OpenJDK / amber / amber
changeset 10336:0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
Reviewed-by: xuelei, mullan
Contributed-by: alexandre.boulgakov@oracle.com
line wrap: on
line diff
--- a/jdk/make/com/sun/crypto/provider/Makefile Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/make/com/sun/crypto/provider/Makefile Mon Aug 15 11:48:20 2011 -0700 @@ -113,6 +113,9 @@ endif endif +JAVAC_MAX_WARNINGS = false +JAVAC_LINT_OPTIONS = -Xlint:all,-deprecation +JAVAC_WARNINGS_FATAL = true include $(BUILDDIR)/common/Defs.gmk #
--- a/jdk/make/com/sun/security/Makefile Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/make/com/sun/security/Makefile Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ # -# Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -28,6 +28,9 @@ # BUILDDIR = ../../.. +SUBDIRS_MAKEFLAGS += JAVAC_MAX_WARNINGS=false +SUBDIRS_MAKEFLAGS += JAVAC_LINT_OPTIONS=-Xlint:all,-deprecation +SUBDIRS_MAKEFLAGS += JAVAC_WARNINGS_FATAL=true include $(BUILDDIR)/common/Defs.gmk SUBDIRS = auth
--- a/jdk/make/java/security/Makefile Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/make/java/security/Makefile Mon Aug 15 11:48:20 2011 -0700 @@ -26,6 +26,9 @@ BUILDDIR = ../.. PACKAGE = java.security PRODUCT = sun +JAVAC_MAX_WARNINGS = false +JAVAC_LINT_OPTIONS = -Xlint:all,-deprecation +JAVAC_WARNINGS_FATAL = true include $(BUILDDIR)/common/Defs.gmk #
--- a/jdk/make/javax/crypto/Makefile Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/make/javax/crypto/Makefile Mon Aug 15 11:48:20 2011 -0700 @@ -128,6 +128,8 @@ endif endif +JAVAC_MAX_WARNINGS = true +JAVAC_WARNINGS_FATAL = true include $(BUILDDIR)/common/Defs.gmk #
--- a/jdk/make/sun/security/Makefile Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/make/sun/security/Makefile Mon Aug 15 11:48:20 2011 -0700 @@ -34,6 +34,8 @@ # BUILDDIR = ../.. +SUBDIRS_MAKEFLAGS += JAVAC_MAX_WARNINGS=true +SUBDIRS_MAKEFLAGS += JAVAC_WARNINGS_FATAL=true include $(BUILDDIR)/common/Defs.gmk # build sun/security/jgss/wrapper on non-windows platform
--- a/jdk/make/sun/security/ec/Makefile Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/make/sun/security/ec/Makefile Mon Aug 15 11:48:20 2011 -0700 @@ -109,6 +109,9 @@ endif endif +JAVAC_MAX_WARNINGS=false +JAVAC_LINT_OPTIONS=-Xlint:all,-deprecation +JAVAC_WARNINGS_FATAL=true include $(BUILDDIR)/common/Defs.gmk #
--- a/jdk/make/sun/security/other/Makefile Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/make/sun/security/other/Makefile Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ # -# Copyright (c) 1996, 2009, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,9 @@ BUILDDIR = ../../.. PACKAGE = sun.security.other PRODUCT = sun +JAVAC_MAX_WARNINGS=false +JAVAC_LINT_OPTIONS=-Xlint:all,-deprecation +JAVAC_WARNINGS_FATAL=true include $(BUILDDIR)/common/Defs.gmk #
--- a/jdk/make/sun/security/pkcs11/Makefile Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/make/sun/security/pkcs11/Makefile Mon Aug 15 11:48:20 2011 -0700 @@ -110,6 +110,9 @@ endif endif +JAVAC_MAX_WARNINGS=false +JAVAC_LINT_OPTIONS=-Xlint:all,-deprecation +JAVAC_WARNINGS_FATAL=true include $(BUILDDIR)/common/Defs.gmk #
--- a/jdk/src/share/classes/com/sun/crypto/provider/AESCrypt.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/AESCrypt.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -245,7 +245,7 @@ for (j = 0; j < 8; j++) { tmp = AA[i][j]; AA[i][j] = AA[t][j]; - AA[t][j] = (byte) tmp; + AA[t][j] = tmp; } pivot = AA[i][i]; }
--- a/jdk/src/share/classes/com/sun/crypto/provider/AESParameters.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/AESParameters.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,13 +25,10 @@ package com.sun.crypto.provider; -import java.util.*; import java.io.*; -import sun.security.util.*; import java.security.AlgorithmParametersSpi; import java.security.spec.AlgorithmParameterSpec; import java.security.spec.InvalidParameterSpecException; -import javax.crypto.spec.IvParameterSpec; /** * This class implements the parameter (IV) used with the AES algorithm @@ -67,9 +64,15 @@ core.init(encoded, decodingMethod); } - protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + protected <T extends AlgorithmParameterSpec> + T engineGetParameterSpec(Class<T> paramSpec) throws InvalidParameterSpecException { - return core.getParameterSpec(paramSpec); + if (AlgorithmParameterSpec.class.isAssignableFrom(paramSpec)) { + return core.getParameterSpec(paramSpec); + } else { + throw new InvalidParameterSpecException + ("Inappropriate parameter Specification"); + } } protected byte[] engineGetEncoded() throws IOException {
--- a/jdk/src/share/classes/com/sun/crypto/provider/BlockCipherParamsCore.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/BlockCipherParamsCore.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.util.*; import java.io.*; import sun.security.util.*; import sun.misc.HexDumpEncoder; @@ -64,7 +63,7 @@ throw new InvalidParameterSpecException("IV not " + block_size + " bytes long"); } - iv = (byte[]) tmpIv.clone(); + iv = tmpIv.clone(); } void init(byte[] encoded) throws IOException { @@ -90,11 +89,11 @@ init(encoded); } - AlgorithmParameterSpec getParameterSpec(Class paramSpec) + <T extends AlgorithmParameterSpec> T getParameterSpec(Class<T> paramSpec) throws InvalidParameterSpecException { if (IvParameterSpec.class.isAssignableFrom(paramSpec)) { - return new IvParameterSpec(this.iv); + return paramSpec.cast(new IvParameterSpec(this.iv)); } else { throw new InvalidParameterSpecException ("Inappropriate parameter specification");
--- a/jdk/src/share/classes/com/sun/crypto/provider/BlowfishParameters.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/BlowfishParameters.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,13 +25,10 @@ package com.sun.crypto.provider; -import java.util.*; import java.io.*; -import sun.security.util.*; import java.security.AlgorithmParametersSpi; import java.security.spec.AlgorithmParameterSpec; import java.security.spec.InvalidParameterSpecException; -import javax.crypto.spec.IvParameterSpec; /** * This class implements the parameter (IV) used with the Blowfish algorithm in @@ -68,9 +65,15 @@ core.init(encoded, decodingMethod); } - protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + protected <T extends AlgorithmParameterSpec> + T engineGetParameterSpec(Class<T> paramSpec) throws InvalidParameterSpecException { - return core.getParameterSpec(paramSpec); + if (AlgorithmParameterSpec.class.isAssignableFrom(paramSpec)) { + return core.getParameterSpec(paramSpec); + } else { + throw new InvalidParameterSpecException + ("Inappropriate parameter Specification"); + } } protected byte[] engineGetEncoded() throws IOException {
--- a/jdk/src/share/classes/com/sun/crypto/provider/CipherBlockChaining.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/CipherBlockChaining.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -193,7 +193,7 @@ // This is necessary because in this constellation, a // ciphertext block (or parts of it) will be overridden by // the plaintext result. - cipherOrig = (byte[])cipher.clone(); + cipherOrig = cipher.clone(); } for (; cipherOffset < endIndex;
--- a/jdk/src/share/classes/com/sun/crypto/provider/CipherCore.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/CipherCore.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -301,7 +301,7 @@ */ byte[] getIV() { byte[] iv = cipher.getIV(); - return (iv == null) ? null : (byte[])iv.clone(); + return (iv == null) ? null : iv.clone(); } /** @@ -475,8 +475,7 @@ IvParameterSpec ivSpec = null; if (params != null) { try { - ivSpec = (IvParameterSpec)params.getParameterSpec - (IvParameterSpec.class); + ivSpec = params.getParameterSpec(IvParameterSpec.class); } catch (InvalidParameterSpecException ipse) { throw new InvalidAlgorithmParameterException("Wrong parameter " + "type: IV " @@ -832,7 +831,7 @@ buffered = 0; diffBlocksize = blockSize; if (cipherMode != ECB_MODE) { - ((FeedbackCipher)cipher).reset(); + cipher.reset(); } return totalLen; }
--- a/jdk/src/share/classes/com/sun/crypto/provider/DESCrypt.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESCrypt.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -622,17 +622,17 @@ // mangler function: // every 6 bit is fed into the sbox, which // produces 4-bit output - left ^= s0p[(int)((temp & 0x3f) ^ key[j+0])] - ^ s1p[(int)(((temp >> 4) & 0x3f) ^ key[j+1])] - ^ s2p[(int)(((temp >> 8) & 0x3f) ^ key[j+2])] - ^ s3p[(int)(((temp >> 12) & 0x3f) ^ key[j+3])] - ^ s4p[(int)(((temp >> 16) & 0x3f) ^ key[j+4])] - ^ s5p[(int)(((temp >> 20) & 0x3f) ^ key[j+5])] - ^ s6p[(int)(((temp >> 24) & 0x3f) ^ key[j+6])]; + left ^= s0p[(temp & 0x3f) ^ key[j+0]] + ^ s1p[((temp >> 4) & 0x3f) ^ key[j+1]] + ^ s2p[((temp >> 8) & 0x3f) ^ key[j+2]] + ^ s3p[((temp >> 12) & 0x3f) ^ key[j+3]] + ^ s4p[((temp >> 16) & 0x3f) ^ key[j+4]] + ^ s5p[((temp >> 20) & 0x3f) ^ key[j+5]] + ^ s6p[((temp >> 24) & 0x3f) ^ key[j+6]]; // make the last sbox input the last bit from right[0] temp = ((right & 1) << 5) | ((right >> 27) & 0x1f); - left ^= s7p[(int)(temp ^ key[j+7])]; + left ^= s7p[temp ^ key[j+7]]; temp = left; left = right; right = temp;
--- a/jdk/src/share/classes/com/sun/crypto/provider/DESKey.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESKey.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -78,7 +78,7 @@ public byte[] getEncoded() { // Return a copy of the key, rather than a reference, // so that the key data cannot be modified from outside - return (byte[])this.key.clone(); + return this.key.clone(); } public String getAlgorithm() { @@ -126,7 +126,7 @@ throws java.io.IOException, ClassNotFoundException { s.defaultReadObject(); - key = (byte[])key.clone(); + key = key.clone(); } /**
--- a/jdk/src/share/classes/com/sun/crypto/provider/DESKeyFactory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESKeyFactory.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -92,7 +92,7 @@ * inappropriate for the given key, or the given key cannot be processed * (e.g., the given key has an unrecognized algorithm or format). */ - protected KeySpec engineGetKeySpec(SecretKey key, Class keySpec) + protected KeySpec engineGetKeySpec(SecretKey key, Class<?> keySpec) throws InvalidKeySpecException { try {
--- a/jdk/src/share/classes/com/sun/crypto/provider/DESParameters.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESParameters.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,13 +25,10 @@ package com.sun.crypto.provider; -import java.util.*; import java.io.*; -import sun.security.util.*; import java.security.AlgorithmParametersSpi; import java.security.spec.AlgorithmParameterSpec; import java.security.spec.InvalidParameterSpecException; -import javax.crypto.spec.IvParameterSpec; /** * This class implements the parameter (IV) used with the DES algorithm in @@ -68,9 +65,15 @@ core.init(encoded, decodingMethod); } - protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + protected <T extends AlgorithmParameterSpec> + T engineGetParameterSpec(Class<T> paramSpec) throws InvalidParameterSpecException { - return core.getParameterSpec(paramSpec); + if (AlgorithmParameterSpec.class.isAssignableFrom(paramSpec)) { + return core.getParameterSpec(paramSpec); + } else { + throw new InvalidParameterSpecException + ("Inappropriate parameter Specification"); + } } protected byte[] engineGetEncoded() throws IOException {
--- a/jdk/src/share/classes/com/sun/crypto/provider/DESedeKey.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESedeKey.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -78,7 +78,7 @@ } public byte[] getEncoded() { - return (byte[])this.key.clone(); + return this.key.clone(); } public String getAlgorithm() { @@ -127,7 +127,7 @@ throws java.io.IOException, ClassNotFoundException { s.defaultReadObject(); - key = (byte[])key.clone(); + key = key.clone(); } /**
--- a/jdk/src/share/classes/com/sun/crypto/provider/DESedeKeyFactory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESedeKeyFactory.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -92,7 +92,7 @@ * inappropriate for the given key, or the given key cannot be processed * (e.g., the given key has an unrecognized algorithm or format). */ - protected KeySpec engineGetKeySpec(SecretKey key, Class keySpec) + protected KeySpec engineGetKeySpec(SecretKey key, Class<?> keySpec) throws InvalidKeySpecException { try {
--- a/jdk/src/share/classes/com/sun/crypto/provider/DESedeParameters.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESedeParameters.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,13 +25,10 @@ package com.sun.crypto.provider; -import java.util.*; import java.io.*; -import sun.security.util.*; import java.security.AlgorithmParametersSpi; import java.security.spec.AlgorithmParameterSpec; import java.security.spec.InvalidParameterSpecException; -import javax.crypto.spec.IvParameterSpec; /** * This class implements the parameter (IV) used with the Triple DES algorithm @@ -67,9 +64,15 @@ core.init(encoded, decodingMethod); } - protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + protected <T extends AlgorithmParameterSpec> + T engineGetParameterSpec(Class<T> paramSpec) throws InvalidParameterSpecException { - return core.getParameterSpec(paramSpec); + if (AlgorithmParameterSpec.class.isAssignableFrom(paramSpec)) { + return core.getParameterSpec(paramSpec); + } else { + throw new InvalidParameterSpecException + ("Inappropriate parameter Specification"); + } } protected byte[] engineGetEncoded() throws IOException {
--- a/jdk/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/DESedeWrapCipher.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.util.Arrays; import java.security.*; import java.security.spec.*; import javax.crypto.*; @@ -151,7 +150,7 @@ * been set. */ protected byte[] engineGetIV() { - return (iv == null? null:(byte[]) iv.clone()); + return (iv == null) ? null : iv.clone(); } /** @@ -277,8 +276,7 @@ try { DESedeParameters paramsEng = new DESedeParameters(); paramsEng.engineInit(params.getEncoded()); - ivSpec = (IvParameterSpec) - paramsEng.engineGetParameterSpec(IvParameterSpec.class); + ivSpec = paramsEng.engineGetParameterSpec(IvParameterSpec.class); } catch (Exception ex) { InvalidAlgorithmParameterException iape = new InvalidAlgorithmParameterException
--- a/jdk/src/share/classes/com/sun/crypto/provider/DHKeyFactory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/DHKeyFactory.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,8 +25,6 @@ package com.sun.crypto.provider; -import java.util.*; -import java.lang.*; import java.security.Key; import java.security.PublicKey; import java.security.PrivateKey; @@ -140,7 +138,8 @@ * inappropriate for the given key, or the given key cannot be processed * (e.g., the given key has an unrecognized algorithm or format). */ - protected KeySpec engineGetKeySpec(Key key, Class keySpec) + protected <T extends KeySpec> + T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException { DHParameterSpec params; @@ -150,12 +149,12 @@ javax.crypto.interfaces.DHPublicKey dhPubKey = (javax.crypto.interfaces.DHPublicKey) key; params = dhPubKey.getParams(); - return new DHPublicKeySpec(dhPubKey.getY(), - params.getP(), - params.getG()); + return keySpec.cast(new DHPublicKeySpec(dhPubKey.getY(), + params.getP(), + params.getG())); } else if (X509EncodedKeySpec.class.isAssignableFrom(keySpec)) { - return new X509EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new X509EncodedKeySpec(key.getEncoded())); } else { throw new InvalidKeySpecException @@ -168,12 +167,12 @@ javax.crypto.interfaces.DHPrivateKey dhPrivKey = (javax.crypto.interfaces.DHPrivateKey)key; params = dhPrivKey.getParams(); - return new DHPrivateKeySpec(dhPrivKey.getX(), - params.getP(), - params.getG()); + return keySpec.cast(new DHPrivateKeySpec(dhPrivKey.getX(), + params.getP(), + params.getG())); } else if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec)) { - return new PKCS8EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded())); } else { throw new InvalidKeySpecException @@ -208,8 +207,7 @@ } // Convert key to spec DHPublicKeySpec dhPubKeySpec - = (DHPublicKeySpec)engineGetKeySpec - (key, DHPublicKeySpec.class); + = engineGetKeySpec(key, DHPublicKeySpec.class); // Create key from spec, and return it return engineGeneratePublic(dhPubKeySpec); @@ -220,8 +218,7 @@ } // Convert key to spec DHPrivateKeySpec dhPrivKeySpec - = (DHPrivateKeySpec)engineGetKeySpec - (key, DHPrivateKeySpec.class); + = engineGetKeySpec(key, DHPrivateKeySpec.class); // Create key from spec, and return it return engineGeneratePrivate(dhPrivKeySpec);
--- a/jdk/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/DHParameterGenerator.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.math.BigInteger; import java.security.*; import java.security.spec.*; import javax.crypto.spec.DHParameterSpec; @@ -141,8 +140,7 @@ paramGen = AlgorithmParameterGenerator.getInstance("DSA"); paramGen.init(this.primeSize, random); algParams = paramGen.generateParameters(); - dsaParamSpec = (DSAParameterSpec) - algParams.getParameterSpec(DSAParameterSpec.class); + dsaParamSpec = algParams.getParameterSpec(DSAParameterSpec.class); DHParameterSpec dhParamSpec; if (this.exponentSize > 0) {
--- a/jdk/src/share/classes/com/sun/crypto/provider/DHParameters.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/DHParameters.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.util.*; import java.io.*; import sun.security.util.*; import java.math.BigInteger; @@ -95,11 +94,12 @@ engineInit(params); } - protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + protected <T extends AlgorithmParameterSpec> + T engineGetParameterSpec(Class<T> paramSpec) throws InvalidParameterSpecException { if (DHParameterSpec.class.isAssignableFrom(paramSpec)) { - return new DHParameterSpec(this.p, this.g, this.l); + return paramSpec.cast(new DHParameterSpec(this.p, this.g, this.l)); } else { throw new InvalidParameterSpecException ("Inappropriate parameter Specification");
--- a/jdk/src/share/classes/com/sun/crypto/provider/DHPrivateKey.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/DHPrivateKey.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -31,7 +31,6 @@ import java.security.PrivateKey; import java.security.InvalidKeyException; import java.security.ProviderException; -import javax.crypto.*; import javax.crypto.spec.DHParameterSpec; import sun.security.util.*; @@ -182,7 +181,7 @@ // ignore OPTIONAL attributes - this.encodedKey = (byte[])encodedKey.clone(); + this.encodedKey = encodedKey.clone(); } catch (NumberFormatException e) { InvalidKeyException ike = new InvalidKeyException( @@ -256,7 +255,7 @@ return null; } } - return (byte[])this.encodedKey.clone(); + return this.encodedKey.clone(); } /**
--- a/jdk/src/share/classes/com/sun/crypto/provider/DHPublicKey.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/DHPublicKey.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,10 +29,8 @@ import java.math.BigInteger; import java.security.KeyRep; import java.security.InvalidKeyException; -import java.security.InvalidAlgorithmParameterException; import java.security.ProviderException; import java.security.PublicKey; -import javax.crypto.*; import javax.crypto.spec.DHParameterSpec; import sun.security.util.*; @@ -174,7 +172,7 @@ throw new InvalidKeyException("Excess key data"); } - this.encodedKey = (byte[])encodedKey.clone(); + this.encodedKey = encodedKey.clone(); } catch (NumberFormatException e) { throw new InvalidKeyException("Private-value length too big"); @@ -237,7 +235,7 @@ return null; } } - return (byte[])this.encodedKey.clone(); + return this.encodedKey.clone(); } /**
--- a/jdk/src/share/classes/com/sun/crypto/provider/EncryptedPrivateKeyInfo.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/EncryptedPrivateKeyInfo.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -77,7 +77,7 @@ if (seq[1].data.available() != 0) throw new IOException("encryptedData field overrun"); - this.encoded = (byte[])encoded.clone(); + this.encoded = encoded.clone(); } /** @@ -86,7 +86,7 @@ */ EncryptedPrivateKeyInfo(AlgorithmId algid, byte[] encryptedData) { this.algid = algid; - this.encryptedData = (byte[])encryptedData.clone(); + this.encryptedData = encryptedData.clone(); this.encoded = null; // lazy generation of encoding } @@ -101,7 +101,7 @@ * Returns the encrypted data. */ byte[] getEncryptedData() { - return (byte[])this.encryptedData.clone(); + return this.encryptedData.clone(); } /** @@ -110,7 +110,7 @@ byte[] getEncoded() throws IOException { - if (this.encoded != null) return (byte[])this.encoded.clone(); + if (this.encoded != null) return this.encoded.clone(); DerOutputStream out = new DerOutputStream(); DerOutputStream tmp = new DerOutputStream(); @@ -125,6 +125,6 @@ out.write(DerValue.tag_Sequence, tmp); this.encoded = out.toByteArray(); - return (byte[])this.encoded.clone(); + return this.encoded.clone(); } }
--- a/jdk/src/share/classes/com/sun/crypto/provider/HmacCore.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/HmacCore.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -78,8 +78,8 @@ private HmacCore(HmacCore other) throws CloneNotSupportedException { this.md = (MessageDigest)other.md.clone(); this.blockLen = other.blockLen; - this.k_ipad = (byte[])other.k_ipad.clone(); - this.k_opad = (byte[])other.k_opad.clone(); + this.k_ipad = other.k_ipad.clone(); + this.k_opad = other.k_opad.clone(); this.first = other.first; }
--- a/jdk/src/share/classes/com/sun/crypto/provider/JceKeyStore.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/JceKeyStore.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -38,9 +38,7 @@ import java.security.UnrecoverableKeyException; import java.security.cert.Certificate; import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; import java.security.cert.CertificateException; -import java.security.spec.InvalidKeySpecException; import javax.crypto.SealedObject; /** @@ -87,7 +85,7 @@ * Private keys and certificates are stored in a hashtable. * Hash entries are keyed by alias names. */ - private Hashtable entries = new Hashtable(); + private Hashtable<String, Object> entries = new Hashtable<String, Object>(); /** * Returns the key associated with the given alias, using the given @@ -156,7 +154,7 @@ if ((entry instanceof PrivateKeyEntry) && (((PrivateKeyEntry)entry).chain != null)) { - chain = (Certificate[])((PrivateKeyEntry)entry).chain.clone(); + chain = ((PrivateKeyEntry)entry).chain.clone(); } return chain; @@ -262,7 +260,7 @@ // clone the chain if ((chain != null) && (chain.length !=0)) { - entry.chain = (Certificate[])chain.clone(); + entry.chain = chain.clone(); } else { entry.chain = null; } @@ -316,10 +314,10 @@ PrivateKeyEntry entry = new PrivateKeyEntry(); entry.date = new Date(); - entry.protectedKey = (byte[])key.clone(); + entry.protectedKey = key.clone(); if ((chain != null) && (chain.length != 0)) { - entry.chain = (Certificate[])chain.clone(); + entry.chain = chain.clone(); } else { entry.chain = null; } @@ -384,7 +382,7 @@ * * @return enumeration of the alias names */ - public Enumeration engineAliases() { + public Enumeration<String> engineAliases() { return entries.keys(); } @@ -462,9 +460,9 @@ public String engineGetCertificateAlias(Certificate cert) { Certificate certElem; - Enumeration e = entries.keys(); + Enumeration<String> e = entries.keys(); while (e.hasMoreElements()) { - String alias = (String)e.nextElement(); + String alias = e.nextElement(); Object entry = entries.get(alias); if (entry instanceof TrustedCertEntry) { certElem = ((TrustedCertEntry)entry).cert; @@ -560,10 +558,10 @@ dos.writeInt(entries.size()); - Enumeration e = entries.keys(); + Enumeration<String> e = entries.keys(); while (e.hasMoreElements()) { - String alias = (String)e.nextElement(); + String alias = e.nextElement(); Object entry = entries.get(alias); if (entry instanceof PrivateKeyEntry) { @@ -677,7 +675,7 @@ DataInputStream dis; MessageDigest md = null; CertificateFactory cf = null; - Hashtable cfs = null; + Hashtable<String, CertificateFactory> cfs = null; ByteArrayInputStream bais = null; byte[] encoded = null; @@ -713,7 +711,7 @@ cf = CertificateFactory.getInstance("X509"); } else { // version 2 - cfs = new Hashtable(3); + cfs = new Hashtable<String, CertificateFactory>(3); } entries.clear(); @@ -761,7 +759,7 @@ String certType = dis.readUTF(); if (cfs.containsKey(certType)) { // reuse certificate factory - cf = (CertificateFactory)cfs.get(certType); + cf = cfs.get(certType); } else { // create new certificate factory cf = CertificateFactory.getInstance( @@ -803,7 +801,7 @@ String certType = dis.readUTF(); if (cfs.containsKey(certType)) { // reuse certificate factory - cf = (CertificateFactory)cfs.get(certType); + cf = cfs.get(certType); } else { // create new certificate factory cf = CertificateFactory.getInstance(certType);
--- a/jdk/src/share/classes/com/sun/crypto/provider/KeyProtector.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/KeyProtector.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,14 +25,8 @@ package com.sun.crypto.provider; -import java.io.UnsupportedEncodingException; import java.io.IOException; import java.io.Serializable; -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.ObjectInputStream; -import java.io.ObjectOutputStream; -import java.io.ObjectInputStream.GetField; import java.security.Security; import java.security.Key; import java.security.PrivateKey; @@ -42,22 +36,14 @@ import java.security.GeneralSecurityException; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; -import java.security.SecureRandom; import java.security.UnrecoverableKeyException; -import java.security.InvalidParameterException; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; import java.security.AlgorithmParameters; -import java.security.spec.InvalidParameterSpecException; -import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; import javax.crypto.Cipher; import javax.crypto.CipherSpi; import javax.crypto.SecretKey; -import javax.crypto.NoSuchPaddingException; import javax.crypto.IllegalBlockSizeException; -import javax.crypto.BadPaddingException; import javax.crypto.SealedObject; import javax.crypto.spec.*; import sun.security.x509.AlgorithmId; @@ -127,7 +113,7 @@ PBEWithMD5AndTripleDESCipher cipher; cipher = new PBEWithMD5AndTripleDESCipher(); cipher.engineInit(Cipher.ENCRYPT_MODE, sKey, pbeSpec, null); - byte[] plain = (byte[])key.getEncoded(); + byte[] plain = key.getEncoded(); byte[] encrKey = cipher.engineDoFinal(plain, 0, plain.length); // wrap encrypted private key in EncryptedPrivateKeyInfo @@ -169,8 +155,8 @@ AlgorithmParameters pbeParams = AlgorithmParameters.getInstance("PBE"); pbeParams.init(encodedParams); - PBEParameterSpec pbeSpec = (PBEParameterSpec) - pbeParams.getParameterSpec(PBEParameterSpec.class); + PBEParameterSpec pbeSpec = + pbeParams.getParameterSpec(PBEParameterSpec.class); // create PBE key from password PBEKeySpec pbeKeySpec = new PBEKeySpec(this.password);
--- a/jdk/src/share/classes/com/sun/crypto/provider/OAEPParameters.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/OAEPParameters.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,7 +26,6 @@ package com.sun.crypto.provider; import java.math.BigInteger; -import java.util.*; import java.io.*; import sun.security.util.*; import sun.security.x509.*; @@ -180,11 +179,13 @@ engineInit(encoded); } - protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + protected <T extends AlgorithmParameterSpec> + T engineGetParameterSpec(Class<T> paramSpec) throws InvalidParameterSpecException { if (OAEPParameterSpec.class.isAssignableFrom(paramSpec)) { - return new OAEPParameterSpec(mdName, "MGF1", mgfSpec, - new PSource.PSpecified(p)); + return paramSpec.cast( + new OAEPParameterSpec(mdName, "MGF1", mgfSpec, + new PSource.PSpecified(p))); } else { throw new InvalidParameterSpecException ("Inappropriate parameter specification");
--- a/jdk/src/share/classes/com/sun/crypto/provider/PBECipherCore.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBECipherCore.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.io.UnsupportedEncodingException; import java.security.*; import java.security.spec.*; import javax.crypto.*; @@ -326,8 +325,7 @@ PBEParameterSpec pbeSpec = null; if (params != null) { try { - pbeSpec = (PBEParameterSpec) params.getParameterSpec - (PBEParameterSpec.class); + pbeSpec = params.getParameterSpec(PBEParameterSpec.class); } catch (InvalidParameterSpecException ipse) { throw new InvalidAlgorithmParameterException("Wrong parameter " + "type: PBE "
--- a/jdk/src/share/classes/com/sun/crypto/provider/PBEKey.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBEKey.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.io.UnsupportedEncodingException; import java.security.KeyRep; import java.security.spec.InvalidKeySpecException; import javax.crypto.SecretKey; @@ -69,7 +68,7 @@ } public byte[] getEncoded() { - return (byte[])this.key.clone(); + return this.key.clone(); } public String getAlgorithm() { @@ -118,7 +117,7 @@ throws java.io.IOException, ClassNotFoundException { s.defaultReadObject(); - key = (byte[])key.clone(); + key = key.clone(); }
--- a/jdk/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.io.UnsupportedEncodingException; import java.security.InvalidKeyException; import java.security.spec.KeySpec; import java.security.spec.InvalidKeySpecException; @@ -132,7 +131,7 @@ * inappropriate for the given key, or the given key cannot be processed * (e.g., the given key has an unrecognized algorithm or format). */ - protected KeySpec engineGetKeySpec(SecretKey key, Class keySpecCl) + protected KeySpec engineGetKeySpec(SecretKey key, Class<?> keySpecCl) throws InvalidKeySpecException { if ((key instanceof SecretKey) && (validTypes.contains(key.getAlgorithm().toUpperCase()))
--- a/jdk/src/share/classes/com/sun/crypto/provider/PBEParameters.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBEParameters.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package com.sun.crypto.provider; -import java.util.*; import java.io.*; import java.math.BigInteger; import java.security.AlgorithmParametersSpi; @@ -65,7 +64,7 @@ throw new InvalidParameterSpecException ("Inappropriate parameter specification"); } - this.salt = (byte[])((PBEParameterSpec)paramSpec).getSalt().clone(); + this.salt = ((PBEParameterSpec)paramSpec).getSalt().clone(); this.iCount = ((PBEParameterSpec)paramSpec).getIterationCount(); } @@ -98,11 +97,12 @@ engineInit(encoded); } - protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + protected <T extends AlgorithmParameterSpec> + T engineGetParameterSpec(Class<T> paramSpec) throws InvalidParameterSpecException { if (PBEParameterSpec.class.isAssignableFrom(paramSpec)) { - return new PBEParameterSpec(this.salt, this.iCount); + return paramSpec.cast(new PBEParameterSpec(this.salt, this.iCount)); } else { throw new InvalidParameterSpecException ("Inappropriate parameter specification");
--- a/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2HmacSHA1Factory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2HmacSHA1Factory.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,14 +25,12 @@ package com.sun.crypto.provider; -import java.io.*; import java.security.InvalidKeyException; import java.security.spec.KeySpec; import java.security.spec.InvalidKeySpecException; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactorySpi; import javax.crypto.spec.PBEKeySpec; -import javax.crypto.spec.SecretKeySpec; /** * This class implements a key factory for PBE keys derived using @@ -88,7 +86,7 @@ * given key cannot be processed (e.g., the given key has an * unrecognized algorithm or format). */ - protected KeySpec engineGetKeySpec(SecretKey key, Class keySpecCl) + protected KeySpec engineGetKeySpec(SecretKey key, Class<?> keySpecCl) throws InvalidKeySpecException { if (key instanceof javax.crypto.interfaces.PBEKey) { // Check if requested key spec is amongst the valid ones
--- a/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -133,6 +133,7 @@ byte[] ti = new byte[hlen]; // SecretKeySpec cannot be used, since password can be empty here. SecretKey macKey = new SecretKey() { + private static final long serialVersionUID = 7874493593505141603L; @Override public String getAlgorithm() { return prf.getAlgorithm(); @@ -194,7 +195,7 @@ } public byte[] getEncoded() { - return (byte[]) key.clone(); + return key.clone(); } public String getAlgorithm() { @@ -206,7 +207,7 @@ } public char[] getPassword() { - return (char[]) passwd.clone(); + return passwd.clone(); } public byte[] getSalt() { @@ -268,7 +269,7 @@ protected void finalize() throws Throwable { try { if (this.passwd != null) { - java.util.Arrays.fill(this.passwd, (char) '0'); + java.util.Arrays.fill(this.passwd, '0'); this.passwd = null; } if (this.key != null) {
--- a/jdk/src/share/classes/com/sun/crypto/provider/PCBC.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PCBC.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -145,7 +145,7 @@ for (; plainOffset < endIndex; plainOffset += blockSize, cipherOffset += blockSize) { for (i=0; i<blockSize; i++) { - k[i] ^= (byte)(plain[i+plainOffset]); + k[i] ^= plain[i+plainOffset]; } embeddedCipher.encryptBlock(k, 0, cipher, cipherOffset); for (i = 0; i < blockSize; i++) {
--- a/jdk/src/share/classes/com/sun/crypto/provider/RC2Cipher.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/RC2Cipher.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -98,8 +98,8 @@ throws InvalidKeyException, InvalidAlgorithmParameterException { if (params != null && params.getAlgorithm().equals("RC2")) { try { - RC2ParameterSpec rc2Params = (RC2ParameterSpec) - params.getParameterSpec(RC2ParameterSpec.class); + RC2ParameterSpec rc2Params = + params.getParameterSpec(RC2ParameterSpec.class); engineInit(opmode, key, rc2Params, random); } catch (InvalidParameterSpecException ipse) { throw new InvalidAlgorithmParameterException
--- a/jdk/src/share/classes/com/sun/crypto/provider/RC2Parameters.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/RC2Parameters.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -55,7 +55,6 @@ * @author Sean Mullan * @since 1.5 */ - public final class RC2Parameters extends AlgorithmParametersSpi { // TABLE[EKB] from section 6 of RFC 2268, used to convert effective key @@ -177,13 +176,14 @@ engineInit(encoded); } - protected AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) + protected <T extends AlgorithmParameterSpec> + T engineGetParameterSpec(Class<T> paramSpec) throws InvalidParameterSpecException { if (RC2ParameterSpec.class.isAssignableFrom(paramSpec)) { - return (iv == null ? - new RC2ParameterSpec(effectiveKeySize) : - new RC2ParameterSpec(effectiveKeySize, iv)); + return paramSpec.cast((iv == null ? + new RC2ParameterSpec(effectiveKeySize) : + new RC2ParameterSpec(effectiveKeySize, iv))); } else { throw new InvalidParameterSpecException ("Inappropriate parameter specification");
--- a/jdk/src/share/classes/com/sun/crypto/provider/RSACipher.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/RSACipher.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -227,8 +227,8 @@ init(opmode, key, random, null); } else { try { - OAEPParameterSpec spec = (OAEPParameterSpec) - params.getParameterSpec(OAEPParameterSpec.class); + OAEPParameterSpec spec = + params.getParameterSpec(OAEPParameterSpec.class); init(opmode, key, random, spec); } catch (InvalidParameterSpecException ipse) { InvalidAlgorithmParameterException iape =
--- a/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,11 +27,6 @@ import java.security.AccessController; import java.security.Provider; -import java.security.PrivilegedAction; -import java.security.cert.*; -import java.net.URL; -import java.io.ByteArrayInputStream; -import java.security.CodeSource; import java.security.SecureRandom; @@ -105,352 +100,353 @@ "|OFB72|OFB80|OFB88|OFB96|OFB104|OFB112|OFB120|OFB128"; final String BLOCK_PADS = "NOPADDING|PKCS5PADDING|ISO10126PADDING"; - AccessController.doPrivileged(new java.security.PrivilegedAction() { + AccessController.doPrivileged( + new java.security.PrivilegedAction<Object>() { public Object run() { - /* - * Cipher engines - */ - put("Cipher.RSA", "com.sun.crypto.provider.RSACipher"); - put("Cipher.RSA SupportedModes", "ECB"); - put("Cipher.RSA SupportedPaddings", - "NOPADDING|PKCS1PADDING|OAEPWITHMD5ANDMGF1PADDING" - + "|OAEPWITHSHA1ANDMGF1PADDING" - + "|OAEPWITHSHA-1ANDMGF1PADDING" - + "|OAEPWITHSHA-256ANDMGF1PADDING" - + "|OAEPWITHSHA-384ANDMGF1PADDING" - + "|OAEPWITHSHA-512ANDMGF1PADDING"); - put("Cipher.RSA SupportedKeyClasses", - "java.security.interfaces.RSAPublicKey" + - "|java.security.interfaces.RSAPrivateKey"); + /* + * Cipher engines + */ + put("Cipher.RSA", "com.sun.crypto.provider.RSACipher"); + put("Cipher.RSA SupportedModes", "ECB"); + put("Cipher.RSA SupportedPaddings", + "NOPADDING|PKCS1PADDING|OAEPWITHMD5ANDMGF1PADDING" + + "|OAEPWITHSHA1ANDMGF1PADDING" + + "|OAEPWITHSHA-1ANDMGF1PADDING" + + "|OAEPWITHSHA-256ANDMGF1PADDING" + + "|OAEPWITHSHA-384ANDMGF1PADDING" + + "|OAEPWITHSHA-512ANDMGF1PADDING"); + put("Cipher.RSA SupportedKeyClasses", + "java.security.interfaces.RSAPublicKey" + + "|java.security.interfaces.RSAPrivateKey"); - put("Cipher.DES", "com.sun.crypto.provider.DESCipher"); - put("Cipher.DES SupportedModes", BLOCK_MODES); - put("Cipher.DES SupportedPaddings", BLOCK_PADS); - put("Cipher.DES SupportedKeyFormats", "RAW"); + put("Cipher.DES", "com.sun.crypto.provider.DESCipher"); + put("Cipher.DES SupportedModes", BLOCK_MODES); + put("Cipher.DES SupportedPaddings", BLOCK_PADS); + put("Cipher.DES SupportedKeyFormats", "RAW"); - put("Cipher.DESede", "com.sun.crypto.provider.DESedeCipher"); - put("Alg.Alias.Cipher.TripleDES", "DESede"); - put("Cipher.DESede SupportedModes", BLOCK_MODES); - put("Cipher.DESede SupportedPaddings", BLOCK_PADS); - put("Cipher.DESede SupportedKeyFormats", "RAW"); + put("Cipher.DESede", "com.sun.crypto.provider.DESedeCipher"); + put("Alg.Alias.Cipher.TripleDES", "DESede"); + put("Cipher.DESede SupportedModes", BLOCK_MODES); + put("Cipher.DESede SupportedPaddings", BLOCK_PADS); + put("Cipher.DESede SupportedKeyFormats", "RAW"); - put("Cipher.DESedeWrap", - "com.sun.crypto.provider.DESedeWrapCipher"); - put("Cipher.DESedeWrap SupportedModes", "CBC"); - put("Cipher.DESedeWrap SupportedPaddings", "NOPADDING"); - put("Cipher.DESedeWrap SupportedKeyFormats", "RAW"); + put("Cipher.DESedeWrap", + "com.sun.crypto.provider.DESedeWrapCipher"); + put("Cipher.DESedeWrap SupportedModes", "CBC"); + put("Cipher.DESedeWrap SupportedPaddings", "NOPADDING"); + put("Cipher.DESedeWrap SupportedKeyFormats", "RAW"); - put("Cipher.PBEWithMD5AndDES", - "com.sun.crypto.provider.PBEWithMD5AndDESCipher"); - put("Alg.Alias.Cipher.OID."+OID_PKCS5_MD5_DES, - "PBEWithMD5AndDES"); - put("Alg.Alias.Cipher."+OID_PKCS5_MD5_DES, - "PBEWithMD5AndDES"); - put("Cipher.PBEWithMD5AndTripleDES", - "com.sun.crypto.provider.PBEWithMD5AndTripleDESCipher"); - put("Cipher.PBEWithSHA1AndRC2_40", - "com.sun.crypto.provider.PKCS12PBECipherCore$" + - "PBEWithSHA1AndRC2_40"); - put("Alg.Alias.Cipher.OID." + OID_PKCS12_RC2_40, - "PBEWithSHA1AndRC2_40"); - put("Alg.Alias.Cipher." + OID_PKCS12_RC2_40, - "PBEWithSHA1AndRC2_40"); - put("Cipher.PBEWithSHA1AndDESede", - "com.sun.crypto.provider.PKCS12PBECipherCore$" + - "PBEWithSHA1AndDESede"); - put("Alg.Alias.Cipher.OID." + OID_PKCS12_DESede, - "PBEWithSHA1AndDESede"); - put("Alg.Alias.Cipher." + OID_PKCS12_DESede, - "PBEWithSHA1AndDESede"); + put("Cipher.PBEWithMD5AndDES", + "com.sun.crypto.provider.PBEWithMD5AndDESCipher"); + put("Alg.Alias.Cipher.OID."+OID_PKCS5_MD5_DES, + "PBEWithMD5AndDES"); + put("Alg.Alias.Cipher."+OID_PKCS5_MD5_DES, + "PBEWithMD5AndDES"); + put("Cipher.PBEWithMD5AndTripleDES", + "com.sun.crypto.provider.PBEWithMD5AndTripleDESCipher"); + put("Cipher.PBEWithSHA1AndRC2_40", + "com.sun.crypto.provider.PKCS12PBECipherCore$" + + "PBEWithSHA1AndRC2_40"); + put("Alg.Alias.Cipher.OID." + OID_PKCS12_RC2_40, + "PBEWithSHA1AndRC2_40"); + put("Alg.Alias.Cipher." + OID_PKCS12_RC2_40, + "PBEWithSHA1AndRC2_40"); + put("Cipher.PBEWithSHA1AndDESede", + "com.sun.crypto.provider.PKCS12PBECipherCore$" + + "PBEWithSHA1AndDESede"); + put("Alg.Alias.Cipher.OID." + OID_PKCS12_DESede, + "PBEWithSHA1AndDESede"); + put("Alg.Alias.Cipher." + OID_PKCS12_DESede, + "PBEWithSHA1AndDESede"); - put("Cipher.Blowfish", - "com.sun.crypto.provider.BlowfishCipher"); - put("Cipher.Blowfish SupportedModes", BLOCK_MODES); - put("Cipher.Blowfish SupportedPaddings", BLOCK_PADS); - put("Cipher.Blowfish SupportedKeyFormats", "RAW"); + put("Cipher.Blowfish", + "com.sun.crypto.provider.BlowfishCipher"); + put("Cipher.Blowfish SupportedModes", BLOCK_MODES); + put("Cipher.Blowfish SupportedPaddings", BLOCK_PADS); + put("Cipher.Blowfish SupportedKeyFormats", "RAW"); - put("Cipher.AES", "com.sun.crypto.provider.AESCipher"); - put("Alg.Alias.Cipher.Rijndael", "AES"); - put("Cipher.AES SupportedModes", BLOCK_MODES128); - put("Cipher.AES SupportedPaddings", BLOCK_PADS); - put("Cipher.AES SupportedKeyFormats", "RAW"); + put("Cipher.AES", "com.sun.crypto.provider.AESCipher"); + put("Alg.Alias.Cipher.Rijndael", "AES"); + put("Cipher.AES SupportedModes", BLOCK_MODES128); + put("Cipher.AES SupportedPaddings", BLOCK_PADS); + put("Cipher.AES SupportedKeyFormats", "RAW"); - put("Cipher.AESWrap", "com.sun.crypto.provider.AESWrapCipher"); - put("Cipher.AESWrap SupportedModes", "ECB"); - put("Cipher.AESWrap SupportedPaddings", "NOPADDING"); - put("Cipher.AESWrap SupportedKeyFormats", "RAW"); + put("Cipher.AESWrap", "com.sun.crypto.provider.AESWrapCipher"); + put("Cipher.AESWrap SupportedModes", "ECB"); + put("Cipher.AESWrap SupportedPaddings", "NOPADDING"); + put("Cipher.AESWrap SupportedKeyFormats", "RAW"); - put("Cipher.RC2", - "com.sun.crypto.provider.RC2Cipher"); - put("Cipher.RC2 SupportedModes", BLOCK_MODES); - put("Cipher.RC2 SupportedPaddings", BLOCK_PADS); - put("Cipher.RC2 SupportedKeyFormats", "RAW"); + put("Cipher.RC2", + "com.sun.crypto.provider.RC2Cipher"); + put("Cipher.RC2 SupportedModes", BLOCK_MODES); + put("Cipher.RC2 SupportedPaddings", BLOCK_PADS); + put("Cipher.RC2 SupportedKeyFormats", "RAW"); - put("Cipher.ARCFOUR", - "com.sun.crypto.provider.ARCFOURCipher"); - put("Alg.Alias.Cipher.RC4", "ARCFOUR"); - put("Cipher.ARCFOUR SupportedModes", "ECB"); - put("Cipher.ARCFOUR SupportedPaddings", "NOPADDING"); - put("Cipher.ARCFOUR SupportedKeyFormats", "RAW"); + put("Cipher.ARCFOUR", + "com.sun.crypto.provider.ARCFOURCipher"); + put("Alg.Alias.Cipher.RC4", "ARCFOUR"); + put("Cipher.ARCFOUR SupportedModes", "ECB"); + put("Cipher.ARCFOUR SupportedPaddings", "NOPADDING"); + put("Cipher.ARCFOUR SupportedKeyFormats", "RAW"); - /* - * Key(pair) Generator engines - */ - put("KeyGenerator.DES", - "com.sun.crypto.provider.DESKeyGenerator"); + /* + * Key(pair) Generator engines + */ + put("KeyGenerator.DES", + "com.sun.crypto.provider.DESKeyGenerator"); - put("KeyGenerator.DESede", - "com.sun.crypto.provider.DESedeKeyGenerator"); - put("Alg.Alias.KeyGenerator.TripleDES", "DESede"); + put("KeyGenerator.DESede", + "com.sun.crypto.provider.DESedeKeyGenerator"); + put("Alg.Alias.KeyGenerator.TripleDES", "DESede"); - put("KeyGenerator.Blowfish", - "com.sun.crypto.provider.BlowfishKeyGenerator"); + put("KeyGenerator.Blowfish", + "com.sun.crypto.provider.BlowfishKeyGenerator"); - put("KeyGenerator.AES", - "com.sun.crypto.provider.AESKeyGenerator"); - put("Alg.Alias.KeyGenerator.Rijndael", "AES"); + put("KeyGenerator.AES", + "com.sun.crypto.provider.AESKeyGenerator"); + put("Alg.Alias.KeyGenerator.Rijndael", "AES"); - put("KeyGenerator.RC2", - "com.sun.crypto.provider.KeyGeneratorCore$" + - "RC2KeyGenerator"); - put("KeyGenerator.ARCFOUR", - "com.sun.crypto.provider.KeyGeneratorCore$" + - "ARCFOURKeyGenerator"); - put("Alg.Alias.KeyGenerator.RC4", "ARCFOUR"); + put("KeyGenerator.RC2", + "com.sun.crypto.provider.KeyGeneratorCore$" + + "RC2KeyGenerator"); + put("KeyGenerator.ARCFOUR", + "com.sun.crypto.provider.KeyGeneratorCore$" + + "ARCFOURKeyGenerator"); + put("Alg.Alias.KeyGenerator.RC4", "ARCFOUR"); - put("KeyGenerator.HmacMD5", - "com.sun.crypto.provider.HmacMD5KeyGenerator"); + put("KeyGenerator.HmacMD5", + "com.sun.crypto.provider.HmacMD5KeyGenerator"); - put("KeyGenerator.HmacSHA1", - "com.sun.crypto.provider.HmacSHA1KeyGenerator"); + put("KeyGenerator.HmacSHA1", + "com.sun.crypto.provider.HmacSHA1KeyGenerator"); - put("KeyGenerator.HmacSHA256", - "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA256KG"); - put("KeyGenerator.HmacSHA384", - "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA384KG"); - put("KeyGenerator.HmacSHA512", - "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA512KG"); + put("KeyGenerator.HmacSHA256", + "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA256KG"); + put("KeyGenerator.HmacSHA384", + "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA384KG"); + put("KeyGenerator.HmacSHA512", + "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA512KG"); - put("KeyPairGenerator.DiffieHellman", - "com.sun.crypto.provider.DHKeyPairGenerator"); - put("Alg.Alias.KeyPairGenerator.DH", "DiffieHellman"); - put("Alg.Alias.KeyPairGenerator.OID."+OID_PKCS3, - "DiffieHellman"); - put("Alg.Alias.KeyPairGenerator."+OID_PKCS3, - "DiffieHellman"); - /* - * Algorithm parameter generation engines - */ - put("AlgorithmParameterGenerator.DiffieHellman", - "com.sun.crypto.provider.DHParameterGenerator"); - put("Alg.Alias.AlgorithmParameterGenerator.DH", - "DiffieHellman"); - put("Alg.Alias.AlgorithmParameterGenerator.OID."+OID_PKCS3, - "DiffieHellman"); - put("Alg.Alias.AlgorithmParameterGenerator."+OID_PKCS3, - "DiffieHellman"); + put("KeyPairGenerator.DiffieHellman", + "com.sun.crypto.provider.DHKeyPairGenerator"); + put("Alg.Alias.KeyPairGenerator.DH", "DiffieHellman"); + put("Alg.Alias.KeyPairGenerator.OID."+OID_PKCS3, + "DiffieHellman"); + put("Alg.Alias.KeyPairGenerator."+OID_PKCS3, + "DiffieHellman"); + /* + * Algorithm parameter generation engines + */ + put("AlgorithmParameterGenerator.DiffieHellman", + "com.sun.crypto.provider.DHParameterGenerator"); + put("Alg.Alias.AlgorithmParameterGenerator.DH", + "DiffieHellman"); + put("Alg.Alias.AlgorithmParameterGenerator.OID."+OID_PKCS3, + "DiffieHellman"); + put("Alg.Alias.AlgorithmParameterGenerator."+OID_PKCS3, + "DiffieHellman"); - /* - * Key Agreement engines - */ - put("KeyAgreement.DiffieHellman", - "com.sun.crypto.provider.DHKeyAgreement"); - put("Alg.Alias.KeyAgreement.DH", "DiffieHellman"); - put("Alg.Alias.KeyAgreement.OID."+OID_PKCS3, "DiffieHellman"); - put("Alg.Alias.KeyAgreement."+OID_PKCS3, "DiffieHellman"); + /* + * Key Agreement engines + */ + put("KeyAgreement.DiffieHellman", + "com.sun.crypto.provider.DHKeyAgreement"); + put("Alg.Alias.KeyAgreement.DH", "DiffieHellman"); + put("Alg.Alias.KeyAgreement.OID."+OID_PKCS3, "DiffieHellman"); + put("Alg.Alias.KeyAgreement."+OID_PKCS3, "DiffieHellman"); - put("KeyAgreement.DiffieHellman SupportedKeyClasses", - "javax.crypto.interfaces.DHPublicKey" + - "|javax.crypto.interfaces.DHPrivateKey"); + put("KeyAgreement.DiffieHellman SupportedKeyClasses", + "javax.crypto.interfaces.DHPublicKey" + + "|javax.crypto.interfaces.DHPrivateKey"); - /* - * Algorithm Parameter engines - */ - put("AlgorithmParameters.DiffieHellman", - "com.sun.crypto.provider.DHParameters"); - put("Alg.Alias.AlgorithmParameters.DH", "DiffieHellman"); - put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS3, - "DiffieHellman"); - put("Alg.Alias.AlgorithmParameters."+OID_PKCS3, - "DiffieHellman"); + /* + * Algorithm Parameter engines + */ + put("AlgorithmParameters.DiffieHellman", + "com.sun.crypto.provider.DHParameters"); + put("Alg.Alias.AlgorithmParameters.DH", "DiffieHellman"); + put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS3, + "DiffieHellman"); + put("Alg.Alias.AlgorithmParameters."+OID_PKCS3, + "DiffieHellman"); - put("AlgorithmParameters.DES", - "com.sun.crypto.provider.DESParameters"); + put("AlgorithmParameters.DES", + "com.sun.crypto.provider.DESParameters"); - put("AlgorithmParameters.DESede", - "com.sun.crypto.provider.DESedeParameters"); - put("Alg.Alias.AlgorithmParameters.TripleDES", "DESede"); + put("AlgorithmParameters.DESede", + "com.sun.crypto.provider.DESedeParameters"); + put("Alg.Alias.AlgorithmParameters.TripleDES", "DESede"); - put("AlgorithmParameters.PBE", - "com.sun.crypto.provider.PBEParameters"); + put("AlgorithmParameters.PBE", + "com.sun.crypto.provider.PBEParameters"); - put("AlgorithmParameters.PBEWithMD5AndDES", - "com.sun.crypto.provider.PBEParameters"); - put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS5_MD5_DES, - "PBEWithMD5AndDES"); - put("Alg.Alias.AlgorithmParameters."+OID_PKCS5_MD5_DES, - "PBEWithMD5AndDES"); + put("AlgorithmParameters.PBEWithMD5AndDES", + "com.sun.crypto.provider.PBEParameters"); + put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS5_MD5_DES, + "PBEWithMD5AndDES"); + put("Alg.Alias.AlgorithmParameters."+OID_PKCS5_MD5_DES, + "PBEWithMD5AndDES"); - put("AlgorithmParameters.PBEWithMD5AndTripleDES", - "com.sun.crypto.provider.PBEParameters"); + put("AlgorithmParameters.PBEWithMD5AndTripleDES", + "com.sun.crypto.provider.PBEParameters"); - put("AlgorithmParameters.PBEWithSHA1AndDESede", - "com.sun.crypto.provider.PBEParameters"); - put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS12_DESede, - "PBEWithSHA1AndDESede"); - put("Alg.Alias.AlgorithmParameters."+OID_PKCS12_DESede, - "PBEWithSHA1AndDESede"); + put("AlgorithmParameters.PBEWithSHA1AndDESede", + "com.sun.crypto.provider.PBEParameters"); + put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS12_DESede, + "PBEWithSHA1AndDESede"); + put("Alg.Alias.AlgorithmParameters."+OID_PKCS12_DESede, + "PBEWithSHA1AndDESede"); - put("AlgorithmParameters.PBEWithSHA1AndRC2_40", - "com.sun.crypto.provider.PBEParameters"); - put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS12_RC2_40, - "PBEWithSHA1AndRC2_40"); - put("Alg.Alias.AlgorithmParameters." + OID_PKCS12_RC2_40, - "PBEWithSHA1AndRC2_40"); + put("AlgorithmParameters.PBEWithSHA1AndRC2_40", + "com.sun.crypto.provider.PBEParameters"); + put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS12_RC2_40, + "PBEWithSHA1AndRC2_40"); + put("Alg.Alias.AlgorithmParameters." + OID_PKCS12_RC2_40, + "PBEWithSHA1AndRC2_40"); - put("AlgorithmParameters.Blowfish", - "com.sun.crypto.provider.BlowfishParameters"); + put("AlgorithmParameters.Blowfish", + "com.sun.crypto.provider.BlowfishParameters"); - put("AlgorithmParameters.AES", - "com.sun.crypto.provider.AESParameters"); - put("Alg.Alias.AlgorithmParameters.Rijndael", "AES"); + put("AlgorithmParameters.AES", + "com.sun.crypto.provider.AESParameters"); + put("Alg.Alias.AlgorithmParameters.Rijndael", "AES"); - put("AlgorithmParameters.RC2", - "com.sun.crypto.provider.RC2Parameters"); + put("AlgorithmParameters.RC2", + "com.sun.crypto.provider.RC2Parameters"); - put("AlgorithmParameters.OAEP", - "com.sun.crypto.provider.OAEPParameters"); + put("AlgorithmParameters.OAEP", + "com.sun.crypto.provider.OAEPParameters"); - /* - * Key factories - */ - put("KeyFactory.DiffieHellman", - "com.sun.crypto.provider.DHKeyFactory"); - put("Alg.Alias.KeyFactory.DH", "DiffieHellman"); - put("Alg.Alias.KeyFactory.OID."+OID_PKCS3, - "DiffieHellman"); - put("Alg.Alias.KeyFactory."+OID_PKCS3, "DiffieHellman"); - /* - * Secret-key factories - */ - put("SecretKeyFactory.DES", - "com.sun.crypto.provider.DESKeyFactory"); + /* + * Key factories + */ + put("KeyFactory.DiffieHellman", + "com.sun.crypto.provider.DHKeyFactory"); + put("Alg.Alias.KeyFactory.DH", "DiffieHellman"); + put("Alg.Alias.KeyFactory.OID."+OID_PKCS3, + "DiffieHellman"); + put("Alg.Alias.KeyFactory."+OID_PKCS3, "DiffieHellman"); + /* + * Secret-key factories + */ + put("SecretKeyFactory.DES", + "com.sun.crypto.provider.DESKeyFactory"); - put("SecretKeyFactory.DESede", - "com.sun.crypto.provider.DESedeKeyFactory"); - put("Alg.Alias.SecretKeyFactory.TripleDES", "DESede"); + put("SecretKeyFactory.DESede", + "com.sun.crypto.provider.DESedeKeyFactory"); + put("Alg.Alias.SecretKeyFactory.TripleDES", "DESede"); - put("SecretKeyFactory.PBEWithMD5AndDES", - "com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndDES" - ); - put("Alg.Alias.SecretKeyFactory.OID."+OID_PKCS5_MD5_DES, - "PBEWithMD5AndDES"); - put("Alg.Alias.SecretKeyFactory."+OID_PKCS5_MD5_DES, - "PBEWithMD5AndDES"); + put("SecretKeyFactory.PBEWithMD5AndDES", + "com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndDES" + ); + put("Alg.Alias.SecretKeyFactory.OID."+OID_PKCS5_MD5_DES, + "PBEWithMD5AndDES"); + put("Alg.Alias.SecretKeyFactory."+OID_PKCS5_MD5_DES, + "PBEWithMD5AndDES"); - put("Alg.Alias.SecretKeyFactory.PBE", - "PBEWithMD5AndDES"); + put("Alg.Alias.SecretKeyFactory.PBE", + "PBEWithMD5AndDES"); - /* - * Internal in-house crypto algorithm used for - * the JCEKS keystore type. Since this was developed - * internally, there isn't an OID corresponding to this - * algorithm. - */ - put("SecretKeyFactory.PBEWithMD5AndTripleDES", - "com.sun.crypto.provider.PBEKeyFactory$" + - "PBEWithMD5AndTripleDES" - ); + /* + * Internal in-house crypto algorithm used for + * the JCEKS keystore type. Since this was developed + * internally, there isn't an OID corresponding to this + * algorithm. + */ + put("SecretKeyFactory.PBEWithMD5AndTripleDES", + "com.sun.crypto.provider.PBEKeyFactory$" + + "PBEWithMD5AndTripleDES" + ); - put("SecretKeyFactory.PBEWithSHA1AndDESede", - "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndDESede" - ); - put("Alg.Alias.SecretKeyFactory.OID."+OID_PKCS12_DESede, - "PBEWithSHA1AndDESede"); - put("Alg.Alias.SecretKeyFactory." + OID_PKCS12_DESede, - "PBEWithSHA1AndDESede"); + put("SecretKeyFactory.PBEWithSHA1AndDESede", + "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndDESede" + ); + put("Alg.Alias.SecretKeyFactory.OID."+OID_PKCS12_DESede, + "PBEWithSHA1AndDESede"); + put("Alg.Alias.SecretKeyFactory." + OID_PKCS12_DESede, + "PBEWithSHA1AndDESede"); - put("SecretKeyFactory.PBEWithSHA1AndRC2_40", - "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_40" - ); - put("Alg.Alias.SecretKeyFactory.OID." + OID_PKCS12_RC2_40, - "PBEWithSHA1AndRC2_40"); - put("Alg.Alias.SecretKeyFactory." + OID_PKCS12_RC2_40, - "PBEWithSHA1AndRC2_40"); + put("SecretKeyFactory.PBEWithSHA1AndRC2_40", + "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_40" + ); + put("Alg.Alias.SecretKeyFactory.OID." + OID_PKCS12_RC2_40, + "PBEWithSHA1AndRC2_40"); + put("Alg.Alias.SecretKeyFactory." + OID_PKCS12_RC2_40, + "PBEWithSHA1AndRC2_40"); - put("SecretKeyFactory.PBKDF2WithHmacSHA1", - "com.sun.crypto.provider.PBKDF2HmacSHA1Factory"); - put("Alg.Alias.SecretKeyFactory.OID." + OID_PKCS5_PBKDF2, - "PBKDF2WithHmacSHA1"); - put("Alg.Alias.SecretKeyFactory." + OID_PKCS5_PBKDF2, - "PBKDF2WithHmacSHA1"); + put("SecretKeyFactory.PBKDF2WithHmacSHA1", + "com.sun.crypto.provider.PBKDF2HmacSHA1Factory"); + put("Alg.Alias.SecretKeyFactory.OID." + OID_PKCS5_PBKDF2, + "PBKDF2WithHmacSHA1"); + put("Alg.Alias.SecretKeyFactory." + OID_PKCS5_PBKDF2, + "PBKDF2WithHmacSHA1"); - /* - * MAC - */ - put("Mac.HmacMD5", "com.sun.crypto.provider.HmacMD5"); - put("Mac.HmacSHA1", "com.sun.crypto.provider.HmacSHA1"); - put("Mac.HmacSHA256", - "com.sun.crypto.provider.HmacCore$HmacSHA256"); - put("Mac.HmacSHA384", - "com.sun.crypto.provider.HmacCore$HmacSHA384"); - put("Mac.HmacSHA512", - "com.sun.crypto.provider.HmacCore$HmacSHA512"); - put("Mac.HmacPBESHA1", - "com.sun.crypto.provider.HmacPKCS12PBESHA1"); + /* + * MAC + */ + put("Mac.HmacMD5", "com.sun.crypto.provider.HmacMD5"); + put("Mac.HmacSHA1", "com.sun.crypto.provider.HmacSHA1"); + put("Mac.HmacSHA256", + "com.sun.crypto.provider.HmacCore$HmacSHA256"); + put("Mac.HmacSHA384", + "com.sun.crypto.provider.HmacCore$HmacSHA384"); + put("Mac.HmacSHA512", + "com.sun.crypto.provider.HmacCore$HmacSHA512"); + put("Mac.HmacPBESHA1", + "com.sun.crypto.provider.HmacPKCS12PBESHA1"); - put("Mac.SslMacMD5", - "com.sun.crypto.provider.SslMacCore$SslMacMD5"); - put("Mac.SslMacSHA1", - "com.sun.crypto.provider.SslMacCore$SslMacSHA1"); + put("Mac.SslMacMD5", + "com.sun.crypto.provider.SslMacCore$SslMacMD5"); + put("Mac.SslMacSHA1", + "com.sun.crypto.provider.SslMacCore$SslMacSHA1"); - put("Mac.HmacMD5 SupportedKeyFormats", "RAW"); - put("Mac.HmacSHA1 SupportedKeyFormats", "RAW"); - put("Mac.HmacSHA256 SupportedKeyFormats", "RAW"); - put("Mac.HmacSHA384 SupportedKeyFormats", "RAW"); - put("Mac.HmacSHA512 SupportedKeyFormats", "RAW"); - put("Mac.HmacPBESHA1 SupportedKeyFormats", "RAW"); - put("Mac.SslMacMD5 SupportedKeyFormats", "RAW"); - put("Mac.SslMacSHA1 SupportedKeyFormats", "RAW"); + put("Mac.HmacMD5 SupportedKeyFormats", "RAW"); + put("Mac.HmacSHA1 SupportedKeyFormats", "RAW"); + put("Mac.HmacSHA256 SupportedKeyFormats", "RAW"); + put("Mac.HmacSHA384 SupportedKeyFormats", "RAW"); + put("Mac.HmacSHA512 SupportedKeyFormats", "RAW"); + put("Mac.HmacPBESHA1 SupportedKeyFormats", "RAW"); + put("Mac.SslMacMD5 SupportedKeyFormats", "RAW"); + put("Mac.SslMacSHA1 SupportedKeyFormats", "RAW"); - /* - * KeyStore - */ - put("KeyStore.JCEKS", "com.sun.crypto.provider.JceKeyStore"); + /* + * KeyStore + */ + put("KeyStore.JCEKS", "com.sun.crypto.provider.JceKeyStore"); - /* - * SSL/TLS mechanisms - * - * These are strictly internal implementations and may - * be changed at any time. These names were chosen - * because PKCS11/SunPKCS11 does not yet have TLS1.2 - * mechanisms, and it will cause calls to come here. - */ - put("KeyGenerator.SunTlsPrf", - "com.sun.crypto.provider.TlsPrfGenerator$V10"); - put("KeyGenerator.SunTls12Prf", - "com.sun.crypto.provider.TlsPrfGenerator$V12"); + /* + * SSL/TLS mechanisms + * + * These are strictly internal implementations and may + * be changed at any time. These names were chosen + * because PKCS11/SunPKCS11 does not yet have TLS1.2 + * mechanisms, and it will cause calls to come here. + */ + put("KeyGenerator.SunTlsPrf", + "com.sun.crypto.provider.TlsPrfGenerator$V10"); + put("KeyGenerator.SunTls12Prf", + "com.sun.crypto.provider.TlsPrfGenerator$V12"); - put("KeyGenerator.SunTlsMasterSecret", - "com.sun.crypto.provider.TlsMasterSecretGenerator"); - put("Alg.Alias.KeyGenerator.SunTls12MasterSecret", - "SunTlsMasterSecret"); + put("KeyGenerator.SunTlsMasterSecret", + "com.sun.crypto.provider.TlsMasterSecretGenerator"); + put("Alg.Alias.KeyGenerator.SunTls12MasterSecret", + "SunTlsMasterSecret"); - put("KeyGenerator.SunTlsKeyMaterial", - "com.sun.crypto.provider.TlsKeyMaterialGenerator"); - put("Alg.Alias.KeyGenerator.SunTls12KeyMaterial", - "SunTlsKeyMaterial"); + put("KeyGenerator.SunTlsKeyMaterial", + "com.sun.crypto.provider.TlsKeyMaterialGenerator"); + put("Alg.Alias.KeyGenerator.SunTls12KeyMaterial", + "SunTlsKeyMaterial"); - put("KeyGenerator.SunTlsRsaPremasterSecret", - "com.sun.crypto.provider.TlsRsaPremasterSecretGenerator"); - put("Alg.Alias.KeyGenerator.SunTls12RsaPremasterSecret", - "SunTlsRsaPremasterSecret"); + put("KeyGenerator.SunTlsRsaPremasterSecret", + "com.sun.crypto.provider.TlsRsaPremasterSecretGenerator"); + put("Alg.Alias.KeyGenerator.SunTls12RsaPremasterSecret", + "SunTlsRsaPremasterSecret"); - return null; - } - }); + return null; + } + }); } }
--- a/jdk/src/share/classes/com/sun/crypto/provider/TlsKeyMaterialGenerator.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/TlsKeyMaterialGenerator.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -31,7 +31,6 @@ import javax.crypto.*; import javax.crypto.spec.*; -import sun.security.internal.interfaces.TlsMasterSecret; import sun.security.internal.spec.*; import static com.sun.crypto.provider.TlsPrfGenerator.*;
--- a/jdk/src/share/classes/com/sun/crypto/provider/TlsMasterSecretGenerator.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/TlsMasterSecretGenerator.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -140,6 +140,7 @@ } private static final class TlsMasterSecretKey implements TlsMasterSecret { + private static final long serialVersionUID = 1019571680375368880L; private byte[] key; private final int majorVersion, minorVersion;
--- a/jdk/src/share/classes/com/sun/security/auth/PolicyFile.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/auth/PolicyFile.java Mon Aug 15 11:48:20 2011 -0700 @@ -26,13 +26,10 @@ package com.sun.security.auth; import java.io.*; -import java.lang.RuntimePermission; import java.lang.reflect.*; -import java.net.MalformedURLException; import java.net.URL; import java.util.*; -import java.security.AccessController; import java.security.CodeSource; import java.security.KeyStore; import java.security.KeyStoreException; @@ -260,7 +257,7 @@ private static final String AUTH_POLICY_URL = "auth.policy.url."; private Vector<PolicyEntry> policyEntries; - private Hashtable aliasMapping; + private Hashtable<Object, Object> aliasMapping; private boolean initialized = false; @@ -293,7 +290,7 @@ return; policyEntries = new Vector<PolicyEntry>(); - aliasMapping = new Hashtable(11); + aliasMapping = new Hashtable<Object, Object>(11); initPolicyFile(); initialized = true; @@ -403,7 +400,7 @@ } try { extra_policy = PropertyExpander.expand(extra_policy); - URL policyURL;; + URL policyURL; File policyFile = new File(extra_policy); if (policyFile.exists()) { policyURL = @@ -702,8 +699,8 @@ InvocationTargetException { //XXX we might want to keep a hash of created factories... - Class pc = Class.forName(type); - Constructor c = pc.getConstructor(PARAMS); + Class<?> pc = Class.forName(type); + Constructor<?> c = pc.getConstructor(PARAMS); return (Permission) c.newInstance(new Object[] { name, actions }); } @@ -1088,16 +1085,20 @@ // because the earlier CodeSource.implies succeeded SubjectCodeSource scs = (SubjectCodeSource)accCs; - Set<Principal> principalSet = null; + Set<? extends Principal> principalSet = null; try { - Class pClass = Class.forName(principal.principalClass, false, - ClassLoader.getSystemClassLoader()); + // principal.principalClass should extend Principal + // If it doesn't, we should stop here with a ClassCastException. + @SuppressWarnings("unchecked") + Class<? extends Principal> pClass = (Class<? extends Principal>) + Class.forName(principal.principalClass, false, + ClassLoader.getSystemClassLoader()); principalSet = scs.getSubject().getPrincipals(pClass); } catch (Exception e) { if (debug != null) { debug.println("problem finding Principal Class " + - "when expanding SELF permission: " + - e.toString()); + "when expanding SELF permission: " + + e.toString()); } } @@ -1107,11 +1108,9 @@ } String[][] info = new String[principalSet.size()][2]; - java.util.Iterator<Principal> pIterator = principalSet.iterator(); int i = 0; - while (pIterator.hasNext()) { - Principal p = pIterator.next(); + for (Principal p : principalSet) { info[i][0] = p.getClass().getName(); info[i][1] = p.getName(); i++;
--- a/jdk/src/share/classes/com/sun/security/auth/SubjectCodeSource.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/auth/SubjectCodeSource.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -205,10 +205,9 @@ // handle PrincipalComparators - Class principalComparator = Class.forName(pppe.principalClass, - true, - sysClassLoader); - Constructor c = principalComparator.getConstructor(PARAMS); + Class<?> principalComparator = Class.forName( + pppe.principalClass, true, sysClassLoader); + Constructor<?> c = principalComparator.getConstructor(PARAMS); PrincipalComparator pc = (PrincipalComparator)c.newInstance (new Object[] { pppe.principalName });
--- a/jdk/src/share/classes/com/sun/security/auth/module/JndiLoginModule.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/auth/module/JndiLoginModule.java Mon Aug 15 11:48:20 2011 -0700 @@ -32,16 +32,13 @@ import javax.naming.*; import javax.naming.directory.*; -import java.io.IOException; import java.util.Map; import java.util.LinkedList; -import java.util.ResourceBundle; import com.sun.security.auth.UnixPrincipal; import com.sun.security.auth.UnixNumericUserPrincipal; import com.sun.security.auth.UnixNumericGroupPrincipal; -import sun.security.util.AuthResources; /** * <p> The module prompts for a username and password @@ -189,7 +186,7 @@ // initial state private Subject subject; private CallbackHandler callbackHandler; - private Map sharedState; + private Map<String, Object> sharedState; private Map<String, ?> options; private static final String CRYPT = "{crypt}"; @@ -217,13 +214,18 @@ * <code>Configuration</code> for this particular * <code>LoginModule</code>. */ + // Unchecked warning from (Map<String, Object>)sharedState is safe + // since javax.security.auth.login.LoginContext passes a raw HashMap. + // Unchecked warnings from options.get(String) are safe since we are + // passing known keys. + @SuppressWarnings("unchecked") public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, Map<String,?> options) { this.subject = subject; this.callbackHandler = callbackHandler; - this.sharedState = sharedState; + this.sharedState = (Map<String, Object>)sharedState; this.options = options; // initialize any configured options
--- a/jdk/src/share/classes/com/sun/security/auth/module/KeyStoreLoginModule.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/auth/module/KeyStoreLoginModule.java Mon Aug 15 11:48:20 2011 -0700 @@ -25,11 +25,9 @@ package com.sun.security.auth.module; -import javax.security.auth.x500.X500Principal; import java.io.File; import java.io.IOException; import java.io.InputStream; -import java.io.PushbackInputStream; import java.net.MalformedURLException; import java.net.URL; import java.security.AuthProvider; @@ -39,7 +37,6 @@ import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; -import java.security.Principal; import java.security.PrivateKey; import java.security.Provider; import java.security.UnrecoverableKeyException; @@ -49,13 +46,10 @@ import java.util.Iterator; import java.util.LinkedList; import java.util.Map; -import java.util.ResourceBundle; import javax.security.auth.Destroyable; import javax.security.auth.DestroyFailedException; import javax.security.auth.Subject; import javax.security.auth.x500.*; -import javax.security.auth.Subject; -import javax.security.auth.x500.*; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.ConfirmationCallback; @@ -67,7 +61,6 @@ import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; -import sun.security.util.AuthResources; import sun.security.util.Password; /** @@ -159,7 +152,7 @@ private Subject subject; private CallbackHandler callbackHandler; - private Map sharedState; + private Map<String, Object> sharedState; private Map<String, ?> options; private char[] keyStorePassword; @@ -202,7 +195,9 @@ * <code>Configuration</code> for this particular * <code>LoginModule</code>. */ - + // Unchecked warning from (Map<String, Object>)sharedState is safe + // since javax.security.auth.login.LoginContext passes a raw HashMap. + @SuppressWarnings("unchecked") public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String,?> sharedState, @@ -210,7 +205,7 @@ { this.subject = subject; this.callbackHandler = callbackHandler; - this.sharedState = sharedState; + this.sharedState = (Map<String, Object>)sharedState; this.options = options; processOptions(); @@ -337,6 +332,7 @@ } /** Get the alias and passwords to use for looking up in the KeyStore. */ + @SuppressWarnings("fallthrough") private void getAliasAndPasswords(int env) throws LoginException { if (callbackHandler == null) {
--- a/jdk/src/share/classes/com/sun/security/auth/module/Krb5LoginModule.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/auth/module/Krb5LoginModule.java Mon Aug 15 11:48:20 2011 -0700 @@ -367,7 +367,7 @@ // initial state private Subject subject; private CallbackHandler callbackHandler; - private Map sharedState; + private Map<String, Object> sharedState; private Map<String, ?> options; // configurable option @@ -432,7 +432,11 @@ * <code>Configuration</code> for this particular * <code>LoginModule</code>. */ - + // Unchecked warning from (Map<String, Object>)sharedState is safe + // since javax.security.auth.login.LoginContext passes a raw HashMap. + // Unchecked warnings from options.get(String) are safe since we are + // passing known keys. + @SuppressWarnings("unchecked") public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, @@ -440,7 +444,7 @@ this.subject = subject; this.callbackHandler = callbackHandler; - this.sharedState = sharedState; + this.sharedState = (Map<String, Object>)sharedState; this.options = options; // initialize any configured options
--- a/jdk/src/share/classes/com/sun/security/auth/module/LdapLoginModule.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/auth/module/LdapLoginModule.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,14 +25,12 @@ package com.sun.security.auth.module; -import java.io.IOException; import java.security.AccessController; import java.net.SocketPermission; import java.security.Principal; import java.security.PrivilegedAction; import java.util.Arrays; import java.util.Hashtable; -import java.util.Iterator; import java.util.Map; import java.util.ResourceBundle; import java.util.regex.Matcher; @@ -50,7 +48,6 @@ import com.sun.security.auth.LdapPrincipal; import com.sun.security.auth.UserPrincipal; -import sun.security.util.AuthResources; /** * This {@link LoginModule} performs LDAP-based authentication. @@ -366,12 +363,12 @@ // Initial state private Subject subject; private CallbackHandler callbackHandler; - private Map sharedState; + private Map<String, Object> sharedState; private Map<String, ?> options; private LdapContext ctx; private Matcher identityMatcher = null; private Matcher filterMatcher = null; - private Hashtable ldapEnvironment; + private Hashtable<String, Object> ldapEnvironment; private SearchControls constraints = null; /** @@ -385,15 +382,18 @@ * <code>Configuration</code> for this particular * <code>LoginModule</code>. */ + // Unchecked warning from (Map<String, Object>)sharedState is safe + // since javax.security.auth.login.LoginContext passes a raw HashMap. + @SuppressWarnings("unchecked") public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) { this.subject = subject; this.callbackHandler = callbackHandler; - this.sharedState = sharedState; + this.sharedState = (Map<String, Object>)sharedState; this.options = options; - ldapEnvironment = new Hashtable(9); + ldapEnvironment = new Hashtable<String, Object>(9); ldapEnvironment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
--- a/jdk/src/share/classes/com/sun/security/jgss/InquireSecContextPermission.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/jgss/InquireSecContextPermission.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -36,6 +36,7 @@ * <p>The target name is the {@link InquireType} allowed. */ public final class InquireSecContextPermission extends BasicPermission { + private static final long serialVersionUID = -7131173349668647297L; /** * Constructs a new {@code InquireSecContextPermission} object with
--- a/jdk/src/share/classes/com/sun/security/ntlm/NTLMException.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/ntlm/NTLMException.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -31,6 +31,7 @@ * An NTLM-related Exception */ public final class NTLMException extends GeneralSecurityException { + private static final long serialVersionUID = -3298539507906689430L; /** * If the incoming packet is invalid.
--- a/jdk/src/share/classes/com/sun/security/sasl/CramMD5Server.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/sasl/CramMD5Server.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -33,7 +33,6 @@ import java.io.UnsupportedEncodingException; import java.security.NoSuchAlgorithmException; -import java.util.logging.Logger; import java.util.logging.Level; /** @@ -68,7 +67,7 @@ * @param pw A non-null String or byte[] * containing the password. If it is an array, it is first cloned. */ - CramMD5Server(String protocol, String serverFqdn, Map props, + CramMD5Server(String protocol, String serverFqdn, Map<String, ?> props, CallbackHandler cbh) throws SaslException { if (serverFqdn == null) { throw new SaslException(
--- a/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Base.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Base.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -28,21 +28,15 @@ import java.util.Map; import java.util.Arrays; import java.util.List; -import java.util.Set; -import java.util.logging.Logger; import java.util.logging.Level; import java.math.BigInteger; import java.util.Random; -import java.security.Provider; -import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.UnsupportedEncodingException; import java.io.IOException; import java.security.MessageDigest; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.security.NoSuchAlgorithmException; import java.security.InvalidKeyException; import java.security.spec.KeySpec; @@ -53,7 +47,6 @@ import javax.crypto.SecretKey; import javax.crypto.Mac; import javax.crypto.SecretKeyFactory; -import javax.crypto.BadPaddingException; import javax.crypto.NoSuchPaddingException; import javax.crypto.IllegalBlockSizeException; import javax.crypto.spec.IvParameterSpec; @@ -175,8 +168,9 @@ * * @throws SaslException If invalid value found in props. */ - protected DigestMD5Base(Map props, String className, int firstStep, - String digestUri, CallbackHandler cbh) throws SaslException { + protected DigestMD5Base(Map<String, ?> props, String className, + int firstStep, String digestUri, CallbackHandler cbh) + throws SaslException { super(props, className); // sets QOP, STENGTH and BUFFER_SIZE step = firstStep; @@ -791,7 +785,7 @@ } } else if (realmChoices != null && i == realmIndex) { // > 1 realm specified - if (realmChoices.size() == 0) { + if (realmChoices.isEmpty()) { realmChoices.add(valueTable[i]); // add existing one } realmChoices.add(value); // add new one @@ -1585,47 +1579,45 @@ KeySpec spec = null; SecretKeyFactory desFactory = SecretKeyFactory.getInstance(desStrength); - - if (desStrength.equals("des")) { - spec = new DESKeySpec(subkey1, 0); - if (logger.isLoggable(Level.FINEST)) { - traceOutput(DP_CLASS_NAME, "makeDesKeys", - "DIGEST42:DES key input: ", input); - traceOutput(DP_CLASS_NAME, "makeDesKeys", - "DIGEST43:DES key parity-adjusted: ", subkey1); - traceOutput(DP_CLASS_NAME, "makeDesKeys", - "DIGEST44:DES key material: ", ((DESKeySpec)spec).getKey()); - logger.log(Level.FINEST, "DIGEST45: is parity-adjusted? {0}", - Boolean.valueOf(DESKeySpec.isParityAdjusted(subkey1, 0))); - } - - } else if (desStrength.equals("desede")) { - - // Generate second subkey using second 7 bytes - byte[] subkey2 = addDesParity(input, 7, 7); - - // Construct 24-byte encryption-decryption-encryption sequence - byte[] ede = new byte[subkey1.length*2+subkey2.length]; - System.arraycopy(subkey1, 0, ede, 0, subkey1.length); - System.arraycopy(subkey2, 0, ede, subkey1.length, subkey2.length); - System.arraycopy(subkey1, 0, ede, subkey1.length+subkey2.length, - subkey1.length); - - spec = new DESedeKeySpec(ede, 0); - if (logger.isLoggable(Level.FINEST)) { - traceOutput(DP_CLASS_NAME, "makeDesKeys", - "DIGEST46:3DES key input: ", input); - traceOutput(DP_CLASS_NAME, "makeDesKeys", - "DIGEST47:3DES key ede: ", ede); - traceOutput(DP_CLASS_NAME, "makeDesKeys", - "DIGEST48:3DES key material: ", - ((DESedeKeySpec)spec).getKey()); - logger.log(Level.FINEST, "DIGEST49: is parity-adjusted? ", - Boolean.valueOf(DESedeKeySpec.isParityAdjusted(ede, 0))); - } - } else { - throw new IllegalArgumentException("Invalid DES strength:" + - desStrength); + switch (desStrength) { + case "des": + spec = new DESKeySpec(subkey1, 0); + if (logger.isLoggable(Level.FINEST)) { + traceOutput(DP_CLASS_NAME, "makeDesKeys", + "DIGEST42:DES key input: ", input); + traceOutput(DP_CLASS_NAME, "makeDesKeys", + "DIGEST43:DES key parity-adjusted: ", subkey1); + traceOutput(DP_CLASS_NAME, "makeDesKeys", + "DIGEST44:DES key material: ", ((DESKeySpec)spec).getKey()); + logger.log(Level.FINEST, "DIGEST45: is parity-adjusted? {0}", + Boolean.valueOf(DESKeySpec.isParityAdjusted(subkey1, 0))); + } + break; + case "desede": + // Generate second subkey using second 7 bytes + byte[] subkey2 = addDesParity(input, 7, 7); + // Construct 24-byte encryption-decryption-encryption sequence + byte[] ede = new byte[subkey1.length*2+subkey2.length]; + System.arraycopy(subkey1, 0, ede, 0, subkey1.length); + System.arraycopy(subkey2, 0, ede, subkey1.length, subkey2.length); + System.arraycopy(subkey1, 0, ede, subkey1.length+subkey2.length, + subkey1.length); + spec = new DESedeKeySpec(ede, 0); + if (logger.isLoggable(Level.FINEST)) { + traceOutput(DP_CLASS_NAME, "makeDesKeys", + "DIGEST46:3DES key input: ", input); + traceOutput(DP_CLASS_NAME, "makeDesKeys", + "DIGEST47:3DES key ede: ", ede); + traceOutput(DP_CLASS_NAME, "makeDesKeys", + "DIGEST48:3DES key material: ", + ((DESedeKeySpec)spec).getKey()); + logger.log(Level.FINEST, "DIGEST49: is parity-adjusted? ", + Boolean.valueOf(DESedeKeySpec.isParityAdjusted(ede, 0))); + } + break; + default: + throw new IllegalArgumentException("Invalid DES strength:" + + desStrength); } return desFactory.generateSecret(spec); }
--- a/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Client.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Client.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,21 +25,16 @@ package com.sun.security.sasl.digest; -import java.security.AccessController; -import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.io.ByteArrayOutputStream; -import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.UnsupportedEncodingException; import java.util.StringTokenizer; import java.util.ArrayList; import java.util.List; import java.util.Map; -import java.util.Set; import java.util.Arrays; -import java.util.logging.Logger; import java.util.logging.Level; import javax.security.sasl.*; @@ -153,7 +148,7 @@ * @throws SaslException if no authentication ID or password is supplied */ DigestMD5Client(String authzid, String protocol, String serverName, - Map props, CallbackHandler cbh) throws SaslException { + Map<String, ?> props, CallbackHandler cbh) throws SaslException { super(props, MY_CLASS_NAME, 2, protocol + "/" + serverName, cbh);
--- a/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Server.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/sasl/digest/DigestMD5Server.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,23 +25,16 @@ package com.sun.security.sasl.digest; -import java.security.AccessController; -import java.security.Provider; -import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.io.ByteArrayOutputStream; -import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.UnsupportedEncodingException; -import java.util.Random; import java.util.StringTokenizer; import java.util.ArrayList; import java.util.List; import java.util.Map; -import java.util.Set; import java.util.Arrays; -import java.util.logging.Logger; import java.util.logging.Level; import javax.security.sasl.*; @@ -147,7 +140,7 @@ private byte[] myCiphers; private List<String> serverRealms; - DigestMD5Server(String protocol, String serverName, Map props, + DigestMD5Server(String protocol, String serverName, Map<String, ?> props, CallbackHandler cbh) throws SaslException { super(props, MY_CLASS_NAME, 1, protocol + "/" + serverName, cbh); @@ -179,7 +172,7 @@ encoding = (useUTF8 ? "UTF8" : "8859_1"); // By default, use server name as realm - if (serverRealms.size() == 0) { + if (serverRealms.isEmpty()) { serverRealms.add(serverName); } } @@ -468,19 +461,23 @@ // Check that QOP is one sent by server byte cQop; - if (negotiatedQop.equals("auth")) { - cQop = NO_PROTECTION; - } else if (negotiatedQop.equals("auth-int")) { - cQop = INTEGRITY_ONLY_PROTECTION; - integrity = true; - rawSendSize = sendMaxBufSize - 16; - } else if (negotiatedQop.equals("auth-conf")) { - cQop = PRIVACY_PROTECTION; - integrity = privacy = true; - rawSendSize = sendMaxBufSize - 26; - } else { - throw new SaslException("DIGEST-MD5: digest response format " + - "violation. Invalid QOP: " + negotiatedQop); + switch (negotiatedQop) { + case "auth": + cQop = NO_PROTECTION; + break; + case "auth-int": + cQop = INTEGRITY_ONLY_PROTECTION; + integrity = true; + rawSendSize = sendMaxBufSize - 16; + break; + case "auth-conf": + cQop = PRIVACY_PROTECTION; + integrity = privacy = true; + rawSendSize = sendMaxBufSize - 26; + break; + default: + throw new SaslException("DIGEST-MD5: digest response format " + + "violation. Invalid QOP: " + negotiatedQop); } if ((cQop&allQop) == 0) { throw new SaslException("DIGEST-MD5: server does not support " +
--- a/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,9 +26,7 @@ package com.sun.security.sasl.gsskerb; -import java.io.IOException; import java.util.Map; -import java.util.logging.Logger; import java.util.logging.Level; import javax.security.sasl.*; import com.sun.security.sasl.util.AbstractSaslImpl; @@ -50,7 +48,8 @@ protected MessageProp msgProp; // QOP and privacy for unwrap protected static final int JGSS_QOP = 0; // unrelated to SASL QOP mask - protected GssKrb5Base(Map props, String className) throws SaslException { + protected GssKrb5Base(Map<String, ?> props, String className) + throws SaslException { super(props, className); }
--- a/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Client.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Client.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,7 +27,6 @@ import java.io.IOException; import java.util.Map; -import java.util.logging.Logger; import java.util.logging.Level; import javax.security.sasl.*; @@ -93,7 +92,7 @@ * with the server. */ GssKrb5Client(String authzID, String protocol, String serverName, - Map props, CallbackHandler cbh) throws SaslException { + Map<String, ?> props, CallbackHandler cbh) throws SaslException { super(props, MY_CLASS_NAME);
--- a/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Server.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Server.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -28,7 +28,6 @@ import javax.security.sasl.*; import java.io.*; import java.util.Map; -import java.util.logging.Logger; import java.util.logging.Level; // JAAS @@ -77,7 +76,7 @@ * with the client. */ GssKrb5Server(String protocol, String serverName, - Map props, CallbackHandler cbh) throws SaslException { + Map<String, ?> props, CallbackHandler cbh) throws SaslException { super(props, MY_CLASS_NAME);
--- a/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMClient.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMClient.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -111,7 +111,7 @@ * @throws SaslException */ NTLMClient(String mech, String authzid, String protocol, String serverName, - Map props, CallbackHandler cbh) throws SaslException { + Map<String, ?> props, CallbackHandler cbh) throws SaslException { this.mech = mech; String version = null; @@ -194,12 +194,13 @@ @Override public Object getNegotiatedProperty(String propName) { - if (propName.equals(Sasl.QOP)) { - return "auth"; - } else if (propName.equals(NTLM_DOMAIN)) { - return client.getDomain(); - } else { - return null; + switch (propName) { + case Sasl.QOP: + return "auth"; + case NTLM_DOMAIN: + return client.getDomain(); + default: + return null; } }
--- a/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMServer.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMServer.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -110,7 +110,8 @@ * @throws SaslException */ NTLMServer(String mech, String protocol, String serverName, - Map props, final CallbackHandler cbh) throws SaslException { + Map<String, ?> props, final CallbackHandler cbh) + throws SaslException { this.mech = mech; String version = null; @@ -210,12 +211,13 @@ @Override public Object getNegotiatedProperty(String propName) { - if (propName.equals(Sasl.QOP)) { - return "auth"; - } else if (propName.equals(NTLM_HOSTNAME)) { - return hostname; - } else { - return null; + switch (propName) { + case Sasl.QOP: + return "auth"; + case NTLM_HOSTNAME: + return hostname; + default: + return null; } }
--- a/jdk/src/share/classes/com/sun/security/sasl/util/AbstractSaslImpl.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/sasl/util/AbstractSaslImpl.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,8 +29,6 @@ import java.io.*; import java.util.Map; import java.util.StringTokenizer; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.util.logging.Logger; import java.util.logging.Level; @@ -63,7 +61,8 @@ protected String myClassName; - protected AbstractSaslImpl(Map props, String className) throws SaslException { + protected AbstractSaslImpl(Map<String, ?> props, String className) + throws SaslException { myClassName = className; // Parse properties to set desired context options @@ -156,23 +155,23 @@ if (!completed) { throw new IllegalStateException("SASL authentication not completed"); } - - if (propName.equals(Sasl.QOP)) { - if (privacy) { - return "auth-conf"; - } else if (integrity) { - return "auth-int"; - } else { - return "auth"; - } - } else if (propName.equals(Sasl.MAX_BUFFER)) { - return Integer.toString(recvMaxBufSize); - } else if (propName.equals(Sasl.RAW_SEND_SIZE)) { - return Integer.toString(rawSendSize); - } else if (propName.equals(MAX_SEND_BUF)) { - return Integer.toString(sendMaxBufSize); - } else { - return null; + switch (propName) { + case Sasl.QOP: + if (privacy) { + return "auth-conf"; + } else if (integrity) { + return "auth-int"; + } else { + return "auth"; + } + case Sasl.MAX_BUFFER: + return Integer.toString(recvMaxBufSize); + case Sasl.RAW_SEND_SIZE: + return Integer.toString(rawSendSize); + case MAX_SEND_BUF: + return Integer.toString(sendMaxBufSize); + default: + return null; } }
--- a/jdk/src/share/classes/com/sun/security/sasl/util/PolicyUtils.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/com/sun/security/sasl/util/PolicyUtils.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -53,7 +53,7 @@ * @param props The security policy properties to check * @return true if passes; false if fails */ - public static boolean checkPolicy(int flags, Map props) { + public static boolean checkPolicy(int flags, Map<String, ?> props) { if (props == null) { return true; } @@ -93,7 +93,7 @@ * */ public static String[] filterMechs(String[] mechs, int[] policies, - Map props) { + Map<String, ?> props) { if (props == null) { return mechs.clone(); }
--- a/jdk/src/share/classes/java/security/AccessControlContext.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/java/security/AccessControlContext.java Mon Aug 15 11:48:20 2011 -0700 @@ -29,8 +29,6 @@ import java.util.List; import sun.security.util.Debug; import sun.security.util.SecurityConstants; -import sun.misc.JavaSecurityAccess; -import sun.misc.SharedSecrets; /** @@ -312,7 +310,7 @@ Debug.isOn("permission=" + perm.getClass().getCanonicalName()); if (dumpDebug && Debug.isOn("stack")) { - Thread.currentThread().dumpStack(); + Thread.dumpStack(); } if (dumpDebug && Debug.isOn("domain")) { @@ -353,7 +351,7 @@ if (!dumpDebug) { debug.println("access denied " + perm); } - Thread.currentThread().dumpStack(); + Thread.dumpStack(); final ProtectionDomain pd = context[i]; final Debug db = debug; AccessController.doPrivileged (new PrivilegedAction<Void>() { @@ -561,7 +559,7 @@ match = (that.context[j] == null); } } else { - Class thisPdClass = thisPd.getClass(); + Class<?> thisPdClass = thisPd.getClass(); ProtectionDomain thatPd; for (int j = 0; (j < that.context.length) && !match; j++) { thatPd = that.context[j];
--- a/jdk/src/share/classes/java/security/AccessController.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/java/security/AccessController.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -406,7 +406,7 @@ * callerClass[2] = AccessController.doPrivileged * callerClass[3] = caller */ - final Class callerClass = sun.reflect.Reflection.getCallerClass(3); + final Class<?> callerClass = sun.reflect.Reflection.getCallerClass(3); ProtectionDomain callerPd = doPrivileged (new PrivilegedAction<ProtectionDomain>() { public ProtectionDomain run() { @@ -538,7 +538,7 @@ } if (dumpDebug && Debug.isOn("stack")) { - Thread.currentThread().dumpStack(); + Thread.dumpStack(); } if (dumpDebug && Debug.isOn("domain")) {
--- a/jdk/src/share/classes/java/security/BasicPermission.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/java/security/BasicPermission.java Mon Aug 15 11:48:20 2011 -0700 @@ -25,7 +25,6 @@ package java.security; -import java.security.*; import java.util.Enumeration; import java.util.Map; import java.util.HashMap; @@ -333,14 +332,14 @@ * * @see #serialPersistentFields */ - private Class permClass; + private Class<?> permClass; /** * Create an empty BasicPermissionCollection object. * */ - public BasicPermissionCollection(Class clazz) { + public BasicPermissionCollection(Class<?> clazz) { perms = new HashMap<String, Permission>(11); all_allowed = false; permClass = clazz; @@ -542,6 +541,9 @@ ObjectInputStream.GetField gfields = in.readFields(); // Get permissions + // writeObject writes a Hashtable<String, Permission> for the + // permissions key, so this cast is safe, unless the data is corrupt. + @SuppressWarnings("unchecked") Hashtable<String, Permission> permissions = (Hashtable<String, Permission>)gfields.get("permissions", null); perms = new HashMap<String, Permission>(permissions.size()*2); @@ -551,7 +553,7 @@ all_allowed = gfields.get("all_allowed", false); // Get permClass - permClass = (Class) gfields.get("permClass", null); + permClass = (Class<?>) gfields.get("permClass", null); if (permClass == null) { // set permClass
--- a/jdk/src/share/classes/java/security/Permissions.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/java/security/Permissions.java Mon Aug 15 11:48:20 2011 -0700 @@ -31,7 +31,6 @@ import java.util.Map; import java.util.HashMap; import java.util.List; -import java.util.ArrayList; import java.util.Iterator; import java.util.Collections; import java.io.Serializable; @@ -238,7 +237,7 @@ */ private PermissionCollection getPermissionCollection(Permission p, boolean createEmpty) { - Class c = p.getClass(); + Class<?> c = p.getClass(); PermissionCollection pc = permsMap.get(c); @@ -390,6 +389,9 @@ allPermission = (PermissionCollection) gfields.get("allPermission", null); // Get permissions + // writeObject writes a Hashtable<Class<?>, PermissionCollection> for + // the perms key, so this cast is safe, unless the data is corrupt. + @SuppressWarnings("unchecked") Hashtable<Class<?>, PermissionCollection> perms = (Hashtable<Class<?>, PermissionCollection>)gfields.get("perms", null); permsMap = new HashMap<Class<?>, PermissionCollection>(perms.size()*2); @@ -590,6 +592,9 @@ ObjectInputStream.GetField gfields = in.readFields(); // Get permissions + // writeObject writes a Hashtable<Class<?>, PermissionCollection> for + // the perms key, so this cast is safe, unless the data is corrupt. + @SuppressWarnings("unchecked") Hashtable<Permission, Permission> perms = (Hashtable<Permission, Permission>)gfields.get("perms", null); permsMap = new HashMap<Permission, Permission>(perms.size()*2);
--- a/jdk/src/share/classes/java/security/Policy.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/java/security/Policy.java Mon Aug 15 11:48:20 2011 -0700 @@ -26,16 +26,7 @@ package java.security; -import java.io.*; -import java.lang.RuntimePermission; -import java.lang.reflect.*; -import java.net.MalformedURLException; -import java.net.URL; import java.util.Enumeration; -import java.util.Hashtable; -import java.util.PropertyPermission; -import java.util.StringTokenizer; -import java.util.Vector; import java.util.WeakHashMap; import sun.security.jca.GetInstance; import sun.security.util.Debug; @@ -786,6 +777,8 @@ private static class UnsupportedEmptyCollection extends PermissionCollection { + private static final long serialVersionUID = -8492269157353014774L; + private Permissions perms; /**
--- a/jdk/src/share/classes/java/security/ProtectionDomain.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/java/security/ProtectionDomain.java Mon Aug 15 11:48:20 2011 -0700 @@ -33,7 +33,6 @@ import java.util.WeakHashMap; import sun.misc.JavaSecurityProtectionDomainAccess; import static sun.misc.JavaSecurityProtectionDomainAccess.ProtectionDomainCache; -import sun.misc.SharedSecrets; import sun.security.util.Debug; import sun.security.util.SecurityConstants; import sun.misc.JavaSecurityAccess; @@ -403,7 +402,7 @@ e = permissions.elements(); // domain vs policy while (e.hasMoreElements()) { Permission pdp = e.nextElement(); - Class pdpClass = pdp.getClass(); + Class<?> pdpClass = pdp.getClass(); String pdpActions = pdp.getActions(); String pdpName = pdp.getName(); for (int i = 0; i < plVector.size(); i++) {
--- a/jdk/src/share/classes/java/security/Provider.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/java/security/Provider.java Mon Aug 15 11:48:20 2011 -0700 @@ -31,9 +31,6 @@ import java.lang.ref.*; import java.lang.reflect.*; -import java.security.cert.CertStoreParameters; -import javax.security.auth.login.Configuration; - /** * This class represents a "provider" for the * Java Security API, where a provider implements some or all parts of @@ -453,8 +450,8 @@ * Internal method to be called AFTER the security check has been * performed. */ - private void implPutAll(Map t) { - for (Map.Entry e : ((Map<?,?>)t).entrySet()) { + private void implPutAll(Map<?,?> t) { + for (Map.Entry<?,?> e : t.entrySet()) { implPut(e.getKey(), e.getValue()); } } @@ -562,9 +559,9 @@ * occur if the legacy properties are inconsistent or incomplete. */ private void removeInvalidServices(Map<ServiceKey,Service> map) { - for (Iterator t = map.entrySet().iterator(); t.hasNext(); ) { - Map.Entry entry = (Map.Entry)t.next(); - Service s = (Service)entry.getValue(); + for (Iterator<Map.Entry<ServiceKey, Service>> t = + map.entrySet().iterator(); t.hasNext(); ) { + Service s = t.next().getValue(); if (s.isValid() == false) { t.remove(); } @@ -918,15 +915,15 @@ final String name; final boolean supportsParameter; final String constructorParameterClassName; - private volatile Class constructorParameterClass; + private volatile Class<?> constructorParameterClass; EngineDescription(String name, boolean sp, String paramName) { this.name = name; this.supportsParameter = sp; this.constructorParameterClassName = paramName; } - Class getConstructorParameterClass() throws ClassNotFoundException { - Class clazz = constructorParameterClass; + Class<?> getConstructorParameterClass() throws ClassNotFoundException { + Class<?> clazz = constructorParameterClass; if (clazz == null) { clazz = Class.forName(constructorParameterClassName); constructorParameterClass = clazz; @@ -1038,7 +1035,7 @@ private Map<UString,String> attributes; // Reference to the cached implementation Class object - private volatile Reference<Class> classRef; + private volatile Reference<Class<?>> classRef; // flag indicating whether this service has its attributes for // supportedKeyFormats or supportedKeyClasses set @@ -1055,7 +1052,7 @@ // whether this service has been registered with the Provider private boolean registered; - private static final Class[] CLASS0 = new Class[0]; + private static final Class<?>[] CLASS0 = new Class<?>[0]; // this constructor and these methods are used for parsing // the legacy string properties. @@ -1234,12 +1231,12 @@ ("constructorParameter not used with " + type + " engines"); } - Class clazz = getImplClass(); + Class<?> clazz = getImplClass(); return clazz.newInstance(); } else { - Class paramClass = cap.getConstructorParameterClass(); + Class<?> paramClass = cap.getConstructorParameterClass(); if (constructorParameter != null) { - Class argClass = constructorParameter.getClass(); + Class<?> argClass = constructorParameter.getClass(); if (paramClass.isAssignableFrom(argClass) == false) { throw new InvalidParameterException ("constructorParameter must be instanceof " @@ -1247,8 +1244,8 @@ + " for engine type " + type); } } - Class clazz = getImplClass(); - Constructor cons = clazz.getConstructor(paramClass); + Class<?> clazz = getImplClass(); + Constructor<?> cons = clazz.getConstructor(paramClass); return cons.newInstance(constructorParameter); } } catch (NoSuchAlgorithmException e) { @@ -1267,10 +1264,10 @@ } // return the implementation Class object for this service - private Class getImplClass() throws NoSuchAlgorithmException { + private Class<?> getImplClass() throws NoSuchAlgorithmException { try { - Reference<Class> ref = classRef; - Class clazz = (ref == null) ? null : ref.get(); + Reference<Class<?>> ref = classRef; + Class<?> clazz = (ref == null) ? null : ref.get(); if (clazz == null) { ClassLoader cl = provider.getClass().getClassLoader(); if (cl == null) { @@ -1278,7 +1275,7 @@ } else { clazz = cl.loadClass(className); } - classRef = new WeakReference<Class>(clazz); + classRef = new WeakReference<Class<?>>(clazz); } return clazz; } catch (ClassNotFoundException e) { @@ -1295,18 +1292,18 @@ */ private Object newInstanceGeneric(Object constructorParameter) throws Exception { - Class clazz = getImplClass(); + Class<?> clazz = getImplClass(); if (constructorParameter == null) { Object o = clazz.newInstance(); return o; } - Class argClass = constructorParameter.getClass(); + Class<?> argClass = constructorParameter.getClass(); Constructor[] cons = clazz.getConstructors(); // find first public constructor that can take the // argument as parameter for (int i = 0; i < cons.length; i++) { - Constructor con = cons[i]; - Class[] paramTypes = con.getParameterTypes(); + Constructor<?> con = cons[i]; + Class<?>[] paramTypes = con.getParameterTypes(); if (paramTypes.length != 1) { continue; } @@ -1394,10 +1391,10 @@ s = getAttribute("SupportedKeyClasses"); if (s != null) { String[] classNames = s.split("\\|"); - List<Class> classList = + List<Class<?>> classList = new ArrayList<>(classNames.length); for (String className : classNames) { - Class clazz = getKeyClass(className); + Class<?> clazz = getKeyClass(className); if (clazz != null) { classList.add(clazz); } @@ -1414,7 +1411,7 @@ } // get the key class object of the specified name - private Class getKeyClass(String name) { + private Class<?> getKeyClass(String name) { try { return Class.forName(name); } catch (ClassNotFoundException e) { @@ -1451,8 +1448,8 @@ if (supportedClasses == null) { return false; } - Class keyClass = key.getClass(); - for (Class clazz : supportedClasses) { + Class<?> keyClass = key.getClass(); + for (Class<?> clazz : supportedClasses) { if (clazz.isAssignableFrom(keyClass)) { return true; }
--- a/jdk/src/share/classes/java/security/Security.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/java/security/Security.java Mon Aug 15 11:48:20 2011 -0700 @@ -33,8 +33,6 @@ import sun.security.util.Debug; import sun.security.util.PropertyExpander; -import java.security.Provider.Service; - import sun.security.jca.*; /** @@ -660,15 +658,16 @@ } // Map containing cached Spi Class objects of the specified type - private static final Map<String, Class> spiMap = new ConcurrentHashMap<>(); + private static final Map<String, Class<?>> spiMap = + new ConcurrentHashMap<>(); /** * Return the Class object for the given engine type * (e.g. "MessageDigest"). Works for Spis in the java.security package * only. */ - private static Class getSpiClass(String type) { - Class clazz = spiMap.get(type); + private static Class<?> getSpiClass(String type) { + Class<?> clazz = spiMap.get(type); if (clazz != null) { return clazz; } @@ -1078,7 +1077,7 @@ if ((serviceName == null) || (serviceName.length() == 0) || (serviceName.endsWith("."))) { - return Collections.EMPTY_SET; + return Collections.emptySet(); } HashSet<String> result = new HashSet<>();
--- a/jdk/src/share/classes/java/security/UnresolvedPermission.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/java/security/UnresolvedPermission.java Mon Aug 15 11:48:20 2011 -0700 @@ -28,9 +28,7 @@ import java.io.IOException; import java.io.ByteArrayInputStream; import java.util.ArrayList; -import java.util.Enumeration; import java.util.Hashtable; -import java.util.Vector; import java.lang.reflect.*; import java.security.cert.*; @@ -247,19 +245,19 @@ } } try { - Class pc = p.getClass(); + Class<?> pc = p.getClass(); if (name == null && actions == null) { try { - Constructor c = pc.getConstructor(PARAMS0); + Constructor<?> c = pc.getConstructor(PARAMS0); return (Permission)c.newInstance(new Object[] {}); } catch (NoSuchMethodException ne) { try { - Constructor c = pc.getConstructor(PARAMS1); + Constructor<?> c = pc.getConstructor(PARAMS1); return (Permission) c.newInstance( new Object[] { name}); } catch (NoSuchMethodException ne1) { - Constructor c = pc.getConstructor(PARAMS2); + Constructor<?> c = pc.getConstructor(PARAMS2); return (Permission) c.newInstance( new Object[] { name, actions }); } @@ -267,16 +265,16 @@ } else { if (name != null && actions == null) { try { - Constructor c = pc.getConstructor(PARAMS1); + Constructor<?> c = pc.getConstructor(PARAMS1); return (Permission) c.newInstance( new Object[] { name}); } catch (NoSuchMethodException ne) { - Constructor c = pc.getConstructor(PARAMS2); + Constructor<?> c = pc.getConstructor(PARAMS2); return (Permission) c.newInstance( new Object[] { name, actions }); } } else { - Constructor c = pc.getConstructor(PARAMS2); + Constructor<?> c = pc.getConstructor(PARAMS2); return (Permission) c.newInstance( new Object[] { name, actions }); }
--- a/jdk/src/share/classes/java/security/UnresolvedPermissionCollection.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/java/security/UnresolvedPermissionCollection.java Mon Aug 15 11:48:20 2011 -0700 @@ -197,8 +197,12 @@ ObjectInputStream.GetField gfields = in.readFields(); // Get permissions + @SuppressWarnings("unchecked") + // writeObject writes a Hashtable<String, Vector<UnresolvedPermission>> + // for the permissions key, so this cast is safe, unless the data is corrupt. Hashtable<String, Vector<UnresolvedPermission>> permissions = - (Hashtable<String, Vector<UnresolvedPermission>>)gfields.get("permissions", null); + (Hashtable<String, Vector<UnresolvedPermission>>) + gfields.get("permissions", null); perms = new HashMap<String, List<UnresolvedPermission>>(permissions.size()*2); // Convert each entry (Vector) into a List
--- a/jdk/src/share/classes/java/security/cert/CertificateRevokedException.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/java/security/cert/CertificateRevokedException.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,7 +32,6 @@ import java.util.Date; import java.util.HashMap; import java.util.Map; -import java.util.Map.Entry; import javax.security.auth.x500.X500Principal; import sun.security.util.ObjectIdentifier; @@ -95,7 +94,7 @@ this.revocationDate = new Date(revocationDate.getTime()); this.reason = reason; this.authority = authority; - this.extensions = new HashMap(extensions); + this.extensions = new HashMap<String, Extension>(extensions); } /** @@ -148,8 +147,7 @@ return null; } else { try { - Date invalidity = - (Date) InvalidityDateExtension.toImpl(ext).get("DATE"); + Date invalidity = InvalidityDateExtension.toImpl(ext).get("DATE"); return new Date(invalidity.getTime()); } catch (IOException ioe) { return null;
--- a/jdk/src/share/classes/java/security/cert/X509CRLSelector.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/java/security/cert/X509CRLSelector.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -632,7 +632,7 @@ byte[] encoded = in.getOctetString(); CRLNumberExtension crlNumExt = new CRLNumberExtension(Boolean.FALSE, encoded); - crlNum = (BigInteger)crlNumExt.get(CRLNumberExtension.NUMBER); + crlNum = crlNumExt.get(CRLNumberExtension.NUMBER); } catch (IOException ex) { if (debug != null) { debug.println("X509CRLSelector.match: exception in "
--- a/jdk/src/share/classes/java/security/cert/X509CertSelector.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/java/security/cert/X509CertSelector.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -277,7 +277,7 @@ try { issuer = (issuerDN == null ? null : new X500Principal(issuerDN)); } catch (IllegalArgumentException e) { - throw (IOException)new IOException("Invalid name").initCause(e); + throw new IOException("Invalid name", e); } } @@ -341,7 +341,7 @@ try { subject = (subjectDN == null ? null : new X500Principal(subjectDN)); } catch (IllegalArgumentException e) { - throw (IOException)new IOException("Invalid name").initCause(e); + throw new IOException("Invalid name", e); } } @@ -872,7 +872,7 @@ * @param object2 a Collection containing the second object to compare * @return true if the objects are equal, false otherwise */ - static boolean equalNames(Collection object1, Collection object2) { + static boolean equalNames(Collection<?> object1, Collection<?> object2) { if ((object1 == null) || (object2 == null)) { return object1 == object2; } @@ -1672,19 +1672,15 @@ private static Set<List<?>> cloneAndCheckNames(Collection<List<?>> names) throws IOException { // Copy the Lists and Collection Set<List<?>> namesCopy = new HashSet<List<?>>(); - Iterator<List<?>> i = names.iterator(); - while (i.hasNext()) { - Object o = i.next(); - if (!(o instanceof List)) { - throw new IOException("expected a List"); - } - namesCopy.add(new ArrayList<Object>((List<?>)o)); + for (List<?> o : names) + { + namesCopy.add(new ArrayList<Object>(o)); } // Check the contents of the Lists and clone any byte arrays - i = namesCopy.iterator(); - while (i.hasNext()) { - List<Object> nameList = (List<Object>)i.next(); + for (List<?> list : namesCopy) { + @SuppressWarnings("unchecked") // See javadoc for parameter "names". + List<Object> nameList = (List<Object>)list; if (nameList.size() != 2) { throw new IOException("name list size not 2"); } @@ -2184,8 +2180,7 @@ if (debug != null) { String time = "n/a"; try { - Date notAfter = - (Date)ext.get(PrivateKeyUsageExtension.NOT_AFTER); + Date notAfter = ext.get(PrivateKeyUsageExtension.NOT_AFTER); time = notAfter.toString(); } catch (CertificateException ex) { // not able to retrieve notAfter value @@ -2201,8 +2196,7 @@ if (debug != null) { String time = "n/a"; try { - Date notBefore = (Date) - ext.get(PrivateKeyUsageExtension.NOT_BEFORE); + Date notBefore = ext.get(PrivateKeyUsageExtension.NOT_BEFORE); time = notBefore.toString(); } catch (CertificateException ex) { // not able to retrieve notBefore value @@ -2214,14 +2208,6 @@ e2.printStackTrace(); } return false; - } catch (CertificateException e3) { - if (debug != null) { - debug.println("X509CertSelector.match: CertificateException " - + "in private key usage check; X509CertSelector: " - + this.toString()); - e3.printStackTrace(); - } - return false; } catch (IOException e4) { if (debug != null) { debug.println("X509CertSelector.match: IOException in " @@ -2252,7 +2238,7 @@ + subjectPublicKeyAlgID + ", xcert subjectPublicKeyAlgID = " + algID.getOID()); } - if (!subjectPublicKeyAlgID.equals(algID.getOID())) { + if (!subjectPublicKeyAlgID.equals((Object)algID.getOID())) { if (debug != null) { debug.println("X509CertSelector.match: " + "subject public key alg IDs don't match"); @@ -2301,7 +2287,7 @@ EXTENDED_KEY_USAGE_ID); if (ext != null) { Vector<ObjectIdentifier> certKeyPurposeVector = - (Vector<ObjectIdentifier>)ext.get(ExtendedKeyUsageExtension.USAGES); + ext.get(ExtendedKeyUsageExtension.USAGES); if (!certKeyPurposeVector.contains(ANY_EXTENDED_KEY_USAGE) && !certKeyPurposeVector.containsAll(keyPurposeOIDSet)) { if (debug != null) { @@ -2337,8 +2323,8 @@ } return false; } - GeneralNames certNames = (GeneralNames) - sanExt.get(SubjectAlternativeNameExtension.SUBJECT_NAME); + GeneralNames certNames = + sanExt.get(SubjectAlternativeNameExtension.SUBJECT_NAME); Iterator<GeneralNameInterface> i = subjectAlternativeGeneralNames.iterator(); while (i.hasNext()) { @@ -2406,7 +2392,7 @@ } return false; } - List<PolicyInformation> policies = (List<PolicyInformation>)ext.get(CertificatePoliciesExtension.POLICIES); + List<PolicyInformation> policies = ext.get(CertificatePoliciesExtension.POLICIES); /* * Convert the Vector of PolicyInformation to a Vector * of CertificatePolicyIds for easier comparison. @@ -2467,7 +2453,7 @@ if (ext == null) { return true; } - if ((debug != null) && debug.isOn("certpath")) { + if ((debug != null) && Debug.isOn("certpath")) { debug.println("X509CertSelector.match pathToNames:\n"); Iterator<GeneralNameInterface> i = pathToGeneralNames.iterator(); @@ -2476,10 +2462,10 @@ } } - GeneralSubtrees permitted = (GeneralSubtrees) - ext.get(NameConstraintsExtension.PERMITTED_SUBTREES); - GeneralSubtrees excluded = (GeneralSubtrees) - ext.get(NameConstraintsExtension.EXCLUDED_SUBTREES); + GeneralSubtrees permitted = + ext.get(NameConstraintsExtension.PERMITTED_SUBTREES); + GeneralSubtrees excluded = + ext.get(NameConstraintsExtension.EXCLUDED_SUBTREES); if (excluded != null) { if (matchExcluded(excluded) == false) { return false; @@ -2597,12 +2583,13 @@ return true; } - private static Set<?> cloneSet(Set<?> set) { + @SuppressWarnings("unchecked") // Safe casts assuming clone() works correctly + private static <T> Set<T> cloneSet(Set<T> set) { if (set instanceof HashSet) { - Object clone = ((HashSet<?>)set).clone(); - return (Set<?>)clone; + Object clone = ((HashSet<T>)set).clone(); + return (Set<T>)clone; } else { - return new HashSet<Object>(set); + return new HashSet<T>(set); } } @@ -2617,17 +2604,13 @@ // Must clone these because addPathToName et al. modify them if (subjectAlternativeNames != null) { copy.subjectAlternativeNames = - (Set<List<?>>)cloneSet(subjectAlternativeNames); + cloneSet(subjectAlternativeNames); copy.subjectAlternativeGeneralNames = - (Set<GeneralNameInterface>)cloneSet - (subjectAlternativeGeneralNames); + cloneSet(subjectAlternativeGeneralNames); } if (pathToGeneralNames != null) { - copy.pathToNames = - (Set<List<?>>)cloneSet(pathToNames); - copy.pathToGeneralNames = - (Set<GeneralNameInterface>)cloneSet - (pathToGeneralNames); + copy.pathToNames = cloneSet(pathToNames); + copy.pathToGeneralNames = cloneSet(pathToGeneralNames); } return copy; } catch (CloneNotSupportedException e) {
--- a/jdk/src/share/classes/javax/crypto/Cipher.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/Cipher.java Mon Aug 15 11:48:20 2011 -0700 @@ -28,7 +28,6 @@ import java.util.*; import java.util.regex.*; -import static java.util.Locale.ENGLISH; import java.security.*; import java.security.Provider.Service; @@ -44,7 +43,6 @@ import sun.security.util.Debug; import sun.security.jca.*; -import sun.security.jca.GetInstance.Instance; /** * This class provides the functionality of a cryptographic cipher for @@ -227,10 +225,10 @@ // remaining services to try in provider selection // null once provider is selected - private Iterator serviceIterator; + private Iterator<Service> serviceIterator; // list of transform Strings to lookup in the provider - private List transforms; + private List<Transform> transforms; private final Object lock; @@ -271,7 +269,8 @@ } private Cipher(CipherSpi firstSpi, Service firstService, - Iterator serviceIterator, String transformation, List transforms) { + Iterator<Service> serviceIterator, String transformation, + List<Transform> transforms) { this.firstSpi = firstSpi; this.firstService = firstService; this.serviceIterator = serviceIterator; @@ -392,11 +391,11 @@ // Map<String,Pattern> for previously compiled patterns // XXX use ConcurrentHashMap once available - private final static Map patternCache = - Collections.synchronizedMap(new HashMap()); + private final static Map<String, Pattern> patternCache = + Collections.synchronizedMap(new HashMap<String, Pattern>()); private static boolean matches(String regexp, String str) { - Pattern pattern = (Pattern)patternCache.get(regexp); + Pattern pattern = patternCache.get(regexp); if (pattern == null) { pattern = Pattern.compile(regexp); patternCache.put(regexp, pattern); @@ -406,7 +405,7 @@ } - private static List getTransforms(String transformation) + private static List<Transform> getTransforms(String transformation) throws NoSuchAlgorithmException { String[] parts = tokenizeTransformation(transformation); @@ -426,7 +425,7 @@ return Collections.singletonList(tr); } else { // if ((mode != null) && (pad != null)) { // DES/CBC/PKCS5Padding - List list = new ArrayList(4); + List<Transform> list = new ArrayList<>(4); list.add(new Transform(alg, "/" + mode + "/" + pad, null, null)); list.add(new Transform(alg, "/" + mode, null, pad)); list.add(new Transform(alg, "//" + pad, mode, null)); @@ -436,10 +435,10 @@ } // get the transform matching the specified service - private static Transform getTransform(Service s, List transforms) { + private static Transform getTransform(Service s, + List<Transform> transforms) { String alg = s.getAlgorithm().toUpperCase(Locale.ENGLISH); - for (Iterator t = transforms.iterator(); t.hasNext(); ) { - Transform tr = (Transform)t.next(); + for (Transform tr : transforms) { if (alg.endsWith(tr.suffix)) { return tr; } @@ -482,19 +481,18 @@ public static final Cipher getInstance(String transformation) throws NoSuchAlgorithmException, NoSuchPaddingException { - List transforms = getTransforms(transformation); - List cipherServices = new ArrayList(transforms.size()); - for (Iterator t = transforms.iterator(); t.hasNext(); ) { - Transform transform = (Transform)t.next(); + List<Transform> transforms = getTransforms(transformation); + List<ServiceId> cipherServices = new ArrayList<>(transforms.size()); + for (Transform transform : transforms) { cipherServices.add(new ServiceId("Cipher", transform.transform)); } - List services = GetInstance.getServices(cipherServices); + List<Service> services = GetInstance.getServices(cipherServices); // make sure there is at least one service from a signed provider // and that it can use the specified mode and padding - Iterator t = services.iterator(); + Iterator<Service> t = services.iterator(); Exception failure = null; while (t.hasNext()) { - Service s = (Service)t.next(); + Service s = t.next(); if (JceSecurity.canUseProvider(s.getProvider()) == false) { continue; } @@ -620,11 +618,10 @@ throw new IllegalArgumentException("Missing provider"); } Exception failure = null; - List transforms = getTransforms(transformation); + List<Transform> transforms = getTransforms(transformation); boolean providerChecked = false; String paddingError = null; - for (Iterator t = transforms.iterator(); t.hasNext();) { - Transform tr = (Transform)t.next(); + for (Transform tr : transforms) { Service s = provider.getService("Cipher", tr.transform); if (s == null) { continue; @@ -727,7 +724,7 @@ firstService = null; firstSpi = null; } else { - s = (Service)serviceIterator.next(); + s = serviceIterator.next(); thisSpi = null; } if (JceSecurity.canUseProvider(s.getProvider()) == false) { @@ -821,7 +818,7 @@ firstService = null; firstSpi = null; } else { - s = (Service)serviceIterator.next(); + s = serviceIterator.next(); thisSpi = null; } // if provider says it does not support this key, ignore it @@ -1622,7 +1619,7 @@ // Check whether the cert has a key usage extension // marked as a critical extension. X509Certificate cert = (X509Certificate)certificate; - Set critSet = cert.getCriticalExtensionOIDs(); + Set<String> critSet = cert.getCriticalExtensionOIDs(); if (critSet != null && !critSet.isEmpty() && critSet.contains(KEY_USAGE_EXTENSION_OID)) {
--- a/jdk/src/share/classes/javax/crypto/CryptoAllPermission.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/CryptoAllPermission.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -171,8 +171,8 @@ * * @return an enumeration of all the CryptoAllPermission objects. */ - public Enumeration elements() { - Vector v = new Vector(1); + public Enumeration<Permission> elements() { + Vector<Permission> v = new Vector<>(1); if (all_allowed) v.add(CryptoAllPermission.INSTANCE); return v.elements(); }
--- a/jdk/src/share/classes/javax/crypto/CryptoPermission.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/CryptoPermission.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -475,14 +475,14 @@ private static final long serialVersionUID = -511215555898802763L; - private Vector permissions; + private Vector<Permission> permissions; /** * Creates an empty CryptoPermissionCollection * object. */ CryptoPermissionCollection() { - permissions = new Vector(3); + permissions = new Vector<Permission>(3); } /** @@ -520,7 +520,7 @@ CryptoPermission cp = (CryptoPermission)permission; - Enumeration e = permissions.elements(); + Enumeration<Permission> e = permissions.elements(); while (e.hasMoreElements()) { CryptoPermission x = (CryptoPermission) e.nextElement(); @@ -538,7 +538,7 @@ * @return an enumeration of all the CryptoPermission objects. */ - public Enumeration elements() + public Enumeration<Permission> elements() { return permissions.elements(); }
--- a/jdk/src/share/classes/javax/crypto/CryptoPermissions.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/CryptoPermissions.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -62,14 +62,14 @@ private static final long serialVersionUID = 4946547168093391015L; // This class is similar to java.security.Permissions - private Hashtable perms; + private Hashtable<String, PermissionCollection> perms; /** * Creates a new CryptoPermissions object containing * no CryptoPermissionCollections. */ CryptoPermissions() { - perms = new Hashtable(7); + perms = new Hashtable<String, PermissionCollection>(7); } /** @@ -166,7 +166,7 @@ * * @return an enumeration of all the Permissions. */ - public Enumeration elements() { + public Enumeration<Permission> elements() { // go through each Permissions in the hash table // and call their elements() function. return new PermissionsEnumerator(perms.elements()); @@ -198,8 +198,7 @@ PermissionCollection thatWildcard = - (PermissionCollection)other.perms.get( - CryptoPermission.ALG_NAME_WILDCARD); + other.perms.get(CryptoPermission.ALG_NAME_WILDCARD); int maxKeySize = 0; if (thatWildcard != null) { maxKeySize = ((CryptoPermission) @@ -208,14 +207,12 @@ // For each algorithm in this CryptoPermissions, // find out if there is anything we should add into // ret. - Enumeration thisKeys = this.perms.keys(); + Enumeration<String> thisKeys = this.perms.keys(); while (thisKeys.hasMoreElements()) { - String alg = (String)thisKeys.nextElement(); + String alg = thisKeys.nextElement(); - PermissionCollection thisPc = - (PermissionCollection)this.perms.get(alg); - PermissionCollection thatPc = - (PermissionCollection)other.perms.get(alg); + PermissionCollection thisPc = this.perms.get(alg); + PermissionCollection thatPc = other.perms.get(alg); CryptoPermission[] partialResult; @@ -238,8 +235,7 @@ } PermissionCollection thisWildcard = - (PermissionCollection)this.perms.get( - CryptoPermission.ALG_NAME_WILDCARD); + this.perms.get(CryptoPermission.ALG_NAME_WILDCARD); // If this CryptoPermissions doesn't // have a wildcard, we are done. @@ -252,16 +248,15 @@ maxKeySize = ((CryptoPermission) thisWildcard.elements().nextElement()).getMaxKeySize(); - Enumeration thatKeys = other.perms.keys(); + Enumeration<String> thatKeys = other.perms.keys(); while (thatKeys.hasMoreElements()) { - String alg = (String)thatKeys.nextElement(); + String alg = thatKeys.nextElement(); if (this.perms.containsKey(alg)) { continue; } - PermissionCollection thatPc = - (PermissionCollection)other.perms.get(alg); + PermissionCollection thatPc = other.perms.get(alg); CryptoPermission[] partialResult; @@ -286,9 +281,9 @@ */ private CryptoPermission[] getMinimum(PermissionCollection thisPc, PermissionCollection thatPc) { - Vector permVector = new Vector(2); + Vector<CryptoPermission> permVector = new Vector<>(2); - Enumeration thisPcPermissions = thisPc.elements(); + Enumeration<Permission> thisPcPermissions = thisPc.elements(); // For each CryptoPermission in // thisPc object, do the following: @@ -307,7 +302,7 @@ CryptoPermission thisCp = (CryptoPermission)thisPcPermissions.nextElement(); - Enumeration thatPcPermissions = thatPc.elements(); + Enumeration<Permission> thatPcPermissions = thatPc.elements(); while (thatPcPermissions.hasMoreElements()) { CryptoPermission thatCp = (CryptoPermission)thatPcPermissions.nextElement(); @@ -342,9 +337,9 @@ */ private CryptoPermission[] getMinimum(int maxKeySize, PermissionCollection pc) { - Vector permVector = new Vector(1); + Vector<CryptoPermission> permVector = new Vector<>(1); - Enumeration enum_ = pc.elements(); + Enumeration<Permission> enum_ = pc.elements(); while (enum_.hasMoreElements()) { CryptoPermission cp = @@ -383,19 +378,17 @@ // If this CryptoPermissions includes CryptoAllPermission, // we should return CryptoAllPermission. if (perms.containsKey(CryptoAllPermission.ALG_NAME)) { - return - (PermissionCollection)(perms.get(CryptoAllPermission.ALG_NAME)); + return perms.get(CryptoAllPermission.ALG_NAME); } - PermissionCollection pc = (PermissionCollection)perms.get(alg); + PermissionCollection pc = perms.get(alg); // If there isn't a PermissionCollection for // the given algorithm,we should return the // PermissionCollection for the wildcard // if there is one. if (pc == null) { - pc = (PermissionCollection)perms.get( - CryptoPermission.ALG_NAME_WILDCARD); + pc = perms.get(CryptoPermission.ALG_NAME_WILDCARD); } return pc; } @@ -414,7 +407,7 @@ String alg = cryptoPerm.getAlgorithm(); - PermissionCollection pc = (PermissionCollection)perms.get(alg); + PermissionCollection pc = perms.get(alg); if (pc == null) { pc = cryptoPerm.newPermissionCollection(); @@ -423,14 +416,14 @@ } } -final class PermissionsEnumerator implements Enumeration { +final class PermissionsEnumerator implements Enumeration<Permission> { // all the perms - private Enumeration perms; + private Enumeration<PermissionCollection> perms; // the current set - private Enumeration permset; + private Enumeration<Permission> permset; - PermissionsEnumerator(Enumeration e) { + PermissionsEnumerator(Enumeration<PermissionCollection> e) { perms = e; permset = getNextEnumWithMore(); } @@ -454,7 +447,7 @@ return (permset != null); } - public synchronized Object nextElement() { + public synchronized Permission nextElement() { // hasMoreElements will update permset to the next permset // with something in it... @@ -466,11 +459,10 @@ } - private Enumeration getNextEnumWithMore() { + private Enumeration<Permission> getNextEnumWithMore() { while (perms.hasMoreElements()) { - PermissionCollection pc = - (PermissionCollection) perms.nextElement(); - Enumeration next = pc.elements(); + PermissionCollection pc = perms.nextElement(); + Enumeration<Permission> next = pc.elements(); if (next.hasMoreElements()) return next; }
--- a/jdk/src/share/classes/javax/crypto/CryptoPolicyParser.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/CryptoPolicyParser.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,7 +29,6 @@ import java.util.Enumeration; import java.util.Hashtable; import java.util.Vector; -import java.util.StringTokenizer; import static java.util.Locale.ENGLISH; import java.security.GeneralSecurityException; @@ -64,7 +63,7 @@ final class CryptoPolicyParser { - private Vector grantEntries; + private Vector<GrantEntry> grantEntries; // Convenience variables for parsing private StreamTokenizer st; @@ -74,7 +73,7 @@ * Creates a CryptoPolicyParser object. */ CryptoPolicyParser() { - grantEntries = new Vector(); + grantEntries = new Vector<GrantEntry>(); } /** @@ -127,7 +126,7 @@ * The crypto jurisdiction policy must be consistent. The * following hashtable is used for checking consistency. */ - Hashtable processedPermissions = null; + Hashtable<String, Vector<String>> processedPermissions = null; /* * The main parsing loop. The loop is executed once for each entry @@ -152,7 +151,8 @@ /** * parse a Grant entry */ - private GrantEntry parseGrantEntry(Hashtable processedPermissions) + private GrantEntry parseGrantEntry( + Hashtable<String, Vector<String>> processedPermissions) throws ParsingException, IOException { GrantEntry e = new GrantEntry(); @@ -180,7 +180,7 @@ * parse a CryptoPermission entry */ private CryptoPermissionEntry parsePermissionEntry( - Hashtable processedPermissions) + Hashtable<String, Vector<String>> processedPermissions) throws ParsingException, IOException { CryptoPermissionEntry e = new CryptoPermissionEntry(); @@ -252,7 +252,7 @@ // AlgorithmParameterSpec class name. String algParamSpecClassName = match("quoted string"); - Vector paramsV = new Vector(1); + Vector<Integer> paramsV = new Vector<>(1); while (peek(",")) { match(","); if (peek("number")) { @@ -285,14 +285,14 @@ AlgorithmParameterSpec ret = null; try { - Class apsClass = Class.forName(type); - Class[] paramClasses = new Class[params.length]; + Class<?> apsClass = Class.forName(type); + Class<?>[] paramClasses = new Class<?>[params.length]; for (int i = 0; i < params.length; i++) { paramClasses[i] = int.class; } - Constructor c = apsClass.getConstructor(paramClasses); + Constructor<?> c = apsClass.getConstructor(paramClasses); ret = (AlgorithmParameterSpec) c.newInstance((Object[]) params); } catch (Exception e) { throw new ParsingException("Cannot call the constructor of " + @@ -456,15 +456,15 @@ } CryptoPermission[] getPermissions() { - Vector result = new Vector(); + Vector<CryptoPermission> result = new Vector<>(); - Enumeration grantEnum = grantEntries.elements(); + Enumeration<GrantEntry> grantEnum = grantEntries.elements(); while (grantEnum.hasMoreElements()) { - GrantEntry ge = (GrantEntry)grantEnum.nextElement(); - Enumeration permEnum = ge.permissionElements(); + GrantEntry ge = grantEnum.nextElement(); + Enumeration<CryptoPermissionEntry> permEnum = + ge.permissionElements(); while (permEnum.hasMoreElements()) { - CryptoPermissionEntry pe = - (CryptoPermissionEntry)permEnum.nextElement(); + CryptoPermissionEntry pe = permEnum.nextElement(); if (pe.cryptoPermission.equals( "javax.crypto.CryptoAllPermission")) { result.addElement(CryptoAllPermission.INSTANCE); @@ -491,15 +491,14 @@ return ret; } - private boolean isConsistent(String alg, - String exemptionMechanism, - Hashtable processedPermissions) { + private boolean isConsistent(String alg, String exemptionMechanism, + Hashtable<String, Vector<String>> processedPermissions) { String thisExemptionMechanism = exemptionMechanism == null ? "none" : exemptionMechanism; if (processedPermissions == null) { - processedPermissions = new Hashtable(); - Vector exemptionMechanisms = new Vector(1); + processedPermissions = new Hashtable<String, Vector<String>>(); + Vector<String> exemptionMechanisms = new Vector<>(1); exemptionMechanisms.addElement(thisExemptionMechanism); processedPermissions.put(alg, exemptionMechanisms); return true; @@ -509,15 +508,15 @@ return false; } - Vector exemptionMechanisms; + Vector<String> exemptionMechanisms; if (processedPermissions.containsKey(alg)) { - exemptionMechanisms = (Vector)processedPermissions.get(alg); + exemptionMechanisms = processedPermissions.get(alg); if (exemptionMechanisms.contains(thisExemptionMechanism)) { return false; } } else { - exemptionMechanisms = new Vector(1); + exemptionMechanisms = new Vector<String>(1); } exemptionMechanisms.addElement(thisExemptionMechanism); @@ -556,10 +555,10 @@ private static class GrantEntry { - private Vector permissionEntries; + private Vector<CryptoPermissionEntry> permissionEntries; GrantEntry() { - permissionEntries = new Vector(); + permissionEntries = new Vector<CryptoPermissionEntry>(); } void add(CryptoPermissionEntry pe) @@ -580,7 +579,7 @@ /** * Enumerate all the permission entries in this GrantEntry. */ - Enumeration permissionElements(){ + Enumeration<CryptoPermissionEntry> permissionElements(){ return permissionEntries.elements(); }
--- a/jdk/src/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -80,7 +80,7 @@ throw new NullPointerException("the encoded parameter " + "must be non-null"); } - this.encoded = (byte[])encoded.clone(); + this.encoded = encoded.clone(); DerValue val = new DerValue(this.encoded); DerValue[] seq = new DerValue[2]; @@ -143,7 +143,7 @@ throw new IllegalArgumentException("the encryptedData " + "parameter must not be empty"); } else { - this.encryptedData = (byte[])encryptedData.clone(); + this.encryptedData = encryptedData.clone(); } // delay the generation of ASN.1 encoding until // getEncoded() is called @@ -183,7 +183,7 @@ throw new IllegalArgumentException("the encryptedData " + "parameter must not be empty"); } else { - this.encryptedData = (byte[])encryptedData.clone(); + this.encryptedData = encryptedData.clone(); } // delay the generation of ASN.1 encoding until @@ -222,7 +222,7 @@ * each time this method is called. */ public byte[] getEncryptedData() { - return (byte[])this.encryptedData.clone(); + return this.encryptedData.clone(); } /** @@ -247,26 +247,13 @@ throws InvalidKeySpecException { byte[] encoded = null; try { - encoded = cipher.doFinal((byte[])encryptedData); + encoded = cipher.doFinal(encryptedData); checkPKCS8Encoding(encoded); - } catch (GeneralSecurityException gse) { - InvalidKeySpecException ikse = new - InvalidKeySpecException( - "Cannot retrieve the PKCS8EncodedKeySpec"); - ikse.initCause(gse); - throw ikse; - } catch (IOException ioe) { - InvalidKeySpecException ikse = new - InvalidKeySpecException( - "Cannot retrieve the PKCS8EncodedKeySpec"); - ikse.initCause(ioe); - throw ikse; - } catch (IllegalStateException ise) { - InvalidKeySpecException ikse = new - InvalidKeySpecException( - "Cannot retrieve the PKCS8EncodedKeySpec"); - ikse.initCause(ise); - throw ikse; + } catch (GeneralSecurityException | + IOException | + IllegalStateException ex) { + throw new InvalidKeySpecException( + "Cannot retrieve the PKCS8EncodedKeySpec", ex); } return new PKCS8EncodedKeySpec(encoded); } @@ -289,16 +276,9 @@ } catch (NoSuchAlgorithmException nsae) { // rethrow throw nsae; - } catch (GeneralSecurityException gse) { - InvalidKeyException ike = new InvalidKeyException - ("Cannot retrieve the PKCS8EncodedKeySpec"); - ike.initCause(gse); - throw ike; - } catch (IOException ioe) { - InvalidKeyException ike = new InvalidKeyException - ("Cannot retrieve the PKCS8EncodedKeySpec"); - ike.initCause(ioe); - throw ike; + } catch (GeneralSecurityException | IOException ex) { + throw new InvalidKeyException( + "Cannot retrieve the PKCS8EncodedKeySpec", ex); } return new PKCS8EncodedKeySpec(encoded); } @@ -413,7 +393,7 @@ out.write(DerValue.tag_Sequence, tmp); this.encoded = out.toByteArray(); } - return (byte[])this.encoded.clone(); + return this.encoded.clone(); } private static void checkTag(DerValue val, byte tag, String valName) @@ -424,6 +404,7 @@ } } + @SuppressWarnings("fallthrough") private static void checkPKCS8Encoding(byte[] encodedKey) throws IOException { DerInputStream in = new DerInputStream(encodedKey); @@ -432,6 +413,7 @@ switch (values.length) { case 4: checkTag(values[3], DerValue.TAG_CONTEXT, "attributes"); + /* fall through */ case 3: checkTag(values[0], DerValue.tag_Integer, "version"); DerInputStream algid = values[1].toDerInputStream();
--- a/jdk/src/share/classes/javax/crypto/JarVerifier.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/JarVerifier.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2007, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -86,23 +86,19 @@ // Get a link to the Jarfile to search. try { - jf = (JarFile) - AccessController.doPrivileged( - new PrivilegedExceptionAction() { - public Object run() throws Exception { - JarURLConnection conn = - (JarURLConnection) url.openConnection(); - // You could do some caching here as - // an optimization. - conn.setUseCaches(false); - return conn.getJarFile(); - } - }); + jf = AccessController.doPrivileged( + new PrivilegedExceptionAction<JarFile>() { + public JarFile run() throws Exception { + JarURLConnection conn = + (JarURLConnection) url.openConnection(); + // You could do some caching here as + // an optimization. + conn.setUseCaches(false); + return conn.getJarFile(); + } + }); } catch (java.security.PrivilegedActionException pae) { - SecurityException se = new SecurityException( - "Cannot load " + url.toString()); - se.initCause(pae); - throw se; + throw new SecurityException("Cannot load " + url.toString(), pae); } if (jf != null) {
--- a/jdk/src/share/classes/javax/crypto/JceSecurity.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/JceSecurity.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -57,10 +57,12 @@ // Map<Provider,?> of the providers we already have verified // value == PROVIDER_VERIFIED is successfully verified // value is failure cause Exception in error case - private final static Map verificationResults = new IdentityHashMap(); + private final static Map<Provider, Object> verificationResults = + new IdentityHashMap<>(); // Map<Provider,?> of the providers currently being verified - private final static Map verifyingProviders = new IdentityHashMap(); + private final static Map<Provider, Object> verifyingProviders = + new IdentityHashMap<>(); // Set the default value. May be changed in the static initializer. private static boolean isRestricted = true; @@ -73,25 +75,23 @@ static { try { - AccessController.doPrivileged(new PrivilegedExceptionAction() { - public Object run() throws Exception { - setupJurisdictionPolicies(); - return null; - } - }); + AccessController.doPrivileged( + new PrivilegedExceptionAction<Object>() { + public Object run() throws Exception { + setupJurisdictionPolicies(); + return null; + } + }); isRestricted = defaultPolicy.implies( CryptoAllPermission.INSTANCE) ? false : true; } catch (Exception e) { - SecurityException se = - new SecurityException( - "Can not initialize cryptographic mechanism"); - se.initCause(e); - throw se; + throw new SecurityException( + "Can not initialize cryptographic mechanism", e); } } - static Instance getInstance(String type, Class clazz, String algorithm, + static Instance getInstance(String type, Class<?> clazz, String algorithm, String provider) throws NoSuchAlgorithmException, NoSuchProviderException { Service s = GetInstance.getService(type, algorithm, provider); @@ -104,7 +104,7 @@ return GetInstance.getInstance(s, clazz); } - static Instance getInstance(String type, Class clazz, String algorithm, + static Instance getInstance(String type, Class<?> clazz, String algorithm, Provider provider) throws NoSuchAlgorithmException { Service s = GetInstance.getService(type, algorithm, provider); Exception ve = JceSecurity.getVerificationResult(provider); @@ -116,12 +116,11 @@ return GetInstance.getInstance(s, clazz); } - static Instance getInstance(String type, Class clazz, String algorithm) + static Instance getInstance(String type, Class<?> clazz, String algorithm) throws NoSuchAlgorithmException { - List services = GetInstance.getServices(type, algorithm); + List<Service> services = GetInstance.getServices(type, algorithm); NoSuchAlgorithmException failure = null; - for (Iterator t = services.iterator(); t.hasNext(); ) { - Service s = (Service)t.next(); + for (Service s : services) { if (canUseProvider(s.getProvider()) == false) { // allow only signed providers continue; @@ -213,16 +212,17 @@ } // reference to a Map we use as a cache for codebases - private static final Map codeBaseCacheRef = new WeakHashMap(); + private static final Map<Class<?>, URL> codeBaseCacheRef = + new WeakHashMap<>(); /* * Retuns the CodeBase for the given class. */ - static URL getCodeBase(final Class clazz) { - URL url = (URL)codeBaseCacheRef.get(clazz); + static URL getCodeBase(final Class<?> clazz) { + URL url = codeBaseCacheRef.get(clazz); if (url == null) { - url = (URL)AccessController.doPrivileged(new PrivilegedAction() { - public Object run() { + url = AccessController.doPrivileged(new PrivilegedAction<URL>() { + public URL run() { ProtectionDomain pd = clazz.getProtectionDomain(); if (pd != null) { CodeSource cs = pd.getCodeSource(); @@ -290,9 +290,9 @@ JarFile jf = new JarFile(jarPathName); - Enumeration entries = jf.entries(); + Enumeration<JarEntry> entries = jf.entries(); while (entries.hasMoreElements()) { - JarEntry je = (JarEntry)entries.nextElement(); + JarEntry je = entries.nextElement(); InputStream is = null; try { if (je.getName().startsWith("default_")) {
--- a/jdk/src/share/classes/javax/crypto/JceSecurityManager.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/JceSecurityManager.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -28,7 +28,6 @@ import java.security.*; import java.net.*; import java.util.*; -import java.util.jar.*; /** * The JCE security manager. @@ -50,8 +49,10 @@ private static final CryptoPermissions defaultPolicy; private static final CryptoPermissions exemptPolicy; private static final CryptoAllPermission allPerm; - private static final Vector TrustedCallersCache = new Vector(2); - private static final Map exemptCache = new HashMap(); + private static final Vector<Class<?>> TrustedCallersCache = + new Vector<>(2); + private static final Map<URL, CryptoPermissions> exemptCache = + new HashMap<>(); // singleton instance static final JceSecurityManager INSTANCE; @@ -60,12 +61,12 @@ defaultPolicy = JceSecurity.getDefaultPolicy(); exemptPolicy = JceSecurity.getExemptPolicy(); allPerm = CryptoAllPermission.INSTANCE; - INSTANCE = (JceSecurityManager) - AccessController.doPrivileged(new PrivilegedAction() { - public Object run() { - return new JceSecurityManager(); - } - }); + INSTANCE = AccessController.doPrivileged( + new PrivilegedAction<JceSecurityManager>() { + public JceSecurityManager run() { + return new JceSecurityManager(); + } + }); } private JceSecurityManager() { @@ -94,11 +95,11 @@ // javax.crypto.* packages. // NOTE: javax.crypto.* package maybe subject to package // insertion, so need to check its classloader as well. - Class[] context = getClassContext(); + Class<?>[] context = getClassContext(); URL callerCodeBase = null; int i; for (i=0; i<context.length; i++) { - Class cls = context[i]; + Class<?> cls = context[i]; callerCodeBase = JceSecurity.getCodeBase(cls); if (callerCodeBase != null) { break; @@ -119,7 +120,7 @@ CryptoPermissions appPerms; synchronized (this.getClass()) { if (exemptCache.containsKey(callerCodeBase)) { - appPerms = (CryptoPermissions)exemptCache.get(callerCodeBase); + appPerms = exemptCache.get(callerCodeBase); } else { appPerms = getAppPermissions(callerCodeBase); exemptCache.put(callerCodeBase, appPerms); @@ -143,7 +144,7 @@ if (appPc == null) { return defaultPerm; } - Enumeration enum_ = appPc.elements(); + Enumeration<Permission> enum_ = appPc.elements(); while (enum_.hasMoreElements()) { CryptoPermission cp = (CryptoPermission)enum_.nextElement(); if (cp.getExemptionMechanism() == null) { @@ -215,7 +216,7 @@ * Returns the default permission for the given algorithm. */ private CryptoPermission getDefaultPermission(String alg) { - Enumeration enum_ = + Enumeration<Permission> enum_ = defaultPolicy.getPermissionCollection(alg).elements(); return (CryptoPermission)enum_.nextElement(); }
--- a/jdk/src/share/classes/javax/crypto/KeyAgreement.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/KeyAgreement.java Mon Aug 15 11:48:20 2011 -0700 @@ -93,7 +93,7 @@ // remaining services to try in provider selection // null once provider is selected - private Iterator serviceIterator; + private Iterator<Service> serviceIterator; private final Object lock; @@ -112,7 +112,7 @@ lock = null; } - private KeyAgreement(Service s, Iterator t, String algorithm) { + private KeyAgreement(Service s, Iterator<Service> t, String algorithm) { firstService = s; serviceIterator = t; this.algorithm = algorithm; @@ -165,11 +165,12 @@ */ public static final KeyAgreement getInstance(String algorithm) throws NoSuchAlgorithmException { - List services = GetInstance.getServices("KeyAgreement", algorithm); + List<Service> services = + GetInstance.getServices("KeyAgreement", algorithm); // make sure there is at least one service from a signed provider - Iterator t = services.iterator(); + Iterator<Service> t = services.iterator(); while (t.hasNext()) { - Service s = (Service)t.next(); + Service s = t.next(); if (JceSecurity.canUseProvider(s.getProvider()) == false) { continue; } @@ -301,7 +302,7 @@ s = firstService; firstService = null; } else { - s = (Service)serviceIterator.next(); + s = serviceIterator.next(); } if (JceSecurity.canUseProvider(s.getProvider()) == false) { continue; @@ -358,7 +359,7 @@ s = firstService; firstService = null; } else { - s = (Service)serviceIterator.next(); + s = serviceIterator.next(); } // if provider says it does not support this key, ignore it if (s.supportsParameter(key) == false) {
--- a/jdk/src/share/classes/javax/crypto/KeyGenerator.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/KeyGenerator.java Mon Aug 15 11:48:20 2011 -0700 @@ -127,7 +127,7 @@ private final Object lock = new Object(); - private Iterator serviceIterator; + private Iterator<Service> serviceIterator; private int initType; private int initKeySize; @@ -150,7 +150,8 @@ private KeyGenerator(String algorithm) throws NoSuchAlgorithmException { this.algorithm = algorithm; - List list = GetInstance.getServices("KeyGenerator", algorithm); + List<Service> list = + GetInstance.getServices("KeyGenerator", algorithm); serviceIterator = list.iterator(); initType = I_NONE; // fetch and instantiate initial spi @@ -320,7 +321,7 @@ return null; } while (serviceIterator.hasNext()) { - Service s = (Service)serviceIterator.next(); + Service s = serviceIterator.next(); if (JceSecurity.canUseProvider(s.getProvider()) == false) { continue; }
--- a/jdk/src/share/classes/javax/crypto/Mac.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/Mac.java Mon Aug 15 11:48:20 2011 -0700 @@ -95,7 +95,7 @@ // remaining services to try in provider selection // null once provider is selected - private Iterator serviceIterator; + private Iterator<Service> serviceIterator; private final Object lock; @@ -114,7 +114,7 @@ lock = null; } - private Mac(Service s, Iterator t, String algorithm) { + private Mac(Service s, Iterator<Service> t, String algorithm) { firstService = s; serviceIterator = t; this.algorithm = algorithm; @@ -163,11 +163,11 @@ */ public static final Mac getInstance(String algorithm) throws NoSuchAlgorithmException { - List services = GetInstance.getServices("Mac", algorithm); + List<Service> services = GetInstance.getServices("Mac", algorithm); // make sure there is at least one service from a signed provider - Iterator t = services.iterator(); + Iterator<Service> t = services.iterator(); while (t.hasNext()) { - Service s = (Service)t.next(); + Service s = t.next(); if (JceSecurity.canUseProvider(s.getProvider()) == false) { continue; } @@ -288,7 +288,7 @@ s = firstService; firstService = null; } else { - s = (Service)serviceIterator.next(); + s = serviceIterator.next(); } if (JceSecurity.canUseProvider(s.getProvider()) == false) { continue; @@ -331,7 +331,7 @@ s = firstService; firstService = null; } else { - s = (Service)serviceIterator.next(); + s = serviceIterator.next(); } // if provider says it does not support this key, ignore it if (s.supportsParameter(key) == false) {
--- a/jdk/src/share/classes/javax/crypto/SealedObject.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/SealedObject.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -193,11 +193,11 @@ * @exception NullPointerException if the given sealed object is null. */ protected SealedObject(SealedObject so) { - this.encryptedContent = (byte[]) so.encryptedContent.clone(); + this.encryptedContent = so.encryptedContent.clone(); this.sealAlg = so.sealAlg; this.paramsAlg = so.paramsAlg; if (so.encodedParams != null) { - this.encodedParams = (byte[]) so.encodedParams.clone(); + this.encodedParams = so.encodedParams.clone(); } else { this.encodedParams = null; } @@ -353,10 +353,8 @@ try { return unseal(key, provider); - } catch (IllegalBlockSizeException ibse) { - throw new InvalidKeyException(ibse.getMessage()); - } catch (BadPaddingException bpe) { - throw new InvalidKeyException(bpe.getMessage()); + } catch (IllegalBlockSizeException | BadPaddingException ex) { + throw new InvalidKeyException(ex.getMessage()); } } @@ -450,9 +448,9 @@ { s.defaultReadObject(); if (encryptedContent != null) - encryptedContent = (byte[])encryptedContent.clone(); + encryptedContent = encryptedContent.clone(); if (encodedParams != null) - encodedParams = (byte[])encodedParams.clone(); + encodedParams = encodedParams.clone(); } } @@ -465,7 +463,7 @@ super(in); } - protected Class resolveClass(ObjectStreamClass v) + protected Class<?> resolveClass(ObjectStreamClass v) throws IOException, ClassNotFoundException {
--- a/jdk/src/share/classes/javax/crypto/SecretKeyFactory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/SecretKeyFactory.java Mon Aug 15 11:48:20 2011 -0700 @@ -96,7 +96,7 @@ // remaining services to try in provider selection // null once provider is selected - private Iterator serviceIterator; + private Iterator<Service> serviceIterator; /** * Creates a SecretKeyFactory object. @@ -114,7 +114,8 @@ private SecretKeyFactory(String algorithm) throws NoSuchAlgorithmException { this.algorithm = algorithm; - List list = GetInstance.getServices("SecretKeyFactory", algorithm); + List<Service> list = + GetInstance.getServices("SecretKeyFactory", algorithm); serviceIterator = list.iterator(); // fetch and instantiate initial spi if (nextSpi(null) == null) { @@ -290,7 +291,7 @@ return null; } while (serviceIterator.hasNext()) { - Service s = (Service)serviceIterator.next(); + Service s = serviceIterator.next(); if (JceSecurity.canUseProvider(s.getProvider()) == false) { continue; } @@ -367,7 +368,7 @@ * (e.g., the given key has an algorithm or format not supported by this * secret-key factory). */ - public final KeySpec getKeySpec(SecretKey key, Class keySpec) + public final KeySpec getKeySpec(SecretKey key, Class<?> keySpec) throws InvalidKeySpecException { if (serviceIterator == null) { return spi.engineGetKeySpec(key, keySpec);
--- a/jdk/src/share/classes/javax/crypto/SecretKeyFactorySpi.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/SecretKeyFactorySpi.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -88,7 +88,7 @@ * (e.g., the given key has an algorithm or format not supported by this * secret-key factory). */ - protected abstract KeySpec engineGetKeySpec(SecretKey key, Class keySpec) + protected abstract KeySpec engineGetKeySpec(SecretKey key, Class<?> keySpec) throws InvalidKeySpecException; /**
--- a/jdk/src/share/classes/javax/crypto/spec/DESKeySpec.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/spec/DESKeySpec.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -165,7 +165,7 @@ * each time this method is called. */ public byte[] getKey() { - return (byte[])this.key.clone(); + return this.key.clone(); } /**
--- a/jdk/src/share/classes/javax/crypto/spec/DESedeKeySpec.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/spec/DESedeKeySpec.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -95,7 +95,7 @@ * each time this method is called. */ public byte[] getKey() { - return (byte[])this.key.clone(); + return this.key.clone(); } /**
--- a/jdk/src/share/classes/javax/crypto/spec/IvParameterSpec.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/spec/IvParameterSpec.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -94,6 +94,6 @@ * each time this method is called. */ public byte[] getIV() { - return (byte[])this.iv.clone(); + return this.iv.clone(); } }
--- a/jdk/src/share/classes/javax/crypto/spec/PBEKeySpec.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/spec/PBEKeySpec.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -80,7 +80,7 @@ if ((password == null) || (password.length == 0)) { this.password = new char[0]; } else { - this.password = (char[])password.clone(); + this.password = password.clone(); } } @@ -109,7 +109,7 @@ if ((password == null) || (password.length == 0)) { this.password = new char[0]; } else { - this.password = (char[])password.clone(); + this.password = password.clone(); } if (salt == null) { throw new NullPointerException("the salt parameter " + @@ -118,7 +118,7 @@ throw new IllegalArgumentException("the salt parameter " + "must not be empty"); } else { - this.salt = (byte[]) salt.clone(); + this.salt = salt.clone(); } if (iterationCount<=0) { throw new IllegalArgumentException("invalid iterationCount value"); @@ -151,7 +151,7 @@ if ((password == null) || (password.length == 0)) { this.password = new char[0]; } else { - this.password = (char[])password.clone(); + this.password = password.clone(); } if (salt == null) { throw new NullPointerException("the salt parameter " + @@ -160,7 +160,7 @@ throw new IllegalArgumentException("the salt parameter " + "must not be empty"); } else { - this.salt = (byte[]) salt.clone(); + this.salt = salt.clone(); } if (iterationCount<=0) { throw new IllegalArgumentException("invalid iterationCount value"); @@ -196,7 +196,7 @@ if (password == null) { throw new IllegalStateException("password has been cleared"); } - return (char[]) password.clone(); + return password.clone(); } /** @@ -210,7 +210,7 @@ */ public final byte[] getSalt() { if (salt != null) { - return (byte[]) salt.clone(); + return salt.clone(); } else { return null; }
--- a/jdk/src/share/classes/javax/crypto/spec/PBEParameterSpec.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/spec/PBEParameterSpec.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package javax.crypto.spec; -import java.math.BigInteger; import java.security.spec.AlgorithmParameterSpec; /** @@ -53,7 +52,7 @@ * @exception NullPointerException if <code>salt</code> is null. */ public PBEParameterSpec(byte[] salt, int iterationCount) { - this.salt = (byte[])salt.clone(); + this.salt = salt.clone(); this.iterationCount = iterationCount; } @@ -64,7 +63,7 @@ * each time this method is called. */ public byte[] getSalt() { - return (byte[])this.salt.clone(); + return this.salt.clone(); } /**
--- a/jdk/src/share/classes/javax/crypto/spec/PSource.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/spec/PSource.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,9 +25,6 @@ package javax.crypto.spec; -import java.math.BigInteger; -import java.security.spec.AlgorithmParameterSpec; - /** * This class specifies the source for encoding input P in OAEP Padding, * as defined in the @@ -97,7 +94,7 @@ */ public PSpecified(byte[] p) { super("PSpecified"); - this.p = (byte[]) p.clone(); + this.p = p.clone(); } /** * Returns the value of encoding input P. @@ -105,7 +102,7 @@ * returned each time this method is called. */ public byte[] getValue() { - return (p.length==0? p: (byte[])p.clone()); + return (p.length==0? p: p.clone()); } } }
--- a/jdk/src/share/classes/javax/crypto/spec/RC2ParameterSpec.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/spec/RC2ParameterSpec.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -117,7 +117,7 @@ * Returns a new array each time this method is called. */ public byte[] getIV() { - return (iv == null? null:(byte[])iv.clone()); + return (iv == null? null:iv.clone()); } /**
--- a/jdk/src/share/classes/javax/crypto/spec/RC5ParameterSpec.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/spec/RC5ParameterSpec.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -157,7 +157,7 @@ * Returns a new array each time this method is called. */ public byte[] getIV() { - return (iv == null? null:(byte[])iv.clone()); + return (iv == null? null:iv.clone()); } /**
--- a/jdk/src/share/classes/javax/crypto/spec/SecretKeySpec.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/javax/crypto/spec/SecretKeySpec.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,8 +25,6 @@ package javax.crypto.spec; -import java.io.UnsupportedEncodingException; -import java.security.Key; import java.security.spec.KeySpec; import javax.crypto.SecretKey; @@ -95,7 +93,7 @@ if (key.length == 0) { throw new IllegalArgumentException("Empty key"); } - this.key = (byte[])key.clone(); + this.key = key.clone(); this.algorithm = algorithm; } @@ -181,7 +179,7 @@ * each time this method is called. */ public byte[] getEncoded() { - return (byte[])this.key.clone(); + return this.key.clone(); } /**
--- a/jdk/src/share/classes/sun/security/acl/AclEntryImpl.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/acl/AclEntryImpl.java Mon Aug 15 11:48:20 2011 -0700 @@ -25,7 +25,6 @@ package sun.security.acl; import java.util.*; -import java.io.*; import java.security.Principal; import java.security.acl.*; @@ -162,6 +161,7 @@ /** * Clones an AclEntry. */ + @SuppressWarnings("unchecked") // Safe casts assuming clone() works correctly public synchronized Object clone() { AclEntryImpl cloned; cloned = new AclEntryImpl(user);
--- a/jdk/src/share/classes/sun/security/action/PutAllAction.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/action/PutAllAction.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -41,9 +41,9 @@ public class PutAllAction implements PrivilegedAction<Void> { private final Provider provider; - private final Map map; + private final Map<?, ?> map; - public PutAllAction(Provider provider, Map map) { + public PutAllAction(Provider provider, Map<?, ?> map) { this.provider = provider; this.map = map; }
--- a/jdk/src/share/classes/sun/security/ec/ECDSASignature.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/ec/ECDSASignature.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,10 +25,8 @@ package sun.security.ec; -import java.io.IOException; import java.nio.ByteBuffer; import java.math.BigInteger; -import java.util.Arrays; import java.security.*; import java.security.interfaces.*; @@ -36,7 +34,6 @@ import sun.security.jca.JCAUtil; import sun.security.util.*; -import sun.security.x509.AlgorithmId; /** * ECDSA signature implementation. This class currently supports the
--- a/jdk/src/share/classes/sun/security/ec/ECKeyFactory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/ec/ECKeyFactory.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -61,7 +61,9 @@ public final static Provider ecInternalProvider; static { - final Provider p = new Provider("SunEC-Internal", 1.0d, null) {}; + final Provider p = new Provider("SunEC-Internal", 1.0d, null) { + private static final long serialVersionUID = 970685700309471261L; + }; AccessController.doPrivileged(new PrivilegedAction<Void>() { public Void run() { p.put("KeyFactory.EC", "sun.security.ec.ECKeyFactory"); @@ -262,12 +264,12 @@ if (key instanceof ECPublicKey) { ECPublicKey ecKey = (ECPublicKey)key; if (ECPublicKeySpec.class.isAssignableFrom(keySpec)) { - return (T) new ECPublicKeySpec( + return keySpec.cast(new ECPublicKeySpec( ecKey.getW(), ecKey.getParams() - ); + )); } else if (X509EncodedKeySpec.class.isAssignableFrom(keySpec)) { - return (T) new X509EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new X509EncodedKeySpec(key.getEncoded())); } else { throw new InvalidKeySpecException ("KeySpec must be ECPublicKeySpec or " @@ -275,13 +277,13 @@ } } else if (key instanceof ECPrivateKey) { if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec)) { - return (T) new PKCS8EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded())); } else if (ECPrivateKeySpec.class.isAssignableFrom(keySpec)) { ECPrivateKey ecKey = (ECPrivateKey)key; - return (T) new ECPrivateKeySpec( + return keySpec.cast(new ECPrivateKeySpec( ecKey.getS(), ecKey.getParams() - ); + )); } else { throw new InvalidKeySpecException ("KeySpec must be ECPrivateKeySpec or "
--- a/jdk/src/share/classes/sun/security/ec/ECParameters.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/ec/ECParameters.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -326,9 +326,9 @@ protected <T extends AlgorithmParameterSpec> T engineGetParameterSpec(Class<T> spec) throws InvalidParameterSpecException { if (spec.isAssignableFrom(ECParameterSpec.class)) { - return (T)paramSpec; + return spec.cast(paramSpec); } else if (spec.isAssignableFrom(ECGenParameterSpec.class)) { - return (T)new ECGenParameterSpec(getCurveName(paramSpec)); + return spec.cast(new ECGenParameterSpec(getCurveName(paramSpec))); } else { throw new InvalidParameterSpecException ("Only ECParameterSpec and ECGenParameterSpec supported");
--- a/jdk/src/share/classes/sun/security/jca/GetInstance.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/jca/GetInstance.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -149,7 +149,7 @@ * There are overloaded methods for all the permutations. */ - public static Instance getInstance(String type, Class clazz, + public static Instance getInstance(String type, Class<?> clazz, String algorithm) throws NoSuchAlgorithmException { // in the almost all cases, the first service will work // avoid taking long path if so @@ -181,7 +181,7 @@ throw failure; } - public static Instance getInstance(String type, Class clazz, + public static Instance getInstance(String type, Class<?> clazz, String algorithm, Object param) throws NoSuchAlgorithmException { List<Service> services = getServices(type, algorithm); NoSuchAlgorithmException failure = null; @@ -200,25 +200,25 @@ } } - public static Instance getInstance(String type, Class clazz, + public static Instance getInstance(String type, Class<?> clazz, String algorithm, String provider) throws NoSuchAlgorithmException, NoSuchProviderException { return getInstance(getService(type, algorithm, provider), clazz); } - public static Instance getInstance(String type, Class clazz, + public static Instance getInstance(String type, Class<?> clazz, String algorithm, Object param, String provider) throws NoSuchAlgorithmException, NoSuchProviderException { return getInstance(getService(type, algorithm, provider), clazz, param); } - public static Instance getInstance(String type, Class clazz, + public static Instance getInstance(String type, Class<?> clazz, String algorithm, Provider provider) throws NoSuchAlgorithmException { return getInstance(getService(type, algorithm, provider), clazz); } - public static Instance getInstance(String type, Class clazz, + public static Instance getInstance(String type, Class<?> clazz, String algorithm, Object param, Provider provider) throws NoSuchAlgorithmException { return getInstance(getService(type, algorithm, provider), clazz, param); @@ -231,14 +231,14 @@ * Signature class. */ - public static Instance getInstance(Service s, Class clazz) + public static Instance getInstance(Service s, Class<?> clazz) throws NoSuchAlgorithmException { Object instance = s.newInstance(null); checkSuperClass(s, instance.getClass(), clazz); return new Instance(s.getProvider(), instance); } - public static Instance getInstance(Service s, Class clazz, + public static Instance getInstance(Service s, Class<?> clazz, Object param) throws NoSuchAlgorithmException { Object instance = s.newInstance(param); checkSuperClass(s, instance.getClass(), clazz); @@ -249,8 +249,8 @@ * Check is subClass is a subclass of superClass. If not, * throw a NoSuchAlgorithmException. */ - public static void checkSuperClass(Service s, Class subClass, - Class superClass) throws NoSuchAlgorithmException { + public static void checkSuperClass(Service s, Class<?> subClass, + Class<?> superClass) throws NoSuchAlgorithmException { if (superClass == null) { return; }
--- a/jdk/src/share/classes/sun/security/jca/ProviderList.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/jca/ProviderList.java Mon Aug 15 11:48:20 2011 -0700 @@ -69,6 +69,7 @@ // used to avoid explicit null checks in various places private static final Provider EMPTY_PROVIDER = new Provider("##Empty##", 1.0d, "initialization in progress") { + private static final long serialVersionUID = 1151354171352296389L; // override getService() to return null slightly faster public Service getService(String type, String algorithm) { return null;
--- a/jdk/src/share/classes/sun/security/jca/Providers.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/jca/Providers.java Mon Aug 15 11:48:20 2011 -0700 @@ -25,10 +25,7 @@ package sun.security.jca; -import java.util.*; - import java.security.Provider; -import java.security.Security; /** * Collection of methods to get and set provider list. Also includes @@ -97,11 +94,11 @@ // sun.security.util.ManifestEntryVerifier and java.security.SecureRandom. public static Provider getSunProvider() { try { - Class clazz = Class.forName(jarVerificationProviders[0]); + Class<?> clazz = Class.forName(jarVerificationProviders[0]); return (Provider)clazz.newInstance(); } catch (Exception e) { try { - Class clazz = Class.forName(BACKUP_PROVIDER_CLASSNAME); + Class<?> clazz = Class.forName(BACKUP_PROVIDER_CLASSNAME); return (Provider)clazz.newInstance(); } catch (Exception ee) { throw new RuntimeException("Sun provider not found", e);
--- a/jdk/src/share/classes/sun/security/jgss/GSSUtil.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/jgss/GSSUtil.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -316,24 +316,25 @@ * no Subject present or a Vector which contains 0 or more * matching GSSCredentialSpi objects. */ - public static Vector searchSubject(final GSSNameSpi name, - final Oid mech, - final boolean initiate, - final Class credCls) { + public static <T extends GSSCredentialSpi> Vector<T> + searchSubject(final GSSNameSpi name, + final Oid mech, + final boolean initiate, + final Class<? extends T> credCls) { debug("Search Subject for " + getMechStr(mech) + (initiate? " INIT" : " ACCEPT") + " cred (" + (name == null? "<<DEF>>" : name.toString()) + ", " + credCls.getName() + ")"); final AccessControlContext acc = AccessController.getContext(); try { - Vector creds = + Vector<T> creds = AccessController.doPrivileged - (new PrivilegedExceptionAction<Vector>() { - public Vector run() throws Exception { + (new PrivilegedExceptionAction<Vector<T>>() { + public Vector<T> run() throws Exception { Subject accSubj = Subject.getSubject(acc); - Vector<GSSCredentialSpi> result = null; + Vector<T> result = null; if (accSubj != null) { - result = new Vector<GSSCredentialSpi>(); + result = new Vector<T>(); Iterator<GSSCredentialImpl> iterator = accSubj.getPrivateCredentials (GSSCredentialImpl.class).iterator(); @@ -347,7 +348,7 @@ if (ce.getClass().equals(credCls) && (name == null || name.equals((Object) ce.getName()))) { - result.add(ce); + result.add(credCls.cast(ce)); } else { debug("......Discard element"); }
--- a/jdk/src/share/classes/sun/security/jgss/krb5/CipherHelper.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/jgss/krb5/CipherHelper.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -139,6 +139,7 @@ return flag; } + @SuppressWarnings("fallthrough") byte[] calculateChecksum(int alg, byte[] header, byte[] trailer, byte[] data, int start, int len, int tokenId) throws GSSException { @@ -1265,7 +1266,7 @@ // Note: When using this RC4 based encryption type, the sequence number // is always sent in big-endian rather than little-endian order. byte[] seqNum = new byte[4]; - token.writeBigEndian(token.getSequenceNumber(), seqNum); + WrapToken.writeBigEndian(token.getSequenceNumber(), seqNum); // Krb5Token.debug("\narcFourEncrypt:" + Krb5Token.getHexBytes(all));
--- a/jdk/src/share/classes/sun/security/jgss/krb5/Krb5Context.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/jgss/krb5/Krb5Context.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1310,6 +1310,8 @@ * The session key returned by inquireSecContext(KRB5_INQ_SSPI_SESSION_KEY) */ static class KerberosSessionKey implements Key { + private static final long serialVersionUID = 699307378954123869L; + private final EncryptionKey key; KerberosSessionKey(EncryptionKey key) {
--- a/jdk/src/share/classes/sun/security/jgss/krb5/Krb5Util.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/jgss/krb5/Krb5Util.java Mon Aug 15 11:48:20 2011 -0700 @@ -193,6 +193,8 @@ // Each time new keys are read from KeyTab objects in the private // credentials set, old ones are removed and new ones added. public static class KeysFromKeyTab extends KerberosKey { + private static final long serialVersionUID = 8238092170252746927L; + public KeysFromKeyTab(KerberosKey key) { super(key.getPrincipal(), key.getEncoded(), key.getKeyType(), key.getVersionNumber());
--- a/jdk/src/share/classes/sun/security/jgss/krb5/MessageToken.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/jgss/krb5/MessageToken.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,12 +27,10 @@ import org.ietf.jgss.*; import sun.security.jgss.*; -import sun.security.krb5.*; import java.io.InputStream; import java.io.OutputStream; import java.io.IOException; import java.io.ByteArrayInputStream; -import java.security.GeneralSecurityException; import java.security.MessageDigest; /** @@ -184,7 +182,7 @@ try { gssHeader = new GSSHeader(is); - if (!gssHeader.getOid().equals(OID)) { + if (!gssHeader.getOid().equals((Object)OID)) { throw new GSSException(GSSException.DEFECTIVE_TOKEN, -1, getTokenName(tokenId)); }
--- a/jdk/src/share/classes/sun/security/jgss/krb5/SubjectComber.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/jgss/krb5/SubjectComber.java Mon Aug 15 11:48:20 2011 -0700 @@ -56,15 +56,17 @@ static <T> T find(Subject subject, String serverPrincipal, String clientPrincipal, Class<T> credClass) { - return (T)findAux(subject, serverPrincipal, clientPrincipal, credClass, - true); + // findAux returns T if oneOnly. + return credClass.cast(findAux(subject, serverPrincipal, + clientPrincipal, credClass, true)); } + @SuppressWarnings("unchecked") // findAux returns List<T> if !oneOnly. static <T> List<T> findMany(Subject subject, String serverPrincipal, String clientPrincipal, Class<T> credClass) { - return (List<T>)findAux(subject, serverPrincipal, clientPrincipal, credClass, - false); + return (List<T>)findAux(subject, serverPrincipal, clientPrincipal, + credClass, false); } /** @@ -73,6 +75,7 @@ * * @return the private credentials */ + // Returns T if oneOnly and List<T> if !oneOnly. private static <T> Object findAux(Subject subject, String serverPrincipal, String clientPrincipal, Class<T> credClass, boolean oneOnly) { @@ -98,11 +101,11 @@ } } else if (credClass == KerberosKey.class) { // We are looking for credentials for the serverPrincipal - Iterator<T> iterator = - subject.getPrivateCredentials(credClass).iterator(); + Iterator<KerberosKey> iterator = + subject.getPrivateCredentials(KerberosKey.class).iterator(); while (iterator.hasNext()) { - T t = iterator.next(); - String name = ((KerberosKey)t).getPrincipal().getName(); + KerberosKey t = iterator.next(); + String name = t.getPrincipal().getName(); if (serverPrincipal == null || serverPrincipal.equals(name)) { if (DEBUG) { System.out.println("Found " + @@ -116,7 +119,7 @@ // belong to the same principal serverPrincipal = name; } - answer.add(t); + answer.add(credClass.cast(t)); } } } @@ -129,6 +132,7 @@ while (iterator.hasNext()) { Object obj = iterator.next(); if (obj instanceof KerberosTicket) { + @SuppressWarnings("unchecked") KerberosTicket ticket = (KerberosTicket)obj; if (DEBUG) { System.out.println("Found ticket for " @@ -180,7 +184,7 @@ serverPrincipal = ticket.getServer().getName(); } - answer.add((T)ticket); + answer.add(credClass.cast(ticket)); } } }
--- a/jdk/src/share/classes/sun/security/jgss/spnego/SpNegoContext.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/jgss/spnego/SpNegoContext.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1016,7 +1016,7 @@ // get the peer name for the mechanism if (mechContext != null) { GSSNameImpl targName = (GSSNameImpl)mechContext.getTargName(); - peerName = (GSSNameSpi) targName.getElement(internal_mech); + peerName = targName.getElement(internal_mech); return peerName; } else { if (DEBUG) { @@ -1032,7 +1032,7 @@ // get the src name for the mechanism if (mechContext != null) { GSSNameImpl srcName = (GSSNameImpl)mechContext.getSrcName(); - myName = (GSSNameSpi) srcName.getElement(internal_mech); + myName = srcName.getElement(internal_mech); return myName; } else { if (DEBUG) { @@ -1064,8 +1064,8 @@ if (delegCred.getUsage() == GSSCredential.INITIATE_ONLY) { initiate = true; } - GSSCredentialSpi mechCred = (GSSCredentialSpi) - delegCred.getElement(internal_mech, initiate); + GSSCredentialSpi mechCred = + delegCred.getElement(internal_mech, initiate); SpNegoCredElement cred = new SpNegoCredElement(mechCred); return cred.getInternalCred(); } else {
--- a/jdk/src/share/classes/sun/security/jgss/wrapper/NativeGSSFactory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/jgss/wrapper/NativeGSSFactory.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -113,8 +113,7 @@ } GSSCredElement credElement = - getCredFromSubject((GSSNameElement) nname, - (usage == GSSCredential.INITIATE_ONLY)); + getCredFromSubject(nname, (usage == GSSCredential.INITIATE_ONLY)); if (credElement == null) { // No cred in the Subject
--- a/jdk/src/share/classes/sun/security/jgss/wrapper/SunNativeProvider.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/jgss/wrapper/SunNativeProvider.java Mon Aug 15 11:48:20 2011 -0700 @@ -52,7 +52,7 @@ "sun.security.jgss.wrapper.NativeGSSFactory"; private static final String LIB_PROP = "sun.security.jgss.lib"; private static final String DEBUG_PROP = "sun.security.nativegss.debug"; - private static HashMap MECH_MAP; + private static HashMap<String, String> MECH_MAP; static final Provider INSTANCE = new SunNativeProvider(); static boolean DEBUG; static void debug(String message) { @@ -66,8 +66,9 @@ static { MECH_MAP = - AccessController.doPrivileged(new PrivilegedAction<HashMap>() { - public HashMap run() { + AccessController.doPrivileged( + new PrivilegedAction<HashMap<String, String>>() { + public HashMap<String, String> run() { DEBUG = Boolean.parseBoolean (System.getProperty(DEBUG_PROP)); try {
--- a/jdk/src/share/classes/sun/security/krb5/Checksum.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/krb5/Checksum.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -199,7 +199,7 @@ if (cksumType != cksum.cksumType) return false; CksumType cksumEngine = CksumType.getInstance(cksumType); - return cksumEngine.isChecksumEqual(checksum, cksum.checksum); + return CksumType.isChecksumEqual(checksum, cksum.checksum); } /**
--- a/jdk/src/share/classes/sun/security/krb5/Config.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/krb5/Config.java Mon Aug 15 11:48:20 2011 -0700 @@ -45,7 +45,6 @@ import java.util.List; import sun.net.dns.ResolverConfiguration; import sun.security.krb5.internal.crypto.EType; -import sun.security.krb5.internal.ktab.*; import sun.security.krb5.internal.Krb5; /** @@ -233,15 +232,18 @@ * @return the value found in config file, returns null if no value * matched with the key is found. */ - private String getDefault(String k, Hashtable t) { + private String getDefault(String k, Hashtable<String, Object> t) { String result = null; String key; if (stanzaTable != null) { - for (Enumeration e = t.keys(); e.hasMoreElements(); ) { - key = (String)e.nextElement(); + for (Enumeration<String> e = t.keys(); e.hasMoreElements(); ) { + key = e.nextElement(); Object ob = t.get(key); if (ob instanceof Hashtable) { - result = getDefault(k, (Hashtable)ob); + @SuppressWarnings("unchecked") // Checked with an instanceof check + Hashtable<String, Object> table = + (Hashtable<String, Object>)ob; + result = getDefault(k, table); if (result != null) { return result; } @@ -276,15 +278,20 @@ * @param section the name of the section. * @return the default value, null is returned if it cannot be found. */ + // stanzaTable leads to a lot of unchecked casts since its value type is + // STANZATABLE = String | Hashtable<String, STANZATABLE> + @SuppressWarnings("unchecked") public String getDefault(String name, String section) { String stanzaName; String result = null; - Hashtable subTable; + Hashtable<String, Object> subTable; if (stanzaTable != null) { - for (Enumeration e = stanzaTable.keys(); e.hasMoreElements(); ) { - stanzaName = (String)e.nextElement(); - subTable = (Hashtable)stanzaTable.get(stanzaName); + for (Enumeration<String> e = stanzaTable.keys(); + e.hasMoreElements(); ) { + stanzaName = e.nextElement(); + subTable = (Hashtable<String, Object>) + stanzaTable.get(stanzaName); if (stanzaName.equalsIgnoreCase(section)) { if (subTable.containsKey(name)) { return (String)(subTable.get(name)); @@ -292,7 +299,8 @@ } else if (subTable.containsKey(section)) { Object ob = subTable.get(section); if (ob instanceof Hashtable) { - Hashtable temp = (Hashtable)ob; + Hashtable<String, Object> temp = + (Hashtable<String, Object>)ob; if (temp.containsKey(name)) { Object object = temp.get(name); if (object instanceof Vector) { @@ -819,10 +827,10 @@ /** * Compares the key with the known keys to see if it exists. */ - private boolean exists(String key, Vector v) { + private boolean exists(String key, Vector<String> v) { boolean exists = false; for (int i = 0; i < v.size(); i++) { - if (((String)(v.elementAt(i))).equals(key)) { + if (v.elementAt(i).equals(key)) { exists = true; } } @@ -837,12 +845,15 @@ listTable(stanzaTable); } - private void listTable(Hashtable table) { - Vector v = new Vector(); + // stanzaTable leads to a lot of unchecked casts since its value type is + // STANZATABLE = String | Hashtable<String, STANZATABLE> + @SuppressWarnings("unchecked") + private void listTable(Hashtable<String, Object> table) { + Vector<String> v = new Vector<String>(); String key; if (stanzaTable != null) { - for (Enumeration e = table.keys(); e.hasMoreElements(); ) { - key = (String)e.nextElement(); + for (Enumeration<String> e = table.keys(); e.hasMoreElements(); ) { + key = e.nextElement(); Object object = table.get(key); if (table == stanzaTable) { System.out.println("[" + key + "]"); @@ -850,7 +861,7 @@ if (object instanceof Hashtable) { if (table != stanzaTable) System.out.println("\t" + key + " = {"); - listTable((Hashtable)object); + listTable((Hashtable<String, Object>)object); if (table != stanzaTable) System.out.println("\t}"); @@ -858,10 +869,9 @@ System.out.println("\t" + key + " = " + (String)table.get(key)); } else if (object instanceof Vector) { - v = (Vector)object; + v = (Vector<String>)object; for (int i = 0; i < v.size(); i++) { - System.out.println("\t" + key + " = " + - (String)v.elementAt(i)); + System.out.println("\t" + key + " = " + v.elementAt(i)); } } } @@ -906,7 +916,7 @@ ls.add(type); } } - if (ls.size() == 0) { + if (ls.isEmpty()) { if (DEBUG) { System.out.println( "no supported default etypes for " + enctypes); @@ -1296,7 +1306,7 @@ sb.append(obj); sb.append('\n'); } else if (obj instanceof Hashtable) { - Hashtable tab = (Hashtable)obj; + Hashtable<?, ?> tab = (Hashtable<?, ?>)obj; for (Object o: tab.keySet()) { sb.append(prefix); sb.append(o); @@ -1305,7 +1315,7 @@ sb.append(prefix + "}\n"); } } else if (obj instanceof Vector) { - Vector v = (Vector)obj; + Vector<?> v = (Vector<?>)obj; for (Object o: v.toArray()) { toStringIndented(prefix + " ", o, sb); }
--- a/jdk/src/share/classes/sun/security/krb5/KrbServiceLocator.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/krb5/KrbServiceLocator.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,12 +26,9 @@ package sun.security.krb5; import java.util.Arrays; -import java.util.Enumeration; import java.util.Hashtable; -import java.util.NoSuchElementException; import java.util.Random; import java.util.StringTokenizer; -import java.util.List; import javax.naming.*; import javax.naming.directory.*; @@ -80,7 +77,7 @@ // the initial context constructor. This avoids having the initial // context constructor call itself (when processing the URL // argument in the getAttributes call). - Context ctx = NamingManager.getURLContext("dns", new Hashtable(0)); + Context ctx = NamingManager.getURLContext("dns", new Hashtable<>(0)); if (!(ctx instanceof DirContext)) { return null; // cannot create a DNS context } @@ -141,7 +138,7 @@ // the initial context constructor. This avoids having the initial // context constructor call itself (when processing the URL // argument in the getAttributes call). - Context ctx = NamingManager.getURLContext("dns", new Hashtable(0)); + Context ctx = NamingManager.getURLContext("dns", new Hashtable<>(0)); if (!(ctx instanceof DirContext)) { return null; // cannot create a DNS context } @@ -263,7 +260,7 @@ * See http://www.ietf.org/rfc/rfc2782.txt */ -static class SrvRecord implements Comparable { +static class SrvRecord implements Comparable<SrvRecord> { int priority; int weight; @@ -295,8 +292,7 @@ * Sort records in ascending order of priority value. For records with * equal priority move those with weight 0 to the top of the list. */ - public int compareTo(Object o) { - SrvRecord that = (SrvRecord) o; + public int compareTo(SrvRecord that) { if (priority > that.priority) { return 1; // this > that } else if (priority < that.priority) {
--- a/jdk/src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/krb5/internal/ccache/FileCredentialsCache.java Mon Aug 15 11:48:20 2011 -0700 @@ -69,9 +69,9 @@ try { FileCredentialsCache fcc = new FileCredentialsCache(); if (cache == null) { - cacheName = fcc.getDefaultCacheName(); + cacheName = FileCredentialsCache.getDefaultCacheName(); } else { - cacheName = fcc.checkValidation(cache); + cacheName = FileCredentialsCache.checkValidation(cache); } if ((cacheName == null) || !(new File(cacheName)).exists()) { // invalid cache name or the file doesn't exist @@ -105,7 +105,7 @@ String name) { try { FileCredentialsCache fcc = new FileCredentialsCache(); - cacheName = fcc.checkValidation(name); + cacheName = FileCredentialsCache.checkValidation(name); if (cacheName == null) { // invalid cache name or the file doesn't exist return null; @@ -123,7 +123,7 @@ static synchronized FileCredentialsCache New(PrincipalName principal) { try { FileCredentialsCache fcc = new FileCredentialsCache(); - cacheName = fcc.getDefaultCacheName(); + cacheName = FileCredentialsCache.getDefaultCacheName(); fcc.init(principal, cacheName); return fcc; }
--- a/jdk/src/share/classes/sun/security/pkcs/ContentInfo.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs/ContentInfo.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -163,9 +163,9 @@ } public byte[] getData() throws IOException { - if (contentType.equals(DATA_OID) || - contentType.equals(OLD_DATA_OID) || - contentType.equals(TIMESTAMP_TOKEN_INFO_OID)) { + if (contentType.equals((Object)DATA_OID) || + contentType.equals((Object)OLD_DATA_OID) || + contentType.equals((Object)TIMESTAMP_TOKEN_INFO_OID)) { if (content == null) return null; else
--- a/jdk/src/share/classes/sun/security/pkcs/PKCS10.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs/PKCS10.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2002, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,7 +26,6 @@ package sun.security.pkcs; -import java.io.ByteArrayOutputStream; import java.io.PrintStream; import java.io.IOException; import java.math.BigInteger; @@ -225,7 +224,7 @@ */ AlgorithmId algId = null; try { - algId = AlgorithmId.getAlgorithmId(signature.getAlgorithm()); + algId = AlgorithmId.get(signature.getAlgorithm()); } catch (NoSuchAlgorithmException nsae) { throw new SignatureException(nsae); }
--- a/jdk/src/share/classes/sun/security/pkcs/PKCS7.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs/PKCS7.java Mon Aug 15 11:48:20 2011 -0700 @@ -153,12 +153,13 @@ contentType = contentInfo.contentType; DerValue content = contentInfo.getContent(); - if (contentType.equals(ContentInfo.SIGNED_DATA_OID)) { + if (contentType.equals((Object)ContentInfo.SIGNED_DATA_OID)) { parseSignedData(content); - } else if (contentType.equals(ContentInfo.OLD_SIGNED_DATA_OID)) { + } else if (contentType.equals((Object)ContentInfo.OLD_SIGNED_DATA_OID)) { // This is for backwards compatibility with JDK 1.1.x parseOldSignedData(content); - } else if (contentType.equals(ContentInfo.NETSCAPE_CERT_SEQUENCE_OID)){ + } else if (contentType.equals((Object) + ContentInfo.NETSCAPE_CERT_SEQUENCE_OID)){ parseNetscapeCertChain(content); } else { throw new ParsingException("content type " + contentType + @@ -477,9 +478,7 @@ byte[] encoded = certificates[i].getEncoded(); implCerts[i] = new X509CertImpl(encoded); } catch (CertificateException ce) { - IOException ie = new IOException(ce.getMessage()); - ie.initCause(ce); - throw ie; + throw new IOException(ce); } } } @@ -501,9 +500,7 @@ byte[] encoded = crl.getEncoded(); implCRLs.add(new X509CRLImpl(encoded)); } catch (CRLException ce) { - IOException ie = new IOException(ce.getMessage()); - ie.initCause(ce); - throw ie; + throw new IOException(ce); } } } @@ -562,7 +559,7 @@ intResult.addElement(signerInfo); } } - if (intResult.size() != 0) { + if (!intResult.isEmpty()) { SignerInfo[] result = new SignerInfo[intResult.size()]; intResult.copyInto(result);
--- a/jdk/src/share/classes/sun/security/pkcs/PKCS8Key.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs/PKCS8Key.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1996, 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -208,7 +208,7 @@ throw new InstantiationException(); } - Class keyClass = null; + Class<?> keyClass = null; try { keyClass = Class.forName(classname); } catch (ClassNotFoundException e) { @@ -342,9 +342,9 @@ BigInteger version = val.data.getBigInteger(); - if (!version.equals(this.version)) { + if (!version.equals(PKCS8Key.version)) { throw new IOException("version mismatch: (supported: " + - Debug.toHexString(this.version) + + Debug.toHexString(PKCS8Key.version) + ", parsed: " + Debug.toHexString(version)); }
--- a/jdk/src/share/classes/sun/security/pkcs/PKCS9Attribute.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs/PKCS9Attribute.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -320,11 +320,11 @@ {new Byte(DerValue.tag_Sequence)} // SignatureTimestampToken }; - private static final Class[] VALUE_CLASSES = new Class[18]; + private static final Class<?>[] VALUE_CLASSES = new Class<?>[18]; static { try { - Class str = Class.forName("[Ljava.lang.String;"); + Class<?> str = Class.forName("[Ljava.lang.String;"); VALUE_CLASSES[0] = null; // not used VALUE_CLASSES[1] = str; // EMailAddress
--- a/jdk/src/share/classes/sun/security/pkcs/SignerInfo.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs/SignerInfo.java Mon Aug 15 11:48:20 2011 -0700 @@ -36,7 +36,6 @@ import sun.security.x509.AlgorithmId; import sun.security.x509.X500Name; import sun.security.x509.KeyUsageExtension; -import sun.security.x509.PKIXExtensions; import sun.misc.HexDumpEncoder; /** @@ -300,7 +299,7 @@ authenticatedAttributes.getAttributeValue( PKCS9Attribute.CONTENT_TYPE_OID); if (contentType == null || - !contentType.equals(content.contentType)) + !contentType.equals((Object)content.contentType)) return null; // contentType does not match, bad SignerInfo // now, check message digest @@ -371,11 +370,11 @@ + "extension"); } - boolean digSigAllowed = ((Boolean)keyUsage.get( - KeyUsageExtension.DIGITAL_SIGNATURE)).booleanValue(); + boolean digSigAllowed = keyUsage.get( + KeyUsageExtension.DIGITAL_SIGNATURE).booleanValue(); - boolean nonRepuAllowed = ((Boolean)keyUsage.get( - KeyUsageExtension.NON_REPUDIATION)).booleanValue(); + boolean nonRepuAllowed = keyUsage.get( + KeyUsageExtension.NON_REPUDIATION).booleanValue(); if (!digSigAllowed && !nonRepuAllowed) { throw new SignatureException("Key usage restricted: "
--- a/jdk/src/share/classes/sun/security/pkcs11/Config.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/Config.java Mon Aug 15 11:48:20 2011 -0700 @@ -552,12 +552,13 @@ private boolean parseBoolean() throws IOException { String val = parseWord(); - if (val.equals("true")) { - return true; - } else if (val.equals("false")) { - return false; - } else { - throw excToken("Expected boolean value, read:"); + switch (val) { + case "true": + return true; + case "false": + return false; + default: + throw excToken("Expected boolean value, read:"); } } @@ -886,14 +887,15 @@ private String parseOperation() throws IOException { String op = parseWord(); - if (op.equals("*")) { - return TemplateManager.O_ANY; - } else if (op.equals("generate")) { - return TemplateManager.O_GENERATE; - } else if (op.equals("import")) { - return TemplateManager.O_IMPORT; - } else { - throw excLine("Unknown operation " + op); + switch (op) { + case "*": + return TemplateManager.O_ANY; + case "generate": + return TemplateManager.O_GENERATE; + case "import": + return TemplateManager.O_IMPORT; + default: + throw excLine("Unknown operation " + op); } } @@ -978,6 +980,7 @@ } class ConfigurationException extends IOException { + private static final long serialVersionUID = 254492758807673194L; ConfigurationException(String msg) { super(msg); }
--- a/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java Mon Aug 15 11:48:20 2011 -0700 @@ -258,7 +258,7 @@ // see JCE spec protected byte[] engineGetIV() { - return (iv == null) ? null : (byte[]) iv.clone(); + return (iv == null) ? null : iv.clone(); } // see JCE spec @@ -315,7 +315,7 @@ byte[] ivValue; if (params != null) { try { - IvParameterSpec ivSpec = (IvParameterSpec) + IvParameterSpec ivSpec = params.getParameterSpec(IvParameterSpec.class); ivValue = ivSpec.getIV(); } catch (InvalidParameterSpecException e) {
--- a/jdk/src/share/classes/sun/security/pkcs11/P11DHKeyFactory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/P11DHKeyFactory.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -212,8 +212,8 @@ } } - KeySpec implGetPublicKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (DHPublicKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -227,15 +227,15 @@ attributes[1].getBigInteger(), attributes[2].getBigInteger() ); - return spec; + return keySpec.cast(spec); } else { // X.509 handled in superclass throw new InvalidKeySpecException("Only DHPublicKeySpec and " + "X509EncodedKeySpec supported for DH public keys"); } } - KeySpec implGetPrivateKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (DHPrivateKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -249,7 +249,7 @@ attributes[1].getBigInteger(), attributes[2].getBigInteger() ); - return spec; + return keySpec.cast(spec); } else { // PKCS#8 handled in superclass throw new InvalidKeySpecException("Only DHPrivateKeySpec " + "and PKCS8EncodedKeySpec supported for DH private keys");
--- a/jdk/src/share/classes/sun/security/pkcs11/P11DSAKeyFactory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/P11DSAKeyFactory.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -208,8 +208,8 @@ } } - KeySpec implGetPublicKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (DSAPublicKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -225,15 +225,15 @@ attributes[2].getBigInteger(), attributes[3].getBigInteger() ); - return spec; + return keySpec.cast(spec); } else { // X.509 handled in superclass throw new InvalidKeySpecException("Only DSAPublicKeySpec and " + "X509EncodedKeySpec supported for DSA public keys"); } } - KeySpec implGetPrivateKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (DSAPrivateKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -249,7 +249,7 @@ attributes[2].getBigInteger(), attributes[3].getBigInteger() ); - return spec; + return keySpec.cast(spec); } else { // PKCS#8 handled in superclass throw new InvalidKeySpecException("Only DSAPrivateKeySpec " + "and PKCS8EncodedKeySpec supported for DSA private keys");
--- a/jdk/src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -253,8 +253,8 @@ } } - KeySpec implGetPublicKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (ECPublicKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -265,7 +265,7 @@ try { ECParameterSpec params = decodeParameters(attributes[1].getByteArray()); ECPoint point = decodePoint(attributes[0].getByteArray(), params.getCurve()); - return new ECPublicKeySpec(point, params); + return keySpec.cast(new ECPublicKeySpec(point, params)); } catch (IOException e) { throw new InvalidKeySpecException("Could not parse key", e); } @@ -275,8 +275,8 @@ } } - KeySpec implGetPrivateKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (ECPrivateKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -286,7 +286,8 @@ token.p11.C_GetAttributeValue(session[0].id(), key.keyID, attributes); try { ECParameterSpec params = decodeParameters(attributes[1].getByteArray()); - return new ECPrivateKeySpec(attributes[0].getBigInteger(), params); + return keySpec.cast( + new ECPrivateKeySpec(attributes[0].getBigInteger(), params)); } catch (IOException e) { throw new InvalidKeySpecException("Could not parse key", e); }
--- a/jdk/src/share/classes/sun/security/pkcs11/P11Key.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/P11Key.java Mon Aug 15 11:48:20 2011 -0700 @@ -128,7 +128,7 @@ // see JCA spec public final byte[] getEncoded() { byte[] b = getEncodedInternal(); - return (b == null) ? null : (byte[])b.clone(); + return (b == null) ? null : b.clone(); } abstract byte[] getEncodedInternal(); @@ -299,21 +299,22 @@ // we assume that all components of public keys are always accessible static PublicKey publicKey(Session session, long keyID, String algorithm, int keyLength, CK_ATTRIBUTE[] attributes) { - if (algorithm.equals("RSA")) { - return new P11RSAPublicKey - (session, keyID, algorithm, keyLength, attributes); - } else if (algorithm.equals("DSA")) { - return new P11DSAPublicKey - (session, keyID, algorithm, keyLength, attributes); - } else if (algorithm.equals("DH")) { - return new P11DHPublicKey - (session, keyID, algorithm, keyLength, attributes); - } else if (algorithm.equals("EC")) { - return new P11ECPublicKey - (session, keyID, algorithm, keyLength, attributes); - } else { - throw new ProviderException - ("Unknown public key algorithm " + algorithm); + switch (algorithm) { + case "RSA": + return new P11RSAPublicKey + (session, keyID, algorithm, keyLength, attributes); + case "DSA": + return new P11DSAPublicKey + (session, keyID, algorithm, keyLength, attributes); + case "DH": + return new P11DHPublicKey + (session, keyID, algorithm, keyLength, attributes); + case "EC": + return new P11ECPublicKey + (session, keyID, algorithm, keyLength, attributes); + default: + throw new ProviderException + ("Unknown public key algorithm " + algorithm); } } @@ -328,42 +329,43 @@ return new P11PrivateKey (session, keyID, algorithm, keyLength, attributes); } else { - if (algorithm.equals("RSA")) { - // XXX better test for RSA CRT keys (single getAttributes() call) - // we need to determine whether this is a CRT key - // see if we can obtain the public exponent - // this should also be readable for sensitive/extractable keys - CK_ATTRIBUTE[] attrs2 = new CK_ATTRIBUTE[] { - new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT), - }; - boolean crtKey; - try { - session.token.p11.C_GetAttributeValue - (session.id(), keyID, attrs2); - crtKey = (attrs2[0].pValue instanceof byte[]); - } catch (PKCS11Exception e) { - // ignore, assume not available - crtKey = false; - } - if (crtKey) { - return new P11RSAPrivateKey + switch (algorithm) { + case "RSA": + // XXX better test for RSA CRT keys (single getAttributes() call) + // we need to determine whether this is a CRT key + // see if we can obtain the public exponent + // this should also be readable for sensitive/extractable keys + CK_ATTRIBUTE[] attrs2 = new CK_ATTRIBUTE[] { + new CK_ATTRIBUTE(CKA_PUBLIC_EXPONENT), + }; + boolean crtKey; + try { + session.token.p11.C_GetAttributeValue + (session.id(), keyID, attrs2); + crtKey = (attrs2[0].pValue instanceof byte[]); + } catch (PKCS11Exception e) { + // ignore, assume not available + crtKey = false; + } + if (crtKey) { + return new P11RSAPrivateKey + (session, keyID, algorithm, keyLength, attributes); + } else { + return new P11RSAPrivateNonCRTKey + (session, keyID, algorithm, keyLength, attributes); + } + case "DSA": + return new P11DSAPrivateKey (session, keyID, algorithm, keyLength, attributes); - } else { - return new P11RSAPrivateNonCRTKey + case "DH": + return new P11DHPrivateKey (session, keyID, algorithm, keyLength, attributes); - } - } else if (algorithm.equals("DSA")) { - return new P11DSAPrivateKey - (session, keyID, algorithm, keyLength, attributes); - } else if (algorithm.equals("DH")) { - return new P11DHPrivateKey - (session, keyID, algorithm, keyLength, attributes); - } else if (algorithm.equals("EC")) { - return new P11ECPrivateKey - (session, keyID, algorithm, keyLength, attributes); - } else { - throw new ProviderException - ("Unknown private key algorithm " + algorithm); + case "EC": + return new P11ECPrivateKey + (session, keyID, algorithm, keyLength, attributes); + default: + throw new ProviderException + ("Unknown private key algorithm " + algorithm); } } } @@ -371,6 +373,8 @@ // class for sensitive and unextractable private keys private static final class P11PrivateKey extends P11Key implements PrivateKey { + private static final long serialVersionUID = -2138581185214187615L; + P11PrivateKey(Session session, long keyID, String algorithm, int keyLength, CK_ATTRIBUTE[] attributes) { super(PRIVATE, session, keyID, algorithm, keyLength, attributes); @@ -387,6 +391,7 @@ } private static class P11SecretKey extends P11Key implements SecretKey { + private static final long serialVersionUID = -7828241727014329084L; private volatile byte[] encoded; P11SecretKey(Session session, long keyID, String algorithm, int keyLength, CK_ATTRIBUTE[] attributes) { @@ -434,6 +439,8 @@ private static class P11TlsMasterSecretKey extends P11SecretKey implements TlsMasterSecret { + private static final long serialVersionUID = -1318560923770573441L; + private final int majorVersion, minorVersion; P11TlsMasterSecretKey(Session session, long keyID, String algorithm, int keyLength, CK_ATTRIBUTE[] attributes, int major, int minor) { @@ -453,6 +460,8 @@ // RSA CRT private key private static final class P11RSAPrivateKey extends P11Key implements RSAPrivateCrtKey { + private static final long serialVersionUID = 9215872438913515220L; + private BigInteger n, e, d, p, q, pe, qe, coeff; private byte[] encoded; P11RSAPrivateKey(Session session, long keyID, String algorithm, @@ -563,6 +572,8 @@ // RSA non-CRT private key private static final class P11RSAPrivateNonCRTKey extends P11Key implements RSAPrivateKey { + private static final long serialVersionUID = 1137764983777411481L; + private BigInteger n, d; private byte[] encoded; P11RSAPrivateNonCRTKey(Session session, long keyID, String algorithm, @@ -624,6 +635,8 @@ private static final class P11RSAPublicKey extends P11Key implements RSAPublicKey { + private static final long serialVersionUID = -826726289023854455L; + private BigInteger n, e; private byte[] encoded; P11RSAPublicKey(Session session, long keyID, String algorithm, @@ -676,6 +689,8 @@ private static final class P11DSAPublicKey extends P11Key implements DSAPublicKey { + private static final long serialVersionUID = 5989753793316396637L; + private BigInteger y; private DSAParams params; private byte[] encoded; @@ -737,6 +752,8 @@ private static final class P11DSAPrivateKey extends P11Key implements DSAPrivateKey { + private static final long serialVersionUID = 3119629997181999389L; + private BigInteger x; private DSAParams params; private byte[] encoded; @@ -798,6 +815,8 @@ private static final class P11DHPrivateKey extends P11Key implements DHPrivateKey { + private static final long serialVersionUID = -1698576167364928838L; + private BigInteger x; private DHParameterSpec params; private byte[] encoded; @@ -860,6 +879,8 @@ private static final class P11DHPublicKey extends P11Key implements DHPublicKey { + static final long serialVersionUID = -598383872153843657L; + private BigInteger y; private DHParameterSpec params; private byte[] encoded; @@ -922,6 +943,8 @@ private static final class P11ECPrivateKey extends P11Key implements ECPrivateKey { + private static final long serialVersionUID = -7786054399510515515L; + private BigInteger s; private ECParameterSpec params; private byte[] encoded; @@ -982,6 +1005,8 @@ private static final class P11ECPublicKey extends P11Key implements ECPublicKey { + private static final long serialVersionUID = -6371481375154806089L; + private ECPoint w; private ECParameterSpec params; private byte[] encoded;
--- a/jdk/src/share/classes/sun/security/pkcs11/P11KeyAgreement.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/P11KeyAgreement.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -143,8 +143,8 @@ // just in case not, attempt conversion P11DHKeyFactory kf = new P11DHKeyFactory(token, "DH"); try { - DHPublicKeySpec spec = (DHPublicKeySpec)kf.engineGetKeySpec - (key, DHPublicKeySpec.class); + DHPublicKeySpec spec = kf.engineGetKeySpec( + key, DHPublicKeySpec.class); y = spec.getY(); p = spec.getP(); g = spec.getG();
--- a/jdk/src/share/classes/sun/security/pkcs11/P11KeyFactory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/P11KeyFactory.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,7 +29,6 @@ import java.security.spec.*; import sun.security.pkcs11.wrapper.PKCS11Exception; -import static sun.security.pkcs11.wrapper.PKCS11Constants.*; /** * KeyFactory base class. Provides common infrastructure for the RSA, DSA, @@ -77,7 +76,7 @@ if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec) || X509EncodedKeySpec.class.isAssignableFrom(keySpec)) { try { - return (T)implGetSoftwareFactory().getKeySpec(key, keySpec); + return implGetSoftwareFactory().getKeySpec(key, keySpec); } catch (GeneralSecurityException e) { throw new InvalidKeySpecException("Could not encode key", e); } @@ -92,9 +91,9 @@ Session[] session = new Session[1]; try { if (p11Key.isPublic()) { - return (T)implGetPublicKeySpec(p11Key, keySpec, session); + return implGetPublicKeySpec(p11Key, keySpec, session); } else { - return (T)implGetPrivateKeySpec(p11Key, keySpec, session); + return implGetPrivateKeySpec(p11Key, keySpec, session); } } catch (PKCS11Exception e) { throw new InvalidKeySpecException("Could not generate KeySpec", e); @@ -138,10 +137,10 @@ } } - abstract KeySpec implGetPublicKeySpec(P11Key key, Class keySpec, + abstract <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec, Session[] session) throws PKCS11Exception, InvalidKeySpecException; - abstract KeySpec implGetPrivateKeySpec(P11Key key, Class keySpec, + abstract <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec, Session[] session) throws PKCS11Exception, InvalidKeySpecException; abstract PublicKey implTranslatePublicKey(PublicKey key)
--- a/jdk/src/share/classes/sun/security/pkcs11/P11KeyStore.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/P11KeyStore.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -34,12 +34,9 @@ import java.io.UnsupportedEncodingException; import java.util.Arrays; -import java.util.Collection; import java.util.Collections; import java.util.Date; import java.util.Enumeration; -import java.util.Iterator; -import java.util.List; import java.util.ArrayList; import java.util.HashSet; import java.util.HashMap; @@ -48,7 +45,6 @@ import java.security.*; import java.security.KeyStore.*; -import java.security.cert.CertPath; import java.security.cert.Certificate; import java.security.cert.X509Certificate; import java.security.cert.CertificateFactory; @@ -60,7 +56,6 @@ import javax.crypto.SecretKey; import javax.crypto.interfaces.*; -import javax.security.auth.Subject; import javax.security.auth.x500.X500Principal; import javax.security.auth.login.LoginException; import javax.security.auth.callback.Callback; @@ -69,7 +64,6 @@ import javax.security.auth.callback.UnsupportedCallbackException; import sun.security.util.Debug; -import sun.security.x509.SerialNumber; import sun.security.util.DerValue; import sun.security.ec.ECParameters; @@ -235,7 +229,7 @@ private PasswordCallbackHandler(char[] password) { if (password != null) { - this.password = (char[])password.clone(); + this.password = password.clone(); } } @@ -331,10 +325,8 @@ // did not find anything return null; - } catch (PKCS11Exception pe) { - throw new ProviderException(pe); - } catch (KeyStoreException ke) { - throw new ProviderException(ke); + } catch (PKCS11Exception | KeyStoreException e) { + throw new ProviderException(e); } finally { token.releaseSession(session); } @@ -458,10 +450,8 @@ } else if (key instanceof SecretKey) { entry = new KeyStore.SecretKeyEntry((SecretKey)key); } - } catch (NullPointerException npe) { - throw new KeyStoreException(npe); - } catch (IllegalArgumentException iae) { - throw new KeyStoreException(iae); + } catch (NullPointerException | IllegalArgumentException e) { + throw new KeyStoreException(e); } engineSetEntry(alias, entry, new KeyStore.PasswordProtection(password)); } @@ -566,10 +556,8 @@ } else { throw new KeyStoreException("unexpected entry type"); } - } catch (PKCS11Exception pe) { - throw new KeyStoreException(pe); - } catch (CertificateException ce) { - throw new KeyStoreException(ce); + } catch (PKCS11Exception | CertificateException e) { + throw new KeyStoreException(e); } } return false; @@ -770,18 +758,8 @@ if (debug != null) { dumpTokenMap(); } - } catch (LoginException le) { - IOException ioe = new IOException("load failed"); - ioe.initCause(le); - throw ioe; - } catch (KeyStoreException kse) { - IOException ioe = new IOException("load failed"); - ioe.initCause(kse); - throw ioe; - } catch (PKCS11Exception pe) { - IOException ioe = new IOException("load failed"); - ioe.initCause(pe); - throw ioe; + } catch (LoginException | KeyStoreException | PKCS11Exception e) { + throw new IOException("load failed", e); } } @@ -860,11 +838,7 @@ if (debug != null) { dumpTokenMap(); } - } catch (LoginException e) { - throw new IOException("load failed", e); - } catch (KeyStoreException e) { - throw new IOException("load failed", e); - } catch (PKCS11Exception e) { + } catch (LoginException | KeyStoreException | PKCS11Exception e) { throw new IOException("load failed", e); } } @@ -1054,9 +1028,7 @@ storeCert(alias, xcert); module.setTrust(token, xcert); mapLabels(); - } catch (PKCS11Exception e) { - throw new KeyStoreException(e); - } catch (CertificateException e) { + } catch (PKCS11Exception | CertificateException e) { throw new KeyStoreException(e); } @@ -1118,10 +1090,8 @@ storePkey(alias, (KeyStore.PrivateKeyEntry)entry); } - } catch (PKCS11Exception pe) { + } catch (PKCS11Exception | CertificateException pe) { throw new KeyStoreException(pe); - } catch (CertificateException ce) { - throw new KeyStoreException(ce); } } else if (entry instanceof KeyStore.SecretKeyEntry) { @@ -1158,10 +1128,8 @@ if (debug != null) { dumpTokenMap(); } - } catch (PKCS11Exception pe) { + } catch (PKCS11Exception | CertificateException pe) { throw new KeyStoreException(pe); - } catch (CertificateException ce) { - throw new KeyStoreException(ce); } } @@ -1870,7 +1838,7 @@ debug.println("creating RSAPrivateKey attrs"); } - RSAPrivateKey rsaKey = (RSAPrivateKey)key; + RSAPrivateKey rsaKey = key; attrs = new CK_ATTRIBUTE[] { ATTR_TOKEN_TRUE, @@ -2662,7 +2630,7 @@ private void dumpTokenMap() { Set<String> aliases = aliasMap.keySet(); System.out.println("Token Alias Map:"); - if (aliases.size() == 0) { + if (aliases.isEmpty()) { System.out.println(" [empty]"); } else { for (String s : aliases) {
--- a/jdk/src/share/classes/sun/security/pkcs11/P11RSAKeyFactory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/P11RSAKeyFactory.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -130,10 +130,7 @@ rs.getModulus(), rs.getPublicExponent() ); - } catch (PKCS11Exception e) { - throw new InvalidKeySpecException - ("Could not create RSA public key", e); - } catch (InvalidKeyException e) { + } catch (PKCS11Exception | InvalidKeyException e) { throw new InvalidKeySpecException ("Could not create RSA public key", e); } @@ -177,10 +174,7 @@ throw new InvalidKeySpecException("Only RSAPrivate(Crt)KeySpec " + "and PKCS8EncodedKeySpec supported for RSA private keys"); } - } catch (PKCS11Exception e) { - throw new InvalidKeySpecException - ("Could not create RSA private key", e); - } catch (InvalidKeyException e) { + } catch (PKCS11Exception | InvalidKeyException e) { throw new InvalidKeySpecException ("Could not create RSA private key", e); } @@ -260,8 +254,8 @@ } } - KeySpec implGetPublicKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (RSAPublicKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -273,15 +267,15 @@ attributes[0].getBigInteger(), attributes[1].getBigInteger() ); - return spec; + return keySpec.cast(spec); } else { // X.509 handled in superclass throw new InvalidKeySpecException("Only RSAPublicKeySpec and " + "X509EncodedKeySpec supported for RSA public keys"); } } - KeySpec implGetPrivateKeySpec(P11Key key, Class keySpec, Session[] session) - throws PKCS11Exception, InvalidKeySpecException { + <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec, + Session[] session) throws PKCS11Exception, InvalidKeySpecException { if (RSAPrivateCrtKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -305,7 +299,7 @@ attributes[6].getBigInteger(), attributes[7].getBigInteger() ); - return spec; + return keySpec.cast(spec); } else if (RSAPrivateKeySpec.class.isAssignableFrom(keySpec)) { session[0] = token.getObjSession(); CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { @@ -317,7 +311,7 @@ attributes[0].getBigInteger(), attributes[1].getBigInteger() ); - return spec; + return keySpec.cast(spec); } else { // PKCS#8 handled in superclass throw new InvalidKeySpecException("Only RSAPrivate(Crt)KeySpec " + "and PKCS8EncodedKeySpec supported for RSA private keys");
--- a/jdk/src/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -319,7 +319,7 @@ } // see JCE spec - protected KeySpec engineGetKeySpec(SecretKey key, Class keySpec) + protected KeySpec engineGetKeySpec(SecretKey key, Class<?> keySpec) throws InvalidKeySpecException { token.ensureValid(); if ((key == null) || (keySpec == null)) {
--- a/jdk/src/share/classes/sun/security/pkcs11/P11Signature.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/P11Signature.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -396,7 +396,7 @@ ensureInitialized(); switch (type) { case T_UPDATE: - buffer[0] = (byte)b; + buffer[0] = b; engineUpdate(buffer, 0, 1); break; case T_DIGEST:
--- a/jdk/src/share/classes/sun/security/pkcs11/P11TlsPrfGenerator.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/P11TlsPrfGenerator.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -98,6 +98,8 @@ // SecretKeySpec does not allow zero length keys, so we define our own class. private static final SecretKey NULL_KEY = new SecretKey() { + private static final long serialVersionUID = -8090049519656411362L; + public byte[] getEncoded() { return new byte[0]; }
--- a/jdk/src/share/classes/sun/security/pkcs11/P11Util.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/P11Util.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -88,7 +88,7 @@ p = Security.getProvider(providerName); if (p == null) { try { - Class clazz = Class.forName(className); + Class<?> clazz = Class.forName(className); p = (Provider)clazz.newInstance(); } catch (Exception e) { throw new ProviderException
--- a/jdk/src/share/classes/sun/security/pkcs11/Secmod.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/Secmod.java Mon Aug 15 11:48:20 2011 -0700 @@ -236,6 +236,7 @@ throw new IllegalStateException(e); } if (modules == null) { + @SuppressWarnings("unchecked") List<Module> modules = (List<Module>)nssGetModuleList(nssHandle, nssLibDir); this.modules = Collections.unmodifiableList(modules);
--- a/jdk/src/share/classes/sun/security/pkcs11/wrapper/Functions.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/wrapper/Functions.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. */ /* Copyright (c) 2002 Graz University of Technology. All rights reserved. @@ -517,7 +517,7 @@ if (array != null) { for (int i = 0; (i < 4) && (i < array.length); i++) { - hash ^= ((int) (0xFF & array[i])) << ((i%4) << 3); + hash ^= (0xFF & array[i]) << ((i%4) << 3); } } @@ -537,7 +537,7 @@ if (array != null) { for (int i = 0; (i < 4) && (i < array.length); i++) { - hash ^= ((int) (0xFFFF & array[i])) << ((i%2) << 4); + hash ^= (0xFFFF & array[i]) << ((i%2) << 4); } } @@ -557,18 +557,18 @@ if (date != null) { if (date.year.length == 4) { - hash ^= ((int) (0xFFFF & date.year[0])) << 16; - hash ^= (int) (0xFFFF & date.year[1]); - hash ^= ((int) (0xFFFF & date.year[2])) << 16; - hash ^= (int) (0xFFFF & date.year[3]); + hash ^= (0xFFFF & date.year[0]) << 16; + hash ^= 0xFFFF & date.year[1]; + hash ^= (0xFFFF & date.year[2]) << 16; + hash ^= 0xFFFF & date.year[3]; } if (date.month.length == 2) { - hash ^= ((int) (0xFFFF & date.month[0])) << 16; - hash ^= (int) (0xFFFF & date.month[1]); + hash ^= (0xFFFF & date.month[0]) << 16; + hash ^= 0xFFFF & date.month[1]; } if (date.day.length == 2) { - hash ^= ((int) (0xFFFF & date.day[0])) << 16; - hash ^= (int) (0xFFFF & date.day[1]); + hash ^= (0xFFFF & date.day[0]) << 16; + hash ^= 0xFFFF & date.day[1]; } }
--- a/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11Exception.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. */ /* Copyright (c) 2002 Graz University of Technology. All rights reserved. @@ -63,6 +63,7 @@ * @invariants */ public class PKCS11Exception extends Exception { + private static final long serialVersionUID = 4877072363729195L; /** * The code of the error which was the reason for this exception.
--- a/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11RuntimeException.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs11/wrapper/PKCS11RuntimeException.java Mon Aug 15 11:48:20 2011 -0700 @@ -57,6 +57,7 @@ * @invariants */ public class PKCS11RuntimeException extends RuntimeException { + private static final long serialVersionUID = 7889842162743590564L; /** * Empty constructor.
--- a/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -41,13 +41,10 @@ import java.security.cert.CertificateException; import java.security.spec.PKCS8EncodedKeySpec; import java.util.*; -import java.math.*; import java.security.AlgorithmParameters; -import java.security.spec.AlgorithmParameterSpec; import javax.crypto.spec.PBEParameterSpec; import javax.crypto.spec.PBEKeySpec; -import javax.crypto.spec.SecretKeySpec; import javax.crypto.SecretKeyFactory; import javax.crypto.SecretKey; import javax.crypto.Cipher; @@ -417,10 +414,8 @@ // add the entry entries.put(alias.toLowerCase(), entry); } catch (Exception nsae) { - KeyStoreException ke = new KeyStoreException("Key protection " + - " algorithm not found: " + nsae); - ke.initCause(nsae); - throw ke; + throw new KeyStoreException("Key protection " + + " algorithm not found: " + nsae, nsae); } } @@ -456,10 +451,8 @@ try { new EncryptedPrivateKeyInfo(key); } catch (IOException ioe) { - KeyStoreException ke = new KeyStoreException("Private key is not" - + " stored as PKCS#8 EncryptedPrivateKeyInfo: " + ioe); - ke.initCause(ioe); - throw ke; + throw new KeyStoreException("Private key is not stored" + + " as PKCS#8 EncryptedPrivateKeyInfo: " + ioe, ioe); } KeyEntry entry = new KeyEntry(); @@ -513,11 +506,8 @@ algParams = AlgorithmParameters.getInstance(algorithm); algParams.init(paramSpec); } catch (Exception e) { - IOException ioe = - new IOException("getAlgorithmParameters failed: " + - e.getMessage()); - ioe.initCause(e); - throw ioe; + throw new IOException("getAlgorithmParameters failed: " + + e.getMessage(), e); } return algParams; } @@ -544,11 +534,8 @@ algParams.init(params.toByteArray()); } } catch (Exception e) { - IOException ioe = - new IOException("parseAlgParameters failed: " + - e.getMessage()); - ioe.initCause(e); - throw ioe; + throw new IOException("parseAlgParameters failed: " + + e.getMessage(), e); } return algParams; } @@ -565,10 +552,8 @@ SecretKeyFactory skFac = SecretKeyFactory.getInstance("PBE"); skey = skFac.generateSecret(keySpec); } catch (Exception e) { - IOException ioe = new IOException("getSecretKey failed: " + - e.getMessage()); - ioe.initCause(e); - throw ioe; + throw new IOException("getSecretKey failed: " + + e.getMessage(), e); } return skey; } @@ -826,9 +811,7 @@ md.update(data); digest = md.digest(); } catch (Exception e) { - IOException ioe = new IOException("generateHash failed: " + e); - ioe.initCause(e); - throw ioe; + throw new IOException("generateHash failed: " + e, e); } return digest; } @@ -866,9 +849,7 @@ bytes.write(macData.getEncoded()); mData = bytes.toByteArray(); } catch (Exception e) { - IOException ioe = new IOException("calculateMac failed: " + e); - ioe.initCause(e); - throw ioe; + throw new IOException("calculateMac failed: " + e, e); } return mData; } @@ -1149,10 +1130,8 @@ encryptedData = cipher.doFinal(data); } catch (Exception e) { - IOException ioe = new IOException("Failed to encrypt" + - " safe contents entry: " + e); - ioe.initCause(e); - throw ioe; + throw new IOException("Failed to encrypt" + + " safe contents entry: " + e, e); } // create EncryptedContentInfo @@ -1220,7 +1199,7 @@ ContentInfo authSafe = new ContentInfo(s); ObjectIdentifier contentType = authSafe.getContentType(); - if (contentType.equals(ContentInfo.DATA_OID)) { + if (contentType.equals((Object)ContentInfo.DATA_OID)) { authSafeData = authSafe.getData(); } else /* signed data */ { throw new IOException("public key protected PKCS12 not supported"); @@ -1246,7 +1225,7 @@ safeContents = new ContentInfo(sci); contentType = safeContents.getContentType(); safeContentsData = null; - if (contentType.equals(ContentInfo.DATA_OID)) { + if (contentType.equals((Object)ContentInfo.DATA_OID)) { safeContentsData = safeContents.getData(); } else if (contentType.equals(ContentInfo.ENCRYPTED_DATA_OID)) { if (password == null) { @@ -1280,10 +1259,8 @@ safeContentsData = cipher.doFinal(safeContentsData); } catch (Exception e) { - IOException ioe = new IOException("failed to decrypt safe" - + " contents entry: " + e); - ioe.initCause(e); - throw ioe; + throw new IOException("failed to decrypt safe" + + " contents entry: " + e, e); } } else { throw new IOException("public key protected PKCS12" + @@ -1319,10 +1296,7 @@ " integrity checking"); } } catch (Exception e) { - IOException ioe = - new IOException("Integrity check failed: " + e); - ioe.initCause(e); - throw ioe; + throw new IOException("Integrity check failed: " + e, e); } } @@ -1402,12 +1376,12 @@ + bagValue.tag); } bagValue = bagValue.data.getDerValue(); - if (bagId.equals(PKCS8ShroudedKeyBag_OID)) { + if (bagId.equals((Object)PKCS8ShroudedKeyBag_OID)) { KeyEntry kEntry = new KeyEntry(); kEntry.protectedPrivKey = bagValue.toByteArray(); bagItem = kEntry; privateKeyCount++; - } else if (bagId.equals(CertBag_OID)) { + } else if (bagId.equals((Object)CertBag_OID)) { DerInputStream cs = new DerInputStream(bagValue.toByteArray()); DerValue[] certValues = cs.getSequence(2); ObjectIdentifier certId = certValues[0].getOID(); @@ -1453,9 +1427,9 @@ throw new IOException("Attribute " + attrId + " should have a value " + e.getMessage()); } - if (attrId.equals(PKCS9FriendlyName_OID)) { + if (attrId.equals((Object)PKCS9FriendlyName_OID)) { alias = valSet[0].getBMPString(); - } else if (attrId.equals(PKCS9LocalKeyId_OID)) { + } else if (attrId.equals((Object)PKCS9LocalKeyId_OID)) { keyId = valSet[0].getOctetString(); } else { // log error message for "unknown attr"
--- a/jdk/src/share/classes/sun/security/provider/DSAKeyFactory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/DSAKeyFactory.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,15 +25,12 @@ package sun.security.provider; -import java.util.*; -import java.lang.*; import java.security.Key; import java.security.PublicKey; import java.security.PrivateKey; import java.security.KeyFactorySpi; import java.security.InvalidKeyException; import java.security.AccessController; -import java.security.PrivilegedAction; import java.security.interfaces.DSAParams; import java.security.spec.DSAPublicKeySpec; import java.security.spec.DSAPrivateKeySpec; @@ -194,13 +191,13 @@ java.security.interfaces.DSAPublicKey dsaPubKey = (java.security.interfaces.DSAPublicKey)key; params = dsaPubKey.getParams(); - return (T) new DSAPublicKeySpec(dsaPubKey.getY(), - params.getP(), - params.getQ(), - params.getG()); + return keySpec.cast(new DSAPublicKeySpec(dsaPubKey.getY(), + params.getP(), + params.getQ(), + params.getG())); } else if (x509KeySpec.isAssignableFrom(keySpec)) { - return (T) new X509EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new X509EncodedKeySpec(key.getEncoded())); } else { throw new InvalidKeySpecException @@ -219,13 +216,13 @@ java.security.interfaces.DSAPrivateKey dsaPrivKey = (java.security.interfaces.DSAPrivateKey)key; params = dsaPrivKey.getParams(); - return (T) new DSAPrivateKeySpec(dsaPrivKey.getX(), - params.getP(), - params.getQ(), - params.getG()); + return keySpec.cast(new DSAPrivateKeySpec(dsaPrivKey.getX(), + params.getP(), + params.getQ(), + params.getG())); } else if (pkcs8KeySpec.isAssignableFrom(keySpec)) { - return (T) new PKCS8EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded())); } else { throw new InvalidKeySpecException
--- a/jdk/src/share/classes/sun/security/provider/DSAParameters.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/DSAParameters.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package sun.security.provider; -import java.util.*; import java.io.*; import java.math.BigInteger; import java.security.AlgorithmParametersSpi; @@ -103,7 +102,8 @@ Class<?> dsaParamSpec = Class.forName ("java.security.spec.DSAParameterSpec"); if (dsaParamSpec.isAssignableFrom(paramSpec)) { - return (T)new DSAParameterSpec(this.p, this.q, this.g); + return paramSpec.cast( + new DSAParameterSpec(this.p, this.q, this.g)); } else { throw new InvalidParameterSpecException ("Inappropriate parameter Specification");
--- a/jdk/src/share/classes/sun/security/provider/MD4.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/MD4.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -65,7 +65,9 @@ private final static Provider md4Provider; static { - md4Provider = new Provider("MD4Provider", 1.0d, "MD4 MessageDigest") {}; + md4Provider = new Provider("MD4Provider", 1.0d, "MD4 MessageDigest") { + private static final long serialVersionUID = -8850464997518327965L; + }; AccessController.doPrivileged(new PrivilegedAction<Void>() { public Void run() { md4Provider.put("MessageDigest.MD4", "sun.security.provider.MD4");
--- a/jdk/src/share/classes/sun/security/provider/PolicyFile.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/PolicyFile.java Mon Aug 15 11:48:20 2011 -0700 @@ -26,27 +26,21 @@ package sun.security.provider; import java.io.*; -import java.lang.RuntimePermission; import java.lang.reflect.*; -import java.lang.ref.*; import java.net.MalformedURLException; import java.net.URL; import java.net.URI; import java.util.*; import java.util.Enumeration; -import java.util.Hashtable; import java.util.List; import java.util.StringTokenizer; -import java.util.PropertyPermission; import java.util.ArrayList; import java.util.ListIterator; -import java.util.WeakHashMap; import java.text.MessageFormat; import com.sun.security.auth.PrincipalComparator; import java.security.*; import java.security.cert.Certificate; import java.security.cert.X509Certificate; -import javax.security.auth.PrivateCredentialPermission; import javax.security.auth.Subject; import javax.security.auth.x500.X500Principal; import java.io.FilePermission; @@ -68,7 +62,6 @@ import sun.misc.JavaSecurityProtectionDomainAccess; import static sun.misc.JavaSecurityProtectionDomainAccess.ProtectionDomainCache; import sun.misc.SharedSecrets; -import sun.security.util.Password; import sun.security.util.PolicyUtil; import sun.security.util.PropertyExpander; import sun.security.util.Debug; @@ -1006,7 +999,7 @@ * via reflection. Keep list short to not penalize non-JDK-defined * permissions. */ - private static final Permission getKnownInstance(Class claz, + private static final Permission getKnownInstance(Class<?> claz, String name, String actions) { // XXX shorten list to most popular ones? if (claz.equals(FilePermission.class)) { @@ -1346,7 +1339,7 @@ "\tActive Principals: " + accPs); } - if (entryPs == null || entryPs.size() == 0) { + if (entryPs == null || entryPs.isEmpty()) { // policy entry has no principals - // add perms regardless of principals in current ACC @@ -1547,7 +1540,7 @@ Principal[] pdp, Permissions perms) { - if (entryPs == null || entryPs.size() == 0) { + if (entryPs == null || entryPs.isEmpty()) { // No principals in the grant to substitute if (debug != null) { debug.println("Ignoring permission " @@ -1890,7 +1883,7 @@ private boolean replacePrincipals( List<PolicyParser.PrincipalEntry> principals, KeyStore keystore) { - if (principals == null || principals.size() == 0 || keystore == null) + if (principals == null || principals.isEmpty() || keystore == null) return true; ListIterator<PolicyParser.PrincipalEntry> i = principals.listIterator(); @@ -2403,7 +2396,7 @@ final List<PolicyEntry> identityPolicyEntries; // Maps aliases to certs - final Map aliasMapping; + final Map<Object, Object> aliasMapping; // Maps ProtectionDomain to PermissionCollection private final ProtectionDomainCache[] pdMapping; @@ -2413,7 +2406,8 @@ policyEntries = new ArrayList<PolicyEntry>(); identityPolicyEntries = Collections.synchronizedList(new ArrayList<PolicyEntry>(2)); - aliasMapping = Collections.synchronizedMap(new HashMap(11)); + aliasMapping = Collections.synchronizedMap( + new HashMap<Object, Object>(11)); pdMapping = new ProtectionDomainCache[numCaches]; JavaSecurityProtectionDomainAccess jspda
--- a/jdk/src/share/classes/sun/security/provider/certpath/AdaptableX509CertSelector.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/AdaptableX509CertSelector.java Mon Aug 15 11:48:20 2011 -0700 @@ -101,7 +101,8 @@ void parseAuthorityKeyIdentifierExtension( AuthorityKeyIdentifierExtension akidext) throws IOException { if (akidext != null) { - KeyIdentifier akid = (KeyIdentifier)akidext.get(akidext.KEY_ID); + KeyIdentifier akid = (KeyIdentifier)akidext.get( + AuthorityKeyIdentifierExtension.KEY_ID); if (akid != null) { // Do not override the previous setting for initial selection. if (isSKIDSensitive || getSubjectKeyIdentifier() == null) { @@ -113,8 +114,8 @@ } } - SerialNumber asn = - (SerialNumber)akidext.get(akidext.SERIAL_NUMBER); + SerialNumber asn = (SerialNumber)akidext.get( + AuthorityKeyIdentifierExtension.SERIAL_NUMBER); if (asn != null) { // Do not override the previous setting for initial selection. if (isSNSensitive || getSerialNumber() == null) {
--- a/jdk/src/share/classes/sun/security/provider/certpath/Builder.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/Builder.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -153,6 +153,7 @@ if (debug != null) { debug.println("Builder.distance(): Names are different types"); } + return incomparable; case GeneralNameInterface.NAME_SAME_TYPE: if (debug != null) { debug.println("Builder.distance(): Names are same type but " + @@ -306,8 +307,8 @@ SubjectAlternativeNameExtension altNameExt = certImpl.getSubjectAlternativeNameExtension(); if (altNameExt != null) { - GeneralNames altNames = - (GeneralNames)altNameExt.get(altNameExt.SUBJECT_NAME); + GeneralNames altNames = altNameExt.get( + SubjectAlternativeNameExtension.SUBJECT_NAME); /* see if any alternative name matches target */ if (altNames != null) { for (int j = 0, n = altNames.size(); j < n; j++) { @@ -343,10 +344,10 @@ + String.valueOf(constraints)); } /* reduce permitted by excluded */ - GeneralSubtrees permitted = (GeneralSubtrees) - constraints.get(constraints.PERMITTED_SUBTREES); - GeneralSubtrees excluded = (GeneralSubtrees) - constraints.get(constraints.EXCLUDED_SUBTREES); + GeneralSubtrees permitted = + constraints.get(NameConstraintsExtension.PERMITTED_SUBTREES); + GeneralSubtrees excluded = + constraints.get(NameConstraintsExtension.EXCLUDED_SUBTREES); if (permitted != null) { permitted.reduce(excluded); }
--- a/jdk/src/share/classes/sun/security/provider/certpath/CrlRevocationChecker.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/CrlRevocationChecker.java Mon Aug 15 11:48:20 2011 -0700 @@ -41,7 +41,6 @@ import java.security.cert.*; import java.security.cert.CertPathValidatorException.BasicReason; import java.security.interfaces.DSAPublicKey; -import javax.security.auth.x500.X500Principal; import sun.security.util.Debug; import sun.security.x509.AccessDescription; import sun.security.x509.AuthorityInfoAccessExtension; @@ -758,8 +757,7 @@ null, null); points = Collections.singletonList(point); } else { - points = (List<DistributionPoint>)ext.get( - CRLDistributionPointsExtension.POINTS); + points = ext.get(CRLDistributionPointsExtension.POINTS); } Set<X509CRL> results = new HashSet<X509CRL>(); DistributionPointFetcher dpf =
--- a/jdk/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java Mon Aug 15 11:48:20 2011 -0700 @@ -114,8 +114,8 @@ } return Collections.emptySet(); } - List<DistributionPoint> points = (List<DistributionPoint>)ext.get( - CRLDistributionPointsExtension.POINTS); + List<DistributionPoint> points = + ext.get(CRLDistributionPointsExtension.POINTS); Set<X509CRL> results = new HashSet<X509CRL>(); for (Iterator<DistributionPoint> t = points.iterator(); t.hasNext() && !Arrays.equals(reasonsMask, ALL_REASONS); ) { @@ -570,15 +570,16 @@ AuthorityKeyIdentifierExtension akidext = crlImpl.getAuthKeyIdExtension(); if (akidext != null) { - KeyIdentifier akid = (KeyIdentifier)akidext.get(akidext.KEY_ID); + KeyIdentifier akid = (KeyIdentifier)akidext.get( + AuthorityKeyIdentifierExtension.KEY_ID); if (akid != null) { DerOutputStream derout = new DerOutputStream(); derout.putOctetString(akid.getIdentifier()); certSel.setSubjectKeyIdentifier(derout.toByteArray()); } - SerialNumber asn = - (SerialNumber)akidext.get(akidext.SERIAL_NUMBER); + SerialNumber asn = (SerialNumber)akidext.get( + AuthorityKeyIdentifierExtension.SERIAL_NUMBER); if (asn != null) { certSel.setSerialNumber(asn.getNumber()); }
--- a/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java Mon Aug 15 11:48:20 2011 -0700 @@ -30,7 +30,6 @@ import java.security.GeneralSecurityException; import java.security.InvalidKeyException; -import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.cert.CertPathValidatorException; import java.security.cert.PKIXReason; @@ -44,22 +43,13 @@ import javax.security.auth.x500.X500Principal; import sun.security.util.Debug; -import sun.security.util.DerOutputStream; import sun.security.x509.AccessDescription; import sun.security.x509.AuthorityInfoAccessExtension; import sun.security.x509.PKIXExtensions; import sun.security.x509.PolicyMappingsExtension; import sun.security.x509.X500Name; import sun.security.x509.X509CertImpl; -import sun.security.x509.X509CRLImpl; import sun.security.x509.AuthorityKeyIdentifierExtension; -import sun.security.x509.KeyIdentifier; -import sun.security.x509.SubjectKeyIdentifierExtension; -import sun.security.x509.SerialNumber; -import sun.security.x509.GeneralNames; -import sun.security.x509.GeneralName; -import sun.security.x509.GeneralNameInterface; -import java.math.BigInteger; /** * This class represents a forward builder, which is able to retrieve @@ -362,6 +352,9 @@ * Download Certificates from the given AIA and add them to the * specified Collection. */ + // cs.getCertificates(caSelector) returns a collection of X509Certificate's + // because of the selector, so the cast is safe + @SuppressWarnings("unchecked") private boolean getCerts(AuthorityInfoAccessExtension aiaExt, Collection<X509Certificate> certs) { if (Builder.USE_AIA == false) {
--- a/jdk/src/share/classes/sun/security/provider/certpath/ForwardState.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/ForwardState.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -206,8 +206,8 @@ SubjectAlternativeNameExtension subjAltNameExt = icert.getSubjectAlternativeNameExtension(); if (subjAltNameExt != null) { - GeneralNames gNames = (GeneralNames) - subjAltNameExt.get(SubjectAlternativeNameExtension.SUBJECT_NAME); + GeneralNames gNames = subjAltNameExt.get( + SubjectAlternativeNameExtension.SUBJECT_NAME); for (Iterator<GeneralName> t = gNames.iterator(); t.hasNext(); ) { GeneralNameInterface gName = t.next().getName(); @@ -236,6 +236,7 @@ * because some of them will * not have their contents modified by subsequent calls to updateState. */ + @SuppressWarnings("unchecked") // Safe casts assuming clone() works correctly public Object clone() { try { ForwardState clonedState = (ForwardState) super.clone();
--- a/jdk/src/share/classes/sun/security/provider/certpath/IndexedCollectionCertStore.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/IndexedCollectionCertStore.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -185,6 +185,7 @@ list.add((X509Certificate)oldEntry); certSubjects.put(subject, list); } else { + @SuppressWarnings("unchecked") // See certSubjects javadoc. List<X509Certificate> list = (List<X509Certificate>)oldEntry; if (list.contains(cert) == false) { list.add(cert); @@ -210,6 +211,8 @@ list.add((X509CRL)oldEntry); crlIssuers.put(issuer, list); } else { + // See crlIssuers javadoc. + @SuppressWarnings("unchecked") List<X509CRL> list = (List<X509CRL>)oldEntry; if (list.contains(crl) == false) { list.add(crl); @@ -279,6 +282,8 @@ return Collections.<X509Certificate>emptySet(); } } else { + // See certSubjects javadoc. + @SuppressWarnings("unchecked") List<X509Certificate> list = (List<X509Certificate>)entry; Set<X509Certificate> matches = new HashSet<X509Certificate>(16); for (X509Certificate cert : list) { @@ -309,6 +314,8 @@ matches.add(cert); } } else { + // See certSubjects javadoc. + @SuppressWarnings("unchecked") List<X509Certificate> list = (List<X509Certificate>)obj; for (X509Certificate cert : list) { if (selector.match(cert)) { @@ -370,6 +377,8 @@ matches.add(crl); } } else { // List + // See crlIssuers javadoc. + @SuppressWarnings("unchecked") List<X509CRL> list = (List<X509CRL>)entry; for (X509CRL crl : list) { if (x509Selector.match(crl)) { @@ -398,6 +407,8 @@ matches.add(crl); } } else { + // See crlIssuers javadoc. + @SuppressWarnings("unchecked") List<X509CRL> list = (List<X509CRL>)obj; for (X509CRL crl : list) { if (selector.match(crl)) {
--- a/jdk/src/share/classes/sun/security/provider/certpath/OCSP.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/OCSP.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -291,7 +291,7 @@ List<AccessDescription> descriptions = aia.getAccessDescriptions(); for (AccessDescription description : descriptions) { - if (description.getAccessMethod().equals( + if (description.getAccessMethod().equals((Object) AccessDescription.Ad_OCSP_Id)) { GeneralName generalName = description.getAccessLocation();
--- a/jdk/src/share/classes/sun/security/provider/certpath/OCSPChecker.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/OCSPChecker.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -300,7 +300,7 @@ if (filter != null) { List<CertStore> certStores = pkixParams.getCertStores(); for (CertStore certStore : certStores) { - Iterator i = null; + Iterator<? extends Certificate> i = null; try { i = certStore.getCertificates(filter).iterator(); } catch (CertStoreException cse) { @@ -392,7 +392,7 @@ List<AccessDescription> descriptions = aia.getAccessDescriptions(); for (AccessDescription description : descriptions) { - if (description.getAccessMethod().equals( + if (description.getAccessMethod().equals((Object) AccessDescription.Ad_OCSP_Id)) { GeneralName generalName = description.getAccessLocation();
--- a/jdk/src/share/classes/sun/security/provider/certpath/OCSPResponse.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/OCSPResponse.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,7 +26,6 @@ package sun.security.provider.certpath; import java.io.*; -import java.math.BigInteger; import java.security.*; import java.security.cert.CertificateException; import java.security.cert.CertificateParsingException; @@ -206,7 +205,7 @@ // responseType derIn = tmp.data; ObjectIdentifier responseType = derIn.getOID(); - if (responseType.equals(OCSP_BASIC_RESPONSE_OID)) { + if (responseType.equals((Object)OCSP_BASIC_RESPONSE_OID)) { if (DEBUG != null) { DEBUG.println("OCSP response type: basic"); } @@ -301,7 +300,7 @@ if (DEBUG != null) { DEBUG.println("OCSP extension: " + responseExtension); } - if (responseExtension.getExtensionId().equals( + if (responseExtension.getExtensionId().equals((Object) OCSP_NONCE_EXTENSION_OID)) { /* ocspNonce =
--- a/jdk/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java Mon Aug 15 11:48:20 2011 -0700 @@ -25,7 +25,6 @@ package sun.security.provider.certpath; -import java.io.IOException; import java.security.AccessController; import java.security.InvalidAlgorithmParameterException; import java.security.cert.CertPath; @@ -40,13 +39,11 @@ import java.security.cert.PolicyNode; import java.security.cert.TrustAnchor; import java.security.cert.X509Certificate; -import java.security.cert.X509CertSelector; import java.util.Collections; import java.util.List; import java.util.ArrayList; import java.util.Date; import java.util.Set; -import javax.security.auth.x500.X500Principal; import sun.security.action.GetBooleanSecurityPropertyAction; import sun.security.util.Debug; @@ -130,6 +127,9 @@ // Must copy elements of certList into a new modifiable List before // calling Collections.reverse(). + // If cp is not an X.509 or X509 certpath, an + // InvalidAlgorithmParameterException will have been thrown by now. + @SuppressWarnings("unchecked") ArrayList<X509Certificate> certList = new ArrayList<X509Certificate> ((List<X509Certificate>)cp.getCertificates()); if (debug != null) {
--- a/jdk/src/share/classes/sun/security/provider/certpath/PolicyChecker.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/PolicyChecker.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -274,8 +274,8 @@ = currCert.getPolicyConstraintsExtension(); if (polConstExt == null) return explicitPolicy; - int require = ((Integer) - polConstExt.get(PolicyConstraintsExtension.REQUIRE)).intValue(); + int require = + polConstExt.get(PolicyConstraintsExtension.REQUIRE).intValue(); if (debug != null) { debug.println("PolicyChecker.mergeExplicitPolicy() " + "require Index from cert = " + require); @@ -328,8 +328,8 @@ if (polConstExt == null) return policyMapping; - int inhibit = ((Integer) - polConstExt.get(PolicyConstraintsExtension.INHIBIT)).intValue(); + int inhibit = + polConstExt.get(PolicyConstraintsExtension.INHIBIT).intValue(); if (debug != null) debug.println("PolicyChecker.mergePolicyMapping() " + "inhibit Index from cert = " + inhibit); @@ -376,8 +376,8 @@ if (inhAnyPolExt == null) return inhibitAnyPolicy; - int skipCerts = ((Integer) - inhAnyPolExt.get(InhibitAnyPolicyExtension.SKIP_CERTS)).intValue(); + int skipCerts = + inhAnyPolExt.get(InhibitAnyPolicyExtension.SKIP_CERTS).intValue(); if (debug != null) debug.println("PolicyChecker.mergeInhibitAnyPolicy() " + "skipCerts Index from cert = " + skipCerts); @@ -448,8 +448,7 @@ + "policiesCritical = " + policiesCritical); try { - policyInfo = (List<PolicyInformation>) - currCertPolicies.get(CertificatePoliciesExtension.POLICIES); + policyInfo = currCertPolicies.get(CertificatePoliciesExtension.POLICIES); } catch (IOException ioe) { throw new CertPathValidatorException("Exception while " + "retrieving policyOIDs", ioe); @@ -751,8 +750,7 @@ List<CertificatePolicyMap> maps = null; try { - maps = (List<CertificatePolicyMap>)polMappingsExt.get - (PolicyMappingsExtension.MAP); + maps = polMappingsExt.get(PolicyMappingsExtension.MAP); } catch (IOException e) { if (debug != null) { debug.println("PolicyChecker.processPolicyMappings() " @@ -860,8 +858,7 @@ { List<PolicyInformation> policyInfo = null; try { - policyInfo = (List<PolicyInformation>) - currCertPolicies.get(CertificatePoliciesExtension.POLICIES); + policyInfo = currCertPolicies.get(CertificatePoliciesExtension.POLICIES); } catch (IOException ioe) { throw new CertPathValidatorException("Exception while " + "retrieving policyOIDs", ioe);
--- a/jdk/src/share/classes/sun/security/provider/certpath/ReverseState.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/ReverseState.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -365,6 +365,7 @@ * because some of them (e.g., subjKeyId) will * not have their contents modified by subsequent calls to updateState. */ + @SuppressWarnings("unchecked") // Safe casts assuming clone() works correctly public Object clone() { try { ReverseState clonedState = (ReverseState) super.clone();
--- a/jdk/src/share/classes/sun/security/provider/certpath/URICertStore.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/URICertStore.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -209,7 +209,8 @@ * object of a certificate's Authority Information Access Extension. */ static CertStore getInstance(AccessDescription ad) { - if (!ad.getAccessMethod().equals(AccessDescription.Ad_CAISSUERS_Id)) { + if (!ad.getAccessMethod().equals((Object) + AccessDescription.Ad_CAISSUERS_Id)) { return null; } GeneralNameInterface gn = ad.getAccessLocation().getName(); @@ -241,6 +242,7 @@ * match the specified selector * @throws CertStoreException if an exception occurs */ + @SuppressWarnings("unchecked") public synchronized Collection<X509Certificate> engineGetCertificates (CertSelector selector) throws CertStoreException { @@ -255,6 +257,7 @@ } // Fetch the certificates via LDAP. LDAPCertStore has its own // caching mechanism, see the class description for more info. + // Safe cast since xsel is an X509 certificate selector. return (Collection<X509Certificate>) ldapCertStore.getCertificates(xsel); } @@ -300,6 +303,7 @@ if (debug != null) { debug.println("Downloading new certificates..."); } + // Safe cast since factory is an X.509 certificate factory certs = (Collection<X509Certificate>) factory.generateCertificates(in); return getMatchingCerts(certs, selector); @@ -361,6 +365,7 @@ * match the specified selector * @throws CertStoreException if an exception occurs */ + @SuppressWarnings("unchecked") public synchronized Collection<X509CRL> engineGetCRLs(CRLSelector selector) throws CertStoreException { @@ -375,6 +380,7 @@ } // Fetch the CRLs via LDAP. LDAPCertStore has its own // caching mechanism, see the class description for more info. + // Safe cast since xsel is an X509 certificate selector. return (Collection<X509CRL>) ldapCertStore.getCRLs(xsel); }
--- a/jdk/src/share/classes/sun/security/provider/certpath/Vertex.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/Vertex.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2002, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -171,7 +171,8 @@ try { sKeyID = x509Cert.getSubjectKeyIdentifierExtension(); if (sKeyID != null) { - KeyIdentifier keyID = (KeyIdentifier)sKeyID.get(sKeyID.KEY_ID); + KeyIdentifier keyID = sKeyID.get( + SubjectKeyIdentifierExtension.KEY_ID); out = out + "SubjKeyID: " + keyID.toString(); } } catch (Exception e) { @@ -184,7 +185,8 @@ try { aKeyID = x509Cert.getAuthorityKeyIdentifierExtension(); if (aKeyID != null) { - KeyIdentifier keyID = (KeyIdentifier)aKeyID.get(aKeyID.KEY_ID); + KeyIdentifier keyID = (KeyIdentifier)aKeyID.get( + AuthorityKeyIdentifierExtension.KEY_ID); out = out + "AuthKeyID: " + keyID.toString(); } } catch (Exception e) {
--- a/jdk/src/share/classes/sun/security/provider/certpath/X509CertPath.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/provider/certpath/X509CertPath.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2006, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,7 +25,6 @@ package sun.security.provider.certpath; -import java.io.BufferedInputStream; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -101,11 +100,12 @@ * @exception CertificateException if <code>certs</code> contains an element * that is not an <code>X509Certificate</code> */ + @SuppressWarnings("unchecked") public X509CertPath(List<? extends Certificate> certs) throws CertificateException { super("X.509"); // Ensure that the List contains only X509Certificates - for (Object obj : (List<?>)certs) { + for (Certificate obj : certs) { if (obj instanceof X509Certificate == false) { throw new CertificateException ("List is not all X509Certificates: " @@ -147,12 +147,15 @@ throws CertificateException { super("X.509"); - if (PKIPATH_ENCODING.equals(encoding)) { - certs = parsePKIPATH(is); - } else if (PKCS7_ENCODING.equals(encoding)) { - certs = parsePKCS7(is); - } else { - throw new CertificateException("unsupported encoding"); + switch (encoding) { + case PKIPATH_ENCODING: + certs = parsePKIPATH(is); + break; + case PKCS7_ENCODING: + certs = parsePKCS7(is); + break; + default: + throw new CertificateException("unsupported encoding"); } } @@ -192,10 +195,8 @@ return Collections.unmodifiableList(certList); } catch (IOException ioe) { - CertificateException ce = new CertificateException("IOException" + - " parsing PkiPath data: " + ioe); - ce.initCause(ioe); - throw ce; + throw new CertificateException("IOException parsing PkiPath data: " + + ioe, ioe); } } @@ -220,7 +221,7 @@ // Copy the entire input stream into an InputStream that does // support mark is = new ByteArrayInputStream(readAllBytes(is)); - }; + } PKCS7 pkcs7 = new PKCS7(is); X509Certificate[] certArray = pkcs7.getCertificates(); @@ -301,10 +302,8 @@ return derout.toByteArray(); } catch (IOException ioe) { - CertificateEncodingException ce = new CertificateEncodingException - ("IOException encoding PkiPath data: " + ioe); - ce.initCause(ioe); - throw ce; + throw new CertificateEncodingException("IOException encoding " + + "PkiPath data: " + ioe, ioe); } } @@ -339,12 +338,13 @@ */ public byte[] getEncoded(String encoding) throws CertificateEncodingException { - if (PKIPATH_ENCODING.equals(encoding)) { - return encodePKIPATH(); - } else if (PKCS7_ENCODING.equals(encoding)) { - return encodePKCS7(); - } else { - throw new CertificateEncodingException("unsupported encoding"); + switch (encoding) { + case PKIPATH_ENCODING: + return encodePKIPATH(); + case PKCS7_ENCODING: + return encodePKCS7(); + default: + throw new CertificateEncodingException("unsupported encoding"); } }
--- a/jdk/src/share/classes/sun/security/rsa/RSAKeyFactory.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/rsa/RSAKeyFactory.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -351,12 +351,12 @@ if (key instanceof RSAPublicKey) { RSAPublicKey rsaKey = (RSAPublicKey)key; if (rsaPublicKeySpecClass.isAssignableFrom(keySpec)) { - return (T) new RSAPublicKeySpec( + return keySpec.cast(new RSAPublicKeySpec( rsaKey.getModulus(), rsaKey.getPublicExponent() - ); + )); } else if (x509KeySpecClass.isAssignableFrom(keySpec)) { - return (T) new X509EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new X509EncodedKeySpec(key.getEncoded())); } else { throw new InvalidKeySpecException ("KeySpec must be RSAPublicKeySpec or " @@ -364,11 +364,11 @@ } } else if (key instanceof RSAPrivateKey) { if (pkcs8KeySpecClass.isAssignableFrom(keySpec)) { - return (T) new PKCS8EncodedKeySpec(key.getEncoded()); + return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded())); } else if (rsaPrivateCrtKeySpecClass.isAssignableFrom(keySpec)) { if (key instanceof RSAPrivateCrtKey) { RSAPrivateCrtKey crtKey = (RSAPrivateCrtKey)key; - return (T) new RSAPrivateCrtKeySpec( + return keySpec.cast(new RSAPrivateCrtKeySpec( crtKey.getModulus(), crtKey.getPublicExponent(), crtKey.getPrivateExponent(), @@ -377,17 +377,17 @@ crtKey.getPrimeExponentP(), crtKey.getPrimeExponentQ(), crtKey.getCrtCoefficient() - ); + )); } else { throw new InvalidKeySpecException ("RSAPrivateCrtKeySpec can only be used with CRT keys"); } } else if (rsaPrivateKeySpecClass.isAssignableFrom(keySpec)) { RSAPrivateKey rsaKey = (RSAPrivateKey)key; - return (T) new RSAPrivateKeySpec( + return keySpec.cast(new RSAPrivateKeySpec( rsaKey.getModulus(), rsaKey.getPrivateExponent() - ); + )); } else { throw new InvalidKeySpecException ("KeySpec must be RSAPrivate(Crt)KeySpec or "
--- a/jdk/src/share/classes/sun/security/rsa/RSASignature.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/rsa/RSASignature.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,7 +27,6 @@ import java.io.IOException; import java.nio.ByteBuffer; -import java.math.BigInteger; import java.util.Arrays; import java.security.*; @@ -202,8 +201,6 @@ // return false rather than propagating the exception for // compatibility/ease of use return false; - } catch (GeneralSecurityException e) { - throw new SignatureException("Signature verification failed", e); } catch (IOException e) { throw new SignatureException("Signature encoding error", e); } @@ -235,7 +232,7 @@ throw new IOException("SEQUENCE length error"); } AlgorithmId algId = AlgorithmId.parse(values[0]); - if (algId.getOID().equals(oid) == false) { + if (algId.getOID().equals((Object)oid) == false) { throw new IOException("ObjectIdentifier mismatch: " + algId.getOID()); }
--- a/jdk/src/share/classes/sun/security/ssl/CipherSuite.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/ssl/CipherSuite.java Mon Aug 15 11:48:20 2011 -0700 @@ -65,7 +65,7 @@ * unavailable or disabled at compile time * */ -final class CipherSuite implements Comparable { +final class CipherSuite implements Comparable<CipherSuite> { // minimum priority for supported CipherSuites final static int SUPPORTED_SUITES_PRIORITY = 1; @@ -202,8 +202,8 @@ * Note that for unsupported CipherSuites parsed from a handshake * message we violate the equals() contract. */ - public int compareTo(Object o) { - return ((CipherSuite)o).priority - priority; + public int compareTo(CipherSuite o) { + return o.priority - priority; } /**
--- a/jdk/src/share/classes/sun/security/ssl/HandshakeMessage.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/ssl/HandshakeMessage.java Mon Aug 15 11:48:20 2011 -0700 @@ -811,13 +811,16 @@ sig = JsseJce.getSignature( preferableSignatureAlgorithm.getAlgorithmName()); } else { - if (algorithm.equals("DSA")) { - sig = JsseJce.getSignature(JsseJce.SIGNATURE_DSA); - } else if (algorithm.equals("RSA")) { - sig = RSASignature.getInstance(); - } else { - throw new SSLKeyException("neither an RSA or a DSA key"); - } + switch (algorithm) { + case "DSA": + sig = JsseJce.getSignature(JsseJce.SIGNATURE_DSA); + break; + case "RSA": + sig = RSASignature.getInstance(); + break; + default: + throw new SSLKeyException("neither an RSA or a DSA key"); + } } sig.initVerify(publicKey); @@ -1097,13 +1100,14 @@ private static Signature getSignature(String keyAlgorithm) throws NoSuchAlgorithmException { - if (keyAlgorithm.equals("EC")) { - return JsseJce.getSignature(JsseJce.SIGNATURE_ECDSA); - } else if (keyAlgorithm.equals("RSA")) { - return RSASignature.getInstance(); - } else { - throw new NoSuchAlgorithmException("neither an RSA or a EC key"); - } + switch (keyAlgorithm) { + case "EC": + return JsseJce.getSignature(JsseJce.SIGNATURE_ECDSA); + case "RSA": + return RSASignature.getInstance(); + default: + throw new NoSuchAlgorithmException("neither an RSA or a EC key"); + } } private void updateSignature(Signature sig, byte clntNonce[], @@ -1611,16 +1615,17 @@ */ private static Signature getSignature(ProtocolVersion protocolVersion, String algorithm) throws GeneralSecurityException { - if (algorithm.equals("RSA")) { - return RSASignature.getInternalInstance(); - } else if (algorithm.equals("DSA")) { - return JsseJce.getSignature(JsseJce.SIGNATURE_RAWDSA); - } else if (algorithm.equals("EC")) { - return JsseJce.getSignature(JsseJce.SIGNATURE_RAWECDSA); - } else { - throw new SignatureException("Unrecognized algorithm: " - + algorithm); - } + switch (algorithm) { + case "RSA": + return RSASignature.getInternalInstance(); + case "DSA": + return JsseJce.getSignature(JsseJce.SIGNATURE_RAWDSA); + case "EC": + return JsseJce.getSignature(JsseJce.SIGNATURE_RAWECDSA); + default: + throw new SignatureException("Unrecognized algorithm: " + + algorithm); + } } /* @@ -1696,7 +1701,7 @@ md.update(temp); } - private final static Class delegate; + private final static Class<?> delegate; private final static Field spiField; static { @@ -1724,7 +1729,7 @@ // cache Method objects per Spi class // Note that this will prevent the Spi classes from being GC'd. We assume // that is not a problem. - private final static Map<Class,Object> methodCache = + private final static Map<Class<?>,Object> methodCache = new ConcurrentHashMap<>(); private static void digestKey(MessageDigest md, SecretKey key) {
--- a/jdk/src/share/classes/sun/security/ssl/Handshaker.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/ssl/Handshaker.java Mon Aug 15 11:48:20 2011 -0700 @@ -154,7 +154,7 @@ * Data is protected by the SSLEngine.this lock. */ private volatile boolean taskDelegated = false; - private volatile DelegatedTask delegatedTask = null; + private volatile DelegatedTask<?> delegatedTask = null; private volatile Exception thrown = null; // Could probably use a java.util.concurrent.atomic.AtomicReference @@ -1316,7 +1316,7 @@ thrown = null; } - DelegatedTask getTask() { + DelegatedTask<?> getTask() { if (!taskDelegated) { taskDelegated = true; return delegatedTask; @@ -1358,8 +1358,7 @@ thrown = null; if (e instanceof RuntimeException) { - throw (RuntimeException) - new RuntimeException(msg).initCause(e); + throw new RuntimeException(msg, e); } else if (e instanceof SSLHandshakeException) { throw (SSLHandshakeException) new SSLHandshakeException(msg).initCause(e); @@ -1377,8 +1376,7 @@ * If it's SSLException or any other Exception, * we'll wrap it in an SSLException. */ - throw (SSLException) - new SSLException(msg).initCause(e); + throw new SSLException(msg, e); } } }
--- a/jdk/src/share/classes/sun/security/ssl/JsseJce.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/ssl/JsseJce.java Mon Aug 15 11:48:20 2011 -0700 @@ -30,7 +30,6 @@ import java.security.*; import java.security.interfaces.RSAPublicKey; -import java.security.spec.RSAPublicKeySpec; import java.security.spec.*; import javax.crypto.*; @@ -110,6 +109,8 @@ } private static final class SunCertificates extends Provider { + private static final long serialVersionUID = -3284138292032213752L; + SunCertificates(final Provider p) { super("SunCertificates", 1.0d, "SunJSSE internal"); AccessController.doPrivileged(new PrivilegedAction<Object>() { @@ -372,7 +373,7 @@ KeyFactory factory = JsseJce.getKeyFactory("RSA"); return factory.getKeySpec(key, RSAPublicKeySpec.class); } catch (Exception e) { - throw (RuntimeException)new RuntimeException().initCause(e); + throw new RuntimeException(e); } }
--- a/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/ssl/SSLEngineImpl.java Mon Aug 15 11:48:20 2011 -0700 @@ -27,8 +27,6 @@ import java.io.*; import java.nio.*; -import java.nio.ReadOnlyBufferException; -import java.util.LinkedList; import java.security.*; import javax.crypto.BadPaddingException; @@ -36,7 +34,6 @@ import javax.net.ssl.*; import javax.net.ssl.SSLEngineResult.*; -import com.sun.net.ssl.internal.ssl.X509ExtendedTrustManager; /** * Implementation of an non-blocking SSLEngine. @@ -574,8 +571,7 @@ readMAC = handshaker.newReadMAC(); } catch (GeneralSecurityException e) { // "can't happen" - throw (SSLException)new SSLException - ("Algorithm missing: ").initCause(e); + throw new SSLException("Algorithm missing: ", e); } /* @@ -611,8 +607,7 @@ writeMAC = handshaker.newWriteMAC(); } catch (GeneralSecurityException e) { // "can't happen" - throw (SSLException)new SSLException - ("Algorithm missing: ").initCause(e); + throw new SSLException("Algorithm missing: ", e); } // See comment above. @@ -877,9 +872,7 @@ } catch (SSLException e) { throw e; } catch (IOException e) { - SSLException ex = new SSLException("readRecord"); - ex.initCause(e); - throw ex; + throw new SSLException("readRecord", e); } /* @@ -1151,7 +1144,7 @@ * For now, force it to be large enough to handle any * valid SSL/TLS record. */ - if (netData.remaining() < outputRecord.maxRecordSize) { + if (netData.remaining() < EngineOutputRecord.maxRecordSize) { return new SSLEngineResult( Status.BUFFER_OVERFLOW, getHSStatus(null), 0, 0); } @@ -1248,9 +1241,7 @@ } catch (SSLException e) { throw e; } catch (IOException e) { - SSLException ex = new SSLException("Write problems"); - ex.initCause(e); - throw ex; + throw new SSLException("Write problems", e); } /* @@ -1624,10 +1615,7 @@ } else if (cause instanceof SSLException) { throw (SSLException)cause; } else if (cause instanceof Exception) { - SSLException ssle = new SSLException( - "fatal SSLEngine condition"); - ssle.initCause(cause); - throw ssle; + throw new SSLException("fatal SSLEngine condition", cause); } } @@ -1875,6 +1863,7 @@ * client or server mode. Must be called before any SSL * traffic has started. */ + @SuppressWarnings("fallthrough") synchronized public void setUseClientMode(boolean flag) { switch (connectionState) {
--- a/jdk/src/share/classes/sun/security/ssl/SSLSocketImpl.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/ssl/SSLSocketImpl.java Mon Aug 15 11:48:20 2011 -0700 @@ -41,8 +41,6 @@ import javax.net.ssl.*; -import com.sun.net.ssl.internal.ssl.X509ExtendedTrustManager; - /** * Implementation of an SSL socket. This is a normal connection type * socket, implementing SSL over some lower level socket, such as TCP. @@ -1996,8 +1994,7 @@ readMAC = handshaker.newReadMAC(); } catch (GeneralSecurityException e) { // "can't happen" - throw (SSLException)new SSLException - ("Algorithm missing: ").initCause(e); + throw new SSLException("Algorithm missing: ", e); } /* @@ -2028,8 +2025,7 @@ writeMAC = handshaker.newWriteMAC(); } catch (GeneralSecurityException e) { // "can't happen" - throw (SSLException)new SSLException - ("Algorithm missing: ").initCause(e); + throw new SSLException("Algorithm missing: ", e); } // See comment above. @@ -2217,6 +2213,7 @@ * client or server mode. Must be called before any SSL * traffic has started. */ + @SuppressWarnings("fallthrough") synchronized public void setUseClientMode(boolean flag) { switch (connectionState) {
--- a/jdk/src/share/classes/sun/security/ssl/X509KeyManagerImpl.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/ssl/X509KeyManagerImpl.java Mon Aug 15 11:48:20 2011 -0700 @@ -91,6 +91,8 @@ // LinkedHashMap with a max size of 10 // see LinkedHashMap JavaDocs private static class SizedMap<K,V> extends LinkedHashMap<K,V> { + private static final long serialVersionUID = -8211222668790986062L; + @Override protected boolean removeEldestEntry(Map.Entry<K,V> eldest) { return size() > 10; } @@ -247,7 +249,7 @@ return null; } entry = (PrivateKeyEntry)newEntry; - entryCacheMap.put(alias, new SoftReference(entry)); + entryCacheMap.put(alias, new SoftReference<PrivateKeyEntry>(entry)); return entry; } catch (Exception e) { // ignore @@ -329,7 +331,7 @@ */ private String chooseAlias(List<KeyType> keyTypeList, Principal[] issuers, CheckType checkType, AlgorithmConstraints constraints) { - if (keyTypeList == null || keyTypeList.size() == 0) { + if (keyTypeList == null || keyTypeList.isEmpty()) { return null; } @@ -403,7 +405,7 @@ // ignore } } - if (allResults == null || allResults.size() == 0) { + if (allResults == null || allResults.isEmpty()) { if (useDebug) { debug.println("KeyMgr: no matching alias found"); } @@ -523,38 +525,43 @@ if (ku != null) { String algorithm = cert.getPublicKey().getAlgorithm(); boolean kuSignature = getBit(ku, 0); - if (algorithm.equals("RSA")) { - // require either signature bit - // or if server also allow key encipherment bit - if (kuSignature == false) { - if ((this == CLIENT) || (getBit(ku, 2) == false)) { + switch (algorithm) { + case "RSA": + // require either signature bit + // or if server also allow key encipherment bit + if (kuSignature == false) { + if ((this == CLIENT) || (getBit(ku, 2) == false)) { + return CheckResult.EXTENSION_MISMATCH; + } + } + break; + case "DSA": + // require signature bit + if (kuSignature == false) { return CheckResult.EXTENSION_MISMATCH; } - } - } else if (algorithm.equals("DSA")) { - // require signature bit - if (kuSignature == false) { - return CheckResult.EXTENSION_MISMATCH; - } - } else if (algorithm.equals("DH")) { - // require keyagreement bit - if (getBit(ku, 4) == false) { - return CheckResult.EXTENSION_MISMATCH; - } - } else if (algorithm.equals("EC")) { - // require signature bit - if (kuSignature == false) { - return CheckResult.EXTENSION_MISMATCH; - } - // For servers, also require key agreement. - // This is not totally accurate as the keyAgreement bit - // is only necessary for static ECDH key exchange and - // not ephemeral ECDH. We leave it in for now until - // there are signs that this check causes problems - // for real world EC certificates. - if ((this == SERVER) && (getBit(ku, 4) == false)) { - return CheckResult.EXTENSION_MISMATCH; - } + break; + case "DH": + // require keyagreement bit + if (getBit(ku, 4) == false) { + return CheckResult.EXTENSION_MISMATCH; + } + break; + case "EC": + // require signature bit + if (kuSignature == false) { + return CheckResult.EXTENSION_MISMATCH; + } + // For servers, also require key agreement. + // This is not totally accurate as the keyAgreement bit + // is only necessary for static ECDH key exchange and + // not ephemeral ECDH. We leave it in for now until + // there are signs that this check causes problems + // for real world EC certificates. + if ((this == SERVER) && (getBit(ku, 4) == false)) { + return CheckResult.EXTENSION_MISMATCH; + } + break; } } } catch (CertificateException e) {
--- a/jdk/src/share/classes/sun/security/timestamp/HttpTimestamper.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/timestamp/HttpTimestamper.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -30,12 +30,11 @@ import java.io.IOException; import java.net.URL; import java.net.HttpURLConnection; -import java.util.Iterator; +import java.util.List; +import java.util.Map; import java.util.Set; -import java.util.Arrays; import sun.misc.IOUtils; -import sun.security.pkcs.*; /** * A timestamper that communicates with a Timestamping Authority (TSA) @@ -95,11 +94,12 @@ connection.setConnectTimeout(CONNECT_TIMEOUT); if (DEBUG) { - Set headers = connection.getRequestProperties().entrySet(); + Set<Map.Entry<String, List<String>>> headers = + connection.getRequestProperties().entrySet(); System.out.println(connection.getRequestMethod() + " " + tsaUrl + " HTTP/1.1"); - for (Iterator i = headers.iterator(); i.hasNext(); ) { - System.out.println(" " + i.next()); + for (Map.Entry<String, List<String>> entry : headers) { + System.out.println(" " + entry); } System.out.println(); }
--- a/jdk/src/share/classes/sun/security/timestamp/TSResponse.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/timestamp/TSResponse.java Mon Aug 15 11:48:20 2011 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,15 +26,8 @@ package sun.security.timestamp; import java.io.IOException; -import java.math.BigInteger; import sun.security.pkcs.PKCS7; -import sun.security.pkcs.PKCS9Attribute; -import sun.security.pkcs.PKCS9Attributes; -import sun.security.pkcs.ParsingException; -import sun.security.pkcs.SignerInfo; import sun.security.util.DerValue; -import sun.security.x509.AlgorithmId; -import sun.security.x509.X500Name; /** * This class provides the response corresponding to a timestamp request, @@ -376,9 +369,11 @@ } } -final static class TimestampException extends IOException { - TimestampException(String message) { - super(message); + final static class TimestampException extends IOException { + private static final long serialVersionUID = -1631631794891940953L; + + TimestampException(String message) { + super(message); + } } } -}
--- a/jdk/src/share/classes/sun/security/tools/JarSigner.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/tools/JarSigner.java Mon Aug 15 11:48:20 2011 -0700 @@ -1425,6 +1425,7 @@ * lines of attributes plus an empty line. The empty line is included * in the header. */ + @SuppressWarnings("fallthrough") private int findHeaderEnd(byte[] bs) { // Initial state true to deal with empty header boolean newline = true; // just met a newline @@ -1739,8 +1740,7 @@ NetscapeCertTypeExtension extn = new NetscapeCertTypeExtension(encoded); - Boolean val = (Boolean)extn.get( - NetscapeCertTypeExtension.OBJECT_SIGNING); + Boolean val = extn.get(NetscapeCertTypeExtension.OBJECT_SIGNING); if (!val) { if (bad != null) { bad[2] = true; @@ -2054,7 +2054,7 @@ ClassLoader appClassLoader = new URLClassLoader(urls); // attempt to find signer - Class signerClass = appClassLoader.loadClass(signerClassName); + Class<?> signerClass = appClassLoader.loadClass(signerClassName); // Check that it implements ContentSigner Object signer = signerClass.newInstance(); @@ -2297,9 +2297,7 @@ tsaUri = new URI(tsaUrl); } } catch (URISyntaxException e) { - IOException ioe = new IOException(); - ioe.initCause(e); - throw ioe; + throw new IOException(e); } // Assemble parameters for the signing mechanism
--- a/jdk/src/share/classes/sun/security/tools/KeyTool.java Mon Aug 15 12:56:01 2011 -0700 +++ b/jdk/src/share/classes/sun/security/tools/KeyTool.java Mon Aug 15 11:48:20 2011 -0700 @@ -1197,7 +1197,7 @@ new CertificateVersion(CertificateVersion.V3)); info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId( - AlgorithmId.getAlgorithmId(sigAlgName))); + AlgorithmId.get(sigAlgName))); info.set(X509CertInfo.ISSUER, new CertificateIssuerName(issuer)); BufferedReader reader = new BufferedReader(new InputStreamReader(in)); @@ -1227,7 +1227,7 @@ Iterator<PKCS10Attribute> attrs = req.getAttributes().getAttributes().iterator(); while (attrs.hasNext()) { PKCS10Attribute attr = attrs.next(); - if (attr.getAttributeId().equals(PKCS9Attribute.EXTENSION_REQUEST_OID)) { + if (attr.getAttributeId().equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { reqex = (CertificateExtensions)attr.getAttributeValue(); } } @@ -1266,7 +1266,7 @@ Date firstDate = ge