a/jdk/src/share/classes/sun/security/x509/ExtendedKeyUsageExtension.java +++ b/jdk/src/share/classes/sun/security/x509/ExtendedKeyUsageExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -241,6 +241,7 @@ implements CertAttrSet { /** * Set the attribute value. */ + @SuppressWarnings("unchecked") // Checked with instanceof public void set(String name, Object obj) throws IOException { if (name.equalsIgnoreCase(USAGES)) { if (!(obj instanceof Vector)) { @@ -258,7 +259,7 @@ implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public Vector get(String name) throws IOException { if (name.equalsIgnoreCase(USAGES)) { //XXXX May want to consider cloning this return keyUsages; diff --git a/jdk/src/share/classes/sun/security/x509/Extension.java b/jdk/src/share/classes/sun/security/x509/Extension.java index 77a2da20315..a5bcc864717 100644 --- a/jdk/src/share/classes/sun/security/x509/Extension.java +++ b/jdk/src/share/classes/sun/security/x509/Extension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -269,7 +269,7 @@ public class Extension implements java.security.cert.Extension { Extension otherExt = (Extension) other; if (critical != otherExt.critical) return false; - if (!extensionId.equals(otherExt.extensionId)) + if (!extensionId.equals((Object)otherExt.extensionId)) return false; return Arrays.equals(extensionValue, otherExt.extensionValue); } diff --git a/jdk/src/share/classes/sun/security/x509/InhibitAnyPolicyExtension.java b/jdk/src/share/classes/sun/security/x509/InhibitAnyPolicyExtension.java index ffc7572ad60..26de497d03f 100644 --- a/jdk/src/share/classes/sun/security/x509/InhibitAnyPolicyExtension.java +++ b/jdk/src/share/classes/sun/security/x509/InhibitAnyPolicyExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -215,7 +215,7 @@ implements CertAttrSet { * Integer. * @throws IOException on error */ - public Object get(String name) throws IOException { + public Integer get(String name) throws IOException { if (name.equalsIgnoreCase(SKIP_CERTS)) return (new Integer(skipCerts)); else diff --git a/jdk/src/share/classes/sun/security/x509/InvalidityDateExtension.java b/jdk/src/share/classes/sun/security/x509/InvalidityDateExtension.java index 7e8e48c2b11..eda0216489e 100644 --- a/jdk/src/share/classes/sun/security/x509/InvalidityDateExtension.java +++ b/jdk/src/share/classes/sun/security/x509/InvalidityDateExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -138,7 +138,7 @@ public class InvalidityDateExtension extends Extension /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public Date get(String name) throws IOException { if (name.equalsIgnoreCase(DATE)) { if (date == null) { return null; diff --git a/jdk/src/share/classes/sun/security/x509/IssuerAlternativeNameExtension.java b/jdk/src/share/classes/sun/security/x509/IssuerAlternativeNameExtension.java index 654932cd896..ba1f584612a 100644 --- a/jdk/src/share/classes/sun/security/x509/IssuerAlternativeNameExtension.java +++ b/jdk/src/share/classes/sun/security/x509/IssuerAlternativeNameExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -190,7 +190,7 @@ extends Extension implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public GeneralNames get(String name) throws IOException { if (name.equalsIgnoreCase(ISSUER_NAME)) { return (names); } else { diff --git a/jdk/src/share/classes/sun/security/x509/KeyUsageExtension.java b/jdk/src/share/classes/sun/security/x509/KeyUsageExtension.java index a96ce977b06..0f1242d63d9 100644 --- a/jdk/src/share/classes/sun/security/x509/KeyUsageExtension.java +++ b/jdk/src/share/classes/sun/security/x509/KeyUsageExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -217,7 +217,7 @@ implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public Boolean get(String name) throws IOException { if (name.equalsIgnoreCase(DIGITAL_SIGNATURE)) { return Boolean.valueOf(isSet(0)); } else if (name.equalsIgnoreCase(NON_REPUDIATION)) { diff --git a/jdk/src/share/classes/sun/security/x509/NameConstraintsExtension.java b/jdk/src/share/classes/sun/security/x509/NameConstraintsExtension.java index 3ca995ee086..f043183b95c 100644 --- a/jdk/src/share/classes/sun/security/x509/NameConstraintsExtension.java +++ b/jdk/src/share/classes/sun/security/x509/NameConstraintsExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,10 +27,7 @@ package sun.security.x509; import java.io.IOException; import java.io.OutputStream; -import java.security.Principal; -import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; -import java.security.cert.CertificateParsingException; import java.security.cert.X509Certificate; import java.util.*; @@ -268,7 +265,7 @@ implements CertAttrSet, Cloneable { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public GeneralSubtrees get(String name) throws IOException { if (name.equalsIgnoreCase(PERMITTED_SUBTREES)) { return (permitted); } else if (name.equalsIgnoreCase(EXCLUDED_SUBTREES)) { @@ -349,8 +346,7 @@ implements CertAttrSet, Cloneable { * value and the value indicated in the extension field. */ - GeneralSubtrees newExcluded = - (GeneralSubtrees)newConstraints.get(EXCLUDED_SUBTREES); + GeneralSubtrees newExcluded = newConstraints.get(EXCLUDED_SUBTREES); if (excluded == null) { excluded = (newExcluded != null) ? (GeneralSubtrees)newExcluded.clone() : null; @@ -367,8 +363,7 @@ implements CertAttrSet, Cloneable { * previous value and the value indicated in the extension field. */ - GeneralSubtrees newPermitted = - (GeneralSubtrees)newConstraints.get(PERMITTED_SUBTREES); + GeneralSubtrees newPermitted = newConstraints.get(PERMITTED_SUBTREES); if (permitted == null) { permitted = (newPermitted != null) ? (GeneralSubtrees)newPermitted.clone() : null; @@ -455,8 +450,8 @@ implements CertAttrSet, Cloneable { if (altNameExt != null) { // extract altNames from extension; this call does not // return an IOException on null altnames - altNames = (GeneralNames) - (altNameExt.get(altNameExt.SUBJECT_NAME)); + altNames = altNameExt.get( + SubjectAlternativeNameExtension.SUBJECT_NAME); } } catch (CertificateException ce) { throw new IOException("Unable to extract extensions from " + @@ -575,10 +570,9 @@ implements CertAttrSet, Cloneable { * @throws IOException on error */ public boolean verifyRFC822SpecialCase(X500Name subject) throws IOException { - for (Iterator t = subject.allAvas().iterator(); t.hasNext(); ) { - AVA ava = (AVA)t.next(); + for (AVA ava : subject.allAvas()) { ObjectIdentifier attrOID = ava.getObjectIdentifier(); - if (attrOID.equals(PKCS9Attribute.EMAIL_ADDRESS_OID)) { + if (attrOID.equals((Object)PKCS9Attribute.EMAIL_ADDRESS_OID)) { String attrValue = ava.getValueString(); if (attrValue != null) { RFC822Name emailName; diff --git a/jdk/src/share/classes/sun/security/x509/NetscapeCertTypeExtension.java b/jdk/src/share/classes/sun/security/x509/NetscapeCertTypeExtension.java index 182e86f8ea3..d6d4efd34cf 100644 --- a/jdk/src/share/classes/sun/security/x509/NetscapeCertTypeExtension.java +++ b/jdk/src/share/classes/sun/security/x509/NetscapeCertTypeExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -220,7 +220,7 @@ implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public Boolean get(String name) throws IOException { return Boolean.valueOf(isSet(getPosition(name))); } @@ -306,15 +306,15 @@ implements CertAttrSet { if (isSet(getPosition(SSL_CLIENT)) || isSet(getPosition(S_MIME)) || isSet(getPosition(OBJECT_SIGNING))) - keyUsage.set(keyUsage.DIGITAL_SIGNATURE, val); + keyUsage.set(KeyUsageExtension.DIGITAL_SIGNATURE, val); if (isSet(getPosition(SSL_SERVER))) - keyUsage.set(keyUsage.KEY_ENCIPHERMENT, val); + keyUsage.set(KeyUsageExtension.KEY_ENCIPHERMENT, val); if (isSet(getPosition(SSL_CA)) || isSet(getPosition(S_MIME_CA)) || isSet(getPosition(OBJECT_SIGNING_CA))) - keyUsage.set(keyUsage.KEY_CERTSIGN, val); + keyUsage.set(KeyUsageExtension.KEY_CERTSIGN, val); } catch (IOException e) { } return keyUsage.getBits(); } diff --git a/jdk/src/share/classes/sun/security/x509/OIDMap.java b/jdk/src/share/classes/sun/security/x509/OIDMap.java index c73452c1337..f6358b92fd1 100644 --- a/jdk/src/share/classes/sun/security/x509/OIDMap.java +++ b/jdk/src/share/classes/sun/security/x509/OIDMap.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,7 +29,6 @@ import java.util.*; import java.io.IOException; import java.security.cert.CertificateException; -import java.security.cert.CertificateParsingException; import sun.security.util.*; @@ -186,7 +185,7 @@ public class OIDMap { final ObjectIdentifier oid; final String name; final String className; - private volatile Class clazz; + private volatile Class clazz; OIDInfo(String name, ObjectIdentifier oid, String className) { this.name = name; @@ -194,7 +193,7 @@ public class OIDMap { this.className = className; } - OIDInfo(String name, ObjectIdentifier oid, Class clazz) { + OIDInfo(String name, ObjectIdentifier oid, Class clazz) { this.name = name; this.oid = oid; this.className = clazz.getName(); @@ -204,17 +203,16 @@ public class OIDMap { /** * Return the Class object associated with this attribute. */ - Class getClazz() throws CertificateException { + Class getClazz() throws CertificateException { try { - Class c = clazz; + Class c = clazz; if (c == null) { c = Class.forName(className); clazz = c; } return c; } catch (ClassNotFoundException e) { - throw (CertificateException)new CertificateException - ("Could not load class: " + e).initCause(e); + throw new CertificateException("Could not load class: " + e, e); } } } @@ -228,7 +226,7 @@ public class OIDMap { * @param clazz the Class object associated with this attribute * @exception CertificateException on errors. */ - public static void addAttribute(String name, String oid, Class clazz) + public static void addAttribute(String name, String oid, Class clazz) throws CertificateException { ObjectIdentifier objId; try { @@ -277,7 +275,7 @@ public class OIDMap { * @param name the user friendly name. * @exception CertificateException if class cannot be instantiated. */ - public static Class getClass(String name) throws CertificateException { + public static Class getClass(String name) throws CertificateException { OIDInfo info = nameMap.get(name); return (info == null) ? null : info.getClazz(); } @@ -288,7 +286,7 @@ public class OIDMap { * @param oid the name of the object identifier to be returned. * @exception CertificateException if class cannot be instatiated. */ - public static Class getClass(ObjectIdentifier oid) + public static Class getClass(ObjectIdentifier oid) throws CertificateException { OIDInfo info = oidMap.get(oid); return (info == null) ? null : info.getClazz(); diff --git a/jdk/src/share/classes/sun/security/x509/OIDName.java b/jdk/src/share/classes/sun/security/x509/OIDName.java index 9dee5157fe8..44187b036e0 100644 --- a/jdk/src/share/classes/sun/security/x509/OIDName.java +++ b/jdk/src/share/classes/sun/security/x509/OIDName.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2000, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -120,7 +120,7 @@ public class OIDName implements GeneralNameInterface { OIDName other = (OIDName)obj; - return oid.equals(other.oid); + return oid.equals((Object)other.oid); } /** diff --git a/jdk/src/share/classes/sun/security/x509/OtherName.java b/jdk/src/share/classes/sun/security/x509/OtherName.java index bb3a205ab4b..d2b68dae026 100644 --- a/jdk/src/share/classes/sun/security/x509/OtherName.java +++ b/jdk/src/share/classes/sun/security/x509/OtherName.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -120,19 +120,19 @@ public class OtherName implements GeneralNameInterface { private GeneralNameInterface getGNI(ObjectIdentifier oid, byte[] nameValue) throws IOException { try { - Class extClass = OIDMap.getClass(oid); + Class extClass = OIDMap.getClass(oid); if (extClass == null) { // Unsupported OtherName return null; } - Class[] params = { Object.class }; - Constructor cons = ((Class)extClass).getConstructor(params); + Class[] params = { Object.class }; + Constructor cons = extClass.getConstructor(params); Object[] passed = new Object[] { nameValue }; GeneralNameInterface gni = (GeneralNameInterface)cons.newInstance(passed); return gni; } catch (Exception e) { - throw (IOException)new IOException("Instantiation error: " + e).initCause(e); + throw new IOException("Instantiation error: " + e, e); } } @@ -176,7 +176,7 @@ public class OtherName implements GeneralNameInterface { return false; } OtherName otherOther = (OtherName)other; - if (!(otherOther.oid.equals(oid))) { + if (!(otherOther.oid.equals((Object)oid))) { return false; } GeneralNameInterface otherGNI = null; diff --git a/jdk/src/share/classes/sun/security/x509/PolicyConstraintsExtension.java b/jdk/src/share/classes/sun/security/x509/PolicyConstraintsExtension.java index c9b1ea77a5b..fe7ede3f6e8 100644 --- a/jdk/src/share/classes/sun/security/x509/PolicyConstraintsExtension.java +++ b/jdk/src/share/classes/sun/security/x509/PolicyConstraintsExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -231,7 +231,7 @@ implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public Integer get(String name) throws IOException { if (name.equalsIgnoreCase(REQUIRE)) { return new Integer(require); } else if (name.equalsIgnoreCase(INHIBIT)) { diff --git a/jdk/src/share/classes/sun/security/x509/PolicyInformation.java b/jdk/src/share/classes/sun/security/x509/PolicyInformation.java index a8eb9fa4ddc..0e98e425cd7 100644 --- a/jdk/src/share/classes/sun/security/x509/PolicyInformation.java +++ b/jdk/src/share/classes/sun/security/x509/PolicyInformation.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -186,6 +186,7 @@ public class PolicyInformation { /** * Set the attribute value. */ + @SuppressWarnings("unchecked") // Checked with instanceof public void set(String name, Object obj) throws IOException { if (name.equalsIgnoreCase(ID)) { if (obj instanceof CertificatePolicyId) diff --git a/jdk/src/share/classes/sun/security/x509/PolicyMappingsExtension.java b/jdk/src/share/classes/sun/security/x509/PolicyMappingsExtension.java index acdbdb9efff..fba510469f5 100644 --- a/jdk/src/share/classes/sun/security/x509/PolicyMappingsExtension.java +++ b/jdk/src/share/classes/sun/security/x509/PolicyMappingsExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,8 +29,6 @@ import java.io.IOException; import java.io.OutputStream; import java.util.*; -import java.security.cert.CertificateException; - import sun.security.util.*; /** @@ -165,6 +163,7 @@ implements CertAttrSet { /** * Set the attribute value. */ + @SuppressWarnings("unchecked") // Checked with instanceof public void set(String name, Object obj) throws IOException { if (name.equalsIgnoreCase(MAP)) { if (!(obj instanceof List)) { @@ -182,7 +181,7 @@ implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public List get(String name) throws IOException { if (name.equalsIgnoreCase(MAP)) { return (maps); } else { diff --git a/jdk/src/share/classes/sun/security/x509/PrivateKeyUsageExtension.java b/jdk/src/share/classes/sun/security/x509/PrivateKeyUsageExtension.java index 43b3ddc8e8f..c20d8557b03 100644 --- a/jdk/src/share/classes/sun/security/x509/PrivateKeyUsageExtension.java +++ b/jdk/src/share/classes/sun/security/x509/PrivateKeyUsageExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -262,7 +262,7 @@ implements CertAttrSet { * Get the attribute value. * @exception CertificateException on attribute handling errors. */ - public Object get(String name) throws CertificateException { + public Date get(String name) throws CertificateException { if (name.equalsIgnoreCase(NOT_BEFORE)) { return (new Date(notBefore.getTime())); } else if (name.equalsIgnoreCase(NOT_AFTER)) { diff --git a/jdk/src/share/classes/sun/security/x509/RDN.java b/jdk/src/share/classes/sun/security/x509/RDN.java index 27c10d0da43..05822590de8 100644 --- a/jdk/src/share/classes/sun/security/x509/RDN.java +++ b/jdk/src/share/classes/sun/security/x509/RDN.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,17 +25,11 @@ package sun.security.x509; -import java.lang.reflect.*; import java.io.IOException; import java.io.StringReader; -import java.security.PrivilegedExceptionAction; -import java.security.AccessController; -import java.security.Principal; import java.util.*; import sun.security.util.*; -import sun.security.pkcs.PKCS9Attribute; -import javax.security.auth.x500.X500Principal; /** * RDNs are a set of {attribute = value} assertions. Some of those @@ -327,7 +321,7 @@ public class RDN { */ DerValue findAttribute(ObjectIdentifier oid) { for (int i = 0; i < assertion.length; i++) { - if (assertion[i].oid.equals(oid)) { + if (assertion[i].oid.equals((Object)oid)) { return assertion[i].value; } } diff --git a/jdk/src/share/classes/sun/security/x509/SubjectAlternativeNameExtension.java b/jdk/src/share/classes/sun/security/x509/SubjectAlternativeNameExtension.java index 5d74cc44336..95eb67e0dd1 100644 --- a/jdk/src/share/classes/sun/security/x509/SubjectAlternativeNameExtension.java +++ b/jdk/src/share/classes/sun/security/x509/SubjectAlternativeNameExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -195,7 +195,7 @@ implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public GeneralNames get(String name) throws IOException { if (name.equalsIgnoreCase(SUBJECT_NAME)) { return (names); } else { diff --git a/jdk/src/share/classes/sun/security/x509/SubjectInfoAccessExtension.java b/jdk/src/share/classes/sun/security/x509/SubjectInfoAccessExtension.java index 8e08b9a969d..2f851f7dbec 100644 --- a/jdk/src/share/classes/sun/security/x509/SubjectInfoAccessExtension.java +++ b/jdk/src/share/classes/sun/security/x509/SubjectInfoAccessExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -167,6 +167,7 @@ public class SubjectInfoAccessExtension extends Extension /** * Set the attribute value. */ + @SuppressWarnings("unchecked") // Checked with instanceof public void set(String name, Object obj) throws IOException { if (name.equalsIgnoreCase(DESCRIPTIONS)) { if (!(obj instanceof List)) { @@ -184,7 +185,7 @@ public class SubjectInfoAccessExtension extends Extension /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public List get(String name) throws IOException { if (name.equalsIgnoreCase(DESCRIPTIONS)) { return accessDescriptions; } else { diff --git a/jdk/src/share/classes/sun/security/x509/SubjectKeyIdentifierExtension.java b/jdk/src/share/classes/sun/security/x509/SubjectKeyIdentifierExtension.java index a22129ffee4..79482c9bfe8 100644 --- a/jdk/src/share/classes/sun/security/x509/SubjectKeyIdentifierExtension.java +++ b/jdk/src/share/classes/sun/security/x509/SubjectKeyIdentifierExtension.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -156,7 +156,7 @@ implements CertAttrSet { /** * Get the attribute value. */ - public Object get(String name) throws IOException { + public KeyIdentifier get(String name) throws IOException { if (name.equalsIgnoreCase(KEY_ID)) { return (id); } else { diff --git a/jdk/src/share/classes/sun/security/x509/X500Name.java b/jdk/src/share/classes/sun/security/x509/X500Name.java index 57af558a0df..ce4c69c6956 100644 --- a/jdk/src/share/classes/sun/security/x509/X500Name.java +++ b/jdk/src/share/classes/sun/security/x509/X500Name.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,14 +27,12 @@ package sun.security.x509; import java.lang.reflect.*; import java.io.IOException; -import java.io.StringReader; import java.security.PrivilegedExceptionAction; import java.security.AccessController; import java.security.Principal; import java.util.*; import sun.security.util.*; -import sun.security.pkcs.PKCS9Attribute; import javax.security.auth.x500.X500Principal; /** @@ -1371,7 +1369,7 @@ public class X500Name implements GeneralNameInterface, Principal { /** * Constructor object for use by asX500Principal(). */ - private static final Constructor principalConstructor; + private static final Constructor principalConstructor; /** * Field object for use by asX500Name(). @@ -1386,9 +1384,9 @@ public class X500Name implements GeneralNameInterface, Principal { PrivilegedExceptionAction pa = new PrivilegedExceptionAction() { public Object[] run() throws Exception { - Class pClass = X500Principal.class; - Class[] args = new Class[] {X500Name.class}; - Constructor cons = ((Class)pClass).getDeclaredConstructor(args); + Class pClass = X500Principal.class; + Class[] args = new Class[] { X500Name.class }; + Constructor cons = pClass.getDeclaredConstructor(args); cons.setAccessible(true); Field field = pClass.getDeclaredField("thisX500Name"); field.setAccessible(true); @@ -1397,7 +1395,10 @@ public class X500Name implements GeneralNameInterface, Principal { }; try { Object[] result = AccessController.doPrivileged(pa); - principalConstructor = (Constructor)result[0]; + @SuppressWarnings("unchecked") + Constructor constr = + (Constructor)result[0]; + principalConstructor = constr; principalField = (Field)result[1]; } catch (Exception e) { throw (InternalError)new InternalError("Could not obtain " @@ -1415,8 +1416,7 @@ public class X500Name implements GeneralNameInterface, Principal { if (x500Principal == null) { try { Object[] args = new Object[] {this}; - x500Principal = - (X500Principal)principalConstructor.newInstance(args); + x500Principal = principalConstructor.newInstance(args); } catch (Exception e) { throw new RuntimeException("Unexpected exception", e); } diff --git a/jdk/src/share/classes/sun/security/x509/X509CRLEntryImpl.java b/jdk/src/share/classes/sun/security/x509/X509CRLEntryImpl.java index 495cc06e5be..26f344b60f7 100644 --- a/jdk/src/share/classes/sun/security/x509/X509CRLEntryImpl.java +++ b/jdk/src/share/classes/sun/security/x509/X509CRLEntryImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,11 +25,9 @@ package sun.security.x509; -import java.io.InputStream; import java.io.IOException; import java.security.cert.CRLException; import java.security.cert.CRLReason; -import java.security.cert.CertificateException; import java.security.cert.X509CRLEntry; import java.math.BigInteger; import java.util.Collection; @@ -281,7 +279,7 @@ public class X509CRLEntryImpl extends X509CRLEntry { if (obj == null) return null; CRLReasonCodeExtension reasonCode = (CRLReasonCodeExtension)obj; - return (Integer)(reasonCode.get(reasonCode.REASON)); + return reasonCode.get(CRLReasonCodeExtension.REASON); } /** @@ -299,13 +297,13 @@ public class X509CRLEntryImpl extends X509CRLEntry { sb.append("\n Certificate issuer: " + certIssuer); } if (extensions != null) { - Collection allEntryExts = extensions.getAllExtensions(); - Object[] objs = allEntryExts.toArray(); + Collection allEntryExts = extensions.getAllExtensions(); + Extension[] exts = allEntryExts.toArray(new Extension[0]); - sb.append("\n CRL Entry Extensions: " + objs.length); - for (int i = 0; i < objs.length; i++) { + sb.append("\n CRL Entry Extensions: " + exts.length); + for (int i = 0; i < exts.length; i++) { sb.append("\n [" + (i+1) + "]: "); - Extension ext = (Extension)objs[i]; + Extension ext = exts[i]; try { if (OIDMap.getClass(ext.getExtensionId()) == null) { sb.append(ext.toString()); @@ -409,7 +407,7 @@ public class X509CRLEntryImpl extends X509CRLEntry { e.hasMoreElements();) { ex = e.nextElement(); inCertOID = ex.getExtensionId(); - if (inCertOID.equals(findOID)) { + if (inCertOID.equals((Object)findOID)) { crlExt = ex; break; } diff --git a/jdk/src/share/classes/sun/security/x509/X509CRLImpl.java b/jdk/src/share/classes/sun/security/x509/X509CRLImpl.java index b99bc448bbd..7e679900cc1 100644 --- a/jdk/src/share/classes/sun/security/x509/X509CRLImpl.java +++ b/jdk/src/share/classes/sun/security/x509/X509CRLImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,7 +32,6 @@ import java.math.BigInteger; import java.security.Principal; import java.security.PublicKey; import java.security.PrivateKey; -import java.security.Security; import java.security.Signature; import java.security.NoSuchAlgorithmException; import java.security.InvalidKeyException; @@ -782,7 +781,8 @@ public class X509CRLImpl extends X509CRL implements DerEncoder { public KeyIdentifier getAuthKeyId() throws IOException { AuthorityKeyIdentifierExtension aki = getAuthKeyIdExtension(); if (aki != null) { - KeyIdentifier keyId = (KeyIdentifier)aki.get(aki.KEY_ID); + KeyIdentifier keyId = (KeyIdentifier)aki.get( + AuthorityKeyIdentifierExtension.KEY_ID); return keyId; } else { return null; @@ -821,7 +821,7 @@ public class X509CRLImpl extends X509CRL implements DerEncoder { public BigInteger getCRLNumber() throws IOException { CRLNumberExtension numExt = getCRLNumberExtension(); if (numExt != null) { - BigInteger num = (BigInteger)numExt.get(numExt.NUMBER); + BigInteger num = numExt.get(CRLNumberExtension.NUMBER); return num; } else { return null; @@ -850,7 +850,7 @@ public class X509CRLImpl extends X509CRL implements DerEncoder { public BigInteger getBaseCRLNumber() throws IOException { DeltaCRLIndicatorExtension dciExt = getDeltaCRLIndicatorExtension(); if (dciExt != null) { - BigInteger num = (BigInteger)dciExt.get(dciExt.NUMBER); + BigInteger num = dciExt.get(DeltaCRLIndicatorExtension.NUMBER); return num; } else { return null; @@ -961,7 +961,7 @@ public class X509CRLImpl extends X509CRL implements DerEncoder { e.hasMoreElements();) { ex = e.nextElement(); inCertOID = ex.getExtensionId(); - if (inCertOID.equals(findOID)) { + if (inCertOID.equals((Object)findOID)) { crlExt = ex; break; } @@ -1189,8 +1189,7 @@ public class X509CRLImpl extends X509CRL implements DerEncoder { CertificateIssuerExtension ciExt = entry.getCertificateIssuerExtension(); if (ciExt != null) { - GeneralNames names = (GeneralNames) - ciExt.get(CertificateIssuerExtension.ISSUER); + GeneralNames names = ciExt.get(CertificateIssuerExtension.ISSUER); X500Name issuerDN = (X500Name) names.get(0).getName(); return issuerDN.asX500Principal(); } else { diff --git a/jdk/src/share/classes/sun/security/x509/X509CertImpl.java b/jdk/src/share/classes/sun/security/x509/X509CertImpl.java index eb7dc39c0bf..83f9588551a 100644 --- a/jdk/src/share/classes/sun/security/x509/X509CertImpl.java +++ b/jdk/src/share/classes/sun/security/x509/X509CertImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -196,10 +196,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder { parse(new DerValue(certData)); } catch (IOException e) { signedCert = null; - CertificateException ce = new - CertificateException("Unable to initialize, " + e); - ce.initCause(e); - throw ce; + throw new CertificateException("Unable to initialize, " + e, e); } } @@ -231,25 +228,19 @@ public class X509CertImpl extends X509Certificate implements DerEncoder { inBuffered.reset(); der = new DerValue(inBuffered); } catch (IOException ioe1) { - CertificateException ce = new - CertificateException("Input stream must be " + - "either DER-encoded bytes " + - "or RFC1421 hex-encoded " + - "DER-encoded bytes: " + - ioe1.getMessage()); - ce.initCause(ioe1); - throw ce; + throw new CertificateException("Input stream must be " + + "either DER-encoded bytes " + + "or RFC1421 hex-encoded " + + "DER-encoded bytes: " + + ioe1.getMessage(), ioe1); } } try { parse(der); } catch (IOException ioe) { signedCert = null; - CertificateException ce = new - CertificateException("Unable to parse DER value of " + - "certificate, " + ioe); - ce.initCause(ioe); - throw ce; + throw new CertificateException("Unable to parse DER value of " + + "certificate, " + ioe, ioe); } } @@ -320,10 +311,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder { parse(derVal); } catch (IOException e) { signedCert = null; - CertificateException ce = new - CertificateException("Unable to initialize, " + e); - ce.initCause(e); - throw ce; + throw new CertificateException("Unable to initialize, " + e, e); } } @@ -1279,7 +1267,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder { return null; } else { for (Extension ex : extensions.getAllExtensions()) { - if (ex.getExtensionId().equals(oid)) { + if (ex.getExtensionId().equals((Object)oid)) { //XXXX May want to consider cloning this return ex; } @@ -1434,10 +1422,7 @@ public class X509CertImpl extends X509Certificate implements DerEncoder { new ExtendedKeyUsageExtension(Boolean.FALSE, data); return Collections.unmodifiableList(ekuExt.getExtendedKeyUsage()); } catch (IOException ioe) { - CertificateParsingException cpe = - new CertificateParsingException(); - cpe.initCause(ioe); - throw cpe; + throw new CertificateParsingException(ioe); } } @@ -1578,8 +1563,8 @@ public class X509CertImpl extends X509Certificate implements DerEncoder { } GeneralNames names; try { - names = (GeneralNames) subjectAltNameExt.get - (SubjectAlternativeNameExtension.SUBJECT_NAME); + names = subjectAltNameExt.get( + SubjectAlternativeNameExtension.SUBJECT_NAME); } catch (IOException ioe) { // should not occur return Collections.>emptySet(); @@ -1610,18 +1595,15 @@ public class X509CertImpl extends X509Certificate implements DerEncoder { GeneralNames names; try { - names = (GeneralNames) subjectAltNameExt.get - (SubjectAlternativeNameExtension.SUBJECT_NAME); + names = subjectAltNameExt.get( + SubjectAlternativeNameExtension.SUBJECT_NAME); } catch (IOException ioe) { // should not occur return Collections.>emptySet(); } return makeAltNames(names); } catch (IOException ioe) { - CertificateParsingException cpe = - new CertificateParsingException(); - cpe.initCause(ioe); - throw cpe; + throw new CertificateParsingException(ioe); } } @@ -1644,8 +1626,8 @@ public class X509CertImpl extends X509Certificate implements DerEncoder { } GeneralNames names; try { - names = (GeneralNames) issuerAltNameExt.get - (IssuerAlternativeNameExtension.ISSUER_NAME); + names = issuerAltNameExt.get( + IssuerAlternativeNameExtension.ISSUER_NAME); } catch (IOException ioe) { // should not occur return Collections.>emptySet(); @@ -1676,18 +1658,15 @@ public class X509CertImpl extends X509Certificate implements DerEncoder { data); GeneralNames names; try { - names = (GeneralNames) issuerAltNameExt.get - (IssuerAlternativeNameExtension.ISSUER_NAME); + names = issuerAltNameExt.get( + IssuerAlternativeNameExtension.ISSUER_NAME); } catch (IOException ioe) { // should not occur return Collections.>emptySet(); } return makeAltNames(names); } catch (IOException ioe) { - CertificateParsingException cpe = - new CertificateParsingException(); - cpe.initCause(ioe); - throw cpe; + throw new CertificateParsingException(ioe); } } diff --git a/jdk/src/share/classes/sun/security/x509/X509CertInfo.java b/jdk/src/share/classes/sun/security/x509/X509CertInfo.java index 419f1e774d1..d654a5875a4 100644 --- a/jdk/src/share/classes/sun/security/x509/X509CertInfo.java +++ b/jdk/src/share/classes/sun/security/x509/X509CertInfo.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -149,10 +149,7 @@ public class X509CertInfo implements CertAttrSet { parse(in); } catch (IOException e) { - CertificateParsingException parseException = - new CertificateParsingException(e.toString()); - parseException.initCause(e); - throw parseException; + throw new CertificateParsingException(e); } } @@ -168,10 +165,7 @@ public class X509CertInfo implements CertAttrSet { try { parse(derVal); } catch (IOException e) { - CertificateParsingException parseException = - new CertificateParsingException(e.toString()); - parseException.initCause(e); - throw parseException; + throw new CertificateParsingException(e); } } @@ -319,12 +313,12 @@ public class X509CertInfo implements CertAttrSet { sb.append(" Subject Id:\n" + subjectUniqueId.toString() + "\n"); } if (extensions != null) { - Collection allExts = extensions.getAllExtensions(); - Object[] objs = allExts.toArray(); - sb.append("\nCertificate Extensions: " + objs.length); - for (int i = 0; i < objs.length; i++) { + Collection allExts = extensions.getAllExtensions(); + Extension[] exts = allExts.toArray(new Extension[0]); + sb.append("\nCertificate Extensions: " + exts.length); + for (int i = 0; i < exts.length; i++) { sb.append("\n[" + (i+1) + "]: "); - Extension ext = (Extension)objs[i]; + Extension ext = exts[i]; try { if (OIDMap.getClass(ext.getExtensionId()) == null) { sb.append(ext.toString()); @@ -766,8 +760,8 @@ public class X509CertInfo implements CertAttrSet { try { subjectAltNameExt = (SubjectAlternativeNameExtension) extensions.get(SubjectAlternativeNameExtension.NAME); - names = (GeneralNames) subjectAltNameExt.get - (SubjectAlternativeNameExtension.SUBJECT_NAME); + names = subjectAltNameExt.get( + SubjectAlternativeNameExtension.SUBJECT_NAME); } catch (IOException e) { throw new CertificateParsingException("X.509 Certificate is " + "incomplete: subject field is empty, and " + diff --git a/jdk/src/share/classes/sun/security/x509/X509Key.java b/jdk/src/share/classes/sun/security/x509/X509Key.java index 109cedf2ed1..135aa2e323e 100644 --- a/jdk/src/share/classes/sun/security/x509/X509Key.java +++ b/jdk/src/share/classes/sun/security/x509/X509Key.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -31,7 +31,6 @@ import java.util.Properties; import java.security.Key; import java.security.PublicKey; import java.security.KeyFactory; -import java.security.KeyRep; import java.security.Security; import java.security.Provider; import java.security.InvalidKeyException; @@ -245,7 +244,7 @@ public class X509Key implements PublicKey { throw new InstantiationException(); } - Class keyClass = null; + Class keyClass = null; try { keyClass = Class.forName(classname); } catch (ClassNotFoundException e) { diff --git a/jdk/src/windows/classes/sun/security/mscapi/KeyStore.java b/jdk/src/windows/classes/sun/security/mscapi/KeyStore.java index 55ac6161074..05db5dbd7a6 100644 --- a/jdk/src/windows/classes/sun/security/mscapi/KeyStore.java +++ b/jdk/src/windows/classes/sun/security/mscapi/KeyStore.java @@ -29,7 +29,6 @@ import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; -import java.math.BigInteger; import java.security.AccessController; import java.security.InvalidKeyException; import java.security.KeyStoreSpi; @@ -40,7 +39,6 @@ import java.security.SecurityPermission; import java.security.cert.X509Certificate; import java.security.cert.Certificate; import java.security.cert.CertificateException; -import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateFactory; import java.security.interfaces.RSAPrivateCrtKey; import java.util.ArrayList; @@ -564,20 +562,20 @@ abstract class KeyStore extends KeyStoreSpi { * * @return enumeration of the alias names */ - public Enumeration engineAliases() { + public Enumeration engineAliases() { - final Iterator iter = entries.iterator(); + final Iterator iter = entries.iterator(); - return new Enumeration() + return new Enumeration() { public boolean hasMoreElements() { return iter.hasNext(); } - public Object nextElement() + public String nextElement() { - KeyEntry entry = (KeyEntry) iter.next(); + KeyEntry entry = iter.next(); return entry.getAlias(); } }; @@ -591,10 +589,10 @@ abstract class KeyStore extends KeyStoreSpi { * @return true if the alias exists, false otherwise */ public boolean engineContainsAlias(String alias) { - for (Enumeration enumerator = engineAliases(); + for (Enumeration enumerator = engineAliases(); enumerator.hasMoreElements();) { - String a = (String) enumerator.nextElement(); + String a = enumerator.nextElement(); if (a.equals(alias)) return true; @@ -774,7 +772,8 @@ abstract class KeyStore extends KeyStoreSpi { * certificates and stores the result into a key entry. */ private void generateCertificateChain(String alias, - Collection certCollection, Collection entries) + Collection certCollection, + Collection entries) { try { @@ -782,7 +781,8 @@ abstract class KeyStore extends KeyStoreSpi { new X509Certificate[certCollection.size()]; int i = 0; - for (Iterator iter=certCollection.iterator(); iter.hasNext(); i++) + for (Iterator iter = + certCollection.iterator(); iter.hasNext(); i++) { certChain[i] = (X509Certificate) iter.next(); } @@ -805,7 +805,8 @@ abstract class KeyStore extends KeyStoreSpi { */ private void generateRSAKeyAndCertificateChain(String alias, long hCryptProv, long hCryptKey, int keyLength, - Collection certCollection, Collection entries) + Collection certCollection, + Collection entries) { try { @@ -813,7 +814,8 @@ abstract class KeyStore extends KeyStoreSpi { new X509Certificate[certCollection.size()]; int i = 0; - for (Iterator iter=certCollection.iterator(); iter.hasNext(); i++) + for (Iterator iter = + certCollection.iterator(); iter.hasNext(); i++) { certChain[i] = (X509Certificate) iter.next(); } @@ -837,8 +839,8 @@ abstract class KeyStore extends KeyStoreSpi { * @param data Byte data. * @param certCollection Collection of certificates. */ - private void generateCertificate(byte[] data, Collection certCollection) - { + private void generateCertificate(byte[] data, + Collection certCollection) { try { ByteArrayInputStream bis = new ByteArrayInputStream(data); @@ -849,7 +851,8 @@ abstract class KeyStore extends KeyStoreSpi { } // Generate certificate - Collection c = certificateFactory.generateCertificates(bis); + Collection c = + certificateFactory.generateCertificates(bis); certCollection.addAll(c); } catch (CertificateException e) diff --git a/jdk/src/windows/classes/sun/security/mscapi/PRNG.java b/jdk/src/windows/classes/sun/security/mscapi/PRNG.java index 94c9f26ad41..d559e8a288c 100644 --- a/jdk/src/windows/classes/sun/security/mscapi/PRNG.java +++ b/jdk/src/windows/classes/sun/security/mscapi/PRNG.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -37,8 +37,7 @@ import java.security.SecureRandomSpi; public final class PRNG extends SecureRandomSpi implements java.io.Serializable { - // TODO - generate the serialVersionUID - //private static final long serialVersionUID = XXX; + private static final long serialVersionUID = 4129268715132691532L; /* * The CryptGenRandom function fills a buffer with cryptographically random diff --git a/jdk/src/windows/classes/sun/security/mscapi/RSAPrivateKey.java b/jdk/src/windows/classes/sun/security/mscapi/RSAPrivateKey.java index d041be86b5b..bc530f5372b 100644 --- a/jdk/src/windows/classes/sun/security/mscapi/RSAPrivateKey.java +++ b/jdk/src/windows/classes/sun/security/mscapi/RSAPrivateKey.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -35,6 +35,8 @@ import java.security.PrivateKey; */ class RSAPrivateKey extends Key implements PrivateKey { + private static final long serialVersionUID = 8113152807912338063L; + /** * Construct an RSAPrivateKey object. */ diff --git a/jdk/src/windows/classes/sun/security/mscapi/RSAPublicKey.java b/jdk/src/windows/classes/sun/security/mscapi/RSAPublicKey.java index 68148b0e4b5..a62d783aa7c 100644 --- a/jdk/src/windows/classes/sun/security/mscapi/RSAPublicKey.java +++ b/jdk/src/windows/classes/sun/security/mscapi/RSAPublicKey.java @@ -26,11 +26,9 @@ package sun.security.mscapi; import java.math.BigInteger; -import java.security.InvalidKeyException; import java.security.KeyException; import java.security.KeyRep; import java.security.ProviderException; -import java.security.PublicKey; import sun.security.rsa.RSAPublicKeyImpl; @@ -41,6 +39,8 @@ import sun.security.rsa.RSAPublicKeyImpl; */ class RSAPublicKey extends Key implements java.security.interfaces.RSAPublicKey { + private static final long serialVersionUID = -2289561342425825391L; + private byte[] publicKeyBlob = null; private byte[] encoding = null; private BigInteger modulus = null; diff --git a/jdk/src/windows/classes/sun/security/mscapi/RSASignature.java b/jdk/src/windows/classes/sun/security/mscapi/RSASignature.java index f9419f9ccfc..3154173dbfd 100644 --- a/jdk/src/windows/classes/sun/security/mscapi/RSASignature.java +++ b/jdk/src/windows/classes/sun/security/mscapi/RSASignature.java @@ -30,14 +30,10 @@ import java.security.PublicKey; import java.security.PrivateKey; import java.security.InvalidKeyException; import java.security.InvalidParameterException; -import java.security.InvalidAlgorithmParameterException; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.ProviderException; import java.security.MessageDigest; -import java.security.SecureRandom; -import java.security.Signature; -import java.security.SignatureSpi; import java.security.SignatureException; import java.math.BigInteger; @@ -474,6 +470,7 @@ abstract class RSASignature extends java.security.SignatureSpi * #engineSetParameter(java.security.spec.AlgorithmParameterSpec) * engineSetParameter}. */ + @Deprecated protected void engineSetParameter(String param, Object value) throws InvalidParameterException { @@ -503,6 +500,7 @@ abstract class RSASignature extends java.security.SignatureSpi * * @deprecated */ + @Deprecated protected Object engineGetParameter(String param) throws InvalidParameterException { diff --git a/jdk/src/windows/classes/sun/security/mscapi/SunMSCAPI.java b/jdk/src/windows/classes/sun/security/mscapi/SunMSCAPI.java index db8b3175c01..f7df7ce4a8f 100644 --- a/jdk/src/windows/classes/sun/security/mscapi/SunMSCAPI.java +++ b/jdk/src/windows/classes/sun/security/mscapi/SunMSCAPI.java @@ -28,7 +28,6 @@ package sun.security.mscapi; import java.security.AccessController; import java.security.PrivilegedAction; import java.security.Provider; -import java.security.ProviderException; import java.util.HashMap; import java.util.Map; @@ -62,8 +61,9 @@ public final class SunMSCAPI extends Provider { // if there is no security manager installed, put directly into // the provider. Otherwise, create a temporary map and use a // doPrivileged() call at the end to transfer the contents - final Map map = (System.getSecurityManager() == null) - ? (Map)this : new HashMap(); + final Map map = + (System.getSecurityManager() == null) + ? this : new HashMap(); /* * Secure random