8267543: Post JEP 411 refactoring: security

Reviewed-by: mullan
2025-08-28 15:24:43 +02:00 · 2021-06-02 15:47:57 +00:00 · 2021-06-02 15:47:57 +00:00 · 40d23a0c0b
commit 40d23a0c0b
parent 476775808f
19 changed files with 80 additions and 79 deletions
--- a/src/java.base/share/classes/sun/security/util/AnchorCertificates.java
+++ b/src/java.base/share/classes/sun/security/util/AnchorCertificates.java
@ -43,7 +43,6 @@ import sun.security.x509.X509CertImpl;
 * The purpose of this class is to determine the trust anchor certificates is in
 * the cacerts file.  This is used for PKIX CertPath checking.
 */
-@SuppressWarnings("removal")
 public class AnchorCertificates {

    private static final Debug debug = Debug.getInstance("certpath");
@ -52,7 +51,8 @@ public class AnchorCertificates {
    private static Set<X500Principal> certIssuers = Collections.emptySet();

    static  {
-        AccessController.doPrivileged(new PrivilegedAction<>() {
+        @SuppressWarnings("removal")
+        var dummy = AccessController.doPrivileged(new PrivilegedAction<>() {
            @Override
            public Void run() {
                File f = new File(FilePaths.cacerts());
--- a/src/java.base/share/classes/sun/security/util/KeyStoreDelegator.java
+++ b/src/java.base/share/classes/sun/security/util/KeyStoreDelegator.java
@ -55,7 +55,6 @@ public class KeyStoreDelegator extends KeyStoreSpi {
    private KeyStoreSpi keystore; // the delegate
    private boolean compatModeEnabled = true;

-    @SuppressWarnings("removal")
    public KeyStoreDelegator(
        String primaryType,
        Class<? extends KeyStoreSpi> primaryKeyStore,
@ -63,9 +62,10 @@ public class KeyStoreDelegator extends KeyStoreSpi {
        Class<? extends KeyStoreSpi> secondaryKeyStore) {

        // Check whether compatibility mode has been disabled
-        compatModeEnabled = "true".equalsIgnoreCase(
-            AccessController.doPrivileged((PrivilegedAction<String>) () ->
-                Security.getProperty(KEYSTORE_TYPE_COMPAT)));
+        @SuppressWarnings("removal")
+        var prop = AccessController.doPrivileged((PrivilegedAction<String>) () ->
+                        Security.getProperty(KEYSTORE_TYPE_COMPAT));
+        compatModeEnabled = "true".equalsIgnoreCase(prop);

        if (compatModeEnabled) {
            this.primaryType = primaryType;
--- a/src/java.base/share/classes/sun/security/util/UntrustedCertificates.java
+++ b/src/java.base/share/classes/sun/security/util/UntrustedCertificates.java
@ -42,7 +42,6 @@ import sun.security.x509.X509CertImpl;
 * <b>Attention</b>: This check is NOT meant to replace the standard PKI-defined
 * validation check, neither is it used as an alternative to CRL.
 */
-@SuppressWarnings("removal")
 public final class UntrustedCertificates {

    private static final Debug debug = Debug.getInstance("certpath");
@ -52,7 +51,8 @@ public final class UntrustedCertificates {
    private static final String algorithm;

    static {
-        AccessController.doPrivileged(new PrivilegedAction<Void>() {
+        @SuppressWarnings("removal")
+        var dummy = AccessController.doPrivileged(new PrivilegedAction<Void>() {
            @Override
            public Void run() {
                File f = new File(StaticProperty.javaHome(),