archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 07:14:30 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8291509: Minor cleanup could be done in sun.security

Browse source 
Reviewed-by: weijun
This commit is contained in:
Mark Powers 2022-09-15 19:59:53 +00:00 committed by Weijun Wang
parent 6beeb8471c
commit 4cec141a90
298 changed files with 2650 additions and 3262 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/java.base/share/classes/sun/security/rsa/PSSParameters.java
View file

@ -59,11 +59,10 @@ public final class PSSParameters extends AlgorithmParametersSpi {
@Override
protected void engineInit(AlgorithmParameterSpec paramSpec)
throws InvalidParameterSpecException {
if (!(paramSpec instanceof PSSParameterSpec)) {
if (!(paramSpec instanceof PSSParameterSpec spec)) {
throw new InvalidParameterSpecException
("Inappropriate parameter specification");
}
PSSParameterSpec spec = (PSSParameterSpec) paramSpec;
String mgfName = spec.getMGFAlgorithm();
if (!spec.getMGFAlgorithm().equalsIgnoreCase("MGF1")) {
@ -223,12 +222,10 @@ public final class PSSParameters extends AlgorithmParametersSpi {
public static byte[] getEncoded(PSSParameterSpec spec) throws IOException {
AlgorithmParameterSpec mgfSpec = spec.getMGFParameters();
if (!(mgfSpec instanceof MGF1ParameterSpec)) {
if (!(mgfSpec instanceof MGF1ParameterSpec mgf1Spec)) {
throw new IOException("Cannot encode " + mgfSpec);
}
MGF1ParameterSpec mgf1Spec = (MGF1ParameterSpec)mgfSpec;
DerOutputStream tmp = new DerOutputStream();
DerOutputStream tmp2, tmp3;

6
src/java.base/share/classes/sun/security/rsa/RSACore.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -150,7 +150,7 @@ public final class RSACore {
throws BadPaddingException {
BigInteger c = parseMsg(msg, n);
BlindingRandomPair brp = null;
BlindingRandomPair brp;
BigInteger m;
if (ENABLE_BLINDING) {
brp = getBlindingRandomPair(null, exp, n);
@ -468,7 +468,7 @@ public final class RSACore {
}
}
// If this parameters are still usable, put them back into the queue.
// If parameters are still usable, put them back into the queue.
if (bps.isReusable()) {
queue.add(bps);
}

30
src/java.base/share/classes/sun/security/rsa/RSAKeyFactory.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -135,8 +135,8 @@ public class RSAKeyFactory extends KeyFactorySpi {
}
/*
* Single test entry point for all of the mechanisms in the SunRsaSign
* provider (RSA*KeyImpls). All of the tests are the same.
* Single test entry point for all the mechanisms in the SunRsaSign
* provider (RSA*KeyImpls). All the tests are the same.
*
* For compatibility, we round up to the nearest byte here:
* some Key impls might pass in a value within a byte of the
@ -257,8 +257,7 @@ public class RSAKeyFactory extends KeyFactorySpi {
// internal implementation of translateKey() for public keys. See JCA doc
private PublicKey translatePublicKey(PublicKey key)
throws InvalidKeyException {
if (key instanceof RSAPublicKey) {
RSAPublicKey rsaKey = (RSAPublicKey)key;
if (key instanceof RSAPublicKey rsaKey) {
try {
return new RSAPublicKeyImpl(
type, rsaKey.getParams(),
@ -278,8 +277,7 @@ public class RSAKeyFactory extends KeyFactorySpi {
// internal implementation of translateKey() for private keys. See JCA doc
private PrivateKey translatePrivateKey(PrivateKey key)
throws InvalidKeyException {
if (key instanceof RSAPrivateCrtKey) {
RSAPrivateCrtKey rsaKey = (RSAPrivateCrtKey)key;
if (key instanceof RSAPrivateCrtKey rsaKey) {
try {
return new RSAPrivateCrtKeyImpl(
type, rsaKey.getParams(),
@ -296,8 +294,7 @@ public class RSAKeyFactory extends KeyFactorySpi {
// catch providers that incorrectly implement RSAPrivateCrtKey
throw new InvalidKeyException("Invalid key", e);
}
} else if (key instanceof RSAPrivateKey) {
RSAPrivateKey rsaKey = (RSAPrivateKey)key;
} else if (key instanceof RSAPrivateKey rsaKey) {
try {
return new RSAPrivateKeyImpl(
type, rsaKey.getParams(),
@ -326,8 +323,7 @@ public class RSAKeyFactory extends KeyFactorySpi {
if (keySpec instanceof X509EncodedKeySpec) {
return RSAPublicKeyImpl.newKey(type, "X.509",
((X509EncodedKeySpec)keySpec).getEncoded());
} else if (keySpec instanceof RSAPublicKeySpec) {
RSAPublicKeySpec rsaSpec = (RSAPublicKeySpec)keySpec;
} else if (keySpec instanceof RSAPublicKeySpec rsaSpec) {
try {
return new RSAPublicKeyImpl(
type, rsaSpec.getParams(),
@ -353,8 +349,7 @@ public class RSAKeyFactory extends KeyFactorySpi {
} finally {
Arrays.fill(encoded, (byte)0);
}
} else if (keySpec instanceof RSAPrivateCrtKeySpec) {
RSAPrivateCrtKeySpec rsaSpec = (RSAPrivateCrtKeySpec)keySpec;
} else if (keySpec instanceof RSAPrivateCrtKeySpec rsaSpec) {
try {
return new RSAPrivateCrtKeyImpl(
type, rsaSpec.getParams(),
@ -370,8 +365,7 @@ public class RSAKeyFactory extends KeyFactorySpi {
} catch (ProviderException e) {
throw new InvalidKeySpecException(e);
}
} else if (keySpec instanceof RSAPrivateKeySpec) {
RSAPrivateKeySpec rsaSpec = (RSAPrivateKeySpec)keySpec;
} else if (keySpec instanceof RSAPrivateKeySpec rsaSpec) {
try {
return new RSAPrivateKeyImpl(
type, rsaSpec.getParams(),
@ -398,8 +392,7 @@ public class RSAKeyFactory extends KeyFactorySpi {
} catch (InvalidKeyException e) {
throw new InvalidKeySpecException(e);
}
if (key instanceof RSAPublicKey) {
RSAPublicKey rsaKey = (RSAPublicKey)key;
if (key instanceof RSAPublicKey rsaKey) {
if (keySpec.isAssignableFrom(RSA_PUB_KEYSPEC_CLS)) {
return keySpec.cast(new RSAPublicKeySpec(
rsaKey.getModulus(),
@ -423,8 +416,7 @@ public class RSAKeyFactory extends KeyFactorySpi {
}
} else if (keySpec.isAssignableFrom(RSA_PRIVCRT_KEYSPEC_CLS)) {
// All supported keyspecs (other than PKCS8_KEYSPEC_CLS) descend from RSA_PRIVCRT_KEYSPEC_CLS
if (key instanceof RSAPrivateCrtKey) {
RSAPrivateCrtKey crtKey = (RSAPrivateCrtKey)key;
if (key instanceof RSAPrivateCrtKey crtKey) {
return keySpec.cast(new RSAPrivateCrtKeySpec(
crtKey.getModulus(),
crtKey.getPublicExponent(),

12
src/java.base/share/classes/sun/security/rsa/RSAKeyPairGenerator.java
View file

@ -94,12 +94,11 @@ abstract class RSAKeyPairGenerator extends KeyPairGeneratorSpi {
// second initialize method. See JCA doc.
public void initialize(AlgorithmParameterSpec params, SecureRandom random)
throws InvalidAlgorithmParameterException {
if (params instanceof RSAKeyGenParameterSpec == false) {
if (!(params instanceof RSAKeyGenParameterSpec rsaSpec)) {
throw new InvalidAlgorithmParameterException
("Params must be instance of RSAKeyGenParameterSpec");
}
RSAKeyGenParameterSpec rsaSpec = (RSAKeyGenParameterSpec)params;
int tmpKeySize = rsaSpec.getKeysize();
BigInteger tmpPubExp = rsaSpec.getPublicExponent();
AlgorithmParameterSpec tmpParams = rsaSpec.getKeyParams();
@ -119,15 +118,14 @@ abstract class RSAKeyPairGenerator extends KeyPairGeneratorSpi {
// vs FIPS 186-4 checks that F4 <= e < 2^256
// for backward compatibility, we keep the same checks
BigInteger minValue = RSAKeyGenParameterSpec.F0;
int maxBitLength = tmpKeySize;
if (tmpPubExp.compareTo(RSAKeyGenParameterSpec.F0) < 0) {
throw new InvalidAlgorithmParameterException
("Public exponent must be " + minValue + " or larger");
}
if (tmpPubExp.bitLength() > maxBitLength) {
if (tmpPubExp.bitLength() > tmpKeySize) {
throw new InvalidAlgorithmParameterException
("Public exponent must be no longer than " +
maxBitLength + " bits");
tmpKeySize + " bits");
}
useNew &= ((tmpPubExp.compareTo(RSAKeyGenParameterSpec.F4) >= 0) &&
(tmpPubExp.bitLength() < 256));
@ -160,7 +158,7 @@ abstract class RSAKeyPairGenerator extends KeyPairGeneratorSpi {
public KeyPair generateKeyPair() {
BigInteger e = publicExponent;
BigInteger minValue = (useNew? getSqrt(keySize) : ZERO);
int lp = (keySize + 1) >> 1;;
int lp = (keySize + 1) >> 1;
int lq = keySize - lp;
int pqDiffSize = lp - 100;
@ -212,7 +210,7 @@ abstract class RSAKeyPairGenerator extends KeyPairGeneratorSpi {
}
private static BigInteger getSqrt(int keySize) {
BigInteger sqrt = null;
BigInteger sqrt;
switch (keySize) {
case 2048:
sqrt = SQRT_2048;

17
src/java.base/share/classes/sun/security/rsa/RSAPSSSignature.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2018, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -82,7 +82,7 @@ public class RSAPSSSignature extends SignatureSpi {
private static final byte[] EIGHT_BYTES_OF_ZEROS = new byte[8];
private static final Hashtable<KnownOIDs, Integer> DIGEST_LENGTHS =
new Hashtable<KnownOIDs, Integer>();
new Hashtable<>();
static {
DIGEST_LENGTHS.put(KnownOIDs.SHA_1, 20);
DIGEST_LENGTHS.put(KnownOIDs.SHA_224, 28);
@ -113,7 +113,7 @@ public class RSAPSSSignature extends SignatureSpi {
private SecureRandom random;
/**
* Construct a new RSAPSSSignatur with arbitrary digest algorithm
* Construct a new RSAPSSSignature with arbitrary digest algorithm
*/
public RSAPSSSignature() {
this.md = null;
@ -169,14 +169,13 @@ public class RSAPSSSignature extends SignatureSpi {
// key with null PSS parameters means no restriction
return true;
}
if (!(keyParams instanceof PSSParameterSpec)) {
if (!(keyParams instanceof PSSParameterSpec pssKeyParams)) {
return false;
}
// nothing to compare yet, defer the check to when sigParams is set
if (sigParams == null) {
return true;
}
PSSParameterSpec pssKeyParams = (PSSParameterSpec) keyParams;
// first check the salt length requirement
if (pssKeyParams.getSaltLength() > sigParams.getSaltLength()) {
return false;
@ -291,12 +290,11 @@ public class RSAPSSSignature extends SignatureSpi {
throw new InvalidAlgorithmParameterException
("Parameters cannot be null");
}
if (!(p instanceof PSSParameterSpec)) {
if (!(p instanceof PSSParameterSpec params)) {
throw new InvalidAlgorithmParameterException
("parameters must be type PSSParameterSpec");
}
// no need to validate again if same as current signature parameters
PSSParameterSpec params = (PSSParameterSpec) p;
if (params == this.sigParams) return params;
RSAKey key = (this.privKey == null? this.pubKey : this.privKey);
@ -378,7 +376,7 @@ public class RSAPSSSignature extends SignatureSpi {
* Reset the message digest if it is not already reset.
*/
private void resetDigest() {
if (digestReset == false) {
if (!digestReset) {
this.md.reset();
digestReset = true;
}
@ -429,8 +427,7 @@ public class RSAPSSSignature extends SignatureSpi {
byte[] mHash = getDigestValue();
try {
byte[] encoded = encodeSignature(mHash);
byte[] encrypted = RSACore.rsa(encoded, privKey, true);
return encrypted;
return RSACore.rsa(encoded, privKey, true);
} catch (GeneralSecurityException e) {
throw new SignatureException("Could not sign data", e);
} catch (IOException e) {

12
src/java.base/share/classes/sun/security/rsa/RSAPadding.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -52,7 +52,7 @@ import sun.security.jca.JCAUtil;
* 0x00 | BT | PS...PS | 0x00 | data...data
*
* where BT is the blocktype (1 or 2). The length of the entire string
* must be the same as the size of the modulus (i.e. 128 byte for a 1024 bit
* must be the same as the size of the modulus (i.e. 128 byte for a 1024-bit
* key). Per spec, the padding string must be at least 8 bytes long. That
* leaves up to (length of key in bytes) - 11 bytes for the data.
*
@ -68,7 +68,7 @@ import sun.security.jca.JCAUtil;
* The algorithms (representations) are forwards-compatible: that is,
* the algorithm described in previous releases are in later releases.
* However, additional comments/checks/clarifications were added to the
* later versions based on real-world experience (e.g. stricter v1.5
* latter versions based on real-world experience (e.g. stricter v1.5
* format checking.)
*
* Note: RSA keys should be at least 512 bits long
@ -202,7 +202,7 @@ public final class RSAPadding {
// cache of hashes of zero length data
private static final Map<String,byte[]> emptyHashes =
Collections.synchronizedMap(new HashMap<String,byte[]>());
Collections.synchronizedMap(new HashMap<>());
/**
* Return the value of the digest using the specified message digest
@ -290,7 +290,7 @@ public final class RSAPadding {
/**
* PKCS#1 v1.5 padding (blocktype 1 and 2).
*/
private byte[] padV15(byte[] data, int ofs, int len) throws BadPaddingException {
private byte[] padV15(byte[] data, int ofs, int len) {
byte[] padded = new byte[paddedSize];
System.arraycopy(data, ofs, padded, paddedSize - len, len);
int psSize = paddedSize - 3 - len;
@ -379,7 +379,7 @@ public final class RSAPadding {
* PKCS#1 v2.0 OAEP padding (MGF1).
* Paragraph references refer to PKCS#1 v2.1 (June 14, 2002)
*/
private byte[] padOAEP(byte[] M, int ofs, int len) throws BadPaddingException {
private byte[] padOAEP(byte[] M, int ofs, int len) {
if (random == null) {
random = JCAUtil.getSecureRandom();
}

6
src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java
View file

@ -67,12 +67,12 @@ public final class RSAPrivateCrtKeyImpl
private BigInteger qe; // prime exponent q
private BigInteger coeff; // CRT coefficient
private transient KeyType type;
private final transient KeyType type;
// Optional parameters associated with this RSA key
// specified in the encoding of its AlgorithmId.
// Must be null for "RSA" keys.
private transient AlgorithmParameterSpec keyParams;
private final transient AlgorithmParameterSpec keyParams;
/**
* Generate a new RSAPrivate(Crt)Key from the specified type,
@ -171,7 +171,7 @@ public final class RSAPrivateCrtKeyImpl
}
/**
* Construct a RSA key from its components. Used by the
* Construct an RSA key from its components. Used by the
* RSAKeyFactory and the RSAKeyPairGenerator.
*/
RSAPrivateCrtKeyImpl(KeyType type, AlgorithmParameterSpec keyParams,

8
src/java.base/share/classes/sun/security/rsa/RSAPublicKeyImpl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -58,12 +58,12 @@ public final class RSAPublicKeyImpl extends X509Key implements RSAPublicKey {
private BigInteger n; // modulus
private BigInteger e; // public exponent
private transient KeyType type;
private final transient KeyType type;
// optional parameters associated with this RSA key
// specified in the encoding of its AlgorithmId
// must be null for "RSA" keys.
private transient AlgorithmParameterSpec keyParams;
private final transient AlgorithmParameterSpec keyParams;
/**
* Generate a new RSAPublicKey from the specified type, format, and
@ -104,7 +104,7 @@ public final class RSAPublicKeyImpl extends X509Key implements RSAPublicKey {
}
/**
* Construct a RSA key from the specified type and components. Used by
* Construct an RSA key from the specified type and components. Used by
* RSAKeyFactory and RSAKeyPairGenerator.
*/
RSAPublicKeyImpl(KeyType type, AlgorithmParameterSpec keyParams,

5
src/java.base/share/classes/sun/security/rsa/RSASignature.java
View file

@ -144,7 +144,7 @@ abstract class RSASignature extends SignatureSpi {
* Reset the message digest if it is not already reset.
*/
private void resetDigest() {
if (digestReset == false) {
if (!digestReset) {
md.reset();
digestReset = true;
}
@ -190,8 +190,7 @@ abstract class RSASignature extends SignatureSpi {
try {
byte[] encoded = RSAUtil.encodeSignature(digestOID, digest);
byte[] padded = padding.pad(encoded);
byte[] encrypted = RSACore.rsa(padded, privateKey, true);
return encrypted;
return RSACore.rsa(padded, privateKey, true);
} catch (GeneralSecurityException e) {
throw new SignatureException("Could not sign data", e);
} catch (IOException e) {

5
src/java.base/share/classes/sun/security/rsa/RSAUtil.java
View file

@ -193,7 +193,7 @@ public class RSAUtil {
throw new IOException("SEQUENCE length error");
}
AlgorithmId algId = AlgorithmId.parse(values[0]);
if (algId.getOID().equals(oid) == false) {
if (!algId.getOID().equals(oid)) {
throw new IOException("ObjectIdentifier mismatch: "
+ algId.getOID());
}
@ -203,7 +203,6 @@ public class RSAUtil {
if (values[1].isConstructed()) {
throw new IOException("Unexpected constructed digest value");
}
byte[] digest = values[1].getOctetString();
return digest;
return values[1].getOctetString();
}
}

4
src/java.base/share/classes/sun/security/rsa/SunRsaSignEntries.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -107,5 +107,5 @@ public final class SunRsaSignEntries {
return services.iterator();
}
private LinkedHashSet<Provider.Service> services;
private final LinkedHashSet<Provider.Service> services;
}