diff --git a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/DelegationPermission.java b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/DelegationPermission.java
index db70482fab6..7bb44483b4c 100644
--- a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/DelegationPermission.java
+++ b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/DelegationPermission.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -25,10 +25,7 @@
package javax.security.auth.kerberos;
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.io.ObjectStreamField;
+import java.io.*;
import java.security.BasicPermission;
import java.security.Permission;
import java.security.PermissionCollection;
@@ -67,6 +64,7 @@ import java.util.concurrent.ConcurrentHashMap;
public final class DelegationPermission extends BasicPermission
implements java.io.Serializable {
+ @Serial
private static final long serialVersionUID = 883133252142523922L;
private transient String subordinate, service;
@@ -177,12 +175,10 @@ public final class DelegationPermission extends BasicPermission
return true;
}
- if (!(obj instanceof DelegationPermission)) {
+ if (!(obj instanceof DelegationPermission that)) {
return false;
}
- DelegationPermission that = (DelegationPermission) obj;
-
return this.subordinate.equals(that.subordinate) &&
this.service.equals(that.service);
}
@@ -222,6 +218,7 @@ public final class DelegationPermission extends BasicPermission
* @param s the {@code ObjectOutputStream} to which data is written
* @throws IOException if an I/O error occurs
*/
+ @Serial
private synchronized void writeObject(java.io.ObjectOutputStream s)
throws IOException
{
@@ -236,6 +233,7 @@ public final class DelegationPermission extends BasicPermission
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
+ @Serial
private synchronized void readObject(java.io.ObjectInputStream s)
throws IOException, ClassNotFoundException
{
@@ -309,6 +307,7 @@ final class KrbDelegationPermissionCollection extends PermissionCollection
return perms.keys();
}
+ @Serial
private static final long serialVersionUID = -3383936936589966948L;
// Need to maintain serialization interoperability with earlier releases,
@@ -318,6 +317,7 @@ final class KrbDelegationPermissionCollection extends PermissionCollection
* @serialField permissions java.util.Vector
* A list of DelegationPermission objects.
*/
+ @Serial
private static final ObjectStreamField[] serialPersistentFields = {
new ObjectStreamField("permissions", Vector.class),
};
@@ -329,6 +329,7 @@ final class KrbDelegationPermissionCollection extends PermissionCollection
* Writes the contents of the perms field out as a Vector for
* serialization compatibility with earlier releases.
*/
+ @Serial
private void writeObject(ObjectOutputStream out) throws IOException {
// Don't call out.defaultWriteObject()
@@ -343,6 +344,7 @@ final class KrbDelegationPermissionCollection extends PermissionCollection
/*
* Reads in a Vector of DelegationPermissions and saves them in the perms field.
*/
+ @Serial
@SuppressWarnings("unchecked")
private void readObject(ObjectInputStream in)
throws IOException, ClassNotFoundException
diff --git a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/EncryptionKey.java b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/EncryptionKey.java
index 492915f638e..08463c883ac 100644
--- a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/EncryptionKey.java
+++ b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/EncryptionKey.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2014, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,7 @@
package javax.security.auth.kerberos;
+import java.io.Serial;
import java.util.Arrays;
import java.util.Objects;
import javax.crypto.SecretKey;
@@ -48,6 +49,7 @@ import javax.security.auth.DestroyFailedException;
*/
public final class EncryptionKey implements SecretKey {
+ @Serial
private static final long serialVersionUID = 9L;
/**
@@ -205,11 +207,10 @@ public final class EncryptionKey implements SecretKey {
if (other == this)
return true;
- if (! (other instanceof EncryptionKey)) {
+ if (! (other instanceof EncryptionKey otherKey)) {
return false;
}
- EncryptionKey otherKey = ((EncryptionKey) other);
if (isDestroyed() || otherKey.isDestroyed()) {
return false;
}
diff --git a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosCredMessage.java b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosCredMessage.java
index c39ae01d913..3045fd78180 100644
--- a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosCredMessage.java
+++ b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosCredMessage.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2014, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2014, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -178,11 +178,10 @@ public final class KerberosCredMessage implements Destroyable {
return true;
}
- if (! (other instanceof KerberosCredMessage)) {
+ if (! (other instanceof KerberosCredMessage otherMessage)) {
return false;
}
- KerberosCredMessage otherMessage = ((KerberosCredMessage) other);
if (isDestroyed() || otherMessage.isDestroyed()) {
return false;
}
diff --git a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosKey.java b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosKey.java
index b5874f5637e..5c11c23d63a 100644
--- a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosKey.java
+++ b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosKey.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,7 @@
package javax.security.auth.kerberos;
+import java.io.Serial;
import java.util.Arrays;
import javax.crypto.SecretKey;
import javax.security.auth.DestroyFailedException;
@@ -86,6 +87,7 @@ import javax.security.auth.DestroyFailedException;
*/
public class KerberosKey implements SecretKey {
+ @Serial
private static final long serialVersionUID = -4625402278148246993L;
/**
@@ -108,7 +110,7 @@ public class KerberosKey implements SecretKey {
*
* @serial
*/
- private KeyImpl key;
+ private final KeyImpl key;
private transient boolean destroyed = false;
@@ -312,11 +314,10 @@ public class KerberosKey implements SecretKey {
return true;
}
- if (! (other instanceof KerberosKey)) {
+ if (! (other instanceof KerberosKey otherKey)) {
return false;
}
- KerberosKey otherKey = ((KerberosKey) other);
if (isDestroyed() || otherKey.isDestroyed()) {
return false;
}
@@ -328,15 +329,9 @@ public class KerberosKey implements SecretKey {
}
if (principal == null) {
- if (otherKey.getPrincipal() != null) {
- return false;
- }
+ return otherKey.getPrincipal() == null;
} else {
- if (!principal.equals(otherKey.getPrincipal())) {
- return false;
- }
+ return principal.equals(otherKey.getPrincipal());
}
-
- return true;
}
}
diff --git a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosPrincipal.java b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosPrincipal.java
index ed901e40864..a42d6625ee3 100644
--- a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosPrincipal.java
+++ b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosPrincipal.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -41,6 +41,7 @@ import sun.security.util.*;
public final class KerberosPrincipal
implements java.security.Principal, java.io.Serializable {
+ @Serial
private static final long serialVersionUID = -7374788026156829911L;
//name types
@@ -190,7 +191,7 @@ public final class KerberosPrincipal
public KerberosPrincipal(String name, int nameType) {
- PrincipalName krb5Principal = null;
+ PrincipalName krb5Principal;
try {
// Appends the default realm if it is missing
@@ -274,6 +275,7 @@ public final class KerberosPrincipal
* Realm in their DER-encoded form as specified in Section 5.2.2 of
* RFC4120.
*/
+ @Serial
private void writeObject(ObjectOutputStream oos)
throws IOException {
@@ -294,6 +296,7 @@ public final class KerberosPrincipal
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
+ @Serial
private void readObject(ObjectInputStream ois)
throws IOException, ClassNotFoundException {
byte[] asn1EncPrincipal = (byte [])ois.readObject();
diff --git a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosTicket.java b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosTicket.java
index 9965e376a2d..8bf7fd167ba 100644
--- a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosTicket.java
+++ b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KerberosTicket.java
@@ -82,6 +82,7 @@ import sun.security.util.HexDumpEncoder;
public class KerberosTicket implements Destroyable, Refreshable,
java.io.Serializable {
+ @Serial
private static final long serialVersionUID = 7395334370157380539L;
// XXX Make these flag indices public
@@ -311,9 +312,7 @@ public class KerberosTicket implements Destroyable, Refreshable,
} else {
this.flags = new boolean[NUM_FLAGS];
// Fill in whatever we have
- for (int i = 0; i < flags.length; i++) {
- this.flags[i] = flags[i];
- }
+ System.arraycopy(flags, 0, this.flags, 0, flags.length);
}
} else {
this.flags = new boolean[NUM_FLAGS];
@@ -400,7 +399,7 @@ public class KerberosTicket implements Destroyable, Refreshable,
* or destroyed.
*/
public final boolean isForwardable() {
- return flags == null? false: flags[FORWARDABLE_TICKET_FLAG];
+ return flags != null && flags[FORWARDABLE_TICKET_FLAG];
}
/**
@@ -412,7 +411,7 @@ public class KerberosTicket implements Destroyable, Refreshable,
* or false otherwise or destroyed.
*/
public final boolean isForwarded() {
- return flags == null? false: flags[FORWARDED_TICKET_FLAG];
+ return flags != null && flags[FORWARDED_TICKET_FLAG];
}
/**
@@ -422,7 +421,7 @@ public class KerberosTicket implements Destroyable, Refreshable,
* or destroyed.
*/
public final boolean isProxiable() {
- return flags == null? false: flags[PROXIABLE_TICKET_FLAG];
+ return flags != null && flags[PROXIABLE_TICKET_FLAG];
}
/**
@@ -432,7 +431,7 @@ public class KerberosTicket implements Destroyable, Refreshable,
* a proxy-ticket or destroyed.
*/
public final boolean isProxy() {
- return flags == null? false: flags[PROXY_TICKET_FLAG];
+ return flags != null && flags[PROXY_TICKET_FLAG];
}
@@ -443,7 +442,7 @@ public class KerberosTicket implements Destroyable, Refreshable,
* or destroyed.
*/
public final boolean isPostdated() {
- return flags == null? false: flags[POSTDATED_TICKET_FLAG];
+ return flags != null && flags[POSTDATED_TICKET_FLAG];
}
/**
@@ -455,7 +454,7 @@ public class KerberosTicket implements Destroyable, Refreshable,
* or destroyed.
*/
public final boolean isRenewable() {
- return flags == null? false: flags[RENEWABLE_TICKET_FLAG];
+ return flags != null && flags[RENEWABLE_TICKET_FLAG];
}
/**
@@ -466,7 +465,7 @@ public class KerberosTicket implements Destroyable, Refreshable,
* protocol, or false if not issued this way or destroyed.
*/
public final boolean isInitial() {
- return flags == null? false: flags[INITIAL_TICKET_FLAG];
+ return flags != null && flags[INITIAL_TICKET_FLAG];
}
/**
@@ -555,7 +554,7 @@ public class KerberosTicket implements Destroyable, Refreshable,
* or destroyed.
*/
public boolean isCurrent() {
- return endTime == null? false: (System.currentTimeMillis() <= endTime.getTime());
+ return endTime != null && (System.currentTimeMillis() <= endTime.getTime());
}
/**
@@ -775,11 +774,10 @@ public class KerberosTicket implements Destroyable, Refreshable,
return true;
}
- if (! (other instanceof KerberosTicket)) {
+ if (! (other instanceof KerberosTicket otherTicket)) {
return false;
}
- KerberosTicket otherTicket = ((KerberosTicket) other);
if (isDestroyed() || otherTicket.isDestroyed()) {
return false;
}
@@ -826,11 +824,7 @@ public class KerberosTicket implements Destroyable, Refreshable,
}
}
- if (!Objects.equals(proxy, otherTicket.proxy)) {
- return false;
- }
-
- return true;
+ return Objects.equals(proxy, otherTicket.proxy);
}
/**
@@ -840,6 +834,7 @@ public class KerberosTicket implements Destroyable, Refreshable,
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
+ @Serial
private void readObject(ObjectInputStream s)
throws IOException, ClassNotFoundException {
s.defaultReadObject();
diff --git a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KeyImpl.java b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KeyImpl.java
index 59c1a4458f8..46168cf8377 100644
--- a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KeyImpl.java
+++ b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KeyImpl.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -49,6 +49,7 @@ import sun.security.util.DerValue;
*/
class KeyImpl implements SecretKey, Destroyable, Serializable {
+ @Serial
private static final long serialVersionUID = -7889313790214321193L;
private transient byte[] keyBytes;
@@ -189,6 +190,7 @@ class KeyImpl implements SecretKey, Destroyable, Serializable {
* @throws IOException if an I/O error occurs
* }
*/
+ @Serial
private void writeObject(ObjectOutputStream oos)
throws IOException {
if (destroyed) {
@@ -209,6 +211,7 @@ class KeyImpl implements SecretKey, Destroyable, Serializable {
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
+ @Serial
private void readObject(ObjectInputStream ois)
throws IOException, ClassNotFoundException {
try {
@@ -247,20 +250,15 @@ class KeyImpl implements SecretKey, Destroyable, Serializable {
if (other == this)
return true;
- if (! (other instanceof KeyImpl)) {
+ if (! (other instanceof KeyImpl otherKey)) {
return false;
}
- KeyImpl otherKey = ((KeyImpl) other);
if (isDestroyed() || otherKey.isDestroyed()) {
return false;
}
- if(keyType != otherKey.getKeyType() ||
- !Arrays.equals(keyBytes, otherKey.getEncoded())) {
- return false;
- }
-
- return true;
+ return keyType == otherKey.getKeyType() &&
+ Arrays.equals(keyBytes, otherKey.getEncoded());
}
}
diff --git a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KeyTab.java b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KeyTab.java
index 47368018c18..375006e7452 100644
--- a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KeyTab.java
+++ b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/KeyTab.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2011, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -349,11 +349,10 @@ public final class KeyTab {
if (other == this)
return true;
- if (! (other instanceof KeyTab)) {
+ if (! (other instanceof KeyTab otherKtab)) {
return false;
}
- KeyTab otherKtab = (KeyTab) other;
return Objects.equals(otherKtab.princ, princ) &&
Objects.equals(otherKtab.file, file) &&
bound == otherKtab.bound;
diff --git a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/ServicePermission.java b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/ServicePermission.java
index 556cada4a7e..d327625040b 100644
--- a/src/java.security.jgss/share/classes/javax/security/auth/kerberos/ServicePermission.java
+++ b/src/java.security.jgss/share/classes/javax/security/auth/kerberos/ServicePermission.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -25,10 +25,7 @@
package javax.security.auth.kerberos;
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.io.ObjectStreamField;
+import java.io.*;
import java.security.Permission;
import java.security.PermissionCollection;
import java.util.*;
@@ -38,7 +35,7 @@ import java.util.concurrent.ConcurrentHashMap;
* This class is used to protect Kerberos services and the
* credentials necessary to access those services. There is a one to
* one mapping of a service principal and the credentials necessary
- * to access the service. Therefore granting access to a service
+ * to access the service. Therefore, granting access to a service
* principal implicitly grants access to the credential necessary to
* establish a security context with the service principal. This
* applies regardless of whether the credentials are in a cache
@@ -105,6 +102,7 @@ import java.util.concurrent.ConcurrentHashMap;
public final class ServicePermission extends Permission
implements java.io.Serializable {
+ @Serial
private static final long serialVersionUID = -1227585031618624935L;
/**
@@ -186,7 +184,7 @@ public final class ServicePermission extends Permission
* Checks if this Kerberos service permission object "implies" the
* specified permission.
*
- * More specifically, this method returns true if all of the following
+ * More specifically, this method returns true if all the following
* are true (and returns false if any of them are not):
*
*
p is an instanceof {@code ServicePermission},
@@ -203,11 +201,9 @@ public final class ServicePermission extends Permission
*/
@Override
public boolean implies(Permission p) {
- if (!(p instanceof ServicePermission))
+ if (!(p instanceof ServicePermission that))
return false;
- ServicePermission that = (ServicePermission) p;
-
return ((this.mask & that.mask) == that.mask) &&
impliesIgnoreMask(that);
}
@@ -234,10 +230,9 @@ public final class ServicePermission extends Permission
if (obj == this)
return true;
- if (! (obj instanceof ServicePermission))
+ if (! (obj instanceof ServicePermission that))
return false;
- ServicePermission that = (ServicePermission) obj;
return (this.mask == that.mask) &&
this.getName().equals(that.getName());
@@ -270,14 +265,12 @@ public final class ServicePermission extends Permission
boolean comma = false;
if ((mask & INITIATE) == INITIATE) {
- if (comma) sb.append(',');
- else comma = true;
+ comma = true;
sb.append("initiate");
}
if ((mask & ACCEPT) == ACCEPT) {
if (comma) sb.append(',');
- else comma = true;
sb.append("accept");
}
@@ -429,6 +422,7 @@ public final class ServicePermission extends Permission
* @param s the {@code ObjectOutputStream} to which data is written
* @throws IOException if an I/O error occurs
*/
+ @Serial
private void writeObject(java.io.ObjectOutputStream s)
throws IOException
{
@@ -447,6 +441,7 @@ public final class ServicePermission extends Permission
* @throws IOException if an I/O error occurs
* @throws ClassNotFoundException if a serialized class cannot be loaded
*/
+ @Serial
private void readObject(java.io.ObjectInputStream s)
throws IOException, ClassNotFoundException
{
@@ -516,10 +511,9 @@ final class KrbServicePermissionCollection extends PermissionCollection
*/
@Override
public boolean implies(Permission permission) {
- if (! (permission instanceof ServicePermission))
+ if (! (permission instanceof ServicePermission np))
return false;
- ServicePermission np = (ServicePermission) permission;
int desired = np.getMask();
if (desired == 0) {
@@ -545,9 +539,7 @@ final class KrbServicePermissionCollection extends PermissionCollection
x = (ServicePermission)perms.get(np.getName());
if (x != null) {
//System.out.println(" trying "+x);
- if ((x.getMask() & desired) == desired) {
- return true;
- }
+ return (x.getMask() & desired) == desired;
}
return false;
}
@@ -566,13 +558,12 @@ final class KrbServicePermissionCollection extends PermissionCollection
*/
@Override
public void add(Permission permission) {
- if (! (permission instanceof ServicePermission))
+ if (! (permission instanceof ServicePermission sp))
throw new IllegalArgumentException("invalid permission: "+
permission);
if (isReadOnly())
throw new SecurityException("attempt to add a Permission to a readonly PermissionCollection");
- ServicePermission sp = (ServicePermission)permission;
String princName = sp.getName();
// Add permission to map if it is absent, or replace with new
@@ -583,8 +574,8 @@ final class KrbServicePermissionCollection extends PermissionCollection
@Override
public Permission apply(Permission existingVal,
Permission newVal) {
- int oldMask = ((ServicePermission)existingVal).getMask();
- int newMask = ((ServicePermission)newVal).getMask();
+ int oldMask = ((ServicePermission) existingVal).getMask();
+ int newMask = ((ServicePermission) newVal).getMask();
if (oldMask != newMask) {
int effective = oldMask | newMask;
if (effective == newMask) {
@@ -611,6 +602,7 @@ final class KrbServicePermissionCollection extends PermissionCollection
return perms.elements();
}
+ @Serial
private static final long serialVersionUID = -4118834211490102011L;
// Need to maintain serialization interoperability with earlier releases,
@@ -621,6 +613,7 @@ final class KrbServicePermissionCollection extends PermissionCollection
* @serialField permissions java.util.Vector
* A list of ServicePermission objects.
*/
+ @Serial
private static final ObjectStreamField[] serialPersistentFields = {
new ObjectStreamField("permissions", Vector.class),
};
@@ -632,6 +625,7 @@ final class KrbServicePermissionCollection extends PermissionCollection
* Writes the contents of the perms field out as a Vector for
* serialization compatibility with earlier releases.
*/
+ @Serial
private void writeObject(ObjectOutputStream out) throws IOException {
// Don't call out.defaultWriteObject()
@@ -646,6 +640,7 @@ final class KrbServicePermissionCollection extends PermissionCollection
/*
* Reads in a Vector of ServicePermissions and saves them in the perms field.
*/
+ @Serial
@SuppressWarnings("unchecked")
private void readObject(ObjectInputStream in)
throws IOException, ClassNotFoundException
diff --git a/src/java.security.jgss/share/classes/org/ietf/jgss/ChannelBinding.java b/src/java.security.jgss/share/classes/org/ietf/jgss/ChannelBinding.java
index 9fdb8f786f2..161a5ae3ac7 100644
--- a/src/java.security.jgss/share/classes/org/ietf/jgss/ChannelBinding.java
+++ b/src/java.security.jgss/share/classes/org/ietf/jgss/ChannelBinding.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2001, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -79,8 +79,8 @@ import java.util.Arrays;
*/
public class ChannelBinding {
- private InetAddress initiator;
- private InetAddress acceptor;
+ private final InetAddress initiator;
+ private final InetAddress acceptor;
private byte[] appData;
/**
@@ -172,11 +172,9 @@ public class ChannelBinding {
if (this == obj)
return true;
- if (! (obj instanceof ChannelBinding))
+ if (! (obj instanceof ChannelBinding cb))
return false;
- ChannelBinding cb = (ChannelBinding) obj;
-
if ((initiator != null && cb.initiator == null) ||
(initiator == null && cb.initiator != null))
return false;
diff --git a/src/java.security.jgss/share/classes/org/ietf/jgss/GSSContext.java b/src/java.security.jgss/share/classes/org/ietf/jgss/GSSContext.java
index 7bbb89544be..d229635820a 100644
--- a/src/java.security.jgss/share/classes/org/ietf/jgss/GSSContext.java
+++ b/src/java.security.jgss/share/classes/org/ietf/jgss/GSSContext.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -216,14 +216,14 @@ public interface GSSContext {
* A lifetime constant representing the default context lifetime. This
* value is set to 0.
*/
- public static final int DEFAULT_LIFETIME = 0;
+ int DEFAULT_LIFETIME = 0;
/**
* A lifetime constant representing indefinite context lifetime.
* This value must is set to the maximum integer value in Java -
* {@link java.lang.Integer#MAX_VALUE Integer.MAX_VALUE}.
*/
- public static final int INDEFINITE_LIFETIME = Integer.MAX_VALUE;
+ int INDEFINITE_LIFETIME = Integer.MAX_VALUE;
/**
* Called by the context initiator to start the context creation
@@ -272,7 +272,7 @@ public interface GSSContext {
* {@link GSSException#BAD_MECH GSSException.BAD_MECH},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public byte[] initSecContext(byte inputBuf[], int offset, int len)
+ byte[] initSecContext(byte inputBuf[], int offset, int len)
throws GSSException;
/**
@@ -360,8 +360,8 @@ public interface GSSContext {
* Use {@link #initSecContext(byte[], int, int)} instead.
*/
@Deprecated(since="11")
- public int initSecContext(InputStream inStream,
- OutputStream outStream) throws GSSException;
+ int initSecContext(InputStream inStream,
+ OutputStream outStream) throws GSSException;
/**
* Called by the context acceptor upon receiving a token from the
@@ -427,7 +427,7 @@ public interface GSSContext {
* {@link GSSException#BAD_MECH GSSException.BAD_MECH},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public byte[] acceptSecContext(byte inToken[], int offset, int len)
+ byte[] acceptSecContext(byte inToken[], int offset, int len)
throws GSSException;
/**
@@ -519,8 +519,8 @@ public interface GSSContext {
* sent.
*/
@Deprecated(since="11")
- public void acceptSecContext(InputStream inStream,
- OutputStream outStream) throws GSSException;
+ void acceptSecContext(InputStream inStream,
+ OutputStream outStream) throws GSSException;
/**
* Used during context establishment to determine the state of the
@@ -529,7 +529,7 @@ public interface GSSContext {
* @return true if this is a fully established context on
* the caller's side and no more tokens are needed from the peer.
*/
- public boolean isEstablished();
+ boolean isEstablished();
/**
* Releases any system resources and cryptographic information stored in
@@ -540,7 +540,7 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public void dispose() throws GSSException;
+ void dispose() throws GSSException;
/**
* Used to determine limits on the size of the message
@@ -573,8 +573,8 @@ public interface GSSContext {
* {@link GSSException#BAD_QOP GSSException.BAD_QOP},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public int getWrapSizeLimit(int qop, boolean confReq,
- int maxTokenSize) throws GSSException;
+ int getWrapSizeLimit(int qop, boolean confReq,
+ int maxTokenSize) throws GSSException;
/**
* Applies per-message security services over the established security
@@ -614,8 +614,8 @@ public interface GSSContext {
* {@link GSSException#BAD_QOP GSSException.BAD_QOP},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public byte[] wrap(byte inBuf[], int offset, int len,
- MessageProp msgProp) throws GSSException;
+ byte[] wrap(byte inBuf[], int offset, int len,
+ MessageProp msgProp) throws GSSException;
/**
* Applies per-message security services over the established security
@@ -645,7 +645,7 @@ public interface GSSContext {
* support the wrapping of zero-length messages.
*
* @param inStream an InputStream containing the application data to be
- * protected. All of the data that is available in
+ * protected. All the data that is available in
* inStream is used.
* @param outStream an OutputStream to write the protected message
* to.
@@ -665,8 +665,8 @@ public interface GSSContext {
* Use {@link #wrap(byte[], int, int, MessageProp)} instead.
*/
@Deprecated(since="11")
- public void wrap(InputStream inStream, OutputStream outStream,
- MessageProp msgProp) throws GSSException;
+ void wrap(InputStream inStream, OutputStream outStream,
+ MessageProp msgProp) throws GSSException;
/**
* Used to process tokens generated by the wrap method on
@@ -701,8 +701,8 @@ public interface GSSContext {
* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public byte [] unwrap(byte[] inBuf, int offset, int len,
- MessageProp msgProp) throws GSSException;
+ byte [] unwrap(byte[] inBuf, int offset, int len,
+ MessageProp msgProp) throws GSSException;
/**
* Uses streams to process tokens generated by the wrap
@@ -752,8 +752,8 @@ public interface GSSContext {
* Use {@link #unwrap(byte[], int, int, MessageProp)} instead.
*/
@Deprecated(since="11")
- public void unwrap(InputStream inStream, OutputStream outStream,
- MessageProp msgProp) throws GSSException;
+ void unwrap(InputStream inStream, OutputStream outStream,
+ MessageProp msgProp) throws GSSException;
/**
* Returns a token containing a cryptographic Message Integrity Code
@@ -784,8 +784,8 @@ public interface GSSContext {
* {@link GSSException#BAD_QOP GSSException.BAD_QOP},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public byte[] getMIC(byte []inMsg, int offset, int len,
- MessageProp msgProp) throws GSSException;
+ byte[] getMIC(byte[] inMsg, int offset, int len,
+ MessageProp msgProp) throws GSSException;
/**
* Uses streams to produce a token containing a cryptographic MIC for
@@ -802,7 +802,7 @@ public interface GSSContext {
* derivation of MICs from zero-length messages.
*
* @param inStream an InputStream containing the message to generate the
- * MIC over. All of the data that is available in
+ * MIC over. All the data that is available in
* inStream is used.
* @param outStream an OutputStream to write the output token to.
* @param msgProp an instance of MessageProp that is used
@@ -821,8 +821,8 @@ public interface GSSContext {
* Use {@link #getMIC(byte[], int, int, MessageProp)} instead.
*/
@Deprecated(since="11")
- public void getMIC(InputStream inStream, OutputStream outStream,
- MessageProp msgProp) throws GSSException;
+ void getMIC(InputStream inStream, OutputStream outStream,
+ MessageProp msgProp) throws GSSException;
/**
* Verifies the cryptographic MIC, contained in the token parameter,
@@ -856,9 +856,9 @@ public interface GSSContext {
* {@link GSSException#CONTEXT_EXPIRED GSSException.CONTEXT_EXPIRED}
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public void verifyMIC(byte[] inToken, int tokOffset, int tokLen,
- byte[] inMsg, int msgOffset, int msgLen,
- MessageProp msgProp) throws GSSException;
+ void verifyMIC(byte[] inToken, int tokOffset, int tokLen,
+ byte[] inMsg, int msgOffset, int msgLen,
+ MessageProp msgProp) throws GSSException;
/**
* Uses streams to verify the cryptographic MIC, contained in the token
@@ -891,7 +891,7 @@ public interface GSSContext {
* @param tokStream an InputStream containing the token generated by the
* peer's getMIC method.
* @param msgStream an InputStream containing the application message to
- * verify the cryptographic MIC over. All of the data
+ * verify the cryptographic MIC over. All the data
* that is available in msgStream is used.
* @param msgProp upon return from the method, this object will contain
* the applied QOP and supplementary information stating if the token
@@ -909,12 +909,12 @@ public interface GSSContext {
* instead.
*/
@Deprecated(since="11")
- public void verifyMIC(InputStream tokStream, InputStream msgStream,
- MessageProp msgProp) throws GSSException;
+ void verifyMIC(InputStream tokStream, InputStream msgStream,
+ MessageProp msgProp) throws GSSException;
/**
* Exports this context so that another process may
- * import it.. Provided to support the sharing of work between
+ * import it. Provided to support the sharing of work between
* multiple processes. This routine will typically be used by the
* context-acceptor, in an application where a single process receives
* incoming connection requests and accepts security contexts over
@@ -941,7 +941,7 @@ public interface GSSContext {
* to either avoid placing such sensitive information within
* interprocess tokens, or to encrypt the token before returning it to
* the application, in a typical GSS-API implementation this may not be
- * possible. Thus the application must take care to protect the
+ * possible. Thus, the application must take care to protect the
* interprocess token, and ensure that any process to which the token
* is transferred is trustworthy.
*
@@ -965,12 +965,12 @@ public interface GSSContext {
* {@link GSSException#NO_CONTEXT GSSException.NO_CONTEXT},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public byte [] export() throws GSSException;
+ byte [] export() throws GSSException;
/**
* Requests that mutual authentication be done during
* context establishment. This request can only be made on the context
- * initiator's side and it has to be done prior to the first call to
+ * initiator's side, and it has to be done prior to the first call to
* initSecContext.
*
* Not all mechanisms support mutual authentication and some mechanisms
@@ -987,12 +987,12 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public void requestMutualAuth(boolean state) throws GSSException;
+ void requestMutualAuth(boolean state) throws GSSException;
/**
* Requests that replay detection be enabled for the
* per-message security services after context establishment. This
- * request can only be made on the context initiator's side and it has
+ * request can only be made on the context initiator's side, and it has
* to be done prior to the first call to
* initSecContext. During context establishment replay
* detection is not an option and is a function of the underlying
@@ -1017,12 +1017,12 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public void requestReplayDet(boolean state) throws GSSException;
+ void requestReplayDet(boolean state) throws GSSException;
/**
* Requests that sequence checking be enabled for the
* per-message security services after context establishment. This
- * request can only be made on the context initiator's side and it has
+ * request can only be made on the context initiator's side, and it has
* to be done prior to the first call to
* initSecContext. During context establishment sequence
* checking is not an option and is a function of the underlying
@@ -1049,12 +1049,12 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public void requestSequenceDet(boolean state) throws GSSException;
+ void requestSequenceDet(boolean state) throws GSSException;
/**
* Requests that the initiator's credentials be
* delegated to the acceptor during context establishment. This
- * request can only be made on the context initiator's side and it has
+ * request can only be made on the context initiator's side, and it has
* to be done prior to the first call to
* initSecContext.
*
@@ -1075,12 +1075,12 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public void requestCredDeleg(boolean state) throws GSSException;
+ void requestCredDeleg(boolean state) throws GSSException;
/**
* Requests that the initiator's identity not be
* disclosed to the acceptor. This request can only be made on the
- * context initiator's side and it has to be done prior to the first
+ * context initiator's side, and it has to be done prior to the first
* call to initSecContext.
*
* Not all mechanisms support anonymity for the initiator. Therefore, the
@@ -1095,12 +1095,12 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public void requestAnonymity(boolean state) throws GSSException;
+ void requestAnonymity(boolean state) throws GSSException;
/**
* Requests that data confidentiality be enabled
* for the wrap method. This request can only be made on
- * the context initiator's side and it has to be done prior to the
+ * the context initiator's side, and it has to be done prior to the
* first call to initSecContext.
*
* Not all mechanisms support confidentiality and other mechanisms
@@ -1125,12 +1125,12 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public void requestConf(boolean state) throws GSSException;
+ void requestConf(boolean state) throws GSSException;
/**
* Requests that data integrity be enabled
* for the wrap and getMICmethods. This
- * request can only be made on the context initiator's side and it has
+ * request can only be made on the context initiator's side, and it has
* to be done prior to the first call to initSecContext.
*
* Not all mechanisms support integrity and other mechanisms
@@ -1149,12 +1149,12 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public void requestInteg(boolean state) throws GSSException;
+ void requestInteg(boolean state) throws GSSException;
/**
* Requests a lifetime in seconds for the
* context. This method can only be called on the context initiator's
- * side and it has to be done prior to the first call to
+ * side, and it has to be done prior to the first call to
* initSecContext.
*
* The actual lifetime of the context will depend on the capabilities of
@@ -1170,7 +1170,7 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public void requestLifetime(int lifetime) throws GSSException;
+ void requestLifetime(int lifetime) throws GSSException;
/**
* Sets the channel bindings to be used during context
@@ -1187,7 +1187,7 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public void setChannelBinding(ChannelBinding cb) throws GSSException;
+ void setChannelBinding(ChannelBinding cb) throws GSSException;
/**
* Determines if credential delegation is enabled on
@@ -1202,7 +1202,7 @@ public interface GSSContext {
* @return true if delegation is enabled, false otherwise.
* @see #requestCredDeleg(boolean)
*/
- public boolean getCredDelegState();
+ boolean getCredDelegState();
/**
* Determines if mutual authentication is enabled on
@@ -1216,7 +1216,7 @@ public interface GSSContext {
* @return true if mutual authentication is enabled, false otherwise.
* @see #requestMutualAuth(boolean)
*/
- public boolean getMutualAuthState();
+ boolean getMutualAuthState();
/**
* Determines if replay detection is enabled for the
@@ -1230,7 +1230,7 @@ public interface GSSContext {
* @return true if replay detection is enabled, false otherwise.
* @see #requestReplayDet(boolean)
*/
- public boolean getReplayDetState();
+ boolean getReplayDetState();
/**
* Determines if sequence checking is enabled for the
@@ -1244,7 +1244,7 @@ public interface GSSContext {
* @return true if sequence checking is enabled, false otherwise.
* @see #requestSequenceDet(boolean)
*/
- public boolean getSequenceDetState();
+ boolean getSequenceDetState();
/**
* Determines if the context initiator is
@@ -1265,7 +1265,7 @@ public interface GSSContext {
* otherwise.
* @see #requestAnonymity(boolean)
*/
- public boolean getAnonymityState();
+ boolean getAnonymityState();
/**
* Determines if the context is transferable to other processes
@@ -1278,7 +1278,7 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public boolean isTransferable() throws GSSException;
+ boolean isTransferable() throws GSSException;
/**
* Determines if the context is ready for per message operations to be
@@ -1290,7 +1290,7 @@ public interface GSSContext {
* this context at the current stage of context establishment, false
* otherwise.
*/
- public boolean isProtReady();
+ boolean isProtReady();
/**
* Determines if data confidentiality is available
@@ -1305,7 +1305,7 @@ public interface GSSContext {
* otherwise.
* @see #requestConf(boolean)
*/
- public boolean getConfState();
+ boolean getConfState();
/**
* Determines if data integrity is available
@@ -1319,7 +1319,7 @@ public interface GSSContext {
* @return true if integrity services are available, false otherwise.
* @see #requestInteg(boolean)
*/
- public boolean getIntegState();
+ boolean getIntegState();
/**
* Determines what the remaining lifetime for this
@@ -1331,7 +1331,7 @@ public interface GSSContext {
* @return the remaining lifetime in seconds
* @see #requestLifetime(int)
*/
- public int getLifetime();
+ int getLifetime();
/**
* Returns the name of the context initiator. This call is valid only
@@ -1346,7 +1346,7 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public GSSName getSrcName() throws GSSException;
+ GSSName getSrcName() throws GSSException;
/**
* Returns the name of the context acceptor. This call is valid only
@@ -1360,7 +1360,7 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public GSSName getTargName() throws GSSException;
+ GSSName getTargName() throws GSSException;
/**
* Determines what mechanism is being used for this
@@ -1374,7 +1374,7 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public Oid getMech() throws GSSException;
+ Oid getMech() throws GSSException;
/**
* Obtains the credentials delegated by the context
@@ -1392,7 +1392,7 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public GSSCredential getDelegCred() throws GSSException;
+ GSSCredential getDelegCred() throws GSSException;
/**
* Determines if this is the context initiator. This
@@ -1406,5 +1406,5 @@ public interface GSSContext {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public boolean isInitiator() throws GSSException;
+ boolean isInitiator() throws GSSException;
}
diff --git a/src/java.security.jgss/share/classes/org/ietf/jgss/GSSCredential.java b/src/java.security.jgss/share/classes/org/ietf/jgss/GSSCredential.java
index 6c304bed59a..576f64924d2 100644
--- a/src/java.security.jgss/share/classes/org/ietf/jgss/GSSCredential.java
+++ b/src/java.security.jgss/share/classes/org/ietf/jgss/GSSCredential.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -98,7 +98,7 @@ public interface GSSCredential extends Cloneable{
* for both context initiation and acceptance.
*
*/
- public static final int INITIATE_AND_ACCEPT = 0;
+ int INITIATE_AND_ACCEPT = 0;
/**
@@ -106,7 +106,7 @@ public interface GSSCredential extends Cloneable{
* for context initiation only.
*
*/
- public static final int INITIATE_ONLY = 1;
+ int INITIATE_ONLY = 1;
/**
@@ -114,21 +114,21 @@ public interface GSSCredential extends Cloneable{
* for context acceptance only.
*
*/
- public static final int ACCEPT_ONLY = 2;
+ int ACCEPT_ONLY = 2;
/**
* A lifetime constant representing the default credential lifetime. This
* value it set to 0.
*/
- public static final int DEFAULT_LIFETIME = 0;
+ int DEFAULT_LIFETIME = 0;
/**
* A lifetime constant representing indefinite credential lifetime.
* This value must is set to the maximum integer value in Java -
* {@link java.lang.Integer#MAX_VALUE Integer.MAX_VALUE}.
*/
- public static final int INDEFINITE_LIFETIME = Integer.MAX_VALUE;
+ int INDEFINITE_LIFETIME = Integer.MAX_VALUE;
/**
* Releases any sensitive information that the GSSCredential object may
@@ -140,7 +140,7 @@ public interface GSSCredential extends Cloneable{
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public void dispose() throws GSSException;
+ void dispose() throws GSSException;
/**
* Retrieves the name of the entity that the credential asserts.
@@ -151,7 +151,7 @@ public interface GSSCredential extends Cloneable{
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public GSSName getName() throws GSSException;
+ GSSName getName() throws GSSException;
/**
* Retrieves a Mechanism Name of the entity that the credential
@@ -169,11 +169,11 @@ public interface GSSCredential extends Cloneable{
* {@link GSSException#BAD_MECH GSSException.BAD_MECH},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public GSSName getName(Oid mech) throws GSSException;
+ GSSName getName(Oid mech) throws GSSException;
/**
* Returns the remaining lifetime in seconds for a credential. The
- * remaining lifetime is the minimum lifetime amongst all of the underlying
+ * remaining lifetime is the minimum lifetime amongst all the underlying
* mechanism specific credential elements.
*
* @return the minimum remaining lifetime in seconds for this
@@ -189,7 +189,7 @@ public interface GSSCredential extends Cloneable{
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public int getRemainingLifetime() throws GSSException;
+ int getRemainingLifetime() throws GSSException;
/**
* Returns the lifetime in seconds for the credential to remain capable
@@ -211,7 +211,7 @@ public interface GSSCredential extends Cloneable{
* {@link GSSException#BAD_MECH GSSException.BAD_MECH},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public int getRemainingInitLifetime(Oid mech) throws GSSException;
+ int getRemainingInitLifetime(Oid mech) throws GSSException;
/**
* Returns the lifetime in seconds for the credential to remain capable
@@ -233,7 +233,7 @@ public interface GSSCredential extends Cloneable{
* {@link GSSException#BAD_MECH GSSException.BAD_MECH},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public int getRemainingAcceptLifetime(Oid mech) throws GSSException;
+ int getRemainingAcceptLifetime(Oid mech) throws GSSException;
/**
* Returns the credential usage mode. In other words, it
@@ -250,7 +250,7 @@ public interface GSSCredential extends Cloneable{
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public int getUsage() throws GSSException;
+ int getUsage() throws GSSException;
/**
* Returns the credential usage mode for a specific mechanism. In other
@@ -269,7 +269,7 @@ public interface GSSCredential extends Cloneable{
* {@link GSSException#BAD_MECH GSSException.BAD_MECH},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public int getUsage(Oid mech) throws GSSException;
+ int getUsage(Oid mech) throws GSSException;
/**
* Returns a list of mechanisms supported by this credential. It does
@@ -285,7 +285,7 @@ public interface GSSCredential extends Cloneable{
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public Oid[] getMechs() throws GSSException;
+ Oid[] getMechs() throws GSSException;
/**
* Adds a mechanism specific credential-element to an existing
@@ -346,8 +346,8 @@ public interface GSSCredential extends Cloneable{
* GSSException.CREDENTIALS_EXPIRED},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public void add(GSSName name, int initLifetime, int acceptLifetime,
- Oid mech, int usage) throws GSSException;
+ void add(GSSName name, int initLifetime, int acceptLifetime,
+ Oid mech, int usage) throws GSSException;
/**
* Tests if this GSSCredential asserts the same entity as the supplied
@@ -358,13 +358,13 @@ public interface GSSCredential extends Cloneable{
* entity; {@code false} otherwise.
* @param another another GSSCredential for comparison to this one
*/
- public boolean equals(Object another);
+ boolean equals(Object another);
/**
* Returns a hashcode value for this GSSCredential.
*
* @return a hashCode value
*/
- public int hashCode();
+ int hashCode();
}
diff --git a/src/java.security.jgss/share/classes/org/ietf/jgss/GSSException.java b/src/java.security.jgss/share/classes/org/ietf/jgss/GSSException.java
index e4bcb1e9e60..a507a9d1b05 100644
--- a/src/java.security.jgss/share/classes/org/ietf/jgss/GSSException.java
+++ b/src/java.security.jgss/share/classes/org/ietf/jgss/GSSException.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,9 @@
package org.ietf.jgss;
+import java.io.Serial;
+import java.util.Objects;
+
/**
* This exception is thrown whenever a GSS-API error occurs, including
* any mechanism specific error. It may contain both the major and the
@@ -41,6 +44,7 @@ package org.ietf.jgss;
*/
public class GSSException extends Exception {
+ @Serial
private static final long serialVersionUID = -2706218945227726672L;
/**
@@ -175,7 +179,7 @@ public class GSSException extends Exception {
public static final int GAP_TOKEN = 22;
- private static String[] messages = {
+ private static final String[] messages = {
"Channel binding mismatch", // BAD_BINDINGS
"Unsupported mechanism requested", // BAD_MECH
"Invalid name provided", // BAD_NAME
@@ -206,7 +210,7 @@ public class GSSException extends Exception {
*
* @serial
*/
- private int major;
+ private final int major;
/**
* The minor code for this exception
@@ -233,7 +237,7 @@ public class GSSException extends Exception {
/**
* Creates a GSSException object with a specified major code.
*
- * @param majorCode the The GSS error code for the problem causing this
+ * @param majorCode the GSS error code for the problem causing this
* exception to be thrown.
*/
public GSSException (int majorCode) {
@@ -326,10 +330,7 @@ public class GSSException extends Exception {
*/
public String getMajorString() {
- if (majorString != null)
- return majorString;
- else
- return messages[major - 1];
+ return Objects.requireNonNullElseGet(majorString, () -> messages[major - 1]);
}
@@ -395,9 +396,6 @@ public class GSSException extends Exception {
*/
private boolean validateMajor(int major) {
- if (major > 0 && major <= messages.length)
- return (true);
-
- return (false);
+ return major > 0 && major <= messages.length;
}
}
diff --git a/src/java.security.jgss/share/classes/org/ietf/jgss/GSSManager.java b/src/java.security.jgss/share/classes/org/ietf/jgss/GSSManager.java
index 8819daaf25b..8294cdb84e4 100644
--- a/src/java.security.jgss/share/classes/org/ietf/jgss/GSSManager.java
+++ b/src/java.security.jgss/share/classes/org/ietf/jgss/GSSManager.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -276,7 +276,7 @@ public abstract class GSSManager {
* {@link GSSException#BAD_MECH GSSException.BAD_MECH},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public abstract GSSName createName(byte name[], Oid nameType)
+ public abstract GSSName createName(byte[] name, Oid nameType)
throws GSSException;
/**
@@ -339,7 +339,7 @@ public abstract class GSSManager {
* {@link GSSException#BAD_MECH GSSException.BAD_MECH},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public abstract GSSName createName(byte name[], Oid nameType, Oid mech)
+ public abstract GSSName createName(byte[] name, Oid nameType, Oid mech)
throws GSSException;
/**
@@ -482,7 +482,7 @@ public abstract class GSSManager {
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
public abstract GSSCredential createCredential(GSSName name,
- int lifetime, Oid mechs[], int usage)
+ int lifetime, Oid[] mechs, int usage)
throws GSSException;
/**
@@ -674,7 +674,7 @@ public abstract class GSSManager {
*
* Calling this method repeatedly preserves the older settings but
* raises them above newer ones in preference thus forming an ordered
- * list of providers and Oid pairs that grows at the bottom. Thus the
+ * list of providers and Oid pairs that grows at the bottom. Thus, the
* older provider settings will be utilized first before this one is.
*
* If there are any previously existing preferences that conflict with
diff --git a/src/java.security.jgss/share/classes/org/ietf/jgss/GSSName.java b/src/java.security.jgss/share/classes/org/ietf/jgss/GSSName.java
index d55bd6abb47..8a541d9fd85 100644
--- a/src/java.security.jgss/share/classes/org/ietf/jgss/GSSName.java
+++ b/src/java.security.jgss/share/classes/org/ietf/jgss/GSSName.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -115,7 +115,7 @@ public interface GSSName {
* States(840) mit(113554) infosys(1) gssapi(2) generic(1) service_name(4)
* }
*/
- public static final Oid NT_HOSTBASED_SERVICE
+ Oid NT_HOSTBASED_SERVICE
= Oid.getInstance("1.2.840.113554.1.2.1.4");
/**
@@ -125,7 +125,7 @@ public interface GSSName {
* States(840) mit(113554) infosys(1) gssapi(2) generic(1) user_name(1)
* }
*/
- public static final Oid NT_USER_NAME
+ Oid NT_USER_NAME
= Oid.getInstance("1.2.840.113554.1.2.1.1");
/**
@@ -136,7 +136,7 @@ public interface GSSName {
* { iso(1) member-body(2) United States(840) mit(113554)
* infosys(1) gssapi(2) generic(1) machine_uid_name(2) }
*/
- public static final Oid NT_MACHINE_UID_NAME
+ Oid NT_MACHINE_UID_NAME
= Oid.getInstance("1.2.840.113554.1.2.1.2");
/**
@@ -148,7 +148,7 @@ public interface GSSName {
* States(840) mit(113554) infosys(1) gssapi(2) generic(1)
* string_uid_name(3) }
*/
- public static final Oid NT_STRING_UID_NAME
+ Oid NT_STRING_UID_NAME
= Oid.getInstance("1.2.840.113554.1.2.1.3");
/**
@@ -157,7 +157,7 @@ public interface GSSName {
* { 1(iso), 3(org), 6(dod), 1(internet),
* 5(security), 6(nametypes), 3(gss-anonymous-name) }
*/
- public static final Oid NT_ANONYMOUS
+ Oid NT_ANONYMOUS
= Oid.getInstance("1.3.6.1.5.6.3");
/**
@@ -168,7 +168,7 @@ public interface GSSName {
* 3(org), 6(dod), 1(internet), 5(security), 6(nametypes),
* 4(gss-api-exported-name) }
*/
- public static final Oid NT_EXPORT_NAME
+ Oid NT_EXPORT_NAME
= Oid.getInstance("1.3.6.1.5.6.4");
/**
@@ -185,7 +185,7 @@ public interface GSSName {
* {@link GSSException#BAD_NAMETYPE GSSException.BAD_NAMETYPE},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public boolean equals(GSSName another) throws GSSException;
+ boolean equals(GSSName another) throws GSSException;
/**
* Compares this GSSName object to another Object that might be a
@@ -198,14 +198,14 @@ public interface GSSName {
* @param another the object to compare this name to
* @see #equals(GSSName)
*/
- public boolean equals(Object another);
+ boolean equals(Object another);
/**
* Returns a hashcode value for this GSSName.
*
* @return a hashCode value
*/
- public int hashCode();
+ int hashCode();
/**
* Creates a name that is canonicalized for some
@@ -224,7 +224,7 @@ public interface GSSName {
* {@link GSSException#BAD_NAME GSSException.BAD_NAME},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public GSSName canonicalize(Oid mech) throws GSSException;
+ GSSName canonicalize(Oid mech) throws GSSException;
/**
* Returns a canonical contiguous byte representation of a mechanism name
@@ -259,7 +259,7 @@ public interface GSSName {
* {@link GSSException#BAD_NAMETYPE GSSException.BAD_NAMETYPE},
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public byte[] export() throws GSSException;
+ byte[] export() throws GSSException;
/**
* Returns a textual representation of the GSSName object. To retrieve
@@ -269,7 +269,7 @@ public interface GSSName {
*
* @return a String representing this name in printable form.
*/
- public String toString();
+ String toString();
/**
* Returns the name type of the printable
@@ -283,14 +283,14 @@ public interface GSSName {
* major error codes:
* {@link GSSException#FAILURE GSSException.FAILURE}
*/
- public Oid getStringNameType() throws GSSException;
+ Oid getStringNameType() throws GSSException;
/**
* Tests if this name object represents an anonymous entity.
*
* @return true if this is an anonymous name, false otherwise.
*/
- public boolean isAnonymous();
+ boolean isAnonymous();
/**
* Tests if this name object represents a Mechanism Name (MN). An MN is
@@ -299,6 +299,6 @@ public interface GSSName {
*
* @return true if this is an MN, false otherwise.
*/
- public boolean isMN();
+ boolean isMN();
}
diff --git a/src/java.security.jgss/share/classes/org/ietf/jgss/Oid.java b/src/java.security.jgss/share/classes/org/ietf/jgss/Oid.java
index 05794c7927e..8d5df2e53e8 100644
--- a/src/java.security.jgss/share/classes/org/ietf/jgss/Oid.java
+++ b/src/java.security.jgss/share/classes/org/ietf/jgss/Oid.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -50,7 +50,7 @@ import sun.security.util.ObjectIdentifier;
*/
public class Oid {
- private ObjectIdentifier oid;
+ private final ObjectIdentifier oid;
private byte[] derEncoding;
/**
@@ -100,7 +100,7 @@ public class Oid {
* Creates an Oid object from its ASN.1 DER encoding. This refers to
* the full encoding including tag and length. The structure and
* encoding of Oids is defined in ISOIEC-8824 and ISOIEC-8825. This
- * method is identical in functionality to its InputStream conterpart.
+ * method is identical in functionality to its InputStream counterpart.
*
* @param data byte array containing the DER encoded oid
* @exception GSSException may be thrown when the DER encoding does not
diff --git a/src/java.security.jgss/share/classes/org/ietf/jgss/package-info.java b/src/java.security.jgss/share/classes/org/ietf/jgss/package-info.java
index 9d1c7e99f24..12cd0debefd 100644
--- a/src/java.security.jgss/share/classes/org/ietf/jgss/package-info.java
+++ b/src/java.security.jgss/share/classes/org/ietf/jgss/package-info.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -65,7 +65,7 @@
* mechanism will search for the required INITIATE and ACCEPT credentials
* ({@link javax.security.auth.kerberos.KerberosTicket KerberosTicket} and
* {@link javax.security.auth.kerberos.KerberosKey KerberosKey}) in
- * the private credential set where as some other mechanism might look
+ * the private credential set whereas some other mechanism might look
* in the public set or in both. If the desired credential is not
* present in the appropriate sets of the current Subject, the GSS-API
* call must fail.
diff --git a/src/java.security.jgss/share/classes/sun/security/jgss/GSSCaller.java b/src/java.security.jgss/share/classes/sun/security/jgss/GSSCaller.java
index 51ea1f21965..69195e57003 100644
--- a/src/java.security.jgss/share/classes/sun/security/jgss/GSSCaller.java
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/GSSCaller.java
@@ -36,7 +36,7 @@ public sealed class GSSCaller permits HttpCaller {
public static final GSSCaller CALLER_INITIATE = new GSSCaller("INITIATE");
public static final GSSCaller CALLER_ACCEPT = new GSSCaller("ACCEPT");
- private String name;
+ private final String name;
GSSCaller(String s) {
name = s;
}
diff --git a/src/java.security.jgss/share/classes/sun/security/jgss/GSSContextImpl.java b/src/java.security.jgss/share/classes/sun/security/jgss/GSSContextImpl.java
index e262b545b20..f1d0f9bf205 100644
--- a/src/java.security.jgss/share/classes/sun/security/jgss/GSSContextImpl.java
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/GSSContextImpl.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -145,7 +145,7 @@ public class GSSContextImpl implements GSSContext {
public GSSContextImpl(GSSManagerImpl gssManager, GSSName peer, Oid mech,
GSSCredential myCred, int lifetime)
throws GSSException {
- if ((peer == null) || !(peer instanceof GSSNameImpl)) {
+ if (!(peer instanceof GSSNameImpl)) {
throw new GSSException(GSSException.BAD_NAME);
}
if (mech == null) mech = ProviderList.DEFAULT_MECH_OID;
@@ -182,7 +182,7 @@ public class GSSContextImpl implements GSSContext {
this.mechOid = mechCtxt.getMech();
}
- public byte[] initSecContext(byte inputBuf[], int offset, int len)
+ public byte[] initSecContext(byte[] inputBuf, int offset, int len)
throws GSSException {
/*
* Size of ByteArrayOutputStream will double each time that extra
@@ -206,7 +206,7 @@ public class GSSContextImpl implements GSSContext {
"Illegal call to initSecContext");
}
- GSSHeader gssHeader = null;
+ GSSHeader gssHeader;
int inTokenLen = -1;
GSSCredentialSpi credElement = null;
boolean firstToken = false;
@@ -292,7 +292,7 @@ public class GSSContextImpl implements GSSContext {
}
}
- public byte[] acceptSecContext(byte inTok[], int offset, int len)
+ public byte[] acceptSecContext(byte[] inTok, int offset, int len)
throws GSSException {
/*
@@ -315,7 +315,7 @@ public class GSSContextImpl implements GSSContext {
"Illegal call to acceptSecContext");
}
- GSSHeader gssHeader = null;
+ GSSHeader gssHeader;
int inTokenLen = -1;
GSSCredentialSpi credElement = null;
@@ -361,14 +361,13 @@ public class GSSContextImpl implements GSSContext {
byte[] obuf = mechCtxt.acceptSecContext(inStream, inTokenLen);
if (obuf != null) {
- int retVal = obuf.length;
if (mechCtxt.getProvider().getName().equals("SunNativeGSS") ||
(GSSUtil.isSpNegoMech(mechOid))) {
// do not add GSS header for native provider and SPNEGO
} else {
// add GSS header
gssHeader = new GSSHeader(objId, obuf.length);
- retVal += gssHeader.encode(outStream);
+ gssHeader.encode(outStream);
}
outStream.write(obuf);
}
@@ -398,7 +397,7 @@ public class GSSContextImpl implements GSSContext {
"No mechanism context yet!");
}
- public byte[] wrap(byte inBuf[], int offset, int len,
+ public byte[] wrap(byte[] inBuf, int offset, int len,
MessageProp msgProp) throws GSSException {
if (mechCtxt != null)
return mechCtxt.wrap(inBuf, offset, len, msgProp);
diff --git a/src/java.security.jgss/share/classes/sun/security/jgss/GSSCredentialImpl.java b/src/java.security.jgss/share/classes/sun/security/jgss/GSSCredentialImpl.java
index f31b80acbb9..05017638b9e 100644
--- a/src/java.security.jgss/share/classes/sun/security/jgss/GSSCredentialImpl.java
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/GSSCredentialImpl.java
@@ -172,8 +172,8 @@ public class GSSCredentialImpl implements GSSCredential {
"no longer valid");
}
- SearchKey key = null;
- GSSCredentialSpi element = null;
+ SearchKey key;
+ GSSCredentialSpi element;
if (mech == null) mech = ProviderList.DEFAULT_MECH_OID;
@@ -213,7 +213,7 @@ public class GSSCredentialImpl implements GSSCredential {
SearchKey tempKey;
GSSCredentialSpi tempCred;
- int tempLife = 0, tempInitLife = 0, tempAcceptLife = 0;
+ int tempLife, tempInitLife, tempAcceptLife;
int min = INDEFINITE_LIFETIME;
for (Enumeration e = hashtable.keys();
@@ -227,9 +227,7 @@ public class GSSCredentialImpl implements GSSCredential {
else {
tempInitLife = tempCred.getInitLifetime();
tempAcceptLife = tempCred.getAcceptLifetime();
- tempLife = (tempInitLife < tempAcceptLife ?
- tempInitLife:
- tempAcceptLife);
+ tempLife = (Math.min(tempInitLife, tempAcceptLife));
}
if (min > tempLife)
min = tempLife;
@@ -245,8 +243,8 @@ public class GSSCredentialImpl implements GSSCredential {
"no longer valid");
}
- GSSCredentialSpi element = null;
- SearchKey key = null;
+ GSSCredentialSpi element;
+ SearchKey key;
boolean found = false;
int max = 0;
@@ -285,8 +283,8 @@ public class GSSCredentialImpl implements GSSCredential {
"no longer valid");
}
- GSSCredentialSpi element = null;
- SearchKey key = null;
+ GSSCredentialSpi element;
+ SearchKey key;
boolean found = false;
int max = 0;
@@ -361,8 +359,8 @@ public class GSSCredentialImpl implements GSSCredential {
"no longer valid");
}
- GSSCredentialSpi element = null;
- SearchKey key = null;
+ GSSCredentialSpi element;
+ SearchKey key;
boolean initiate = false;
boolean accept = false;
@@ -618,7 +616,7 @@ public class GSSCredentialImpl implements GSSCredential {
Set getElements() {
HashSet retVal =
- new HashSet(hashtable.size());
+ new HashSet<>(hashtable.size());
Enumeration values = hashtable.elements();
while (values.hasMoreElements()) {
GSSCredentialSpi o = values.nextElement();
@@ -649,7 +647,7 @@ public class GSSCredentialImpl implements GSSCredential {
"no longer valid");
}
- GSSCredentialSpi element = null;
+ GSSCredentialSpi element;
StringBuilder sb = new StringBuilder("[GSSCredential: ");
Object[] elements = hashtable.entrySet().toArray();
for (int i = 0; i < elements.length; i++) {
@@ -676,7 +674,7 @@ public class GSSCredentialImpl implements GSSCredential {
}
static class SearchKey {
- private Oid mechOid = null;
+ private final Oid mechOid;
private int usage = GSSCredential.INITIATE_AND_ACCEPT;
public SearchKey(Oid mechOid, int usage) {
@@ -690,9 +688,8 @@ public class GSSCredentialImpl implements GSSCredential {
return usage;
}
public boolean equals(Object other) {
- if (! (other instanceof SearchKey))
+ if (! (other instanceof SearchKey that))
return false;
- SearchKey that = (SearchKey) other;
return ((this.mechOid.equals(that.mechOid)) &&
(this.usage == that.usage));
}
diff --git a/src/java.security.jgss/share/classes/sun/security/jgss/GSSExceptionImpl.java b/src/java.security.jgss/share/classes/sun/security/jgss/GSSExceptionImpl.java
index cc2dd268189..86900a159cc 100644
--- a/src/java.security.jgss/share/classes/sun/security/jgss/GSSExceptionImpl.java
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/GSSExceptionImpl.java
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -27,6 +27,8 @@ package sun.security.jgss;
import org.ietf.jgss.*;
+import java.io.Serial;
+
/**
* This class helps overcome a limitation of the org.ietf.jgss.GSSException
* class that does not allow the thrower to set a string corresponding to
@@ -34,6 +36,7 @@ import org.ietf.jgss.*;
*/
public class GSSExceptionImpl extends GSSException {
+ @Serial
private static final long serialVersionUID = 4251197939069005575L;
private String majorMessage;
diff --git a/src/java.security.jgss/share/classes/sun/security/jgss/GSSHeader.java b/src/java.security.jgss/share/classes/sun/security/jgss/GSSHeader.java
index fc1be114744..471d3d4c2ba 100644
--- a/src/java.security.jgss/share/classes/sun/security/jgss/GSSHeader.java
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/GSSHeader.java
@@ -52,9 +52,9 @@ import sun.security.util.*;
public class GSSHeader {
- private ObjectIdentifier mechOid = null;
- private byte[] mechOidBytes = null;
- private int mechTokenLength = 0;
+ private final ObjectIdentifier mechOid;
+ private final byte[] mechOidBytes;
+ private final int mechTokenLength;
/**
* The tag defined in the GSS-API mechanism independent token
@@ -80,7 +80,7 @@ public class GSSHeader {
}
/**
- * Reads in a GSSHeader from an InputStream. Typically this would be
+ * Reads in a GSSHeader from an InputStream. Typically, this would be
* used as part of reading the complete token from an InputStream
* that is obtained from a socket.
*/
@@ -159,7 +159,7 @@ public class GSSHeader {
DerOutputStream temp = new DerOutputStream();
temp.putOID(mechOid);
mechOidBytesSize = temp.toByteArray().length;
- } catch (IOException e) {
+ } catch (IOException ignored) {
}
// Subtract bytes needed for 0x60 tag and mechOidBytes
@@ -196,7 +196,7 @@ public class GSSHeader {
* the length field of the GSSHeader.
*/
private int getLenFieldSize(int len) {
- int retVal = 1;
+ int retVal;
if (len < 128) {
retVal=1;
} else if (len < (1 << 8)) {
@@ -261,10 +261,9 @@ public class GSSHeader {
*/
if (tmp == 0)
return -1;
- if (tmp < 0 || tmp > 4)
+ if (tmp > 4)
throw new IOException("DerInputStream.getLength(): lengthTag="
- + tmp + ", "
- + ((tmp < 0) ? "incorrect DER encoding." : "too big."));
+ + tmp + ", too big.");
for (value = 0; tmp > 0; tmp --) {
value <<= 8;
@@ -287,7 +286,7 @@ public class GSSHeader {
*/
// Shameless lifted from sun.security.util.DerOutputStream.
private int putLength(int len, OutputStream out) throws IOException {
- int retVal = 0;
+ int retVal;
if (len < 128) {
out.write((byte)len);
retVal=1;
@@ -333,7 +332,7 @@ public class GSSHeader {
StringBuilder sb = new StringBuilder();
for (int i = 0; i < len; i++) {
- int b1 = (bytes[i]>>4) & 0x0f;
+ int b1 = (bytes[i] >> 4) & 0x0f;
int b2 = bytes[i] & 0x0f;
sb.append(Integer.toHexString(b1));
diff --git a/src/java.security.jgss/share/classes/sun/security/jgss/GSSManagerImpl.java b/src/java.security.jgss/share/classes/sun/security/jgss/GSSManagerImpl.java
index de585025205..4279abde696 100644
--- a/src/java.security.jgss/share/classes/sun/security/jgss/GSSManagerImpl.java
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/GSSManagerImpl.java
@@ -40,7 +40,7 @@ public class GSSManagerImpl extends GSSManager {
private static final Boolean USE_NATIVE = GetBooleanAction
.privilegedGetProperty("sun.security.jgss.native");
- private ProviderList list;
+ private final ProviderList list;
// Used by java SPNEGO impl to make sure native is disabled
public GSSManagerImpl(GSSCaller caller, boolean useNative) {
@@ -76,7 +76,7 @@ public class GSSManagerImpl extends GSSManager {
nameType = GSSName.NT_HOSTBASED_SERVICE;
}
- // Iterate thru all mechs in GSS
+ // Iterate through all mechs in GSS
for (int i = 0; i < mechs.length; i++) {
// what nametypes does this mech support?
Oid mech = mechs[i];
@@ -98,8 +98,7 @@ public class GSSManagerImpl extends GSSManager {
// Trim the list if needed
if (pos < retVal.length) {
Oid[] temp = new Oid[pos];
- for (int i = 0; i < pos; i++)
- temp[i] = retVal[i];
+ System.arraycopy(retVal, 0, temp, 0, pos);
retVal = temp;
}
diff --git a/src/java.security.jgss/share/classes/sun/security/jgss/GSSNameImpl.java b/src/java.security.jgss/share/classes/sun/security/jgss/GSSNameImpl.java
index 60b00fdadcf..845b2dced09 100644
--- a/src/java.security.jgss/share/classes/sun/security/jgss/GSSNameImpl.java
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/GSSNameImpl.java
@@ -54,7 +54,7 @@ import static java.nio.charset.StandardCharsets.UTF_8;
* mechanisms are required to be handed out. (Generally, other GSS
* classes like GSSContext and GSSCredential request specific
* elements depending on the mechanisms that they are dealing with.)
- * Assume that getting a mechanism to parse the applciation specified
+ * Assume that getting a mechanism to parse the application specified
* bytes is an expensive call.
*
* When a GSSName is canonicalized wrt some mechanism, it is supposed
@@ -225,7 +225,7 @@ public final class GSSNameImpl implements GSSName {
throws GSSException {
int pos = 0;
- byte[] bytes = null;
+ byte[] bytes;
if (appName instanceof String) {
bytes = ((String) appName).getBytes(UTF_8);
@@ -240,7 +240,7 @@ public final class GSSNameImpl implements GSSName {
int oidLen = (((0xFF & bytes[pos++]) << 8) |
(0xFF & bytes[pos++]));
- ObjectIdentifier temp = null;
+ ObjectIdentifier temp;
try {
DerInputStream din = new DerInputStream(bytes, pos,
oidLen);
@@ -285,7 +285,7 @@ public final class GSSNameImpl implements GSSName {
if (other == this)
return true;
- if (! (other instanceof GSSNameImpl))
+ if (! (other instanceof GSSNameImpl that))
return equals(gssManager.createName(other.toString(),
other.getStringNameType()));
@@ -294,8 +294,6 @@ public final class GSSNameImpl implements GSSName {
* available. If that fails, then proceed with this test.
*/
- GSSNameImpl that = (GSSNameImpl) other;
-
GSSNameSpi myElement = this.mechElement;
GSSNameSpi element = that.mechElement;
@@ -399,8 +397,8 @@ public final class GSSNameImpl implements GSSName {
}
byte[] mechPortion = mechElement.export();
- byte[] oidBytes = null;
- ObjectIdentifier oid = null;
+ byte[] oidBytes;
+ ObjectIdentifier oid;
try {
oid = ObjectIdentifier.of
diff --git a/src/java.security.jgss/share/classes/sun/security/jgss/GSSToken.java b/src/java.security.jgss/share/classes/sun/security/jgss/GSSToken.java
index 62ec72ea2e6..b7bb1aa16d3 100644
--- a/src/java.security.jgss/share/classes/sun/security/jgss/GSSToken.java
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/GSSToken.java
@@ -25,11 +25,10 @@
package sun.security.jgss;
+import java.io.EOFException;
+import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
-import java.io.IOException;
-import java.io.EOFException;
-import sun.security.util.*;
/**
* Utilities for processing GSS Tokens.
@@ -70,7 +69,7 @@ public abstract class GSSToken {
}
public static final void writeBigEndian(int value, byte[] array,
- int pos) {
+ int pos) {
array[pos++] = (byte)((value>>>24));
array[pos++] = (byte)((value>>>16));
array[pos++] = (byte)((value>>>8));
@@ -153,7 +152,7 @@ public abstract class GSSToken {
/**
* Reads a two byte integer value from a byte array.
*
- * @param src the byte arra to read from
+ * @param src the byte array to read from
* @param pos the offset to start reading from
* @return the integer value
*/
@@ -203,11 +202,11 @@ public abstract class GSSToken {
}
}
- public static final String getHexBytes(byte[] bytes) {
+ public static final String getHexBytes(byte[] bytes) {
return getHexBytes(bytes, 0, bytes.length);
}
- public static final String getHexBytes(byte[] bytes, int len) {
+ public static final String getHexBytes(byte[] bytes, int len) {
return getHexBytes(bytes, 0, len);
}
diff --git a/src/java.security.jgss/share/classes/sun/security/jgss/GSSUtil.java b/src/java.security.jgss/share/classes/sun/security/jgss/GSSUtil.java
index ccfbaa6db1c..7f585ce3894 100644
--- a/src/java.security.jgss/share/classes/sun/security/jgss/GSSUtil.java
+++ b/src/java.security.jgss/share/classes/sun/security/jgss/GSSUtil.java
@@ -118,13 +118,13 @@ public class GSSUtil {
public static Subject getSubject(GSSName name,
GSSCredential creds) {
- HashSet